From 616f84c13a4e676d3e2f870533fb1b8778c5f614 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin.krahl@ireas.org>
Date: Thu, 3 Jan 2019 17:04:50 +0000
Subject: Add Device::build_aes_key method

This patch adds the build_aes_key method to the Device trait that uses
the NK_build_aes_key function to build new AES keys on the device.  This
effectively resets the password safe and the encrypted storage.  It is
unclear whether other data (e. g. the one-time passwords) are affected
too.
---
 tests/device.rs | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

(limited to 'tests/device.rs')

diff --git a/tests/device.rs b/tests/device.rs
index 363b8d8..06e014e 100644
--- a/tests/device.rs
+++ b/tests/device.rs
@@ -346,6 +346,29 @@ fn factory_reset() {
     assert_ne!("testpw".to_string(), pws.get_slot_password(0).unwrap());
 }
 
+#[test]
+#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)]
+fn build_aes_key() {
+    let device = Target::connect().unwrap();
+
+    let pws = device.get_password_safe(USER_PASSWORD).unwrap();
+    assert_eq!(Ok(()), pws.write_slot(0, "test", "testlogin", "testpw"));
+    drop(pws);
+
+    assert_eq!(
+        Err(CommandError::WrongPassword),
+        device.build_aes_key(USER_PASSWORD)
+    );
+    assert_eq!(Ok(()), device.build_aes_key(ADMIN_PASSWORD));
+
+    let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap().device();
+
+    let pws = device.get_password_safe(USER_PASSWORD).unwrap();
+    assert_ne!("test".to_string(), pws.get_slot_name(0).unwrap());
+    assert_ne!("testlogin".to_string(), pws.get_slot_login(0).unwrap());
+    assert_ne!("testpw".to_string(), pws.get_slot_password(0).unwrap());
+}
+
 #[test]
 #[cfg_attr(not(feature = "test-storage"), ignore)]
 fn change_update_pin() {
-- 
cgit v1.2.1