parent
6b3c9d5a6b
commit
23ce8a46f3
@ -0,0 +1,111 @@
|
||||
# This file is part of the Trezor project.
|
||||
#
|
||||
# Copyright (C) 2012-2019 SatoshiLabs and contributors
|
||||
#
|
||||
# This library is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU Lesser General Public License version 3
|
||||
# as published by the Free Software Foundation.
|
||||
#
|
||||
# This library is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU Lesser General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the License along with this library.
|
||||
# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.
|
||||
|
||||
import time
|
||||
|
||||
import pytest
|
||||
|
||||
from trezorlib import messages
|
||||
from trezorlib.exceptions import PinException
|
||||
|
||||
from ..common import get_test_address
|
||||
|
||||
PIN4 = "1234"
|
||||
BAD_PIN = "5678"
|
||||
|
||||
pytestmark = pytest.mark.setup_client(pin=PIN4)
|
||||
|
||||
|
||||
@pytest.mark.setup_client(pin=None)
|
||||
def test_no_protection(client):
|
||||
with client:
|
||||
client.set_expected_responses([messages.Address])
|
||||
get_test_address(client)
|
||||
|
||||
|
||||
def test_correct_pin(client):
|
||||
with client:
|
||||
client.use_pin_sequence([PIN4])
|
||||
# Expected responses differ between T1 and TT
|
||||
is_t1 = client.features.model == "1"
|
||||
client.set_expected_responses(
|
||||
[
|
||||
(is_t1, messages.PinMatrixRequest),
|
||||
(
|
||||
not is_t1,
|
||||
messages.ButtonRequest(code=messages.ButtonRequestType.PinEntry),
|
||||
),
|
||||
messages.Address,
|
||||
]
|
||||
)
|
||||
# client.set_expected_responses([messages.ButtonRequest, messages.Address])
|
||||
get_test_address(client)
|
||||
|
||||
|
||||
@pytest.mark.skip_t2
|
||||
def test_incorrect_pin_t1(client):
|
||||
with pytest.raises(PinException):
|
||||
client.use_pin_sequence([BAD_PIN])
|
||||
get_test_address(client)
|
||||
|
||||
|
||||
@pytest.mark.skip_t1
|
||||
def test_incorrect_pin_t2(client):
|
||||
with client:
|
||||
# After first incorrect attempt, TT will not raise an error, but instead ask for another attempt
|
||||
client.use_pin_sequence([BAD_PIN, PIN4])
|
||||
client.set_expected_responses(
|
||||
[
|
||||
messages.ButtonRequest(code=messages.ButtonRequestType.PinEntry),
|
||||
messages.ButtonRequest(code=messages.ButtonRequestType.PinEntry),
|
||||
messages.Address,
|
||||
]
|
||||
)
|
||||
get_test_address(client)
|
||||
|
||||
|
||||
def _check_backoff_time(attempts: int, start: float) -> None:
|
||||
"""Helper to assert the exponentially growing delay after incorrect PIN attempts"""
|
||||
expected = (2 ** attempts) - 1
|
||||
got = round(time.time() - start, 2)
|
||||
assert got >= expected
|
||||
|
||||
|
||||
@pytest.mark.skip_t2
|
||||
def test_exponential_backoff_t1(client):
|
||||
for attempt in range(3):
|
||||
start = time.time()
|
||||
with client, pytest.raises(PinException):
|
||||
client.use_pin_sequence([BAD_PIN])
|
||||
get_test_address(client)
|
||||
_check_backoff_time(attempt, start)
|
||||
|
||||
|
||||
@pytest.mark.skip_t1
|
||||
def test_exponential_backoff_t2(client):
|
||||
def input_flow():
|
||||
"""Inputting some bad PINs and finally the correct one"""
|
||||
yield # PIN entry
|
||||
for attempt in range(3):
|
||||
start = time.time()
|
||||
client.debug.input(BAD_PIN)
|
||||
yield # PIN entry
|
||||
_check_backoff_time(attempt, start)
|
||||
client.debug.input(PIN4)
|
||||
|
||||
with client:
|
||||
client.set_input_flow(input_flow)
|
||||
get_test_address(client)
|
@ -1,67 +0,0 @@
|
||||
# This file is part of the Trezor project.
|
||||
#
|
||||
# Copyright (C) 2012-2019 SatoshiLabs and contributors
|
||||
#
|
||||
# This library is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU Lesser General Public License version 3
|
||||
# as published by the Free Software Foundation.
|
||||
#
|
||||
# This library is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU Lesser General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the License along with this library.
|
||||
# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.
|
||||
|
||||
import time
|
||||
|
||||
import pytest
|
||||
|
||||
from trezorlib import btc, messages
|
||||
from trezorlib.exceptions import PinException
|
||||
|
||||
# FIXME TODO Add passphrase tests
|
||||
|
||||
|
||||
@pytest.mark.skip_t2
|
||||
class TestProtectCall:
|
||||
def _some_protected_call(self, client):
|
||||
# This method perform any call which have protection in the device
|
||||
res = btc.get_address(client, "Testnet", [0])
|
||||
assert res == "mndoQDWatQhfeQbprzZxD43mZ75Z94D6vz"
|
||||
|
||||
def test_no_protection(self, client):
|
||||
with client:
|
||||
client.set_expected_responses([messages.Address])
|
||||
self._some_protected_call(client)
|
||||
|
||||
@pytest.mark.setup_client(pin="1234")
|
||||
def test_pin(self, client):
|
||||
with client:
|
||||
client.use_pin_sequence(["1234"])
|
||||
client.set_expected_responses([messages.PinMatrixRequest, messages.Address])
|
||||
self._some_protected_call(client)
|
||||
|
||||
@pytest.mark.setup_client(pin="1234")
|
||||
def test_incorrect_pin(self, client):
|
||||
with pytest.raises(PinException):
|
||||
client.use_pin_sequence(["5678"])
|
||||
self._some_protected_call(client)
|
||||
|
||||
@pytest.mark.setup_client(pin="1234", passphrase=True)
|
||||
def test_exponential_backoff_with_reboot(self, client):
|
||||
def test_backoff(attempts, start):
|
||||
if attempts <= 1:
|
||||
expected = 0
|
||||
else:
|
||||
expected = (2 ** (attempts - 1)) - 1
|
||||
got = round(time.time() - start, 2)
|
||||
assert got >= expected
|
||||
|
||||
for attempt in range(1, 4):
|
||||
start = time.time()
|
||||
with client, pytest.raises(PinException):
|
||||
client.use_pin_sequence(["5678"])
|
||||
self._some_protected_call(client)
|
||||
test_backoff(attempt, start)
|
Loading…
Reference in new issue