arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-02-06 12:51:21 +00:00
Code Issues Releases Wiki Activity

test: add thp device tests

Browse Source 
[no changelog]
This commit is contained in:
M1nd3r 2025-01-27 07:19:55 +01:00
parent 2683be968d
commit 53a53a8d04
3 changed files with 73 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
tests/conftest.py
View File

@ -338,6 +338,8 @@ def _client_unlocked(
while True: while True:
try: try:
if _raw_client.is_invalidated:
_raw_client = _get_raw_client(request)
session = _raw_client.get_management_session() session = _raw_client.get_management_session()
wipe_device(session) wipe_device(session)
sleep(1.5) # Makes tests more stable (wait for wipe to finish) sleep(1.5) # Makes tests more stable (wait for wipe to finish)

0
tests/device_tests/thp/__init__.py Normal file
View File

71
tests/device_tests/thp/test_thp.py Normal file
View File

@ -0,0 +1,71 @@
import os
import typing as t
import pytest
import typing_extensions as tx
from trezorlib.client import ProtocolV2
from trezorlib.debuglink import TrezorClientDebugLink as Client
from trezorlib.transport.thp import curve25519
from trezorlib.transport.thp.protocol_v2 import _hkdf
if t.TYPE_CHECKING:
P = tx.ParamSpec("P")
pytestmark = [pytest.mark.protocol("protocol_v2")]
def test_allocate_channel(client: Client) -> None:
protocol: ProtocolV2 = client.protocol
nonce = b"\x1A\x2B\x3B\x4A\x5C\x6D\x7E\x8F"
# Use valid nonce
protocol._send_channel_allocation_request(nonce)
protocol._read_channel_allocation_response(nonce)
# Expect different nonce
protocol._send_channel_allocation_request(nonce)
with pytest.raises(Exception, match="Invalid channel allocation response."):
protocol._read_channel_allocation_response(
expected_nonce=b"\xDE\xAD\xBE\xEF\xDE\xAD\xBE\xEF"
)
client.invalidate()
def test_handshake(client: Client) -> None:
protocol: ProtocolV2 = client.protocol
protocol.sync_bit_send = 0
protocol.sync_bit_receive = 0
host_ephemeral_privkey = curve25519.get_private_key(os.urandom(32))
host_ephemeral_pubkey = curve25519.get_public_key(host_ephemeral_privkey)
protocol._do_channel_allocation()
protocol._send_handshake_init_request(host_ephemeral_pubkey)
protocol._read_ack()
init_response = protocol._read_handshake_init_response()
trezor_ephemeral_pubkey = init_response[:32]
encrypted_trezor_static_pubkey = init_response[32:80]
noise_tag = init_response[80:96]
# TODO check noise_tag is valid
ck = protocol._send_handshake_completion_request(
host_ephemeral_pubkey,
host_ephemeral_privkey,
trezor_ephemeral_pubkey,
encrypted_trezor_static_pubkey,
)
protocol._read_ack()
protocol._read_handshake_completion_response()
protocol.key_request, protocol.key_response = _hkdf(ck, b"")
protocol.nonce_request = 0
protocol.nonce_response = 1
# TODO - without pairing, the client is damaged and results in fail of the following test
# so far no luck in solving it - it should be also tackled in FW, as it causes unexpected FW error
protocol._do_pairing()
# TODO the following is just to make style checker happy
assert noise_tag is not None