From 0a7a62c9af15b11e5dbfad1900ac89924457b272 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin.krahl@ireas.org>
Date: Thu, 3 Jan 2019 13:50:15 +0000
Subject: Add Device::factory_reset method

This patch adds the factory_reset_method to the Device trait that uses
the NK_factory_reset function to perform a factory reset.  The tests
verify that the user and admin PIN are reset and that the OTP storage
and the password safe are deleted.
---
 tests/device.rs | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 57 insertions(+), 3 deletions(-)

(limited to 'tests')

diff --git a/tests/device.rs b/tests/device.rs
index a225d2d..363b8d8 100644
--- a/tests/device.rs
+++ b/tests/device.rs
@@ -4,9 +4,12 @@ use std::ffi::CStr;
 use std::process::Command;
 use std::{thread, time};
 
-use nitrokey::{Authenticate, CommandError, Config, Device, Storage};
+use nitrokey::{
+    Authenticate, CommandError, Config, ConfigureOtp, Device, GenerateOtp, GetPasswordSafe,
+    OtpMode, OtpSlotData, Storage,
+};
 
-use crate::util::{Target, ADMIN_PASSWORD, USER_PASSWORD, UPDATE_PIN};
+use crate::util::{Target, ADMIN_PASSWORD, UPDATE_PIN, USER_PASSWORD};
 
 static ADMIN_NEW_PASSWORD: &str = "1234567890";
 static UPDATE_NEW_PIN: &str = "87654321";
@@ -295,12 +298,63 @@ fn unlock_user_pin() {
         .is_ok());
 }
 
+#[test]
+#[cfg_attr(not(any(feature = "test-pro", feature = "test-storage")), ignore)]
+fn factory_reset() {
+    let device = Target::connect().unwrap();
+
+    assert_eq!(
+        Ok(()),
+        device.change_user_pin(USER_PASSWORD, USER_NEW_PASSWORD)
+    );
+    assert_eq!(
+        Ok(()),
+        device.change_admin_pin(ADMIN_PASSWORD, ADMIN_NEW_PASSWORD)
+    );
+
+    let admin = device.authenticate_admin(ADMIN_NEW_PASSWORD).unwrap();
+    let otp_data = OtpSlotData::new(1, "test", "0123468790", OtpMode::SixDigits);
+    assert_eq!(Ok(()), admin.write_totp_slot(otp_data, 30));
+
+    let device = admin.device();
+    let pws = device.get_password_safe(USER_NEW_PASSWORD).unwrap();
+    assert_eq!(Ok(()), pws.write_slot(0, "test", "testlogin", "testpw"));
+    drop(pws);
+
+    assert_eq!(
+        Err(CommandError::WrongPassword),
+        device.factory_reset(USER_NEW_PASSWORD)
+    );
+    assert_eq!(
+        Err(CommandError::WrongPassword),
+        device.factory_reset(ADMIN_PASSWORD)
+    );
+    assert_eq!(Ok(()), device.factory_reset(ADMIN_NEW_PASSWORD));
+
+    let device = device.authenticate_admin(ADMIN_PASSWORD).unwrap().device();
+
+    let user = device.authenticate_user(USER_PASSWORD).unwrap();
+    assert_eq!(
+        Err(CommandError::SlotNotProgrammed),
+        user.get_totp_slot_name(1)
+    );
+
+    let device = user.device();
+    let pws = device.get_password_safe(USER_PASSWORD).unwrap();
+    assert_ne!("test".to_string(), pws.get_slot_name(0).unwrap());
+    assert_ne!("testlogin".to_string(), pws.get_slot_login(0).unwrap());
+    assert_ne!("testpw".to_string(), pws.get_slot_password(0).unwrap());
+}
+
 #[test]
 #[cfg_attr(not(feature = "test-storage"), ignore)]
 fn change_update_pin() {
     let device = Storage::connect().unwrap();
 
-    assert_eq!(Err(CommandError::WrongPassword), device.change_update_pin(UPDATE_NEW_PIN, UPDATE_PIN));
+    assert_eq!(
+        Err(CommandError::WrongPassword),
+        device.change_update_pin(UPDATE_NEW_PIN, UPDATE_PIN)
+    );
     assert_eq!(Ok(()), device.change_update_pin(UPDATE_PIN, UPDATE_NEW_PIN));
     assert_eq!(Ok(()), device.change_update_pin(UPDATE_NEW_PIN, UPDATE_PIN));
 }
-- 
cgit v1.2.1