Merge branch '154-storage54'pre-v3.5

Add support for the Storage v0.54: - use binary OTP counter - handle 320 bit OTP secret - enable tests for these features Fixes #153 Fixes #154
author: Szczepan Zalega <szczepan@nitrokey.com> 2019-03-19 08:20:01 +0100
committer: Szczepan Zalega <szczepan@nitrokey.com> 2019-03-19 08:20:01 +0100
commit: 07ab86a31ca07c58c58632d9b3845e9782855d0b (patch)
tree: e9efbc4a60a81bf7bfbe461691a916f9eccb6704
parent: 3788515d6546971a3ac6e46769fb8d6e6d24e159 (diff)
parent: ee79dfdaf06a865cb4c5e26daac1280c9ca09905 (diff)
download: libnitrokey-07ab86a31ca07c58c58632d9b3845e9782855d0b.tar.gz
libnitrokey-07ab86a31ca07c58c58632d9b3845e9782855d0b.tar.bz2
3 files changed, 17 insertions, 13 deletions
diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc
index 0320ebb..7b8deaa 100644
--- a/NitrokeyManager.cc
+++ b/NitrokeyManager.cc
@@ -906,16 +906,16 @@ using nitrokey::misc::strcpyT;
       //authorization command is supported for versions equal or below:
         auto m = std::unordered_map<DeviceModel , int, EnumClassHash>({
                                                {DeviceModel::PRO, 7},
-                                               {DeviceModel::STORAGE, 999},
+                                               {DeviceModel::STORAGE, 53},
          });
         return get_minor_firmware_version() <= m[device->get_device_model()];
     }
 
     bool NitrokeyManager::is_320_OTP_secret_supported(){
-      //authorization command is supported for versions equal or below:
+        // 320 bit OTP secret is supported by version bigger or equal to:
         auto m = std::unordered_map<DeviceModel , int, EnumClassHash>({
                                                {DeviceModel::PRO, 8},
-                                               {DeviceModel::STORAGE, 999},
+                                               {DeviceModel::STORAGE, 54},
          });
         return get_minor_firmware_version() >= m[device->get_device_model()];
     }
diff --git a/unittest/misc.py b/unittest/misc.py
index 8be915d..c1c197b 100644
--- a/unittest/misc.py
+++ b/unittest/misc.py
@@ -67,4 +67,8 @@ def is_storage(C):
 
 
 def is_long_OTP_secret_handled(C):
-    return is_pro_rtm_08(C) or is_storage(C) and get_devices_firmware_version(C) > 43
+    return is_pro_rtm_08(C) or is_storage(C) and get_devices_firmware_version(C) >= 54
+
+
+def has_binary_counter(C):
+    return is_pro_rtm_07(C) or is_storage(C) and get_devices_firmware_version(C) >= 54
diff --git a/unittest/test_pro.py b/unittest/test_pro.py
index 6ab7c1d..d094dec 100644
--- a/unittest/test_pro.py
+++ b/unittest/test_pro.py
@@ -23,7 +23,7 @@ import pytest
 
 from conftest import skip_if_device_version_lower_than
 from constants import DefaultPasswords, DeviceErrorCode, RFC_SECRET, bb, bbRFC_SECRET
-from misc import ffi, gs, wait, cast_pointer_to_tuple
+from misc import ffi, gs, wait, cast_pointer_to_tuple, has_binary_counter
 from misc import is_pro_rtm_07, is_pro_rtm_08, is_storage
 
 @pytest.mark.lock_device
@@ -409,7 +409,7 @@ def test_HOTP_counters(C):
 INT32_MAX = 2 ** 31 - 1
 @pytest.mark.otp
 def test_HOTP_64bit_counter(C):
-    if is_storage(C):
+    if not has_binary_counter(C):
         pytest.xfail('bug in NK Storage HOTP firmware - counter is set with a 8 digits string, '
                      'however int32max takes 10 digits to be written')
     oath = pytest.importorskip("oath")
@@ -434,7 +434,7 @@ def test_HOTP_64bit_counter(C):
 
 @pytest.mark.otp
 def test_TOTP_64bit_time(C):
-    if is_storage(C):
+    if not has_binary_counter(C):
         pytest.xfail('bug in NK Storage TOTP firmware')
     oath = pytest.importorskip("oath")
     T = 1
@@ -709,7 +709,7 @@ def test_OTP_secret_started_from_null(C, secret):
     skip_if_device_version_lower_than({'S': 43, 'P': 8})
     if len(secret) > 40:
         # feature: 320 bit long secret handling
-        skip_if_device_version_lower_than({'P': 8})
+        skip_if_device_version_lower_than({'P': 8, 'S': 54})
 
     oath = pytest.importorskip("oath")
     lib_at = lambda t: bb(oath.hotp(secret, t, format='dec6'))
@@ -741,8 +741,8 @@ def test_HOTP_slots_read_write_counter(C, counter):
     :param counter:
     """
     if counter >= 1e7:
-        # Storage does not handle counters longer than 7 digits
-        skip_if_device_version_lower_than({'P': 7})
+        # Storage v0.53 and below does not handle counters longer than 7 digits
+        skip_if_device_version_lower_than({'P': 7, 'S': 54})
 
     secret = RFC_SECRET
     oath = pytest.importorskip("oath")
@@ -804,8 +804,8 @@ def test_TOTP_secrets(C, secret):
     skip_if_device_version_lower_than({'S': 44, 'P': 8})
 
     if len(secret)>20*2: #*2 since secret is in hex
-        # pytest.skip("Secret lengths over 20 bytes are not supported by NK Pro 0.7 and NK Storage")
-        skip_if_device_version_lower_than({'P': 8})
+        # pytest.skip("Secret lengths over 20 bytes are not supported by NK Pro 0.7 and NK Storage v0.53 and older")
+        skip_if_device_version_lower_than({'P': 8, 'S': 54})
     slot_number = 0
     time = 0
     period = 30
@@ -836,7 +836,7 @@ def test_HOTP_secrets(C, secret):
     feature needed: support for 320bit secrets
     """
     if len(secret)>40:
-        skip_if_device_version_lower_than({'P': 8})
+        skip_if_device_version_lower_than({'P': 8, 'S': 54})
 
     slot_number = 0
     counter = 0
author	Szczepan Zalega <szczepan@nitrokey.com>	2019-03-19 08:20:01 +0100
committer	Szczepan Zalega <szczepan@nitrokey.com>	2019-03-19 08:20:01 +0100
commit	07ab86a31ca07c58c58632d9b3845e9782855d0b (patch)
tree	e9efbc4a60a81bf7bfbe461691a916f9eccb6704
parent	3788515d6546971a3ac6e46769fb8d6e6d24e159 (diff)
parent	ee79dfdaf06a865cb4c5e26daac1280c9ca09905 (diff)
download	libnitrokey-07ab86a31ca07c58c58632d9b3845e9782855d0b.tar.gz libnitrokey-07ab86a31ca07c58c58632d9b3845e9782855d0b.tar.bz2