def testAuthenticateAllKeysInvalid(self): mock_sk = mock.MagicMock() mock_sk.CmdAuthenticate.side_effect = errors.InvalidKeyHandleError mock_sk.CmdVersion.return_value = b'U2F_V2' u2f_api = u2f.U2FInterface(mock_sk) with self.assertRaises(errors.U2FError) as cm: u2f_api.Authenticate( 'testapp', b'ABCD', [model.RegisteredKey('khA'), model.RegisteredKey('khB')]) self.assertEquals(cm.exception.code, errors.U2FError.DEVICE_INELIGIBLE) u2f_api = u2f.U2FInterface(mock_sk)
def testRegisterTimeout(self): mock_sk = mock.MagicMock() mock_sk.CmdRegister.side_effect = errors.TUPRequiredError mock_sk.CmdVersion.return_value = b'U2F_V2' u2f_api = u2f.U2FInterface(mock_sk) # Speed up the test by mocking out sleep to do nothing with mock.patch.object(u2f, 'time') as _: with self.assertRaises(errors.U2FError) as cm: u2f_api.Register('testapp', b'ABCD', []) self.assertEquals(cm.exception.code, errors.U2FError.TIMEOUT) self.assertEquals(mock_sk.CmdRegister.call_count, 30) self.assertEquals(mock_sk.CmdWink.call_count, 30)
def testRegisterError(self): mock_sk = mock.MagicMock() mock_sk.CmdRegister.side_effect = errors.ApduError(0xff, 0xff) mock_sk.CmdVersion.return_value = b'U2F_V2' u2f_api = u2f.U2FInterface(mock_sk) with self.assertRaises(errors.U2FError) as cm: u2f_api.Register('testapp', b'ABCD', []) self.assertEquals(cm.exception.code, errors.U2FError.BAD_REQUEST) self.assertEquals(cm.exception.cause.sw1, 0xff) self.assertEquals(cm.exception.cause.sw2, 0xff) self.assertEquals(mock_sk.CmdRegister.call_count, 1) self.assertEquals(mock_sk.CmdWink.call_count, 0)
def testRegisterSuccessWithTUP(self): mock_sk = mock.MagicMock() mock_sk.CmdRegister.side_effect = [errors.TUPRequiredError, 'regdata'] mock_sk.CmdVersion.return_value = b'U2F_V2' u2f_api = u2f.U2FInterface(mock_sk) resp = u2f_api.Register('testapp', b'ABCD', []) self.assertEquals(mock_sk.CmdRegister.call_count, 2) self.assertEquals(mock_sk.CmdWink.call_count, 1) self.assertEquals(resp.client_data.raw_server_challenge, b'ABCD') self.assertEquals(resp.client_data.typ, 'navigator.id.finishEnrollment') self.assertEquals(resp.registration_data, 'regdata')
def testAuthenticateError(self): mock_sk = mock.MagicMock() mock_sk.CmdAuthenticate.side_effect = errors.ApduError(0xff, 0xff) mock_sk.CmdVersion.return_value = 'U2F_V2' u2f_api = u2f.U2FInterface(mock_sk) with self.assertRaises(errors.U2FError) as cm: u2f_api.Authenticate('testapp', 'ABCD', [model.RegisteredKey('khA')]) self.assertEquals(cm.exception.code, errors.U2FError.BAD_REQUEST) self.assertEquals(cm.exception.cause.sw1, 0xff) self.assertEquals(cm.exception.cause.sw2, 0xff) self.assertEquals(mock_sk.CmdAuthenticate.call_count, 1) self.assertEquals(mock_sk.CmdWink.call_count, 0)
def testRegisterFailAlreadyRegistered(self): mock_sk = mock.MagicMock() mock_sk.CmdAuthenticate.side_effect = errors.TUPRequiredError mock_sk.CmdVersion.return_value = b'U2F_V2' u2f_api = u2f.U2FInterface(mock_sk) with self.assertRaises(errors.U2FError) as cm: u2f_api.Register('testapp', b'ABCD', [model.RegisteredKey('khA')]) self.assertEquals(cm.exception.code, errors.U2FError.DEVICE_INELIGIBLE) self.assertEquals(mock_sk.CmdAuthenticate.call_count, 1) # Should be "Check only" self.assertTrue(mock_sk.CmdAuthenticate.call_args[0][3]) self.assertEquals(mock_sk.CmdRegister.call_count, 0) self.assertEquals(mock_sk.CmdWink.call_count, 0)
def testAuthenticateSuccessSkipInvalidVersion(self): mock_sk = mock.MagicMock() mock_sk.CmdAuthenticate.return_value = 'signature' mock_sk.CmdVersion.return_value = b'U2F_V2' u2f_api = u2f.U2FInterface(mock_sk) resp = u2f_api.Authenticate('testapp', b'ABCD', [ model.RegisteredKey('khA', version='U2F_V3'), model.RegisteredKey('khB') ]) self.assertEquals(mock_sk.CmdAuthenticate.call_count, 1) self.assertEquals(mock_sk.CmdWink.call_count, 0) self.assertEquals(resp.key_handle, 'khB') self.assertEquals(resp.client_data.raw_server_challenge, b'ABCD') self.assertEquals(resp.client_data.typ, 'navigator.id.getAssertion') self.assertEquals(resp.signature_data, 'signature')
def testAuthenticateSuccessWithTUP(self): mock_sk = mock.MagicMock() mock_sk.CmdAuthenticate.side_effect = [ errors.TUPRequiredError, 'signature' ] mock_sk.CmdVersion.return_value = b'U2F_V2' u2f_api = u2f.U2FInterface(mock_sk) resp = u2f_api.Authenticate('testapp', b'ABCD', [model.RegisteredKey('khA')]) self.assertEquals(mock_sk.CmdAuthenticate.call_count, 2) self.assertEquals(mock_sk.CmdWink.call_count, 1) self.assertEquals(resp.key_handle, 'khA') self.assertEquals(resp.client_data.raw_server_challenge, b'ABCD') self.assertEquals(resp.client_data.typ, 'navigator.id.getAssertion') self.assertEquals(resp.signature_data, 'signature')
def testRegisterSuccessWithPreviousKeys(self): mock_sk = mock.MagicMock() mock_sk.CmdAuthenticate.side_effect = errors.InvalidKeyHandleError mock_sk.CmdRegister.side_effect = [errors.TUPRequiredError, 'regdata'] mock_sk.CmdVersion.return_value = b'U2F_V2' u2f_api = u2f.U2FInterface(mock_sk) resp = u2f_api.Register('testapp', b'ABCD', [model.RegisteredKey('khA')]) self.assertEquals(mock_sk.CmdAuthenticate.call_count, 1) # Should be "Check only" self.assertTrue(mock_sk.CmdAuthenticate.call_args[0][3]) self.assertEquals(mock_sk.CmdRegister.call_count, 2) self.assertEquals(mock_sk.CmdWink.call_count, 1) self.assertEquals(resp.client_data.raw_server_challenge, b'ABCD') self.assertEquals(resp.client_data.typ, 'navigator.id.finishEnrollment') self.assertEquals(resp.registration_data, 'regdata')