Add fill command to overwrite SD card

This patch adds the fill command that overwrites the SD card with random data. Similar to the reset command, we always require the user to enter the admin PIN even if is cached.
d-e-s-o · Jan 11, 2021 · b23296e · b23296e
1 parent 23dee18
commit b23296e
Show file tree

Hide file tree

Showing 7 changed files with 63 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,7 @@
 Unreleased
 ----------
+- Added the `fill` command that fills the SD card of a Nitrokey Storage device
+ with random data
 - Added SD card usage information to the output of the `status` command for
  Storage devices
 

diff --git a/doc/nitrocli.1 b/doc/nitrocli.1
@@ -136,6 +136,16 @@ open.
 .TP
 \fBnitrocli hidden close
 Close a hidden volume.
+.TP
+\fBnitrocli fill\fR
+Fills the SD card with random data, overwriting all existing data.
+This operation takes about one hour to finish for a 16 GiB SD card.
+It cannot be canceled, even if the \fBnitrocli\fR process is terminated before
+it finishes.
+
+This command requires the admin PIN.
+To avoid accidental calls of this command, the user has to enter the PIN even
+if it has been cached.
 
 .SS One-time passwords
 The Nitrokey Pro and the Nitrokey Storage support the generation of one-time

diff --git a/doc/nitrocli.1.pdf b/doc/nitrocli.1.pdf
diff --git a/src/args.rs b/src/args.rs
@@ -79,6 +79,8 @@ Command! {
  Config(ConfigArgs) => |ctx, args: ConfigArgs| args.subcmd.execute(ctx),
  /// Interacts with the device's encrypted volume
  Encrypted(EncryptedArgs) => |ctx, args: EncryptedArgs| args.subcmd.execute(ctx),
+ /// Fills the SD card with random data
+ Fill => crate::commands::fill,
  /// Interacts with the device's hidden volume
  Hidden(HiddenArgs) => |ctx, args: HiddenArgs| args.subcmd.execute(ctx),
  /// Lists the attached Nitrokey devices

diff --git a/src/commands.rs b/src/commands.rs
@@ -469,6 +469,39 @@ pub fn list(ctx: &mut Context<'_>, no_connect: bool) -> anyhow::Result<()> {
  Ok(())
 }
 
+/// Fill the SD card with random data
+pub fn fill(ctx: &mut Context<'_>) -> anyhow::Result<()> {
+ with_storage_device(ctx, |ctx, mut device| {
+ let pin_entry = pinentry::PinEntry::from(args::PinType::Admin, &device)?;
+
+ // Similar to reset, we want the user to re-enter the admin PIN even if is cached to avoid
+ // accidental data loss.
+ pinentry::clear(&pin_entry).context("Failed to clear cached secret")?;
+
+ try_with_pin(ctx, &pin_entry, |pin| {
+ device.fill_sd_card(&pin).context("Failed to fill SD card")
+ })?;
+
+ let mut last_progress = 0;
+ loop {
+ let status = device
+ .get_operation_status()
+ .context("Failed to query operation status")?;
+ match status {
+ nitrokey::OperationStatus::Ongoing(progress) => {
+ if last_progress != progress {
+ println!(ctx, "{}/100", progress)?;
+ }
+ last_progress = progress;
+ }
+ nitrokey::OperationStatus::Idle => break,
+ };
+ }
+
+ Ok(())
+ })
+}
+
 /// Perform a factory reset.
 pub fn reset(ctx: &mut Context<'_>) -> anyhow::Result<()> {
  with_device(ctx, |ctx, mut device| {

diff --git a/src/tests/fill.rs b/src/tests/fill.rs
@@ -0,0 +1,15 @@
+// fill.rs
+
+// Copyright (C) 2020 The Nitrocli Developers
+// SPDX-License-Identifier: GPL-3.0-or-later
+
+use super::*;
+
+// Ignore this test as it takes about one hour to execute
+#[ignore]
+#[test_device(storage)]
+fn fill(model: nitrokey::Model) -> anyhow::Result<()> {
+ let res = Nitrocli::new().model(model).handle(&["fill"]);
+ assert!(res.is_ok());
+ Ok(())
+}
diff --git a/src/tests/mod.rs b/src/tests/mod.rs
@@ -9,6 +9,7 @@ use nitrokey_test::test as test_device;
 
 mod config;
 mod encrypted;
+mod fill;
 mod hidden;
 mod list;
 mod lock;