From 955fb912ab9563a5246f9d3bfda9ccfab187949f Mon Sep 17 00:00:00 2001
From: Szczepan Zalega <szczepan.zalega@gmail.com>
Date: Tue, 29 Mar 2016 13:04:52 +0200
Subject: adding next steps for hotp tests: writing, reading and authorization
 for writing hotp code

---
 include/device_proto.h     |  9 +++++++++
 include/stick10_commands.h | 25 +++++++++++++++++++------
 unittest/test_HOTP.cc      | 25 +++++++++++++++++++------
 3 files changed, 47 insertions(+), 12 deletions(-)

diff --git a/include/device_proto.h b/include/device_proto.h
index f2ed84d..e05a303 100644
--- a/include/device_proto.h
+++ b/include/device_proto.h
@@ -151,6 +151,15 @@ class Transaction : semantics::non_constructible {
   static_assert(sizeof(ResponsePacket) == HID_REPORT_SIZE,
                 "ResponsePacket type is not the right size");
 
+  static uint32_t getCRC(
+          const command_payload &payload) {
+    OutgoingPacket outp;
+    outp.initialize();
+    outp.payload = payload;
+    outp.update_CRC();
+    return outp.crc;
+  }
+
   static response_payload run(device::Device &dev,
                               const command_payload &payload) {
     using namespace ::nitrokey::device;
diff --git a/include/stick10_commands.h b/include/stick10_commands.h
index 1c21eee..60c947f 100644
--- a/include/stick10_commands.h
+++ b/include/stick10_commands.h
@@ -127,7 +127,7 @@ class GetHOTP : Command<CommandID::GET_CODE> {
   struct CommandPayload {
     uint8_t slot_number;
 
-    bool isValid() const { return !(slot_number & 0xF0); }
+    bool isValid() const { return (slot_number & 0xF0); }
     std::string dissect() const {
       std::stringstream ss;
       ss << "slot_number:\t" << (int)(slot_number) << std::endl;
@@ -146,7 +146,7 @@ class GetHOTP : Command<CommandID::GET_CODE> {
     }
   } __packed;
 
-  typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+  typedef Transaction<command_id(), struct CommandPayload, struct ResponsePayload>
       CommandTransaction;
 };
 
@@ -473,8 +473,15 @@ class UserAuthenticate : Command<CommandID::USER_AUTHENTICATE> {
 class Authorize : Command<CommandID::AUTHORIZE> {
  public:
   struct CommandPayload {
-    uint8_t crc[4];
-    uint8_t password[25];
+    uint32_t  crc_to_authorize;
+    uint8_t temporary_password[25];
+
+    std::string dissect() const {
+      std::stringstream ss;
+      ss << "  crc_to_authorize:\t" <<   crc_to_authorize<< std::endl;
+      ss << " temporary_password:\t" << temporary_password<< std::endl;
+      return ss.str();
+    }
   } __packed;
 
   typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
@@ -484,8 +491,14 @@ class Authorize : Command<CommandID::AUTHORIZE> {
 class UserAuthorize : Command<CommandID::USER_AUTHORIZE> {
  public:
   struct CommandPayload {
-    uint8_t crc[4];
-    uint8_t password[25];
+    uint8_t crc_to_authorize[4];
+    uint8_t temporary_password[25];
+    std::string dissect() const {
+      std::stringstream ss;
+      ss << " crc_to_authorize:\t" <<  crc_to_authorize<< std::endl;
+      ss << " temporary_password:\t" << temporary_password<< std::endl;
+      return ss.str();
+    }
   } __packed;
 
   typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
diff --git a/unittest/test_HOTP.cc b/unittest/test_HOTP.cc
index a61bc28..bc3650a 100644
--- a/unittest/test_HOTP.cc
+++ b/unittest/test_HOTP.cc
@@ -51,15 +51,17 @@ TEST_CASE("Slot names are correct", "[slotNames]") {
 
   auto resp = GetStatus::CommandTransaction::run(stick);
 
+  const char * temporary_password = "123456789012345678901234";
   {
-  FirstAuthenticate::CommandTransaction::CommandPayload authreq;
-  strcpy((char *)(authreq.card_password), "12345678");
-  FirstAuthenticate::CommandTransaction::run(stick, authreq);
+      FirstAuthenticate::CommandTransaction::CommandPayload authreq;
+      strcpy((char *)(authreq.card_password), "12345678");
+     // strcpy((char *)(authreq.temporary_password), temporary_password);
+      FirstAuthenticate::CommandTransaction::run(stick, authreq);
   }
 
   {
     WriteToHOTPSlot::CommandTransaction::CommandPayload hwrite;
-    hwrite.slot_number = 0xF;
+    hwrite.slot_number = 0x10;
     strcpy(reinterpret_cast<char *>(hwrite.slot_name), "rfc_test");
     //strcpy(reinterpret_cast<char *>(hwrite.slot_secret), "");
     const char* secretHex = "3132333435363738393031323334353637383930";
@@ -67,11 +69,22 @@ TEST_CASE("Slot names are correct", "[slotNames]") {
     //hwrite.slot_config;
     strcpy(reinterpret_cast<char *>(hwrite.slot_token_id), "");
     strcpy(reinterpret_cast<char *>(hwrite.slot_counter), "");
+
+    //authorize writehotp first
+    {
+        Authorize::CommandTransaction::CommandPayload auth;
+        // strcpy((char *)(auth.temporary_password), temporary_password);
+        auth.crc_to_authorize = WriteToHOTPSlot::CommandTransaction::getCRC(hwrite);
+        Authorize::CommandTransaction::run(stick, auth);
+  }
+    
+    //run hotp command
     WriteToHOTPSlot::CommandTransaction::run(stick, hwrite);
 
     GetHOTP::CommandTransaction::CommandPayload gh;
-    gh.slot_number =  0xF;
-    GetHOTP::CommandTransaction::run(stick, gh);
+    gh.slot_number =  0x10;
+    auto resp = GetHOTP::CommandTransaction::run(stick, gh);
+    REQUIRE( string(reinterpret_cast<char *>(resp.code)) == "755224");
 
   }
 
-- 
cgit v1.2.1