diff options
Diffstat (limited to 'tests/device.rs')
-rw-r--r-- | tests/device.rs | 152 |
1 files changed, 73 insertions, 79 deletions
diff --git a/tests/device.rs b/tests/device.rs index ecc3cfa..6a3683b 100644 --- a/tests/device.rs +++ b/tests/device.rs @@ -97,34 +97,41 @@ fn get_firmware_version(device: Pro) { assert!(version.minor > 0); } -fn admin_retry<T: Authenticate + Device>(device: &mut T, suffix: &str, count: u8) { - assert_any_ok!(device.authenticate_admin(&(DEFAULT_ADMIN_PIN.to_owned() + suffix))); +fn admin_retry<T: Authenticate + Device>(device: T, suffix: &str, count: u8) -> T { + let result = device.authenticate_admin(&(DEFAULT_ADMIN_PIN.to_owned() + suffix)); + let device = match result { + Ok(admin) => admin.device(), + Err((device, _)) => device, + }; assert_ok!(count, device.get_admin_retry_count()); + return device; } -fn user_retry<T: Authenticate + Device>(device: &mut T, suffix: &str, count: u8) { - assert_any_ok!(device.authenticate_user(&(DEFAULT_USER_PIN.to_owned() + suffix))); +fn user_retry<T: Authenticate + Device>(device: T, suffix: &str, count: u8) -> T { + let result = device.authenticate_user(&(DEFAULT_USER_PIN.to_owned() + suffix)); + let device = match result { + Ok(admin) => admin.device(), + Err((device, _)) => device, + }; assert_ok!(count, device.get_user_retry_count()); + return device; } #[test_device] fn get_retry_count(device: DeviceWrapper) { - let mut device = device; - - admin_retry(&mut device, "", 3); - admin_retry(&mut device, "123", 2); - admin_retry(&mut device, "456", 1); - admin_retry(&mut device, "", 3); - - user_retry(&mut device, "", 3); - user_retry(&mut device, "123", 2); - user_retry(&mut device, "456", 1); - user_retry(&mut device, "", 3); + let device = admin_retry(device, "", 3); + let device = admin_retry(device, "123", 2); + let device = admin_retry(device, "456", 1); + let device = admin_retry(device, "", 3); + + let device = user_retry(device, "", 3); + let device = user_retry(device, "123", 2); + let device = user_retry(device, "456", 1); + user_retry(device, "", 3); } #[test_device] fn config(device: DeviceWrapper) { - let mut device = device; let mut admin = unwrap_ok!(device.authenticate_admin(DEFAULT_ADMIN_PIN)); let config = Config::new(None, None, None, true); @@ -145,24 +152,19 @@ fn config(device: DeviceWrapper) { #[test_device] fn change_user_pin(device: DeviceWrapper) { - let mut device = device; - assert_any_ok!(device.authenticate_user(DEFAULT_USER_PIN)); - assert_cmd_err!( - CommandError::WrongPassword, - device.authenticate_user(USER_NEW_PASSWORD) - ); + let device = device.authenticate_user(DEFAULT_USER_PIN).unwrap().device(); + let device = device.authenticate_user(USER_NEW_PASSWORD).unwrap_err().0; - assert_ok!( - (), - device.change_user_pin(DEFAULT_USER_PIN, USER_NEW_PASSWORD) - ); + let mut device = device; + assert_ok!((), device.change_user_pin(DEFAULT_USER_PIN, USER_NEW_PASSWORD)); - assert_cmd_err!( - CommandError::WrongPassword, - device.authenticate_user(DEFAULT_USER_PIN) - ); - assert_any_ok!(device.authenticate_user(USER_NEW_PASSWORD)); + let device = device.authenticate_user(DEFAULT_USER_PIN).unwrap_err().0; + let device = device + .authenticate_user(USER_NEW_PASSWORD) + .unwrap() + .device(); + let mut device = device; let result = device.change_user_pin(DEFAULT_USER_PIN, DEFAULT_USER_PIN); assert_cmd_err!(CommandError::WrongPassword, result); @@ -171,32 +173,25 @@ fn change_user_pin(device: DeviceWrapper) { device.change_user_pin(USER_NEW_PASSWORD, DEFAULT_USER_PIN) ); - assert_any_ok!(device.authenticate_user(DEFAULT_USER_PIN)); - assert_cmd_err!( - CommandError::WrongPassword, - device.authenticate_user(USER_NEW_PASSWORD) - ); + let device = device.authenticate_user(DEFAULT_USER_PIN).unwrap().device(); + assert!(device.authenticate_user(USER_NEW_PASSWORD).is_err()); } #[test_device] fn change_admin_pin(device: DeviceWrapper) { - let mut device = device; - assert_any_ok!(device.authenticate_admin(DEFAULT_ADMIN_PIN)); - assert_cmd_err!( - CommandError::WrongPassword, - device.authenticate_admin(ADMIN_NEW_PASSWORD) - ); + let device = device.authenticate_admin(DEFAULT_ADMIN_PIN).unwrap().device(); + let mut device = device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap_err().0; assert_ok!( (), device.change_admin_pin(DEFAULT_ADMIN_PIN, ADMIN_NEW_PASSWORD) ); - assert_cmd_err!( - CommandError::WrongPassword, - device.authenticate_admin(DEFAULT_ADMIN_PIN) - ); - assert_any_ok!(device.authenticate_admin(ADMIN_NEW_PASSWORD)); + let device = device.authenticate_admin(DEFAULT_ADMIN_PIN).unwrap_err().0; + let mut device = device + .authenticate_admin(ADMIN_NEW_PASSWORD) + .unwrap() + .device(); assert_cmd_err!( CommandError::WrongPassword, @@ -208,28 +203,29 @@ fn change_admin_pin(device: DeviceWrapper) { device.change_admin_pin(ADMIN_NEW_PASSWORD, DEFAULT_ADMIN_PIN) ); - assert_any_ok!(device.authenticate_admin(DEFAULT_ADMIN_PIN)); - assert_cmd_err!( - CommandError::WrongPassword, - device.authenticate_admin(ADMIN_NEW_PASSWORD) - ); + let device = device.authenticate_admin(DEFAULT_ADMIN_PIN).unwrap().device(); + device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap_err(); } -fn require_failed_user_login<D: Authenticate + Device>(device: &mut D, password: &str) { - assert_cmd_err!( - CommandError::WrongPassword, - device.authenticate_user(password) - ); +fn require_failed_user_login<D>(device: D, password: &str, error: CommandError) -> D +where + D: Device + Authenticate, + nitrokey::User<D>: std::fmt::Debug, +{ + let result = device.authenticate_user(password); + assert!(result.is_err()); + let err = result.unwrap_err(); + match err.1 { + Error::CommandError(err) => assert_eq!(error, err), + _ => assert!(false), + }; + err.0 } #[test_device] fn unlock_user_pin(device: DeviceWrapper) { - let mut device = device; - assert_any_ok!(device.authenticate_user(DEFAULT_USER_PIN)); - assert_ok!( - (), - device.unlock_user_pin(DEFAULT_ADMIN_PIN, DEFAULT_USER_PIN) - ); + let mut device = device.authenticate_user(DEFAULT_USER_PIN).unwrap().device(); + assert_ok!((), device.unlock_user_pin(DEFAULT_ADMIN_PIN, DEFAULT_USER_PIN)); assert_cmd_err!( CommandError::WrongPassword, device.unlock_user_pin(DEFAULT_USER_PIN, DEFAULT_USER_PIN) @@ -237,27 +233,24 @@ fn unlock_user_pin(device: DeviceWrapper) { // block user PIN let wrong_password = DEFAULT_USER_PIN.to_owned() + "foo"; - require_failed_user_login(&mut device, &wrong_password); - require_failed_user_login(&mut device, &wrong_password); - require_failed_user_login(&mut device, &wrong_password); - require_failed_user_login(&mut device, DEFAULT_USER_PIN); + let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword); + let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword); + let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword); + let mut device = require_failed_user_login(device, DEFAULT_USER_PIN, CommandError::WrongPassword); // unblock with current PIN assert_cmd_err!( CommandError::WrongPassword, device.unlock_user_pin(DEFAULT_USER_PIN, DEFAULT_USER_PIN) ); - assert_ok!( - (), - device.unlock_user_pin(DEFAULT_ADMIN_PIN, DEFAULT_USER_PIN) - ); - assert_any_ok!(device.authenticate_user(DEFAULT_USER_PIN)); + assert_ok!((), device.unlock_user_pin(DEFAULT_ADMIN_PIN, DEFAULT_USER_PIN)); + let device = device.authenticate_user(DEFAULT_USER_PIN).unwrap().device(); // block user PIN - require_failed_user_login(&mut device, &wrong_password); - require_failed_user_login(&mut device, &wrong_password); - require_failed_user_login(&mut device, &wrong_password); - require_failed_user_login(&mut device, DEFAULT_USER_PIN); + let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword); + let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword); + let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword); + let mut device = require_failed_user_login(device, DEFAULT_USER_PIN, CommandError::WrongPassword); // unblock with new PIN assert_cmd_err!( @@ -286,11 +279,11 @@ fn assert_utf8_err_or_ne(left: &str, right: Result<String, Error>) { #[test_device] fn factory_reset(device: DeviceWrapper) { - let mut device = device; let mut admin = unwrap_ok!(device.authenticate_admin(DEFAULT_ADMIN_PIN)); let otp_data = OtpSlotData::new(1, "test", "0123468790", OtpMode::SixDigits); assert_ok!((), admin.write_totp_slot(otp_data, 30)); + let mut device = admin.device(); let mut pws = unwrap_ok!(device.get_password_safe(DEFAULT_USER_PIN)); assert_ok!((), pws.write_slot(0, "test", "testlogin", "testpw")); drop(pws); @@ -314,11 +307,12 @@ fn factory_reset(device: DeviceWrapper) { ); assert_ok!((), device.factory_reset(ADMIN_NEW_PASSWORD)); - assert_any_ok!(device.authenticate_admin(DEFAULT_ADMIN_PIN)); + let device = device.authenticate_admin(DEFAULT_ADMIN_PIN).unwrap().device(); let user = unwrap_ok!(device.authenticate_user(DEFAULT_USER_PIN)); assert_cmd_err!(CommandError::SlotNotProgrammed, user.get_totp_slot_name(1)); + let mut device = user.device(); let pws = unwrap_ok!(device.get_password_safe(DEFAULT_USER_PIN)); assert_utf8_err_or_ne("test", pws.get_slot_name(0)); assert_utf8_err_or_ne("testlogin", pws.get_slot_login(0)); @@ -341,7 +335,7 @@ fn build_aes_key(device: DeviceWrapper) { ); assert_ok!((), device.build_aes_key(DEFAULT_ADMIN_PIN)); - assert_any_ok!(device.authenticate_admin(DEFAULT_ADMIN_PIN)); + let mut device = device.authenticate_admin(DEFAULT_ADMIN_PIN).unwrap().device(); let pws = unwrap_ok!(device.get_password_safe(DEFAULT_USER_PIN)); assert_utf8_err_or_ne("test", pws.get_slot_name(0)); |