From 55f9b7293c22bbedd5a972fa8f1946dfd57d9c7a Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 25 Feb 2020 14:10:30 +0100 Subject: Data retention test. Refactoring. Helper functions. --- unittest/constants.py | 8 +++----- unittest/helpers.py | 35 ++++++++++++++++++++++++++++++++--- unittest/misc.py | 4 ++++ unittest/test_multiple.py | 4 ++-- unittest/test_pro.py | 30 +++++++----------------------- unittest/test_pro_bootloader.py | 17 +++++++---------- unittest/test_storage.py | 4 ++-- 7 files changed, 57 insertions(+), 45 deletions(-) diff --git a/unittest/constants.py b/unittest/constants.py index b73dfe8..4047f59 100644 --- a/unittest/constants.py +++ b/unittest/constants.py @@ -18,10 +18,7 @@ along with libnitrokey. If not, see . SPDX-License-Identifier: LGPL-3.0 """ - -from misc import to_hex - - +from misc import to_hex, bb RFC_SECRET_HR = '12345678901234567890' RFC_SECRET = to_hex(RFC_SECRET_HR) # '31323334353637383930...' @@ -61,4 +58,5 @@ class LibraryErrors: HOTP_slot_count = 3 -TOTP_slot_count = 15 \ No newline at end of file +TOTP_slot_count = 15 +PWS_SLOT_COUNT = 16 diff --git a/unittest/helpers.py b/unittest/helpers.py index 79f4e1e..90c818e 100644 --- a/unittest/helpers.py +++ b/unittest/helpers.py @@ -1,5 +1,5 @@ -def bb(x): - return bytes(x, encoding='ascii') +from constants import DeviceErrorCode, PWS_SLOT_COUNT, DefaultPasswords +from misc import gs, bb def helper_fill(str_to_fill, target_width): @@ -19,4 +19,33 @@ def helper_PWS_get_loginname(suffix): def helper_PWS_get_slotname(suffix): - return helper_fill('slotname' + suffix, 11) \ No newline at end of file + return helper_fill('slotname' + suffix, 11) + + +def helper_check_device_for_data(C): + assert C.NK_lock_device() == DeviceErrorCode.STATUS_OK + assert C.NK_enable_password_safe(DefaultPasswords.USER) == DeviceErrorCode.STATUS_OK + + for i in range(0, PWS_SLOT_COUNT): + iss = str(i) + assert gs(C.NK_get_password_safe_slot_name(i)) == helper_PWS_get_slotname(iss) + assert gs(C.NK_get_password_safe_slot_login(i)) == helper_PWS_get_loginname(iss) + assert gs(C.NK_get_password_safe_slot_password(i)) == helper_PWS_get_pass(iss) + return True + + +def helper_populate_device(C): + # FIXME use object with random data, and check against it + # FIXME generate OTP as well, and check codes against its secrets + assert C.NK_lock_device() == DeviceErrorCode.STATUS_OK + res = C.NK_enable_password_safe(DefaultPasswords.USER) + if res != DeviceErrorCode.STATUS_OK: + assert C.NK_build_aes_key(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK + assert C.NK_enable_password_safe(DefaultPasswords.USER) == DeviceErrorCode.STATUS_OK + + for i in range(0, PWS_SLOT_COUNT): + iss = str(i) + assert C.NK_write_password_safe_slot(i, + helper_PWS_get_slotname(iss), helper_PWS_get_loginname(iss), + helper_PWS_get_pass(iss)) == DeviceErrorCode.STATUS_OK + return True diff --git a/unittest/misc.py b/unittest/misc.py index e9e1753..6a0d486 100644 --- a/unittest/misc.py +++ b/unittest/misc.py @@ -72,3 +72,7 @@ def is_long_OTP_secret_handled(C): def has_binary_counter(C): return (not is_storage(C)) or (is_storage(C) and get_devices_firmware_version(C) >= 54) + + +def bb(x): + return bytes(x, encoding='ascii') \ No newline at end of file diff --git a/unittest/test_multiple.py b/unittest/test_multiple.py index 821a3b7..96b23d7 100644 --- a/unittest/test_multiple.py +++ b/unittest/test_multiple.py @@ -28,8 +28,8 @@ from collections import defaultdict from tqdm import tqdm from conftest import skip_if_device_version_lower_than -from constants import DefaultPasswords, DeviceErrorCode, bb -from misc import gs, wait, ffi +from constants import DefaultPasswords, DeviceErrorCode +from misc import gs, wait, ffi, bb pprint = pprint.PrettyPrinter(indent=4).pprint diff --git a/unittest/test_pro.py b/unittest/test_pro.py index 13efd28..99d7b1f 100644 --- a/unittest/test_pro.py +++ b/unittest/test_pro.py @@ -24,8 +24,8 @@ import pytest from conftest import skip_if_device_version_lower_than from constants import DefaultPasswords, DeviceErrorCode, RFC_SECRET, bbRFC_SECRET, LibraryErrors, HOTP_slot_count, \ TOTP_slot_count -from helpers import helper_PWS_get_slotname, helper_PWS_get_loginname, helper_PWS_get_pass, bb -from misc import ffi, gs, wait, cast_pointer_to_tuple, has_binary_counter +from helpers import helper_PWS_get_slotname, helper_PWS_get_loginname, helper_PWS_get_pass +from misc import ffi, gs, wait, cast_pointer_to_tuple, has_binary_counter, bb from misc import is_storage @pytest.mark.lock_device @@ -51,37 +51,21 @@ def test_write_password_safe_slot(C): @pytest.mark.PWS @pytest.mark.slowtest def test_write_all_password_safe_slots_and_read_10_times(C): - def fill(s, wid): - assert wid >= len(s) - numbers = '1234567890'*4 - s += numbers[:wid-len(s)] - assert len(s) == wid - return bb(s) - - def get_pass(suffix): - return fill('pass' + suffix, 20) - - def get_loginname(suffix): - return fill('login' + suffix, 32) - - def get_slotname(suffix): - return fill('slotname' + suffix, 11) - assert C.NK_lock_device() == DeviceErrorCode.STATUS_OK assert C.NK_enable_password_safe(DefaultPasswords.USER) == DeviceErrorCode.STATUS_OK PWS_slot_count = 16 for i in range(0, PWS_slot_count): iss = str(i) assert C.NK_write_password_safe_slot(i, - get_slotname(iss), get_loginname(iss), - get_pass(iss)) == DeviceErrorCode.STATUS_OK + helper_PWS_get_slotname(iss), helper_PWS_get_loginname(iss), + helper_PWS_get_pass(iss)) == DeviceErrorCode.STATUS_OK for j in range(0, 10): for i in range(0, PWS_slot_count): iss = str(i) - assert gs(C.NK_get_password_safe_slot_name(i)) == get_slotname(iss) - assert gs(C.NK_get_password_safe_slot_login(i)) == get_loginname(iss) - assert gs(C.NK_get_password_safe_slot_password(i)) == get_pass(iss) + assert gs(C.NK_get_password_safe_slot_name(i)) == helper_PWS_get_slotname(iss) + assert gs(C.NK_get_password_safe_slot_login(i)) == helper_PWS_get_loginname(iss) + assert gs(C.NK_get_password_safe_slot_password(i)) == helper_PWS_get_pass(iss) @pytest.mark.lock_device diff --git a/unittest/test_pro_bootloader.py b/unittest/test_pro_bootloader.py index 4a6b272..b33a9d7 100644 --- a/unittest/test_pro_bootloader.py +++ b/unittest/test_pro_bootloader.py @@ -1,7 +1,8 @@ import pytest -from conftest import skip_if_device_version_lower_than +from conftest import skip_if_device_version_lower_than, library_device_reconnect from constants import DefaultPasswords, DeviceErrorCode, LibraryErrors +from helpers import helper_populate_device, helper_check_device_for_data @pytest.mark.firmware @@ -58,16 +59,12 @@ def test_bootloader_password_change_pro_too_long(C): @pytest.mark.skip_by_default @pytest.mark.firmware -def test_bootloader_data_rention_test(C): +def test_bootloader_data_rention(C): skip_if_device_version_lower_than({'P': 11}) - def populate_device(): - return False - - def check_data_on_device(): - return False - - assert populate_device() + assert helper_populate_device(C) assert C.NK_enable_firmware_update_pro(DefaultPasswords.UPDATE) == DeviceErrorCode.STATUS_DISCONNECTED input('Please press ENTER after uploading new firmware to the device') - assert check_data_on_device() + C = library_device_reconnect(C) + assert helper_check_device_for_data(C) + diff --git a/unittest/test_storage.py b/unittest/test_storage.py index 0f960cc..a435a15 100644 --- a/unittest/test_storage.py +++ b/unittest/test_storage.py @@ -23,8 +23,8 @@ import pprint import pytest from conftest import skip_if_device_version_lower_than -from constants import DefaultPasswords, DeviceErrorCode, bb -from misc import gs, wait, ffi +from constants import DefaultPasswords, DeviceErrorCode +from misc import gs, wait, ffi, bb pprint = pprint.PrettyPrinter(indent=4).pprint -- cgit v1.2.1