def test_wipe_device(self, client): with client: client.set_expected_responses( [proto.ButtonRequest(), proto.Success(), proto.Features()]) device.wipe(client)
def test_device_id_different(self): id1 = self.client.get_device_id() device.wipe(self.client) id2 = self.client.get_device_id() # Device ID must be fresh after every reset assert id1 != id2
def wipe_device(hw_device_id: str, hw_device_transport_id: Any, hw_client: Optional[Any]) -> str: """ :return: new device id """ client = None try: if not hw_client: client = open_session(hw_device_id, hw_device_transport_id) else: client = hw_client if client: device.wipe(client) hw_device_id = client.features.device_id return hw_device_id else: raise Exception('Couldn\'t connect to Trezor device.') except TrezorFailure as e: if not (len(e.args) >= 0 and str(e.args[1]) == 'Action cancelled by user'): if e.failure.message == 'Device not initialized': raise HwNotInitialized(e.failure.message) else: raise else: raise CancelException except exceptions.Cancelled: raise CancelException finally: if client and hw_client != client: client.close()
def setup_device_core(client, pin, wipe_code): device.wipe(client) debuglink.load_device(client, MNEMONIC12, pin, passphrase_protection=False, label="WIPECODE") def input_flow(): yield # do you want to set/change the wipe_code? client.debug.press_yes() if pin is not None: yield # enter current pin client.debug.input(pin) yield # enter new wipe code client.debug.input(wipe_code) yield # enter new wipe code again client.debug.input(wipe_code) yield # success client.debug.press_yes() with client: client.set_expected_responses( [messages.ButtonRequest()] * 5 + [messages.Success(), messages.Features()]) client.set_input_flow(input_flow) device.change_wipe_code(client)
def test_wipe_device(self): with self.client: self.setup_mnemonic_pin_passphrase() self.client.set_expected_responses( [proto.ButtonRequest(), proto.Success(), proto.Features()] ) device.wipe(self.client)
def test_sd_protect(self, client): # Disabling SD protection should fail with pytest.raises(TrezorFailure): device.sd_protect(client, proto.SdProtectOperationType.DISABLE) # Enable SD protection device.sd_protect(client, proto.SdProtectOperationType.ENABLE) # Enabling SD protection should fail with pytest.raises(TrezorFailure): device.sd_protect(client, proto.SdProtectOperationType.ENABLE) # Wipe device.wipe(client) debuglink.load_device_by_mnemonic( client, mnemonic=MNEMONIC12, pin="", passphrase_protection=False, label="test", ) # Enable SD protection device.sd_protect(client, proto.SdProtectOperationType.ENABLE) # Refresh SD protection device.sd_protect(client, proto.SdProtectOperationType.REFRESH) # Disable SD protection device.sd_protect(client, proto.SdProtectOperationType.DISABLE) # Refreshing SD protection should fail with pytest.raises(TrezorFailure): device.sd_protect(client, proto.SdProtectOperationType.REFRESH)
def test_wipe_device(client: Client): _assert_protection(client) with client: client.set_expected_responses( [messages.ButtonRequest, messages.Success, messages.Features] ) device.wipe(client)
def main(): parser = ArgumentParser() parser.add_argument("-m", dest="mnemonic", help="Set mnemonic", type=str) parser.add_argument("-p", dest="pin", help="Set pin", type=str) parser.add_argument("--passphrase", dest="passphrase", help="Enable passphrase", action="store_true") parser.add_argument("--no-passphrase", dest="passphrase", help="Enable passphrase", action="store_false") parser.set_defaults(passphrase=True) args = parser.parse_args() # Setup link wirelink = get_device() client = TrezorClientDebugLink(wirelink) client.open() device.wipe(client) debuglink.load_device_by_mnemonic(client, mnemonic=args.mnemonic, pin=args.pin, passphrase_protection=args.passphrase, label='test') print(args.mnemonic) print(client.features) client.close()
def test_device_id_different(self): id1 = self.client.get_device_id() device.wipe(self.client) id2 = self.client.get_device_id() # Device ID must be fresh after every reset assert id1 != id2
def wipe_device(hw_device_id) -> Tuple[str, bool]: """ :param hw_device_id: :return: Tuple [0]: Device id. If a device is wiped before initializing with mnemonics, a new device id is generated. It's returned to the caller. [1]: True, if the user cancelled the operation. In this case we deliberately don't raise the 'cancelled' exception, because in the case of changing of the device id (when wiping) we want to pass the new device id back to the caller. """ client = None try: client = connect_trezor(hw_device_id) if client: device.wipe(client) hw_device_id = client.features.device_id client.close() return hw_device_id, False else: raise Exception('Couldn\'t connect to Trezor device.') except CallException as e: if client: client.close() if not (len(e.args) >= 0 and str(e.args[1]) == 'Action cancelled by user'): raise else: return hw_device_id, True # cancelled by user except CancelException: if client: client.close() return hw_device_id, True # cancelled by user
def test_getxpub(self): with open(os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data/bip32_vectors.json'), encoding='utf-8') as f: vectors = json.load(f) for vec in vectors: with self.subTest(vector=vec): # Setup with xprv device.wipe(self.client) load_device_by_xprv(client=self.client, xprv=vec['xprv'], pin='', passphrase_protection=False, label='test', language='english') # Test getmasterxpub gmxp_res = process_commands([ '-t', 'trezor', '-d', 'udp:127.0.0.1:21324', 'getmasterxpub' ]) self.assertEqual(gmxp_res['xpub'], vec['master_xpub']) # Test the path derivs for path_vec in vec['vectors']: gxp_res = process_commands([ '-t', 'trezor', '-d', 'udp:127.0.0.1:21324', 'getxpub', path_vec['path'] ]) self.assertEqual(gxp_res['xpub'], path_vec['xpub'])
def test_device_id_different(client: Client): id1 = client.get_device_id() device.wipe(client) id2 = client.get_device_id() # Device ID must be fresh after every reset assert id1 != id2
def setup_method(self, method): wirelink = conftest.get_device() self.client = TrezorClientDebugLink(wirelink) # self.client.set_buttonwait(3) device.wipe(self.client) self.client.open()
def test_wipe_device(self): with self.client: self.setup_mnemonic_pin_passphrase() self.client.set_expected_responses( [proto.ButtonRequest(), proto.Success(), proto.Features()]) device.wipe(self.client)
def setup_method(self, method): wirelink = conftest.get_device() self.client = TrezorClientDebugLink(wirelink) self.client.set_tx_api(coins.tx_api["Bitcoin"]) # self.client.set_buttonwait(3) device.wipe(self.client) self.client.transport.session_begin()
def setup_device_legacy(client, pin, wipe_code): device.wipe(client) debuglink.load_device( client, MNEMONIC12, pin, passphrase_protection=False, label="WIPECODE" ) with client: client.use_pin_sequence([PIN, WIPE_CODE, WIPE_CODE]) device.change_wipe_code(client)
def test_reset_recovery(client): mnemonics = reset(client) address_before = btc.get_address(client, "Bitcoin", parse_path("44'/0'/0'/0/0")) for share_subset in itertools.combinations(mnemonics, 3): device.wipe(client) selected_mnemonics = share_subset recover(client, selected_mnemonics) address_after = btc.get_address(client, "Bitcoin", parse_path("44'/0'/0'/0/0")) assert address_before == address_after
def test_reset_recovery(client: Client): mnemonic = reset(client) address_before = btc.get_address(client, "Bitcoin", parse_path("m/44h/0h/0h/0/0")) device.wipe(client) recover(client, mnemonic) address_after = btc.get_address(client, "Bitcoin", parse_path("m/44h/0h/0h/0/0")) assert address_before == address_after
def test_reset_recovery(client): mnemonics = reset(client) address_before = btc.get_address(client, "Bitcoin", parse_path("44'/0'/0'/0/0")) for share_subset in ((0, 1, 2), (4, 3, 2), (2, 1, 3)): # TODO: change the above to itertools.combinations(mnemonics, 3) device.wipe(client) selected_mnemonics = [mnemonics[i] for i in share_subset] recover(client, selected_mnemonics) address_after = btc.get_address(client, "Bitcoin", parse_path("44'/0'/0'/0/0")) assert address_before == address_after
def test_wipe_device(client: Client): assert client.features.initialized is True assert client.features.label == "test" assert client.features.passphrase_protection is True device_id = client.get_device_id() device.wipe(client) assert client.features.initialized is False assert client.features.label is None assert client.features.passphrase_protection is False assert client.get_device_id() != device_id
def recovery_device(hw_device_id: str, word_count: int, passphrase_enabled: bool, pin_enabled: bool, hw_label: str) \ -> Tuple[str, bool]: """ :param hw_device_id: :param passphrase_enbled: :param pin_enbled: :param hw_label: :return: Tuple [0]: Device id. If a device is wiped before initializing with mnemonics, a new device id is generated. It's returned to the caller. [1]: True, if the user cancelled the operation. In this case we deliberately don't raise the 'cancelled' exception, because in the case of changing of the device id (when wiping) we want to pass the new device id back to the caller. """ mnem = Mnemonic('english') def ask_for_word(type): nonlocal mnem msg = "Enter one word of mnemonic: " word = ask_for_word_callback(msg, mnem.wordlist) if not word: raise exceptions.Cancelled return word client = None try: client = connect_trezor(hw_device_id) if client: if client.features.initialized: device.wipe(client) hw_device_id = client.features.device_id device.recover(client, word_count, passphrase_enabled, pin_enabled, hw_label, language='english', input_callback=ask_for_word) return hw_device_id, False else: raise Exception('Couldn\'t connect to Trezor device.') except exceptions.Cancelled: return hw_device_id, True except CancelException: return hw_device_id, True # cancelled by user finally: if client: client.close()
def reset_device(hw_device_id: str, strength: int, passphrase_enabled: bool, pin_enabled: bool, hw_label: str) -> Tuple[str, bool]: """ Initialize device with a newly generated words. :param hw_type: app_config.HWType :param hw_device_id: id of the device selected by the user :param strength: number of bits of entropy (will have impact on number of words) :param passphrase_enbled: if True, hw will have passphrase enabled :param pin_enabled: if True, hw will have pin enabled :param hw_label: label for device (Trezor/Keepkey) :return: Tuple Ret[0]: Device id. If a device is wiped before initializing with mnemonics, a new device id is generated. It's returned to the caller. Ret[1]: False, if the user cancelled the operation. In this situation we deliberately don't raise the 'cancelled' exception, because in the case of changing of the device id (when wiping) we want to pass it back to the caller function. """ client = None try: client = connect_trezor(hw_device_id) if client: if client.features.initialized: device.wipe(client) hw_device_id = client.features.device_id device.reset(client, display_random=True, strength=strength, passphrase_protection=passphrase_enabled, pin_protection=pin_enabled, label=hw_label, language='english', u2f_counter=0, skip_backup=False) client.close() return hw_device_id, False else: raise Exception('Couldn\'t connect to Trezor device.') except CallException as e: if client: client.close() if not (len(e.args) >= 0 and str(e.args[1]) == 'Action cancelled by user'): raise else: return hw_device_id, True # cancelled by user except CancelException: if client: client.close() return hw_device_id, True # cancelled by user
def test_wipe_device(self, client): features = client.call_raw(proto.Initialize()) assert features.initialized is True assert features.pin_protection is True assert features.passphrase_protection is True device_id = features.device_id device.wipe(client) features = client.call_raw(proto.Initialize()) assert features.initialized is False assert features.pin_protection is False assert features.passphrase_protection is False assert features.device_id != device_id
def test_wipe_device(self): self.setup_mnemonic_pin_passphrase() features = self.client.call_raw(proto.Initialize()) assert features.initialized is True assert features.pin_protection is True assert features.passphrase_protection is True device_id = features.device_id device.wipe(self.client) features = self.client.call_raw(proto.Initialize()) assert features.initialized is False assert features.pin_protection is False assert features.passphrase_protection is False assert features.device_id != device_id
def test_safety_checks_level_after_reboot(emulator, set_level, after_level): device.wipe(emulator.client) debuglink.load_device( emulator.client, mnemonic=MNEMONIC12, pin="", passphrase_protection=False, label="SAFETYLEVEL", ) device.apply_settings(emulator.client, safety_checks=set_level) assert emulator.client.features.safety_checks == set_level emulator.restart() assert emulator.client.features.safety_checks == after_level
def test_wipe_device(self): self.setup_mnemonic_pin_passphrase() features = self.client.call_raw(proto.Initialize()) assert features.initialized is True assert features.pin_protection is True assert features.passphrase_protection is True device_id = features.device_id device.wipe(self.client) features = self.client.call_raw(proto.Initialize()) assert features.initialized is False assert features.pin_protection is False assert features.passphrase_protection is False assert features.device_id != device_id
def test_reset_recovery(client): mnemonics = reset(client) address_before = btc.get_address(client, "Bitcoin", parse_path("44'/0'/0'/0/0")) # TODO: more combinations selected_mnemonics = [ mnemonics[0], mnemonics[1], mnemonics[2], mnemonics[5], mnemonics[6], mnemonics[7], mnemonics[10], mnemonics[11], mnemonics[12], ] device.wipe(client) recover(client, selected_mnemonics) address_after = btc.get_address(client, "Bitcoin", parse_path("44'/0'/0'/0/0")) assert address_before == address_after
def test_autolock_not_retained(client: Client): with client: client.use_pin_sequence([PIN4]) device.apply_settings(client, auto_lock_delay_ms=10_000) assert client.features.auto_lock_delay_ms == 10_000 device.wipe(client) assert client.features.auto_lock_delay_ms > 10_000 with client: client.use_pin_sequence([PIN4, PIN4]) device.reset(client, skip_backup=True, pin_protection=True) time.sleep(10.5) with client: # after sleeping for the pre-wipe autolock amount, Trezor must still be unlocked client.set_expected_responses([messages.Address]) get_test_address(client)
def initialize_device(hw_device_id: str, hw_device_transport_id: Any, hw_client: Any, strength: int, passphrase_enabled: bool, pin_enabled: bool, hw_label: str) -> Optional[str]: client = None try: if not hw_client: client = open_session(hw_device_id, hw_device_transport_id) else: client = hw_client if client: if client.features.initialized: device.wipe(client) hw_device_id = client.features.device_id device.reset(client, display_random=True, strength=strength, passphrase_protection=passphrase_enabled, pin_protection=pin_enabled, label=hw_label, language='english', u2f_counter=0, skip_backup=False) return hw_device_id else: raise Exception('Couldn\'t connect to Trezor device.') except TrezorFailure as e: if not (len(e.args) >= 0 and str(e.args[1]) == 'Action cancelled by user'): if e.failure.message == 'Device not initialized': raise HwNotInitialized(e.failure.message) else: raise else: raise CancelException except exceptions.Cancelled: raise CancelException finally: if client and hw_client != client: client.close()
def reinit_trezor(self): self.deinit() path = self.get_trezor_path() is_debug = not int(os.getenv('TREZOR_NDEBUG', 0)) self.creds = self.get_trezor_creds(0) self.trezor_proxy = tmanager.Trezor(path=path, debug=is_debug) self.agent = agent_lite.Agent(self.trezor_proxy, network_type=monero.NetworkTypes.TESTNET) client = self.trezor_proxy.client if is_debug: client.open() device.wipe(client) debuglink.load_device_by_mnemonic( client=client, mnemonic=self.get_trezor_mnemonics()[0], pin="", passphrase_protection=False, label="ph4test", language="english", )
def test_wipe(client): # Enable SD protection device.sd_protect(client, Op.ENABLE) assert client.features.sd_protection is True # Wipe device (this wipes internal storage) device.wipe(client) assert client.features.sd_protection is False # Restore device to working status debuglink.load_device_by_mnemonic( client, mnemonic=MNEMONIC12, pin=None, passphrase_protection=False, label="test" ) assert client.features.sd_protection is False # Enable SD protection device.sd_protect(client, Op.ENABLE) assert client.features.sd_protection is True # Refresh SD protection device.sd_protect(client, Op.REFRESH)
def test_reset_recovery(client): mnemonics = reset(client) address_before = btc.get_address(client, "Bitcoin", parse_path("44'/0'/0'/0/0")) # we're generating 3of5 groups 3of5 shares each test_combinations = [ mnemonics[0:3] # shares 1-3 from groups 1-3 + mnemonics[5:8] + mnemonics[10:13], mnemonics[2:5] # shares 3-5 from groups 1-3 + mnemonics[7:10] + mnemonics[12:15], mnemonics[10:13] # shares 1-3 from groups 3-5 + mnemonics[15:18] + mnemonics[20:23], mnemonics[12:15] # shares 3-5 from groups 3-5 + mnemonics[17:20] + mnemonics[22:25], ] for combination in test_combinations: device.wipe(client) recover(client, combination) address_after = btc.get_address(client, "Bitcoin", parse_path("44'/0'/0'/0/0")) assert address_before == address_after
def test_softlock_instability(client): def load_device(): debuglink.load_device( client, mnemonic=MNEMONIC12, pin="1234", passphrase_protection=False, label="test", ) # start from a clean slate: resp = client.debug.reseed(0) if isinstance(resp, messages.Failure) and not isinstance( client.transport, udp.UdpTransport ): pytest.xfail("reseed only supported on emulator") device.wipe(client) entropy_after_wipe = misc.get_entropy(client, 16) # configure and wipe the device load_device() client.debug.reseed(0) device.wipe(client) assert misc.get_entropy(client, 16) == entropy_after_wipe load_device() # the device has PIN -> lock it client.call(messages.LockDevice()) client.debug.reseed(0) # wipe_device should succeed with no need to unlock device.wipe(client) # the device is now trying to run the lockscreen, which attempts to unlock. # If the device actually called config.unlock(), it would use additional randomness. # That is undesirable. Assert that the returned entropy is still the same. assert misc.get_entropy(client, 16) == entropy_after_wipe
def setup_method(self, method): self.client = conftest.get_device() # self.client.set_buttonwait(3) device.wipe(self.client) self.client.open()
def test_load_device_utf(self): words_nfkd = u"Pr\u030ci\u0301s\u030cerne\u030c z\u030clut\u030couc\u030cky\u0301 ku\u030an\u030c u\u0301pe\u030cl d\u030ca\u0301belske\u0301 o\u0301dy za\u0301ker\u030cny\u0301 uc\u030cen\u030c be\u030cz\u030ci\u0301 pode\u0301l zo\u0301ny u\u0301lu\u030a" words_nfc = u"P\u0159\xed\u0161ern\u011b \u017elu\u0165ou\u010dk\xfd k\u016f\u0148 \xfap\u011bl \u010f\xe1belsk\xe9 \xf3dy z\xe1ke\u0159n\xfd u\u010de\u0148 b\u011b\u017e\xed pod\xe9l z\xf3ny \xfal\u016f" words_nfkc = u"P\u0159\xed\u0161ern\u011b \u017elu\u0165ou\u010dk\xfd k\u016f\u0148 \xfap\u011bl \u010f\xe1belsk\xe9 \xf3dy z\xe1ke\u0159n\xfd u\u010de\u0148 b\u011b\u017e\xed pod\xe9l z\xf3ny \xfal\u016f" words_nfd = u"Pr\u030ci\u0301s\u030cerne\u030c z\u030clut\u030couc\u030cky\u0301 ku\u030an\u030c u\u0301pe\u030cl d\u030ca\u0301belske\u0301 o\u0301dy za\u0301ker\u030cny\u0301 uc\u030cen\u030c be\u030cz\u030ci\u0301 pode\u0301l zo\u0301ny u\u0301lu\u030a" passphrase_nfkd = ( u"Neuve\u030cr\u030citelne\u030c bezpec\u030cne\u0301 hesli\u0301c\u030cko" ) passphrase_nfc = ( u"Neuv\u011b\u0159iteln\u011b bezpe\u010dn\xe9 hesl\xed\u010dko" ) passphrase_nfkc = ( u"Neuv\u011b\u0159iteln\u011b bezpe\u010dn\xe9 hesl\xed\u010dko" ) passphrase_nfd = ( u"Neuve\u030cr\u030citelne\u030c bezpec\u030cne\u0301 hesli\u0301c\u030cko" ) device.wipe(self.client) debuglink.load_device_by_mnemonic( self.client, mnemonic=words_nfkd, pin="", passphrase_protection=True, label="test", language="english", skip_checksum=True, ) self.client.set_passphrase(passphrase_nfkd) address_nfkd = btc.get_address(self.client, "Bitcoin", []) device.wipe(self.client) debuglink.load_device_by_mnemonic( self.client, mnemonic=words_nfc, pin="", passphrase_protection=True, label="test", language="english", skip_checksum=True, ) self.client.set_passphrase(passphrase_nfc) address_nfc = btc.get_address(self.client, "Bitcoin", []) device.wipe(self.client) debuglink.load_device_by_mnemonic( self.client, mnemonic=words_nfkc, pin="", passphrase_protection=True, label="test", language="english", skip_checksum=True, ) self.client.set_passphrase(passphrase_nfkc) address_nfkc = btc.get_address(self.client, "Bitcoin", []) device.wipe(self.client) debuglink.load_device_by_mnemonic( self.client, mnemonic=words_nfd, pin="", passphrase_protection=True, label="test", language="english", skip_checksum=True, ) self.client.set_passphrase(passphrase_nfd) address_nfd = btc.get_address(self.client, "Bitcoin", []) assert address_nfkd == address_nfc assert address_nfkd == address_nfkc assert address_nfkd == address_nfd