mirror of
https://github.com/trezor/trezor-firmware.git
synced 2025-01-12 16:30:56 +00:00
tests: disable PIN detection, all PIN uses must be explicit
This commit is contained in:
parent
4771d2c233
commit
fc6c99c6f9
@ -87,14 +87,6 @@ class DebugLink:
|
|||||||
obj = self._call(messages.DebugLinkGetState(wait_layout=True))
|
obj = self._call(messages.DebugLinkGetState(wait_layout=True))
|
||||||
return layout_lines(obj.layout_lines)
|
return layout_lines(obj.layout_lines)
|
||||||
|
|
||||||
def read_pin_encoded(self):
|
|
||||||
state = self.state()
|
|
||||||
if state.matrix is None:
|
|
||||||
raise RuntimeError("PIN matrix does not exist (are you running Trezor T?)")
|
|
||||||
if state.pin is None:
|
|
||||||
raise RuntimeError("PIN is not set")
|
|
||||||
return self.encode_pin(state.pin, state.matrix)
|
|
||||||
|
|
||||||
def encode_pin(self, pin, matrix=None):
|
def encode_pin(self, pin, matrix=None):
|
||||||
"""Transform correct PIN according to the displayed matrix."""
|
"""Transform correct PIN according to the displayed matrix."""
|
||||||
if matrix is None:
|
if matrix is None:
|
||||||
@ -251,8 +243,7 @@ class DebugUI:
|
|||||||
|
|
||||||
def get_pin(self, code=None):
|
def get_pin(self, code=None):
|
||||||
if self.pins is None:
|
if self.pins is None:
|
||||||
# respond with correct pin
|
raise RuntimeError("PIN requested but no sequence was configured")
|
||||||
return self.debuglink.read_pin_encoded()
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return self.debuglink.encode_pin(next(self.pins))
|
return self.debuglink.encode_pin(next(self.pins))
|
||||||
|
@ -119,9 +119,6 @@ def client(request):
|
|||||||
setup_params.update(marker.kwargs)
|
setup_params.update(marker.kwargs)
|
||||||
|
|
||||||
if not setup_params["uninitialized"]:
|
if not setup_params["uninitialized"]:
|
||||||
if setup_params["pin"] is True:
|
|
||||||
setup_params["pin"] = "1234"
|
|
||||||
|
|
||||||
debuglink.load_device(
|
debuglink.load_device(
|
||||||
client,
|
client,
|
||||||
mnemonic=setup_params["mnemonic"],
|
mnemonic=setup_params["mnemonic"],
|
||||||
|
@ -41,7 +41,7 @@ class TestDebuglink:
|
|||||||
assert state.pin == "1234"
|
assert state.pin == "1234"
|
||||||
assert state.matrix != ""
|
assert state.matrix != ""
|
||||||
|
|
||||||
pin_encoded = client.debug.read_pin_encoded()
|
pin_encoded = client.debug.encode_pin("1234")
|
||||||
resp = client.call_raw(messages.PinMatrixAck(pin=pin_encoded))
|
resp = client.call_raw(messages.PinMatrixAck(pin=pin_encoded))
|
||||||
assert isinstance(resp, messages.PassphraseRequest)
|
assert isinstance(resp, messages.PassphraseRequest)
|
||||||
|
|
||||||
|
@ -24,16 +24,18 @@ EXPECTED_RESPONSES_NOPIN = [proto.ButtonRequest(), proto.Success(), proto.Featur
|
|||||||
EXPECTED_RESPONSES_PIN_T1 = [proto.PinMatrixRequest()] + EXPECTED_RESPONSES_NOPIN
|
EXPECTED_RESPONSES_PIN_T1 = [proto.PinMatrixRequest()] + EXPECTED_RESPONSES_NOPIN
|
||||||
EXPECTED_RESPONSES_PIN_TT = [proto.ButtonRequest()] + EXPECTED_RESPONSES_NOPIN
|
EXPECTED_RESPONSES_PIN_TT = [proto.ButtonRequest()] + EXPECTED_RESPONSES_NOPIN
|
||||||
|
|
||||||
|
PIN4 = "1234"
|
||||||
|
|
||||||
|
|
||||||
def _set_expected_responses(client):
|
def _set_expected_responses(client):
|
||||||
|
client.use_pin_sequence([PIN4])
|
||||||
if client.features.model == "1":
|
if client.features.model == "1":
|
||||||
client.set_expected_responses(EXPECTED_RESPONSES_PIN_T1)
|
client.set_expected_responses(EXPECTED_RESPONSES_PIN_T1)
|
||||||
else:
|
else:
|
||||||
client.use_pin_sequence(["1234"])
|
|
||||||
client.set_expected_responses(EXPECTED_RESPONSES_PIN_TT)
|
client.set_expected_responses(EXPECTED_RESPONSES_PIN_TT)
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin=True)
|
@pytest.mark.setup_client(pin=PIN4)
|
||||||
class TestMsgApplysettings:
|
class TestMsgApplysettings:
|
||||||
def test_apply_settings(self, client):
|
def test_apply_settings(self, client):
|
||||||
assert client.features.label == "test"
|
assert client.features.label == "test"
|
||||||
@ -54,7 +56,7 @@ class TestMsgApplysettings:
|
|||||||
|
|
||||||
assert client.features.language == "en-US"
|
assert client.features.language == "en-US"
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin=True, passphrase=False)
|
@pytest.mark.setup_client(pin=PIN4, passphrase=False)
|
||||||
def test_apply_settings_passphrase(self, client):
|
def test_apply_settings_passphrase(self, client):
|
||||||
assert client.features.passphrase_protection is False
|
assert client.features.passphrase_protection is False
|
||||||
|
|
||||||
@ -121,7 +123,7 @@ class TestMsgApplysettings:
|
|||||||
@pytest.mark.skip_t2
|
@pytest.mark.skip_t2
|
||||||
def test_apply_auto_lock_delay(self, client):
|
def test_apply_auto_lock_delay(self, client):
|
||||||
with client:
|
with client:
|
||||||
client.set_expected_responses(EXPECTED_RESPONSES_PIN)
|
_set_expected_responses(client)
|
||||||
device.apply_settings(client, auto_lock_delay_ms=int(10e3)) # 10 secs
|
device.apply_settings(client, auto_lock_delay_ms=int(10e3)) # 10 secs
|
||||||
|
|
||||||
time.sleep(0.1) # sleep less than auto-lock delay
|
time.sleep(0.1) # sleep less than auto-lock delay
|
||||||
@ -132,6 +134,7 @@ class TestMsgApplysettings:
|
|||||||
|
|
||||||
time.sleep(10.1) # sleep more than auto-lock delay
|
time.sleep(10.1) # sleep more than auto-lock delay
|
||||||
with client:
|
with client:
|
||||||
|
client.use_pin_sequence([PIN4])
|
||||||
client.set_expected_responses([proto.PinMatrixRequest(), proto.Address()])
|
client.set_expected_responses([proto.PinMatrixRequest(), proto.Address()])
|
||||||
btc.get_address(client, "Testnet", [0])
|
btc.get_address(client, "Testnet", [0])
|
||||||
|
|
||||||
@ -143,7 +146,7 @@ class TestMsgApplysettings:
|
|||||||
"""
|
"""
|
||||||
|
|
||||||
with client:
|
with client:
|
||||||
client.set_expected_responses(EXPECTED_RESPONSES_PIN)
|
_set_expected_responses(client)
|
||||||
# Note: the actual delay will be 10 secs (see above).
|
# Note: the actual delay will be 10 secs (see above).
|
||||||
device.apply_settings(client, auto_lock_delay_ms=int(1e3))
|
device.apply_settings(client, auto_lock_delay_ms=int(1e3))
|
||||||
|
|
||||||
@ -161,5 +164,6 @@ class TestMsgApplysettings:
|
|||||||
|
|
||||||
time.sleep(10.1) # sleep more than the minimal auto-lock delay
|
time.sleep(10.1) # sleep more than the minimal auto-lock delay
|
||||||
with client:
|
with client:
|
||||||
|
client.use_pin_sequence([PIN4])
|
||||||
client.set_expected_responses([proto.PinMatrixRequest(), proto.Address()])
|
client.set_expected_responses([proto.PinMatrixRequest(), proto.Address()])
|
||||||
btc.get_address(client, "Testnet", [0])
|
btc.get_address(client, "Testnet", [0])
|
||||||
|
@ -27,11 +27,11 @@ WIPE_CODE6 = "456789"
|
|||||||
pytestmark = pytest.mark.skip_t2
|
pytestmark = pytest.mark.skip_t2
|
||||||
|
|
||||||
|
|
||||||
def _set_wipe_code(client, wipe_code):
|
def _set_wipe_code(client, pin, wipe_code):
|
||||||
# Set/change wipe code.
|
# Set/change wipe code.
|
||||||
with client:
|
with client:
|
||||||
if client.features.pin_protection:
|
if client.features.pin_protection:
|
||||||
pins = [client.debug.state().pin, wipe_code, wipe_code]
|
pins = [pin, wipe_code, wipe_code]
|
||||||
pin_matrices = [
|
pin_matrices = [
|
||||||
messages.PinMatrixRequest(type=PinType.Current),
|
messages.PinMatrixRequest(type=PinType.Current),
|
||||||
messages.PinMatrixRequest(type=PinType.WipeCodeFirst),
|
messages.PinMatrixRequest(type=PinType.WipeCodeFirst),
|
||||||
@ -63,9 +63,9 @@ def _change_pin(client, old_pin, new_pin):
|
|||||||
return f.failure
|
return f.failure
|
||||||
|
|
||||||
|
|
||||||
def _check_wipe_code(client, wipe_code):
|
def _check_wipe_code(client, pin, wipe_code):
|
||||||
"""Check that wipe code is set by changing the PIN to it."""
|
"""Check that wipe code is set by changing the PIN to it."""
|
||||||
f = _change_pin(client, client.debug.state().pin, wipe_code)
|
f = _change_pin(client, pin, wipe_code)
|
||||||
assert isinstance(f, messages.Failure)
|
assert isinstance(f, messages.Failure)
|
||||||
|
|
||||||
|
|
||||||
@ -75,27 +75,29 @@ def test_set_remove_wipe_code(client):
|
|||||||
assert client.features.wipe_code_protection is None
|
assert client.features.wipe_code_protection is None
|
||||||
|
|
||||||
# Test set wipe code.
|
# Test set wipe code.
|
||||||
_set_wipe_code(client, WIPE_CODE4)
|
_set_wipe_code(client, PIN4, WIPE_CODE4)
|
||||||
|
|
||||||
# Check that there's wipe code protection now.
|
# Check that there's wipe code protection now.
|
||||||
client.init_device()
|
client.init_device()
|
||||||
assert client.features.wipe_code_protection is True
|
assert client.features.wipe_code_protection is True
|
||||||
|
|
||||||
# Check that the wipe code is correct.
|
# Check that the wipe code is correct.
|
||||||
_check_wipe_code(client, WIPE_CODE4)
|
_check_wipe_code(client, PIN4, WIPE_CODE4)
|
||||||
|
|
||||||
# Test change wipe code.
|
# Test change wipe code.
|
||||||
_set_wipe_code(client, WIPE_CODE6)
|
_set_wipe_code(client, PIN4, WIPE_CODE6)
|
||||||
|
|
||||||
# Check that there's still wipe code protection now.
|
# Check that there's still wipe code protection now.
|
||||||
client.init_device()
|
client.init_device()
|
||||||
assert client.features.wipe_code_protection is True
|
assert client.features.wipe_code_protection is True
|
||||||
|
|
||||||
# Check that the wipe code is correct.
|
# Check that the wipe code is correct.
|
||||||
_check_wipe_code(client, WIPE_CODE6)
|
_check_wipe_code(client, PIN4, WIPE_CODE6)
|
||||||
|
|
||||||
# Test remove wipe code.
|
# Test remove wipe code.
|
||||||
device.change_wipe_code(client, remove=True)
|
with client:
|
||||||
|
client.use_pin_sequence([PIN4])
|
||||||
|
device.change_wipe_code(client, remove=True)
|
||||||
|
|
||||||
# Check that there's no wipe code protection now.
|
# Check that there's no wipe code protection now.
|
||||||
client.init_device()
|
client.init_device()
|
||||||
@ -151,7 +153,7 @@ def test_set_wipe_code_to_pin(client):
|
|||||||
|
|
||||||
def test_set_pin_to_wipe_code(client):
|
def test_set_pin_to_wipe_code(client):
|
||||||
# Set wipe code.
|
# Set wipe code.
|
||||||
_set_wipe_code(client, WIPE_CODE4)
|
_set_wipe_code(client, None, WIPE_CODE4)
|
||||||
|
|
||||||
# Try to set the PIN to the current wipe code value.
|
# Try to set the PIN to the current wipe code value.
|
||||||
with client:
|
with client:
|
||||||
|
@ -33,14 +33,13 @@ class TestProtectCall:
|
|||||||
|
|
||||||
def test_no_protection(self, client):
|
def test_no_protection(self, client):
|
||||||
with client:
|
with client:
|
||||||
assert client.debug.state().pin is None
|
|
||||||
client.set_expected_responses([proto.Address()])
|
client.set_expected_responses([proto.Address()])
|
||||||
self._some_protected_call(client)
|
self._some_protected_call(client)
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin="1234")
|
@pytest.mark.setup_client(pin="1234")
|
||||||
def test_pin(self, client):
|
def test_pin(self, client):
|
||||||
with client:
|
with client:
|
||||||
assert client.debug.state().pin == "1234"
|
client.use_pin_sequence(["1234"])
|
||||||
client.set_expected_responses([proto.PinMatrixRequest(), proto.Address()])
|
client.set_expected_responses([proto.PinMatrixRequest(), proto.Address()])
|
||||||
self._some_protected_call(client)
|
self._some_protected_call(client)
|
||||||
|
|
||||||
|
@ -29,18 +29,21 @@ TXHASH_d5f65e = bytes.fromhex(
|
|||||||
"d5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882"
|
"d5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
PIN4 = "1234"
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.skip_t2
|
@pytest.mark.skip_t2
|
||||||
class TestProtectionLevels:
|
class TestProtectionLevels:
|
||||||
@pytest.mark.setup_client(pin=True, passphrase=True)
|
@pytest.mark.setup_client(pin=PIN4, passphrase=True)
|
||||||
def test_initialize(self, client):
|
def test_initialize(self, client):
|
||||||
with client:
|
with client:
|
||||||
client.set_expected_responses([proto.Features()])
|
client.set_expected_responses([proto.Features()])
|
||||||
client.init_device()
|
client.init_device()
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin=True, passphrase=True)
|
@pytest.mark.setup_client(pin=PIN4, passphrase=True)
|
||||||
def test_apply_settings(self, client):
|
def test_apply_settings(self, client):
|
||||||
with client:
|
with client:
|
||||||
|
client.use_pin_sequence([PIN4])
|
||||||
client.set_expected_responses(
|
client.set_expected_responses(
|
||||||
[
|
[
|
||||||
proto.PinMatrixRequest(),
|
proto.PinMatrixRequest(),
|
||||||
@ -51,9 +54,10 @@ class TestProtectionLevels:
|
|||||||
) # TrezorClient reinitializes device
|
) # TrezorClient reinitializes device
|
||||||
device.apply_settings(client, label="nazdar")
|
device.apply_settings(client, label="nazdar")
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin=True, passphrase=True)
|
@pytest.mark.setup_client(pin=PIN4, passphrase=True)
|
||||||
def test_change_pin(self, client):
|
def test_change_pin(self, client):
|
||||||
with client:
|
with client:
|
||||||
|
client.use_pin_sequence([PIN4, PIN4, PIN4])
|
||||||
client.set_expected_responses(
|
client.set_expected_responses(
|
||||||
[
|
[
|
||||||
proto.ButtonRequest(),
|
proto.ButtonRequest(),
|
||||||
@ -71,29 +75,31 @@ class TestProtectionLevels:
|
|||||||
client.set_expected_responses([proto.ButtonRequest(), proto.Success()])
|
client.set_expected_responses([proto.ButtonRequest(), proto.Success()])
|
||||||
client.ping("msg", True)
|
client.ping("msg", True)
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin=True, passphrase=True)
|
@pytest.mark.setup_client(pin=PIN4, passphrase=True)
|
||||||
def test_get_entropy(self, client):
|
def test_get_entropy(self, client):
|
||||||
with client:
|
with client:
|
||||||
client.set_expected_responses([proto.ButtonRequest(), proto.Entropy()])
|
client.set_expected_responses([proto.ButtonRequest(), proto.Entropy()])
|
||||||
misc.get_entropy(client, 10)
|
misc.get_entropy(client, 10)
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin=True, passphrase=True)
|
@pytest.mark.setup_client(pin=PIN4, passphrase=True)
|
||||||
def test_get_public_key(self, client):
|
def test_get_public_key(self, client):
|
||||||
with client:
|
with client:
|
||||||
|
client.use_pin_sequence([PIN4])
|
||||||
client.set_expected_responses(
|
client.set_expected_responses(
|
||||||
[proto.PinMatrixRequest(), proto.PassphraseRequest(), proto.PublicKey()]
|
[proto.PinMatrixRequest(), proto.PassphraseRequest(), proto.PublicKey()]
|
||||||
)
|
)
|
||||||
btc.get_public_node(client, [])
|
btc.get_public_node(client, [])
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin=True, passphrase=True)
|
@pytest.mark.setup_client(pin=PIN4, passphrase=True)
|
||||||
def test_get_address(self, client):
|
def test_get_address(self, client):
|
||||||
with client:
|
with client:
|
||||||
|
client.use_pin_sequence([PIN4])
|
||||||
client.set_expected_responses(
|
client.set_expected_responses(
|
||||||
[proto.PinMatrixRequest(), proto.PassphraseRequest(), proto.Address()]
|
[proto.PinMatrixRequest(), proto.PassphraseRequest(), proto.Address()]
|
||||||
)
|
)
|
||||||
btc.get_address(client, "Bitcoin", [])
|
btc.get_address(client, "Bitcoin", [])
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin=True, passphrase=True)
|
@pytest.mark.setup_client(pin=PIN4, passphrase=True)
|
||||||
def test_wipe_device(self, client):
|
def test_wipe_device(self, client):
|
||||||
with client:
|
with client:
|
||||||
client.set_expected_responses(
|
client.set_expected_responses(
|
||||||
@ -153,9 +159,10 @@ class TestProtectionLevels:
|
|||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin=True, passphrase=True)
|
@pytest.mark.setup_client(pin=PIN4, passphrase=True)
|
||||||
def test_sign_message(self, client):
|
def test_sign_message(self, client):
|
||||||
with client:
|
with client:
|
||||||
|
client.use_pin_sequence([PIN4])
|
||||||
client.set_expected_responses(
|
client.set_expected_responses(
|
||||||
[
|
[
|
||||||
proto.ButtonRequest(),
|
proto.ButtonRequest(),
|
||||||
@ -166,7 +173,7 @@ class TestProtectionLevels:
|
|||||||
)
|
)
|
||||||
btc.sign_message(client, "Bitcoin", [], "testing message")
|
btc.sign_message(client, "Bitcoin", [], "testing message")
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin=True, passphrase=True)
|
@pytest.mark.setup_client(pin=PIN4, passphrase=True)
|
||||||
def test_verify_message(self, client):
|
def test_verify_message(self, client):
|
||||||
with client:
|
with client:
|
||||||
client.set_expected_responses(
|
client.set_expected_responses(
|
||||||
@ -182,7 +189,7 @@ class TestProtectionLevels:
|
|||||||
"This is an example of a signed message.",
|
"This is an example of a signed message.",
|
||||||
)
|
)
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin=True, passphrase=True)
|
@pytest.mark.setup_client(pin=PIN4, passphrase=True)
|
||||||
def test_signtx(self, client):
|
def test_signtx(self, client):
|
||||||
inp1 = proto.TxInputType(
|
inp1 = proto.TxInputType(
|
||||||
address_n=[0], # 14LmW5k4ssUrtbAB4255zdqv3b4w1TuX9e
|
address_n=[0], # 14LmW5k4ssUrtbAB4255zdqv3b4w1TuX9e
|
||||||
@ -198,6 +205,7 @@ class TestProtectionLevels:
|
|||||||
|
|
||||||
with client:
|
with client:
|
||||||
|
|
||||||
|
client.use_pin_sequence([PIN4])
|
||||||
client.set_expected_responses(
|
client.set_expected_responses(
|
||||||
[
|
[
|
||||||
proto.PinMatrixRequest(),
|
proto.PinMatrixRequest(),
|
||||||
@ -224,11 +232,12 @@ class TestProtectionLevels:
|
|||||||
# def test_firmware_upload(self):
|
# def test_firmware_upload(self):
|
||||||
# pass
|
# pass
|
||||||
|
|
||||||
@pytest.mark.setup_client(pin=True)
|
@pytest.mark.setup_client(pin=PIN4)
|
||||||
def test_pin_cached(self, client):
|
def test_pin_cached(self, client):
|
||||||
assert client.features.pin_cached is False
|
assert client.features.pin_cached is False
|
||||||
|
|
||||||
with client:
|
with client:
|
||||||
|
client.use_pin_sequence([PIN4])
|
||||||
client.set_expected_responses([proto.PinMatrixRequest(), proto.Address()])
|
client.set_expected_responses([proto.PinMatrixRequest(), proto.Address()])
|
||||||
btc.get_address(client, "Testnet", [0])
|
btc.get_address(client, "Testnet", [0])
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user