You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
79 lines
2.4 KiB
Python
79 lines
2.4 KiB
Python
# -*- coding: utf-8 -*-
|
|
# SPDX-FileCopyrightText: 2023 Ledger SAS
|
|
# SPDX-License-Identifier: LicenseRef-LEDGER
|
|
"""
|
|
This module provides Ragger tests for Signing feature with SEED mode
|
|
"""
|
|
import sys
|
|
from typing import Union
|
|
import pytest
|
|
|
|
from Crypto.PublicKey.RSA import RsaKey
|
|
from Crypto.PublicKey.ECC import EccKey
|
|
|
|
from ragger.backend import BackendInterface
|
|
|
|
from application_client.command_sender import CommandSender
|
|
from application_client.app_def import Errors, DataObject, PassWord, PubkeyAlgo
|
|
|
|
from utils import get_RSA_pub_key, get_ECDSA_pub_key, get_EDDSA_pub_key
|
|
from utils import check_pincode, generate_key, get_key_attributes, KEY_TEMPLATES
|
|
|
|
|
|
def _gen_key(client: CommandSender, template: str) -> Union[RsaKey,EccKey]:
|
|
|
|
# Verify PW3 (Admin)
|
|
check_pincode(client, PassWord.PW3)
|
|
|
|
# Set SIG key template
|
|
rapdu = client.set_template(DataObject.DO_SIG_ATTR, KEY_TEMPLATES[template])
|
|
assert rapdu.status == Errors.SW_OK
|
|
|
|
# Generate the SIG Key Pair in SEED mode
|
|
generate_key(client, DataObject.DO_SIG_KEY, True)
|
|
|
|
key_algo, _ = get_key_attributes(client, DataObject.DO_SIG_ATTR)
|
|
|
|
# Read the SIG pub Key
|
|
if key_algo == PubkeyAlgo.RSA:
|
|
return get_RSA_pub_key(client, DataObject.DO_SIG_KEY)
|
|
if key_algo == PubkeyAlgo.ECDSA:
|
|
return get_ECDSA_pub_key(client, DataObject.DO_SIG_KEY)
|
|
if key_algo == PubkeyAlgo.EDDSA:
|
|
return get_EDDSA_pub_key(client, DataObject.DO_SIG_KEY)
|
|
|
|
raise ValueError
|
|
|
|
|
|
@pytest.mark.parametrize(
|
|
"template",
|
|
[
|
|
"rsa2048",
|
|
pytest.param("rsa3072", marks=pytest.mark.skipif("--full" not in sys.argv, reason="skipping long test")),
|
|
# pytest.param("rsa4096", marks=pytest.mark.skipif("--full" not in sys.argv, reason="skipping long test")),
|
|
"nistp256", # ECDSA
|
|
"ed25519", # EdDSA
|
|
# "cv25519", # ECDH, SDK returns CX_EC_INVALID_CURVE
|
|
],
|
|
)
|
|
def test_seed_key(backend: BackendInterface, template: str) -> None:
|
|
# Use the app interface instead of raw interface
|
|
client = CommandSender(backend)
|
|
|
|
# Generate the key
|
|
pubkey1 = _gen_key(client, template)
|
|
|
|
# Reset the App (delete the key)
|
|
client.send_terminate()
|
|
client.send_activate()
|
|
|
|
# Ensure the SIG Key is no more available
|
|
rapdu = client.read_key(DataObject.DO_SIG_KEY)
|
|
assert rapdu.status == Errors.SW_REFERENCED_DATA_NOT_FOUND
|
|
|
|
# Generate the key again
|
|
pubkey2 = _gen_key(client, template)
|
|
|
|
# Check generated keys
|
|
assert pubkey1 == pubkey2
|