aboutsummaryrefslogtreecommitdiff
path: root/nitrokey/tests/otp.rs
diff options
context:
space:
mode:
Diffstat (limited to 'nitrokey/tests/otp.rs')
-rw-r--r--nitrokey/tests/otp.rs139
1 files changed, 66 insertions, 73 deletions
diff --git a/nitrokey/tests/otp.rs b/nitrokey/tests/otp.rs
index 712f7a2..e424673 100644
--- a/nitrokey/tests/otp.rs
+++ b/nitrokey/tests/otp.rs
@@ -1,11 +1,14 @@
+// Copyright (C) 2018-2019 Robin Krahl <robin.krahl@ireas.org>
+// SPDX-License-Identifier: MIT
+
mod util;
use std::fmt::Debug;
use std::ops::Deref;
use nitrokey::{
- Admin, Authenticate, CommandError, Config, ConfigureOtp, Device, GenerateOtp, OtpMode,
- OtpSlotData,
+ Admin, Authenticate, CommandError, Config, ConfigureOtp, Device, GenerateOtp, LibraryError,
+ OtpMode, OtpSlotData,
};
use nitrokey_test::test as test_device;
@@ -20,13 +23,13 @@ static HOTP_CODES: &[&str] = &[
// test suite according to RFC 6238, Appendix B
static TOTP_SECRET: &str = "3132333435363738393031323334353637383930";
-static TOTP_CODES: &[(u64, &str)] = &[
- (59, "94287082"),
- (1111111109, "07081804"),
- (1111111111, "14050471"),
- (1234567890, "89005924"),
- (2000000000, "69279037"),
- (20000000000, "65353130"),
+static TOTP_CODES: &[(u64, &[&str])] = &[
+ (59, &["94287082", "37359152"]),
+ (1111111109, &["07081804"]),
+ (1111111111, &["14050471"]),
+ (1234567890, &["89005924"]),
+ (2000000000, &["69279037"]),
+ (20000000000, &["65353130"]),
];
#[derive(PartialEq)]
@@ -38,7 +41,7 @@ enum TotpTimestampSize {
fn make_admin_test_device<T>(device: T) -> Admin<T>
where
T: Device,
- (T, nitrokey::CommandError): Debug,
+ (T, nitrokey::Error): Debug,
{
device
.authenticate_admin(ADMIN_PASSWORD)
@@ -47,7 +50,7 @@ where
fn configure_hotp(admin: &ConfigureOtp, counter: u8) {
let slot_data = OtpSlotData::new(1, "test-hotp", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(Ok(()), admin.write_hotp_slot(slot_data, counter.into()));
+ assert_ok!((), admin.write_hotp_slot(slot_data, counter.into()));
}
fn check_hotp_codes(device: &GenerateOtp, offset: u8) {
@@ -61,20 +64,17 @@ fn check_hotp_codes(device: &GenerateOtp, offset: u8) {
#[test_device]
fn set_time(device: DeviceWrapper) {
- assert_eq!(Ok(()), device.set_time(1546385382, true));
- assert_eq!(Ok(()), device.set_time(1546385392, false));
- assert_eq!(
- Err(CommandError::Timestamp),
- device.set_time(1546385292, false)
- );
- assert_eq!(Ok(()), device.set_time(1546385382, true));
+ assert_ok!((), device.set_time(1546385382, true));
+ assert_ok!((), device.set_time(1546385392, false));
+ assert_cmd_err!(CommandError::Timestamp, device.set_time(1546385292, false));
+ assert_ok!((), device.set_time(1546385382, true));
}
#[test_device]
fn hotp_no_pin(device: DeviceWrapper) {
let admin = make_admin_test_device(device);
let config = Config::new(None, None, None, false);
- assert_eq!(Ok(()), admin.write_config(config));
+ assert_ok!((), admin.write_config(config));
configure_hotp(&admin, 0);
check_hotp_codes(admin.deref(), 0);
@@ -90,67 +90,64 @@ fn hotp_no_pin(device: DeviceWrapper) {
fn hotp_pin(device: DeviceWrapper) {
let admin = make_admin_test_device(device);
let config = Config::new(None, None, None, true);
- assert_eq!(Ok(()), admin.write_config(config));
+ assert_ok!((), admin.write_config(config));
configure_hotp(&admin, 0);
let user = admin.device().authenticate_user(USER_PASSWORD).unwrap();
check_hotp_codes(&user, 0);
- assert!(user.device().get_hotp_code(1).is_err());
+ assert_cmd_err!(CommandError::NotAuthorized, user.device().get_hotp_code(1));
}
#[test_device]
fn hotp_slot_name(device: DeviceWrapper) {
let admin = make_admin_test_device(device);
let slot_data = OtpSlotData::new(1, "test-hotp", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(Ok(()), admin.write_hotp_slot(slot_data, 0));
+ assert_ok!((), admin.write_hotp_slot(slot_data, 0));
let device = admin.device();
let result = device.get_hotp_slot_name(1);
assert_eq!("test-hotp", result.unwrap());
let result = device.get_hotp_slot_name(4);
- assert_eq!(CommandError::InvalidSlot, result.unwrap_err());
+ assert_lib_err!(LibraryError::InvalidSlot, result);
}
#[test_device]
fn hotp_error(device: DeviceWrapper) {
let admin = make_admin_test_device(device);
let slot_data = OtpSlotData::new(1, "", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(
- Err(CommandError::NoName),
- admin.write_hotp_slot(slot_data, 0)
- );
+ assert_cmd_err!(CommandError::NoName, admin.write_hotp_slot(slot_data, 0));
let slot_data = OtpSlotData::new(4, "test", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(
- Err(CommandError::InvalidSlot),
+ assert_lib_err!(
+ LibraryError::InvalidSlot,
admin.write_hotp_slot(slot_data, 0)
);
let slot_data = OtpSlotData::new(1, "test", "foobar", OtpMode::SixDigits);
- assert_eq!(
- Err(CommandError::InvalidHexString),
+ assert_lib_err!(
+ LibraryError::InvalidHexString,
admin.write_hotp_slot(slot_data, 0)
);
let code = admin.get_hotp_code(4);
- assert_eq!(CommandError::InvalidSlot, code.unwrap_err());
+ assert_lib_err!(LibraryError::InvalidSlot, code);
}
#[test_device]
fn hotp_erase(device: DeviceWrapper) {
let admin = make_admin_test_device(device);
let config = Config::new(None, None, None, false);
- assert_eq!(Ok(()), admin.write_config(config));
+ assert_ok!((), admin.write_config(config));
let slot_data = OtpSlotData::new(1, "test1", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(Ok(()), admin.write_hotp_slot(slot_data, 0));
+ assert_ok!((), admin.write_hotp_slot(slot_data, 0));
let slot_data = OtpSlotData::new(2, "test2", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(Ok(()), admin.write_hotp_slot(slot_data, 0));
+ assert_ok!((), admin.write_hotp_slot(slot_data, 0));
- assert_eq!(Ok(()), admin.erase_hotp_slot(1));
+ assert_ok!((), admin.erase_hotp_slot(1));
let device = admin.device();
let result = device.get_hotp_slot_name(1);
- assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err());
+ assert_cmd_err!(CommandError::SlotNotProgrammed, result);
let result = device.get_hotp_code(1);
- assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err());
+ assert_cmd_err!(CommandError::SlotNotProgrammed, result);
assert_eq!("test2", device.get_hotp_slot_name(2).unwrap());
}
@@ -158,25 +155,25 @@ fn hotp_erase(device: DeviceWrapper) {
fn configure_totp(admin: &ConfigureOtp, factor: u64) {
let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits);
let time_window = 30u64.checked_mul(factor).unwrap();
- assert_eq!(Ok(()), admin.write_totp_slot(slot_data, time_window as u16));
+ assert_ok!((), admin.write_totp_slot(slot_data, time_window as u16));
}
fn check_totp_codes(device: &GenerateOtp, factor: u64, timestamp_size: TotpTimestampSize) {
- for (i, &(base_time, code)) in TOTP_CODES.iter().enumerate() {
+ for (base_time, codes) in TOTP_CODES {
let time = base_time.checked_mul(factor).unwrap();
let is_u64 = time > u32::max_value() as u64;
if is_u64 != (timestamp_size == TotpTimestampSize::U64) {
continue;
}
- assert_eq!(Ok(()), device.set_time(time, true));
- let result = device.get_totp_code(1);
- assert!(result.is_ok());
- let result_code = result.unwrap();
- assert_eq!(
- code, result_code,
- "TOTP code {} should be {} but is {}",
- i, code, result_code
+ assert_ok!((), device.set_time(time, true));
+ let code = device.get_totp_code(1).unwrap();
+ assert!(
+ code.contains(&code),
+ "Generated TOTP code {} for {}, but expected one of {}",
+ code,
+ base_time,
+ codes.join(", ")
);
}
}
@@ -186,7 +183,7 @@ fn totp_no_pin(device: DeviceWrapper) {
// TODO: this test may fail due to bad timing --> find solution
let admin = make_admin_test_device(device);
let config = Config::new(None, None, None, false);
- assert_eq!(Ok(()), admin.write_config(config));
+ assert_ok!((), admin.write_config(config));
configure_totp(&admin, 1);
check_totp_codes(admin.deref(), 1, TotpTimestampSize::U32);
@@ -204,7 +201,7 @@ fn totp_no_pin(device: DeviceWrapper) {
fn totp_no_pin_64(device: Pro) {
let admin = make_admin_test_device(device);
let config = Config::new(None, None, None, false);
- assert_eq!(Ok(()), admin.write_config(config));
+ assert_ok!((), admin.write_config(config));
configure_totp(&admin, 1);
check_totp_codes(admin.deref(), 1, TotpTimestampSize::U64);
@@ -221,13 +218,13 @@ fn totp_pin(device: DeviceWrapper) {
// TODO: this test may fail due to bad timing --> find solution
let admin = make_admin_test_device(device);
let config = Config::new(None, None, None, true);
- assert_eq!(Ok(()), admin.write_config(config));
+ assert_ok!((), admin.write_config(config));
configure_totp(&admin, 1);
let user = admin.device().authenticate_user(USER_PASSWORD).unwrap();
check_totp_codes(&user, 1, TotpTimestampSize::U32);
- assert!(user.device().get_totp_code(1).is_err());
+ assert_cmd_err!(CommandError::NotAuthorized, user.device().get_totp_code(1));
}
#[test_device]
@@ -235,68 +232,64 @@ fn totp_pin(device: DeviceWrapper) {
fn totp_pin_64(device: Pro) {
let admin = make_admin_test_device(device);
let config = Config::new(None, None, None, true);
- assert_eq!(Ok(()), admin.write_config(config));
+ assert_ok!((), admin.write_config(config));
configure_totp(&admin, 1);
let user = admin.device().authenticate_user(USER_PASSWORD).unwrap();
check_totp_codes(&user, 1, TotpTimestampSize::U64);
- assert!(user.device().get_totp_code(1).is_err());
+ assert_cmd_err!(CommandError::NotAuthorized, user.device().get_totp_code(1));
}
#[test_device]
fn totp_slot_name(device: DeviceWrapper) {
let admin = make_admin_test_device(device);
let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits);
- assert_eq!(Ok(()), admin.write_totp_slot(slot_data, 0));
+ assert_ok!((), admin.write_totp_slot(slot_data, 0));
let device = admin.device();
let result = device.get_totp_slot_name(1);
- assert!(result.is_ok());
- assert_eq!("test-totp", result.unwrap());
+ assert_ok!("test-totp", result);
let result = device.get_totp_slot_name(16);
- assert_eq!(CommandError::InvalidSlot, result.unwrap_err());
+ assert_lib_err!(LibraryError::InvalidSlot, result);
}
#[test_device]
fn totp_error(device: DeviceWrapper) {
let admin = make_admin_test_device(device);
let slot_data = OtpSlotData::new(1, "", TOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(
- Err(CommandError::NoName),
- admin.write_totp_slot(slot_data, 0)
- );
+ assert_cmd_err!(CommandError::NoName, admin.write_totp_slot(slot_data, 0));
let slot_data = OtpSlotData::new(20, "test", TOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(
- Err(CommandError::InvalidSlot),
+ assert_lib_err!(
+ LibraryError::InvalidSlot,
admin.write_totp_slot(slot_data, 0)
);
let slot_data = OtpSlotData::new(4, "test", "foobar", OtpMode::SixDigits);
- assert_eq!(
- Err(CommandError::InvalidHexString),
+ assert_lib_err!(
+ LibraryError::InvalidHexString,
admin.write_totp_slot(slot_data, 0)
);
let code = admin.get_totp_code(20);
- assert_eq!(CommandError::InvalidSlot, code.unwrap_err());
+ assert_lib_err!(LibraryError::InvalidSlot, code);
}
#[test_device]
fn totp_erase(device: DeviceWrapper) {
let admin = make_admin_test_device(device);
let config = Config::new(None, None, None, false);
- assert_eq!(Ok(()), admin.write_config(config));
+ assert_ok!((), admin.write_config(config));
let slot_data = OtpSlotData::new(1, "test1", TOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(Ok(()), admin.write_totp_slot(slot_data, 0));
+ assert_ok!((), admin.write_totp_slot(slot_data, 0));
let slot_data = OtpSlotData::new(2, "test2", TOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(Ok(()), admin.write_totp_slot(slot_data, 0));
+ assert_ok!((), admin.write_totp_slot(slot_data, 0));
- assert_eq!(Ok(()), admin.erase_totp_slot(1));
+ assert_ok!((), admin.erase_totp_slot(1));
let device = admin.device();
let result = device.get_totp_slot_name(1);
- assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err());
+ assert_cmd_err!(CommandError::SlotNotProgrammed, result);
let result = device.get_totp_code(1);
- assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err());
+ assert_cmd_err!(CommandError::SlotNotProgrammed, result);
assert_eq!("test2", device.get_totp_slot_name(2).unwrap());
}
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-05 21:36:59 +0000