From 22e378677d5b00a05c021dc6660651608b384e0d Mon Sep 17 00:00:00 2001 From: Robin Krahl Date: Thu, 7 Jun 2018 00:22:45 +0200 Subject: Add support for encrypted volume MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This patch adds support for the commands to enable or disable the encrypted volume on the Nitrokey Storage. To test these commands, the output of lsblk is parsed for the device model “Nitrokey Storage”. This is not perfect but seems to be the best solution for automated testing. As the effect of enabling and disabling volumes is not immediate, a delay of two seconds is added to the tests before checking lsblk. This is sufficient on my machine, yet it would be better to have a portable version of this check. This patch also adds a lock method to Device that executes the lock_device command. This command was previously only used to close the password safe. On the Nitrokey Storage, it also disables the encrypted and hidden volume. --- src/tests/device.rs | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) (limited to 'src/tests') diff --git a/src/tests/device.rs b/src/tests/device.rs index 68f1a39..7f7a819 100644 --- a/src/tests/device.rs +++ b/src/tests/device.rs @@ -1,10 +1,24 @@ use std::ffi::CStr; +use std::process::Command; +use std::{thread, time}; use tests::util::{Target, ADMIN_PASSWORD, USER_PASSWORD}; use {Authenticate, CommandError, CommandStatus, Config, Device}; static ADMIN_NEW_PASSWORD: &str = "1234567890"; static USER_NEW_PASSWORD: &str = "abcdefghij"; +fn count_nitrokey_block_devices() -> usize { + thread::sleep(time::Duration::from_secs(2)); + let output = Command::new("lsblk") + .args(&["-o", "MODEL"]) + .output() + .expect("Could not list block devices"); + String::from_utf8_lossy(&output.stdout) + .split("\n") + .filter(|&s| s == "Nitrokey Storage") + .count() +} + #[test] #[cfg_attr(not(feature = "test-no-device"), ignore)] fn connect_no_device() { @@ -227,3 +241,39 @@ fn unlock_user_pin() { ); device.authenticate_user(USER_PASSWORD).unwrap(); } + +#[test] +#[cfg_attr(not(feature = "test-storage"), ignore)] +fn encrypted_volume() { + let device = Target::connect().unwrap(); + assert_eq!(CommandStatus::Success, device.lock()); + + assert_eq!(1, count_nitrokey_block_devices()); + assert_eq!(CommandStatus::Success, device.disable_encrypted_volume()); + assert_eq!(1, count_nitrokey_block_devices()); + assert_eq!( + CommandStatus::Error(CommandError::WrongPassword), + device.enable_encrypted_volume("123") + ); + assert_eq!(1, count_nitrokey_block_devices()); + assert_eq!( + CommandStatus::Success, + device.enable_encrypted_volume(USER_PASSWORD) + ); + assert_eq!(2, count_nitrokey_block_devices()); + assert_eq!(CommandStatus::Success, device.disable_encrypted_volume()); + assert_eq!(1, count_nitrokey_block_devices()); +} + +#[test] +#[cfg_attr(not(feature = "test-storage"), ignore)] +fn lock() { + let device = Target::connect().unwrap(); + + assert_eq!( + CommandStatus::Success, + device.enable_encrypted_volume(USER_PASSWORD) + ); + assert_eq!(CommandStatus::Success, device.lock()); + assert_eq!(1, count_nitrokey_block_devices()); +} -- cgit v1.2.3