Added tests for authenticate and reset. Fixed bug in reset (always returned success).

This commit is contained in:
Trevor Bentley
2017-07-12 13:19:15 +02:00
parent cffe862bbc
commit bfafb926a3
2 changed files with 76 additions and 12 deletions
+74 -10
View File
@@ -38,6 +38,8 @@
#include <check.h>
int confirm_destruction(void);
ykpiv_state *g_state;
const uint8_t g_cert[] = {
"0123456789ABCDEFGHIK0123456789ABCDEFGHIK0123456789ABCDEFGHIK0123456789ABCDEFGHIK"
@@ -49,22 +51,18 @@ const uint8_t g_cert[] = {
void setup(void) {
ykpiv_rc res;
const char *mgm_key = "010203040506070801020304050607080102030405060708";
unsigned char key[24];
size_t key_len = sizeof(key);
// Require user confirmation to continue, since this test suite will clear
// any data stored on connected keys.
ck_assert(confirm_destruction());
res = ykpiv_init(&g_state, true);
ck_assert_int_eq(res, YKPIV_OK);
res = ykpiv_connect(g_state, NULL);
ck_assert_int_eq(res, YKPIV_OK);
res = ykpiv_hex_decode(mgm_key, strlen(mgm_key), key, &key_len);
ck_assert_int_eq(res, YKPIV_OK);
res = ykpiv_authenticate(g_state, key);
ck_assert_int_eq(res, YKPIV_OK);
}
void teardown(void) {
ykpiv_done(g_state);
}
@@ -173,10 +171,68 @@ START_TEST(test_read_write_msroots) {
}
END_TEST
START_TEST(test_reset) {
START_TEST(test_authenticate) {
ykpiv_rc res;
const char *mgm_key = "010203040506070801020304050607080102030405060708";
unsigned char key[24];
size_t key_len = sizeof(key);
res = ykpiv_hex_decode(mgm_key, strlen(mgm_key), key, &key_len);
ck_assert_int_eq(res, YKPIV_OK);
res = ykpiv_authenticate(g_state, key);
ck_assert_int_eq(res, YKPIV_OK);
}
END_TEST
START_TEST(test_reset) {
ykpiv_rc res;
int tries = 100;
int i;
while (tries) {
res = ykpiv_verify(g_state, "AAAAAA", &tries);
if (res == YKPIV_PIN_LOCKED)
break;
ck_assert_int_eq(res, YKPIV_WRONG_PIN);
}
tries = 100;
while (tries) {
res = ykpiv_change_puk(g_state, "AAAAAAAA", 8, "AAAAAAAA", 8, &tries);
if (res == YKPIV_PIN_LOCKED)
break;
ck_assert_int_eq(res, YKPIV_WRONG_PIN);
}
res = ykpiv_util_reset(g_state);
ck_assert_int_eq(res, YKPIV_OK);
}
END_TEST
int confirm_destruction(void) {
char verify[16];
// Use dprintf() to write directly to stdout, since automake eats the standard stdout/stderr pointers.
dprintf(0, "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******\n");
dprintf(0, "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING\n");
dprintf(0, "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING\n");
dprintf(0, "\n");
dprintf(0, "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******\n");
dprintf(0, "\n");
dprintf(0, " ALL DATA WILL BE ERASED ON CONNECTED YUBIKEYS \n");
dprintf(0, "\n");
dprintf(0, "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******\n");
dprintf(0, "\n");
dprintf(0, "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING\n");
dprintf(0, "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING\n");
dprintf(0, "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******\n");
dprintf(0, "\n");
dprintf(0, "Are you SURE you wish to proceed? If so, type 'CONFIRM': ");
fgets(verify, 32, stdin);
return strncmp(verify, "CONFIRM", 7) == 0;
}
Suite *test_suite(void) {
Suite *s;
TCase *tc;
@@ -185,6 +241,13 @@ Suite *test_suite(void) {
tc = tcase_create("util");
#ifdef HW_TESTS
tcase_add_unchecked_fixture(tc, setup, teardown);
// Reset first. Tests run serially, and depend on a clean slate.
tcase_add_test(tc, test_reset);
// Authenticate after reset.
tcase_add_test(tc, test_authenticate);
tcase_add_test(tc, test_devicemodel);
tcase_add_test(tc, test_get_set_cardid);
tcase_add_test(tc, test_read_write_list_delete_cert);
@@ -207,5 +270,6 @@ int main(void)
srunner_run_all(sr, CK_NORMAL);
number_failed = srunner_ntests_failed(sr);
srunner_free(sr);
return (number_failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
}