diff options
-rw-r--r-- | nitrocli/CHANGELOG.md | 2 | ||||
-rw-r--r-- | nitrocli/Cargo.lock | 4 | ||||
-rw-r--r-- | nitrokey/CHANGELOG.md | 8 | ||||
-rw-r--r-- | nitrokey/Cargo.toml | 5 | ||||
-rw-r--r-- | nitrokey/README.md | 44 | ||||
-rw-r--r-- | nitrokey/TODO.md | 3 | ||||
-rw-r--r-- | nitrokey/src/device.rs | 187 | ||||
-rw-r--r-- | nitrokey/src/lib.rs | 2 | ||||
-rw-r--r-- | nitrokey/src/otp.rs | 22 | ||||
-rw-r--r-- | nitrokey/tests/device.rs | 219 | ||||
-rw-r--r-- | nitrokey/tests/otp.rs | 155 | ||||
-rw-r--r-- | nitrokey/tests/pws.rs | 72 | ||||
-rw-r--r-- | nitrokey/tests/util/mod.rs | 6 |
13 files changed, 439 insertions, 290 deletions
diff --git a/nitrocli/CHANGELOG.md b/nitrocli/CHANGELOG.md index e94d63f..e7c1437 100644 --- a/nitrocli/CHANGELOG.md +++ b/nitrocli/CHANGELOG.md @@ -6,7 +6,7 @@ Unreleased - Added the `-f`/`--format` option for the `otp set` subcommand to choose the secret format - Deprecated the `--ascii` option -- Bumped `nitrokey` dependency to `0.3.0` +- Bumped `nitrokey` dependency to `0.3.1` 0.2.1 diff --git a/nitrocli/Cargo.lock b/nitrocli/Cargo.lock index 032c613..75be06d 100644 --- a/nitrocli/Cargo.lock +++ b/nitrocli/Cargo.lock @@ -88,14 +88,14 @@ dependencies = [ "argparse 0.2.2", "base32 0.4.0", "libc 0.2.45", - "nitrokey 0.3.0", + "nitrokey 0.3.1", "nitrokey-test 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", "regex 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] name = "nitrokey" -version = "0.3.0" +version = "0.3.1" dependencies = [ "libc 0.2.45 (registry+https://github.com/rust-lang/crates.io-index)", "nitrokey-sys 3.4.1 (registry+https://github.com/rust-lang/crates.io-index)", diff --git a/nitrokey/CHANGELOG.md b/nitrokey/CHANGELOG.md index ae49683..f79111e 100644 --- a/nitrokey/CHANGELOG.md +++ b/nitrokey/CHANGELOG.md @@ -1,3 +1,11 @@ +# v0.3.1 (2019-01-07) +- Use `nitrokey-test` to select and execute the unit tests. +- Add support for the hidden volumes on a Nitrokey Storage + (`enable_hidden_volume`, `disable_hidden_volume` and `create_hidden_volume` + methods for the `Storage` struct). +- Add the `connect_model` function to connect to a specific model using an enum + variant. + # v0.3.0 (2019-01-04) - Add a `force` argument to `ConfigureOtp::set_time`. - Remove the obsolete `CommandError::RngError`. diff --git a/nitrokey/Cargo.toml b/nitrokey/Cargo.toml index b8f30db..f7c1baf 100644 --- a/nitrokey/Cargo.toml +++ b/nitrokey/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "nitrokey" -version = "0.3.0" +version = "0.3.1" authors = ["Robin Krahl <robin.krahl@ireas.org>"] edition = "2018" homepage = "https://code.ireas.org/nitrokey-rs/" @@ -20,3 +20,6 @@ test-storage = [] libc = "0.2" nitrokey-sys = "3.4" rand = "0.6" + +[dev-dependencies] +nitrokey-test = {version = "0.1"} diff --git a/nitrokey/README.md b/nitrokey/README.md index 568b1d4..53054de 100644 --- a/nitrokey/README.md +++ b/nitrokey/README.md @@ -7,7 +7,9 @@ A libnitrokey wrapper for Rust providing access to Nitrokey devices. ## Compatibility The required [`libnitrokey`][] version is built from source. The host system -must provide `libhidapi-libusb0` in the default library search path. +must provide `libhidapi-libusb0` (Linux) or `libhidapi` (non-Linux) in the +default library search path. Depending on your system, you might also have to +install the [Nitrokey udev rules][]. Currently, this crate provides access to the common features of the Nitrokey Pro and the Nitrokey Storage: general configuration, OTP generation and the @@ -29,37 +31,27 @@ supported by `nitrokey-rs`: ## Tests -This crate has three test suites that can be selected using features. One test -suite assumes that no Nitrokey device is connected. It is run if no other test -suite is selected. The two other test suites require a Nitrokey Pro (feature -`test-pro`) or a Nitrokey Storage (feature `test-storage`) to be connected. +This crate has tests for different scenarios: Some tests require that no +Nitrokey device is connected, others require a Nitrokey Storage or a Nitrokey +Pro. We use the [`nitrokey-test`][] crate to select the test cases. You can +just run `cargo test` to auto-detect connected Nitrokey devices and to run the +appropriate tests. If you want to manually select the tests, set the +`NITROKEY_TEST_GROUP` environment variable to `nodev` (no device connected), +`pro` (Nitrokey Pro connected) or `storage` (Nitrokey Storage connected). -Use the `--features` option for Cargo to select one of the test suites. You -should select more than one of the test suites at the same time. Note that the -test suites that require a Nitrokey device assume that the device’s passwords -are the factory defaults (admin password `12345678` and user password -`123456`). Running the test suite with a device with different passwords might -lock your device! Also note that the test suite might delete or overwrite data -on all connected devices. - -As the tests currently are not synchronized, you have to make sure that they -are not executed in parallel. To do so, pass the option `--test-threads 1` to -the test executable. - -In conclusion, you can use these commands to run the test suites: - -``` -$ cargo test -$ cargo test --features test-pro -- --test-threads 1 -$ cargo test --features test-storage -- --test-threads 1 -``` +Note that the tests assume that the device’s passwords are the factory defaults +(admin PIN `12345678`, user PIN `123456`, update password `12345678`) and that +an AES key has been built. Some tests will overwrite the data stored on the +Nitrokey device or perform a factory reset. Never execute the tests if you +unless yout want to destroy all data on all connected Nitrokey devices! The `totp_no_pin` and `totp_pin` tests can occasionally fail due to bad timing. ## Acknowledgments Thanks to Nitrokey UG for providing a Nitrokey Storage to support the -development of this crate. +development of this crate. Thanks to Daniel Mueller for contributions to +`nitrokey-rs` and for the `nitrokey-test` crate. ## Contact @@ -72,7 +64,9 @@ This project is licensed under the [MIT License][]. `libnitrokey` is licensed under the [LGPL-3.0][]. [Documentation]: https://docs.rs/nitrokey +[Nitrokey udev rules]: https://www.nitrokey.com/documentation/frequently-asked-questions-faq#openpgp-card-not-available [`libnitrokey`]: https://github.com/nitrokey/libnitrokey +[`nitrokey-test`]: https://github.com/d-e-s-o/nitrokey-test [nitrokey-rs-dev@ireas.org]: mailto:nitrokey-rs-dev@ireas.org [pull request #114]: https://github.com/Nitrokey/libnitrokey/pull/114 [MIT license]: https://opensource.org/licenses/MIT diff --git a/nitrokey/TODO.md b/nitrokey/TODO.md index 111105d..f839dc3 100644 --- a/nitrokey/TODO.md +++ b/nitrokey/TODO.md @@ -2,9 +2,6 @@ - `NK_set_unencrypted_volume_rorw_pin_type_user` - `NK_is_AES_supported` - `NK_send_startup` - - `NK_unlock_hidden_volume` - - `NK_lock_hidden_volume` - - `NK_create_hidden_volume` - `NK_set_unencrypted_read_only` - `NK_set_unencrypted_read_only_admin` - `NK_set_unencrypted_read_write` diff --git a/nitrokey/src/device.rs b/nitrokey/src/device.rs index 78d0d82..2eee08e 100644 --- a/nitrokey/src/device.rs +++ b/nitrokey/src/device.rs @@ -583,6 +583,10 @@ pub trait Device: Authenticate + GetPasswordSafe + GenerateOtp { /// Connects to a Nitrokey device. This method can be used to connect to any connected device, /// both a Nitrokey Pro and a Nitrokey Storage. /// +/// # Errors +/// +/// - [`Undefined`][] if no Nitrokey device is connected +/// /// # Example /// /// ``` @@ -595,6 +599,8 @@ pub trait Device: Authenticate + GetPasswordSafe + GenerateOtp { /// Err(err) => println!("Could not connect to a Nitrokey: {}", err), /// } /// ``` +/// +/// [`Undefined`]: enum.CommandError.html#variant.Undefined pub fn connect() -> Result<DeviceWrapper, CommandError> { unsafe { match nitrokey_sys::NK_login_auto() { @@ -607,6 +613,35 @@ pub fn connect() -> Result<DeviceWrapper, CommandError> { } } +/// Connects to a Nitrokey device of the given model. +/// +/// # Errors +/// +/// - [`Undefined`][] if no Nitrokey device of the given model is connected +/// +/// # Example +/// +/// ``` +/// use nitrokey::DeviceWrapper; +/// use nitrokey::Model; +/// +/// fn do_something(device: DeviceWrapper) {} +/// +/// match nitrokey::connect_model(Model::Pro) { +/// Ok(device) => do_something(device), +/// Err(err) => println!("Could not connect to a Nitrokey Pro: {}", err), +/// } +/// ``` +/// +/// [`Undefined`]: enum.CommandError.html#variant.Undefined +pub fn connect_model(model: Model) -> Result<DeviceWrapper, CommandError> { + if connect_enum(model) { + Ok(create_device_wrapper(model)) + } else { + Err(CommandError::Undefined) + } +} + fn get_connected_model() -> Option<Model> { unsafe { match nitrokey_sys::NK_get_device_model() { @@ -628,7 +663,7 @@ fn get_connected_device() -> Option<DeviceWrapper> { get_connected_model().map(create_device_wrapper) } -fn connect_model(model: Model) -> bool { +fn connect_enum(model: Model) -> bool { let model = match model { Model::Storage => nitrokey_sys::NK_device_model_NK_STORAGE, Model::Pro => nitrokey_sys::NK_device_model_NK_PRO, @@ -675,6 +710,10 @@ impl Device for DeviceWrapper { impl Pro { /// Connects to a Nitrokey Pro. /// + /// # Errors + /// + /// - [`Undefined`][] if no Nitrokey device of the given model is connected + /// /// # Example /// /// ``` @@ -687,9 +726,11 @@ impl Pro { /// Err(err) => println!("Could not connect to the Nitrokey Pro: {}", err), /// } /// ``` + /// + /// [`Undefined`]: enum.CommandError.html#variant.Undefined pub fn connect() -> Result<Pro, CommandError> { // TODO: maybe Option instead of Result? - match connect_model(Model::Pro) { + match connect_enum(Model::Pro) { true => Ok(Pro {}), false => Err(CommandError::Undefined), } @@ -715,6 +756,10 @@ impl GenerateOtp for Pro {} impl Storage { /// Connects to a Nitrokey Storage. /// + /// # Errors + /// + /// - [`Undefined`][] if no Nitrokey device of the given model is connected + /// /// # Example /// /// ``` @@ -727,9 +772,11 @@ impl Storage { /// Err(err) => println!("Could not connect to the Nitrokey Storage: {}", err), /// } /// ``` + /// + /// [`Undefined`]: enum.CommandError.html#variant.Undefined pub fn connect() -> Result<Storage, CommandError> { // TODO: maybe Option instead of Result? - match connect_model(Model::Storage) { + match connect_enum(Model::Storage) { true => Ok(Storage {}), false => Err(CommandError::Undefined), } @@ -878,6 +925,140 @@ impl Storage { unsafe { get_command_result(nitrokey_sys::NK_lock_encrypted_volume()) } } + /// Enables a hidden storage volume. + /// + /// This function will only succeed if the encrypted storage ([`enable_encrypted_volume`][]) or + /// another hidden volume has been enabled previously. Once the hidden volume is enabled, it + /// is presented to the operating system as a block device and any previously opened encrypted + /// or hidden volumes are closed. The API does not provide any information on the name or path + /// of this block device. + /// + /// Note that the encrypted and the hidden volumes operate on the same storage area, so using + /// both at the same time might lead to data loss. + /// + /// The hidden volume to unlock is selected based on the provided password. + /// + /// # Errors + /// + /// - [`AesDecryptionFailed`][] if the encrypted storage has not been opened before calling + /// this method or the AES key has not been built + /// - [`InvalidString`][] if the provided password contains a null byte + /// + /// # Example + /// + /// ```no_run + /// # use nitrokey::CommandError; + /// + /// # fn try_main() -> Result<(), CommandError> { + /// let device = nitrokey::Storage::connect()?; + /// device.enable_encrypted_volume("123445")?; + /// match device.enable_hidden_volume("hidden-pw") { + /// Ok(()) => println!("Enabled a hidden volume."), + /// Err(err) => println!("Could not enable the hidden volume: {}", err), + /// }; + /// # Ok(()) + /// # } + /// ``` + /// + /// [`enable_encrypted_volume`]: #method.enable_encrypted_volume + /// [`AesDecryptionFailed`]: enum.CommandError.html#variant.AesDecryptionFailed + /// [`InvalidString`]: enum.CommandError.html#variant.InvalidString + pub fn enable_hidden_volume(&self, volume_password: &str) -> Result<(), CommandError> { + let volume_password = get_cstring(volume_password)?; + unsafe { + get_command_result(nitrokey_sys::NK_unlock_hidden_volume( + volume_password.as_ptr(), + )) + } + } + + /// Disables a hidden storage volume. + /// + /// Once the volume is disabled, it can be no longer accessed as a block device. If no hidden + /// volume has been enabled, this method still returns a success. + /// + /// # Example + /// + /// ```no_run + /// # use nitrokey::CommandError; + /// + /// fn use_volume() {} + /// + /// # fn try_main() -> Result<(), CommandError> { + /// let device = nitrokey::Storage::connect()?; + /// device.enable_encrypted_volume("123445")?; + /// match device.enable_hidden_volume("hidden-pw") { + /// Ok(()) => { + /// println!("Enabled the hidden volume."); + /// use_volume(); + /// match device.disable_hidden_volume() { + /// Ok(()) => println!("Disabled the hidden volume."), + /// Err(err) => { + /// println!("Could not disable the hidden volume: {}", err); + /// }, + /// }; + /// }, + /// Err(err) => println!("Could not enable the hidden volume: {}", err), + /// }; + /// # Ok(()) + /// # } + /// ``` + pub fn disable_hidden_volume(&self) -> Result<(), CommandError> { + unsafe { get_command_result(nitrokey_sys::NK_lock_hidden_volume()) } + } + + /// Creates a hidden volume. + /// + /// The volume is crated in the given slot and in the given range of the available memory, + /// where `start` is the start position as a percentage of the available memory, and `end` is + /// the end position as a percentage of the available memory. The volume will be protected by + /// the given password. + /// + /// Note that the encrypted and the hidden volumes operate on the same storage area, so using + /// both at the same time might lead to data loss. + /// + /// According to the libnitrokey documentation, this function only works if the encrypted + /// storage has been opened. + /// + /// # Errors + /// + /// - [`AesDecryptionFailed`][] if the encrypted storage has not been opened before calling + /// this method or the AES key has not been built + /// - [`InvalidString`][] if the provided password contains a null byte + /// + /// # Example + /// + /// ```no_run + /// # use nitrokey::CommandError; + /// + /// # fn try_main() -> Result<(), CommandError> { + /// let device = nitrokey::Storage::connect()?; + /// device.enable_encrypted_volume("123445")?; + /// device.create_hidden_volume(0, 0, 100, "hidden-pw")?; + /// # Ok(()) + /// # } + /// ``` + /// + /// [`AesDecryptionFailed`]: enum.CommandError.html#variant.AesDecryptionFailed + /// [`InvalidString`]: enum.CommandError.html#variant.InvalidString + pub fn create_hidden_volume( + &self, + slot: u8, + start: u8, + end: u8, + password: &str, + ) -> Result<(), CommandError> { + let password = get_cstring(password)?; + unsafe { + get_command_result(nitrokey_sys::NK_create_hidden_volume( + slot, + start, + end, + password.as_ptr(), + )) + } + } + /// Returns the status of the connected storage device. /// /// # Example diff --git a/nitrokey/src/lib.rs b/nitrokey/src/lib.rs index 9f21518..bb34870 100644 --- a/nitrokey/src/lib.rs +++ b/nitrokey/src/lib.rs @@ -98,7 +98,7 @@ use nitrokey_sys; pub use crate::auth::{Admin, Authenticate, User}; pub use crate::config::Config; pub use crate::device::{ - connect, Device, DeviceWrapper, Model, Pro, Storage, StorageStatus, VolumeStatus, + connect, connect_model, Device, DeviceWrapper, Model, Pro, Storage, StorageStatus, VolumeStatus, }; pub use crate::otp::{ConfigureOtp, GenerateOtp, OtpMode, OtpSlotData}; pub use crate::pws::{GetPasswordSafe, PasswordSafe, SLOT_COUNT}; diff --git a/nitrokey/src/otp.rs b/nitrokey/src/otp.rs index 9f0a388..901bef9 100644 --- a/nitrokey/src/otp.rs +++ b/nitrokey/src/otp.rs @@ -155,7 +155,7 @@ pub trait GenerateOtp { /// /// `time` is the number of seconds since January 1st, 1970 (Unix timestamp). Unless `force` /// is set to `true`, this command fails if the timestamp on the device is larger than the - /// given timestamp or if it is zero. + /// given timestamp or if it is zero. /// /// The time is used for TOTP generation (see [`get_totp_code`][]). /// @@ -297,21 +297,21 @@ pub trait GenerateOtp { /// /// # Example /// - /// ```ignore - /// extern crate chrono; - /// + /// ```no_run + /// use std::time; /// use nitrokey::GenerateOtp; /// # use nitrokey::CommandError; /// /// # fn try_main() -> Result<(), CommandError> { /// let device = nitrokey::connect()?; - /// let time = Utc::now().timestamp(); - /// if time < 0 { - /// println!("Timestamps before 1970-01-01 are not supported!"); - /// } else { - /// device.set_time(time as u64); - /// let code = device.get_totp_code(1)?; - /// println!("Generated TOTP code on slot 1: {}", code); + /// let time = time::SystemTime::now().duration_since(time::UNIX_EPOCH); + /// match time { + /// Ok(time) => { + /// device.set_time(time.as_secs(), false)?; + /// let code = device.get_totp_code(1)?; + /// println!("Generated TOTP code on slot 1: {}", code); + /// }, + /// Err(_) => println!("Timestamps before 1970-01-01 are not supported!"), /// } /// # Ok(()) /// # } diff --git a/nitrokey/tests/device.rs b/nitrokey/tests/device.rs index 0ad4987..db8194c 100644 --- a/nitrokey/tests/device.rs +++ b/nitrokey/tests/device.rs @@ -6,10 +6,11 @@ use std::{thread, time}; use nitrokey::{ Authenticate, CommandError, Config, ConfigureOtp, Device, GenerateOtp, GetPasswordSafe, - OtpMode, OtpSlotData, Storage, + OtpMode, OtpSlotData, }; +use nitrokey_test::test as test_device; -use crate::util::{Target, ADMIN_PASSWORD, UPDATE_PIN, USER_PASSWORD}; +use crate::util::{ADMIN_PASSWORD, UPDATE_PIN, USER_PASSWORD}; static ADMIN_NEW_PASSWORD: &str = "1234567890"; static UPDATE_NEW_PIN: &str = "87654321"; @@ -27,36 +28,39 @@ fn count_nitrokey_block_devices() -> usize { .count() } -#[test] -#[cfg_attr(any(feature = "test-pro", feature = "test-storage"), ignore)] +#[test_device] fn connect_no_device() { assert!(nitrokey::connect().is_err()); + assert!(nitrokey::connect_model(nitrokey::Model::Pro).is_err()); + assert!(nitrokey::connect_model(nitrokey::Model::Storage).is_err()); assert!(nitrokey::Pro::connect().is_err()); assert!(nitrokey::Storage::connect().is_err()); } -#[test] -#[cfg_attr(not(feature = "test-pro"), ignore)] -fn connect_pro() { +#[test_device] +fn connect_pro(device: Pro) { + assert_eq!(device.get_model(), nitrokey::Model::Pro); + drop(device); + assert!(nitrokey::connect().is_ok()); + assert!(nitrokey::connect_model(nitrokey::Model::Pro).is_ok()); assert!(nitrokey::Pro::connect().is_ok()); + + assert!(nitrokey::connect_model(nitrokey::Model::Storage).is_err()); assert!(nitrokey::Storage::connect().is_err()); - match nitrokey::connect().unwrap() { - nitrokey::DeviceWrapper::Pro(_) => assert!(true), - nitrokey::DeviceWrapper::Storage(_) => assert!(false), - }; } -#[test] -#[cfg_attr(not(feature = "test-storage"), ignore)] -fn connect_storage() { +#[test_device] +fn connect_storage(device: Storage) { + assert_eq!(device.get_model(), nitrokey::Model::Storage); + drop(device); + assert!(nitrokey::connect().is_ok()); - assert!(nitrokey::Pro::connect().is_err()); + assert!(nitrokey::connect_model(nitrokey::Model::Storage).is_ok()); assert!(nitrokey::Storage::connect().is_ok()); - match nitrokey::connect().unwrap() { - nitrokey::DeviceWrapper::Pro(_) => assert!(false), - nitrokey::DeviceWrapper::Storage(_) => assert!(true), - }; + + assert!(nitrokey::connect_model(nitrokey::Model::Pro).is_err()); + assert!(nitrokey::Pro::connect().is_err()); } fn assert_empty_serial_number() { @@ -68,54 +72,22 @@ fn assert_empty_serial_number() { } } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn disconnect() { - Target::connect().unwrap(); - assert_empty_serial_number(); - Target::connect() - .unwrap() - .authenticate_admin(ADMIN_PASSWORD) - .unwrap(); - assert_empty_serial_number(); - Target::connect() - .unwrap() - .authenticate_user(USER_PASSWORD) - .unwrap(); +#[test_device] +fn disconnect(device: DeviceWrapper) { + drop(device); assert_empty_serial_number(); } -fn require_model(model: nitrokey::Model) { - assert_eq!(model, nitrokey::connect().unwrap().get_model()); - assert_eq!(model, Target::connect().unwrap().get_model()); -} - -#[test] -#[cfg_attr(not(feature = "test-pro"), ignore)] -fn get_model_pro() { - require_model(nitrokey::Model::Pro); -} - -#[test] -#[cfg_attr(not(feature = "test-storage"), ignore)] -fn get_model_storage() { - require_model(nitrokey::Model::Storage); -} - -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn get_serial_number() { - let device = Target::connect().unwrap(); +#[test_device] +fn get_serial_number(device: DeviceWrapper) { let result = device.get_serial_number(); assert!(result.is_ok()); let serial_number = result.unwrap(); assert!(serial_number.is_ascii()); assert!(serial_number.chars().all(|c| c.is_ascii_hexdigit())); } -#[test] -#[cfg_attr(not(feature = "test-pro"), ignore)] -fn get_firmware_version() { - let device = Target::connect().unwrap(); +#[test_device] +fn get_firmware_version(device: Pro) { assert_eq!(0, device.get_major_firmware_version()); let minor = device.get_minor_firmware_version(); assert!(minor > 0); @@ -141,11 +113,8 @@ fn user_retry<T: Authenticate + Device>(device: T, suffix: &str, count: u8) -> T return device; } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn get_retry_count() { - let device = Target::connect().unwrap(); - +#[test_device] +fn get_retry_count(device: DeviceWrapper) { let device = admin_retry(device, "", 3); let device = admin_retry(device, "123", 2); let device = admin_retry(device, "456", 1); @@ -157,13 +126,11 @@ fn get_retry_count() { user_retry(device, "", 3); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn config() { - let device = Target::connect().unwrap(); +#[test_device] +fn config(device: DeviceWrapper) { let admin = device.authenticate_admin(ADMIN_PASSWORD).unwrap(); let config = Config::new(None, None, None, true); - assert!(admin.write_config(config).is_ok()); + assert_eq!(Ok(()), admin.write_config(config)); let get_config = admin.get_config().unwrap(); assert_eq!(config, get_config); @@ -171,20 +138,18 @@ fn config() { assert_eq!(Err(CommandError::InvalidSlot), admin.write_config(config)); let config = Config::new(Some(1), None, Some(0), false); - assert!(admin.write_config(config).is_ok()); + assert_eq!(Ok(()), admin.write_config(config)); let get_config = admin.get_config().unwrap(); assert_eq!(config, get_config); let config = Config::new(None, None, None, false); - assert!(admin.write_config(config).is_ok()); + assert_eq!(Ok(()), admin.write_config(config)); let get_config = admin.get_config().unwrap(); assert_eq!(config, get_config); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn change_user_pin() { - let device = Target::connect().unwrap(); +#[test_device] +fn change_user_pin(device: DeviceWrapper) { let device = device.authenticate_user(USER_PASSWORD).unwrap().device(); let device = device.authenticate_user(USER_NEW_PASSWORD).unwrap_err().0; @@ -209,10 +174,8 @@ fn change_user_pin() { assert!(device.authenticate_user(USER_NEW_PASSWORD).is_err()); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn change_admin_pin() { - let device = Target::connect().unwrap(); +#[test_device] +fn change_admin_pin(device: DeviceWrapper) { let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap().device(); let device = device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap_err().0; @@ -239,7 +202,11 @@ fn change_admin_pin() { device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap_err(); } -fn require_failed_user_login(device: Target, password: &str, error: CommandError) -> Target { +fn require_failed_user_login<D>(device: D, password: &str, error: CommandError) -> D +where + D: Device + Authenticate, + nitrokey::User<D>: std::fmt::Debug, +{ let result = device.authenticate_user(password); assert!(result.is_err()); let err = result.unwrap_err(); @@ -247,10 +214,8 @@ fn require_failed_user_login(device: Target, password: &str, error: CommandError err.0 } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn unlock_user_pin() { - let device = Target::connect().unwrap(); +#[test_device] +fn unlock_user_pin(device: DeviceWrapper) { let device = device.authenticate_user(USER_PASSWORD).unwrap().device(); assert!(device .unlock_user_pin(ADMIN_PASSWORD, USER_PASSWORD) @@ -298,11 +263,8 @@ fn unlock_user_pin() { .is_ok()); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn factory_reset() { - let device = Target::connect().unwrap(); - +#[test_device] +fn factory_reset(device: DeviceWrapper) { assert_eq!( Ok(()), device.change_user_pin(USER_PASSWORD, USER_NEW_PASSWORD) @@ -348,11 +310,8 @@ fn factory_reset() { assert_eq!(Ok(()), device.build_aes_key(ADMIN_PASSWORD)); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn build_aes_key() { - let device = Target::connect().unwrap(); - +#[test_device] +fn build_aes_key(device: DeviceWrapper) { let pws = device.get_password_safe(USER_PASSWORD).unwrap(); assert_eq!(Ok(()), pws.write_slot(0, "test", "testlogin", "testpw")); drop(pws); @@ -371,11 +330,8 @@ fn build_aes_key() { assert_ne!("testpw".to_string(), pws.get_slot_password(0).unwrap()); } -#[test] -#[cfg_attr(not(feature = "test-storage"), ignore)] -fn change_update_pin() { - let device = Storage::connect().unwrap(); - +#[test_device] +fn change_update_pin(device: Storage) { assert_eq!( Err(CommandError::WrongPassword), device.change_update_pin(UPDATE_NEW_PIN, UPDATE_PIN) @@ -384,40 +340,71 @@ fn change_update_pin() { assert_eq!(Ok(()), device.change_update_pin(UPDATE_NEW_PIN, UPDATE_PIN)); } -#[test] -#[cfg_attr(not(feature = "test-storage"), ignore)] -fn encrypted_volume() { - let device = Storage::connect().unwrap(); - assert!(device.lock().is_ok()); +#[test_device] +fn encrypted_volume(device: Storage) { + assert_eq!(Ok(()), device.lock()); assert_eq!(1, count_nitrokey_block_devices()); - assert!(device.disable_encrypted_volume().is_ok()); + assert_eq!(Ok(()), device.disable_encrypted_volume()); assert_eq!(1, count_nitrokey_block_devices()); assert_eq!( Err(CommandError::WrongPassword), device.enable_encrypted_volume("123") ); assert_eq!(1, count_nitrokey_block_devices()); - assert!(device.enable_encrypted_volume(USER_PASSWORD).is_ok()); + assert_eq!(Ok(()), device.enable_encrypted_volume(USER_PASSWORD)); assert_eq!(2, count_nitrokey_block_devices()); - assert!(device.disable_encrypted_volume().is_ok()); + assert_eq!(Ok(()), device.disable_encrypted_volume()); assert_eq!(1, count_nitrokey_block_devices()); } -#[test] -#[cfg_attr(not(feature = "test-storage"), ignore)] -fn lock() { - let device = Storage::connect().unwrap(); +#[test_device] +fn hidden_volume(device: Storage) { + assert_eq!(Ok(()), device.lock()); + + assert_eq!(1, count_nitrokey_block_devices()); + assert_eq!(Ok(()), device.disable_hidden_volume()); + assert_eq!(1, count_nitrokey_block_devices()); + + assert_eq!(Ok(()), device.enable_encrypted_volume(USER_PASSWORD)); + assert_eq!(2, count_nitrokey_block_devices()); + + // TODO: why this error code? + assert_eq!( + Err(CommandError::WrongPassword), + device.create_hidden_volume(5, 0, 100, "hiddenpw") + ); + assert_eq!(Ok(()), device.create_hidden_volume(0, 20, 21, "hidden-pw")); + assert_eq!( + Ok(()), + device.create_hidden_volume(0, 20, 21, "hiddenpassword") + ); + assert_eq!(Ok(()), device.create_hidden_volume(1, 0, 1, "otherpw")); + // TODO: test invalid range (not handled by libnitrokey) + assert_eq!(2, count_nitrokey_block_devices()); + + assert_eq!( + Err(CommandError::WrongPassword), + device.enable_hidden_volume("blubb") + ); + assert_eq!(Ok(()), device.enable_hidden_volume("hiddenpassword")); + assert_eq!(2, count_nitrokey_block_devices()); + assert_eq!(Ok(()), device.enable_hidden_volume("otherpw")); + assert_eq!(2, count_nitrokey_block_devices()); + + assert_eq!(Ok(()), device.disable_hidden_volume()); + assert_eq!(1, count_nitrokey_block_devices()); +} - assert!(device.enable_encrypted_volume(USER_PASSWORD).is_ok()); - assert!(device.lock().is_ok()); +#[test_device] +fn lock(device: Storage) { + assert_eq!(Ok(()), device.enable_encrypted_volume(USER_PASSWORD)); + assert_eq!(Ok(()), device.lock()); assert_eq!(1, count_nitrokey_block_devices()); } -#[test] -#[cfg_attr(not(feature = "test-storage"), ignore)] -fn get_storage_status() { - let device = Storage::connect().unwrap(); +#[test_device] +fn get_storage_status(device: Storage) { let status = device.get_status().unwrap(); assert!(status.serial_number_sd_card > 0); diff --git a/nitrokey/tests/otp.rs b/nitrokey/tests/otp.rs index c7d6e68..2b46088 100644 --- a/nitrokey/tests/otp.rs +++ b/nitrokey/tests/otp.rs @@ -1,12 +1,15 @@ mod util; +use std::fmt::Debug; use std::ops::Deref; use nitrokey::{ - Admin, Authenticate, CommandError, Config, ConfigureOtp, GenerateOtp, OtpMode, OtpSlotData, + Admin, Authenticate, CommandError, Config, ConfigureOtp, Device, GenerateOtp, OtpMode, + OtpSlotData, }; +use nitrokey_test::test as test_device; -use crate::util::{Target, ADMIN_PASSWORD, USER_PASSWORD}; +use crate::util::{ADMIN_PASSWORD, USER_PASSWORD}; // test suite according to RFC 4226, Appendix D static HOTP_SECRET: &str = "3132333435363738393031323334353637383930"; @@ -32,16 +35,19 @@ enum TotpTimestampSize { U64, } -fn get_admin_test_device() -> Admin<Target> { - Target::connect() - .expect("Could not connect to the Nitrokey.") +fn make_admin_test_device<T>(device: T) -> Admin<T> +where + T: Device, + (T, nitrokey::CommandError): Debug, +{ + device .authenticate_admin(ADMIN_PASSWORD) .expect("Could not login as admin.") } fn configure_hotp(admin: &ConfigureOtp, counter: u8) { let slot_data = OtpSlotData::new(1, "test-hotp", HOTP_SECRET, OtpMode::SixDigits); - assert!(admin.write_hotp_slot(slot_data, counter.into()).is_ok()); + assert_eq!(Ok(()), admin.write_hotp_slot(slot_data, counter.into())); } fn check_hotp_codes(device: &GenerateOtp, offset: u8) { @@ -53,22 +59,22 @@ fn check_hotp_codes(device: &GenerateOtp, offset: u8) { }); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn set_time() { - let device = Target::connect().expect("Could not connect to the Nitrokey."); +#[test_device] +fn set_time(device: DeviceWrapper) { assert_eq!(Ok(()), device.set_time(1546385382, true)); assert_eq!(Ok(()), device.set_time(1546385392, false)); - assert_eq!(Err(CommandError::Timestamp), device.set_time(1546385292, false)); + assert_eq!( + Err(CommandError::Timestamp), + device.set_time(1546385292, false) + ); assert_eq!(Ok(()), device.set_time(1546385382, true)); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn hotp_no_pin() { - let admin = get_admin_test_device(); +#[test_device] +fn hotp_no_pin(device: DeviceWrapper) { + let admin = make_admin_test_device(device); let config = Config::new(None, None, None, false); - assert!(admin.write_config(config).is_ok()); + assert_eq!(Ok(()), admin.write_config(config)); configure_hotp(&admin, 0); check_hotp_codes(admin.deref(), 0); @@ -80,12 +86,11 @@ fn hotp_no_pin() { check_hotp_codes(&admin.device(), 0); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn hotp_pin() { - let admin = get_admin_test_device(); +#[test_device] +fn hotp_pin(device: DeviceWrapper) { + let admin = make_admin_test_device(device); let config = Config::new(None, None, None, true); - assert!(admin.write_config(config).is_ok()); + assert_eq!(Ok(()), admin.write_config(config)); configure_hotp(&admin, 0); let user = admin.device().authenticate_user(USER_PASSWORD).unwrap(); @@ -94,12 +99,11 @@ fn hotp_pin() { assert!(user.device().get_hotp_code(1).is_err()); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn hotp_slot_name() { - let admin = get_admin_test_device(); +#[test_device] +fn hotp_slot_name(device: DeviceWrapper) { + let admin = make_admin_test_device(device); let slot_data = OtpSlotData::new(1, "test-hotp", HOTP_SECRET, OtpMode::SixDigits); - assert!(admin.write_hotp_slot(slot_data, 0).is_ok()); + assert_eq!(Ok(()), admin.write_hotp_slot(slot_data, 0)); let device = admin.device(); let result = device.get_hotp_slot_name(1); @@ -108,10 +112,9 @@ fn hotp_slot_name() { assert_eq!(CommandError::InvalidSlot, result.unwrap_err()); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn hotp_error() { - let admin = get_admin_test_device(); +#[test_device] +fn hotp_error(device: DeviceWrapper) { + let admin = make_admin_test_device(device); let slot_data = OtpSlotData::new(1, "", HOTP_SECRET, OtpMode::SixDigits); assert_eq!( Err(CommandError::NoName), @@ -126,18 +129,17 @@ fn hotp_error() { assert_eq!(CommandError::InvalidSlot, code.unwrap_err()); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn hotp_erase() { - let admin = get_admin_test_device(); +#[test_device] +fn hotp_erase(device: DeviceWrapper) { + let admin = make_admin_test_device(device); let config = Config::new(None, None, None, false); - assert!(admin.write_config(config).is_ok()); + assert_eq!(Ok(()), admin.write_config(config)); let slot_data = OtpSlotData::new(1, "test1", HOTP_SECRET, OtpMode::SixDigits); - assert!(admin.write_hotp_slot(slot_data, 0).is_ok()); + assert_eq!(Ok(()), admin.write_hotp_slot(slot_data, 0)); let slot_data = OtpSlotData::new(2, "test2", HOTP_SECRET, OtpMode::SixDigits); - assert!(admin.write_hotp_slot(slot_data, 0).is_ok()); + assert_eq!(Ok(()), admin.write_hotp_slot(slot_data, 0)); - assert!(admin.erase_hotp_slot(1).is_ok()); + assert_eq!(Ok(()), admin.erase_hotp_slot(1)); let device = admin.device(); let result = device.get_hotp_slot_name(1); @@ -151,7 +153,7 @@ fn hotp_erase() { fn configure_totp(admin: &ConfigureOtp, factor: u64) { let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits); let time_window = 30u64.checked_mul(factor).unwrap(); - assert!(admin.write_totp_slot(slot_data, time_window as u16).is_ok()); + assert_eq!(Ok(()), admin.write_totp_slot(slot_data, time_window as u16)); } fn check_totp_codes(device: &GenerateOtp, factor: u64, timestamp_size: TotpTimestampSize) { @@ -162,7 +164,7 @@ fn check_totp_codes(device: &GenerateOtp, factor: u64, timestamp_size: TotpTimes continue; } - assert!(device.set_time(time, true).is_ok()); + assert_eq!(Ok(()), device.set_time(time, true)); let result = device.get_totp_code(1); assert!(result.is_ok()); let result_code = result.unwrap(); @@ -174,13 +176,12 @@ fn check_totp_codes(device: &GenerateOtp, factor: u64, timestamp_size: TotpTimes } } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn totp_no_pin() { +#[test_device] +fn totp_no_pin(device: DeviceWrapper) { // TODO: this test may fail due to bad timing --> find solution - let admin = get_admin_test_device(); + let admin = make_admin_test_device(device); let config = Config::new(None, None, None, false); - assert!(admin.write_config(config).is_ok()); + assert_eq!(Ok(()), admin.write_config(config)); configure_totp(&admin, 1); check_totp_codes(admin.deref(), 1, TotpTimestampSize::U32); @@ -192,15 +193,13 @@ fn totp_no_pin() { check_totp_codes(&admin.device(), 1, TotpTimestampSize::U32); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -#[cfg_attr(feature = "test-storage", should_panic(expected = "assertion failed"))] -// Nitrokey Storage does only support timestamps that fit in a 32-bit unsigned integer. Therefore -// the last RFC test case is expected to fail. -fn totp_no_pin_64() { - let admin = get_admin_test_device(); +#[test_device] +// Nitrokey Storage does only support timestamps that fit in a 32-bit +// unsigned integer, so don't test with it. +fn totp_no_pin_64(device: Pro) { + let admin = make_admin_test_device(device); let config = Config::new(None, None, None, false); - assert!(admin.write_config(config).is_ok()); + assert_eq!(Ok(()), admin.write_config(config)); configure_totp(&admin, 1); check_totp_codes(admin.deref(), 1, TotpTimestampSize::U64); @@ -212,13 +211,12 @@ fn totp_no_pin_64() { check_totp_codes(&admin.device(), 1, TotpTimestampSize::U64); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn totp_pin() { +#[test_device] +fn totp_pin(device: DeviceWrapper) { // TODO: this test may fail due to bad timing --> find solution - let admin = get_admin_test_device(); + let admin = make_admin_test_device(device); let config = Config::new(None, None, None, true); - assert!(admin.write_config(config).is_ok()); + assert_eq!(Ok(()), admin.write_config(config)); configure_totp(&admin, 1); let user = admin.device().authenticate_user(USER_PASSWORD).unwrap(); @@ -227,14 +225,12 @@ fn totp_pin() { assert!(user.device().get_totp_code(1).is_err()); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -#[cfg_attr(feature = "test-storage", should_panic(expected = "assertion failed"))] +#[test_device] // See comment for totp_no_pin_64. -fn totp_pin_64() { - let admin = get_admin_test_device(); +fn totp_pin_64(device: Pro) { + let admin = make_admin_test_device(device); let config = Config::new(None, None, None, true); - assert!(admin.write_config(config).is_ok()); + assert_eq!(Ok(()), admin.write_config(config)); configure_totp(&admin, 1); let user = admin.device().authenticate_user(USER_PASSWORD).unwrap(); @@ -243,12 +239,11 @@ fn totp_pin_64() { assert!(user.device().get_totp_code(1).is_err()); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn totp_slot_name() { - let admin = get_admin_test_device(); +#[test_device] +fn totp_slot_name(device: DeviceWrapper) { + let admin = make_admin_test_device(device); let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits); - assert!(admin.write_totp_slot(slot_data, 0).is_ok()); + assert_eq!(Ok(()), admin.write_totp_slot(slot_data, 0)); let device = admin.device(); let result = device.get_totp_slot_name(1); @@ -258,10 +253,9 @@ fn totp_slot_name() { assert_eq!(CommandError::InvalidSlot, result.unwrap_err()); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn totp_error() { - let admin = get_admin_test_device(); +#[test_device] +fn totp_error(device: DeviceWrapper) { + let admin = make_admin_test_device(device); let slot_data = OtpSlotData::new(1, "", HOTP_SECRET, OtpMode::SixDigits); assert_eq!( Err(CommandError::NoName), @@ -276,18 +270,17 @@ fn totp_error() { assert_eq!(CommandError::InvalidSlot, code.unwrap_err()); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn totp_erase() { - let admin = get_admin_test_device(); +#[test_device] +fn totp_erase(device: DeviceWrapper) { + let admin = make_admin_test_device(device); let config = Config::new(None, None, None, false); - assert!(admin.write_config(config).is_ok()); + assert_eq!(Ok(()), admin.write_config(config)); let slot_data = OtpSlotData::new(1, "test1", TOTP_SECRET, OtpMode::SixDigits); - assert!(admin.write_totp_slot(slot_data, 0).is_ok()); + assert_eq!(Ok(()), admin.write_totp_slot(slot_data, 0)); let slot_data = OtpSlotData::new(2, "test2", TOTP_SECRET, OtpMode::SixDigits); - assert!(admin.write_totp_slot(slot_data, 0).is_ok()); + assert_eq!(Ok(()), admin.write_totp_slot(slot_data, 0)); - assert!(admin.erase_totp_slot(1).is_ok()); + assert_eq!(Ok(()), admin.erase_totp_slot(1)); let device = admin.device(); let result = device.get_totp_slot_name(1); diff --git a/nitrokey/tests/pws.rs b/nitrokey/tests/pws.rs index 5061298..b349558 100644 --- a/nitrokey/tests/pws.rs +++ b/nitrokey/tests/pws.rs @@ -5,8 +5,9 @@ use std::ffi::CStr; use libc::{c_int, c_void, free}; use nitrokey::{CommandError, Device, GetPasswordSafe, PasswordSafe, SLOT_COUNT}; use nitrokey_sys; +use nitrokey_test::test as test_device; -use crate::util::{Target, ADMIN_PASSWORD, USER_PASSWORD}; +use crate::util::{ADMIN_PASSWORD, USER_PASSWORD}; fn get_slot_name_direct(slot: u8) -> Result<String, CommandError> { let ptr = unsafe { nitrokey_sys::NK_get_password_safe_slot_name(slot) }; @@ -27,14 +28,15 @@ fn get_slot_name_direct(slot: u8) -> Result<String, CommandError> { } } -fn get_pws(device: &Target) -> PasswordSafe { +fn get_pws<T>(device: &T) -> PasswordSafe +where + T: Device, +{ device.get_password_safe(USER_PASSWORD).unwrap() } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn enable() { - let device = Target::connect().unwrap(); +#[test_device] +fn enable(device: DeviceWrapper) { assert!(device .get_password_safe(&(USER_PASSWORD.to_owned() + "123")) .is_err()); @@ -43,59 +45,53 @@ fn enable() { assert!(device.get_password_safe(USER_PASSWORD).is_ok()); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn drop() { - let device = Target::connect().unwrap(); +#[test_device] +fn drop(device: DeviceWrapper) { { let pws = get_pws(&device); - assert!(pws.write_slot(1, "name", "login", "password").is_ok()); + assert_eq!(Ok(()), pws.write_slot(1, "name", "login", "password")); assert_eq!("name", pws.get_slot_name(1).unwrap()); let result = get_slot_name_direct(1); assert_eq!(Ok(String::from("name")), result); } let result = get_slot_name_direct(1); assert_eq!(Ok(String::from("name")), result); - assert!(device.lock().is_ok()); + assert_eq!(Ok(()), device.lock()); let result = get_slot_name_direct(1); assert_eq!(Err(CommandError::NotAuthorized), result); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn get_status() { - let device = Target::connect().unwrap(); +#[test_device] +fn get_status(device: DeviceWrapper) { let pws = get_pws(&device); for i in 0..SLOT_COUNT { - assert!(pws.erase_slot(i).is_ok(), "Could not erase slot {}", i); + assert_eq!(Ok(()), pws.erase_slot(i), "Could not erase slot {}", i); } let status = pws.get_slot_status().unwrap(); assert_eq!(status, [false; SLOT_COUNT as usize]); - assert!(pws.write_slot(1, "name", "login", "password").is_ok()); + assert_eq!(Ok(()), pws.write_slot(1, "name", "login", "password")); let status = pws.get_slot_status().unwrap(); for i in 0..SLOT_COUNT { assert_eq!(i == 1, status[i as usize]); } for i in 0..SLOT_COUNT { - assert!(pws.write_slot(i, "name", "login", "password").is_ok()); + assert_eq!(Ok(()), pws.write_slot(i, "name", "login", "password")); } let status = pws.get_slot_status().unwrap(); assert_eq!(status, [true; SLOT_COUNT as usize]); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn get_data() { - let device = Target::connect().unwrap(); +#[test_device] +fn get_data(device: DeviceWrapper) { let pws = get_pws(&device); - assert!(pws.write_slot(1, "name", "login", "password").is_ok()); + assert_eq!(Ok(()), pws.write_slot(1, "name", "login", "password")); assert_eq!("name", pws.get_slot_name(1).unwrap()); assert_eq!("login", pws.get_slot_login(1).unwrap()); assert_eq!("password", pws.get_slot_password(1).unwrap()); - assert!(pws.erase_slot(1).is_ok()); + assert_eq!(Ok(()), pws.erase_slot(1)); // TODO: check error codes assert_eq!(Err(CommandError::Undefined), pws.get_slot_name(1)); assert_eq!(Err(CommandError::Undefined), pws.get_slot_login(1)); @@ -104,7 +100,7 @@ fn get_data() { let name = "with å"; let login = "pär@test.com"; let password = "'i3lJc[09?I:,[u7dWz9"; - assert!(pws.write_slot(1, name, login, password).is_ok()); + assert_eq!(Ok(()), pws.write_slot(1, name, login, password)); assert_eq!(name, pws.get_slot_name(1).unwrap()); assert_eq!(login, pws.get_slot_login(1).unwrap()); assert_eq!(password, pws.get_slot_password(1).unwrap()); @@ -123,10 +119,8 @@ fn get_data() { ); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn write() { - let device = Target::connect().unwrap(); +#[test_device] +fn write(device: DeviceWrapper) { let pws = get_pws(&device); assert_eq!( @@ -134,31 +128,29 @@ fn write() { pws.write_slot(SLOT_COUNT, "name", "login", "password") ); - assert!(pws.write_slot(0, "", "login", "password").is_ok()); + assert_eq!(Ok(()), pws.write_slot(0, "", "login", "password")); assert_eq!(Err(CommandError::Undefined), pws.get_slot_name(0)); assert_eq!(Ok(String::from("login")), pws.get_slot_login(0)); assert_eq!(Ok(String::from("password")), pws.get_slot_password(0)); - assert!(pws.write_slot(0, "name", "", "password").is_ok()); + assert_eq!(Ok(()), pws.write_slot(0, "name", "", "password")); assert_eq!(Ok(String::from("name")), pws.get_slot_name(0)); assert_eq!(Err(CommandError::Undefined), pws.get_slot_login(0)); assert_eq!(Ok(String::from("password")), pws.get_slot_password(0)); - assert!(pws.write_slot(0, "name", "login", "").is_ok()); + assert_eq!(Ok(()), pws.write_slot(0, "name", "login", "")); assert_eq!(Ok(String::from("name")), pws.get_slot_name(0)); assert_eq!(Ok(String::from("login")), pws.get_slot_login(0)); assert_eq!(Err(CommandError::Undefined), pws.get_slot_password(0)); } -#[test] -#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] -fn erase() { - let device = Target::connect().unwrap(); +#[test_device] +fn erase(device: DeviceWrapper) { let pws = get_pws(&device); assert_eq!(Err(CommandError::InvalidSlot), pws.erase_slot(SLOT_COUNT)); - assert!(pws.write_slot(0, "name", "login", "password").is_ok()); - assert!(pws.erase_slot(0).is_ok()); - assert!(pws.erase_slot(0).is_ok()); + assert_eq!(Ok(()), pws.write_slot(0, "name", "login", "password")); + assert_eq!(Ok(()), pws.erase_slot(0)); + assert_eq!(Ok(()), pws.erase_slot(0)); assert_eq!(Err(CommandError::Undefined), pws.get_slot_name(0)); } diff --git a/nitrokey/tests/util/mod.rs b/nitrokey/tests/util/mod.rs index 5e495d8..1e522fd 100644 --- a/nitrokey/tests/util/mod.rs +++ b/nitrokey/tests/util/mod.rs @@ -1,9 +1,3 @@ pub static ADMIN_PASSWORD: &str = "12345678"; pub static UPDATE_PIN: &str = "12345678"; pub static USER_PASSWORD: &str = "123456"; - -#[cfg(not(feature = "test-storage"))] -pub type Target = nitrokey::Pro; - -#[cfg(feature = "test-storage")] -pub type Target = nitrokey::Storage; |