def test_get_pin_token(self):
prot = ClientPin(mock.MagicMock(), PinProtocolV1())
prot._get_shared_secret = mock.Mock(return_value=({}, SHARED))
prot.ctap.client_pin.return_value = {2: TOKEN_ENC}
self.assertEqual(prot.get_pin_token("1234"), TOKEN)
prot.ctap.client_pin.assert_called_once()
self.assertEqual(
prot.ctap.client_pin.call_args[1]["pin_hash_enc"], PIN_HASH_ENC
)
def test_set_pin(self):
prot = ClientPin(mock.MagicMock(), PinProtocolV1())
prot._get_shared_secret = mock.Mock(return_value=({}, SHARED))
prot.set_pin("1234")
prot.ctap.client_pin.assert_called_with(
1,
3,
key_agreement={},
new_pin_enc=a2b_hex(
"0222fc42c6dd76a274a7057858b9b29d98e8a722ec2dc6668476168c5320473cec9907b4cd76ce7943c96ba5683943211d84471e64d9c51e54763488cd66526a" # noqa E501
),
pin_uv_param=a2b_hex("7b40c084ccc5794194189ab57836475f"),
)
def test_change_pin(self):
prot = ClientPin(mock.MagicMock(), PinProtocolV1())
prot._get_shared_secret = mock.Mock(return_value=({}, SHARED))
prot.change_pin("1234", "4321")
prot.ctap.client_pin.assert_called_with(
1,
4,
key_agreement={},
new_pin_enc=a2b_hex(
"4280e14aac4fcbf02dd079985f0c0ffc9ea7d5f9c173fd1a4c843826f7590cb3c2d080c6923e2fe6d7a52c31ea1309d3fcca3dedae8a2ef14b6330cafc79339e" # noqa E501
),
pin_uv_param=a2b_hex("fb97e92f3724d7c85e001d7f93e6490a"),
pin_hash_enc=a2b_hex("afe8327ce416da8ee3d057589c2ce1a9"),
)
def test_establish_shared_secret(self, patched_generate):
prot = ClientPin(mock.MagicMock(), PinProtocolV1())
patched_generate.return_value = ec.derive_private_key(
EC_PRIV, ec.SECP256R1(), default_backend()
)
prot.ctap.client_pin.return_value = {
1: {1: 2, 3: -25, -1: 1, -2: DEV_PUB_X, -3: DEV_PUB_Y}
}
key_agreement, shared = prot._get_shared_secret()
self.assertEqual(shared, SHARED)
self.assertEqual(key_agreement[-2], EC_PUB_X)
self.assertEqual(key_agreement[-3], EC_PUB_Y)