summaryrefslogtreecommitdiff
path: root/unittest
diff options
context:
space:
mode:
authorSzczepan Zalega <szczepan@nitrokey.com>2016-11-16 18:32:38 +0100
committerSzczepan Zalega <szczepan@nitrokey.com>2016-12-03 16:01:50 +0100
commitcbccc871329c5522449010ae5007278123508820 (patch)
tree0362686697508b3f3438ba437fdd5c83389abaad /unittest
parent54d3b649b4c6d51120c16c64b7f824c81123a807 (diff)
downloadlibnitrokey-cbccc871329c5522449010ae5007278123508820.tar.gz
libnitrokey-cbccc871329c5522449010ae5007278123508820.tar.bz2
Use another OTP writing protocol and test it
Signed-off-by: Szczepan Zalega <szczepan@nitrokey.com>
Diffstat (limited to 'unittest')
-rw-r--r--unittest/constants.py2
-rw-r--r--unittest/test3.cc111
-rw-r--r--unittest/test_pro.py33
3 files changed, 101 insertions, 45 deletions
diff --git a/unittest/constants.py b/unittest/constants.py
index 78a219b..3c19a9b 100644
--- a/unittest/constants.py
+++ b/unittest/constants.py
@@ -2,7 +2,7 @@ from enum import Enum
from misc import to_hex
RFC_SECRET_HR = '12345678901234567890'
-RFC_SECRET = to_hex(RFC_SECRET_HR) # '12345678901234567890'
+RFC_SECRET = to_hex(RFC_SECRET_HR) # '3031323334353637383930...'
# print( repr((RFC_SECRET, RFC_SECRET_, len(RFC_SECRET))) )
diff --git a/unittest/test3.cc b/unittest/test3.cc
index 7f779a5..7b37a60 100644
--- a/unittest/test3.cc
+++ b/unittest/test3.cc
@@ -49,18 +49,26 @@ TEST_CASE("write slot", "[pronew]"){
connect_and_setup(stick);
authorize(stick);
- auto p = get_payload<WriteToHOTPSlot>();
- strcpyT(p.slot_secret, RFC_SECRET);
- strcpyT(p.temporary_admin_password, temporary_password);
- p.use_8_digits = true;
- stick10_08::WriteToHOTPSlot::CommandTransaction::run(stick, p);
+ auto p2 = get_payload<SendOTPData>();
+ strcpyT(p2.temporary_admin_password, temporary_password);
+ p2.setTypeName();
+ strcpyT(p2.data, "test name aaa");
+ p2.length = strlen((const char *) p2.data);
+ stick10_08::SendOTPData::CommandTransaction::run(stick, p2);
- auto p2 = get_payload<WriteToHOTPSlot_2>();
+ p2 = get_payload<SendOTPData>();
strcpyT(p2.temporary_admin_password, temporary_password);
- p2.slot_number = 0 + 0x10;
- p2.slot_counter = 0;
- strcpyT(p2.slot_name, "test name aaa");
- stick10_08::WriteToHOTPSlot_2::CommandTransaction::run(stick, p2);
+ strcpyT(p2.data, RFC_SECRET);
+ p2.length = strlen(RFC_SECRET);
+ p2.setTypeSecret();
+ stick10_08::SendOTPData::CommandTransaction::run(stick, p2);
+
+ auto p = get_payload<WriteToOTPSlot>();
+ strcpyT(p.temporary_admin_password, temporary_password);
+ p.use_8_digits = true;
+ p.slot_number = 0 + 0x10;
+ p.slot_counter_or_interval = 0;
+ stick10_08::WriteToOTPSlot::CommandTransaction::run(stick, p);
auto pc = get_payload<WriteGeneralConfig>();
pc.enable_user_password = 0;
@@ -119,23 +127,34 @@ TEST_CASE("authorize user HOTP", "[pronew]") {
connect_and_setup(stick);
authorize(stick);
- auto p = get_payload<WriteGeneralConfig>();
- p.enable_user_password = 1;
- strcpyT(p.temporary_admin_password, temporary_password);
- WriteGeneralConfig::CommandTransaction::run(stick, p);
+ {
+ auto p = get_payload<WriteGeneralConfig>();
+ p.enable_user_password = 1;
+ strcpyT(p.temporary_admin_password, temporary_password);
+ WriteGeneralConfig::CommandTransaction::run(stick, p);
+ }
+
+ auto p2 = get_payload<SendOTPData>();
+ strcpyT(p2.temporary_admin_password, temporary_password);
+ p2.setTypeName();
+ strcpyT(p2.data, "test name aaa");
+ p2.length = strlen((const char *) p2.data);
+ stick10_08::SendOTPData::CommandTransaction::run(stick, p2);
+
+ p2 = get_payload<SendOTPData>();
+ strcpyT(p2.temporary_admin_password, temporary_password);
+ strcpyT(p2.data, RFC_SECRET);
+ p2.length = strlen(RFC_SECRET);
+ p2.setTypeSecret();
+ stick10_08::SendOTPData::CommandTransaction::run(stick, p2);
- auto pw = get_payload<WriteToHOTPSlot>();
- strcpyT(pw.slot_secret, RFC_SECRET);
- strcpyT(pw.temporary_admin_password, temporary_password);
- pw.use_8_digits = true;
- WriteToHOTPSlot::CommandTransaction::run(stick, pw);
+ auto p = get_payload<WriteToOTPSlot>();
+ strcpyT(p.temporary_admin_password, temporary_password);
+ p.use_8_digits = true;
+ p.slot_number = 0 + 0x10;
+ p.slot_counter_or_interval = 0;
+ stick10_08::WriteToOTPSlot::CommandTransaction::run(stick, p);
- auto pw2 = get_payload<WriteToHOTPSlot_2>();
- strcpyT(pw2.temporary_admin_password, temporary_password);
- pw2.slot_number = 0 + 0x10;
- pw2.slot_counter = 0;
- strcpyT(pw2.slot_name, "test name aaa");
- WriteToHOTPSlot_2::CommandTransaction::run(stick, pw2);
auto p3 = get_payload<GetHOTP>();
p3.slot_number = 0 + 0x10;
@@ -161,23 +180,33 @@ TEST_CASE("authorize user TOTP", "[pronew]") {
connect_and_setup(stick);
authorize(stick);
- auto p = get_payload<WriteGeneralConfig>();
- p.enable_user_password = 1;
- strcpyT(p.temporary_admin_password, temporary_password);
- WriteGeneralConfig::CommandTransaction::run(stick, p);
+ {
+ auto p = get_payload<WriteGeneralConfig>();
+ p.enable_user_password = 1;
+ strcpyT(p.temporary_admin_password, temporary_password);
+ WriteGeneralConfig::CommandTransaction::run(stick, p);
+ }
- auto pw = get_payload<WriteToTOTPSlot>();
- strcpyT(pw.slot_secret, RFC_SECRET);
- strcpyT(pw.temporary_admin_password, temporary_password);
- pw.use_8_digits = true;
- WriteToTOTPSlot::CommandTransaction::run(stick, pw);
-
- auto pw2 = get_payload<WriteToTOTPSlot_2>();
- strcpyT(pw2.temporary_admin_password, temporary_password);
- pw2.slot_number = 0 + 0x20;
- pw2.slot_interval= 30;
- strcpyT(pw2.slot_name, "test name TOTP");
- WriteToTOTPSlot_2::CommandTransaction::run(stick, pw2);
+ auto p2 = get_payload<SendOTPData>();
+ strcpyT(p2.temporary_admin_password, temporary_password);
+ p2.setTypeName();
+ strcpyT(p2.data, "test name TOTP");
+ p2.length = strlen((const char *) p2.data);
+ stick10_08::SendOTPData::CommandTransaction::run(stick, p2);
+
+ p2 = get_payload<SendOTPData>();
+ strcpyT(p2.temporary_admin_password, temporary_password);
+ strcpyT(p2.data, RFC_SECRET);
+ p2.length = strlen(RFC_SECRET);
+ p2.setTypeSecret();
+ stick10_08::SendOTPData::CommandTransaction::run(stick, p2);
+
+ auto p = get_payload<WriteToOTPSlot>();
+ strcpyT(p.temporary_admin_password, temporary_password);
+ p.use_8_digits = true;
+ p.slot_number = 0 + 0x20;
+ p.slot_counter_or_interval = 30;
+ stick10_08::WriteToOTPSlot::CommandTransaction::run(stick, p);
auto p_get_totp = get_payload<GetTOTP>();
p_get_totp.slot_number = 0 + 0x20;
diff --git a/unittest/test_pro.py b/unittest/test_pro.py
index a9e9fa4..3632ecd 100644
--- a/unittest/test_pro.py
+++ b/unittest/test_pro.py
@@ -536,7 +536,7 @@ def test_HOTP_slots_read_write_counter(C, counter):
lib_res = []
for slot_number in range(3):
assert C.NK_first_authenticate(DefaultPasswords.ADMIN, DefaultPasswords.ADMIN_TEMP) == DeviceErrorCode.STATUS_OK
- assert C.NK_write_hotp_slot(slot_number, 'null_secret', secret, counter, use_8_digits, False, False, "",
+ assert C.NK_write_hotp_slot(slot_number, 'HOTP rw' + str(slot_number), secret, counter, use_8_digits, False, False, "",
DefaultPasswords.ADMIN_TEMP) == DeviceErrorCode.STATUS_OK
code_device = str(C.NK_get_hotp_code(slot_number))
code_device = '0'+code_device if len(code_device) < 6 else code_device
@@ -546,7 +546,7 @@ def test_HOTP_slots_read_write_counter(C, counter):
@pytest.mark.parametrize("period", [30,60] )
-@pytest.mark.parametrize("time", range(20,70,20) )
+@pytest.mark.parametrize("time", range(21,70,20) )
def test_TOTP_slots_read_write_at_time_period(C, time, period):
secret = RFC_SECRET
oath = pytest.importorskip("oath")
@@ -561,7 +561,7 @@ def test_TOTP_slots_read_write_at_time_period(C, time, period):
lib_res = []
for slot_number in range(15):
assert C.NK_first_authenticate(DefaultPasswords.ADMIN, DefaultPasswords.ADMIN_TEMP) == DeviceErrorCode.STATUS_OK
- assert C.NK_write_totp_slot(slot_number, 'null_secret', secret, period, use_8_digits, False, False, "",
+ assert C.NK_write_totp_slot(slot_number, 'TOTP rw' + str(slot_number), secret, period, use_8_digits, False, False, "",
DefaultPasswords.ADMIN_TEMP) == DeviceErrorCode.STATUS_OK
assert C.NK_first_authenticate(DefaultPasswords.ADMIN, DefaultPasswords.ADMIN_TEMP) == DeviceErrorCode.STATUS_OK
assert C.NK_totp_set_time(time) == DeviceErrorCode.STATUS_OK
@@ -572,5 +572,32 @@ def test_TOTP_slots_read_write_at_time_period(C, time, period):
assert dev_res == lib_res
+@pytest.mark.parametrize("secret", [RFC_SECRET, 2*RFC_SECRET] )
+def test_TOTP_secrets(C, secret):
+ slot_number = 0
+ time = 0
+ period = 30
+ oath = pytest.importorskip("oath")
+ lib_at = lambda t: oath.totp(secret, t=t, period=period)
+ PIN_protection = False
+ use_8_digits = False
+ T = 0
+ assert C.NK_first_authenticate(DefaultPasswords.ADMIN, DefaultPasswords.ADMIN_TEMP) == DeviceErrorCode.STATUS_OK
+ assert C.NK_write_config(255, 255, 255, PIN_protection, not PIN_protection,
+ DefaultPasswords.ADMIN_TEMP) == DeviceErrorCode.STATUS_OK
+ dev_res = []
+ lib_res = []
+ assert C.NK_first_authenticate(DefaultPasswords.ADMIN, DefaultPasswords.ADMIN_TEMP) == DeviceErrorCode.STATUS_OK
+ assert C.NK_write_totp_slot(slot_number, 'TOTP secret' + str(slot_number), secret, period, use_8_digits, False, False, "",
+ DefaultPasswords.ADMIN_TEMP) == DeviceErrorCode.STATUS_OK
+ assert C.NK_first_authenticate(DefaultPasswords.ADMIN, DefaultPasswords.ADMIN_TEMP) == DeviceErrorCode.STATUS_OK
+ assert C.NK_totp_set_time(time) == DeviceErrorCode.STATUS_OK
+ code_device = str(C.NK_get_totp_code(slot_number, T, 0, period))
+ code_device = '0'+code_device if len(code_device) < 6 else code_device
+ dev_res += (time, code_device)
+ lib_res += (time, lib_at(time))
+ assert dev_res == lib_res
+
+