1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-14 03:30:02 +00:00
trezor-firmware/tests/device_tests/test_msg_changepin_t2.py
2023-05-31 10:14:54 +02:00

175 lines
5.1 KiB
Python

# This file is part of the Trezor project.
#
# Copyright (C) 2012-2019 SatoshiLabs and contributors
#
# This library is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License version 3
# as published by the Free Software Foundation.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the License along with this library.
# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.
import pytest
from trezorlib import btc, device, messages
from trezorlib.client import MAX_PIN_LENGTH, PASSPHRASE_TEST_PATH
from trezorlib.debuglink import TrezorClientDebugLink as Client
from trezorlib.exceptions import Cancelled, TrezorFailure
from ..input_flows import (
InputFlowCodeChangeFail,
InputFlowNewCodeMismatch,
InputFlowWrongPIN,
)
PIN4 = "1234"
PIN60 = "789456" * 10
PIN_MAX = "".join(chr((i % 10) + ord("0")) for i in range(MAX_PIN_LENGTH))
pytestmark = pytest.mark.skip_t1
def _check_pin(client: Client, pin: str):
client.lock()
assert client.features.pin_protection is True
assert client.features.unlocked is False
with client:
client.use_pin_sequence([pin])
client.set_expected_responses([messages.ButtonRequest, messages.Address])
btc.get_address(client, "Testnet", PASSPHRASE_TEST_PATH)
def _check_no_pin(client: Client):
client.lock()
assert client.features.pin_protection is False
with client:
client.set_expected_responses([messages.Address])
btc.get_address(client, "Testnet", PASSPHRASE_TEST_PATH)
def test_set_pin(client: Client):
assert client.features.pin_protection is False
# Check that there's no PIN protection
_check_no_pin(client)
# Let's set new PIN
with client:
br_amount = 4 if client.debug.model == "T" else 6
client.use_pin_sequence([PIN_MAX, PIN_MAX])
client.set_expected_responses(
[messages.ButtonRequest] * br_amount + [messages.Success, messages.Features]
)
device.change_pin(client)
client.init_device()
assert client.features.pin_protection is True
_check_pin(client, PIN_MAX)
@pytest.mark.setup_client(pin=PIN4)
def test_change_pin(client: Client):
assert client.features.pin_protection is True
# Check current PIN value
_check_pin(client, PIN4)
# Let's change PIN
with client:
client.use_pin_sequence([PIN4, PIN_MAX, PIN_MAX])
br_amount = 5 if client.debug.model == "T" else 6
client.set_expected_responses(
[messages.ButtonRequest] * br_amount + [messages.Success, messages.Features]
)
device.change_pin(client)
# Check that there's still PIN protection now
client.init_device()
assert client.features.pin_protection is True
# Check that the PIN is correct
_check_pin(client, PIN_MAX)
@pytest.mark.setup_client(pin=PIN4)
def test_remove_pin(client: Client):
assert client.features.pin_protection is True
# Check current PIN value
_check_pin(client, PIN4)
# Let's remove PIN
with client:
client.use_pin_sequence([PIN4])
client.set_expected_responses(
[messages.ButtonRequest] * 3 + [messages.Success, messages.Features]
)
device.change_pin(client, remove=True)
# Check that there's no PIN protection now
client.init_device()
assert client.features.pin_protection is False
_check_no_pin(client)
def test_set_failed(client: Client):
assert client.features.pin_protection is False
# Check that there's no PIN protection
_check_no_pin(client)
with client, pytest.raises(TrezorFailure):
IF = InputFlowNewCodeMismatch(client, PIN4, PIN60)
client.set_input_flow(IF.get())
device.change_pin(client)
# Check that there's still no PIN protection now
client.init_device()
assert client.features.pin_protection is False
_check_no_pin(client)
@pytest.mark.setup_client(pin=PIN4)
def test_change_failed(client: Client):
assert client.features.pin_protection is True
# Check current PIN value
_check_pin(client, PIN4)
with client, pytest.raises(Cancelled):
IF = InputFlowCodeChangeFail(client, PIN4, "457891", "381847")
client.set_input_flow(IF.get())
device.change_pin(client)
# Check that there's still old PIN protection
client.init_device()
assert client.features.pin_protection is True
_check_pin(client, PIN4)
@pytest.mark.setup_client(pin=PIN4)
def test_change_invalid_current(client: Client):
assert client.features.pin_protection is True
# Check current PIN value
_check_pin(client, PIN4)
with client, pytest.raises(TrezorFailure):
IF = InputFlowWrongPIN(client, PIN60)
client.set_input_flow(IF.get())
device.change_pin(client)
# Check that there's still old PIN protection
client.init_device()
assert client.features.pin_protection is True
_check_pin(client, PIN4)