From 0972bbe82623c3d9649b6023d8f50d304aa0cde6 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin.krahl@ireas.org>
Date: Mon, 28 Jan 2019 14:24:12 +0000
Subject: Refactor User and Admin to use a mutable reference
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

In the initial nitrokey-rs implementation, the Admin and the User struct
take the Device by value to make sure that the user cannot initiate a
second authentication while this first is still active (which would
invalidate the temporary password).  Now we realized that this is not
necessary – taking a mutable reference has the same effect, but leads to
a much cleaner API.

This patch refactors the Admin and User structs – and all dependent code
– to use a mutable reference instead of a Device value.
---
 tests/otp.rs | 66 ++++++++++++++++++++++++++++++++----------------------------
 1 file changed, 35 insertions(+), 31 deletions(-)

(limited to 'tests/otp.rs')

diff --git a/tests/otp.rs b/tests/otp.rs
index 28a8d7c..8ca8311 100644
--- a/tests/otp.rs
+++ b/tests/otp.rs
@@ -3,7 +3,6 @@
 
 mod util;
 
-use std::fmt::Debug;
 use std::ops::DerefMut;
 
 use nitrokey::{
@@ -38,14 +37,11 @@ enum TotpTimestampSize {
     U64,
 }
 
-fn make_admin_test_device<T>(device: T) -> Admin<T>
+fn make_admin_test_device<'a, T>(device: &'a mut T) -> Admin<'a, T>
 where
     T: Device,
-    (T, nitrokey::Error): Debug,
 {
-    device
-        .authenticate_admin(ADMIN_PASSWORD)
-        .expect("Could not login as admin.")
+    unwrap_ok!(device.authenticate_admin(ADMIN_PASSWORD))
 }
 
 fn configure_hotp(admin: &mut ConfigureOtp, counter: u8) {
@@ -72,7 +68,8 @@ fn set_time(device: DeviceWrapper) {
 
 #[test_device]
 fn hotp_no_pin(device: DeviceWrapper) {
-    let mut admin = make_admin_test_device(device);
+    let mut device = device;
+    let mut admin = make_admin_test_device(&mut device);
     let config = Config::new(None, None, None, false);
     assert_ok!((), admin.write_config(config));
 
@@ -83,36 +80,38 @@ fn hotp_no_pin(device: DeviceWrapper) {
     check_hotp_codes(admin.deref_mut(), 5);
 
     configure_hotp(&mut admin, 0);
-    check_hotp_codes(&mut admin.device(), 0);
+    check_hotp_codes(&mut device, 0);
 }
 
 #[test_device]
 fn hotp_pin(device: DeviceWrapper) {
-    let mut admin = make_admin_test_device(device);
+    let mut device = device;
+    let mut admin = make_admin_test_device(&mut device);
     let config = Config::new(None, None, None, true);
     assert_ok!((), admin.write_config(config));
 
     configure_hotp(&mut admin, 0);
-    let mut user = unwrap_ok!(admin.device().authenticate_user(USER_PASSWORD));
+    let mut user = unwrap_ok!(device.authenticate_user(USER_PASSWORD));
     check_hotp_codes(&mut user, 0);
 
-    assert_cmd_err!(CommandError::NotAuthorized, user.device().get_hotp_code(1));
+    assert_cmd_err!(CommandError::NotAuthorized, user.get_hotp_code(1));
 }
 
 #[test_device]
 fn hotp_slot_name(device: DeviceWrapper) {
-    let mut admin = make_admin_test_device(device);
+    let mut device = device;
+    let mut admin = make_admin_test_device(&mut device);
     let slot_data = OtpSlotData::new(1, "test-hotp", HOTP_SECRET, OtpMode::SixDigits);
     assert_ok!((), admin.write_hotp_slot(slot_data, 0));
 
-    let device = admin.device();
     assert_ok!("test-hotp".to_string(), device.get_hotp_slot_name(1));
     assert_lib_err!(LibraryError::InvalidSlot, device.get_hotp_slot_name(4));
 }
 
 #[test_device]
 fn hotp_error(device: DeviceWrapper) {
-    let mut admin = make_admin_test_device(device);
+    let mut device = device;
+    let mut admin = make_admin_test_device(&mut device);
     let slot_data = OtpSlotData::new(1, "", HOTP_SECRET, OtpMode::SixDigits);
     assert_cmd_err!(CommandError::NoName, admin.write_hotp_slot(slot_data, 0));
     let slot_data = OtpSlotData::new(4, "test", HOTP_SECRET, OtpMode::SixDigits);
@@ -131,7 +130,8 @@ fn hotp_error(device: DeviceWrapper) {
 
 #[test_device]
 fn hotp_erase(device: DeviceWrapper) {
-    let mut admin = make_admin_test_device(device);
+    let mut device = device;
+    let mut admin = make_admin_test_device(&mut device);
     let config = Config::new(None, None, None, false);
     assert_ok!((), admin.write_config(config));
     let slot_data = OtpSlotData::new(1, "test1", HOTP_SECRET, OtpMode::SixDigits);
@@ -141,7 +141,6 @@ fn hotp_erase(device: DeviceWrapper) {
 
     assert_ok!((), admin.erase_hotp_slot(1));
 
-    let mut device = admin.device();
     let result = device.get_hotp_slot_name(1);
     assert_cmd_err!(CommandError::SlotNotProgrammed, result);
     let result = device.get_hotp_code(1);
@@ -178,7 +177,8 @@ fn check_totp_codes(device: &mut GenerateOtp, factor: u64, timestamp_size: TotpT
 
 #[test_device]
 fn totp_no_pin(device: DeviceWrapper) {
-    let mut admin = make_admin_test_device(device);
+    let mut device = device;
+    let mut admin = make_admin_test_device(&mut device);
     let config = Config::new(None, None, None, false);
     assert_ok!((), admin.write_config(config));
 
@@ -189,14 +189,15 @@ fn totp_no_pin(device: DeviceWrapper) {
     check_totp_codes(admin.deref_mut(), 2, TotpTimestampSize::U32);
 
     configure_totp(&mut admin, 1);
-    check_totp_codes(&mut admin.device(), 1, TotpTimestampSize::U32);
+    check_totp_codes(&mut device, 1, TotpTimestampSize::U32);
 }
 
 #[test_device]
 // Nitrokey Storage does only support timestamps that fit in a 32-bit
 // unsigned integer, so don't test with it.
 fn totp_no_pin_64(device: Pro) {
-    let mut admin = make_admin_test_device(device);
+    let mut device = device;
+    let mut admin = make_admin_test_device(&mut device);
     let config = Config::new(None, None, None, false);
     assert_ok!((), admin.write_config(config));
 
@@ -207,43 +208,45 @@ fn totp_no_pin_64(device: Pro) {
     check_totp_codes(admin.deref_mut(), 2, TotpTimestampSize::U64);
 
     configure_totp(&mut admin, 1);
-    check_totp_codes(&mut admin.device(), 1, TotpTimestampSize::U64);
+    check_totp_codes(&mut device, 1, TotpTimestampSize::U64);
 }
 
 #[test_device]
 fn totp_pin(device: DeviceWrapper) {
-    let mut admin = make_admin_test_device(device);
+    let mut device = device;
+    let mut admin = make_admin_test_device(&mut device);
     let config = Config::new(None, None, None, true);
     assert_ok!((), admin.write_config(config));
 
     configure_totp(&mut admin, 1);
-    let mut user = unwrap_ok!(admin.device().authenticate_user(USER_PASSWORD));
+    let mut user = unwrap_ok!(device.authenticate_user(USER_PASSWORD));
     check_totp_codes(&mut user, 1, TotpTimestampSize::U32);
 
-    assert_cmd_err!(CommandError::NotAuthorized, user.device().get_totp_code(1));
+    assert_cmd_err!(CommandError::NotAuthorized, user.get_totp_code(1));
 }
 
 #[test_device]
 // See comment for totp_no_pin_64.
 fn totp_pin_64(device: Pro) {
-    let mut admin = make_admin_test_device(device);
+    let mut device = device;
+    let mut admin = make_admin_test_device(&mut device);
     let config = Config::new(None, None, None, true);
     assert_ok!((), admin.write_config(config));
 
     configure_totp(&mut admin, 1);
-    let mut user = unwrap_ok!(admin.device().authenticate_user(USER_PASSWORD));
+    let mut user = unwrap_ok!(admin.authenticate_user(USER_PASSWORD));
     check_totp_codes(&mut user, 1, TotpTimestampSize::U64);
 
-    assert_cmd_err!(CommandError::NotAuthorized, user.device().get_totp_code(1));
+    assert_cmd_err!(CommandError::NotAuthorized, device.get_totp_code(1));
 }
 
 #[test_device]
 fn totp_slot_name(device: DeviceWrapper) {
-    let mut admin = make_admin_test_device(device);
+    let mut device = device;
+    let mut admin = make_admin_test_device(&mut device);
     let slot_data = OtpSlotData::new(1, "test-totp", TOTP_SECRET, OtpMode::EightDigits);
     assert_ok!((), admin.write_totp_slot(slot_data, 0));
 
-    let device = admin.device();
     let result = device.get_totp_slot_name(1);
     assert_ok!("test-totp", result);
     let result = device.get_totp_slot_name(16);
@@ -252,7 +255,8 @@ fn totp_slot_name(device: DeviceWrapper) {
 
 #[test_device]
 fn totp_error(device: DeviceWrapper) {
-    let mut admin = make_admin_test_device(device);
+    let mut device = device;
+    let mut admin = make_admin_test_device(&mut device);
     let slot_data = OtpSlotData::new(1, "", TOTP_SECRET, OtpMode::SixDigits);
     assert_cmd_err!(CommandError::NoName, admin.write_totp_slot(slot_data, 0));
     let slot_data = OtpSlotData::new(20, "test", TOTP_SECRET, OtpMode::SixDigits);
@@ -271,7 +275,8 @@ fn totp_error(device: DeviceWrapper) {
 
 #[test_device]
 fn totp_erase(device: DeviceWrapper) {
-    let mut admin = make_admin_test_device(device);
+    let mut device = device;
+    let mut admin = make_admin_test_device(&mut device);
     let config = Config::new(None, None, None, false);
     assert_ok!((), admin.write_config(config));
     let slot_data = OtpSlotData::new(1, "test1", TOTP_SECRET, OtpMode::SixDigits);
@@ -281,7 +286,6 @@ fn totp_erase(device: DeviceWrapper) {
 
     assert_ok!((), admin.erase_totp_slot(1));
 
-    let device = admin.device();
     let result = device.get_totp_slot_name(1);
     assert_cmd_err!(CommandError::SlotNotProgrammed, result);
     let result = device.get_totp_code(1);
-- 
cgit v1.2.1