diff --git a/pynitrokey/cli/nk3/__init__.py b/pynitrokey/cli/nk3/__init__.py index 67120599..1ac23052 100644 --- a/pynitrokey/cli/nk3/__init__.py +++ b/pynitrokey/cli/nk3/__init__.py @@ -502,6 +502,11 @@ def version(ctx: Context) -> None: version = device.version() local_print(version) +@nk3.command() +@click.pass_obj +def factory_reset(ctx: Context) -> None: + with ctx.connect_device() as device: + device.factory_reset() @nk3.command() @click.pass_obj diff --git a/pynitrokey/nk3/admin_app.py b/pynitrokey/nk3/admin_app.py index d2265978..0459f272 100644 --- a/pynitrokey/nk3/admin_app.py +++ b/pynitrokey/nk3/admin_app.py @@ -18,6 +18,7 @@ class AdminCommand(Enum): TEST_SE050 = 0x81 GET_CONFIG = 0x82 SET_CONFIG = 0x83 + FACTORY_RESET = 0x84 @enum.unique @@ -56,6 +57,29 @@ class Status: efs_blocks: Optional[int] = None variant: Optional[Variant] = None +@enum.unique +class FactoryResetStatus(Enum): + SUCCESS = 0 + NOT_CONFIRMED = 0x01; + APP_NOT_ALLOWED = 0x02; + APP_FAILED_PARSE = 0x03; + + @classmethod + def from_int(cls, i: int) ->Optional["FactoryResetStatus"]: + for status in FactoryResetStatus: + if status.value == i: + return Status + return None + + @classmethod + def check(cls, i: int, msg: str) -> None: + status = FactoryResetStatus.from_int(i) + if status != FactoryResetStatus.SUCCESS: + if status: + error = str(status) + else: + error = f"unknown error {i:x}" + raise Exception(f"{msg}: {error}") @enum.unique class ConfigStatus(Enum): @@ -148,3 +172,15 @@ def set_config(self, key: str, value: str) -> None: reply = self._call(AdminCommand.SET_CONFIG, data=request, response_len=1) assert reply ConfigStatus.check(reply[0], "Failed to set config value") + + def factory_reset(self) -> None: + try: + reply = self._call(AdminCommand.FACTORY_RESET, response_len=1) + assert reply + except OSError as e: + if e.errno == 5: + self.device.logger.debug("ignoring OSError after reboot", exc_info=e) + return + else: + raise e + FactoryResetStatus.check(reply[0], "Failed to factory reset the device") diff --git a/pynitrokey/nk3/device.py b/pynitrokey/nk3/device.py index 99886e9e..a7defe12 100644 --- a/pynitrokey/nk3/device.py +++ b/pynitrokey/nk3/device.py @@ -114,6 +114,9 @@ def uuid(self) -> Optional[Uuid]: def version(self) -> Version: return self.admin.version() + def factory_reset(self) -> None: + self.admin.factory_reset() + def wink(self) -> None: self.device.wink()