// Copyright (C) 2018-2019 Robin Krahl // SPDX-License-Identifier: MIT mod util; use std::ffi::CStr; use libc::{c_int, c_void, free}; use nitrokey::{ CommandError, Device, Error, GetPasswordSafe, LibraryError, PasswordSafe, DEFAULT_ADMIN_PIN, DEFAULT_USER_PIN, SLOT_COUNT, }; use nitrokey_sys; use nitrokey_test::test as test_device; fn get_slot_name_direct(slot: u8) -> Result { let ptr = unsafe { nitrokey_sys::NK_get_password_safe_slot_name(slot) }; if ptr.is_null() { return Err(Error::UnexpectedError); } let s = unsafe { CStr::from_ptr(ptr).to_string_lossy().into_owned() }; unsafe { free(ptr as *mut c_void) }; match s.is_empty() { true => { let error = unsafe { nitrokey_sys::NK_get_last_command_status() } as c_int; match error { 0 => Ok(s), other => Err(Error::from(other)), } } false => Ok(s), } } fn get_pws<'a, T>(device: &mut T) -> PasswordSafe<'_, 'a> where T: Device<'a>, { unwrap_ok!(device.get_password_safe(DEFAULT_USER_PIN)) } #[test_device] fn enable(device: DeviceWrapper) { let mut device = device; assert_cmd_err!( CommandError::WrongPassword, device.get_password_safe(&(DEFAULT_USER_PIN.to_owned() + "123")) ); assert_any_ok!(device.get_password_safe(DEFAULT_USER_PIN)); assert_cmd_err!( CommandError::WrongPassword, device.get_password_safe(DEFAULT_ADMIN_PIN) ); assert_any_ok!(device.get_password_safe(DEFAULT_USER_PIN)); } #[test_device] fn drop(device: DeviceWrapper) { let mut device = device; { let mut pws = get_pws(&mut device); assert_ok!((), pws.write_slot(1, "name", "login", "password")); assert_ok!("name".to_string(), pws.get_slot_name(1)); let result = get_slot_name_direct(1); assert_ok!(String::from("name"), result); } let result = get_slot_name_direct(1); assert_ok!(String::from("name"), result); assert_ok!((), device.lock()); let result = get_slot_name_direct(1); assert_cmd_err!(CommandError::NotAuthorized, result); } #[test_device] fn get_status(device: DeviceWrapper) { let mut device = device; let mut pws = get_pws(&mut device); for i in 0..SLOT_COUNT { assert_ok!((), pws.erase_slot(i)); } let status = unwrap_ok!(pws.get_slot_status()); assert_eq!(status, [false; SLOT_COUNT as usize]); assert_ok!((), pws.write_slot(1, "name", "login", "password")); let status = unwrap_ok!(pws.get_slot_status()); for i in 0..SLOT_COUNT { assert_eq!(i == 1, status[i as usize]); } for i in 0..SLOT_COUNT { assert_ok!((), pws.write_slot(i, "name", "login", "password")); } assert_ok!([true; SLOT_COUNT as usize], pws.get_slot_status()); } #[test_device] fn get_data(device: DeviceWrapper) { let mut device = device; let mut pws = get_pws(&mut device); assert_ok!((), pws.write_slot(1, "name", "login", "password")); assert_ok!("name".to_string(), pws.get_slot_name(1)); assert_ok!("login".to_string(), pws.get_slot_login(1)); assert_ok!("password".to_string(), pws.get_slot_password(1)); assert_ok!((), pws.erase_slot(1)); assert_cmd_err!(CommandError::SlotNotProgrammed, pws.get_slot_name(1)); assert_cmd_err!(CommandError::SlotNotProgrammed, pws.get_slot_login(1)); assert_cmd_err!(CommandError::SlotNotProgrammed, pws.get_slot_password(1)); let name = "with å"; let login = "pär@test.com"; let password = "'i3lJc[09?I:,[u7dWz9"; assert_ok!((), pws.write_slot(1, name, login, password)); assert_ok!(name.to_string(), pws.get_slot_name(1)); assert_ok!(login.to_string(), pws.get_slot_login(1)); assert_ok!(password.to_string(), pws.get_slot_password(1)); assert_lib_err!(LibraryError::InvalidSlot, pws.get_slot_name(SLOT_COUNT)); assert_lib_err!(LibraryError::InvalidSlot, pws.get_slot_login(SLOT_COUNT)); assert_lib_err!(LibraryError::InvalidSlot, pws.get_slot_password(SLOT_COUNT)); } #[test_device] fn write(device: DeviceWrapper) { let mut device = device; let mut pws = get_pws(&mut device); assert_lib_err!( LibraryError::InvalidSlot, pws.write_slot(SLOT_COUNT, "name", "login", "password") ); assert_ok!((), pws.write_slot(0, "", "login", "password")); assert_cmd_err!(CommandError::SlotNotProgrammed, pws.get_slot_name(0)); assert_ok!(String::from("login"), pws.get_slot_login(0)); assert_ok!(String::from("password"), pws.get_slot_password(0)); assert_ok!((), pws.write_slot(0, "name", "", "password")); assert_ok!(String::from("name"), pws.get_slot_name(0)); assert_cmd_err!(CommandError::SlotNotProgrammed, pws.get_slot_login(0)); assert_ok!(String::from("password"), pws.get_slot_password(0)); assert_ok!((), pws.write_slot(0, "name", "login", "")); assert_ok!(String::from("name"), pws.get_slot_name(0)); assert_ok!(String::from("login"), pws.get_slot_login(0)); assert_cmd_err!(CommandError::SlotNotProgrammed, pws.get_slot_password(0)); } #[test_device] fn erase(device: DeviceWrapper) { let mut device = device; let mut pws = get_pws(&mut device); assert_lib_err!(LibraryError::InvalidSlot, pws.erase_slot(SLOT_COUNT)); assert_ok!((), pws.write_slot(0, "name", "login", "password")); assert_ok!((), pws.erase_slot(0)); assert_ok!((), pws.erase_slot(0)); assert_cmd_err!(CommandError::SlotNotProgrammed, pws.get_slot_name(0)); }