summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSzczepan Zalega <szczepan@nitrokey.com>2019-03-19 08:20:01 +0100
committerSzczepan Zalega <szczepan@nitrokey.com>2019-03-19 08:20:01 +0100
commit07ab86a31ca07c58c58632d9b3845e9782855d0b (patch)
treee9efbc4a60a81bf7bfbe461691a916f9eccb6704
parent3788515d6546971a3ac6e46769fb8d6e6d24e159 (diff)
parentee79dfdaf06a865cb4c5e26daac1280c9ca09905 (diff)
downloadlibnitrokey-07ab86a31ca07c58c58632d9b3845e9782855d0b.tar.gz
libnitrokey-07ab86a31ca07c58c58632d9b3845e9782855d0b.tar.bz2
Merge branch '154-storage54'pre-v3.5
Add support for the Storage v0.54: - use binary OTP counter - handle 320 bit OTP secret - enable tests for these features Fixes #153 Fixes #154
-rw-r--r--NitrokeyManager.cc6
-rw-r--r--unittest/misc.py6
-rw-r--r--unittest/test_pro.py18
3 files changed, 17 insertions, 13 deletions
diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc
index 0320ebb..7b8deaa 100644
--- a/NitrokeyManager.cc
+++ b/NitrokeyManager.cc
@@ -906,16 +906,16 @@ using nitrokey::misc::strcpyT;
//authorization command is supported for versions equal or below:
auto m = std::unordered_map<DeviceModel , int, EnumClassHash>({
{DeviceModel::PRO, 7},
- {DeviceModel::STORAGE, 999},
+ {DeviceModel::STORAGE, 53},
});
return get_minor_firmware_version() <= m[device->get_device_model()];
}
bool NitrokeyManager::is_320_OTP_secret_supported(){
- //authorization command is supported for versions equal or below:
+ // 320 bit OTP secret is supported by version bigger or equal to:
auto m = std::unordered_map<DeviceModel , int, EnumClassHash>({
{DeviceModel::PRO, 8},
- {DeviceModel::STORAGE, 999},
+ {DeviceModel::STORAGE, 54},
});
return get_minor_firmware_version() >= m[device->get_device_model()];
}
diff --git a/unittest/misc.py b/unittest/misc.py
index 8be915d..c1c197b 100644
--- a/unittest/misc.py
+++ b/unittest/misc.py
@@ -67,4 +67,8 @@ def is_storage(C):
def is_long_OTP_secret_handled(C):
- return is_pro_rtm_08(C) or is_storage(C) and get_devices_firmware_version(C) > 43
+ return is_pro_rtm_08(C) or is_storage(C) and get_devices_firmware_version(C) >= 54
+
+
+def has_binary_counter(C):
+ return is_pro_rtm_07(C) or is_storage(C) and get_devices_firmware_version(C) >= 54
diff --git a/unittest/test_pro.py b/unittest/test_pro.py
index 6ab7c1d..d094dec 100644
--- a/unittest/test_pro.py
+++ b/unittest/test_pro.py
@@ -23,7 +23,7 @@ import pytest
from conftest import skip_if_device_version_lower_than
from constants import DefaultPasswords, DeviceErrorCode, RFC_SECRET, bb, bbRFC_SECRET
-from misc import ffi, gs, wait, cast_pointer_to_tuple
+from misc import ffi, gs, wait, cast_pointer_to_tuple, has_binary_counter
from misc import is_pro_rtm_07, is_pro_rtm_08, is_storage
@pytest.mark.lock_device
@@ -409,7 +409,7 @@ def test_HOTP_counters(C):
INT32_MAX = 2 ** 31 - 1
@pytest.mark.otp
def test_HOTP_64bit_counter(C):
- if is_storage(C):
+ if not has_binary_counter(C):
pytest.xfail('bug in NK Storage HOTP firmware - counter is set with a 8 digits string, '
'however int32max takes 10 digits to be written')
oath = pytest.importorskip("oath")
@@ -434,7 +434,7 @@ def test_HOTP_64bit_counter(C):
@pytest.mark.otp
def test_TOTP_64bit_time(C):
- if is_storage(C):
+ if not has_binary_counter(C):
pytest.xfail('bug in NK Storage TOTP firmware')
oath = pytest.importorskip("oath")
T = 1
@@ -709,7 +709,7 @@ def test_OTP_secret_started_from_null(C, secret):
skip_if_device_version_lower_than({'S': 43, 'P': 8})
if len(secret) > 40:
# feature: 320 bit long secret handling
- skip_if_device_version_lower_than({'P': 8})
+ skip_if_device_version_lower_than({'P': 8, 'S': 54})
oath = pytest.importorskip("oath")
lib_at = lambda t: bb(oath.hotp(secret, t, format='dec6'))
@@ -741,8 +741,8 @@ def test_HOTP_slots_read_write_counter(C, counter):
:param counter:
"""
if counter >= 1e7:
- # Storage does not handle counters longer than 7 digits
- skip_if_device_version_lower_than({'P': 7})
+ # Storage v0.53 and below does not handle counters longer than 7 digits
+ skip_if_device_version_lower_than({'P': 7, 'S': 54})
secret = RFC_SECRET
oath = pytest.importorskip("oath")
@@ -804,8 +804,8 @@ def test_TOTP_secrets(C, secret):
skip_if_device_version_lower_than({'S': 44, 'P': 8})
if len(secret)>20*2: #*2 since secret is in hex
- # pytest.skip("Secret lengths over 20 bytes are not supported by NK Pro 0.7 and NK Storage")
- skip_if_device_version_lower_than({'P': 8})
+ # pytest.skip("Secret lengths over 20 bytes are not supported by NK Pro 0.7 and NK Storage v0.53 and older")
+ skip_if_device_version_lower_than({'P': 8, 'S': 54})
slot_number = 0
time = 0
period = 30
@@ -836,7 +836,7 @@ def test_HOTP_secrets(C, secret):
feature needed: support for 320bit secrets
"""
if len(secret)>40:
- skip_if_device_version_lower_than({'P': 8})
+ skip_if_device_version_lower_than({'P': 8, 'S': 54})
slot_number = 0
counter = 0