shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

test pin lock out

Browse Source
This commit is contained in:
Conor Patrick 2019-03-03 19:01:08 -05:00
parent 7b8ec18e76
commit 63a93f6ec2
1 changed files with 49 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
tools/ctap_test.py
View File

@ -1561,10 +1561,52 @@ class Tester:
assert res[3] == (8) assert res[3] == (8)
print("Pass") print("Pass")
# print("Test getting new pin_auth") for i in range(1, 10):
# pin_token = self.client.pin_protocol.get_pin_token(pin2) err = CtapError.ERR.PIN_INVALID
# pin_auth = hmac_sha256(pin_token, cdh)[:16] if i in (3, 6):
# print("Pass") err = CtapError.ERR.PIN_AUTH_BLOCKED
elif i >= 9:
err = CtapError.ERR.PIN_BLOCKED
testPP(
"Lock out authentictor and check correct error codes %d/9" % i,
pin_wrong,
expectedError=err,
)
attempts = 8 - i
if i > 8:
attempts = 0
print("Check there is %d pin attempts left" % attempts)
res = self.ctap.client_pin(pin_protocol, PinProtocolV1.CMD.GET_RETRIES)
assert res[3] == attempts
print("Pass")
if err == CtapError.ERR.PIN_AUTH_BLOCKED:
reboot()
res_mc = testMC(
"Send MC request with correct pin_auth, expect PIN_BLOCKED",
cdh,
rp,
user,
key_params,
other={"pin_auth": pin_auth},
expectedError=CtapError.ERR.PIN_BLOCKED,
)
reboot()
testPP(
"Get pin_token with correct pin code, expect PIN_BLOCKED",
pin1,
expectedError=CtapError.ERR.PIN_BLOCKED,
)
testReset()
print("Done")
def test_rk(self,): def test_rk(self,):
creds = [] creds = []
@ -1755,19 +1797,21 @@ if __name__ == "__main__":
sys.exit(0) sys.exit(0)
t = Tester() t = Tester()
t.set_user_count(3)
if "sim" in sys.argv: if "sim" in sys.argv:
print("Using UDP backend.") print("Using UDP backend.")
force_udp_backend() force_udp_backend()
t.set_sim(True) t.set_sim(True)
t.set_user_count(10)
t.find_device() t.find_device()
t.set_user_count(1)
if "u2f" in sys.argv: if "u2f" in sys.argv:
t.test_u2f() t.test_u2f()
if "fido2" in sys.argv: if "fido2" in sys.argv:
t.test_fido2()
t.test_fido2_other() t.test_fido2_other()
if "rk" in sys.argv: if "rk" in sys.argv: