forked from LedgerHQ/app-flow
-
Notifications
You must be signed in to change notification settings - Fork 2
/
test_pubkey_cmd.py
148 lines (115 loc) · 5.02 KB
/
test_pubkey_cmd.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
import pytest
from application_client.flow_command_sender import FlowCommandSender, Errors, HashType
from application_client.flow_response_unpacker import unpack_get_public_key_response
from ragger.bip import calculate_public_key_and_chaincode, CurveChoice
from ragger.error import ExceptionRAPDU
from ragger.conftest.configuration import OPTIONAL
from utils import util_check_pub_key, util_set_slot, util_set_expert_mode, util_navigate
def test_get_public_key_no_confirm(backend):
""" Check the GET_PUBLIC_KEY in non-confirmation mode """
# Use the app interface instead of raw interface
client = FlowCommandSender(backend)
# Test parameters
path_list = [
"m/44'/539'/0'/0/0",
"m/44'/539'/0'/0/2147483647",
"m/44'/539'/2147483647'/0/0",
"m/44'/539'/2147483647'/0/2147483647",
"m/44'/539'/513'/0/0",
"m/44'/539'/769'/0/0",
"m/44'/1'/769/0/0",
"m/44'/1'/769/0/2147483647",
]
curve_list = [
CurveChoice.Secp256k1,
CurveChoice.Nist256p1,
]
# Send the APDU and check the results
for path in path_list:
for curve in curve_list:
_ = util_check_pub_key(client, path, curve)
def test_get_public_key_slot(firmware, backend, navigator, test_name):
""" Check the GET_PUBLIC_KEY in non-confirmation mode with slot """
# Use the app interface instead of raw interface
client = FlowCommandSender(backend)
# Test parameters
slot = 0
curve0 = CurveChoice.Secp256k1
curve1 = CurveChoice.Nist256p1
address = "e467b9dd11fa00de"
path0 = "m/44'/539'/513'/0/0"
path1 = "m/44'/539'/513'/0/1"
# Send the APDU and check the results
# Call get_public_key when slot is empty
_ = util_check_pub_key(client, path0, curve0)
part = 0
# Set_slot to some other path
util_set_slot(client, firmware, navigator, f"{test_name}/part{part}", slot, curve0, HashType.HASH_SHA2, address, path1)
# Call get_public_key for different path values
path_list = [path0, path1]
for path in path_list:
_ = util_check_pub_key(client, path, curve0)
# Call get_public_key for other path - but hashes do not match - does not matter
_ = util_check_pub_key(client, path1, curve0, HashType.HASH_SHA3)
# Call get_public_key for other path - but curves do not match - warning
_ = util_check_pub_key(client, path1, curve1)
# Clean Slot
part += 1
util_set_slot(client, firmware, navigator, f"{test_name}/part{part}", slot)
class Test_EXPERT():
def test_get_public_key_expert(self, firmware, backend, navigator, test_name):
""" Check the GET_PUBLIC_KEY in non-confirmation mode with expert mode """
# Use the app interface instead of raw interface
client = FlowCommandSender(backend)
# Test parameters
test_cfg = [
{
"curve": CurveChoice.Secp256k1,
"hash": HashType.HASH_SHA2,
},
{
"curve": CurveChoice.Nist256p1,
"hash": HashType.HASH_SHA3,
},
]
path = "m/44'/539'/513'/0/0"
# Navigate in the main menu to change to expert mode
util_set_expert_mode(firmware, navigator, test_name)
# Send the APDU and check the results
for cfg in test_cfg:
_ = util_check_pub_key(client, path, cfg["curve"], cfg["hash"])
def test_get_public_key_confirm_accepted(firmware, backend, navigator, test_name):
""" Check the GET_PUBLIC_KEY in confirmation mode when user accepts """
# Use the app interface instead of raw interface
client = FlowCommandSender(backend)
# Test parameters
path = "m/44'/539'/0'/0/0"
curve = CurveChoice.Secp256k1
hash_t = HashType.HASH_SHA2
# Send the APDU (Asynchronous)
with client.get_public_key_with_confirmation(path, curve, hash_t):
util_navigate(firmware, navigator, test_name, "APPROVE_PUBKEY")
# Check the status (Asynchronous)
response = client.get_async_response()
assert response.status == Errors.SW_SUCCESS
# Parse the response
public_key = unpack_get_public_key_response(response.data)
# Compute the reference data
ref_public_key, _ = calculate_public_key_and_chaincode(curve, path, OPTIONAL.CUSTOM_SEED)
# Check expected value
assert public_key == ref_public_key
def test_get_public_key_confirm_refused(firmware, backend, navigator, test_name):
""" Check the GET_PUBLIC_KEY in confirmation mode when user refuses """
# Use the app interface instead of raw interface
client = FlowCommandSender(backend)
# Test parameters
path = "m/44'/1'/0'/0/0"
curve = CurveChoice.Secp256k1
hash_t = HashType.HASH_SHA2
# Send the APDU (Asynchronous)
with pytest.raises(ExceptionRAPDU) as err:
with client.get_public_key_with_confirmation(path, curve, hash_t):
util_navigate(firmware, navigator, test_name, "REJECT_PUBKEY")
# Assert we have received a refusal
assert err.value.status == Errors.SW_COMMAND_NOT_ALLOWED
assert len(err.value.data) == 0