From ecf3474223ca3d16a10f12dc2272e3b0ed72c1bb Mon Sep 17 00:00:00 2001 From: Daniel Mueller Date: Wed, 2 Jan 2019 21:14:10 -0800 Subject: Update nitrokey crate to 0.2.3 This change updates the nitrokey crate to version 0.2.3. This version bumps the rand crate used to 0.6.1, which in turn requires an additional set of dependencies. Import subrepo nitrokey/:nitrokey at b3e2adc5bb1300441ca74cc7672617c042f3ea31 Import subrepo rand/:rand at 73613ff903512e9503e41cc8ba9eae76269dc598 Import subrepo rustc_version/:rustc_version at 0294f2ba2018bf7be672abd53db351ce5055fa02 Import subrepo semver-parser/:semver-parser at 750da9b11a04125231b1fb293866ca036845acee Import subrepo semver/:semver at 5eb6db94fa03f4d5c64a625a56188f496be47598 --- nitrokey/src/tests/device.rs | 304 ------------------------------------------- nitrokey/src/tests/mod.rs | 4 - nitrokey/src/tests/otp.rs | 283 ---------------------------------------- nitrokey/src/tests/pws.rs | 143 -------------------- nitrokey/src/tests/util.rs | 11 -- 5 files changed, 745 deletions(-) delete mode 100644 nitrokey/src/tests/device.rs delete mode 100644 nitrokey/src/tests/mod.rs delete mode 100644 nitrokey/src/tests/otp.rs delete mode 100644 nitrokey/src/tests/pws.rs delete mode 100644 nitrokey/src/tests/util.rs (limited to 'nitrokey/src/tests') diff --git a/nitrokey/src/tests/device.rs b/nitrokey/src/tests/device.rs deleted file mode 100644 index fed465d..0000000 --- a/nitrokey/src/tests/device.rs +++ /dev/null @@ -1,304 +0,0 @@ -use std::ffi::CStr; -use std::process::Command; -use std::{thread, time}; -use tests::util::{Target, ADMIN_PASSWORD, USER_PASSWORD}; -use {Authenticate, CommandError, Config, Device, Storage}; - -static ADMIN_NEW_PASSWORD: &str = "1234567890"; -static USER_NEW_PASSWORD: &str = "abcdefghij"; - -fn count_nitrokey_block_devices() -> usize { - thread::sleep(time::Duration::from_secs(2)); - let output = Command::new("lsblk") - .args(&["-o", "MODEL"]) - .output() - .expect("Could not list block devices"); - String::from_utf8_lossy(&output.stdout) - .split("\n") - .filter(|&s| s == "Nitrokey Storage") - .count() -} - -#[test] -#[cfg_attr(not(feature = "test-no-device"), ignore)] -fn connect_no_device() { - assert!(::connect().is_err()); - assert!(::Pro::connect().is_err()); - assert!(::Storage::connect().is_err()); -} - -#[test] -#[cfg_attr(not(feature = "test-pro"), ignore)] -fn connect_pro() { - assert!(::connect().is_ok()); - assert!(::Pro::connect().is_ok()); - assert!(::Storage::connect().is_err()); - match ::connect().unwrap() { - ::DeviceWrapper::Pro(_) => assert!(true), - ::DeviceWrapper::Storage(_) => assert!(false), - }; -} - -#[test] -#[cfg_attr(not(feature = "test-storage"), ignore)] -fn connect_storage() { - assert!(::connect().is_ok()); - assert!(::Pro::connect().is_err()); - assert!(::Storage::connect().is_ok()); - match ::connect().unwrap() { - ::DeviceWrapper::Pro(_) => assert!(false), - ::DeviceWrapper::Storage(_) => assert!(true), - }; -} - -fn assert_empty_serial_number() { - unsafe { - let ptr = ::nitrokey_sys::NK_device_serial_number(); - assert!(!ptr.is_null()); - let cstr = CStr::from_ptr(ptr); - assert_eq!(cstr.to_string_lossy(), ""); - } -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn disconnect() { - Target::connect().unwrap(); - assert_empty_serial_number(); - Target::connect() - .unwrap() - .authenticate_admin(ADMIN_PASSWORD) - .unwrap(); - assert_empty_serial_number(); - Target::connect() - .unwrap() - .authenticate_user(USER_PASSWORD) - .unwrap(); - assert_empty_serial_number(); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn get_serial_number() { - let device = Target::connect().unwrap(); - let result = device.get_serial_number(); - assert!(result.is_ok()); - let serial_number = result.unwrap(); - assert!(serial_number.is_ascii()); - assert!(serial_number.chars().all(|c| c.is_ascii_hexdigit())); -} -#[test] -#[cfg_attr(not(feature = "test-pro"), ignore)] -fn get_firmware_version() { - let device = Target::connect().unwrap(); - assert_eq!(0, device.get_major_firmware_version()); - let minor = device.get_minor_firmware_version(); - assert!(minor > 0); -} - -fn admin_retry(device: T, suffix: &str, count: u8) -> T { - let result = device.authenticate_admin(&(ADMIN_PASSWORD.to_owned() + suffix)); - let device = match result { - Ok(admin) => admin.device(), - Err((device, _)) => device, - }; - assert_eq!(count, device.get_admin_retry_count()); - return device; -} - -fn user_retry(device: T, suffix: &str, count: u8) -> T { - let result = device.authenticate_user(&(USER_PASSWORD.to_owned() + suffix)); - let device = match result { - Ok(admin) => admin.device(), - Err((device, _)) => device, - }; - assert_eq!(count, device.get_user_retry_count()); - return device; -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn get_retry_count() { - let device = Target::connect().unwrap(); - - let device = admin_retry(device, "", 3); - let device = admin_retry(device, "123", 2); - let device = admin_retry(device, "456", 1); - let device = admin_retry(device, "", 3); - - let device = user_retry(device, "", 3); - let device = user_retry(device, "123", 2); - let device = user_retry(device, "456", 1); - user_retry(device, "", 3); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn config() { - let device = Target::connect().unwrap(); - let admin = device.authenticate_admin(ADMIN_PASSWORD).unwrap(); - let config = Config::new(None, None, None, true); - assert!(admin.write_config(config).is_ok()); - let get_config = admin.get_config().unwrap(); - assert_eq!(config, get_config); - - let config = Config::new(None, Some(9), None, true); - assert_eq!(Err(CommandError::InvalidSlot), admin.write_config(config)); - - let config = Config::new(Some(1), None, Some(0), false); - assert!(admin.write_config(config).is_ok()); - let get_config = admin.get_config().unwrap(); - assert_eq!(config, get_config); - - let config = Config::new(None, None, None, false); - assert!(admin.write_config(config).is_ok()); - let get_config = admin.get_config().unwrap(); - assert_eq!(config, get_config); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn change_user_pin() { - let device = Target::connect().unwrap(); - let device = device.authenticate_user(USER_PASSWORD).unwrap().device(); - let device = device.authenticate_user(USER_NEW_PASSWORD).unwrap_err().0; - - assert!( - device - .change_user_pin(USER_PASSWORD, USER_NEW_PASSWORD) - .is_ok() - ); - - let device = device.authenticate_user(USER_PASSWORD).unwrap_err().0; - let device = device - .authenticate_user(USER_NEW_PASSWORD) - .unwrap() - .device(); - - let result = device.change_user_pin(USER_PASSWORD, USER_PASSWORD); - assert_eq!(Err(CommandError::WrongPassword), result); - - assert!( - device - .change_user_pin(USER_NEW_PASSWORD, USER_PASSWORD) - .is_ok() - ); - - let device = device.authenticate_user(USER_PASSWORD).unwrap().device(); - assert!(device.authenticate_user(USER_NEW_PASSWORD).is_err()); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn change_admin_pin() { - let device = Target::connect().unwrap(); - let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap().device(); - let device = device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap_err().0; - - assert!( - device - .change_admin_pin(ADMIN_PASSWORD, ADMIN_NEW_PASSWORD) - .is_ok() - ); - - let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap_err().0; - let device = device - .authenticate_admin(ADMIN_NEW_PASSWORD) - .unwrap() - .device(); - - assert_eq!( - Err(CommandError::WrongPassword), - device.change_admin_pin(ADMIN_PASSWORD, ADMIN_PASSWORD) - ); - - assert!( - device - .change_admin_pin(ADMIN_NEW_PASSWORD, ADMIN_PASSWORD) - .is_ok() - ); - - let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap().device(); - device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap_err(); -} - -fn require_failed_user_login(device: Target, password: &str, error: CommandError) -> Target { - let result = device.authenticate_user(password); - assert!(result.is_err()); - let err = result.unwrap_err(); - assert_eq!(error, err.1); - err.0 -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn unlock_user_pin() { - let device = Target::connect().unwrap(); - let device = device.authenticate_user(USER_PASSWORD).unwrap().device(); - assert!( - device - .unlock_user_pin(ADMIN_PASSWORD, USER_PASSWORD) - .is_ok() - ); - assert_eq!( - Err(CommandError::WrongPassword), - device.unlock_user_pin(USER_PASSWORD, USER_PASSWORD) - ); - - let wrong_password = USER_PASSWORD.to_owned() + "foo"; - let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword); - let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword); - let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword); - let device = require_failed_user_login(device, USER_PASSWORD, CommandError::WrongPassword); - - assert_eq!( - Err(CommandError::WrongPassword), - device.unlock_user_pin(USER_PASSWORD, USER_PASSWORD) - ); - assert!( - device - .unlock_user_pin(ADMIN_PASSWORD, USER_PASSWORD) - .is_ok() - ); - device.authenticate_user(USER_PASSWORD).unwrap(); -} - -#[test] -#[cfg_attr(not(feature = "test-storage"), ignore)] -fn encrypted_volume() { - let device = Storage::connect().unwrap(); - assert!(device.lock().is_ok()); - - assert_eq!(1, count_nitrokey_block_devices()); - assert!(device.disable_encrypted_volume().is_ok()); - assert_eq!(1, count_nitrokey_block_devices()); - assert_eq!( - Err(CommandError::WrongPassword), - device.enable_encrypted_volume("123") - ); - assert_eq!(1, count_nitrokey_block_devices()); - assert!(device.enable_encrypted_volume(USER_PASSWORD).is_ok()); - assert_eq!(2, count_nitrokey_block_devices()); - assert!(device.disable_encrypted_volume().is_ok()); - assert_eq!(1, count_nitrokey_block_devices()); -} - -#[test] -#[cfg_attr(not(feature = "test-storage"), ignore)] -fn lock() { - let device = Storage::connect().unwrap(); - - assert!(device.enable_encrypted_volume(USER_PASSWORD).is_ok()); - assert!(device.lock().is_ok()); - assert_eq!(1, count_nitrokey_block_devices()); -} - -#[test] -#[cfg_attr(not(feature = "test-storage"), ignore)] -fn get_storage_status() { - let device = Storage::connect().unwrap(); - let status = device.get_status().unwrap(); - - assert!(status.serial_number_sd_card > 0); - assert!(status.serial_number_smart_card > 0); -} diff --git a/nitrokey/src/tests/mod.rs b/nitrokey/src/tests/mod.rs deleted file mode 100644 index 34ca0aa..0000000 --- a/nitrokey/src/tests/mod.rs +++ /dev/null @@ -1,4 +0,0 @@ -mod device; -mod otp; -mod pws; -mod util; diff --git a/nitrokey/src/tests/otp.rs b/nitrokey/src/tests/otp.rs deleted file mode 100644 index cf71d9d..0000000 --- a/nitrokey/src/tests/otp.rs +++ /dev/null @@ -1,283 +0,0 @@ -use std::ops::Deref; -use tests::util::{Target, ADMIN_PASSWORD, USER_PASSWORD}; -use {Admin, Authenticate, CommandError, Config, ConfigureOtp, GenerateOtp, OtpMode, OtpSlotData}; - -// test suite according to RFC 4226, Appendix D -static HOTP_SECRET: &str = "3132333435363738393031323334353637383930"; -static HOTP_CODES: &[&str] = &[ - "755224", "287082", "359152", "969429", "338314", "254676", "287922", "162583", "399871", - "520489", -]; - -// test suite according to RFC 6238, Appendix B -static TOTP_SECRET: &str = "3132333435363738393031323334353637383930"; -static TOTP_CODES: &[(u64, &str)] = &[ - (59, "94287082"), - (1111111109, "07081804"), - (1111111111, "14050471"), - (1234567890, "89005924"), - (2000000000, "69279037"), - (20000000000, "65353130"), -]; - -#[derive(PartialEq)] -enum TotpTimestampSize { - U32, - U64, -} - -fn get_admin_test_device() -> Admin { - Target::connect() - .expect("Could not connect to the Nitrokey.") - .authenticate_admin(ADMIN_PASSWORD) - .expect("Could not login as admin.") -} - -fn configure_hotp(admin: &ConfigureOtp, counter: u8) { - let slot_data = OtpSlotData::new(1, "test-hotp", HOTP_SECRET, OtpMode::SixDigits); - assert!(admin.write_hotp_slot(slot_data, counter.into()).is_ok()); -} - -fn check_hotp_codes(device: &GenerateOtp, offset: u8) { - HOTP_CODES.iter().enumerate().for_each(|(i, code)| { - if i >= offset as usize { - let result = device.get_hotp_code(1); - assert_eq!(code, &result.unwrap()); - } - }); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn hotp_no_pin() { - let admin = get_admin_test_device(); - let config = Config::new(None, None, None, false); - assert!(admin.write_config(config).is_ok()); - - configure_hotp(&admin, 0); - check_hotp_codes(admin.deref(), 0); - - configure_hotp(&admin, 5); - check_hotp_codes(admin.deref(), 5); - - configure_hotp(&admin, 0); - check_hotp_codes(&admin.device(), 0); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn hotp_pin() { - let admin = get_admin_test_device(); - let config = Config::new(None, None, None, true); - assert!(admin.write_config(config).is_ok()); - - configure_hotp(&admin, 0); - let user = admin.device().authenticate_user(USER_PASSWORD).unwrap(); - check_hotp_codes(&user, 0); - - assert!(user.device().get_hotp_code(1).is_err()); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn hotp_slot_name() { - let admin = get_admin_test_device(); - let slot_data = OtpSlotData::new(1, "test-hotp", HOTP_SECRET, OtpMode::SixDigits); - assert!(admin.write_hotp_slot(slot_data, 0).is_ok()); - - let device = admin.device(); - let result = device.get_hotp_slot_name(1); - assert_eq!("test-hotp", result.unwrap()); - let result = device.get_hotp_slot_name(4); - assert_eq!(CommandError::InvalidSlot, result.unwrap_err()); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn hotp_error() { - let admin = get_admin_test_device(); - let slot_data = OtpSlotData::new(1, "", HOTP_SECRET, OtpMode::SixDigits); - assert_eq!( - Err(CommandError::NoName), - admin.write_hotp_slot(slot_data, 0) - ); - let slot_data = OtpSlotData::new(4, "test", HOTP_SECRET, OtpMode::SixDigits); - assert_eq!( - Err(CommandError::InvalidSlot), - admin.write_hotp_slot(slot_data, 0) - ); - let code = admin.get_hotp_code(4); - assert_eq!(CommandError::InvalidSlot, code.unwrap_err()); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn hotp_erase() { - let admin = get_admin_test_device(); - let config = Config::new(None, None, None, false); - assert!(admin.write_config(config).is_ok()); - let slot_data = OtpSlotData::new(1, "test1", HOTP_SECRET, OtpMode::SixDigits); - assert!(admin.write_hotp_slot(slot_data, 0).is_ok()); - let slot_data = OtpSlotData::new(2, "test2", HOTP_SECRET, OtpMode::SixDigits); - assert!(admin.write_hotp_slot(slot_data, 0).is_ok()); - - assert!(admin.erase_hotp_slot(1).is_ok()); - - let device = admin.device(); - let result = device.get_hotp_slot_name(1); - assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err()); - let result = device.get_hotp_code(1); - assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err()); - - assert_eq!("test2", device.get_hotp_slot_name(2).unwrap()); -} - -fn configure_totp(admin: &ConfigureOtp, factor: u64) { - let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits); - let time_window = 30u64.checked_mul(factor).unwrap(); - assert!(admin.write_totp_slot(slot_data, time_window as u16).is_ok()); -} - -fn check_totp_codes(device: &GenerateOtp, factor: u64, timestamp_size: TotpTimestampSize) { - for (i, &(base_time, code)) in TOTP_CODES.iter().enumerate() { - let time = base_time.checked_mul(factor).unwrap(); - let is_u64 = time > u32::max_value() as u64; - if is_u64 != (timestamp_size == TotpTimestampSize::U64) { - continue; - } - - assert!(device.set_time(time).is_ok()); - let result = device.get_totp_code(1); - assert!(result.is_ok()); - let result_code = result.unwrap(); - assert_eq!( - code, result_code, - "TOTP code {} should be {} but is {}", - i, code, result_code - ); - } -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn totp_no_pin() { - // TODO: this test may fail due to bad timing --> find solution - let admin = get_admin_test_device(); - let config = Config::new(None, None, None, false); - assert!(admin.write_config(config).is_ok()); - - configure_totp(&admin, 1); - check_totp_codes(admin.deref(), 1, TotpTimestampSize::U32); - - configure_totp(&admin, 2); - check_totp_codes(admin.deref(), 2, TotpTimestampSize::U32); - - configure_totp(&admin, 1); - check_totp_codes(&admin.device(), 1, TotpTimestampSize::U32); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -#[cfg_attr(feature = "test-storage", should_panic(expected = "assertion failed"))] -// Nitrokey Storage does only support timestamps that fit in a 32-bit unsigned integer. Therefore -// the last RFC test case is expected to fail. -fn totp_no_pin_64() { - let admin = get_admin_test_device(); - let config = Config::new(None, None, None, false); - assert!(admin.write_config(config).is_ok()); - - configure_totp(&admin, 1); - check_totp_codes(admin.deref(), 1, TotpTimestampSize::U64); - - configure_totp(&admin, 2); - check_totp_codes(admin.deref(), 2, TotpTimestampSize::U64); - - configure_totp(&admin, 1); - check_totp_codes(&admin.device(), 1, TotpTimestampSize::U64); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn totp_pin() { - // TODO: this test may fail due to bad timing --> find solution - let admin = get_admin_test_device(); - let config = Config::new(None, None, None, true); - assert!(admin.write_config(config).is_ok()); - - configure_totp(&admin, 1); - let user = admin.device().authenticate_user(USER_PASSWORD).unwrap(); - check_totp_codes(&user, 1, TotpTimestampSize::U32); - - assert!(user.device().get_totp_code(1).is_err()); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -#[cfg_attr(feature = "test-storage", should_panic(expected = "assertion failed"))] -// See comment for totp_no_pin_64. -fn totp_pin_64() { - let admin = get_admin_test_device(); - let config = Config::new(None, None, None, true); - assert!(admin.write_config(config).is_ok()); - - configure_totp(&admin, 1); - let user = admin.device().authenticate_user(USER_PASSWORD).unwrap(); - check_totp_codes(&user, 1, TotpTimestampSize::U64); - - assert!(user.device().get_totp_code(1).is_err()); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn totp_slot_name() { - let admin = get_admin_test_device(); - let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits); - assert!(admin.write_totp_slot(slot_data, 0).is_ok()); - - let device = admin.device(); - let result = device.get_totp_slot_name(1); - assert!(result.is_ok()); - assert_eq!("test-totp", result.unwrap()); - let result = device.get_totp_slot_name(16); - assert_eq!(CommandError::InvalidSlot, result.unwrap_err()); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn totp_error() { - let admin = get_admin_test_device(); - let slot_data = OtpSlotData::new(1, "", HOTP_SECRET, OtpMode::SixDigits); - assert_eq!( - Err(CommandError::NoName), - admin.write_hotp_slot(slot_data, 0) - ); - let slot_data = OtpSlotData::new(4, "test", HOTP_SECRET, OtpMode::SixDigits); - assert_eq!( - Err(CommandError::InvalidSlot), - admin.write_hotp_slot(slot_data, 0) - ); - let code = admin.get_hotp_code(4); - assert_eq!(CommandError::InvalidSlot, code.unwrap_err()); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn totp_erase() { - let admin = get_admin_test_device(); - let config = Config::new(None, None, None, false); - assert!(admin.write_config(config).is_ok()); - let slot_data = OtpSlotData::new(1, "test1", TOTP_SECRET, OtpMode::SixDigits); - assert!(admin.write_totp_slot(slot_data, 0).is_ok()); - let slot_data = OtpSlotData::new(2, "test2", TOTP_SECRET, OtpMode::SixDigits); - assert!(admin.write_totp_slot(slot_data, 0).is_ok()); - - assert!(admin.erase_totp_slot(1).is_ok()); - - let device = admin.device(); - let result = device.get_totp_slot_name(1); - assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err()); - let result = device.get_totp_code(1); - assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err()); - - assert_eq!("test2", device.get_totp_slot_name(2).unwrap()); -} diff --git a/nitrokey/src/tests/pws.rs b/nitrokey/src/tests/pws.rs deleted file mode 100644 index f581515..0000000 --- a/nitrokey/src/tests/pws.rs +++ /dev/null @@ -1,143 +0,0 @@ -use device::Device; -use nitrokey_sys; -use pws::{GetPasswordSafe, PasswordSafe, SLOT_COUNT}; -use tests::util::{Target, ADMIN_PASSWORD, USER_PASSWORD}; -use util::{result_from_string, CommandError}; - -fn get_pws(device: &Target) -> PasswordSafe { - device.get_password_safe(USER_PASSWORD).unwrap() -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn enable() { - let device = Target::connect().unwrap(); - assert!( - device - .get_password_safe(&(USER_PASSWORD.to_owned() + "123")) - .is_err() - ); - assert!(device.get_password_safe(USER_PASSWORD).is_ok()); - assert!(device.get_password_safe(ADMIN_PASSWORD).is_err()); - assert!(device.get_password_safe(USER_PASSWORD).is_ok()); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn drop() { - let device = Target::connect().unwrap(); - { - let pws = get_pws(&device); - assert!(pws.write_slot(1, "name", "login", "password").is_ok()); - assert_eq!("name", pws.get_slot_name(1).unwrap()); - let result = result_from_string(unsafe { nitrokey_sys::NK_get_password_safe_slot_name(1) }); - assert_eq!(Ok(String::from("name")), result); - } - let result = result_from_string(unsafe { nitrokey_sys::NK_get_password_safe_slot_name(1) }); - assert_eq!(Ok(String::from("name")), result); - assert!(device.lock().is_ok()); - let result = result_from_string(unsafe { nitrokey_sys::NK_get_password_safe_slot_name(1) }); - assert_eq!(Err(CommandError::NotAuthorized), result); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn get_status() { - let device = Target::connect().unwrap(); - let pws = get_pws(&device); - for i in 0..SLOT_COUNT { - assert!(pws.erase_slot(i).is_ok(), "Could not erase slot {}", i); - } - let status = pws.get_slot_status().unwrap(); - assert_eq!(status, [false; SLOT_COUNT as usize]); - - assert!(pws.write_slot(1, "name", "login", "password").is_ok()); - let status = pws.get_slot_status().unwrap(); - for i in 0..SLOT_COUNT { - assert_eq!(i == 1, status[i as usize]); - } - - for i in 0..SLOT_COUNT { - assert!(pws.write_slot(i, "name", "login", "password").is_ok()); - } - let status = pws.get_slot_status().unwrap(); - assert_eq!(status, [true; SLOT_COUNT as usize]); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn get_data() { - let device = Target::connect().unwrap(); - let pws = get_pws(&device); - assert!(pws.write_slot(1, "name", "login", "password").is_ok()); - assert_eq!("name", pws.get_slot_name(1).unwrap()); - assert_eq!("login", pws.get_slot_login(1).unwrap()); - assert_eq!("password", pws.get_slot_password(1).unwrap()); - - assert!(pws.erase_slot(1).is_ok()); - // TODO: check error codes - assert_eq!(Err(CommandError::Unknown), pws.get_slot_name(1)); - assert_eq!(Err(CommandError::Unknown), pws.get_slot_login(1)); - assert_eq!(Err(CommandError::Unknown), pws.get_slot_password(1)); - - let name = "with å"; - let login = "pär@test.com"; - let password = "'i3lJc[09?I:,[u7dWz9"; - assert!(pws.write_slot(1, name, login, password).is_ok()); - assert_eq!(name, pws.get_slot_name(1).unwrap()); - assert_eq!(login, pws.get_slot_login(1).unwrap()); - assert_eq!(password, pws.get_slot_password(1).unwrap()); - - assert_eq!( - Err(CommandError::InvalidSlot), - pws.get_slot_name(SLOT_COUNT) - ); - assert_eq!( - Err(CommandError::InvalidSlot), - pws.get_slot_login(SLOT_COUNT) - ); - assert_eq!( - Err(CommandError::InvalidSlot), - pws.get_slot_password(SLOT_COUNT) - ); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn write() { - let device = Target::connect().unwrap(); - let pws = get_pws(&device); - - assert_eq!( - Err(CommandError::InvalidSlot), - pws.write_slot(SLOT_COUNT, "name", "login", "password") - ); - - assert!(pws.write_slot(0, "", "login", "password").is_ok()); - assert_eq!(Err(CommandError::Unknown), pws.get_slot_name(0)); - assert_eq!(Ok(String::from("login")), pws.get_slot_login(0)); - assert_eq!(Ok(String::from("password")), pws.get_slot_password(0)); - - assert!(pws.write_slot(0, "name", "", "password").is_ok()); - assert_eq!(Ok(String::from("name")), pws.get_slot_name(0)); - assert_eq!(Err(CommandError::Unknown), pws.get_slot_login(0)); - assert_eq!(Ok(String::from("password")), pws.get_slot_password(0)); - - assert!(pws.write_slot(0, "name", "login", "").is_ok()); - assert_eq!(Ok(String::from("name")), pws.get_slot_name(0)); - assert_eq!(Ok(String::from("login")), pws.get_slot_login(0)); - assert_eq!(Err(CommandError::Unknown), pws.get_slot_password(0)); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn erase() { - let device = Target::connect().unwrap(); - let pws = get_pws(&device); - assert_eq!(Err(CommandError::InvalidSlot), pws.erase_slot(SLOT_COUNT)); - - assert!(pws.write_slot(0, "name", "login", "password").is_ok()); - assert!(pws.erase_slot(0).is_ok()); - assert!(pws.erase_slot(0).is_ok()); - assert_eq!(Err(CommandError::Unknown), pws.get_slot_name(0)); -} diff --git a/nitrokey/src/tests/util.rs b/nitrokey/src/tests/util.rs deleted file mode 100644 index c6fbb8f..0000000 --- a/nitrokey/src/tests/util.rs +++ /dev/null @@ -1,11 +0,0 @@ -pub static ADMIN_PASSWORD: &str = "12345678"; -pub static USER_PASSWORD: &str = "123456"; - -#[cfg(feature = "test-no-device")] -pub type Target = ::Pro; - -#[cfg(feature = "test-pro")] -pub type Target = ::Pro; - -#[cfg(feature = "test-storage")] -pub type Target = ::Storage; -- cgit v1.2.3