diff options
author | Robin Krahl <robin.krahl@ireas.org> | 2019-01-03 13:50:15 +0000 |
---|---|---|
committer | Robin Krahl <robin.krahl@ireas.org> | 2019-01-03 14:53:06 +0100 |
commit | 0a7a62c9af15b11e5dbfad1900ac89924457b272 (patch) | |
tree | e77735813562d284ce617663016cb2319f6276e2 /tests | |
parent | d60e03b46a6af75056f07394ef66ecaa35f32d77 (diff) | |
download | nitrokey-rs-0a7a62c9af15b11e5dbfad1900ac89924457b272.tar.gz nitrokey-rs-0a7a62c9af15b11e5dbfad1900ac89924457b272.tar.bz2 |
Add Device::factory_reset method
This patch adds the factory_reset_method to the Device trait that uses
the NK_factory_reset function to perform a factory reset. The tests
verify that the user and admin PIN are reset and that the OTP storage
and the password safe are deleted.
Diffstat (limited to 'tests')
-rw-r--r-- | tests/device.rs | 60 |
1 files changed, 57 insertions, 3 deletions
diff --git a/tests/device.rs b/tests/device.rs index a225d2d..363b8d8 100644 --- a/tests/device.rs +++ b/tests/device.rs @@ -4,9 +4,12 @@ use std::ffi::CStr; use std::process::Command; use std::{thread, time}; -use nitrokey::{Authenticate, CommandError, Config, Device, Storage}; +use nitrokey::{ + Authenticate, CommandError, Config, ConfigureOtp, Device, GenerateOtp, GetPasswordSafe, + OtpMode, OtpSlotData, Storage, +}; -use crate::util::{Target, ADMIN_PASSWORD, USER_PASSWORD, UPDATE_PIN}; +use crate::util::{Target, ADMIN_PASSWORD, UPDATE_PIN, USER_PASSWORD}; static ADMIN_NEW_PASSWORD: &str = "1234567890"; static UPDATE_NEW_PIN: &str = "87654321"; @@ -296,11 +299,62 @@ fn unlock_user_pin() { } #[test] +#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)] +fn factory_reset() { + let device = Target::connect().unwrap(); + + assert_eq!( + Ok(()), + device.change_user_pin(USER_PASSWORD, USER_NEW_PASSWORD) + ); + assert_eq!( + Ok(()), + device.change_admin_pin(ADMIN_PASSWORD, ADMIN_NEW_PASSWORD) + ); + + let admin = device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap(); + let otp_data = OtpSlotData::new(1, "test", "0123468790", OtpMode::SixDigits); + assert_eq!(Ok(()), admin.write_totp_slot(otp_data, 30)); + + let device = admin.device(); + let pws = device.get_password_safe(USER_NEW_PASSWORD).unwrap(); + assert_eq!(Ok(()), pws.write_slot(0, "test", "testlogin", "testpw")); + drop(pws); + + assert_eq!( + Err(CommandError::WrongPassword), + device.factory_reset(USER_NEW_PASSWORD) + ); + assert_eq!( + Err(CommandError::WrongPassword), + device.factory_reset(ADMIN_PASSWORD) + ); + assert_eq!(Ok(()), device.factory_reset(ADMIN_NEW_PASSWORD)); + + let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap().device(); + + let user = device.authenticate_user(USER_PASSWORD).unwrap(); + assert_eq!( + Err(CommandError::SlotNotProgrammed), + user.get_totp_slot_name(1) + ); + + let device = user.device(); + let pws = device.get_password_safe(USER_PASSWORD).unwrap(); + assert_ne!("test".to_string(), pws.get_slot_name(0).unwrap()); + assert_ne!("testlogin".to_string(), pws.get_slot_login(0).unwrap()); + assert_ne!("testpw".to_string(), pws.get_slot_password(0).unwrap()); +} + +#[test] #[cfg_attr(not(feature = "test-storage"), ignore)] fn change_update_pin() { let device = Storage::connect().unwrap(); - assert_eq!(Err(CommandError::WrongPassword), device.change_update_pin(UPDATE_NEW_PIN, UPDATE_PIN)); + assert_eq!( + Err(CommandError::WrongPassword), + device.change_update_pin(UPDATE_NEW_PIN, UPDATE_PIN) + ); assert_eq!(Ok(()), device.change_update_pin(UPDATE_PIN, UPDATE_NEW_PIN)); assert_eq!(Ok(()), device.change_update_pin(UPDATE_NEW_PIN, UPDATE_PIN)); } |