From 809b618d4d064cedc7070cac5ccc8797e5d89f54 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 16:58:24 +0100 Subject: Correct getting minor and major from firmware version Add get_minor_firmware_version Correct get_major_firmware version (was returning minor instead) Name 3rd version field for test builds Use minor firmware version in tests Signed-off-by: Szczepan Zalega --- unittest/conftest.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'unittest') diff --git a/unittest/conftest.py b/unittest/conftest.py index 8f386e0..edcbff4 100644 --- a/unittest/conftest.py +++ b/unittest/conftest.py @@ -83,7 +83,7 @@ def C(request): print('No devices detected!') assert nk_login != 0 # returns 0 if not connected or wrong model or 1 when connected global device_type - firmware_version = C.NK_get_major_firmware_version() + firmware_version = C.NK_get_minor_firmware_version() model = 'P' if firmware_version in [7,8] else 'S' device_type = (model, firmware_version) -- cgit v1.2.3 From 0363caa230c06f920c9bd6bd9ecc349d322af016 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 17:25:46 +0100 Subject: Tests for unencrypted volume switching with Admin PIN Signed-off-by: Szczepan Zalega --- unittest/test_storage.py | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'unittest') diff --git a/unittest/test_storage.py b/unittest/test_storage.py index 67bbf8b..9d39371 100644 --- a/unittest/test_storage.py +++ b/unittest/test_storage.py @@ -273,6 +273,20 @@ def test_unencrypted_volume_set_read_write(C): assert C.NK_set_unencrypted_read_write(DefaultPasswords.USER) == DeviceErrorCode.STATUS_OK +@pytest.mark.unencrypted +def test_unencrypted_volume_set_read_only(C): + skip_if_device_version_lower_than({'S': 49}) + assert C.NK_lock_device() == DeviceErrorCode.STATUS_OK + assert C.NK_set_unencrypted_read_only(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK + + +@pytest.mark.unencrypted +def test_unencrypted_volume_set_read_write(C): + skip_if_device_version_lower_than({'S': 49}) + assert C.NK_lock_device() == DeviceErrorCode.STATUS_OK + assert C.NK_set_unencrypted_read_write(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK + + @pytest.mark.other def test_export_firmware(C): skip_if_device_version_lower_than({'S': 43}) -- cgit v1.2.3 From 025774fc3759683a8ec0f6b1598b1e34b550e6d5 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 17:31:36 +0100 Subject: Tests: set debug level from environment variable, show connected device model and version Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 1 + unittest/conftest.py | 6 ++++-- unittest/test_storage.py | 2 ++ 3 files changed, 7 insertions(+), 2 deletions(-) (limited to 'unittest') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index eb52eee..de52e25 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -30,6 +30,7 @@ #include #include "include/cxx_semantics.h" #include +#include std::mutex nitrokey::proto::send_receive_mtx; diff --git a/unittest/conftest.py b/unittest/conftest.py index edcbff4..26536cf 100644 --- a/unittest/conftest.py +++ b/unittest/conftest.py @@ -77,7 +77,8 @@ def C(request): print("No library file found") sys.exit(1) - C.NK_set_debug(False) + C.NK_set_debug_level(int(os.environ.get('LIBNK_DEBUG', 2))) + nk_login = C.NK_login_auto() if nk_login != 1: print('No devices detected!') @@ -86,6 +87,7 @@ def C(request): firmware_version = C.NK_get_minor_firmware_version() model = 'P' if firmware_version in [7,8] else 'S' device_type = (model, firmware_version) + print('Connected device: {} {}'.format(model, firmware_version)) # assert C.NK_first_authenticate(DefaultPasswords.ADMIN, DefaultPasswords.ADMIN_TEMP) == DeviceErrorCode.STATUS_OK # assert C.NK_user_authenticate(DefaultPasswords.USER, DefaultPasswords.USER_TEMP) == DeviceErrorCode.STATUS_OK @@ -99,6 +101,6 @@ def C(request): request.addfinalizer(fin) # C.NK_set_debug(True) - C.NK_set_debug_level(3) + C.NK_set_debug_level(int(os.environ.get('LIBNK_DEBUG', 3))) return C diff --git a/unittest/test_storage.py b/unittest/test_storage.py index 9d39371..f3fd801 100644 --- a/unittest/test_storage.py +++ b/unittest/test_storage.py @@ -53,6 +53,8 @@ def test_get_status_storage(C): status_dict = get_dict_from_dissect(status_string.decode('ascii')) default_admin_password_retry_count = 3 assert int(status_dict['AdminPwRetryCount']) == default_admin_password_retry_count + print('C.NK_get_major_firmware_version(): {}'.format(C.NK_get_major_firmware_version())) + print('C.NK_get_minor_firmware_version(): {}'.format(C.NK_get_minor_firmware_version())) @pytest.mark.other -- cgit v1.2.3 From 60b14805b2cb80808c2fcf644699e7cde8e088ac Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 18:10:28 +0100 Subject: Add tests for Encrypted volume ro/rw switch Signed-off-by: Szczepan Zalega --- unittest/test_storage.py | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'unittest') diff --git a/unittest/test_storage.py b/unittest/test_storage.py index f3fd801..9897727 100644 --- a/unittest/test_storage.py +++ b/unittest/test_storage.py @@ -289,6 +289,20 @@ def test_unencrypted_volume_set_read_write(C): assert C.NK_set_unencrypted_read_write(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK +@pytest.mark.encrypted +def test_encrypted_volume_set_read_only(C): + skip_if_device_version_lower_than({'S': 49}) + assert C.NK_lock_device() == DeviceErrorCode.STATUS_OK + assert C.NK_set_encrypted_read_only(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK + + +@pytest.mark.encrypted +def test_encrypted_volume_set_read_write(C): + skip_if_device_version_lower_than({'S': 49}) + assert C.NK_lock_device() == DeviceErrorCode.STATUS_OK + assert C.NK_set_encrypted_read_write(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK + + @pytest.mark.other def test_export_firmware(C): skip_if_device_version_lower_than({'S': 43}) -- cgit v1.2.3 From 87478e8a8a5329a4f5e4a59364bd1f7f359b71e6 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 18:12:43 +0100 Subject: Allow to call CFFI loading function from Python console Signed-off-by: Szczepan Zalega --- unittest/conftest.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'unittest') diff --git a/unittest/conftest.py b/unittest/conftest.py index 26536cf..49f1502 100644 --- a/unittest/conftest.py +++ b/unittest/conftest.py @@ -34,7 +34,7 @@ def skip_if_device_version_lower_than(allowed_devices): @pytest.fixture(scope="module") -def C(request): +def C(request=None): fp = '../NK_C_API.h' declarations = [] @@ -99,7 +99,8 @@ def C(request): C.NK_logout() print('Finished') - request.addfinalizer(fin) + if request: + request.addfinalizer(fin) # C.NK_set_debug(True) C.NK_set_debug_level(int(os.environ.get('LIBNK_DEBUG', 3))) -- cgit v1.2.3 From c0ee79f93a97b511661f99d45606e2c433d15344 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Wed, 20 Dec 2017 20:00:05 +0100 Subject: Do not run C_API tests if not connected Signed-off-by: Szczepan Zalega --- unittest/test_C_API.cpp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'unittest') diff --git a/unittest/test_C_API.cpp b/unittest/test_C_API.cpp index d5076c4..be47f08 100644 --- a/unittest/test_C_API.cpp +++ b/unittest/test_C_API.cpp @@ -28,8 +28,10 @@ static const int TOO_LONG_STRING = 200; #include "log.h" #include "../NK_C_API.h" +int login; + TEST_CASE("C API connect", "[BASIC]") { - auto login = NK_login_auto(); + login = NK_login_auto(); REQUIRE(login != 0); NK_logout(); login = NK_login_auto(); @@ -40,11 +42,13 @@ TEST_CASE("C API connect", "[BASIC]") { } TEST_CASE("Check retry count", "[BASIC]") { + REQUIRE(login != 0); REQUIRE(NK_get_admin_retry_count() == 3); REQUIRE(NK_get_user_retry_count() == 3); } TEST_CASE("Check long strings", "[STANDARD]") { + REQUIRE(login != 0); const char* longPin = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"; const char* pin = "123123123"; auto result = NK_change_user_PIN(longPin, pin); -- cgit v1.2.3 From df36c4bf6b60903e458b86af89e2750dbcf263ff Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 23 Feb 2018 12:51:49 +0100 Subject: Tests: rename _admin related and skip not supported encrypted volume ro/rw tests Signed-off-by: Szczepan Zalega --- unittest/test_storage.py | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) (limited to 'unittest') diff --git a/unittest/test_storage.py b/unittest/test_storage.py index 9897727..41c785f 100644 --- a/unittest/test_storage.py +++ b/unittest/test_storage.py @@ -276,29 +276,31 @@ def test_unencrypted_volume_set_read_write(C): @pytest.mark.unencrypted -def test_unencrypted_volume_set_read_only(C): - skip_if_device_version_lower_than({'S': 49}) +def test_unencrypted_volume_set_read_only_admin(C): + skip_if_device_version_lower_than({'S': 51}) assert C.NK_lock_device() == DeviceErrorCode.STATUS_OK - assert C.NK_set_unencrypted_read_only(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK + assert C.NK_set_unencrypted_read_only_admin(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK @pytest.mark.unencrypted -def test_unencrypted_volume_set_read_write(C): - skip_if_device_version_lower_than({'S': 49}) +def test_unencrypted_volume_set_read_write_admin(C): + skip_if_device_version_lower_than({'S': 51}) assert C.NK_lock_device() == DeviceErrorCode.STATUS_OK - assert C.NK_set_unencrypted_read_write(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK + assert C.NK_set_unencrypted_read_write_admin(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK @pytest.mark.encrypted +@pytest.mark.skip(reason='not supported on recent firmware, except v0.49') def test_encrypted_volume_set_read_only(C): - skip_if_device_version_lower_than({'S': 49}) + skip_if_device_version_lower_than({'S': 99}) assert C.NK_lock_device() == DeviceErrorCode.STATUS_OK assert C.NK_set_encrypted_read_only(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK @pytest.mark.encrypted +@pytest.mark.skip(reason='not supported on recent firmware, except v0.49') def test_encrypted_volume_set_read_write(C): - skip_if_device_version_lower_than({'S': 49}) + skip_if_device_version_lower_than({'S': 99}) assert C.NK_lock_device() == DeviceErrorCode.STATUS_OK assert C.NK_set_encrypted_read_write(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK -- cgit v1.2.3 From bca1d0c3e458b3a12fe0117d1c7bd50548bef777 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 23 Feb 2018 10:08:55 +0100 Subject: Tests: make sure encrypted volume is enabled before unlocking hidden volume Signed-off-by: Szczepan Zalega --- unittest/test_storage.py | 2 ++ 1 file changed, 2 insertions(+) (limited to 'unittest') diff --git a/unittest/test_storage.py b/unittest/test_storage.py index 41c785f..096709d 100644 --- a/unittest/test_storage.py +++ b/unittest/test_storage.py @@ -246,6 +246,8 @@ def test_hidden_volume_corruption(C): hidden_volume_password = b'hiddenpassword' p = lambda i: hidden_volume_password + bb(str(i)) volumes_to_setup = 4 + assert C.NK_lock_device() == DeviceErrorCode.STATUS_OK + assert C.NK_unlock_encrypted_volume(DefaultPasswords.USER) == DeviceErrorCode.STATUS_OK for i in range(volumes_to_setup): assert C.NK_create_hidden_volume(i, 20 + i * 10, 20 + i * 10 + i + 1, p(i)) == DeviceErrorCode.STATUS_OK assert C.NK_unlock_hidden_volume(p(i)) == DeviceErrorCode.STATUS_OK -- cgit v1.2.3