Archives
/
openpgp-card-app
mirror of https://github.com/LedgerHQ/openpgp-card-app
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
develop
cev/Port_Flex
master
nanox_2.3.0_2.3.0_sdk_8ef83dd4815bc8c7a52bed9d5f1eff7bd6c14370
nanox_2.2.4_2.3.0_sdk_v5.13.1
stax_1.5.0_2.3.0_sdk_v21.3.0
flex_1.1.1_2.3.0_sdk_v21.3.0
nanos+_1.2.0_2.3.0_sdk_8ef83dd4815bc8c7a52bed9d5f1eff7bd6c14370
nanos+_1.1.2_2.3.0_sdk_v5.13.1
nanos_2.1.0_2.3.0_sdk_lns-2.1.0-v22.1
stax_1.5.0_2.2.2_sdk_edba017dd479c0adeb115ee1cece6303d03c1610
stax_1.4.0_2.2.2_sdk_v15.6.0
nanox_2.2.4_2.2.2_sdk_v5.13.0
nanos+_1.1.2_2.2.2_sdk_v5.13.0
nanos_2.1.0_2.2.2_sdk_lns-2.1.0-v22.0
nanos_2.1.0_2.2.2_sdk_lns-2.1.0-v21.0
nanos+_1.1.1_2.2.2_sdk_v5.12.0
stax_1.4.0_2.2.2_sdk_v15.5.0
nanox_2.2.3_2.2.2_sdk_v5.12.0
nanos+_1.1.1_1.4.4_sdk_v5.8.0
nanox_2.2.3_1.4.4_sdk_v5.6.0
nanox_2.2.2-pr1_1.4.4_sdk_v5.4.2
nanox_2.2.2_1.4.4_sdk_v5.4.1
nanox_2.2.1_1.4.4_sdk_v5.2.2
nanox_2.2.0_1.4.4_sdk_v5.1.0
nanox_2.2.0-rc2_1.4.4_sdk_v5.0.5
nanox_2.2.0-pr2_1.4.4_sdk_v4.0.0
nanox_2.1.0_1.4.4_sdk_v1.2.1
nanos+_1.2.0-pr2_1.4.4_sdk_v4.0.0
nanos+_1.1.0_1.4.4_sdk_v1.2.1
nanos_1.4.4_2.0.0-rc5_2021-03-16_16-37-05
nanos_1.4.4_2.0.0-rc2_2021-02-01_16-33-59
nanox_1.4.3_1.2.4-5_2020-12-14_11-01-11
nanos_1.4.3_1.6.1-2_2020-12-14_11-00-49
nanox_1.4.2_1.2.4-5_2020-12-06_16-23-14
nanox_1.4.1_1.2.4-5_2020-12-04_13-29-56
nanox_1.4.1_2020-11-21_09-42-24
nanox_1.4.1_2020-07-22_15-34-14
nanox_1.4.1_2020-07-08_08-40-05
1.3.2
1.3.1
1.3.0
1.2.1
1.2.0
1.1.0
1.0.1
1.0.0
1.0RC7
1.0RC6
1.0RC5
1.0RC4
1.0RC3
1.0RC2
1.0RC1
1.4.1
1.4.1-nanox
1.4.2-nanox
1.4.3
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ae8d1f7607'
${ noResults }
openpgp-card-app/tests/test_password.py

147 lines
4.4 KiB
Python
Raw Blame History

# -*- coding: utf-8 -*-
# SPDX-FileCopyrightText: 2023 Ledger SAS
# SPDX-License-Identifier: LicenseRef-LEDGER
"""
This module provides Ragger tests for Password feature
"""
import pytest
from application_client.command_sender import CommandSender
from application_client.app_def import Errors, PassWord
from ragger.error import ExceptionRAPDU
from utils import util_navigate
# In this test we check the card Password verification
@pytest.mark.parametrize(
"pwd, value",
[
(PassWord.PW1, "123456"),
(PassWord.PW2, "123456"),
(PassWord.PW3, "12345678"),
],
)
def test_verify(backend, pwd, value):
# Use the app interface instead of raw interface
client = CommandSender(backend)
# Verify PW status - Not yet verified
with pytest.raises(ExceptionRAPDU) as err:
client.send_verify_pw(pwd)
assert err.value.status & 0xFFF0 == 0x63c0
# Verify PW with its value
rapdu = client.send_verify_pw(pwd, value)
assert rapdu.status == Errors.SW_OK
# Verify PW status
rapdu = client.send_verify_pw(pwd)
assert rapdu.status == Errors.SW_OK
# Verify PW Reset Status
rapdu = client.send_verify_pw(pwd, reset=True)
assert rapdu.status == Errors.SW_OK
# Verify PW status - Not yet verified
with pytest.raises(ExceptionRAPDU) as err:
client.send_verify_pw(pwd)
assert err.value.status & 0xFFF0 == 0x63c0
def test_verify_wrong(backend):
# Use the app interface instead of raw interface
client = CommandSender(backend)
# Verify PW status - Wrong Password
with pytest.raises(ExceptionRAPDU) as err:
client.send_verify_pw(PassWord.PW1, "999999")
assert err.value.status == Errors.SW_SECURITY_STATUS_NOT_SATISFIED
# In this test we check the card Password verification with Pinpad
def test_verify_confirm_accepted(firmware, backend, navigator, test_name):
# Use the app interface instead of raw interface
client = CommandSender(backend)
# Send the APDU (Asynchronous)
with client.send_verify_pw_with_confirmation(PassWord.PW1):
util_navigate(firmware, navigator, test_name, "Confirm_Yes")
# Check the status (Asynchronous)
response = client.get_async_response()
assert response.status == Errors.SW_OK
# In this test we check the Rejected card Password verification with Pinpad
def test_verify_confirm_refused(firmware, backend, navigator, test_name):
# Use the app interface instead of raw interface
client = CommandSender(backend)
# Send the APDU (Asynchronous)
with pytest.raises(ExceptionRAPDU) as err:
with client.send_verify_pw_with_confirmation(PassWord.PW1):
util_navigate(firmware, navigator, test_name, "Confirm_No")
# Assert we have received a refusal
assert err.value.status == Errors.SW_CONDITIONS_NOT_SATISFIED
assert len(err.value.data) == 0
# In this test we check the Password Update
@pytest.mark.parametrize(
"pwd, actual, new",
[
(PassWord.PW1, "123456", "654321"),
(PassWord.PW3, "12345678", "87654321"),
],
)
def test_change(backend, pwd, actual, new):
# Use the app interface instead of raw interface
client = CommandSender(backend)
# Verify PW with its value
rapdu = client.send_verify_pw(pwd, actual)
assert rapdu.status == Errors.SW_OK
# Change PW value
rapdu = client.send_change_pw(pwd, actual, new)
assert rapdu.status == Errors.SW_OK
# Verify PW status
rapdu = client.send_verify_pw(pwd, new)
assert rapdu.status == Errors.SW_OK
# In this test we check the Password Reset
def test_reset(backend):
# Use the app interface instead of raw interface
client = CommandSender(backend)
# Verify PW1
rapdu = client.send_verify_pw(PassWord.PW1, "123456")
assert rapdu.status == Errors.SW_OK
# Verify PW3 (Admin)
rapdu = client.send_verify_pw(PassWord.PW3, "12345678")
assert rapdu.status == Errors.SW_OK
# Reset PW1 with a new value
rapdu = client.send_reset_pw("654321")
assert rapdu.status == Errors.SW_OK
# Verify PW status
rapdu = client.send_verify_pw(PassWord.PW1, "654321")
assert rapdu.status == Errors.SW_OK
# In this test we check the Get Challenge
def test_challenge(backend):
# Use the app interface instead of raw interface
client = CommandSender(backend)
# Get Random number
rapdu = client.get_challenge(32)
assert rapdu.status == Errors.SW_OK
print(f"Random: {rapdu.data.hex()}")
Reference in New Issue View Git Blame Copy Permalink