From b37e5990aa409689e5d6162776583616ac03e0ac Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Mon, 25 Jul 2016 18:32:59 +0200 Subject: Enabling password safe and password safe status (latter not working yet) Signed-off-by: Szczepan Zalega --- NK_C_API.cc | 22 ++++++++++++++++++++++ NK_C_API.h | 2 ++ NitrokeyManager.cc | 10 ++++++++++ include/NitrokeyManager.h | 4 ++++ include/stick10_commands.h | 16 ++++++++++++++++ unittest/test_bindings.py | 21 +++++++++++++++++---- 6 files changed, 71 insertions(+), 4 deletions(-) diff --git a/NK_C_API.cc b/NK_C_API.cc index 2531982..77bd181 100644 --- a/NK_C_API.cc +++ b/NK_C_API.cc @@ -197,5 +197,27 @@ extern int NK_change_user_PIN(char *current_PIN, char *new_PIN){ return 0; } +extern int NK_enable_password_safe(const char *user_pin){ + auto m = NitrokeyManager::instance(); + try { + m->enable_password_safe(user_pin); + } + catch (CommandFailedException & commandFailedException){ + NK_last_command_status = commandFailedException.last_command_status; + return commandFailedException.last_command_status; + } + return 0; +} +extern int NK_get_password_safe_slot_status(){ + auto m = NitrokeyManager::instance(); + try { + m->get_password_safe_slot_status(); + } + catch (CommandFailedException & commandFailedException){ + NK_last_command_status = commandFailedException.last_command_status; + return commandFailedException.last_command_status; + } + return 0; +} } \ No newline at end of file diff --git a/NK_C_API.h b/NK_C_API.h index aef6182..16c75ee 100644 --- a/NK_C_API.h +++ b/NK_C_API.h @@ -25,6 +25,8 @@ extern int NK_totp_get_time(); extern uint8_t NK_get_last_command_status(); extern int NK_change_admin_PIN(char *current_PIN, char *new_PIN); extern int NK_change_user_PIN(char *current_PIN, char *new_PIN); +extern int NK_enable_password_safe(const char *user_pin); +extern int NK_get_password_safe_slot_status(); } diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 2b46927..fd2189e 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -213,5 +213,15 @@ namespace nitrokey{ ChangeAdminPin::CommandTransaction::run(*device, p); } + void NitrokeyManager::enable_password_safe(const char *user_pin) { + auto p = get_payload(); + strcpyT(p.password, user_pin); + EnablePasswordSafe::CommandTransaction::run(*device, p); + } + + void NitrokeyManager::get_password_safe_slot_status() { + GetPasswordSafeSlotStatus::CommandTransaction::run(*device); + } + } \ No newline at end of file diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index a3399fa..6f4ab75 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -40,6 +40,10 @@ namespace nitrokey { void change_user_PIN(char *current_PIN, char *new_PIN); void change_admin_PIN(char *current_PIN, char *new_PIN); + void enable_password_safe(const char *user_pin); + + void get_password_safe_slot_status(); + private: NitrokeyManager(); ~NitrokeyManager(); diff --git a/include/stick10_commands.h b/include/stick10_commands.h index d923d93..c8eda03 100644 --- a/include/stick10_commands.h +++ b/include/stick10_commands.h @@ -340,12 +340,28 @@ class GetUserPasswordRetryCount CommandTransaction; }; + template + void write_array(T &ss, Q (&arr)[N]){ + ss << std::hex << std::setfill('0') << std::setw(2); + for (int i=0; i { public: struct ResponsePayload { uint8_t password_safe_status[PWS_SLOT_COUNT]; bool isValid() const { return true; } + std::string dissect() const { + std::stringstream ss; + ss << "password_safe_status\t"; + write_array(ss, password_safe_status); + return ss.str(); + } } __packed; typedef Transaction diff --git a/unittest/test_bindings.py b/unittest/test_bindings.py index 6e87c65..ac77140 100644 --- a/unittest/test_bindings.py +++ b/unittest/test_bindings.py @@ -4,10 +4,12 @@ from enum import Enum RFC_SECRET = '12345678901234567890' + class DefaultPasswords(Enum): ADMIN = '12345678' USER = '123456' + class DeviceErrorCode(Enum): STATUS_OK = 0 NOT_PROGRAMMED = 3 @@ -16,6 +18,7 @@ class DeviceErrorCode(Enum): ffi = cffi.FFI() + @pytest.fixture(scope="module") def C(request): fp = '../NK_C_API.h' @@ -32,31 +35,41 @@ def C(request): ffi.cdef(declaration) C = ffi.dlopen("../build/libnitrokey.so") + C.NK_set_debug(False) C.NK_login('12345678', '123123123') # C.NK_set_debug(True) def fin(): + print ('\nFinishing connection to device') C.NK_logout() + print ('Finished') request.addfinalizer(fin) return C -def test_admin_PIN_change(C): +def test_enable_password_safe(C): + assert C.NK_enable_password_safe('wrong_password') == DeviceErrorCode.WRONG_PASSWORD + assert C.NK_enable_password_safe(DefaultPasswords.USER) == DeviceErrorCode.STATUS_OK + + +def test_password_safe_slot_status(C): C.NK_set_debug(True) + assert C.NK_get_password_safe_slot_status() == DeviceErrorCode.STATUS_OK + C.NK_set_debug(False) + + +def test_admin_PIN_change(C): assert C.NK_change_admin_PIN('wrong_password', '123123123') == DeviceErrorCode.WRONG_PASSWORD assert C.NK_change_admin_PIN(DefaultPasswords.ADMIN, '123123123') == DeviceErrorCode.STATUS_OK assert C.NK_change_admin_PIN('123123123', DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK - C.NK_set_debug(False) def test_user_PIN_change(C): - C.NK_set_debug(True) assert C.NK_change_user_PIN('wrong_password', '123123123') == DeviceErrorCode.WRONG_PASSWORD assert C.NK_change_user_PIN(DefaultPasswords.USER, '123123123') == DeviceErrorCode.STATUS_OK assert C.NK_change_user_PIN('123123123', DefaultPasswords.USER) == DeviceErrorCode.STATUS_OK - C.NK_set_debug(False) def test_HOTP_RFC(C): -- cgit v1.2.3