parent
6b3c9d5a6b
commit
23ce8a46f3
@ -0,0 +1,111 @@
|
|||||||
|
# This file is part of the Trezor project.
|
||||||
|
#
|
||||||
|
# Copyright (C) 2012-2019 SatoshiLabs and contributors
|
||||||
|
#
|
||||||
|
# This library is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU Lesser General Public License version 3
|
||||||
|
# as published by the Free Software Foundation.
|
||||||
|
#
|
||||||
|
# This library is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU Lesser General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the License along with this library.
|
||||||
|
# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.
|
||||||
|
|
||||||
|
import time
|
||||||
|
|
||||||
|
import pytest
|
||||||
|
|
||||||
|
from trezorlib import messages
|
||||||
|
from trezorlib.exceptions import PinException
|
||||||
|
|
||||||
|
from ..common import get_test_address
|
||||||
|
|
||||||
|
PIN4 = "1234"
|
||||||
|
BAD_PIN = "5678"
|
||||||
|
|
||||||
|
pytestmark = pytest.mark.setup_client(pin=PIN4)
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.setup_client(pin=None)
|
||||||
|
def test_no_protection(client):
|
||||||
|
with client:
|
||||||
|
client.set_expected_responses([messages.Address])
|
||||||
|
get_test_address(client)
|
||||||
|
|
||||||
|
|
||||||
|
def test_correct_pin(client):
|
||||||
|
with client:
|
||||||
|
client.use_pin_sequence([PIN4])
|
||||||
|
# Expected responses differ between T1 and TT
|
||||||
|
is_t1 = client.features.model == "1"
|
||||||
|
client.set_expected_responses(
|
||||||
|
[
|
||||||
|
(is_t1, messages.PinMatrixRequest),
|
||||||
|
(
|
||||||
|
not is_t1,
|
||||||
|
messages.ButtonRequest(code=messages.ButtonRequestType.PinEntry),
|
||||||
|
),
|
||||||
|
messages.Address,
|
||||||
|
]
|
||||||
|
)
|
||||||
|
# client.set_expected_responses([messages.ButtonRequest, messages.Address])
|
||||||
|
get_test_address(client)
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.skip_t2
|
||||||
|
def test_incorrect_pin_t1(client):
|
||||||
|
with pytest.raises(PinException):
|
||||||
|
client.use_pin_sequence([BAD_PIN])
|
||||||
|
get_test_address(client)
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.skip_t1
|
||||||
|
def test_incorrect_pin_t2(client):
|
||||||
|
with client:
|
||||||
|
# After first incorrect attempt, TT will not raise an error, but instead ask for another attempt
|
||||||
|
client.use_pin_sequence([BAD_PIN, PIN4])
|
||||||
|
client.set_expected_responses(
|
||||||
|
[
|
||||||
|
messages.ButtonRequest(code=messages.ButtonRequestType.PinEntry),
|
||||||
|
messages.ButtonRequest(code=messages.ButtonRequestType.PinEntry),
|
||||||
|
messages.Address,
|
||||||
|
]
|
||||||
|
)
|
||||||
|
get_test_address(client)
|
||||||
|
|
||||||
|
|
||||||
|
def _check_backoff_time(attempts: int, start: float) -> None:
|
||||||
|
"""Helper to assert the exponentially growing delay after incorrect PIN attempts"""
|
||||||
|
expected = (2 ** attempts) - 1
|
||||||
|
got = round(time.time() - start, 2)
|
||||||
|
assert got >= expected
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.skip_t2
|
||||||
|
def test_exponential_backoff_t1(client):
|
||||||
|
for attempt in range(3):
|
||||||
|
start = time.time()
|
||||||
|
with client, pytest.raises(PinException):
|
||||||
|
client.use_pin_sequence([BAD_PIN])
|
||||||
|
get_test_address(client)
|
||||||
|
_check_backoff_time(attempt, start)
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.skip_t1
|
||||||
|
def test_exponential_backoff_t2(client):
|
||||||
|
def input_flow():
|
||||||
|
"""Inputting some bad PINs and finally the correct one"""
|
||||||
|
yield # PIN entry
|
||||||
|
for attempt in range(3):
|
||||||
|
start = time.time()
|
||||||
|
client.debug.input(BAD_PIN)
|
||||||
|
yield # PIN entry
|
||||||
|
_check_backoff_time(attempt, start)
|
||||||
|
client.debug.input(PIN4)
|
||||||
|
|
||||||
|
with client:
|
||||||
|
client.set_input_flow(input_flow)
|
||||||
|
get_test_address(client)
|
@ -1,67 +0,0 @@
|
|||||||
# This file is part of the Trezor project.
|
|
||||||
#
|
|
||||||
# Copyright (C) 2012-2019 SatoshiLabs and contributors
|
|
||||||
#
|
|
||||||
# This library is free software: you can redistribute it and/or modify
|
|
||||||
# it under the terms of the GNU Lesser General Public License version 3
|
|
||||||
# as published by the Free Software Foundation.
|
|
||||||
#
|
|
||||||
# This library is distributed in the hope that it will be useful,
|
|
||||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
# GNU Lesser General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the License along with this library.
|
|
||||||
# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.
|
|
||||||
|
|
||||||
import time
|
|
||||||
|
|
||||||
import pytest
|
|
||||||
|
|
||||||
from trezorlib import btc, messages
|
|
||||||
from trezorlib.exceptions import PinException
|
|
||||||
|
|
||||||
# FIXME TODO Add passphrase tests
|
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.skip_t2
|
|
||||||
class TestProtectCall:
|
|
||||||
def _some_protected_call(self, client):
|
|
||||||
# This method perform any call which have protection in the device
|
|
||||||
res = btc.get_address(client, "Testnet", [0])
|
|
||||||
assert res == "mndoQDWatQhfeQbprzZxD43mZ75Z94D6vz"
|
|
||||||
|
|
||||||
def test_no_protection(self, client):
|
|
||||||
with client:
|
|
||||||
client.set_expected_responses([messages.Address])
|
|
||||||
self._some_protected_call(client)
|
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin="1234")
|
|
||||||
def test_pin(self, client):
|
|
||||||
with client:
|
|
||||||
client.use_pin_sequence(["1234"])
|
|
||||||
client.set_expected_responses([messages.PinMatrixRequest, messages.Address])
|
|
||||||
self._some_protected_call(client)
|
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin="1234")
|
|
||||||
def test_incorrect_pin(self, client):
|
|
||||||
with pytest.raises(PinException):
|
|
||||||
client.use_pin_sequence(["5678"])
|
|
||||||
self._some_protected_call(client)
|
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin="1234", passphrase=True)
|
|
||||||
def test_exponential_backoff_with_reboot(self, client):
|
|
||||||
def test_backoff(attempts, start):
|
|
||||||
if attempts <= 1:
|
|
||||||
expected = 0
|
|
||||||
else:
|
|
||||||
expected = (2 ** (attempts - 1)) - 1
|
|
||||||
got = round(time.time() - start, 2)
|
|
||||||
assert got >= expected
|
|
||||||
|
|
||||||
for attempt in range(1, 4):
|
|
||||||
start = time.time()
|
|
||||||
with client, pytest.raises(PinException):
|
|
||||||
client.use_pin_sequence(["5678"])
|
|
||||||
self._some_protected_call(client)
|
|
||||||
test_backoff(attempt, start)
|
|
Loading…
Reference in new issue