summaryrefslogtreecommitdiff
path: root/tests/device.rs
diff options
context:
space:
mode:
Diffstat (limited to 'tests/device.rs')
-rw-r--r--tests/device.rs151
1 files changed, 84 insertions, 67 deletions
diff --git a/tests/device.rs b/tests/device.rs
index ecc3cfa..5c52024 100644
--- a/tests/device.rs
+++ b/tests/device.rs
@@ -97,34 +97,41 @@ fn get_firmware_version(device: Pro) {
assert!(version.minor > 0);
}
-fn admin_retry<T: Authenticate + Device>(device: &mut T, suffix: &str, count: u8) {
- assert_any_ok!(device.authenticate_admin(&(DEFAULT_ADMIN_PIN.to_owned() + suffix)));
+fn admin_retry<T: Authenticate + Device>(device: T, suffix: &str, count: u8) -> T {
+ let result = device.authenticate_admin(&(DEFAULT_ADMIN_PIN.to_owned() + suffix));
+ let device = match result {
+ Ok(admin) => admin.device(),
+ Err((device, _)) => device,
+ };
assert_ok!(count, device.get_admin_retry_count());
+ return device;
}
-fn user_retry<T: Authenticate + Device>(device: &mut T, suffix: &str, count: u8) {
- assert_any_ok!(device.authenticate_user(&(DEFAULT_USER_PIN.to_owned() + suffix)));
+fn user_retry<T: Authenticate + Device>(device: T, suffix: &str, count: u8) -> T {
+ let result = device.authenticate_user(&(DEFAULT_USER_PIN.to_owned() + suffix));
+ let device = match result {
+ Ok(admin) => admin.device(),
+ Err((device, _)) => device,
+ };
assert_ok!(count, device.get_user_retry_count());
+ return device;
}
#[test_device]
fn get_retry_count(device: DeviceWrapper) {
- let mut device = device;
-
- admin_retry(&mut device, "", 3);
- admin_retry(&mut device, "123", 2);
- admin_retry(&mut device, "456", 1);
- admin_retry(&mut device, "", 3);
-
- user_retry(&mut device, "", 3);
- user_retry(&mut device, "123", 2);
- user_retry(&mut device, "456", 1);
- user_retry(&mut device, "", 3);
+ let device = admin_retry(device, "", 3);
+ let device = admin_retry(device, "123", 2);
+ let device = admin_retry(device, "456", 1);
+ let device = admin_retry(device, "", 3);
+
+ let device = user_retry(device, "", 3);
+ let device = user_retry(device, "123", 2);
+ let device = user_retry(device, "456", 1);
+ user_retry(device, "", 3);
}
#[test_device]
fn config(device: DeviceWrapper) {
- let mut device = device;
let mut admin = unwrap_ok!(device.authenticate_admin(DEFAULT_ADMIN_PIN));
let config = Config::new(None, None, None, true);
@@ -145,24 +152,22 @@ fn config(device: DeviceWrapper) {
#[test_device]
fn change_user_pin(device: DeviceWrapper) {
- let mut device = device;
- assert_any_ok!(device.authenticate_user(DEFAULT_USER_PIN));
- assert_cmd_err!(
- CommandError::WrongPassword,
- device.authenticate_user(USER_NEW_PASSWORD)
- );
+ let device = device.authenticate_user(DEFAULT_USER_PIN).unwrap().device();
+ let device = device.authenticate_user(USER_NEW_PASSWORD).unwrap_err().0;
+ let mut device = device;
assert_ok!(
(),
device.change_user_pin(DEFAULT_USER_PIN, USER_NEW_PASSWORD)
);
- assert_cmd_err!(
- CommandError::WrongPassword,
- device.authenticate_user(DEFAULT_USER_PIN)
- );
- assert_any_ok!(device.authenticate_user(USER_NEW_PASSWORD));
+ let device = device.authenticate_user(DEFAULT_USER_PIN).unwrap_err().0;
+ let device = device
+ .authenticate_user(USER_NEW_PASSWORD)
+ .unwrap()
+ .device();
+ let mut device = device;
let result = device.change_user_pin(DEFAULT_USER_PIN, DEFAULT_USER_PIN);
assert_cmd_err!(CommandError::WrongPassword, result);
@@ -171,32 +176,28 @@ fn change_user_pin(device: DeviceWrapper) {
device.change_user_pin(USER_NEW_PASSWORD, DEFAULT_USER_PIN)
);
- assert_any_ok!(device.authenticate_user(DEFAULT_USER_PIN));
- assert_cmd_err!(
- CommandError::WrongPassword,
- device.authenticate_user(USER_NEW_PASSWORD)
- );
+ let device = device.authenticate_user(DEFAULT_USER_PIN).unwrap().device();
+ assert!(device.authenticate_user(USER_NEW_PASSWORD).is_err());
}
#[test_device]
fn change_admin_pin(device: DeviceWrapper) {
- let mut device = device;
- assert_any_ok!(device.authenticate_admin(DEFAULT_ADMIN_PIN));
- assert_cmd_err!(
- CommandError::WrongPassword,
- device.authenticate_admin(ADMIN_NEW_PASSWORD)
- );
+ let device = device
+ .authenticate_admin(DEFAULT_ADMIN_PIN)
+ .unwrap()
+ .device();
+ let mut device = device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap_err().0;
assert_ok!(
(),
device.change_admin_pin(DEFAULT_ADMIN_PIN, ADMIN_NEW_PASSWORD)
);
- assert_cmd_err!(
- CommandError::WrongPassword,
- device.authenticate_admin(DEFAULT_ADMIN_PIN)
- );
- assert_any_ok!(device.authenticate_admin(ADMIN_NEW_PASSWORD));
+ let device = device.authenticate_admin(DEFAULT_ADMIN_PIN).unwrap_err().0;
+ let mut device = device
+ .authenticate_admin(ADMIN_NEW_PASSWORD)
+ .unwrap()
+ .device();
assert_cmd_err!(
CommandError::WrongPassword,
@@ -208,24 +209,31 @@ fn change_admin_pin(device: DeviceWrapper) {
device.change_admin_pin(ADMIN_NEW_PASSWORD, DEFAULT_ADMIN_PIN)
);
- assert_any_ok!(device.authenticate_admin(DEFAULT_ADMIN_PIN));
- assert_cmd_err!(
- CommandError::WrongPassword,
- device.authenticate_admin(ADMIN_NEW_PASSWORD)
- );
+ let device = device
+ .authenticate_admin(DEFAULT_ADMIN_PIN)
+ .unwrap()
+ .device();
+ device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap_err();
}
-fn require_failed_user_login<D: Authenticate + Device>(device: &mut D, password: &str) {
- assert_cmd_err!(
- CommandError::WrongPassword,
- device.authenticate_user(password)
- );
+fn require_failed_user_login<D>(device: D, password: &str, error: CommandError) -> D
+where
+ D: Device + Authenticate,
+ nitrokey::User<D>: std::fmt::Debug,
+{
+ let result = device.authenticate_user(password);
+ assert!(result.is_err());
+ let err = result.unwrap_err();
+ match err.1 {
+ Error::CommandError(err) => assert_eq!(error, err),
+ _ => assert!(false),
+ };
+ err.0
}
#[test_device]
fn unlock_user_pin(device: DeviceWrapper) {
- let mut device = device;
- assert_any_ok!(device.authenticate_user(DEFAULT_USER_PIN));
+ let mut device = device.authenticate_user(DEFAULT_USER_PIN).unwrap().device();
assert_ok!(
(),
device.unlock_user_pin(DEFAULT_ADMIN_PIN, DEFAULT_USER_PIN)
@@ -237,10 +245,11 @@ fn unlock_user_pin(device: DeviceWrapper) {
// block user PIN
let wrong_password = DEFAULT_USER_PIN.to_owned() + "foo";
- require_failed_user_login(&mut device, &wrong_password);
- require_failed_user_login(&mut device, &wrong_password);
- require_failed_user_login(&mut device, &wrong_password);
- require_failed_user_login(&mut device, DEFAULT_USER_PIN);
+ let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword);
+ let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword);
+ let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword);
+ let mut device =
+ require_failed_user_login(device, DEFAULT_USER_PIN, CommandError::WrongPassword);
// unblock with current PIN
assert_cmd_err!(
@@ -251,13 +260,14 @@ fn unlock_user_pin(device: DeviceWrapper) {
(),
device.unlock_user_pin(DEFAULT_ADMIN_PIN, DEFAULT_USER_PIN)
);
- assert_any_ok!(device.authenticate_user(DEFAULT_USER_PIN));
+ let device = device.authenticate_user(DEFAULT_USER_PIN).unwrap().device();
// block user PIN
- require_failed_user_login(&mut device, &wrong_password);
- require_failed_user_login(&mut device, &wrong_password);
- require_failed_user_login(&mut device, &wrong_password);
- require_failed_user_login(&mut device, DEFAULT_USER_PIN);
+ let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword);
+ let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword);
+ let device = require_failed_user_login(device, &wrong_password, CommandError::WrongPassword);
+ let mut device =
+ require_failed_user_login(device, DEFAULT_USER_PIN, CommandError::WrongPassword);
// unblock with new PIN
assert_cmd_err!(
@@ -286,11 +296,11 @@ fn assert_utf8_err_or_ne(left: &str, right: Result<String, Error>) {
#[test_device]
fn factory_reset(device: DeviceWrapper) {
- let mut device = device;
let mut admin = unwrap_ok!(device.authenticate_admin(DEFAULT_ADMIN_PIN));
let otp_data = OtpSlotData::new(1, "test", "0123468790", OtpMode::SixDigits);
assert_ok!((), admin.write_totp_slot(otp_data, 30));
+ let mut device = admin.device();
let mut pws = unwrap_ok!(device.get_password_safe(DEFAULT_USER_PIN));
assert_ok!((), pws.write_slot(0, "test", "testlogin", "testpw"));
drop(pws);
@@ -314,11 +324,15 @@ fn factory_reset(device: DeviceWrapper) {
);
assert_ok!((), device.factory_reset(ADMIN_NEW_PASSWORD));
- assert_any_ok!(device.authenticate_admin(DEFAULT_ADMIN_PIN));
+ let device = device
+ .authenticate_admin(DEFAULT_ADMIN_PIN)
+ .unwrap()
+ .device();
let user = unwrap_ok!(device.authenticate_user(DEFAULT_USER_PIN));
assert_cmd_err!(CommandError::SlotNotProgrammed, user.get_totp_slot_name(1));
+ let mut device = user.device();
let pws = unwrap_ok!(device.get_password_safe(DEFAULT_USER_PIN));
assert_utf8_err_or_ne("test", pws.get_slot_name(0));
assert_utf8_err_or_ne("testlogin", pws.get_slot_login(0));
@@ -341,7 +355,10 @@ fn build_aes_key(device: DeviceWrapper) {
);
assert_ok!((), device.build_aes_key(DEFAULT_ADMIN_PIN));
- assert_any_ok!(device.authenticate_admin(DEFAULT_ADMIN_PIN));
+ let mut device = device
+ .authenticate_admin(DEFAULT_ADMIN_PIN)
+ .unwrap()
+ .device();
let pws = unwrap_ok!(device.get_password_safe(DEFAULT_USER_PIN));
assert_utf8_err_or_ne("test", pws.get_slot_name(0));