trezor-firmware/tests/device_tests/test_msg_changepin_t1.py

# This file is part of the Trezor project.
#
# Copyright (C) 2012-2019 SatoshiLabs and contributors
#
# This library is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License version 3
# as published by the Free Software Foundation.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the License along with this library.
# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.

import pytest

from trezorlib import device, messages
from trezorlib.client import MAX_PIN_LENGTH
from trezorlib.debuglink import SessionDebugWrapper as Session
from trezorlib.exceptions import TrezorFailure

from ..common import get_test_address

PIN4 = "1234"
PIN6 = "789456"
PIN_MAX = "".join(chr((i % 9) + ord("1")) for i in range(MAX_PIN_LENGTH))
PIN_TOO_LONG = PIN_MAX + "1"

pytestmark = pytest.mark.models("legacy")


def _check_pin(session: Session, pin):
    session.lock()
    with session, session.client as client:
        client.use_pin_sequence([pin])
        session.set_expected_responses([messages.PinMatrixRequest, messages.Address])
        get_test_address(session)


def _check_no_pin(session: Session):
    session.lock()
    with session:
        session.set_expected_responses([messages.Address])
        get_test_address(session)


def test_set_pin(session: Session):
    assert session.features.pin_protection is False

    # Check that there's no PIN protection
    _check_no_pin(session)

    # Let's set new PIN
    with session, session.client as client:
        client.use_pin_sequence([PIN_MAX, PIN_MAX])
        session.set_expected_responses(
            [
                messages.ButtonRequest(code=messages.ButtonRequestType.ProtectCall),
                messages.PinMatrixRequest,
                messages.PinMatrixRequest,
                messages.Success,
                messages.Features,
            ]
        )
        device.change_pin(session)

    # Check that there's PIN protection now
    assert session.features.pin_protection is True
    # Check that the PIN is correct
    _check_pin(session, PIN_MAX)


@pytest.mark.setup_client(pin=PIN4)
def test_change_pin(session: Session):
    assert session.features.pin_protection is True
    # Check that there's PIN protection
    _check_pin(session, PIN4)

    # Let's change PIN
    with session, session.client as client:
        client.use_pin_sequence([PIN4, PIN_MAX, PIN_MAX])
        session.set_expected_responses(
            [
                messages.ButtonRequest(code=messages.ButtonRequestType.ProtectCall),
                messages.PinMatrixRequest,
                messages.PinMatrixRequest,
                messages.PinMatrixRequest,
                messages.Success,
                messages.Features,
            ]
        )
        device.change_pin(session)

    # Check that there's still PIN protection now
    assert session.features.pin_protection is True
    # Check that the PIN is correct
    _check_pin(session, PIN_MAX)


@pytest.mark.setup_client(pin=PIN4)
def test_remove_pin(session: Session):
    assert session.features.pin_protection is True
    # Check that there's PIN protection
    _check_pin(session, PIN4)

    # Let's remove PIN
    with session, session.client as client:
        client.use_pin_sequence([PIN4])
        session.set_expected_responses(
            [
                messages.ButtonRequest(code=messages.ButtonRequestType.ProtectCall),
                messages.PinMatrixRequest,
                messages.Success,
                messages.Features,
            ]
        )
        device.change_pin(session, remove=True)

    # Check that there's no PIN protection now
    assert session.features.pin_protection is False
    _check_no_pin(session)


def test_set_mismatch(session: Session):
    assert session.features.pin_protection is False
    # Check that there's no PIN protection
    _check_no_pin(session)

    # Let's set new PIN
    with session, session.client as client, pytest.raises(
        TrezorFailure, match="PIN mismatch"
    ):
        # use different PINs for first and second attempt. This will fail.
        client.use_pin_sequence([PIN4, PIN_MAX])
        session.set_expected_responses(
            [
                messages.ButtonRequest(code=messages.ButtonRequestType.ProtectCall),
                messages.PinMatrixRequest,
                messages.PinMatrixRequest,
                messages.Failure,
            ]
        )
        device.change_pin(session)

    # Check that there's still no PIN protection now
    # TODO change session.init_device()
    session.refresh_features()
    assert session.features.pin_protection is False
    _check_no_pin(session)


@pytest.mark.setup_client(pin=PIN4)
def test_change_mismatch(session: Session):
    assert session.features.pin_protection is True

    # Let's set new PIN
    with session, session.client as client, pytest.raises(
        TrezorFailure, match="PIN mismatch"
    ):
        client.use_pin_sequence([PIN4, PIN6, PIN6 + "3"])
        session.set_expected_responses(
            [
                messages.ButtonRequest(code=messages.ButtonRequestType.ProtectCall),
                messages.PinMatrixRequest,
                messages.PinMatrixRequest,
                messages.PinMatrixRequest,
                messages.Failure,
            ]
        )
        device.change_pin(session)

    # Check that there's still old PIN protection
    # TODO change session.init_device()
    session.refresh_features()
    assert session.features.pin_protection is True
    _check_pin(session, PIN4)


@pytest.mark.parametrize("invalid_pin", ("1204", "", PIN_TOO_LONG))
def test_set_invalid(session: Session, invalid_pin):
    assert session.features.pin_protection is False

    # Let's set an invalid PIN
    ret = session.call_raw(messages.ChangePin())
    assert isinstance(ret, messages.ButtonRequest)

    # Press button
    session.client.debug.press_yes()
    ret = session.call_raw(messages.ButtonAck())

    # Send a PIN containing an invalid digit
    assert isinstance(ret, messages.PinMatrixRequest)
    ret = session.call_raw(messages.PinMatrixAck(pin=invalid_pin))

    # Ensure the invalid PIN is detected
    assert isinstance(ret, messages.Failure)

    # Check that there's still no PIN protection now
    # TODO change session.init_device()
    session.refresh_features()
    assert session.features.pin_protection is False
    _check_no_pin(session)


@pytest.mark.parametrize("invalid_pin", ("1204", "", PIN_TOO_LONG))
@pytest.mark.setup_client(pin=PIN4)
def test_enter_invalid(session: Session, invalid_pin):
    assert session.features.pin_protection is True

    # use an invalid PIN
    ret = session.call_raw(messages.GetAddress())

    # Send a PIN containing an invalid digit
    assert isinstance(ret, messages.PinMatrixRequest)
    ret = session.call_raw(messages.PinMatrixAck(pin=invalid_pin))

    # Ensure the invalid PIN is detected
    assert isinstance(ret, messages.Failure)
regenerate license headers This clarifies the intent: the project is licenced under terms of LGPL version 3 only, but the standard headers cover only "3 or later", so we had to rewrite them. In the same step, we removed author information from individual files in favor of "SatoshiLabs and contributors", and include an AUTHORS file that lists the contributors. Apologies to those whose names are missing; please contact us if you wish to add your info to the AUTHORS file. 2018-06-21 14:28:34 +00:00			`# This file is part of the Trezor project.`
add license headers to unit tests 2017-01-03 18:40:05 +00:00			`#`
python: add or update licence headers 2019-05-29 16:44:09 +00:00			`# Copyright (C) 2012-2019 SatoshiLabs and contributors`
add license headers to unit tests 2017-01-03 18:40:05 +00:00			`#`
			`# This library is free software: you can redistribute it and/or modify`
regenerate license headers This clarifies the intent: the project is licenced under terms of LGPL version 3 only, but the standard headers cover only "3 or later", so we had to rewrite them. In the same step, we removed author information from individual files in favor of "SatoshiLabs and contributors", and include an AUTHORS file that lists the contributors. Apologies to those whose names are missing; please contact us if you wish to add your info to the AUTHORS file. 2018-06-21 14:28:34 +00:00			`# it under the terms of the GNU Lesser General Public License version 3`
			`# as published by the Free Software Foundation.`
add license headers to unit tests 2017-01-03 18:40:05 +00:00			`#`
			`# This library is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU Lesser General Public License for more details.`
			`#`
regenerate license headers This clarifies the intent: the project is licenced under terms of LGPL version 3 only, but the standard headers cover only "3 or later", so we had to rewrite them. In the same step, we removed author information from individual files in favor of "SatoshiLabs and contributors", and include an AUTHORS file that lists the contributors. Apologies to those whose names are missing; please contact us if you wish to add your info to the AUTHORS file. 2018-06-21 14:28:34 +00:00			`# You should have received a copy of the License along with this library.`
			`# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.`

tests/device_tests: remove all star imports 2018-05-11 12:53:51 +00:00			`import pytest`
add license headers to unit tests 2017-01-03 18:40:05 +00:00
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`from trezorlib import device, messages`
test: Use long PIN values in device tests. 2020-08-14 09:03:49 +00:00			`from trezorlib.client import MAX_PIN_LENGTH`
feat: implement THP 2024-11-15 16:31:22 +00:00			`from trezorlib.debuglink import SessionDebugWrapper as Session`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`from trezorlib.exceptions import TrezorFailure`
style: use flake8 2017-06-23 19:31:42 +00:00
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`from ..common import get_test_address`

tests: drop TrezorTest class 2019-09-11 12:29:39 +00:00			`PIN4 = "1234"`
			`PIN6 = "789456"`
test: Use long PIN values in device tests. 2020-08-14 09:03:49 +00:00			`PIN_MAX = "".join(chr((i % 9) + ord("1")) for i in range(MAX_PIN_LENGTH))`
			`PIN_TOO_LONG = PIN_MAX + "1"`
ChangePin unittest 2014-02-21 03:46:33 +00:00
refactor(tests): introduce a better model selection mechanism 2024-09-02 11:01:16 +00:00			`pytestmark = pytest.mark.models("legacy")`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00

feat: implement THP 2024-11-15 16:31:22 +00:00			`def _check_pin(session: Session, pin):`
			`session.lock()`
			`with session, session.client as client:`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`client.use_pin_sequence([pin])`
feat: implement THP 2024-11-15 16:31:22 +00:00			`session.set_expected_responses([messages.PinMatrixRequest, messages.Address])`
			`get_test_address(session)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00

feat: implement THP 2024-11-15 16:31:22 +00:00			`def _check_no_pin(session: Session):`
			`session.lock()`
			`with session:`
			`session.set_expected_responses([messages.Address])`
			`get_test_address(session)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00

feat: implement THP 2024-11-15 16:31:22 +00:00			`def test_set_pin(session: Session):`
			`assert session.features.pin_protection is False`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Check that there's no PIN protection`
feat: implement THP 2024-11-15 16:31:22 +00:00			`_check_no_pin(session)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Let's set new PIN`
feat: implement THP 2024-11-15 16:31:22 +00:00			`with session, session.client as client:`
test: Use long PIN values in device tests. 2020-08-14 09:03:49 +00:00			`client.use_pin_sequence([PIN_MAX, PIN_MAX])`
feat: implement THP 2024-11-15 16:31:22 +00:00			`session.set_expected_responses(`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`[`
			`messages.ButtonRequest(code=messages.ButtonRequestType.ProtectCall),`
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`messages.PinMatrixRequest,`
			`messages.PinMatrixRequest,`
			`messages.Success,`
			`messages.Features,`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`]`
			`)`
feat: implement THP 2024-11-15 16:31:22 +00:00			`device.change_pin(session)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Check that there's PIN protection now`
feat: implement THP 2024-11-15 16:31:22 +00:00			`assert session.features.pin_protection is True`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`# Check that the PIN is correct`
feat: implement THP 2024-11-15 16:31:22 +00:00			`_check_pin(session, PIN_MAX)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00

			`@pytest.mark.setup_client(pin=PIN4)`
feat: implement THP 2024-11-15 16:31:22 +00:00			`def test_change_pin(session: Session):`
			`assert session.features.pin_protection is True`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`# Check that there's PIN protection`
feat: implement THP 2024-11-15 16:31:22 +00:00			`_check_pin(session, PIN4)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Let's change PIN`
feat: implement THP 2024-11-15 16:31:22 +00:00			`with session, session.client as client:`
test: Use long PIN values in device tests. 2020-08-14 09:03:49 +00:00			`client.use_pin_sequence([PIN4, PIN_MAX, PIN_MAX])`
feat: implement THP 2024-11-15 16:31:22 +00:00			`session.set_expected_responses(`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`[`
			`messages.ButtonRequest(code=messages.ButtonRequestType.ProtectCall),`
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`messages.PinMatrixRequest,`
			`messages.PinMatrixRequest,`
			`messages.PinMatrixRequest,`
			`messages.Success,`
			`messages.Features,`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`]`
			`)`
feat: implement THP 2024-11-15 16:31:22 +00:00			`device.change_pin(session)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Check that there's still PIN protection now`
feat: implement THP 2024-11-15 16:31:22 +00:00			`assert session.features.pin_protection is True`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`# Check that the PIN is correct`
feat: implement THP 2024-11-15 16:31:22 +00:00			`_check_pin(session, PIN_MAX)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00

			`@pytest.mark.setup_client(pin=PIN4)`
feat: implement THP 2024-11-15 16:31:22 +00:00			`def test_remove_pin(session: Session):`
			`assert session.features.pin_protection is True`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`# Check that there's PIN protection`
feat: implement THP 2024-11-15 16:31:22 +00:00			`_check_pin(session, PIN4)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Let's remove PIN`
feat: implement THP 2024-11-15 16:31:22 +00:00			`with session, session.client as client:`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`client.use_pin_sequence([PIN4])`
feat: implement THP 2024-11-15 16:31:22 +00:00			`session.set_expected_responses(`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`[`
			`messages.ButtonRequest(code=messages.ButtonRequestType.ProtectCall),`
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`messages.PinMatrixRequest,`
			`messages.Success,`
			`messages.Features,`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`]`
			`)`
feat: implement THP 2024-11-15 16:31:22 +00:00			`device.change_pin(session, remove=True)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Check that there's no PIN protection now`
feat: implement THP 2024-11-15 16:31:22 +00:00			`assert session.features.pin_protection is False`
			`_check_no_pin(session)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00

feat: implement THP 2024-11-15 16:31:22 +00:00			`def test_set_mismatch(session: Session):`
			`assert session.features.pin_protection is False`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`# Check that there's no PIN protection`
feat: implement THP 2024-11-15 16:31:22 +00:00			`_check_no_pin(session)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Let's set new PIN`
feat: implement THP 2024-11-15 16:31:22 +00:00			`with session, session.client as client, pytest.raises(`
			`TrezorFailure, match="PIN mismatch"`
			`):`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`# use different PINs for first and second attempt. This will fail.`
test: Use long PIN values in device tests. 2020-08-14 09:03:49 +00:00			`client.use_pin_sequence([PIN4, PIN_MAX])`
feat: implement THP 2024-11-15 16:31:22 +00:00			`session.set_expected_responses(`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`[`
			`messages.ButtonRequest(code=messages.ButtonRequestType.ProtectCall),`
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`messages.PinMatrixRequest,`
			`messages.PinMatrixRequest,`
			`messages.Failure,`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`]`
			`)`
feat: implement THP 2024-11-15 16:31:22 +00:00			`device.change_pin(session)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Check that there's still no PIN protection now`
feat: implement THP 2024-11-15 16:31:22 +00:00			`# TODO change session.init_device()`
			`session.refresh_features()`
			`assert session.features.pin_protection is False`
			`_check_no_pin(session)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00

			`@pytest.mark.setup_client(pin=PIN4)`
feat: implement THP 2024-11-15 16:31:22 +00:00			`def test_change_mismatch(session: Session):`
			`assert session.features.pin_protection is True`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Let's set new PIN`
feat: implement THP 2024-11-15 16:31:22 +00:00			`with session, session.client as client, pytest.raises(`
			`TrezorFailure, match="PIN mismatch"`
			`):`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`client.use_pin_sequence([PIN4, PIN6, PIN6 + "3"])`
feat: implement THP 2024-11-15 16:31:22 +00:00			`session.set_expected_responses(`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`[`
			`messages.ButtonRequest(code=messages.ButtonRequestType.ProtectCall),`
chore(tests): update to kwargs usage and new btc.sign_tx API 2020-09-15 11:06:41 +00:00			`messages.PinMatrixRequest,`
			`messages.PinMatrixRequest,`
			`messages.PinMatrixRequest,`
			`messages.Failure,`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`]`
			`)`
feat: implement THP 2024-11-15 16:31:22 +00:00			`device.change_pin(session)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Check that there's still old PIN protection`
feat: implement THP 2024-11-15 16:31:22 +00:00			`# TODO change session.init_device()`
			`session.refresh_features()`
			`assert session.features.pin_protection is True`
			`_check_pin(session, PIN4)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00

test: Use long PIN values in device tests. 2020-08-14 09:03:49 +00:00			`@pytest.mark.parametrize("invalid_pin", ("1204", "", PIN_TOO_LONG))`
feat: implement THP 2024-11-15 16:31:22 +00:00			`def test_set_invalid(session: Session, invalid_pin):`
			`assert session.features.pin_protection is False`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Let's set an invalid PIN`
feat: implement THP 2024-11-15 16:31:22 +00:00			`ret = session.call_raw(messages.ChangePin())`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`assert isinstance(ret, messages.ButtonRequest)`

			`# Press button`
feat: implement THP 2024-11-15 16:31:22 +00:00			`session.client.debug.press_yes()`
			`ret = session.call_raw(messages.ButtonAck())`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Send a PIN containing an invalid digit`
			`assert isinstance(ret, messages.PinMatrixRequest)`
feat: implement THP 2024-11-15 16:31:22 +00:00			`ret = session.call_raw(messages.PinMatrixAck(pin=invalid_pin))`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Ensure the invalid PIN is detected`
			`assert isinstance(ret, messages.Failure)`

			`# Check that there's still no PIN protection now`
feat: implement THP 2024-11-15 16:31:22 +00:00			`# TODO change session.init_device()`
			`session.refresh_features()`
			`assert session.features.pin_protection is False`
			`_check_no_pin(session)`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00

test: Use long PIN values in device tests. 2020-08-14 09:03:49 +00:00			`@pytest.mark.parametrize("invalid_pin", ("1204", "", PIN_TOO_LONG))`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00			`@pytest.mark.setup_client(pin=PIN4)`
feat: implement THP 2024-11-15 16:31:22 +00:00			`def test_enter_invalid(session: Session, invalid_pin):`
			`assert session.features.pin_protection is True`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# use an invalid PIN`
feat: implement THP 2024-11-15 16:31:22 +00:00			`ret = session.call_raw(messages.GetAddress())`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Send a PIN containing an invalid digit`
			`assert isinstance(ret, messages.PinMatrixRequest)`
feat: implement THP 2024-11-15 16:31:22 +00:00			`ret = session.call_raw(messages.PinMatrixAck(pin=invalid_pin))`
tests: refactor T1 changepin test 2020-04-27 14:37:16 +00:00
			`# Ensure the invalid PIN is detected`
			`assert isinstance(ret, messages.Failure)`