This PR changes two things:

1. It uses a newer version of `nethsm_sdk_rs` which fixes the "serde
error" issue reported upstream: [#30].

Previously the error message would indicate serde error:

```
Error: NetHsm(Api("Getting backup failed: error in serde: EOF while parsing a value at line 1 column 0"))
```

Now, they print the status code instead:

```
Error: NetHsm(Api("Getting backup failed: Status code: 401: "))
```

2. It explicitly handles the response error and prints the content
that the NetHSM API returns, in case it is available:

Instead of:

```
Error: NetHsm(Api("Getting key failed: in response: status code 412"))
```

it prints:

```
Error: NetHsm(Api("Getting key failed: Status code: 412: Service not
available"))
```

(`Service not available` is the error message returned by the NetHSM API)

[#30]: https://github.com/Nitrokey/nethsm-sdk-rs/issues/30

Fixes: #29


Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

This patch updates secrecy and all call-sites.

Fixes: !79


Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

Fixes: #76


Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: renovate <renovate@archlinux.org>

Replace initial placeholder information with more refined documentation
on the project, its components, their requirements link to extensive
concept documentation.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Add documentation explaining the previous setup, which is to be
supplanted by signstar.
Explain core concepts of signstar.

Fixes #16



Signed-off-by: David Runge <dvzrv@archlinux.org>

Fixes: #71


Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

Using the `create-image-signing-key` recipe it is possible to create a
custom signing key (used for verity and secure boot).

The `build-image` recipe is used to build the "SignstarOS" images using
mkosi and signs them using a predefined OpenPGP key.
The certificate for the OpenPGP key is currently used to provide a valid
keyring file (used for automatic updates using systemd-sysupdate).

With the `run-image` the currently built "SignstarOS" image is run using
QEMU (for test purposes).

Add all required packages for building and running the "SignstarOS"
images using mkosi.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Add a mkosi based setup, that allows building a custom image-based OS
with:
- Secure Boot support with auto-enrollment of provided certificate
- read-only rootfs (verity enabled)
- LUKS encrypted (using TPM2-backed keys) /var partition
- A/B boot support
- Auto-updating with the help of systemd-sysupdate
- A simple show-case setup for dummy users with an enforced command
  over SSH

The required changes to mkosi have also led to the writing of dedicated
documentation for this type of setup:
https://github.com/systemd/mkosi/blob/main/docs/root-verity.md



Big thanks to Daan De Meyer for helping to get this working!

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: renovate <renovate@archlinux.org>

Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

Previous implementation assumed the moduli of 65537 instead of reading
the real value from the public key.

Adjust the code and test it against a key using 257 for the modulus.

Fixes: #72
See: https://github.com/wiktor-k/gen-rsa-exp-pgp


Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

Without this patch a high test concurrency of the test suite could
result in test failures since all tests used the same underlying
config file.

See: https://github.com/flub/testdir/issues/11


Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

Signed-off-by: renovate <renovate@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

In 8b9ab495 we introduced a few broken
links to internal and external resources.

Signed-off-by: David Runge <dvzrv@archlinux.org>

The documentation of `nethsm key generate` states, that if no
`KeyMechanism` is provided, it defaults to `KeyMechanism::EdDsa`.
However, this is only the case if we explicitly check for empty
`key_mechanisms` and provide the default implementation in that case.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Be more specific about which scope (system-wide or in namespace)
credentials have to be in for subcommands and what the visibility is for
users in specific scopes when dealing with other users or keys.

Fixes #66



Signed-off-by: David Runge <dvzrv@archlinux.org>

Fixes: #64


Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

Guard `NetHsm::generate_tls_cert` against generating RSA keys below
`MIN_RSA_BIT_LENGTH` (2048).

Signed-off-by: David Runge <dvzrv@archlinux.org>

When importing RSA (OpenPGP or raw) keys or generating block cipher or
RSA keys, ensure that a valid bit length is used.

For block cipher keys only 128, 192 and 256 bits are valid.
For RSA the bit length must be equal to or greater than 2048.

Fixes #59



Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Replace `KeyType::matches_mechanisms` with `key_type_matches_mechanisms`
to allow easier reuse.
Improve the documentation of the methods `NetHsm::generate_key` and
`NethHsm::import_key` to more clearly state when `Error::Key` is
returned.

Signed-off-by: David Runge <dvzrv@archlinux.org>

The `nethsm-sdk-rs` crate ubiquitously relies on `i32` for providing
lengths and ports.
However, none of these use-cases require or even should allow signed
integers (ports can not be negative, neither can any of the lengths).
Change all use of `i32` to `u32` to allow failing early and convert
data only as needed before passing it to the facilities provided by
`nethsm-sdk-rs`.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

With 0.8.0 rustls-native-certs offers a `Vec<Error>` when loading the
system TLS certificates.
Hence we adapt the existing `Error::CertLoading` to take a
`Vec<rustls_native_certs::Error>` to provide more detailed messages
on error.
Further, we introduce another variant (`Error::NoSystemCertsAdded`) to
cover the case where we were not able to add any of the loaded system
certificates.

Signed-off-by: David Runge <dvzrv@archlinux.org>

This fixes a rare bug when importing OpenPGP keys with a scalar part
too short. Since OpenPGP does not preserve leading zeros and NetHSM
expects leading zeros this caused errors on import when the generated
scalar started with a zero value.

Pad the scalars to appropriate size before processing them
further. Additionally check for a scalar values that are not
compatible with the target curve.

Add a test case that was captured during a flaky test run.

Fixes: #70


Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

Devices in unprovisioned state do not require authentication, as there
are no users yet.
Previously, the `nethsm` tool would require providing credentials to the
command when restoring from backup, even if the targeted device was in
unprovisioned state.
This changes the `nethsm system restore` subcommand to first check the
device's state and only then require authentication if the device is in
operational state.

Fixes #25



Signed-off-by: David Runge <dvzrv@archlinux.org>

Instead of using the `config` and `prompt` modules, rely on the common
`nethsm-config` crate.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Provide a flexible, common configuration crate for end-user
applications, that may or may not rely on interactively prompting users
for further data (e.g. user names and passphrases).

Fixes #42



Signed-off-by: David Runge <dvzrv@archlinux.org>

Previous implementation emitted zero-padded MPIs with wrong bit sizes
which would trip other OpenPGP implementations.

This happened only when the resulting signature had a zero byte at the
beginning. It happened rarely and that's why the test was flaky.

The root cause was the use of an `pgp::types::Mpi::from_slice`
function which produces invalid MPIs so the code was refactored to use
a single safe function and the call has been forbidden by a clippy rule.

See: https://github.com/rpgp/rpgp/issues/401
Fixes: #67


Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

This is a simple enumeration of types with no inner structure which
makes it a good candidate for being `Copy`.

Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

This test runner already uncovered two bugs in our codebase and it
would be a good addition to the tooling.

See: https://blog.liw.fi/posts/2022/kilotest/


Inspired-by: Lars Wirzenius <liw@liw.fi>
Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

This patch also modifies the default `check` recipe to invoke the
stale link checker.

Fixes: #58


Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>