Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Factory reset #383

Merged
merged 4 commits into from
Nov 20, 2023
Merged

Factory reset #383

merged 4 commits into from
Nov 20, 2023

Conversation

sosthene-nitrokey
Copy link
Collaborator

@sosthene-nitrokey sosthene-nitrokey commented Nov 15, 2023
edited
Loading

@sosthene-nitrokey sosthene-nitrokey mentioned this pull request Nov 15, 2023
Merged
4 tasks
@sosthene-nitrokey
Copy link
Collaborator Author

Relevant nitropy PR: Nitrokey/pynitrokey#472

@daringer
Copy link
Collaborator

can you please rebase on top of main to make the tests work? + a cargo fmt might be missing?

@sosthene-nitrokey sosthene-nitrokey force-pushed the factory-reset branch 3 times, most recently from d16dc8d to cf7ac5a Compare November 17, 2023 15:56
robin-nitrokey
robin-nitrokey approved these changes Nov 17, 2023
View reviewed changes
components/apps/src/dispatch.rs Show resolved Hide resolved
components/apps/src/dispatch.rs
Comment on lines +372 to +376
assert!(should_preserve_file(path!("/fido/sec/00")));
assert!(should_preserve_file(path!("/fido/x5c/00")));
assert!(should_preserve_file(path!("/fido/sec/01")));
assert!(should_preserve_file(path!("/fido/x5c/01")));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please also add tests for the Trussed keys

nitrokey-3-firmware/components/provisioner-app/src/lib.rs

Lines 95 to 103 in 056b62c

const FILENAME_T1_PUBLIC: &[u8] = b"/attn/pub/00";
const FILENAME_P256_SECRET: &[u8] = b"/attn/sec/01";
const FILENAME_ED255_SECRET: &[u8] = b"/attn/sec/02";
const FILENAME_X255_SECRET: &[u8] = b"/attn/sec/03";
const FILENAME_P256_CERT: &[u8] = b"/attn/x5c/01";
const FILENAME_ED255_CERT: &[u8] = b"/attn/x5c/02";
const FILENAME_X255_CERT: &[u8] = b"/attn/x5c/03";

@sosthene-nitrokey sosthene-nitrokey merged commit 5b276d4 into main Nov 20, 2023
8 checks passed
@sosthene-nitrokey sosthene-nitrokey deleted the factory-reset branch November 20, 2023 12:44
@tlaurion
Copy link

Let me know what rom to test, I have a nk3 that would require full device factory reset. Otherwise HOTP cannot happen I I cannot reset secrets with nitropy.

@sosthene-nitrokey
Copy link
Collaborator Author

@tlaurion You should be able to do that with the next test release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@robin-nitrokey robin-nitrokey robin-nitrokey approved these changes

@daringer daringer Awaiting requested review from daringer

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@sosthene-nitrokey @daringer @tlaurion @robin-nitrokey