kopia lustrzana https://github.com/solokeys/solo1
add more tests
rodzic
f704851419
commit
6674f0a8ff
|
@ -890,12 +890,41 @@ class Tester:
|
|||
assert len(prev_auth.auth_data) == 37
|
||||
print("pass")
|
||||
|
||||
print("Test that auth_data.rpIdHash is correct")
|
||||
assert sha256(rp["id"].encode()) == prev_auth.auth_data.rp_id_hash
|
||||
print("Pass")
|
||||
|
||||
print("Check that AT flag is not set")
|
||||
assert (prev_auth.auth_data.flags & 0xF8) == 0
|
||||
print("Pass")
|
||||
|
||||
print("Test that user, credential and numberOfCredentials are not present")
|
||||
assert prev_auth.user == None
|
||||
assert prev_auth.number_of_credentials == None
|
||||
# assert prev_auth.credential == None # TODO double check this
|
||||
print("Pass")
|
||||
|
||||
testGA(
|
||||
"Send GA request with empty allow_list, expect NO_CREDENTIALS",
|
||||
rp["id"],
|
||||
cdh,
|
||||
[],
|
||||
expectedError=CtapError.ERR.NO_CREDENTIALS,
|
||||
)
|
||||
|
||||
# apply bit flip
|
||||
badid = list(prev_reg.auth_data.credential_data.credential_id[:])
|
||||
badid[len(badid) // 2] = badid[len(badid) // 2] ^ 1
|
||||
badid = bytes(badid)
|
||||
|
||||
testGA(
|
||||
"Send GA request with corrupt credId in allow_list, expect NO_CREDENTIALS",
|
||||
rp["id"],
|
||||
cdh,
|
||||
[{"id": badid, "type": "public-key"}],
|
||||
expectedError=CtapError.ERR.NO_CREDENTIALS,
|
||||
)
|
||||
|
||||
testMC(
|
||||
"Send MC request with missing clientDataHash, expect error",
|
||||
None,
|
||||
|
@ -1407,6 +1436,7 @@ class Tester:
|
|||
print("Send an extra getNextAssertion request, expect error")
|
||||
try:
|
||||
auth4 = self.ctap.get_next_assertion()
|
||||
assert 0
|
||||
except CtapError as e:
|
||||
print(e)
|
||||
print("Pass")
|
||||
|
@ -1493,16 +1523,61 @@ class Tester:
|
|||
print("Setting pin code >63 bytes, expect POLICY_VIOLATION ")
|
||||
try:
|
||||
self.client.pin_protocol.set_pin("A" * 64)
|
||||
assert 0
|
||||
except CtapError as e:
|
||||
assert e.code == CtapError.ERR.PIN_POLICY_VIOLATION
|
||||
print("Pass")
|
||||
|
||||
print("Get pin token when no pin is set, expect PIN_NOT_SET")
|
||||
try:
|
||||
self.client.pin_protocol.get_pin_token(pin1)
|
||||
assert 0
|
||||
except CtapError as e:
|
||||
assert e.code == CtapError.ERR.PIN_NOT_SET
|
||||
|
||||
print("Get change pin when no pin is set, expect PIN_NOT_SET")
|
||||
try:
|
||||
self.client.pin_protocol.change_pin(pin1, "1234")
|
||||
assert 0
|
||||
except CtapError as e:
|
||||
assert e.code == CtapError.ERR.PIN_NOT_SET
|
||||
print("Pass")
|
||||
|
||||
print("Setting pin code and get pin_token, expect SUCCESS")
|
||||
self.client.pin_protocol.set_pin(pin1)
|
||||
pin_token = self.client.pin_protocol.get_pin_token(pin1)
|
||||
pin_auth = hmac_sha256(pin_token, cdh)[:16]
|
||||
print("Pass")
|
||||
|
||||
print("Get info and assert that clientPin is set to true")
|
||||
info = self.ctap.get_info()
|
||||
assert info.options["clientPin"]
|
||||
print("Pass")
|
||||
|
||||
print("Test setting pin again fails")
|
||||
try:
|
||||
self.client.pin_protocol.set_pin(pin1)
|
||||
assert 0
|
||||
except CtapError as e:
|
||||
print(e)
|
||||
print("Pass")
|
||||
|
||||
res_mc = testMC(
|
||||
"Send MC request with no pin_auth, expect PIN_REQUIRED",
|
||||
cdh,
|
||||
rp,
|
||||
user,
|
||||
key_params,
|
||||
expectedError=CtapError.ERR.PIN_REQUIRED,
|
||||
)
|
||||
|
||||
res_mc = testGA(
|
||||
"Send GA request with no pin_auth, expect PIN_REQUIRED",
|
||||
rp["id"],
|
||||
cdh,
|
||||
expectedError=CtapError.ERR.PIN_REQUIRED,
|
||||
)
|
||||
|
||||
res = testCP(
|
||||
"Test getRetries, expect SUCCESS",
|
||||
pin_protocol,
|
||||
|
@ -1733,6 +1808,7 @@ class Tester:
|
|||
def test_bootloader(self,):
|
||||
sc = SoloClient()
|
||||
sc.find_device(self.dev)
|
||||
sc.use_u2f()
|
||||
|
||||
memmap = (0x08005000, 0x08005000 + 198 * 1024 - 8)
|
||||
data = b"A" * 64
|
||||
|
|
Ładowanie…
Reference in New Issue