Archives
/
openpgp-card-app
mirror of https://github.com/LedgerHQ/openpgp-card-app
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
develop
cev/add_golden_run_CI
master
cev/Port_Flex
nanox_2.3.0_2.3.0_sdk_8ef83dd4815bc8c7a52bed9d5f1eff7bd6c14370
nanox_2.2.4_2.3.0_sdk_v5.13.1
stax_1.5.0_2.3.0_sdk_v21.3.0
flex_1.1.1_2.3.0_sdk_v21.3.0
nanos+_1.2.0_2.3.0_sdk_8ef83dd4815bc8c7a52bed9d5f1eff7bd6c14370
nanos+_1.1.2_2.3.0_sdk_v5.13.1
nanos_2.1.0_2.3.0_sdk_lns-2.1.0-v22.1
stax_1.5.0_2.2.2_sdk_edba017dd479c0adeb115ee1cece6303d03c1610
stax_1.4.0_2.2.2_sdk_v15.6.0
nanox_2.2.4_2.2.2_sdk_v5.13.0
nanos+_1.1.2_2.2.2_sdk_v5.13.0
nanos_2.1.0_2.2.2_sdk_lns-2.1.0-v22.0
nanos_2.1.0_2.2.2_sdk_lns-2.1.0-v21.0
nanos+_1.1.1_2.2.2_sdk_v5.12.0
stax_1.4.0_2.2.2_sdk_v15.5.0
nanox_2.2.3_2.2.2_sdk_v5.12.0
nanos+_1.1.1_1.4.4_sdk_v5.8.0
nanox_2.2.3_1.4.4_sdk_v5.6.0
nanox_2.2.2-pr1_1.4.4_sdk_v5.4.2
nanox_2.2.2_1.4.4_sdk_v5.4.1
nanox_2.2.1_1.4.4_sdk_v5.2.2
nanox_2.2.0_1.4.4_sdk_v5.1.0
nanox_2.2.0-rc2_1.4.4_sdk_v5.0.5
nanox_2.2.0-pr2_1.4.4_sdk_v4.0.0
nanox_2.1.0_1.4.4_sdk_v1.2.1
nanos+_1.2.0-pr2_1.4.4_sdk_v4.0.0
nanos+_1.1.0_1.4.4_sdk_v1.2.1
nanos_1.4.4_2.0.0-rc5_2021-03-16_16-37-05
nanos_1.4.4_2.0.0-rc2_2021-02-01_16-33-59
nanox_1.4.3_1.2.4-5_2020-12-14_11-01-11
nanos_1.4.3_1.6.1-2_2020-12-14_11-00-49
nanox_1.4.2_1.2.4-5_2020-12-06_16-23-14
nanox_1.4.1_1.2.4-5_2020-12-04_13-29-56
nanox_1.4.1_2020-11-21_09-42-24
nanox_1.4.1_2020-07-22_15-34-14
nanox_1.4.1_2020-07-08_08-40-05
1.3.2
1.3.1
1.3.0
1.2.1
1.2.0
1.1.0
1.0.1
1.0.0
1.0RC7
1.0RC6
1.0RC5
1.0RC4
1.0RC3
1.0RC2
1.0RC1
1.4.1
1.4.1-nanox
1.4.2-nanox
1.4.3
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd84adb17e7'
${ noResults }
openpgp-card-app/tests/test_seed.py

79 lines
2.4 KiB
Python
Raw Blame History

# -*- coding: utf-8 -*-
# SPDX-FileCopyrightText: 2023 Ledger SAS
# SPDX-License-Identifier: LicenseRef-LEDGER
"""
This module provides Ragger tests for Signing feature with SEED mode
"""
import sys
from typing import Union
import pytest
from Crypto.PublicKey.RSA import RsaKey
from Crypto.PublicKey.ECC import EccKey
from ragger.backend import BackendInterface
from application_client.command_sender import CommandSender
from application_client.app_def import Errors, DataObject, PassWord, PubkeyAlgo
from utils import get_RSA_pub_key, get_ECDSA_pub_key, get_EDDSA_pub_key
from utils import check_pincode, generate_key, get_key_attributes, KEY_TEMPLATES
def _gen_key(client: CommandSender, template: str) -> Union[RsaKey,EccKey]:
# Verify PW3 (Admin)
check_pincode(client, PassWord.PW3)
# Set SIG key template
rapdu = client.set_template(DataObject.DO_SIG_ATTR, KEY_TEMPLATES[template])
assert rapdu.status == Errors.SW_OK
# Generate the SIG Key Pair in SEED mode
generate_key(client, DataObject.DO_SIG_KEY, True)
key_algo, _ = get_key_attributes(client, DataObject.DO_SIG_ATTR)
# Read the SIG pub Key
if key_algo == PubkeyAlgo.RSA:
return get_RSA_pub_key(client, DataObject.DO_SIG_KEY)
if key_algo == PubkeyAlgo.ECDSA:
return get_ECDSA_pub_key(client, DataObject.DO_SIG_KEY)
if key_algo == PubkeyAlgo.EDDSA:
return get_EDDSA_pub_key(client, DataObject.DO_SIG_KEY)
raise ValueError
@pytest.mark.parametrize(
"template",
[
"rsa2048",
pytest.param("rsa3072", marks=pytest.mark.skipif("--full" not in sys.argv, reason="skipping long test")),
# pytest.param("rsa4096", marks=pytest.mark.skipif("--full" not in sys.argv, reason="skipping long test")),
"nistp256", # ECDSA
"ed25519", # EdDSA
# "cv25519", # ECDH, SDK returns CX_EC_INVALID_CURVE
],
)
def test_seed_key(backend: BackendInterface, template: str) -> None:
# Use the app interface instead of raw interface
client = CommandSender(backend)
# Generate the key
pubkey1 = _gen_key(client, template)
# Reset the App (delete the key)
client.send_terminate()
client.send_activate()
# Ensure the SIG Key is no more available
rapdu = client.read_key(DataObject.DO_SIG_KEY)
assert rapdu.status == Errors.SW_REFERENCED_DATA_NOT_FOUND
# Generate the key again
pubkey2 = _gen_key(client, template)
# Check generated keys
assert pubkey1 == pubkey2
Reference in New Issue View Git Blame Copy Permalink