def test_set_failed_2(self):
self.setup_mnemonic_pin_passphrase()
features = self.client.call_raw(proto.Initialize())
assert features.pin_protection is True
# Let's set new PIN
ret = self.client.call_raw(proto.ChangePin())
assert isinstance(ret, proto.ButtonRequest)
# Press button
self.client.debug.press_yes()
ret = self.client.call_raw(proto.ButtonAck())
# Send current PIN
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = self.client.debug.read_pin_encoded()
ret = self.client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Send the PIN for first time
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = self.client.debug.encode_pin(self.pin6)
ret = self.client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Send the PIN for second time, but with typo
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = self.client.debug.encode_pin(self.pin6 + '3')
ret = self.client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Now it should fail, because pins are different
assert isinstance(ret, proto.Failure)
# Check that there's still old PIN protection
features = self.client.call_raw(proto.Initialize())
assert features.pin_protection is True
assert self.client.debug.read_pin()[0] == self.pin4
def test_remove_pin(self):
self.setup_mnemonic_pin_passphrase()
features = self.client.call_raw(proto.Initialize())
assert features.pin_protection is True
# Check that there's PIN protection
ret = self.client.call_raw(proto.Ping(pin_protection=True))
assert isinstance(ret, proto.PinMatrixRequest)
self.client.call_raw(proto.Cancel())
# Let's remove PIN
ret = self.client.call_raw(proto.ChangePin(remove=True))
assert isinstance(ret, proto.ButtonRequest)
# Press button
self.client.debug.press_yes()
ret = self.client.call_raw(proto.ButtonAck())
# Send current PIN
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = self.client.debug.read_pin_encoded()
ret = self.client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Now we're done
assert isinstance(ret, proto.Success)
# Check that there's no PIN protection now
features = self.client.call_raw(proto.Initialize())
assert features.pin_protection is False
ret = self.client.call_raw(proto.Ping(pin_protection=True))
assert isinstance(ret, proto.Success)
def test_set_failed(self):
self.setup_mnemonic_nopin_nopassphrase()
features = self.client.call_raw(proto.Initialize())
assert features.pin_protection is False
# Check that there's no PIN protection
ret = self.client.call_raw(proto.Ping(pin_protection=True))
assert isinstance(ret, proto.Success)
# Let's set new PIN
ret = self.client.call_raw(proto.ChangePin())
assert isinstance(ret, proto.ButtonRequest)
# Press button
self.client.debug.press_yes()
ret = self.client.call_raw(proto.ButtonAck())
# Send the PIN for first time
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = self.client.debug.encode_pin(self.pin6)
ret = self.client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Send the PIN for second time, but with typo
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = self.client.debug.encode_pin(self.pin4)
ret = self.client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Now it should fail, because pins are different
assert isinstance(ret, proto.Failure)
# Check that there's still no PIN protection now
features = self.client.call_raw(proto.Initialize())
assert features.pin_protection is False
ret = self.client.call_raw(proto.Ping(pin_protection=True))
assert isinstance(ret, proto.Success)
def test_set_pin(self, client):
features = client.call_raw(proto.Initialize())
assert features.pin_protection is False
# Check that there's no PIN protection
ret = client.call_raw(proto.Ping(pin_protection=True))
assert isinstance(ret, proto.Success)
# Let's set new PIN
ret = client.call_raw(proto.ChangePin())
assert isinstance(ret, proto.ButtonRequest)
# Press button
client.debug.press_yes()
ret = client.call_raw(proto.ButtonAck())
# Send the PIN for first time
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = client.debug.encode_pin(self.pin6)
ret = client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Send the PIN for second time
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = client.debug.encode_pin(self.pin6)
ret = client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Now we're done
assert isinstance(ret, proto.Success)
# Check that there's PIN protection now
features = client.call_raw(proto.Initialize())
assert features.pin_protection is True
# Check that the PIN is correct
self.check_pin(client, self.pin6)
def test_set_pin_to_wipe_code(client):
# Set wipe code.
_set_wipe_code(client, WIPE_CODE4)
# Try to set the PIN to the current wipe code value.
ret = client.call_raw(messages.ChangePin())
assert isinstance(ret, messages.ButtonRequest)
# Confirm intent to set PIN.
client.debug.press_yes()
ret = client.call_raw(messages.ButtonAck())
# Send the new PIN for the first time.
assert isinstance(ret, messages.PinMatrixRequest)
pin_encoded = client.debug.encode_pin(WIPE_CODE4)
ret = client.call_raw(messages.PinMatrixAck(pin=pin_encoded))
# Send the new PIN for the second time.
assert isinstance(ret, messages.PinMatrixRequest)
pin_encoded = client.debug.encode_pin(WIPE_CODE4)
ret = client.call_raw(messages.PinMatrixAck(pin=pin_encoded))
# The operation should fail, because the PIN must be different from the wipe code.
assert isinstance(ret, messages.Failure)
assert ret.code == messages.FailureType.ProcessError
# Check that there is no PIN protection.
client.init_device()
assert client.features.pin_protection is False
ret = client.call_raw(messages.Ping(pin_protection=True))
assert isinstance(ret, messages.Success)
def _check_wipe_code(client, wipe_code):
# Try to change the PIN to the current wipe code value. The operation should fail.
ret = client.call_raw(messages.ChangePin())
assert isinstance(ret, messages.ButtonRequest)
# Confirm intent to change PIN.
client.debug.press_yes()
ret = client.call_raw(messages.ButtonAck())
# Send current PIN.
assert isinstance(ret, messages.PinMatrixRequest)
pin_encoded = client.debug.read_pin_encoded()
ret = client.call_raw(messages.PinMatrixAck(pin=pin_encoded))
# Send the new wipe code for the first time.
assert isinstance(ret, messages.PinMatrixRequest)
wipe_code_encoded = client.debug.encode_pin(wipe_code)
ret = client.call_raw(messages.PinMatrixAck(pin=wipe_code_encoded))
# Send the new wipe code for the second time.
assert isinstance(ret, messages.PinMatrixRequest)
wipe_code_encoded = client.debug.encode_pin(wipe_code)
ret = client.call_raw(messages.PinMatrixAck(pin=wipe_code_encoded))
# Expect failure.
assert isinstance(ret, messages.Failure)
def test_change_mismatch(self, client):
features = client.call_raw(proto.Initialize())
assert features.pin_protection is True
# Let's set new PIN
ret = client.call_raw(proto.ChangePin())
assert isinstance(ret, proto.ButtonRequest)
# Press button
client.debug.press_yes()
ret = client.call_raw(proto.ButtonAck())
# Send current PIN
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = client.debug.read_pin_encoded()
ret = client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Send the PIN for first time
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = client.debug.encode_pin(PIN6)
ret = client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Send the PIN for second time, but with typo
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = client.debug.encode_pin(PIN6 + "3")
ret = client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Now it should fail, because pins are different
assert isinstance(ret, proto.Failure)
# Check that there's still old PIN protection
features = client.call_raw(proto.Initialize())
assert features.pin_protection is True
self.check_pin(client, PIN4)
def test_set_mismatch(self, client):
features = client.call_raw(proto.Initialize())
assert features.pin_protection is False
# Check that there's no PIN protection
ret = client.call_raw(proto.GetAddress())
assert isinstance(ret, proto.Address)
# Let's set new PIN
ret = client.call_raw(proto.ChangePin())
assert isinstance(ret, proto.ButtonRequest)
# Press button
client.debug.press_yes()
ret = client.call_raw(proto.ButtonAck())
# Send the PIN for first time
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = client.debug.encode_pin(PIN6)
ret = client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Send the PIN for second time, but with typo
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = client.debug.encode_pin(PIN4)
ret = client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Now it should fail, because pins are different
assert isinstance(ret, proto.Failure)
# Check that there's still no PIN protection now
features = client.call_raw(proto.Initialize())
assert features.pin_protection is False
ret = client.call_raw(proto.GetAddress())
assert isinstance(ret, proto.Address)
def test_wipe_code_activate_legacy():
with EmulatorWrapper("legacy") as emu:
# set up device
setup_device_legacy(emu.client, PIN, WIPE_CODE)
emu.client.init_device()
device_id = emu.client.features.device_id
# Initiate Change pin process
ret = emu.client.call_raw(messages.ChangePin(remove=False))
assert isinstance(ret, messages.ButtonRequest)
emu.client.debug.press_yes()
ret = emu.client.call_raw(messages.ButtonAck())
# Enter the wipe code instead of the current PIN
assert isinstance(ret, messages.PinMatrixRequest)
wipe_code_encoded = emu.client.debug.encode_pin(WIPE_CODE)
emu.client._raw_write(messages.PinMatrixAck(pin=wipe_code_encoded))
# wait 30 seconds for emulator to shut down
# this will raise a TimeoutError if the emulator doesn't die.
emu.wait(30)
emu.start()
assert emu.client.features.initialized is False
assert emu.client.features.pin_protection is False
assert emu.client.features.wipe_code_protection is False
assert emu.client.features.device_id != device_id
def test_change_pin(self):
self.setup_mnemonic_pin_passphrase()
features = self.client.call_raw(proto.Initialize())
assert features.pin_protection is True
# Check that there's PIN protection
ret = self.client.call_raw(proto.Ping(pin_protection=True))
assert isinstance(ret, proto.PinMatrixRequest)
self.client.call_raw(proto.Cancel())
# Check current PIN value
assert self.client.debug.read_pin()[0] == self.pin4
# Let's change PIN
ret = self.client.call_raw(proto.ChangePin())
assert isinstance(ret, proto.ButtonRequest)
# Press button
self.client.debug.press_yes()
ret = self.client.call_raw(proto.ButtonAck())
# Send current PIN
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = self.client.debug.read_pin_encoded()
ret = self.client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Send new PIN for first time
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = self.client.debug.encode_pin(self.pin6)
ret = self.client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Send the PIN for second time
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = self.client.debug.encode_pin(self.pin6)
ret = self.client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Now we're done
assert isinstance(ret, proto.Success)
# Check that there's still PIN protection now
features = self.client.call_raw(proto.Initialize())
assert features.pin_protection is True
ret = self.client.call_raw(proto.Ping(pin_protection=True))
assert isinstance(ret, proto.PinMatrixRequest)
self.client.call_raw(proto.Cancel())
# Check that the PIN is correct
assert self.client.debug.read_pin()[0] == self.pin6
def test_change_pin(self, client):
features = client.call_raw(proto.Initialize())
assert features.pin_protection is True
# Check that there's PIN protection
ret = client.call_raw(proto.GetAddress())
assert isinstance(ret, proto.PinMatrixRequest)
client.call_raw(proto.Cancel())
# Check current PIN value
self.check_pin(client, PIN4)
# Let's change PIN
ret = client.call_raw(proto.ChangePin())
assert isinstance(ret, proto.ButtonRequest)
# Press button
client.debug.press_yes()
ret = client.call_raw(proto.ButtonAck())
# Send current PIN
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = client.debug.read_pin_encoded()
ret = client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Send new PIN for first time
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = client.debug.encode_pin(PIN6)
ret = client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Send the PIN for second time
assert isinstance(ret, proto.PinMatrixRequest)
pin_encoded = client.debug.encode_pin(PIN6)
ret = client.call_raw(proto.PinMatrixAck(pin=pin_encoded))
# Now we're done
assert isinstance(ret, proto.Success)
# Check that there's still PIN protection now
features = client.call_raw(proto.Initialize())
assert features.pin_protection is True
# Check that the PIN is correct
self.check_pin(client, PIN6)
def test_set_invalid(client, invalid_pin):
assert client.features.pin_protection is False
# Let's set an invalid PIN
ret = client.call_raw(messages.ChangePin())
assert isinstance(ret, messages.ButtonRequest)
# Press button
client.debug.press_yes()
ret = client.call_raw(messages.ButtonAck())
# Send a PIN containing an invalid digit
assert isinstance(ret, messages.PinMatrixRequest)
ret = client.call_raw(messages.PinMatrixAck(pin=invalid_pin))
# Ensure the invalid PIN is detected
assert isinstance(ret, messages.Failure)
# Check that there's still no PIN protection now
client.init_device()
assert client.features.pin_protection is False
_check_no_pin(client)
def test_remove_invalid(self, client, invalid_pin):
features = client.call_raw(proto.Initialize())
assert features.pin_protection is True
# Let's change the PIN
ret = client.call_raw(proto.ChangePin(remove=True))
assert isinstance(ret, proto.ButtonRequest)
# Press button
client.debug.press_yes()
ret = client.call_raw(proto.ButtonAck())
# Instead of the old PIN, send a PIN containing an invalid digit
assert isinstance(ret, proto.PinMatrixRequest)
ret = client.call_raw(proto.PinMatrixAck(pin=invalid_pin))
# Ensure the invalid PIN is detected
assert isinstance(ret, proto.Failure)
# Check that there's still old PIN protection
features = client.call_raw(proto.Initialize())
assert features.pin_protection is True
self.check_pin(client, PIN4)
def test_wipe_code_activate(client):
import time
device_id = client.features.device_id
# Set wipe code.
with client:
client.set_expected_responses(
[messages.ButtonRequest()] * 5 +
[messages.Success(), messages.Features()])
client.set_input_flow(
_input_flow_set_wipe_code(client.debug, PIN4, WIPE_CODE4))
device.change_wipe_code(client)
# Try to change the PIN.
ret = client.call_raw(messages.ChangePin(remove=False))
# Confirm change PIN.
assert isinstance(ret, messages.ButtonRequest)
client.debug.press_yes()
ret = client.call_raw(messages.ButtonAck())
# Enter the wipe code instead of the current PIN
assert ret == messages.ButtonRequest(code=messages.ButtonRequestType.Other)
client.debug.input(WIPE_CODE4)
client._raw_write(messages.ButtonAck())
# Allow the device to display wipe code popup and restart.
time.sleep(7)
# Check that the device has been wiped.
client.init_device()
assert client.features.initialized is False
assert client.features.pin_protection is False
assert client.features.wipe_code_protection is False
assert client.features.device_id != device_id
def test_set_invalid(self, client, invalid_pin):
features = client.call_raw(proto.Initialize())
assert features.pin_protection is False
# Let's set an invalid PIN
ret = client.call_raw(proto.ChangePin())
assert isinstance(ret, proto.ButtonRequest)
# Press button
client.debug.press_yes()
ret = client.call_raw(proto.ButtonAck())
# Send a PIN containing an invalid digit
assert isinstance(ret, proto.PinMatrixRequest)
ret = client.call_raw(proto.PinMatrixAck(pin=invalid_pin))
# Ensure the invalid PIN is detected
assert isinstance(ret, proto.Failure)
# Check that there's still no PIN protection now
features = client.call_raw(proto.Initialize())
assert features.pin_protection is False
ret = client.call_raw(proto.GetAddress())
assert isinstance(ret, proto.Address)