1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-22 14:28:07 +00:00

feat(tests): Tests for entropy check workflow in ResetDevice.

This commit is contained in:
Andrew Kozlik 2024-10-23 14:26:59 +02:00 committed by matejcik
parent 19209a238a
commit 294661e22e
2 changed files with 83 additions and 0 deletions

View File

@ -18,6 +18,7 @@ import pytest
from mnemonic import Mnemonic from mnemonic import Mnemonic
from trezorlib import device, messages from trezorlib import device, messages
from trezorlib.btc import get_public_node
from trezorlib.debuglink import LayoutType from trezorlib.debuglink import LayoutType
from trezorlib.debuglink import TrezorClientDebugLink as Client from trezorlib.debuglink import TrezorClientDebugLink as Client
from trezorlib.exceptions import TrezorFailure from trezorlib.exceptions import TrezorFailure
@ -110,6 +111,46 @@ def test_reset_device_pin(client: Client):
assert resp.passphrase_protection is True assert resp.passphrase_protection is True
@pytest.mark.setup_client(uninitialized=True)
def test_reset_entropy_check(client: Client):
strength = 128 # 12 words
with WITH_MOCK_URANDOM, client:
IF = InputFlowBip39ResetBackup(client)
client.set_input_flow(IF.get())
# No PIN, no passphrase
_, path_xpubs = device.reset_entropy_check(
client,
strength=strength,
passphrase_protection=False,
pin_protection=False,
label="test",
entropy_check_count=2,
)
# Generate the mnemonic locally.
internal_entropy = client.debug.state().reset_entropy
entropy = generate_entropy(strength, internal_entropy, EXTERNAL_ENTROPY)
expected_mnemonic = Mnemonic("english").to_mnemonic(entropy)
# Check that the device generated the correct mnemonic for the given entropies.
assert IF.mnemonic == expected_mnemonic
# Check that the device is properly initialized.
resp = client.call_raw(messages.Initialize())
assert resp.initialized is True
assert resp.backup_availability == messages.BackupAvailability.NotAvailable
assert resp.pin_protection is False
assert resp.passphrase_protection is False
assert resp.backup_type is messages.BackupType.Bip39
# Check that the XPUBs are the same as those from the entropy check.
for path, xpub in path_xpubs:
res = get_public_node(client, path)
assert res.xpub == xpub
@pytest.mark.setup_client(uninitialized=True) @pytest.mark.setup_client(uninitialized=True)
def test_reset_failed_check(client: Client): def test_reset_failed_check(client: Client):
strength = 256 # 24 words strength = 256 # 24 words

View File

@ -20,6 +20,7 @@ import pytest
from shamir_mnemonic import MnemonicError, shamir from shamir_mnemonic import MnemonicError, shamir
from trezorlib import device from trezorlib import device
from trezorlib.btc import get_public_node
from trezorlib.debuglink import TrezorClientDebugLink as Client from trezorlib.debuglink import TrezorClientDebugLink as Client
from trezorlib.exceptions import TrezorFailure from trezorlib.exceptions import TrezorFailure
from trezorlib.messages import BackupAvailability, BackupType from trezorlib.messages import BackupAvailability, BackupType
@ -76,6 +77,47 @@ def test_reset_device_slip39_basic_256(client: Client):
reset_device(client, 256) reset_device(client, 256)
@pytest.mark.setup_client(uninitialized=True)
def test_reset_entropy_check(client: Client):
member_threshold = 3
strength = 128 # 20 words
with WITH_MOCK_URANDOM, client:
IF = InputFlowSlip39BasicResetRecovery(client)
client.set_input_flow(IF.get())
# No PIN, no passphrase.
_, path_xpubs = device.reset_entropy_check(
client,
strength=strength,
passphrase_protection=False,
pin_protection=False,
label="test",
backup_type=BackupType.Slip39_Basic,
entropy_check_count=3,
)
# Generate the master secret locally.
internal_entropy = client.debug.state().reset_entropy
secret = generate_entropy(strength, internal_entropy, EXTERNAL_ENTROPY)
# Check that all combinations will result in the correct master secret.
validate_mnemonics(IF.mnemonics, member_threshold, secret)
# Check that the device is properly initialized.
assert client.features.initialized is True
assert client.features.backup_availability == BackupAvailability.NotAvailable
assert client.features.pin_protection is False
assert client.features.passphrase_protection is False
assert client.features.backup_type is BackupType.Slip39_Basic_Extendable
# Check that the XPUBs are the same as those from the entropy check.
for path, xpub in path_xpubs:
res = get_public_node(client, path)
assert res.xpub == xpub
def validate_mnemonics(mnemonics, threshold, expected_ems): def validate_mnemonics(mnemonics, threshold, expected_ems):
# We expect these combinations to recreate the secret properly # We expect these combinations to recreate the secret properly
for test_group in combinations(mnemonics, threshold): for test_group in combinations(mnemonics, threshold):