diff options
| author | Szczepan Zalega <szczepan@nitrokey.com> | 2016-08-02 12:59:46 +0200 | 
|---|---|---|
| committer | Szczepan Zalega <szczepan@nitrokey.com> | 2016-08-05 10:17:25 +0200 | 
| commit | 618a346821b61125ad366faea8ffbb42c62dcbca (patch) | |
| tree | bd73ad916e8f0a9b9ba95c8ca4c44c1c5ee976f6 | |
| parent | 3e093f67f2bf662d408698398a581d888872cf67 (diff) | |
| download | libnitrokey-618a346821b61125ad366faea8ffbb42c62dcbca.tar.gz libnitrokey-618a346821b61125ad366faea8ffbb42c62dcbca.tar.bz2 | |
Test for regenerating AES key and destroying password safe
Signed-off-by: Szczepan Zalega <szczepan@nitrokey.com>
| -rw-r--r-- | unittest/test_bindings.py | 47 | 
1 files changed, 46 insertions, 1 deletions
| diff --git a/unittest/test_bindings.py b/unittest/test_bindings.py index afe7d0d..98b2d1b 100644 --- a/unittest/test_bindings.py +++ b/unittest/test_bindings.py @@ -107,11 +107,56 @@ def test_password_safe_slot_status(C):      safe_slot_status = C.NK_get_password_safe_slot_status()      assert C.NK_get_last_command_status() == DeviceErrorCode.STATUS_OK      is_slot_programmed = list(ffi.cast("uint8_t [16]", safe_slot_status)[0:16]) -    print ((is_slot_programmed, len(is_slot_programmed))) +    print((is_slot_programmed, len(is_slot_programmed)))      assert is_slot_programmed[0] == 0      assert is_slot_programmed[1] == 1 +@pytest.mark.skip(reason="issue to register, skipping for now") +def test_issue_device_locks_on_second_key_generation_in_sequence(C): +    assert C.NK_build_aes_key(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK +    assert C.NK_build_aes_key(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK + + +def test_regenerate_aes_key(C): +    C.NK_set_debug(True) +    assert C.NK_build_aes_key(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK +    assert C.NK_enable_password_safe(DefaultPasswords.USER) == DeviceErrorCode.STATUS_OK + + +def test_destroy_password_safe(C): +    """ +    Sometimes fails on NK Pro - slot name is not cleared ergo key generation has not succeed despite the success result +    returned from the device +    """ +    C.NK_set_debug(True) +    assert C.NK_enable_password_safe(DefaultPasswords.USER) == DeviceErrorCode.STATUS_OK +    # write password safe slot +    assert C.NK_write_password_safe_slot(0, 'slotname1', 'login1', 'pass1') == DeviceErrorCode.STATUS_OK +    # read slot +    assert gs(C.NK_get_password_safe_slot_name(0)) == 'slotname1' +    assert C.NK_get_last_command_status() == DeviceErrorCode.STATUS_OK +    slot_login = C.NK_get_password_safe_slot_login(0) +    assert C.NK_get_last_command_status() == DeviceErrorCode.STATUS_OK +    assert gs(slot_login) == 'login1' +    # destroy password safe by regenerating aes key +    assert C.NK_lock_device() == DeviceErrorCode.STATUS_OK + +    assert C.NK_first_authenticate(DefaultPasswords.ADMIN, DefaultPasswords.ADMIN_TEMP) == DeviceErrorCode.STATUS_OK +    assert C.NK_build_aes_key(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK +    assert C.NK_enable_password_safe(DefaultPasswords.USER) == DeviceErrorCode.STATUS_OK + +    assert gs(C.NK_get_password_safe_slot_name(0)) != 'slotname1' +    assert C.NK_get_last_command_status() == DeviceErrorCode.STATUS_OK + +    # check was slot status cleared +    safe_slot_status = C.NK_get_password_safe_slot_status() +    assert C.NK_get_last_command_status() == DeviceErrorCode.STATUS_OK +    is_slot_programmed = list(ffi.cast("uint8_t [16]", safe_slot_status)[0:16]) +    assert is_slot_programmed[0] == 0 + + +  def test_admin_PIN_change(C):      new_password = '123123123'      assert C.NK_change_admin_PIN('wrong_password', new_password) == DeviceErrorCode.WRONG_PASSWORD | 
