from common import * from trezor.crypto import random from trezor import config PINAPP = 0x00 PINKEY = 0x00 def random_entry(): while True: appid, key = 1 + random.uniform(63), random.uniform(256) if appid != PINAPP or key != PINKEY: break return appid, key class TestConfig(unittest.TestCase): def test_init(self): config.init() config.init() config.init() def test_wipe(self): config.init() config.wipe() self.assertEqual(config.unlock('', None), True) config.set(1, 1, b'hello') config.set(1, 2, b'world') v0 = config.get(1, 1) v1 = config.get(1, 2) self.assertEqual(v0, b'hello') self.assertEqual(v1, b'world') config.wipe() v0 = config.get(1, 1) v1 = config.get(1, 2) self.assertEqual(v0, None) self.assertEqual(v1, None) def test_lock(self): for _ in range(128): config.init() config.wipe() self.assertEqual(config.unlock('', None), True) appid, key = random_entry() value = random.bytes(16) config.set(appid, key, value) config.init() self.assertEqual(config.get(appid, key), None) with self.assertRaises(RuntimeError): config.set(appid, key, bytes()) config.init() config.wipe() def test_public(self): config.init() config.wipe() self.assertEqual(config.unlock('', None), True) appid, key = random_entry() value32 = random.bytes(32) config.set(appid, key, value32) value16 = random.bytes(16) config.set(appid, key, value16, True) v1 = config.get(appid, key) v2 = config.get(appid, key, True) self.assertNotEqual(v1, v2) self.assertEqual(v1, value32) self.assertEqual(v2, value16) config.init() v1 = config.get(appid, key) v2 = config.get(appid, key, True) self.assertNotEqual(v1, v2) self.assertEqual(v1, None) self.assertEqual(v2, value16) def test_change_pin(self): config.init() config.wipe() self.assertTrue(config.unlock('', None)) config.set(1, 1, b'value') PINS = ('123', '123', 'Trezor T', '3141592653589793238462643383279502884197', '') old_pin = '' for new_pin in PINS: self.assertTrue(config.unlock(old_pin, None)) # The APP namespace which is reserved for storage related values is inaccessible even # when unlocked. with self.assertRaises(RuntimeError): config.set(PINAPP, PINKEY, b'value') self.assertTrue(config.change_pin(old_pin, new_pin, None, None)) # Old PIN cannot be used to change the current PIN. if old_pin != new_pin: self.assertFalse(config.change_pin(old_pin, '666', None, None)) # Storage remains unlocked. self.assertEqual(config.get(1, 1), b'value') # The APP namespace which is reserved for storage related values is inaccessible even # when unlocked. self.assertEqual(config.get(PINAPP, PINKEY), None) # Old PIN cannot be used to unlock storage. if old_pin != new_pin: config.init() self.assertFalse(config.unlock(old_pin, None)) self.assertEqual(config.get(1, 1), None) with self.assertRaises(RuntimeError): config.set(1, 1, b'new value') # New PIN unlocks the storage. self.assertTrue(config.unlock(new_pin, None)) self.assertEqual(config.get(1, 1), b'value') # Lock the storage. config.init() old_pin = new_pin def test_change_sd_salt(self): salt1 = b"0123456789abcdef0123456789abcdef" salt2 = b"0123456789ABCDEF0123456789ABCDEF" # Enable PIN and SD salt. config.init() config.wipe() self.assertTrue(config.unlock('', None)) config.set(1, 1, b'value') self.assertFalse(config.change_pin('', '', salt1, None)) self.assertTrue(config.change_pin('', '000', None, salt1)) self.assertEqual(config.get(1, 1), b'value') # Disable PIN and change SD salt. config.init() self.assertFalse(config.unlock('000', None)) self.assertIsNone(config.get(1, 1)) self.assertTrue(config.unlock('000', salt1)) self.assertTrue(config.change_pin('000', '', salt1, salt2)) self.assertEqual(config.get(1, 1), b'value') # Disable SD salt. config.init() self.assertFalse(config.unlock('000', salt2)) self.assertIsNone(config.get(1, 1)) self.assertTrue(config.unlock('', salt2)) self.assertTrue(config.change_pin('', '', salt2, None)) self.assertEqual(config.get(1, 1), b'value') # Check that PIN and SD salt are disabled. config.init() self.assertTrue(config.unlock('', None)) self.assertEqual(config.get(1, 1), b'value') def test_set_get(self): config.init() config.wipe() self.assertEqual(config.unlock('', None), True) for _ in range(32): appid, key = random_entry() value = random.bytes(128) config.set(appid, key, value) value2 = config.get(appid, key) self.assertEqual(value, value2) def test_compact(self): config.init() config.wipe() self.assertEqual(config.unlock('', None), True) appid, key = 1, 1 for _ in range(259): value = random.bytes(259) config.set(appid, key, value) value2 = config.get(appid, key) self.assertEqual(value, value2) def test_get_default(self): config.init() config.wipe() self.assertEqual(config.unlock('', None), True) for _ in range(128): appid, key = random_entry() value = config.get(appid, key) self.assertEqual(value, None) if __name__ == '__main__': unittest.main()