From 486da104571bb881c66b33d59e4cb30800320344 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Mon, 18 Mar 2019 16:10:10 +0100 Subject: Storage v0.54: enable 320 bit OTP secret and auth commands Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 0320ebb..7b8deaa 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -906,16 +906,16 @@ using nitrokey::misc::strcpyT; //authorization command is supported for versions equal or below: auto m = std::unordered_map({ {DeviceModel::PRO, 7}, - {DeviceModel::STORAGE, 999}, + {DeviceModel::STORAGE, 53}, }); return get_minor_firmware_version() <= m[device->get_device_model()]; } bool NitrokeyManager::is_320_OTP_secret_supported(){ - //authorization command is supported for versions equal or below: + // 320 bit OTP secret is supported by version bigger or equal to: auto m = std::unordered_map({ {DeviceModel::PRO, 8}, - {DeviceModel::STORAGE, 999}, + {DeviceModel::STORAGE, 54}, }); return get_minor_firmware_version() >= m[device->get_device_model()]; } -- cgit v1.2.3 From 59a81e5bc293959f75d977ded0ba091e985c3926 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Mon, 18 Mar 2019 16:36:58 +0100 Subject: Storage v0.54: activate tests for OTP320 and binary counter Signed-off-by: Szczepan Zalega --- unittest/test_pro.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/unittest/test_pro.py b/unittest/test_pro.py index 6ab7c1d..7d3dc69 100644 --- a/unittest/test_pro.py +++ b/unittest/test_pro.py @@ -709,7 +709,7 @@ def test_OTP_secret_started_from_null(C, secret): skip_if_device_version_lower_than({'S': 43, 'P': 8}) if len(secret) > 40: # feature: 320 bit long secret handling - skip_if_device_version_lower_than({'P': 8}) + skip_if_device_version_lower_than({'P': 8, 'S': 54}) oath = pytest.importorskip("oath") lib_at = lambda t: bb(oath.hotp(secret, t, format='dec6')) @@ -741,8 +741,8 @@ def test_HOTP_slots_read_write_counter(C, counter): :param counter: """ if counter >= 1e7: - # Storage does not handle counters longer than 7 digits - skip_if_device_version_lower_than({'P': 7}) + # Storage v0.53 and below does not handle counters longer than 7 digits + skip_if_device_version_lower_than({'P': 7, 'S': 54}) secret = RFC_SECRET oath = pytest.importorskip("oath") @@ -804,8 +804,8 @@ def test_TOTP_secrets(C, secret): skip_if_device_version_lower_than({'S': 44, 'P': 8}) if len(secret)>20*2: #*2 since secret is in hex - # pytest.skip("Secret lengths over 20 bytes are not supported by NK Pro 0.7 and NK Storage") - skip_if_device_version_lower_than({'P': 8}) + # pytest.skip("Secret lengths over 20 bytes are not supported by NK Pro 0.7 and NK Storage v0.53 and older") + skip_if_device_version_lower_than({'P': 8, 'S': 54}) slot_number = 0 time = 0 period = 30 @@ -836,7 +836,7 @@ def test_HOTP_secrets(C, secret): feature needed: support for 320bit secrets """ if len(secret)>40: - skip_if_device_version_lower_than({'P': 8}) + skip_if_device_version_lower_than({'P': 8, 'S': 54}) slot_number = 0 counter = 0 -- cgit v1.2.3 From ee79dfdaf06a865cb4c5e26daac1280c9ca09905 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Mon, 18 Mar 2019 20:15:58 +0100 Subject: Unlock 64 bit tests for Storage Signed-off-by: Szczepan Zalega --- unittest/misc.py | 6 +++++- unittest/test_pro.py | 6 +++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/unittest/misc.py b/unittest/misc.py index 8be915d..c1c197b 100644 --- a/unittest/misc.py +++ b/unittest/misc.py @@ -67,4 +67,8 @@ def is_storage(C): def is_long_OTP_secret_handled(C): - return is_pro_rtm_08(C) or is_storage(C) and get_devices_firmware_version(C) > 43 + return is_pro_rtm_08(C) or is_storage(C) and get_devices_firmware_version(C) >= 54 + + +def has_binary_counter(C): + return is_pro_rtm_07(C) or is_storage(C) and get_devices_firmware_version(C) >= 54 diff --git a/unittest/test_pro.py b/unittest/test_pro.py index 7d3dc69..d094dec 100644 --- a/unittest/test_pro.py +++ b/unittest/test_pro.py @@ -23,7 +23,7 @@ import pytest from conftest import skip_if_device_version_lower_than from constants import DefaultPasswords, DeviceErrorCode, RFC_SECRET, bb, bbRFC_SECRET -from misc import ffi, gs, wait, cast_pointer_to_tuple +from misc import ffi, gs, wait, cast_pointer_to_tuple, has_binary_counter from misc import is_pro_rtm_07, is_pro_rtm_08, is_storage @pytest.mark.lock_device @@ -409,7 +409,7 @@ def test_HOTP_counters(C): INT32_MAX = 2 ** 31 - 1 @pytest.mark.otp def test_HOTP_64bit_counter(C): - if is_storage(C): + if not has_binary_counter(C): pytest.xfail('bug in NK Storage HOTP firmware - counter is set with a 8 digits string, ' 'however int32max takes 10 digits to be written') oath = pytest.importorskip("oath") @@ -434,7 +434,7 @@ def test_HOTP_64bit_counter(C): @pytest.mark.otp def test_TOTP_64bit_time(C): - if is_storage(C): + if not has_binary_counter(C): pytest.xfail('bug in NK Storage TOTP firmware') oath = pytest.importorskip("oath") T = 1 -- cgit v1.2.3