Update nitrokey crate to 0.3.0

This change updates the nitrokey crate to version 0.3.0. Import subrepo nitrokey/:nitrokey at 3593df8844b80741e2d33c8e5af80e65760dc058
author: Daniel Mueller <deso@posteo.net> 2019-01-05 16:04:49 -0800
committer: Daniel Mueller <deso@posteo.net> 2019-01-05 16:04:49 -0800
commit: d9adac05dfa5de83465fde3479df4fd898ebd8bd (patch)
tree: 3bcb5585b4f821250276d6bf1eadd05f1748d016 /nitrokey/tests
parent: bbb54f26c6101225a4f79f2f7f89cf5d71a62dd1 (diff)
download: nitrocli-d9adac05dfa5de83465fde3479df4fd898ebd8bd.tar.gz
nitrocli-d9adac05dfa5de83465fde3479df4fd898ebd8bd.tar.bz2
4 files changed, 136 insertions, 13 deletions
diff --git a/nitrokey/tests/device.rs b/nitrokey/tests/device.rs
index 26afa62..0ad4987 100644
--- a/nitrokey/tests/device.rs
+++ b/nitrokey/tests/device.rs
@@ -4,11 +4,15 @@ use std::ffi::CStr;
 use std::process::Command;
 use std::{thread, time};
 
-use nitrokey::{Authenticate, CommandError, Config, Device, Storage};
+use nitrokey::{
+    Authenticate, CommandError, Config, ConfigureOtp, Device, GenerateOtp, GetPasswordSafe,
+    OtpMode, OtpSlotData, Storage,
+};
 
-use crate::util::{Target, ADMIN_PASSWORD, USER_PASSWORD};
+use crate::util::{Target, ADMIN_PASSWORD, UPDATE_PIN, USER_PASSWORD};
 
 static ADMIN_NEW_PASSWORD: &str = "1234567890";
+static UPDATE_NEW_PIN: &str = "87654321";
 static USER_NEW_PASSWORD: &str = "abcdefghij";
 
 fn count_nitrokey_block_devices() -> usize {
@@ -256,12 +260,14 @@ fn unlock_user_pin() {
         device.unlock_user_pin(USER_PASSWORD, USER_PASSWORD)
     );
 
+    // block user PIN
     let wrong_password = USER_PASSWORD.to_owned() + "foo";
     let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword);
     let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword);
     let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword);
     let device = require_failed_user_login(device, USER_PASSWORD, CommandError::WrongPassword);
 
+    // unblock with current PIN
     assert_eq!(
         Err(CommandError::WrongPassword),
         device.unlock_user_pin(USER_PASSWORD, USER_PASSWORD)
@@ -269,7 +275,113 @@ fn unlock_user_pin() {
     assert!(device
         .unlock_user_pin(ADMIN_PASSWORD, USER_PASSWORD)
         .is_ok());
-    device.authenticate_user(USER_PASSWORD).unwrap();
+    let device = device.authenticate_user(USER_PASSWORD).unwrap().device();
+
+    // block user PIN
+    let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword);
+    let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword);
+    let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword);
+    let device = require_failed_user_login(device, USER_PASSWORD, CommandError::WrongPassword);
+
+    // unblock with new PIN
+    assert_eq!(
+        Err(CommandError::WrongPassword),
+        device.unlock_user_pin(USER_PASSWORD, USER_PASSWORD)
+    );
+    assert!(device
+        .unlock_user_pin(ADMIN_PASSWORD, USER_NEW_PASSWORD)
+        .is_ok());
+
+    // reset user PIN
+    assert!(device
+        .change_user_pin(USER_NEW_PASSWORD, USER_PASSWORD)
+        .is_ok());
+}
+
+#[test]
+#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)]
+fn factory_reset() {
+    let device = Target::connect().unwrap();
+
+    assert_eq!(
+        Ok(()),
+        device.change_user_pin(USER_PASSWORD, USER_NEW_PASSWORD)
+    );
+    assert_eq!(
+        Ok(()),
+        device.change_admin_pin(ADMIN_PASSWORD, ADMIN_NEW_PASSWORD)
+    );
+
+    let admin = device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap();
+    let otp_data = OtpSlotData::new(1, "test", "0123468790", OtpMode::SixDigits);
+    assert_eq!(Ok(()), admin.write_totp_slot(otp_data, 30));
+
+    let device = admin.device();
+    let pws = device.get_password_safe(USER_NEW_PASSWORD).unwrap();
+    assert_eq!(Ok(()), pws.write_slot(0, "test", "testlogin", "testpw"));
+    drop(pws);
+
+    assert_eq!(
+        Err(CommandError::WrongPassword),
+        device.factory_reset(USER_NEW_PASSWORD)
+    );
+    assert_eq!(
+        Err(CommandError::WrongPassword),
+        device.factory_reset(ADMIN_PASSWORD)
+    );
+    assert_eq!(Ok(()), device.factory_reset(ADMIN_NEW_PASSWORD));
+
+    let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap().device();
+
+    let user = device.authenticate_user(USER_PASSWORD).unwrap();
+    assert_eq!(
+        Err(CommandError::SlotNotProgrammed),
+        user.get_totp_slot_name(1)
+    );
+
+    let device = user.device();
+    let pws = device.get_password_safe(USER_PASSWORD).unwrap();
+    assert_ne!("test".to_string(), pws.get_slot_name(0).unwrap());
+    assert_ne!("testlogin".to_string(), pws.get_slot_login(0).unwrap());
+    assert_ne!("testpw".to_string(), pws.get_slot_password(0).unwrap());
+
+    assert_eq!(Ok(()), device.build_aes_key(ADMIN_PASSWORD));
+}
+
+#[test]
+#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)]
+fn build_aes_key() {
+    let device = Target::connect().unwrap();
+
+    let pws = device.get_password_safe(USER_PASSWORD).unwrap();
+    assert_eq!(Ok(()), pws.write_slot(0, "test", "testlogin", "testpw"));
+    drop(pws);
+
+    assert_eq!(
+        Err(CommandError::WrongPassword),
+        device.build_aes_key(USER_PASSWORD)
+    );
+    assert_eq!(Ok(()), device.build_aes_key(ADMIN_PASSWORD));
+
+    let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap().device();
+
+    let pws = device.get_password_safe(USER_PASSWORD).unwrap();
+    assert_ne!("test".to_string(), pws.get_slot_name(0).unwrap());
+    assert_ne!("testlogin".to_string(), pws.get_slot_login(0).unwrap());
+    assert_ne!("testpw".to_string(), pws.get_slot_password(0).unwrap());
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-storage"), ignore)]
+fn change_update_pin() {
+    let device = Storage::connect().unwrap();
+
+    assert_eq!(
+        Err(CommandError::WrongPassword),
+        device.change_update_pin(UPDATE_NEW_PIN, UPDATE_PIN)
+    );
+    assert_eq!(Ok(()), device.change_update_pin(UPDATE_PIN, UPDATE_NEW_PIN));
+    assert_eq!(Ok(()), device.change_update_pin(UPDATE_NEW_PIN, UPDATE_PIN));
 }
 
 #[test]
diff --git a/nitrokey/tests/otp.rs b/nitrokey/tests/otp.rs
index 8e7ae08..c7d6e68 100644
--- a/nitrokey/tests/otp.rs
+++ b/nitrokey/tests/otp.rs
@@ -55,6 +55,16 @@ fn check_hotp_codes(device: &GenerateOtp, offset: u8) {
 
 #[test]
 #[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)]
+fn set_time() {
+    let device = Target::connect().expect("Could not connect to the Nitrokey.");
+    assert_eq!(Ok(()), device.set_time(1546385382, true));
+    assert_eq!(Ok(()), device.set_time(1546385392, false));
+    assert_eq!(Err(CommandError::Timestamp), device.set_time(1546385292, false));
+    assert_eq!(Ok(()), device.set_time(1546385382, true));
+}
+
+#[test]
+#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)]
 fn hotp_no_pin() {
     let admin = get_admin_test_device();
     let config = Config::new(None, None, None, false);
@@ -152,7 +162,7 @@ fn check_totp_codes(device: &GenerateOtp, factor: u64, timestamp_size: TotpTimes
             continue;
         }
 
-        assert!(device.set_time(time).is_ok());
+        assert!(device.set_time(time, true).is_ok());
         let result = device.get_totp_code(1);
         assert!(result.is_ok());
         let result_code = result.unwrap();
diff --git a/nitrokey/tests/pws.rs b/nitrokey/tests/pws.rs
index 875324b..5061298 100644
--- a/nitrokey/tests/pws.rs
+++ b/nitrokey/tests/pws.rs
@@ -11,7 +11,7 @@ use crate::util::{Target, ADMIN_PASSWORD, USER_PASSWORD};
 fn get_slot_name_direct(slot: u8) -> Result<String, CommandError> {
     let ptr = unsafe { nitrokey_sys::NK_get_password_safe_slot_name(slot) };
     if ptr.is_null() {
-        return Err(CommandError::Unknown);
+        return Err(CommandError::Undefined);
     }
     let s = unsafe { CStr::from_ptr(ptr).to_string_lossy().into_owned() };
     unsafe { free(ptr as *mut c_void) };
@@ -19,7 +19,7 @@ fn get_slot_name_direct(slot: u8) -> Result<String, CommandError> {
         true => {
             let error = unsafe { nitrokey_sys::NK_get_last_command_status() } as c_int;
             match error {
-                0 => Err(CommandError::Unknown),
+                0 => Err(CommandError::Undefined),
                 other => Err(CommandError::from(other)),
             }
         }
@@ -97,9 +97,9 @@ fn get_data() {
 
     assert!(pws.erase_slot(1).is_ok());
     // TODO: check error codes
-    assert_eq!(Err(CommandError::Unknown), pws.get_slot_name(1));
-    assert_eq!(Err(CommandError::Unknown), pws.get_slot_login(1));
-    assert_eq!(Err(CommandError::Unknown), pws.get_slot_password(1));
+    assert_eq!(Err(CommandError::Undefined), pws.get_slot_name(1));
+    assert_eq!(Err(CommandError::Undefined), pws.get_slot_login(1));
+    assert_eq!(Err(CommandError::Undefined), pws.get_slot_password(1));
 
     let name = "with å";
     let login = "pär@test.com";
@@ -135,19 +135,19 @@ fn write() {
     );
 
     assert!(pws.write_slot(0, "", "login", "password").is_ok());
-    assert_eq!(Err(CommandError::Unknown), pws.get_slot_name(0));
+    assert_eq!(Err(CommandError::Undefined), pws.get_slot_name(0));
     assert_eq!(Ok(String::from("login")), pws.get_slot_login(0));
     assert_eq!(Ok(String::from("password")), pws.get_slot_password(0));
 
     assert!(pws.write_slot(0, "name", "", "password").is_ok());
     assert_eq!(Ok(String::from("name")), pws.get_slot_name(0));
-    assert_eq!(Err(CommandError::Unknown), pws.get_slot_login(0));
+    assert_eq!(Err(CommandError::Undefined), pws.get_slot_login(0));
     assert_eq!(Ok(String::from("password")), pws.get_slot_password(0));
 
     assert!(pws.write_slot(0, "name", "login", "").is_ok());
     assert_eq!(Ok(String::from("name")), pws.get_slot_name(0));
     assert_eq!(Ok(String::from("login")), pws.get_slot_login(0));
-    assert_eq!(Err(CommandError::Unknown), pws.get_slot_password(0));
+    assert_eq!(Err(CommandError::Undefined), pws.get_slot_password(0));
 }
 
 #[test]
@@ -160,5 +160,5 @@ fn erase() {
     assert!(pws.write_slot(0, "name", "login", "password").is_ok());
     assert!(pws.erase_slot(0).is_ok());
     assert!(pws.erase_slot(0).is_ok());
-    assert_eq!(Err(CommandError::Unknown), pws.get_slot_name(0));
+    assert_eq!(Err(CommandError::Undefined), pws.get_slot_name(0));
 }
diff --git a/nitrokey/tests/util/mod.rs b/nitrokey/tests/util/mod.rs
index c2c94e2..5e495d8 100644
--- a/nitrokey/tests/util/mod.rs
+++ b/nitrokey/tests/util/mod.rs
@@ -1,4 +1,5 @@
 pub static ADMIN_PASSWORD: &str = "12345678";
+pub static UPDATE_PIN: &str = "12345678";
 pub static USER_PASSWORD: &str = "123456";
 
 #[cfg(not(feature = "test-storage"))]
author	Daniel Mueller <deso@posteo.net>	2019-01-05 16:04:49 -0800
committer	Daniel Mueller <deso@posteo.net>	2019-01-05 16:04:49 -0800
commit	d9adac05dfa5de83465fde3479df4fd898ebd8bd (patch)
tree	3bcb5585b4f821250276d6bf1eadd05f1748d016 /nitrokey/tests
parent	bbb54f26c6101225a4f79f2f7f89cf5d71a62dd1 (diff)
download	nitrocli-d9adac05dfa5de83465fde3479df4fd898ebd8bd.tar.gz nitrocli-d9adac05dfa5de83465fde3479df4fd898ebd8bd.tar.bz2