aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin Krahl <robin.krahl@ireas.org>2019-01-16 19:35:50 +0000
committerRobin Krahl <robin.krahl@ireas.org>2019-01-16 21:22:31 +0100
commitd3a103bc25e5f37a42a19515ad25e5a8e5995b36 (patch)
treef2c4d98eaae40d77f64ed6c90e0d1f49928e2b1a
parent79a3298ab5973a47cb68ef48e554ec88fb7e99a6 (diff)
downloadnitrokey-rs-d3a103bc25e5f37a42a19515ad25e5a8e5995b36.tar.gz
nitrokey-rs-d3a103bc25e5f37a42a19515ad25e5a8e5995b36.tar.bz2
Make device::factory_reset test more robust
The device::factory_reset test used to first change the PINs and then access the PWS and the OTP data. If for example the PWS access failed due to an problem with the AES key, the PINs were not reset. Now we perform the PWS and OTP access with the old PINs – which is okay as we do not want to test the PIN change but the factory reset. If these preparations fail, the tests is cancelled before the PINs are changed.
-rw-r--r--tests/device.rs18
1 files changed, 9 insertions, 9 deletions
diff --git a/tests/device.rs b/tests/device.rs
index 9e2bba2..7dea000 100644
--- a/tests/device.rs
+++ b/tests/device.rs
@@ -260,6 +260,15 @@ fn unlock_user_pin(device: DeviceWrapper) {
#[test_device]
fn factory_reset(device: DeviceWrapper) {
+ let admin = device.authenticate_admin(ADMIN_PASSWORD).unwrap();
+ let otp_data = OtpSlotData::new(1, "test", "0123468790", OtpMode::SixDigits);
+ assert_eq!(Ok(()), admin.write_totp_slot(otp_data, 30));
+
+ let device = admin.device();
+ let pws = device.get_password_safe(USER_PASSWORD).unwrap();
+ assert_eq!(Ok(()), pws.write_slot(0, "test", "testlogin", "testpw"));
+ drop(pws);
+
assert_eq!(
Ok(()),
device.change_user_pin(USER_PASSWORD, USER_NEW_PASSWORD)
@@ -269,15 +278,6 @@ fn factory_reset(device: DeviceWrapper) {
device.change_admin_pin(ADMIN_PASSWORD, ADMIN_NEW_PASSWORD)
);
- let admin = device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap();
- let otp_data = OtpSlotData::new(1, "test", "0123468790", OtpMode::SixDigits);
- assert_eq!(Ok(()), admin.write_totp_slot(otp_data, 30));
-
- let device = admin.device();
- let pws = device.get_password_safe(USER_NEW_PASSWORD).unwrap();
- assert_eq!(Ok(()), pws.write_slot(0, "test", "testlogin", "testpw"));
- drop(pws);
-
assert_eq!(
Err(CommandError::WrongPassword),
device.factory_reset(USER_NEW_PASSWORD)