From 5f887f4457101eb144eea46f78159e357da8123d Mon Sep 17 00:00:00 2001 From: M1nd3r Date: Tue, 30 Jul 2024 18:01:45 +0200 Subject: [PATCH] test(core): fix THP tests failing on non-THP builds [no changelog] --- core/tests/test_trezor.wire.thp.checksum.py | 2 +- ...test_trezor.wire.thp.credential_manager.py | 8 +- core/tests/test_trezor.wire.thp.crypto.py | 133 +++++++++--------- core/tests/test_trezor.wire.thp.py | 60 ++++---- core/tests/test_trezor.wire.thp.writer.py | 44 +++--- core/tests/test_trezor.wire.thp_deprecated.py | 28 ++-- 6 files changed, 145 insertions(+), 130 deletions(-) diff --git a/core/tests/test_trezor.wire.thp.checksum.py b/core/tests/test_trezor.wire.thp.checksum.py index a6f69a6ac..f8669c330 100644 --- a/core/tests/test_trezor.wire.thp.checksum.py +++ b/core/tests/test_trezor.wire.thp.checksum.py @@ -1,4 +1,4 @@ -from common import * +from common import * # isort:skip from trezor import utils if utils.USE_THP: diff --git a/core/tests/test_trezor.wire.thp.credential_manager.py b/core/tests/test_trezor.wire.thp.credential_manager.py index d67445ff8..9ac7946f8 100644 --- a/core/tests/test_trezor.wire.thp.credential_manager.py +++ b/core/tests/test_trezor.wire.thp.credential_manager.py @@ -1,11 +1,11 @@ -from common import * -from trezor import config, utils -from trezor import log +from common import * # isort:skip +from trezor import config, log, utils if utils.USE_THP: - from apps.thp import credential_manager from trezor.messages import ThpCredentialMetadata + from apps.thp import credential_manager + def _issue_credential(host_name: str, host_static_pubkey: bytes) -> bytes: metadata = ThpCredentialMetadata(host_name=host_name) return credential_manager.issue_credential(host_static_pubkey, metadata) diff --git a/core/tests/test_trezor.wire.thp.crypto.py b/core/tests/test_trezor.wire.thp.crypto.py index 44df91aa7..93d161198 100644 --- a/core/tests/test_trezor.wire.thp.crypto.py +++ b/core/tests/test_trezor.wire.thp.crypto.py @@ -1,79 +1,80 @@ -from common import * +from common import * # isort:skip +from trezorcrypto import aesgcm, curve25519 + import storage from trezor import utils -from trezor.wire.thp.crypto import IV_1, IV_2, Handshake -from trezorcrypto import aesgcm, curve25519 if utils.USE_THP: from trezor.wire.thp import crypto + from trezor.wire.thp.crypto import IV_1, IV_2, Handshake - -def get_dummy_device_secret(): - return b"\x01\x02\x03\x04\x05\x06\x07\x08\x01\x02\x03\x04\x05\x06\x07\x08" + def get_dummy_device_secret(): + return b"\x01\x02\x03\x04\x05\x06\x07\x08\x01\x02\x03\x04\x05\x06\x07\x08" @unittest.skipUnless(utils.USE_THP, "only needed for THP") class TestTrezorHostProtocolCrypto(unittest.TestCase): - key_1 = b"\x00\x01\x02\x03\x04\x05\x06\x07\x00\x01\x02\x03\x04\x05\x06\x07\x00\x01\x02\x03\x04\x05\x06\x07\x00\x01\x02\x03\x04\x05\x06\x07" - handshake = Handshake() - # 0:key, 1:nonce, 2:auth_data, 3:plaintext, 4:expected_ciphertext, 5:expected_tag - vectors_enc = [ - ( - key_1, - 0, - b"\x55\x64", - b"\x00\x01\x02\x03\x04\05\x06\x07\x08\x09", - b"e2c9dd152fbee5821ea7", - b"10625812de81b14a46b9f1e5100a6d0c", - ), - ( - key_1, - 1, - b"\x55\x64", - b"\x00\x01\x02\x03\x04\05\x06\x07\x08\x09", - b"79811619ddb07c2b99f8", - b"71c6b872cdc499a7e9a3c7441f053214", - ), - ( - key_1, - 369, - b"\x55\x64", - b"\x00\x01\x02\x03\x04\05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", - b"03bd030390f2dfe815a61c2b157a064f", - b"c1200f8a7ae9a6d32cef0fff878d55c2", - ), - ( - key_1, - 369, - b"\x55\x64\x73\x82\x91", - b"\x00\x01\x02\x03\x04\05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", - b"03bd030390f2dfe815a61c2b157a064f", - b"693ac160cd93a20f7fc255f049d808d0", - ), - ] - # 0:chaining key, 1:input, 2:output_1, 3:output:2 - vectors_hkdf = [ - ( - crypto.PROTOCOL_NAME, - b"\x01\x02", - b"c784373a217d6be057cddc6068e6748f255fc8beb6f99b7b90cbc64aad947514", - b"12695451e29bf08ffe5e4e6ab734b0c3d7cdd99b16cd409f57bd4eaa874944ba", - ), - ( - b"\xc7\x84\x37\x3a\x21\x7d\x6b\xe0\x57\xcd\xdc\x60\x68\xe6\x74\x8f\x25\x5f\xc8\xbe\xb6\xf9\x9b\x7b\x90\xcb\xc6\x4a\xad\x94\x75\x14", - b"\x31\x41\x59\x26\x52\x12\x34\x56\x78\x89\x04\xaa", - b"f88c1e08d5c3bae8f6e4a3d3324c8cbc60a805603e399e69c4bf4eacb27c2f48", - b"5f0216bdb7110ee05372286974da8c9c8b96e2efa15b4af430755f462bd79a76", - ), - ] - vectors_iv = [ - (0, b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"), - (1, b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01"), - (7, b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x07"), - (1025, b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x01"), - (4294967295, b"\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff"), - (0xFFFFFFFFFFFFFFFF, b"\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff"), - ] + if utils.USE_THP: + handshake = Handshake() + key_1 = b"\x00\x01\x02\x03\x04\x05\x06\x07\x00\x01\x02\x03\x04\x05\x06\x07\x00\x01\x02\x03\x04\x05\x06\x07\x00\x01\x02\x03\x04\x05\x06\x07" + # 0:key, 1:nonce, 2:auth_data, 3:plaintext, 4:expected_ciphertext, 5:expected_tag + vectors_enc = [ + ( + key_1, + 0, + b"\x55\x64", + b"\x00\x01\x02\x03\x04\05\x06\x07\x08\x09", + b"e2c9dd152fbee5821ea7", + b"10625812de81b14a46b9f1e5100a6d0c", + ), + ( + key_1, + 1, + b"\x55\x64", + b"\x00\x01\x02\x03\x04\05\x06\x07\x08\x09", + b"79811619ddb07c2b99f8", + b"71c6b872cdc499a7e9a3c7441f053214", + ), + ( + key_1, + 369, + b"\x55\x64", + b"\x00\x01\x02\x03\x04\05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + b"03bd030390f2dfe815a61c2b157a064f", + b"c1200f8a7ae9a6d32cef0fff878d55c2", + ), + ( + key_1, + 369, + b"\x55\x64\x73\x82\x91", + b"\x00\x01\x02\x03\x04\05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + b"03bd030390f2dfe815a61c2b157a064f", + b"693ac160cd93a20f7fc255f049d808d0", + ), + ] + # 0:chaining key, 1:input, 2:output_1, 3:output:2 + vectors_hkdf = [ + ( + crypto.PROTOCOL_NAME, + b"\x01\x02", + b"c784373a217d6be057cddc6068e6748f255fc8beb6f99b7b90cbc64aad947514", + b"12695451e29bf08ffe5e4e6ab734b0c3d7cdd99b16cd409f57bd4eaa874944ba", + ), + ( + b"\xc7\x84\x37\x3a\x21\x7d\x6b\xe0\x57\xcd\xdc\x60\x68\xe6\x74\x8f\x25\x5f\xc8\xbe\xb6\xf9\x9b\x7b\x90\xcb\xc6\x4a\xad\x94\x75\x14", + b"\x31\x41\x59\x26\x52\x12\x34\x56\x78\x89\x04\xaa", + b"f88c1e08d5c3bae8f6e4a3d3324c8cbc60a805603e399e69c4bf4eacb27c2f48", + b"5f0216bdb7110ee05372286974da8c9c8b96e2efa15b4af430755f462bd79a76", + ), + ] + vectors_iv = [ + (0, b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"), + (1, b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01"), + (7, b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x07"), + (1025, b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x01"), + (4294967295, b"\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff"), + (0xFFFFFFFFFFFFFFFF, b"\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff"), + ] def setUp(self): utils.DISABLE_ENCRYPTION = False diff --git a/core/tests/test_trezor.wire.thp.py b/core/tests/test_trezor.wire.thp.py index c49b01e82..f6f137088 100644 --- a/core/tests/test_trezor.wire.thp.py +++ b/core/tests/test_trezor.wire.thp.py @@ -1,35 +1,36 @@ -from common import * - -from apps.thp import pairing -from storage.cache_common import ( - CHANNEL_HANDSHAKE_HASH, - CHANNEL_KEY_RECEIVE, - CHANNEL_KEY_SEND, - CHANNEL_NONCE_RECEIVE, - CHANNEL_NONCE_SEND, -) -from trezor.enums import ThpPairingMethod, MessageType -from trezor.wire.errors import UnexpectedMessage -from trezor.wire.protocol_common import Message -from trezor.wire.thp.crypto import Handshake -from trezor.wire.thp.pairing_context import PairingContext -from trezor.messages import ( - ThpCodeEntryChallenge, - ThpCodeEntryCpaceHost, - ThpCodeEntryTag, - ThpCredentialRequest, - ThpEndRequest, - ThpStartPairingRequest, -) -from trezor import io, config, log, protobuf -from trezor.loop import wait -from trezor.wire import thp_main -from trezor.wire.thp import interface_manager +from common import * # isort:skip from storage import cache_thp -from trezor.wire.thp import ChannelState -from trezor.crypto import elligator2 +from trezor import config, io, log, protobuf, utils from trezor.crypto.curve import curve25519 +from trezor.enums import MessageType +from trezor.loop import wait +from trezor.wire.errors import UnexpectedMessage +from trezor.wire.protocol_common import Message +if utils.USE_THP: + from storage.cache_common import ( + CHANNEL_HANDSHAKE_HASH, + CHANNEL_KEY_RECEIVE, + CHANNEL_KEY_SEND, + CHANNEL_NONCE_RECEIVE, + CHANNEL_NONCE_SEND, + ) + from trezor.crypto import elligator2 + from trezor.enums import ThpPairingMethod + from trezor.messages import ( + ThpCodeEntryChallenge, + ThpCodeEntryCpaceHost, + ThpCodeEntryTag, + ThpCredentialRequest, + ThpEndRequest, + ThpStartPairingRequest, + ) + from trezor.wire import thp_main + from trezor.wire.thp import ChannelState, interface_manager + from trezor.wire.thp.crypto import Handshake + from trezor.wire.thp.pairing_context import PairingContext + + from apps.thp import pairing # Disable log.debug for the test log.debug = lambda name, msg, *args: None @@ -61,6 +62,7 @@ def get_dummy_key() -> bytes: return b"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x10\x01\x02\x03\x04\x05\x06\x07\x08\x09\x20\x01\x02\x03\x04\x05\x06\x07\x08\x09\x30\x31" +@unittest.skipUnless(utils.USE_THP, "only needed for THP") class TestTrezorHostProtocol(unittest.TestCase): def setUp(self): self.interface = MockHID(0xDEADBEEF) diff --git a/core/tests/test_trezor.wire.thp.writer.py b/core/tests/test_trezor.wire.thp.writer.py index 30e5f0844..6daf104cf 100644 --- a/core/tests/test_trezor.wire.thp.writer.py +++ b/core/tests/test_trezor.wire.thp.writer.py @@ -1,32 +1,31 @@ -from common import * +from common import * # isort:skip from trezor import utils if utils.USE_THP: from trezor.wire.thp import writer - from trezor.wire.thp.thp_messages import PacketHeader, ENCRYPTED_TRANSPORT + from trezor.wire.thp.thp_messages import ENCRYPTED_TRANSPORT, PacketHeader -if __debug__: - # Disable log.debug for the test - from trezor import log + class MockHID: + def __init__(self, num): + self.num = num + self.data = [] - log.debug = lambda name, msg, *args: None + def iface_num(self): + return self.num + def write(self, msg): + self.data.append(bytearray(msg)) + return len(msg) -class MockHID: - def __init__(self, num): - self.num = num - self.data = [] + def wait_object(self, mode): + return wait(mode | self.num) - def iface_num(self): - return self.num - def write(self, msg): - self.data.append(bytearray(msg)) - return len(msg) - - def wait_object(self, mode): - return wait(mode | self.num) +if __debug__: + # Disable log.debug for the test + from trezor import log + log.debug = lambda name, msg, *args: None @unittest.skipUnless(utils.USE_THP, "only needed for THP") class TestTrezorHostProtocolWriter(unittest.TestCase): @@ -86,6 +85,15 @@ class TestTrezorHostProtocolWriter(unittest.TestCase): def setUp(self): self.interface = MockHID(0xDEADBEEF) + def test_write_empty_packet(self): + gen = writer.write_packet_to_wire(self.interface, b"") + with self.assertRaises(StopIteration): + gen.send(None) + gen.send(None) + print(self.interface.data[0]) + self.assertEqual(len(self.interface.data), 1) + self.assertEqual(self.interface.data[0], b"") + def test_write_empty_payload(self): header = PacketHeader(ENCRYPTED_TRANSPORT, 4660, 4) gen = writer.write_payloads_to_wire(self.interface, header, (b"",)) diff --git a/core/tests/test_trezor.wire.thp_deprecated.py b/core/tests/test_trezor.wire.thp_deprecated.py index af7eb4c56..995e8508b 100644 --- a/core/tests/test_trezor.wire.thp_deprecated.py +++ b/core/tests/test_trezor.wire.thp_deprecated.py @@ -1,22 +1,24 @@ -from common import * +from common import * # isort:skip +import ustruct from typing import TYPE_CHECKING -from storage.cache_thp import BROADCAST_CHANNEL_ID -import trezor.wire.thp -from trezor.wire.thp import alternating_bit_protocol as ABP -from trezor.wire.thp.writer import PACKET_LENGTH from ubinascii import hexlify -import ustruct +import trezor.wire.thp +from storage.cache_thp import BROADCAST_CHANNEL_ID from trezor import io, log, utils from trezor.loop import wait from trezor.utils import chunks -from trezor.wire import thp_main from trezor.wire.protocol_common import Message -from trezor.wire.thp import checksum -from trezor.wire.thp.checksum import CHECKSUM_LENGTH -# Disable log.debug for the test -log.debug = lambda name, msg, *args: None +if utils.USE_THP: + from trezor.wire import thp_main + from trezor.wire.thp import alternating_bit_protocol as ABP + from trezor.wire.thp import checksum + from trezor.wire.thp.checksum import CHECKSUM_LENGTH + from trezor.wire.thp.writer import PACKET_LENGTH +if __debug__: + # Disable log.debug for the test + log.debug = lambda name, msg, *args: None if TYPE_CHECKING: from trezorio import WireInterface @@ -47,7 +49,8 @@ CONT = 0x80 HEADER_INIT_LENGTH = 5 HEADER_CONT_LENGTH = 3 -INIT_MESSAGE_DATA_LENGTH = PACKET_LENGTH - HEADER_INIT_LENGTH - _MESSAGE_TYPE_LEN +if utils.USE_THP: + INIT_MESSAGE_DATA_LENGTH = PACKET_LENGTH - HEADER_INIT_LENGTH - _MESSAGE_TYPE_LEN def make_header(ctrl_byte, cid, length): @@ -89,6 +92,7 @@ async def deprecated_write_message( # This test suite is an adaptation of test_trezor.wire.codec_v1 +@unittest.skipUnless(utils.USE_THP, "only needed for THP") class TestWireTrezorHostProtocolV1(unittest.TestCase): def setUp(self): self.interface = MockHID(0xDEADBEEF)