summaryrefslogtreecommitdiff
path: root/unittest
diff options
context:
space:
mode:
authorszszszsz <szszszsz@users.noreply.github.com>2016-09-10 11:02:38 +0200
committerGitHub <noreply@github.com>2016-09-10 11:02:38 +0200
commitb16e89ad4445fe9bbb66e8e7f8771a6ca6b333cf (patch)
treed332db36123c80ac84474c75b9be4acdff81bf54 /unittest
parente164c5f3dc74fb2335b1fc573ce446cdd76a07dc (diff)
parenta46491a97da08e495c92bba8046426678b5564f7 (diff)
downloadlibnitrokey-b16e89ad4445fe9bbb66e8e7f8771a6ca6b333cf.tar.gz
libnitrokey-b16e89ad4445fe9bbb66e8e7f8771a6ca6b333cf.tar.bz2
Merge pull request #36 from Nitrokey/issue_31-secret_as_hex
#31 pass secret to OTP as hex (breaking change - previously any string was accepted)
Diffstat (limited to 'unittest')
-rw-r--r--unittest/test.cc12
-rw-r--r--unittest/test_HOTP.cc2
-rw-r--r--unittest/test_bindings.py33
3 files changed, 38 insertions, 9 deletions
diff --git a/unittest/test.cc b/unittest/test.cc
index 6267512..6744b45 100644
--- a/unittest/test.cc
+++ b/unittest/test.cc
@@ -18,7 +18,7 @@ std::string getSlotName(Stick10 &stick, int slotNo) {
auto slot_req = get_payload<ReadSlot>();
slot_req.slot_number = slotNo;
auto slot = ReadSlot::CommandTransaction::run(stick, slot_req);
- std::string sName(reinterpret_cast<char *>(slot.slot_name));
+ std::string sName(reinterpret_cast<char *>(slot.data().slot_name));
return sName;
}
@@ -47,18 +47,18 @@ TEST_CASE("Slot names are correct", "[slotNames]") {
{
auto resp = GetPasswordRetryCount::CommandTransaction::run(stick);
- REQUIRE(resp.password_retry_count == 3);
+ REQUIRE(resp.data().password_retry_count == 3);
}
{
auto resp = GetUserPasswordRetryCount::CommandTransaction::run(stick);
- REQUIRE(resp.password_retry_count == 3);
+ REQUIRE(resp.data().password_retry_count == 3);
}
{
auto slot = get_payload<GetPasswordSafeSlotName>();
slot.slot_number = 0;
auto resp2 = GetPasswordSafeSlotName::CommandTransaction::run(stick, slot);
- std::string sName(reinterpret_cast<char *>(resp2.slot_name));
+ std::string sName(reinterpret_cast<char *>(resp2.data().slot_name));
REQUIRE(sName == std::string("web1"));
}
@@ -67,7 +67,7 @@ TEST_CASE("Slot names are correct", "[slotNames]") {
slot.slot_number = 0;
auto resp2 =
GetPasswordSafeSlotPassword::CommandTransaction::run(stick, slot);
- std::string sName(reinterpret_cast<char *>(resp2.slot_password));
+ std::string sName(reinterpret_cast<char *>(resp2.data().slot_password));
REQUIRE(sName == std::string("pass1"));
}
@@ -75,7 +75,7 @@ TEST_CASE("Slot names are correct", "[slotNames]") {
auto slot = get_payload<GetPasswordSafeSlotLogin>();
slot.slot_number = 0;
auto resp2 = GetPasswordSafeSlotLogin::CommandTransaction::run(stick, slot);
- std::string sName(reinterpret_cast<char *>(resp2.slot_login));
+ std::string sName(reinterpret_cast<char *>(resp2.data().slot_login));
REQUIRE(sName == std::string("login1"));
}
diff --git a/unittest/test_HOTP.cc b/unittest/test_HOTP.cc
index f25bad4..d31df55 100644
--- a/unittest/test_HOTP.cc
+++ b/unittest/test_HOTP.cc
@@ -84,7 +84,7 @@ TEST_CASE("Test HOTP codes according to RFC", "[HOTP]") {
auto gh = get_payload<GetHOTP>();
gh.slot_number = 0x10;
auto resp = GetHOTP::CommandTransaction::run(stick, gh);
- REQUIRE( resp.code == code);
+ REQUIRE( resp.data().code == code);
}
//checking slot programmed before with nitro-app
/*
diff --git a/unittest/test_bindings.py b/unittest/test_bindings.py
index eeda247..9c266aa 100644
--- a/unittest/test_bindings.py
+++ b/unittest/test_bindings.py
@@ -5,8 +5,16 @@ from enum import Enum
ffi = cffi.FFI()
gs = ffi.string
-RFC_SECRET = '12345678901234567890'
+def to_hex(s):
+ return "".join("{:02x}".format(ord(c)) for c in s)
+
+
+RFC_SECRET_HR = '12345678901234567890'
+RFC_SECRET = to_hex(RFC_SECRET_HR) # '12345678901234567890'
+
+
+# print( repr((RFC_SECRET, RFC_SECRET_, len(RFC_SECRET))) )
class DefaultPasswords(Enum):
ADMIN = '12345678'
@@ -26,6 +34,8 @@ class DeviceErrorCode(Enum):
class LibraryErrors(Enum):
TOO_LONG_STRING = 200
INVALID_SLOT = 201
+ INVALID_HEX_STRING = 202
+ TARGET_BUFFER_SIZE_SMALLER_THAN_SOURCE = 203
@pytest.fixture(scope="module")
@@ -214,7 +224,7 @@ def test_invalid_slot(C):
invalid_slot = 255
assert C.NK_erase_totp_slot(invalid_slot, 'some password') == LibraryErrors.INVALID_SLOT
assert C.NK_write_hotp_slot(invalid_slot, 'long_test', RFC_SECRET, 0, False, False, False, "",
- 'aaa') == LibraryErrors.INVALID_SLOT
+ 'aaa') == LibraryErrors.INVALID_SLOT
assert C.NK_get_hotp_code_PIN(invalid_slot, 'some password') == 0
assert C.NK_get_last_command_status() == LibraryErrors.INVALID_SLOT
assert C.NK_erase_password_safe_slot(invalid_slot) == LibraryErrors.INVALID_SLOT
@@ -503,3 +513,22 @@ def test_get_serial_number(C):
sn = gs(sn)
assert len(sn) > 0
print(('Serial number of the device: ', sn))
+
+
+@pytest.mark.parametrize("invalid_hex_string",
+ ['text', '00 ', '0xff', 'zzzzzzzzzzzz', 'fff', '', 'f' * 257, 'f' * 258])
+def test_invalid_secret_hex_string_for_OTP_write(C, invalid_hex_string):
+ """
+ Tests for invalid secret hex string during writing to OTP slot. Invalid strings are not hexadecimal number,
+ empty or longer than 255 characters.
+ """
+ assert C.NK_write_hotp_slot(1, 'slot_name', invalid_hex_string, 0, True, False, False, '',
+ DefaultPasswords.ADMIN_TEMP) == LibraryErrors.INVALID_HEX_STRING
+ assert C.NK_write_totp_slot(1, 'python_test', invalid_hex_string, 30, True, False, False, "",
+ DefaultPasswords.ADMIN_TEMP) == LibraryErrors.INVALID_HEX_STRING
+
+
+def test_warning_binary_bigger_than_secret_buffer(C):
+ invalid_hex_string = to_hex('1234567890') * 3
+ assert C.NK_write_hotp_slot(1, 'slot_name', invalid_hex_string, 0, True, False, False, '',
+ DefaultPasswords.ADMIN_TEMP) == LibraryErrors.TARGET_BUFFER_SIZE_SMALLER_THAN_SOURCE