trezor-firmware/tests/device_tests/test_session.py

# This file is part of the Trezor project.
#
# Copyright (C) 2012-2019 SatoshiLabs and contributors
#
# This library is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License version 3
# as published by the Free Software Foundation.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the License along with this library.
# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.

import pytest

from trezorlib import cardano, messages, models
from trezorlib.btc import get_public_node
from trezorlib.debuglink import TrezorClientDebugLink as Client
from trezorlib.exceptions import TrezorFailure
from trezorlib.tools import parse_path

from ..common import get_test_address

ADDRESS_N = parse_path("m/44h/0h/0h")
XPUB = "xpub6BiVtCpG9fQPxnPmHXG8PhtzQdWC2Su4qWu6XW9tpWFYhxydCLJGrWBJZ5H6qTAHdPQ7pQhtpjiYZVZARo14qHiay2fvrX996oEP42u8wZy"

PIN4 = "1234"


@pytest.mark.setup_client(pin=PIN4, passphrase="")
def test_clear_session(client: Client):
    is_t1 = client.model is models.T1B1
    init_responses = [
        messages.PinMatrixRequest if is_t1 else messages.ButtonRequest,
        messages.PassphraseRequest,
    ]

    cached_responses = [messages.PublicKey]

    with client:
        client.use_pin_sequence([PIN4])
        client.set_expected_responses(init_responses + cached_responses)
        assert get_public_node(client, ADDRESS_N).xpub == XPUB

    with client:
        # pin and passphrase are cached
        client.set_expected_responses(cached_responses)
        assert get_public_node(client, ADDRESS_N).xpub == XPUB

    client.clear_session()

    # session cache is cleared
    with client:
        client.use_pin_sequence([PIN4])
        client.set_expected_responses(init_responses + cached_responses)
        assert get_public_node(client, ADDRESS_N).xpub == XPUB

    with client:
        # pin and passphrase are cached
        client.set_expected_responses(cached_responses)
        assert get_public_node(client, ADDRESS_N).xpub == XPUB


def test_end_session(client: Client):
    # client instance starts out not initialized
    # XXX do we want to change this?
    assert client.session_id is not None

    # get_address will succeed
    with client:
        client.set_expected_responses([messages.Address])
        get_test_address(client)

    client.end_session()
    assert client.session_id is None
    with pytest.raises(TrezorFailure) as exc:
        get_test_address(client)
    assert exc.value.code == messages.FailureType.InvalidSession
    assert exc.value.message.endswith("Invalid session")

    client.init_device()
    assert client.session_id is not None
    with client:
        client.set_expected_responses([messages.Address])
        get_test_address(client)

    with client:
        # end_session should succeed on empty session too
        client.set_expected_responses([messages.Success] * 2)
        client.end_session()
        client.end_session()


def test_cannot_resume_ended_session(client: Client):
    session_id = client.session_id
    with client:
        client.set_expected_responses([messages.Features])
        client.init_device(session_id=session_id)

    assert session_id == client.session_id

    client.end_session()
    with client:
        client.set_expected_responses([messages.Features])
        client.init_device(session_id=session_id)

    assert session_id != client.session_id


def test_end_session_only_current(client: Client):
    """test that EndSession only destroys the current session"""
    session_id_a = client.session_id
    client.init_device(new_session=True)
    session_id_b = client.session_id

    client.end_session()
    assert client.session_id is None

    # resume ended session
    client.init_device(session_id=session_id_b)
    assert client.session_id != session_id_b

    # resume first session that was not ended
    client.init_device(session_id=session_id_a)
    assert client.session_id == session_id_a


@pytest.mark.setup_client(passphrase=True)
def test_session_recycling(client: Client):
    session_id_orig = client.session_id
    with client:
        client.set_expected_responses(
            [
                messages.PassphraseRequest,
                messages.ButtonRequest,
                messages.ButtonRequest,
                messages.Address,
            ]
        )
        client.use_passphrase("TREZOR")
        address = get_test_address(client)

    # create and close 100 sessions - more than the session limit
    for _ in range(100):
        client.init_device(new_session=True)
        client.end_session()

    # it should still be possible to resume the original session
    with client:
        # passphrase should still be cached
        client.set_expected_responses([messages.Features, messages.Address])
        client.use_passphrase("TREZOR")
        client.init_device(session_id=session_id_orig)
        assert address == get_test_address(client)


@pytest.mark.altcoin
@pytest.mark.cardano
@pytest.mark.skip_t1b1
def test_derive_cardano_empty_session(client: Client):
    # start new session
    client.init_device(new_session=True)
    session_id = client.session_id

    # restarting same session should go well
    client.init_device()
    assert session_id == client.session_id

    # restarting same session should go well with any setting
    client.init_device(derive_cardano=False)
    assert session_id == client.session_id
    client.init_device(derive_cardano=True)
    assert session_id == client.session_id


@pytest.mark.altcoin
@pytest.mark.cardano
@pytest.mark.skip_t1b1
def test_derive_cardano_running_session(client: Client):
    # start new session
    client.init_device(new_session=True)
    session_id = client.session_id
    # force derivation of seed
    get_test_address(client)

    # session should not have Cardano capability
    with pytest.raises(TrezorFailure, match="not enabled"):
        cardano.get_public_key(client, parse_path("m/44h/1815h/0h"))

    # restarting same session should go well
    client.init_device()
    assert session_id == client.session_id

    # restarting same session should go well if we _don't_ want to derive cardano
    client.init_device(derive_cardano=False)
    assert session_id == client.session_id

    # restarting with derive_cardano=True should kill old session and create new one
    client.init_device(derive_cardano=True)
    assert session_id != client.session_id

    session_id = client.session_id

    # new session should have Cardano capability
    cardano.get_public_key(client, parse_path("m/44h/1815h/0h"))

    # restarting with derive_cardano=True should keep same session
    client.init_device(derive_cardano=True)
    assert session_id == client.session_id

    # restarting with no setting should keep same session
    client.init_device()
    assert session_id == client.session_id

    # restarting with derive_cardano=False should kill old session and create new one
    client.init_device(derive_cardano=False)
    assert session_id != client.session_id

    with pytest.raises(TrezorFailure, match="not enabled"):
        cardano.get_public_key(client, parse_path("m/44h/1815h/0h"))
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`# This file is part of the Trezor project.`
			`#`
			`# Copyright (C) 2012-2019 SatoshiLabs and contributors`
			`#`
			`# This library is free software: you can redistribute it and/or modify`
			`# it under the terms of the GNU Lesser General Public License version 3`
			`# as published by the Free Software Foundation.`
			`#`
			`# This library is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU Lesser General Public License for more details.`
			`#`
			`# You should have received a copy of the License along with this library.`
			`# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.`

			`import pytest`

test(core): use internal model names [no changelog] 2024-03-11 15:20:08 +00:00			`from trezorlib import cardano, messages, models`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`from trezorlib.btc import get_public_node`
chore(tests): add type hints and improve styling in device test files 2022-01-31 12:25:30 +00:00			`from trezorlib.debuglink import TrezorClientDebugLink as Client`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`from trezorlib.exceptions import TrezorFailure`
			`from trezorlib.tools import parse_path`

			`from ..common import get_test_address`

chore(tests): add type hints and improve styling in device test files 2022-01-31 12:25:30 +00:00			`ADDRESS_N = parse_path("m/44h/0h/0h")`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`XPUB = "xpub6BiVtCpG9fQPxnPmHXG8PhtzQdWC2Su4qWu6XW9tpWFYhxydCLJGrWBJZ5H6qTAHdPQ7pQhtpjiYZVZARo14qHiay2fvrX996oEP42u8wZy"`

			`PIN4 = "1234"`


chore(tests): using setup_client for setting the passphrase in device tests where applicable 2021-09-07 16:17:32 +00:00			`@pytest.mark.setup_client(pin=PIN4, passphrase="")`
chore(tests): add type hints and improve styling in device test files 2022-01-31 12:25:30 +00:00			`def test_clear_session(client: Client):`
test(core): use internal model names [no changelog] 2024-03-11 15:20:08 +00:00			`is_t1 = client.model is models.T1B1`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`init_responses = [`
chore(tests): change all the model-specific variables for button_requests to start with "is_" [no changelog] 2023-09-14 15:22:21 +00:00			`messages.PinMatrixRequest if is_t1 else messages.ButtonRequest,`
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`messages.PassphraseRequest,`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`]`

chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`cached_responses = [messages.PublicKey]`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00
			`with client:`
			`client.use_pin_sequence([PIN4])`
			`client.set_expected_responses(init_responses + cached_responses)`
			`assert get_public_node(client, ADDRESS_N).xpub == XPUB`

			`with client:`
			`# pin and passphrase are cached`
			`client.set_expected_responses(cached_responses)`
			`assert get_public_node(client, ADDRESS_N).xpub == XPUB`

			`client.clear_session()`

			`# session cache is cleared`
			`with client:`
			`client.use_pin_sequence([PIN4])`
			`client.set_expected_responses(init_responses + cached_responses)`
			`assert get_public_node(client, ADDRESS_N).xpub == XPUB`

			`with client:`
			`# pin and passphrase are cached`
			`client.set_expected_responses(cached_responses)`
			`assert get_public_node(client, ADDRESS_N).xpub == XPUB`


chore(tests): add type hints and improve styling in device test files 2022-01-31 12:25:30 +00:00			`def test_end_session(client: Client):`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`# client instance starts out not initialized`
			`# XXX do we want to change this?`
			`assert client.session_id is not None`

			`# get_address will succeed`
			`with client:`
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`client.set_expected_responses([messages.Address])`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`get_test_address(client)`

			`client.end_session()`
			`assert client.session_id is None`
all: use a specific error code for "invalid session" 2020-08-28 08:45:01 +00:00			`with pytest.raises(TrezorFailure) as exc:`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`get_test_address(client)`
all: use a specific error code for "invalid session" 2020-08-28 08:45:01 +00:00			`assert exc.value.code == messages.FailureType.InvalidSession`
			`assert exc.value.message.endswith("Invalid session")`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00
			`client.init_device()`
			`assert client.session_id is not None`
			`with client:`
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`client.set_expected_responses([messages.Address])`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`get_test_address(client)`

			`with client:`
			`# end_session should succeed on empty session too`
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`client.set_expected_responses([messages.Success] * 2)`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`client.end_session()`
			`client.end_session()`


chore(tests): add type hints and improve styling in device test files 2022-01-31 12:25:30 +00:00			`def test_cannot_resume_ended_session(client: Client):`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`session_id = client.session_id`
			`with client:`
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`client.set_expected_responses([messages.Features])`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`client.init_device(session_id=session_id)`

			`assert session_id == client.session_id`

			`client.end_session()`
			`with client:`
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`client.set_expected_responses([messages.Features])`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`client.init_device(session_id=session_id)`

			`assert session_id != client.session_id`


chore(tests): add type hints and improve styling in device test files 2022-01-31 12:25:30 +00:00			`def test_end_session_only_current(client: Client):`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`"""test that EndSession only destroys the current session"""`
			`session_id_a = client.session_id`
			`client.init_device(new_session=True)`
			`session_id_b = client.session_id`

			`client.end_session()`
			`assert client.session_id is None`

			`# resume ended session`
			`client.init_device(session_id=session_id_b)`
			`assert client.session_id != session_id_b`

			`# resume first session that was not ended`
			`client.init_device(session_id=session_id_a)`
			`assert client.session_id == session_id_a`


			`@pytest.mark.setup_client(passphrase=True)`
chore(tests): add type hints and improve styling in device test files 2022-01-31 12:25:30 +00:00			`def test_session_recycling(client: Client):`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`session_id_orig = client.session_id`
			`with client:`
			`client.set_expected_responses(`
Merge remote-tracking branch 'origin/release/2020-09' 2020-09-03 11:17:23 +00:00			`[`
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`messages.PassphraseRequest,`
			`messages.ButtonRequest,`
			`messages.ButtonRequest,`
			`messages.Address,`
Merge remote-tracking branch 'origin/release/2020-09' 2020-09-03 11:17:23 +00:00			`]`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`)`
			`client.use_passphrase("TREZOR")`
			`address = get_test_address(client)`

			`# create and close 100 sessions - more than the session limit`
			`for _ in range(100):`
			`client.init_device(new_session=True)`
			`client.end_session()`

			`# it should still be possible to resume the original session`
			`with client:`
			`# passphrase should still be cached`
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`client.set_expected_responses([messages.Features, messages.Address])`
tests: add tests for end_session 2020-08-25 14:05:31 +00:00			`client.use_passphrase("TREZOR")`
			`client.init_device(session_id=session_id_orig)`
			`assert address == get_test_address(client)`
tests: add tests for different Cardano derivations 2021-10-22 14:05:33 +00:00

			`@pytest.mark.altcoin`
			`@pytest.mark.cardano`
test(core): use internal model names [no changelog] 2024-03-11 15:20:08 +00:00			`@pytest.mark.skip_t1b1`
chore(tests): add type hints and improve styling in device test files 2022-01-31 12:25:30 +00:00			`def test_derive_cardano_empty_session(client: Client):`
tests: add tests for different Cardano derivations 2021-10-22 14:05:33 +00:00			`# start new session`
			`client.init_device(new_session=True)`
			`session_id = client.session_id`

			`# restarting same session should go well`
			`client.init_device()`
			`assert session_id == client.session_id`

			`# restarting same session should go well with any setting`
			`client.init_device(derive_cardano=False)`
			`assert session_id == client.session_id`
			`client.init_device(derive_cardano=True)`
			`assert session_id == client.session_id`


			`@pytest.mark.altcoin`
			`@pytest.mark.cardano`
test(core): use internal model names [no changelog] 2024-03-11 15:20:08 +00:00			`@pytest.mark.skip_t1b1`
chore(tests): add type hints and improve styling in device test files 2022-01-31 12:25:30 +00:00			`def test_derive_cardano_running_session(client: Client):`
tests: add tests for different Cardano derivations 2021-10-22 14:05:33 +00:00			`# start new session`
			`client.init_device(new_session=True)`
			`session_id = client.session_id`
			`# force derivation of seed`
			`get_test_address(client)`

			`# session should not have Cardano capability`
			`with pytest.raises(TrezorFailure, match="not enabled"):`
			`cardano.get_public_key(client, parse_path("m/44h/1815h/0h"))`

			`# restarting same session should go well`
			`client.init_device()`
			`assert session_id == client.session_id`

			`# restarting same session should go well if we _don't_ want to derive cardano`
			`client.init_device(derive_cardano=False)`
			`assert session_id == client.session_id`

			`# restarting with derive_cardano=True should kill old session and create new one`
			`client.init_device(derive_cardano=True)`
			`assert session_id != client.session_id`

			`session_id = client.session_id`

			`# new session should have Cardano capability`
			`cardano.get_public_key(client, parse_path("m/44h/1815h/0h"))`

			`# restarting with derive_cardano=True should keep same session`
			`client.init_device(derive_cardano=True)`
			`assert session_id == client.session_id`

			`# restarting with no setting should keep same session`
			`client.init_device()`
			`assert session_id == client.session_id`

			`# restarting with derive_cardano=False should kill old session and create new one`
			`client.init_device(derive_cardano=False)`
			`assert session_id != client.session_id`

			`with pytest.raises(TrezorFailure, match="not enabled"):`
			`cardano.get_public_key(client, parse_path("m/44h/1815h/0h"))`