shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

add reboot capability for tests

Browse Source
This commit is contained in:
Conor Patrick 2019-03-03 18:43:14 -05:00
parent 67faef0117
commit 7b8ec18e76
3 changed files with 118 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
pc/device.c
View File

@ -146,11 +146,20 @@ void usbhid_init()
int usbhid_recv(uint8_t * msg) int usbhid_recv(uint8_t * msg)
{ {
int l = udp_recv(serverfd, msg, HID_MESSAGE_SIZE); int l = udp_recv(serverfd, msg, HID_MESSAGE_SIZE);
/*if (l && l != HID_MESSAGE_SIZE)*/ uint8_t magic_cmd[] = "\xac\x10\x52\xca\x95\xe5\x69\xde\x69\xe0\x2e\xbf"
/*{*/ "\xf3\x33\x48\x5f\x13\xf9\xb2\xda\x34\xc5\xa8\xa3"
/*printf("Error, recv'd message of wrong size %d", l);*/ "\x40\x52\x66\x97\xa9\xab\x2e\x0b\x39\x4d\x8d\x04"
/*exit(1);*/ "\x97\x3c\x13\x40\x05\xbe\x1a\x01\x40\xbf\xf6\x04"
/*}*/ "\x5b\xb2\x6e\xb7\x7a\x73\xea\xa4\x78\x13\xf6\xb4"
"\x9a\x72\x50\xdc";
if ( memcmp(magic_cmd, msg, 64) == 0 )
{
printf1(TAG_RED, "MAGIC REBOOT command recieved!\r\n");
memset(msg,0,64);
exit(100);
return 0;
}
return l; return l;
} }

98
tools/ctap_test.py
View File

@ -62,6 +62,7 @@ class Tester:
self.origin = "https://examplo.org" self.origin = "https://examplo.org"
self.host = "examplo.org" self.host = "examplo.org"
self.user_count = 10 self.user_count = 10
self.is_sim = False
def find_device(self,): def find_device(self,):
print(list(CtapHidDevice.list_devices())) print(list(CtapHidDevice.list_devices()))
@ -79,6 +80,9 @@ class Tester:
def set_user_count(self, count): def set_user_count(self, count):
self.user_count = count self.user_count = count
def set_sim(self, b):
self.is_sim = b
def send_data(self, cmd, data): def send_data(self, cmd, data):
if type(data) != type(b""): if type(data) != type(b""):
data = struct.pack("%dB" % len(data), *[ord(x) for x in data]) data = struct.pack("%dB" % len(data), *[ord(x) for x in data])
@ -102,6 +106,21 @@ class Tester:
assert len(data) == 64 assert len(data) == 64
self.dev._dev.InternalSendPacket(Packet(data)) self.dev._dev.InternalSendPacket(Packet(data))
def send_magic_reboot(self,):
"""
For use in simulation and testing. Random bytes that authentictor should detect
and then restart itself.
"""
magic_cmd = (
b"\xac\x10\x52\xca\x95\xe5\x69\xde\x69\xe0\x2e\xbf"
+ b"\xf3\x33\x48\x5f\x13\xf9\xb2\xda\x34\xc5\xa8\xa3"
+ b"\x40\x52\x66\x97\xa9\xab\x2e\x0b\x39\x4d\x8d\x04"
+ b"\x97\x3c\x13\x40\x05\xbe\x1a\x01\x40\xbf\xf6\x04"
+ b"\x5b\xb2\x6e\xb7\x7a\x73\xea\xa4\x78\x13\xf6\xb4"
+ b"\x9a\x72\x50\xdc"
)
self.dev._dev.InternalSendPacket(Packet(magic_cmd))
def cid(self,): def cid(self,):
return self.dev._dev.cid return self.dev._dev.cid
@ -798,6 +817,21 @@ class Tester:
def testCP(test, *args, **kwargs): def testCP(test, *args, **kwargs):
return testFunc(self.ctap.client_pin, test, *args, **kwargs) return testFunc(self.ctap.client_pin, test, *args, **kwargs)
def testPP(test, *args, **kwargs):
return testFunc(
self.client.pin_protocol.get_pin_token, test, *args, **kwargs
)
def reboot():
if self.is_sim:
print("Sending restart command...")
self.send_magic_reboot()
time.sleep(0.25)
else:
print("Please reboot authentictor and hit enter")
input()
self.find_device()
testReset() testReset()
print("Get info") print("Get info")
@ -1463,6 +1497,12 @@ class Tester:
assert e.code == CtapError.ERR.PIN_POLICY_VIOLATION assert e.code == CtapError.ERR.PIN_POLICY_VIOLATION
print("Pass") print("Pass")
print("Setting pin code and get pin_token, expect SUCCESS")
self.client.pin_protocol.set_pin(pin1)
pin_token = self.client.pin_protocol.get_pin_token(pin1)
pin_auth = hmac_sha256(pin_token, cdh)[:16]
print("Pass")
res = testCP( res = testCP(
"Test getRetries, expect SUCCESS", "Test getRetries, expect SUCCESS",
pin_protocol, pin_protocol,
@ -1470,10 +1510,62 @@ class Tester:
expectedError=CtapError.ERR.SUCCESS, expectedError=CtapError.ERR.SUCCESS,
) )
print("Check there is 8 tries") print("Check there is 8 pin attempts left")
assert res[3] == 8 assert res[3] == 8
print("Pass") print("Pass")
# Flip 1 bit
pin_wrong = list(pin1)
c = pin1[len(pin1) // 2]
pin_wrong[len(pin1) // 2] = chr(ord(c) ^ 1)
pin_wrong = "".join(pin_wrong)
for i in range(1, 3):
testPP(
"Get pin_token with wrong pin code, expect PIN_INVALID (%d/2)" % i,
pin_wrong,
expectedError=CtapError.ERR.PIN_INVALID,
)
print("Check there is %d pin attempts left" % (8 - i))
res = self.ctap.client_pin(pin_protocol, PinProtocolV1.CMD.GET_RETRIES)
assert res[3] == (8 - i)
print("Pass")
for i in range(1, 3):
testPP(
"Get pin_token with wrong pin code, expect PIN_AUTH_BLOCKED %d/2" % i,
pin_wrong,
expectedError=CtapError.ERR.PIN_AUTH_BLOCKED,
)
reboot()
print("Get pin_token, expect SUCCESS")
pin_token = self.client.pin_protocol.get_pin_token(pin1)
pin_auth = hmac_sha256(pin_token, cdh)[:16]
print("Pass")
res_mc = testMC(
"Send MC request with correct pin_auth",
cdh,
rp,
user,
key_params,
other={"pin_auth": pin_auth},
expectedError=CtapError.ERR.SUCCESS,
)
print("Test getRetries resets to 8")
res = self.ctap.client_pin(pin_protocol, PinProtocolV1.CMD.GET_RETRIES)
assert res[3] == (8)
print("Pass")
# print("Test getting new pin_auth")
# pin_token = self.client.pin_protocol.get_pin_token(pin2)
# pin_auth = hmac_sha256(pin_token, cdh)[:16]
# print("Pass")
def test_rk(self,): def test_rk(self,):
creds = [] creds = []
rp = {"id": self.host, "name": "ExaRP"} rp = {"id": self.host, "name": "ExaRP"}
@ -1662,11 +1754,13 @@ if __name__ == "__main__":
print("Usage: %s [sim] <[u2f]|[fido2]|[rk]|[hid]|[ping]>") print("Usage: %s [sim] <[u2f]|[fido2]|[rk]|[hid]|[ping]>")
sys.exit(0) sys.exit(0)
t = Tester()
if "sim" in sys.argv: if "sim" in sys.argv:
print("Using UDP backend.") print("Using UDP backend.")
force_udp_backend() force_udp_backend()
t.set_sim(True)
t = Tester()
t.find_device() t.find_device()
t.set_user_count(1) t.set_user_count(1)

8
tools/test_sw_token.sh Normal file
View File

@ -0,0 +1,8 @@
#!/bin/bash
./main
while [ $? == 100 ] ; do
echo "Restarting software authentictor."
./main
done