diff options
| -rw-r--r-- | CHANGELOG.md | 1 | ||||
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | TODO.md | 1 | ||||
| -rw-r--r-- | tests/otp.rs | 25 | 
4 files changed, 17 insertions, 12 deletions
| diff --git a/CHANGELOG.md b/CHANGELOG.md index 49ff8fc..b9983ed 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -30,6 +30,7 @@ SPDX-License-Identifier: MIT    - Return `Result<Version>` instead of `Version` from `get_library_version`.    - Return `Error::Utf8Error` if libnitrokey returns an invalid UTF-8 string.  - Implement `From<(T: Device, Error)>` for `Error`. +- Fix timing issues with the `totp_no_pin` and `totp_pin` test cases.  # v0.3.4 (2019-01-20)  - Fix authentication methods that assumed that `char` is signed. @@ -60,8 +60,6 @@ an AES key has been built.  Some tests will overwrite the data stored on the  Nitrokey device or perform a factory reset.  Never execute the tests if you  unless yout want to destroy all data on all connected Nitrokey devices! -The `totp_no_pin` and `totp_pin` tests can occasionally fail due to bad timing. -  ## Acknowledgments  Thanks to Nitrokey UG for providing a Nitrokey Storage to support the @@ -10,7 +10,6 @@ SPDX-License-Identifier: MIT      - `NK_get_progress_bar_value`      - `NK_list_devices_by_cpuID`      - `NK_connect_with_ID` -- Fix timing issues with the `totp_no_pin` and `totp_pin` test cases.  - Clear passwords from memory.  - Lock password safe in `PasswordSafe::drop()` (see [nitrokey-storage-firmware    issue 65][]). diff --git a/tests/otp.rs b/tests/otp.rs index fb20768..e424673 100644 --- a/tests/otp.rs +++ b/tests/otp.rs @@ -23,13 +23,13 @@ static HOTP_CODES: &[&str] = &[  // test suite according to RFC 6238, Appendix B  static TOTP_SECRET: &str = "3132333435363738393031323334353637383930"; -static TOTP_CODES: &[(u64, &str)] = &[ -    (59, "94287082"), -    (1111111109, "07081804"), -    (1111111111, "14050471"), -    (1234567890, "89005924"), -    (2000000000, "69279037"), -    (20000000000, "65353130"), +static TOTP_CODES: &[(u64, &[&str])] = &[ +    (59, &["94287082", "37359152"]), +    (1111111109, &["07081804"]), +    (1111111111, &["14050471"]), +    (1234567890, &["89005924"]), +    (2000000000, &["69279037"]), +    (20000000000, &["65353130"]),  ];  #[derive(PartialEq)] @@ -159,7 +159,7 @@ fn configure_totp(admin: &ConfigureOtp, factor: u64) {  }  fn check_totp_codes(device: &GenerateOtp, factor: u64, timestamp_size: TotpTimestampSize) { -    for (base_time, code) in TOTP_CODES { +    for (base_time, codes) in TOTP_CODES {          let time = base_time.checked_mul(factor).unwrap();          let is_u64 = time > u32::max_value() as u64;          if is_u64 != (timestamp_size == TotpTimestampSize::U64) { @@ -167,7 +167,14 @@ fn check_totp_codes(device: &GenerateOtp, factor: u64, timestamp_size: TotpTimes          }          assert_ok!((), device.set_time(time, true)); -        assert_ok!(code.to_string(), device.get_totp_code(1)); +        let code = device.get_totp_code(1).unwrap(); +        assert!( +            code.contains(&code), +            "Generated TOTP code {} for {}, but expected one of {}", +            code, +            base_time, +            codes.join(", ") +        );      }  } | 
