From f58400a22986cdedf34f85dc17d1d59335ffb404 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin.krahl@ireas.org>
Date: Mon, 28 May 2018 21:32:36 +0000
Subject: Group tests by tested functionality
---
src/tests/device.rs | 184 ++++++++++++++++++++++
src/tests/mod.rs | 5 +-
src/tests/no_device.rs | 8 -
src/tests/otp.rs | 227 +++++++++++++++++++++++++++
src/tests/pro.rs | 404 -------------------------------------------------
src/tests/util.rs | 2 +
6 files changed, 416 insertions(+), 414 deletions(-)
create mode 100644 src/tests/device.rs
delete mode 100644 src/tests/no_device.rs
create mode 100644 src/tests/otp.rs
delete mode 100644 src/tests/pro.rs
create mode 100644 src/tests/util.rs
(limited to 'src/tests')
diff --git a/src/tests/device.rs b/src/tests/device.rs
new file mode 100644
index 0000000..394861c
--- /dev/null
+++ b/src/tests/device.rs
@@ -0,0 +1,184 @@
+use std::ffi::CStr;
+use {Authenticate, CommandError, CommandStatus, Config, Device, Pro};
+use tests::util::{ADMIN_PASSWORD, USER_PASSWORD};
+
+static ADMIN_NEW_PASSWORD: &str = "1234567890";
+static USER_NEW_PASSWORD: &str = "abcdefghij";
+
+#[test]
+#[cfg_attr(not(feature = "test-no-device"), ignore)]
+fn connect_no_device() {
+ assert!(::connect().is_err());
+ assert!(::Pro::connect().is_err());
+ // TODO: test storage
+ // assert!(::Storage::connect().is_err());
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn connect_pro() {
+ assert!(::connect().is_ok());
+ assert!(Pro::connect().is_ok());
+ // TODO: test storage
+ // assert!(::Storage::connect().is_err());
+}
+
+fn assert_empty_serial_number() {
+ unsafe {
+ let ptr = ::nitrokey_sys::NK_device_serial_number();
+ assert!(!ptr.is_null());
+ let cstr = CStr::from_ptr(ptr);
+ assert_eq!(cstr.to_string_lossy(), "");
+ }
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn disconnect() {
+ ::connect().unwrap();
+ assert_empty_serial_number();
+ ::connect()
+ .unwrap()
+ .authenticate_admin(ADMIN_PASSWORD)
+ .unwrap();
+ assert_empty_serial_number();
+ ::connect()
+ .unwrap()
+ .authenticate_user(USER_PASSWORD)
+ .unwrap();
+ assert_empty_serial_number();
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn get_serial_number() {
+ let device = ::connect().unwrap();
+ let result = device.get_serial_number();
+ assert!(result.is_ok());
+ let serial_number = result.unwrap();
+ assert!(serial_number.is_ascii());
+ assert!(serial_number.chars().all(|c| c.is_ascii_hexdigit()));
+}
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn get_firmware_version() {
+ let device = ::connect().unwrap();
+ assert_eq!(0, device.get_major_firmware_version());
+ let minor = device.get_minor_firmware_version();
+ assert!(minor == 7 || minor == 8);
+}
+
+fn admin_retry<T: Authenticate + Device>(device: T, suffix: &str, count: u8) -> T {
+ let result = device.authenticate_admin(&(ADMIN_PASSWORD.to_owned() + suffix));
+ let device = match result {
+ Ok(admin) => admin.device(),
+ Err((device, _)) => device,
+ };
+ assert_eq!(count, device.get_admin_retry_count());
+ return device;
+}
+
+fn user_retry<T: Authenticate + Device>(device: T, suffix: &str, count: u8) -> T {
+ let result = device.authenticate_user(&(USER_PASSWORD.to_owned() + suffix));
+ let device = match result {
+ Ok(admin) => admin.device(),
+ Err((device, _)) => device,
+ };
+ assert_eq!(count, device.get_user_retry_count());
+ return device;
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn get_retry_count() {
+ let device = ::connect().unwrap();
+
+ let device = admin_retry(device, "", 3);
+ let device = admin_retry(device, "123", 2);
+ let device = admin_retry(device, "456", 1);
+ let device = admin_retry(device, "", 3);
+
+ let device = user_retry(device, "", 3);
+ let device = user_retry(device, "123", 2);
+ let device = user_retry(device, "456", 1);
+ user_retry(device, "", 3);
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn config() {
+ let device = ::connect().unwrap();
+ let admin = device.authenticate_admin(ADMIN_PASSWORD).unwrap();
+ let config = Config::new(None, None, None, true);
+ assert_eq!(CommandStatus::Success, admin.write_config(config));
+ let get_config = admin.get_config().unwrap();
+ assert_eq!(config, get_config);
+
+ let config = Config::new(None, Some(9), None, true);
+ assert_eq!(
+ CommandStatus::Error(CommandError::InvalidSlot),
+ admin.write_config(config)
+ );
+
+ let config = Config::new(Some(1), None, Some(0), false);
+ assert_eq!(CommandStatus::Success, admin.write_config(config));
+ let get_config = admin.get_config().unwrap();
+ assert_eq!(config, get_config);
+
+ let config = Config::new(None, None, None, false);
+ assert_eq!(CommandStatus::Success, admin.write_config(config));
+ let get_config = admin.get_config().unwrap();
+ assert_eq!(config, get_config);
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn change_user_pin() {
+ let device = ::connect().unwrap();
+ let device = device.authenticate_user(USER_PASSWORD).unwrap().device();
+ let device = device.authenticate_user(USER_NEW_PASSWORD).unwrap_err().0;
+
+ let result = device.change_user_pin(USER_PASSWORD, USER_NEW_PASSWORD);
+ assert_eq!(CommandStatus::Success, result);
+
+ let device = device.authenticate_user(USER_PASSWORD).unwrap_err().0;
+ let device = device
+ .authenticate_user(USER_NEW_PASSWORD)
+ .unwrap()
+ .device();
+
+ let result = device.change_user_pin(USER_PASSWORD, USER_PASSWORD);
+ assert_eq!(CommandStatus::Error(CommandError::WrongPassword), result);
+
+ let result = device.change_user_pin(USER_NEW_PASSWORD, USER_PASSWORD);
+ assert_eq!(CommandStatus::Success, result);
+
+ let device = device.authenticate_user(USER_PASSWORD).unwrap().device();
+ device.authenticate_user(USER_NEW_PASSWORD).unwrap_err();
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn change_admin_pin() {
+ let device = ::connect().unwrap();
+ let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap().device();
+ let device = device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap_err().0;
+
+ let result = device.change_admin_pin(ADMIN_PASSWORD, ADMIN_NEW_PASSWORD);
+ assert_eq!(CommandStatus::Success, result);
+
+ let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap_err().0;
+ let device = device
+ .authenticate_admin(ADMIN_NEW_PASSWORD)
+ .unwrap()
+ .device();
+
+ let result = device.change_admin_pin(ADMIN_PASSWORD, ADMIN_PASSWORD);
+ assert_eq!(CommandStatus::Error(CommandError::WrongPassword), result);
+
+ let result = device.change_admin_pin(ADMIN_NEW_PASSWORD, ADMIN_PASSWORD);
+ assert_eq!(CommandStatus::Success, result);
+
+ let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap().device();
+ device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap_err();
+}
diff --git a/src/tests/mod.rs b/src/tests/mod.rs
index 5f01b67..c2c9f9d 100644
--- a/src/tests/mod.rs
+++ b/src/tests/mod.rs
@@ -1,2 +1,3 @@
-mod no_device;
-mod pro;
+mod device;
+mod otp;
+mod util;
diff --git a/src/tests/no_device.rs b/src/tests/no_device.rs
deleted file mode 100644
index 4118bcd..0000000
--- a/src/tests/no_device.rs
+++ /dev/null
@@ -1,8 +0,0 @@
-#[test]
-#[cfg_attr(not(feature = "test-no-device"), ignore)]
-fn connect() {
- assert!(::connect().is_err());
- assert!(::Pro::connect().is_err());
- // TODO: test storage
- // assert!(::Storage::connect().is_err());
-}
diff --git a/src/tests/otp.rs b/src/tests/otp.rs
new file mode 100644
index 0000000..e96bbfe
--- /dev/null
+++ b/src/tests/otp.rs
@@ -0,0 +1,227 @@
+use std::ops::Deref;
+use {Admin, Authenticate, CommandError, CommandStatus, Config, ConfigureOtp, DeviceWrapper, GenerateOtp,
+ OtpMode, OtpSlotData};
+use tests::util::{ADMIN_PASSWORD, USER_PASSWORD};
+
+// test suite according to RFC 4226, Appendix D
+static HOTP_SECRET: &str = "3132333435363738393031323334353637383930";
+static HOTP_CODES: &[&str] = &[
+ "755224", "287082", "359152", "969429", "338314", "254676", "287922", "162583", "399871",
+ "520489",
+];
+
+// test suite according to RFC 6238, Appendix B
+static TOTP_SECRET: &str = "3132333435363738393031323334353637383930";
+static TOTP_CODES: &[(u64, &str)] = &[
+ (59, "94287082"),
+ (1111111109, "07081804"),
+ (1111111111, "14050471"),
+ (1234567890, "89005924"),
+ (2000000000, "69279037"),
+ (20000000000, "65353130"),
+];
+
+fn get_admin_test_device() -> Admin<DeviceWrapper> {
+ ::connect().expect("Could not connect to the Nitrokey Pro.")
+ .authenticate_admin(ADMIN_PASSWORD)
+ .expect("Could not login as admin.")
+}
+
+fn configure_hotp(admin: &ConfigureOtp) {
+ let slot_data = OtpSlotData::new(1, "test-hotp", HOTP_SECRET, OtpMode::SixDigits);
+ assert_eq!(CommandStatus::Success, admin.write_hotp_slot(slot_data, 0));
+}
+
+fn check_hotp_codes(device: &GenerateOtp) {
+ for code in HOTP_CODES {
+ let result = device.get_hotp_code(1);
+ assert_eq!(code, &result.unwrap());
+ }
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn hotp_no_pin() {
+ let admin = get_admin_test_device();
+ let config = Config::new(None, None, None, false);
+ assert_eq!(CommandStatus::Success, admin.write_config(config));
+
+ configure_hotp(&admin);
+ check_hotp_codes(admin.deref());
+
+ configure_hotp(&admin);
+ check_hotp_codes(&admin.device());
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn hotp_pin() {
+ let admin = get_admin_test_device();
+ let config = Config::new(None, None, None, true);
+ assert_eq!(CommandStatus::Success, admin.write_config(config));
+
+ configure_hotp(&admin);
+ let user = admin.device().authenticate_user(USER_PASSWORD).unwrap();
+ check_hotp_codes(&user);
+
+ assert!(user.device().get_hotp_code(1).is_err());
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn hotp_slot_name() {
+ let admin = get_admin_test_device();
+ let slot_data = OtpSlotData::new(1, "test-hotp", HOTP_SECRET, OtpMode::SixDigits);
+ assert_eq!(CommandStatus::Success, admin.write_hotp_slot(slot_data, 0));
+
+ let device = admin.device();
+ let result = device.get_hotp_slot_name(1);
+ assert_eq!("test-hotp", result.unwrap());
+ let result = device.get_hotp_slot_name(4);
+ assert_eq!(CommandError::InvalidSlot, result.unwrap_err());
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn hotp_error() {
+ let admin = get_admin_test_device();
+ let slot_data = OtpSlotData::new(1, "", HOTP_SECRET, OtpMode::SixDigits);
+ assert_eq!(
+ CommandStatus::Error(CommandError::NoName),
+ admin.write_hotp_slot(slot_data, 0)
+ );
+ let slot_data = OtpSlotData::new(4, "test", HOTP_SECRET, OtpMode::SixDigits);
+ assert_eq!(
+ CommandStatus::Error(CommandError::InvalidSlot),
+ admin.write_hotp_slot(slot_data, 0)
+ );
+ let code = admin.get_hotp_code(4);
+ assert_eq!(CommandError::InvalidSlot, code.unwrap_err());
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn hotp_erase() {
+ let admin = get_admin_test_device();
+ let config = Config::new(None, None, None, false);
+ assert_eq!(CommandStatus::Success, admin.write_config(config));
+ let slot_data = OtpSlotData::new(1, "test1", HOTP_SECRET, OtpMode::SixDigits);
+ assert_eq!(CommandStatus::Success, admin.write_hotp_slot(slot_data, 0));
+ let slot_data = OtpSlotData::new(2, "test2", HOTP_SECRET, OtpMode::SixDigits);
+ assert_eq!(CommandStatus::Success, admin.write_hotp_slot(slot_data, 0));
+
+ assert_eq!(CommandStatus::Success, admin.erase_hotp_slot(1));
+
+ let device = admin.device();
+ let result = device.get_hotp_slot_name(1);
+ assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err());
+ let result = device.get_hotp_code(1);
+ assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err());
+
+ assert_eq!("test2", device.get_hotp_slot_name(2).unwrap());
+}
+
+fn configure_totp(admin: &ConfigureOtp) {
+ let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits);
+ assert_eq!(CommandStatus::Success, admin.write_totp_slot(slot_data, 30));
+}
+
+fn check_totp_codes(device: &GenerateOtp) {
+ for (i, &(time, code)) in TOTP_CODES.iter().enumerate() {
+ assert_eq!(CommandStatus::Success, device.set_time(time));
+ let result = device.get_totp_code(1);
+ assert!(result.is_ok());
+ let result_code = result.unwrap();
+ assert_eq!(
+ code, result_code,
+ "TOTP code {} should be {} but is {}",
+ i, code, result_code
+ );
+ }
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn totp_no_pin() {
+ // TODO: this test may fail due to bad timing --> find solution
+ let admin = get_admin_test_device();
+ let config = Config::new(None, None, None, false);
+ assert_eq!(CommandStatus::Success, admin.write_config(config));
+
+ configure_totp(&admin);
+ check_totp_codes(admin.deref());
+
+ configure_totp(&admin);
+ check_totp_codes(&admin.device());
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn totp_pin() {
+ // TODO: this test may fail due to bad timing --> find solution
+ let admin = get_admin_test_device();
+ let config = Config::new(None, None, None, true);
+ assert_eq!(CommandStatus::Success, admin.write_config(config));
+
+ configure_totp(&admin);
+ let user = admin.device().authenticate_user(USER_PASSWORD).unwrap();
+ check_totp_codes(&user);
+
+ assert!(user.device().get_totp_code(1).is_err());
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn totp_slot_name() {
+ let admin = get_admin_test_device();
+ let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits);
+ assert_eq!(CommandStatus::Success, admin.write_totp_slot(slot_data, 0));
+
+ let device = admin.device();
+ let result = device.get_totp_slot_name(1);
+ assert!(result.is_ok());
+ assert_eq!("test-totp", result.unwrap());
+ let result = device.get_totp_slot_name(16);
+ assert_eq!(CommandError::InvalidSlot, result.unwrap_err());
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn totp_error() {
+ let admin = get_admin_test_device();
+ let slot_data = OtpSlotData::new(1, "", HOTP_SECRET, OtpMode::SixDigits);
+ assert_eq!(
+ CommandStatus::Error(CommandError::NoName),
+ admin.write_hotp_slot(slot_data, 0)
+ );
+ let slot_data = OtpSlotData::new(4, "test", HOTP_SECRET, OtpMode::SixDigits);
+ assert_eq!(
+ CommandStatus::Error(CommandError::InvalidSlot),
+ admin.write_hotp_slot(slot_data, 0)
+ );
+ let code = admin.get_hotp_code(4);
+ assert_eq!(CommandError::InvalidSlot, code.unwrap_err());
+}
+
+#[test]
+#[cfg_attr(not(feature = "test-pro"), ignore)]
+fn totp_erase() {
+ let admin = get_admin_test_device();
+ let config = Config::new(None, None, None, false);
+ assert_eq!(CommandStatus::Success, admin.write_config(config));
+ let slot_data = OtpSlotData::new(1, "test1", TOTP_SECRET, OtpMode::SixDigits);
+ assert_eq!(CommandStatus::Success, admin.write_totp_slot(slot_data, 0));
+ let slot_data = OtpSlotData::new(2, "test2", TOTP_SECRET, OtpMode::SixDigits);
+ assert_eq!(CommandStatus::Success, admin.write_totp_slot(slot_data, 0));
+
+ assert_eq!(CommandStatus::Success, admin.erase_totp_slot(1));
+
+ let device = admin.device();
+ let result = device.get_totp_slot_name(1);
+ assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err());
+ let result = device.get_totp_code(1);
+ assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err());
+
+ assert_eq!("test2", device.get_totp_slot_name(2).unwrap());
+}
+
diff --git a/src/tests/pro.rs b/src/tests/pro.rs
deleted file mode 100644
index 5415ff9..0000000
--- a/src/tests/pro.rs
+++ /dev/null
@@ -1,404 +0,0 @@
-use std::ffi::CStr;
-use std::ops::Deref;
-use {Admin, Authenticate, CommandError, CommandStatus, Config, ConfigureOtp, Device, GenerateOtp,
- OtpMode, OtpSlotData, Pro};
-
-static ADMIN_PASSWORD: &str = "12345678";
-static ADMIN_NEW_PASSWORD: &str = "1234567890";
-static USER_PASSWORD: &str = "123456";
-static USER_NEW_PASSWORD: &str = "abcdefghij";
-
-// test suite according to RFC 4226, Appendix D
-static HOTP_SECRET: &str = "3132333435363738393031323334353637383930";
-static HOTP_CODES: &[&str] = &[
- "755224", "287082", "359152", "969429", "338314", "254676", "287922", "162583", "399871",
- "520489",
-];
-
-// test suite according to RFC 6238, Appendix B
-static TOTP_SECRET: &str = "3132333435363738393031323334353637383930";
-static TOTP_CODES: &[(u64, &str)] = &[
- (59, "94287082"),
- (1111111109, "07081804"),
- (1111111111, "14050471"),
- (1234567890, "89005924"),
- (2000000000, "69279037"),
- (20000000000, "65353130"),
-];
-
-fn get_test_device() -> Pro {
- Pro::connect().expect("Could not connect to the Nitrokey Pro.")
-}
-
-fn get_admin_test_device() -> Admin<Pro> {
- get_test_device()
- .authenticate_admin(ADMIN_PASSWORD)
- .expect("Could not login as admin.")
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn connect() {
- assert!(::connect().is_ok());
- assert!(Pro::connect().is_ok());
- // TODO: test storage
- // assert!(::Storage::connect().is_err());
-}
-
-fn assert_empty_serial_number() {
- unsafe {
- let ptr = ::nitrokey_sys::NK_device_serial_number();
- assert!(!ptr.is_null());
- let cstr = CStr::from_ptr(ptr);
- assert_eq!(cstr.to_string_lossy(), "");
- }
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn disconnect() {
- Pro::connect().unwrap();
- assert_empty_serial_number();
- Pro::connect()
- .unwrap()
- .authenticate_admin(ADMIN_PASSWORD)
- .unwrap();
- assert_empty_serial_number();
- Pro::connect()
- .unwrap()
- .authenticate_user(USER_PASSWORD)
- .unwrap();
- assert_empty_serial_number();
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn get_serial_number() {
- let device = get_test_device();
- let result = device.get_serial_number();
- assert!(result.is_ok());
- let serial_number = result.unwrap();
- assert!(serial_number.is_ascii());
- assert!(serial_number.chars().all(|c| c.is_ascii_hexdigit()));
-}
-
-fn configure_hotp(admin: &ConfigureOtp) {
- let slot_data = OtpSlotData::new(1, "test-hotp", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(CommandStatus::Success, admin.write_hotp_slot(slot_data, 0));
-}
-
-fn check_hotp_codes(device: &GenerateOtp) {
- for code in HOTP_CODES {
- let result = device.get_hotp_code(1);
- assert_eq!(code, &result.unwrap());
- }
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn hotp() {
- let admin = get_admin_test_device();
- let config = Config::new(None, None, None, false);
- assert_eq!(CommandStatus::Success, admin.write_config(config));
-
- configure_hotp(&admin);
- check_hotp_codes(admin.deref());
-
- configure_hotp(&admin);
- check_hotp_codes(&admin.device());
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn hotp_pin() {
- let admin = get_admin_test_device();
- let config = Config::new(None, None, None, true);
- assert_eq!(CommandStatus::Success, admin.write_config(config));
-
- configure_hotp(&admin);
- let user = admin.device().authenticate_user(USER_PASSWORD).unwrap();
- check_hotp_codes(&user);
-
- assert!(user.device().get_hotp_code(1).is_err());
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn hotp_slot_name() {
- let admin = get_admin_test_device();
- let slot_data = OtpSlotData::new(1, "test-hotp", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(CommandStatus::Success, admin.write_hotp_slot(slot_data, 0));
-
- let device = admin.device();
- let result = device.get_hotp_slot_name(1);
- assert_eq!("test-hotp", result.unwrap());
- let result = device.get_hotp_slot_name(4);
- assert_eq!(CommandError::InvalidSlot, result.unwrap_err());
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn hotp_error() {
- let admin = get_admin_test_device();
- let slot_data = OtpSlotData::new(1, "", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(
- CommandStatus::Error(CommandError::NoName),
- admin.write_hotp_slot(slot_data, 0)
- );
- let slot_data = OtpSlotData::new(4, "test", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(
- CommandStatus::Error(CommandError::InvalidSlot),
- admin.write_hotp_slot(slot_data, 0)
- );
- let code = admin.get_hotp_code(4);
- assert_eq!(CommandError::InvalidSlot, code.unwrap_err());
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn hotp_erase() {
- let admin = get_admin_test_device();
- let config = Config::new(None, None, None, false);
- assert_eq!(CommandStatus::Success, admin.write_config(config));
- let slot_data = OtpSlotData::new(1, "test1", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(CommandStatus::Success, admin.write_hotp_slot(slot_data, 0));
- let slot_data = OtpSlotData::new(2, "test2", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(CommandStatus::Success, admin.write_hotp_slot(slot_data, 0));
-
- assert_eq!(CommandStatus::Success, admin.erase_hotp_slot(1));
-
- let device = admin.device();
- let result = device.get_hotp_slot_name(1);
- assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err());
- let result = device.get_hotp_code(1);
- assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err());
-
- assert_eq!("test2", device.get_hotp_slot_name(2).unwrap());
-}
-
-fn configure_totp(admin: &ConfigureOtp) {
- let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits);
- assert_eq!(CommandStatus::Success, admin.write_totp_slot(slot_data, 30));
-}
-
-fn check_totp_codes(device: &GenerateOtp) {
- for (i, &(time, code)) in TOTP_CODES.iter().enumerate() {
- assert_eq!(CommandStatus::Success, device.set_time(time));
- let result = device.get_totp_code(1);
- assert!(result.is_ok());
- let result_code = result.unwrap();
- assert_eq!(
- code, result_code,
- "TOTP code {} should be {} but is {}",
- i, code, result_code
- );
- }
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn totp() {
- // TODO: this test may fail due to bad timing --> find solution
- let admin = get_admin_test_device();
- let config = Config::new(None, None, None, false);
- assert_eq!(CommandStatus::Success, admin.write_config(config));
-
- configure_totp(&admin);
- check_totp_codes(admin.deref());
-
- configure_totp(&admin);
- check_totp_codes(&admin.device());
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn totp_pin() {
- // TODO: this test may fail due to bad timing --> find solution
- let admin = get_admin_test_device();
- let config = Config::new(None, None, None, true);
- assert_eq!(CommandStatus::Success, admin.write_config(config));
-
- configure_totp(&admin);
- let user = admin.device().authenticate_user(USER_PASSWORD).unwrap();
- check_totp_codes(&user);
-
- assert!(user.device().get_totp_code(1).is_err());
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn totp_slot_name() {
- let admin = get_admin_test_device();
- let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits);
- assert_eq!(CommandStatus::Success, admin.write_totp_slot(slot_data, 0));
-
- let device = admin.device();
- let result = device.get_totp_slot_name(1);
- assert!(result.is_ok());
- assert_eq!("test-totp", result.unwrap());
- let result = device.get_totp_slot_name(16);
- assert_eq!(CommandError::InvalidSlot, result.unwrap_err());
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn totp_error() {
- let admin = get_admin_test_device();
- let slot_data = OtpSlotData::new(1, "", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(
- CommandStatus::Error(CommandError::NoName),
- admin.write_hotp_slot(slot_data, 0)
- );
- let slot_data = OtpSlotData::new(4, "test", HOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(
- CommandStatus::Error(CommandError::InvalidSlot),
- admin.write_hotp_slot(slot_data, 0)
- );
- let code = admin.get_hotp_code(4);
- assert_eq!(CommandError::InvalidSlot, code.unwrap_err());
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn totp_erase() {
- let admin = get_admin_test_device();
- let config = Config::new(None, None, None, false);
- assert_eq!(CommandStatus::Success, admin.write_config(config));
- let slot_data = OtpSlotData::new(1, "test1", TOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(CommandStatus::Success, admin.write_totp_slot(slot_data, 0));
- let slot_data = OtpSlotData::new(2, "test2", TOTP_SECRET, OtpMode::SixDigits);
- assert_eq!(CommandStatus::Success, admin.write_totp_slot(slot_data, 0));
-
- assert_eq!(CommandStatus::Success, admin.erase_totp_slot(1));
-
- let device = admin.device();
- let result = device.get_totp_slot_name(1);
- assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err());
- let result = device.get_totp_code(1);
- assert_eq!(CommandError::SlotNotProgrammed, result.unwrap_err());
-
- assert_eq!("test2", device.get_totp_slot_name(2).unwrap());
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn get_firmware_version() {
- let device = get_test_device();
- assert_eq!(0, device.get_major_firmware_version());
- let minor = device.get_minor_firmware_version();
- assert!(minor == 7 || minor == 8);
-}
-
-fn admin_retry(device: Pro, suffix: &str, count: u8) -> Pro {
- let result = device.authenticate_admin(&(ADMIN_PASSWORD.to_owned() + suffix));
- let device = match result {
- Ok(admin) => admin.device(),
- Err((device, _)) => device,
- };
- assert_eq!(count, device.get_admin_retry_count());
- return device;
-}
-
-fn user_retry(device: Pro, suffix: &str, count: u8) -> Pro {
- let result = device.authenticate_user(&(USER_PASSWORD.to_owned() + suffix));
- let device = match result {
- Ok(admin) => admin.device(),
- Err((device, _)) => device,
- };
- assert_eq!(count, device.get_user_retry_count());
- return device;
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn get_retry_count() {
- let device = get_test_device();
-
- let device = admin_retry(device, "", 3);
- let device = admin_retry(device, "123", 2);
- let device = admin_retry(device, "456", 1);
- let device = admin_retry(device, "", 3);
-
- let device = user_retry(device, "", 3);
- let device = user_retry(device, "123", 2);
- let device = user_retry(device, "456", 1);
- user_retry(device, "", 3);
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn read_write_config() {
- let admin = get_admin_test_device();
- let config = Config::new(None, None, None, true);
- assert_eq!(CommandStatus::Success, admin.write_config(config));
- let get_config = admin.get_config().unwrap();
- assert_eq!(config, get_config);
-
- let config = Config::new(None, Some(9), None, true);
- assert_eq!(
- CommandStatus::Error(CommandError::InvalidSlot),
- admin.write_config(config)
- );
-
- let config = Config::new(Some(1), None, Some(0), false);
- assert_eq!(CommandStatus::Success, admin.write_config(config));
- let get_config = admin.get_config().unwrap();
- assert_eq!(config, get_config);
-
- let config = Config::new(None, None, None, false);
- assert_eq!(CommandStatus::Success, admin.write_config(config));
- let get_config = admin.get_config().unwrap();
- assert_eq!(config, get_config);
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn change_user_pin() {
- let device = get_test_device();
- let device = device.authenticate_user(USER_PASSWORD).unwrap().device();
- let device = device.authenticate_user(USER_NEW_PASSWORD).unwrap_err().0;
-
- let result = device.change_user_pin(USER_PASSWORD, USER_NEW_PASSWORD);
- assert_eq!(CommandStatus::Success, result);
-
- let device = device.authenticate_user(USER_PASSWORD).unwrap_err().0;
- let device = device
- .authenticate_user(USER_NEW_PASSWORD)
- .unwrap()
- .device();
-
- let result = device.change_user_pin(USER_PASSWORD, USER_PASSWORD);
- assert_eq!(CommandStatus::Error(CommandError::WrongPassword), result);
-
- let result = device.change_user_pin(USER_NEW_PASSWORD, USER_PASSWORD);
- assert_eq!(CommandStatus::Success, result);
-
- let device = device.authenticate_user(USER_PASSWORD).unwrap().device();
- device.authenticate_user(USER_NEW_PASSWORD).unwrap_err();
-}
-
-#[test]
-#[cfg_attr(not(feature = "test-pro"), ignore)]
-fn change_admin_pin() {
- let device = get_test_device();
- let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap().device();
- let device = device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap_err().0;
-
- let result = device.change_admin_pin(ADMIN_PASSWORD, ADMIN_NEW_PASSWORD);
- assert_eq!(CommandStatus::Success, result);
-
- let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap_err().0;
- let device = device
- .authenticate_admin(ADMIN_NEW_PASSWORD)
- .unwrap()
- .device();
-
- let result = device.change_admin_pin(ADMIN_PASSWORD, ADMIN_PASSWORD);
- assert_eq!(CommandStatus::Error(CommandError::WrongPassword), result);
-
- let result = device.change_admin_pin(ADMIN_NEW_PASSWORD, ADMIN_PASSWORD);
- assert_eq!(CommandStatus::Success, result);
-
- let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap().device();
- device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap_err();
-}
diff --git a/src/tests/util.rs b/src/tests/util.rs
new file mode 100644
index 0000000..cbf6b93
--- /dev/null
+++ b/src/tests/util.rs
@@ -0,0 +1,2 @@
+pub static ADMIN_PASSWORD: &str = "12345678";
+pub static USER_PASSWORD: &str = "123456";
--
cgit v1.2.3