1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-22 05:10:56 +00:00
trezor-firmware/tests/device_tests/test_protect_call.py

131 lines
5.0 KiB
Python
Raw Normal View History

# This file is part of the Trezor project.
2017-01-03 18:40:05 +00:00
#
2019-05-29 16:44:09 +00:00
# Copyright (C) 2012-2019 SatoshiLabs and contributors
2017-01-03 18:40:05 +00:00
#
# This library is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License version 3
# as published by the Free Software Foundation.
2017-01-03 18:40:05 +00:00
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the License along with this library.
# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.
2017-01-03 18:40:05 +00:00
import time
2018-08-13 16:21:24 +00:00
import pytest
from trezorlib import messages as proto
2018-11-14 13:44:05 +00:00
from trezorlib.exceptions import PinException
2014-02-03 23:32:10 +00:00
# FIXME TODO Add passphrase tests
2013-01-14 13:44:11 +00:00
2017-06-23 19:31:42 +00:00
@pytest.mark.skip_t2
2019-09-11 12:29:39 +00:00
class TestProtectCall:
def _some_protected_call(self, client, button, pin, passphrase):
2013-01-14 16:05:38 +00:00
# This method perform any call which have protection in the device
res = client.ping(
2018-08-13 16:21:24 +00:00
"random data",
2017-06-23 19:31:42 +00:00
button_protection=button,
pin_protection=pin,
2018-08-13 16:21:24 +00:00
passphrase_protection=passphrase,
2017-06-23 19:31:42 +00:00
)
2018-08-13 16:21:24 +00:00
assert res == "random data"
2019-09-11 12:29:39 +00:00
@pytest.mark.setup_client(pin="1234", passphrase=True)
def test_expected_responses(self, client):
2014-02-15 19:31:34 +00:00
# This is low-level test of set_expected_responses()
# feature of debugging client
2019-09-11 12:29:39 +00:00
with pytest.raises(AssertionError), client:
# Scenario 1 - Received unexpected message
2019-09-11 12:29:39 +00:00
client.set_expected_responses([])
self._some_protected_call(client, True, True, True)
2019-09-11 12:29:39 +00:00
with pytest.raises(AssertionError), client:
# Scenario 2 - Received other than expected message
2019-09-11 12:29:39 +00:00
client.set_expected_responses([proto.Success()])
self._some_protected_call(client, True, True, True)
2019-09-11 12:29:39 +00:00
with pytest.raises(AssertionError), client:
# Scenario 3 - Not received expected message
client.set_expected_responses(
[proto.ButtonRequest(), proto.Success(), proto.Success()]
) # This is expected, but not received
self._some_protected_call(client, True, False, False)
2019-09-11 12:29:39 +00:00
with pytest.raises(AssertionError), client:
# Scenario 4 - Received what expected
2019-09-11 12:29:39 +00:00
client.set_expected_responses(
[
proto.ButtonRequest(),
proto.PinMatrixRequest(),
proto.PassphraseRequest(),
proto.Success(message="random data"),
]
)
self._some_protected_call(client, True, True, True)
2019-09-11 12:29:39 +00:00
with pytest.raises(AssertionError), client:
# Scenario 5 - Failed message by field filter
client.set_expected_responses(
[proto.ButtonRequest(), proto.Success(message="wrong data")]
)
self._some_protected_call(client, True, True, True)
2014-02-15 19:31:34 +00:00
def test_no_protection(self, client):
with client:
assert client.debug.read_pin()[0] is None
client.set_expected_responses([proto.Success()])
self._some_protected_call(client, False, True, True)
@pytest.mark.setup_client(pin="1234", passphrase=True)
def test_pin(self, client):
with client:
assert client.debug.read_pin()[0] == "1234"
client.setup_debuglink(button=True, pin_correct=True)
client.set_expected_responses(
2018-08-13 16:21:24 +00:00
[proto.ButtonRequest(), proto.PinMatrixRequest(), proto.Success()]
)
self._some_protected_call(client, True, True, False)
@pytest.mark.setup_client(pin="1234", passphrase=True)
def test_incorrect_pin(self, client):
client.setup_debuglink(button=True, pin_correct=False)
with pytest.raises(PinException):
self._some_protected_call(client, False, True, False)
2013-10-10 15:18:02 +00:00
@pytest.mark.setup_client(pin="1234", passphrase=True)
def test_cancelled_pin(self, client):
client.setup_debuglink(button=True, pin_correct=False) # PIN cancel
with pytest.raises(PinException):
self._some_protected_call(client, False, True, False)
2014-02-17 00:54:54 +00:00
@pytest.mark.setup_client(pin="1234", passphrase=True)
def test_exponential_backoff_with_reboot(self, client):
client.setup_debuglink(button=True, pin_correct=False)
2014-02-17 00:54:54 +00:00
def test_backoff(attempts, start):
2016-05-20 15:20:11 +00:00
if attempts <= 1:
expected = 0
2016-05-20 15:20:11 +00:00
else:
2017-12-16 21:37:21 +00:00
expected = (2 ** (attempts - 1)) - 1
got = round(time.time() - start, 2)
2018-08-13 16:21:24 +00:00
msg = "Pin delay expected to be at least %s seconds, got %s" % (
expected,
got,
)
2016-05-05 01:16:17 +00:00
print(msg)
assert got >= expected
for attempt in range(1, 4):
start = time.time()
with pytest.raises(PinException):
self._some_protected_call(client, False, True, False)
test_backoff(attempt, start)