add test

test/features/000_empty_check.feature

@@ -0,0 +1,79 @@
+Feature: confirm empty token
+  In order to start tests
+  A token should be empty (no data, no keys)
+
+  Scenario: data object Login
+     When requesting login data: 5e
+     Then you should get NULL
+
+  Scenario: data object Name
+     When requesting name: 5b
+     Then you should get NULL
+
+  Scenario: data object Language preference
+     When requesting anguage preference: 5f2d
+     Then you should get NULL
+
+  Scenario: data object Sex
+     When requesting sex: 5f35
+     Then you should get NULL
+
+  Scenario: data object URL
+     When requesting URL: 5f50
+     Then you should get NULL
+
+  Scenario: data object ds counter
+     When requesting ds counter: 93
+     Then you should get: \x00\x00\x00
+
+  Scenario: data object pw1 status bytes
+     When requesting pw1 status bytes: c4
+     Then you should get: \x00\x7f\x7f\x7f\x03\x03\x03
+
+  Scenario: data object finger print 0
+     When requesting finger print: c5
+     Then you should get: \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
+
+  Scenario: data object finger print 1
+     When requesting finger print: c7
+     Then you should get NULL
+
+  Scenario: data object finger print 2
+     When requesting finger print: c8
+     Then you should get NULL
+
+  Scenario: data object finger print 3
+     When requesting finger print: c9
+     Then you should get NULL
+
+  Scenario: data object CA finger print 0
+     When requesting finger print: c6
+     Then you should get: \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
+
+  Scenario: data object CA finger print 1
+     When requesting finger print: ca
+     Then you should get NULL
+
+  Scenario: data object CA finger print 2
+     When requesting finger print: cb
+     Then you should get NULL
+
+  Scenario: data object CA finger print 3
+     When requesting finger print: cc
+     Then you should get NULL
+
+  Scenario: data object date/time of key pair 0
+     When requesting date/time of key pair: cd
+     Then you should get: \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
+
+  Scenario: data object date/time of key pair 1
+     When requesting date/time of key pair: ce
+     Then you should get NULL
+
+  Scenario: data object date/time of key pair 2
+     When requesting date/time of key pair: cf
+     Then you should get NULL
+
+  Scenario: data object date/time of key pair 3
+     When requesting date/time of key pair: d0
+     Then you should get NULL

test/features/001_empty_check_passphrase.feature

@@ -0,0 +1,15 @@
+Feature: confirm empty token
+  In order to start tests
+  A token should be empty (no pass phrase)
+
+  Scenario: verify PW1 factory setting (1)
+     Given cmd_verify with 1 and "123456"
+     Then it should get success
+
+  Scenario: verify PW1 factory setting (2)
+     Given cmd_verify with 2 and "123456"
+     Then it should get success
+
+  Scenario: verify PW3 factory setting
+     Given cmd_verify with 3 and "12345678"
+     Then it should get success

test/features/002_get_data_static.feature

@@ -0,0 +1,27 @@
+Feature: command GET DATA
+  In order to conform OpenPGP card 2.0 specification
+  A token should support all mandatory features of the specification
+
+  Scenario: data object historical bytes
+     When requesting historical bytes: 5f52
+     Then you should get: \x00\x31\x84\x73\x80\x01\x80\x00\x90\x00
+
+  Scenario: data object extended capabilities
+     When requesting extended capabilities: c0
+     Then you should get: \x30\x00\x00\x00\x00\x00\x00\xff\x01\x00
+
+  Scenario: data object algorithm attributes 1
+     When requesting algorithm attributes 1: c1
+     Then you should get: \x01\x08\x00\x00\x20\x00
+
+  Scenario: data object algorithm attributes 2
+     When requesting algorithm attributes 2: c2
+     Then you should get: \x01\x08\x00\x00\x20\x00
+
+  Scenario: data object algorithm attributes 3
+     When requesting algorighm attributes 3: c3
+     Then you should get: \x01\x08\x00\x00\x20\x00
+
+  Scenario: data object AID
+     When requesting AID: 4f
+     Then data should match: \xd2\x76\x00\x01\x24\x01\x02\x00......\x00\x00

test/features/010_setup_passphrase.feature

@@ -0,0 +1,63 @@
+Feature: setup pass phrase
+  In order to conform OpenPGP card 2.0 specification
+  A token should support pass phrase: PW1, PW3 and reset code
+
+  Scenario: setup PW1 (admin-less mode)
+     Given cmd_change_reference_data with 1 and "123456user pass phrase"
+     Then it should get success
+
+  Scenario: verify PW1 (1)
+     Given cmd_verify with 1 and "user pass phrase"
+     Then it should get success
+
+  Scenario: verify PW1 (2)
+     Given cmd_verify with 2 and "user pass phrase"
+     Then it should get success
+
+  Scenario: verify PW3 (admin-less mode)
+     Given cmd_verify with 3 and "user pass phrase"
+     Then it should get success
+
+  Scenario: setup reset code (in admin-less mode)
+     Given cmd_put_data with d3 and "example reset code 000"
+     Then it should get success
+
+  Scenario: reset pass phrase by reset code (in admin-less mode)
+     Given cmd_reset_retry_counter with 0 and "example reset code 000new user pass phrase"
+     Then it should get success
+
+  Scenario: verify PW1 (1) again
+     Given cmd_verify with 1 and "new user pass phrase"
+     Then it should get success
+
+  Scenario: verify PW1 (2) again
+     Given cmd_verify with 2 and "new user pass phrase"
+     Then it should get success
+
+  Scenario: verify PW3 (admin-less mode) again
+     Given cmd_verify with 3 and "new user pass phrase"
+     Then it should get success
+
+  Scenario: setup PW3 (admin-full mode)
+     Given cmd_change_reference_data with 3 and "new user pass phraseadmin pass phrase"
+     Then it should get success
+
+  Scenario: verify PW3 (admin-full mode)
+     Given cmd_verify with 3 and "admin pass phrase"
+     Then it should get success
+
+  Scenario: setup reset code (in admin-full mode)
+     Given cmd_put_data with d3 and "another reset code 000"
+     Then it should get success
+
+  Scenario: reset pass phrase by reset code (in admin-full mode)
+     Given cmd_reset_retry_counter with 0 and "another reset code 000another user pass phrase"
+     Then it should get success
+
+  Scenario: verify PW1 (1) again
+     Given cmd_verify with 1 and "another user pass phrase"
+     Then it should get success
+
+  Scenario: verify PW1 (2) again
+     Given cmd_verify with 2 and "another user pass phrase"
+     Then it should get success

test/features/020_personalization_write.feature

@@ -0,0 +1,27 @@
+Feature: personalize token write
+  In order to use a token
+  A token should be personalized with name, sex, url, etc.
+
+  Scenario: data object Login
+     Given cmd_put_data with 5e and "gpg_user"
+     Then it should get success
+
+  Scenario: data object Name
+     Given cmd_put_data with 5b and "GnuPG User"
+     Then it should get success
+
+  Scenario: data object Language preference
+     Given cmd_put_data with 5f2d and "ja"
+     Then it should get success
+
+  Scenario: data object Sex
+     Given cmd_put_data with 5f35 and "1"
+     Then it should get success
+
+  Scenario: data object URL
+     Given cmd_put_data with 5f50 and "http://www.fsij.org/gnuk/"
+     Then it should get success
+
+  Scenario: data object pw1 status bytes
+     Given cmd_put_data with c4 and "\x01"
+     Then it should get success

test/features/021_personalization_read.feature

@@ -0,0 +1,27 @@
+Feature: personalize token read
+  In order to use a token
+  A token should be personalized with name, sex, url, etc.
+
+  Scenario: data object Login
+     When requesting login data: 5e
+     Then you should get: gpg_user
+
+  Scenario: data object Name
+     When requesting name: 5b
+     Then you should get: GnuPG User
+
+  Scenario: data object Language preference
+     When requesting anguage preference: 5f2d
+     Then you should get: ja
+
+  Scenario: data object Sex
+     When requesting sex: 5f35
+     Then you should get: 1
+
+  Scenario: data object URL
+     When requesting URL: 5f50
+     Then you should get: http://www.fsij.org/gnuk/
+
+  Scenario: data object pw1 status bytes
+     When requesting pw1 status bytes: c4
+     Then you should get: \x01\x7f\x7f\x7f\x03\x03\x03

test/features/030_key_registration.feature

@@ -0,0 +1,18 @@
+Feature: import keys to token 
+  In order to use a token
+  A token should have keys
+
+  Scenario: importing OPENPGP.1 key (sign)
+     Given a RSA key pair 0
+     And importing it to the token as OPENPGP.1
+     Then it should get success
+
+  Scenario: importing OPENPGP.2 key (decrypt)
+     Given a RSA key pair 1
+     And importing it to the token as OPENPGP.2
+     Then it should get success
+
+  Scenario: importing OPENPGP.3 key (authentication)
+     Given a RSA key pair 2
+     And importing it to the token as OPENPGP.3
+     Then it should get success

test/features/970_key_removal.feature

@@ -0,0 +1,39 @@
+Feature: key removal
+  In order to use a token
+  A token should have keys
+
+  Scenario: remove OPENPGP.1 key (sign)
+     When removing a key OPENPGP.1
+     Then it should get success
+
+  Scenario: remove OPENPGP.2 key (decrypt)
+     When removing a key OPENPGP.2
+     Then it should get success
+
+  Scenario: remove OPENPGP.3 key (authentication)
+     When removing a key OPENPGP.3
+     Then it should get success
+
+  Scenario: remove data object Finger print sig
+     Given cmd_put_data with c7 and ""
+     Then it should get success
+
+  Scenario: remove data object Finger print dec
+     Given cmd_put_data with c8 and ""
+     Then it should get success
+
+  Scenario: remove data object Finger print aut
+     Given cmd_put_data with c9 and ""
+     Then it should get success
+
+  Scenario: remove data object keygeneration data/time sig
+     Given cmd_put_data with ce and ""
+     Then it should get success
+
+  Scenario: remove data object keygeneration data/time dec
+     Given cmd_put_data with cf and ""
+     Then it should get success
+
+  Scenario: remove data object keygeneration data/time aut
+     Given cmd_put_data with d0 and ""
+     Then it should get success

test/features/980_personalization_reset.feature

@@ -0,0 +1,27 @@
+Feature: removal of data objects
+  In order to use a token
+  A token should have personalized data
+
+  Scenario: remove data object Login
+     Given cmd_put_data with 5e and ""
+     Then it should get success
+
+  Scenario: remove data object Name
+     Given cmd_put_data with 5b and ""
+     Then it should get success
+
+  Scenario: remove data object Language preference
+     Given cmd_put_data with 5f2d and ""
+     Then it should get success
+
+  Scenario: remove data object Sex
+     Given cmd_put_data with 5f35 and ""
+     Then it should get success
+
+  Scenario: remove data object URL
+     Given cmd_put_data with 5f50 and ""
+     Then it should get success
+
+  Scenario: remove data object pw1 status bytes
+     Given cmd_put_data with c4 and "\x00"
+     Then it should get success

test/features/990_reset_passphrase.feature

@@ -0,0 +1,7 @@
+Feature: reset pass phrase
+  In order to conform OpenPGP card 2.0 specification
+  A token should support pass phrase: PW1, PW3 and reset code
+
+  Scenario: setup PW3 (admin-full mode)
+     Given cmd_change_reference_data with 3 and "admin pass phrase"
+     Then it should get success

test/features/steps.py

@@ -0,0 +1,76 @@
+from freshen import *
+from freshen.checks import *
+from nose.tools import assert_regexp_matches
+
+import ast
+
+import gnuk
+import rsa_keys
+
+@Before
+def ini(sc):
+    if not ftc.token:
+        ftc.token = gnuk.get_gnuk_device()
+        ftc.token.cmd_select_openpgp()
+
+@Given("cmd_verify with (.*) and \"(.*)\"")
+def cmd_verify(who_str,pass_str):
+    who = int(who_str)
+    scc.result = ftc.token.cmd_verify(who, pass_str)
+
+@Given("cmd_change_reference_data with (.*) and \"(.*)\"")
+def cmd_change_reference_data(who_str,pass_str):
+    who = int(who_str)
+    scc.result = ftc.token.cmd_change_reference_data(who, pass_str)
+
+@Given("cmd_put_data with (.*) and \"(.*)\"")
+def cmd_put_data(tag_str,content_str):
+    tag = int(tag_str, 16)
+    tagh = tag >> 8
+    tagl = tag & 0xff
+    scc.result = ftc.token.cmd_put_data(tagh, tagl, content_str)
+
+@Given("cmd_reset_retry_counter with (.*) and \"(.*)\"")
+def cmd_reset_retry_counter(how_str, data):
+    how = int(how_str)
+    scc.result = ftc.token.cmd_reset_retry_counter(how, data)
+
+@Given("a RSA key pair (.*)")
+def set_rsa_key(keyno_str):
+    scc.keyno = int(keyno_str)
+
+@Given("importing it to the token as OPENPGP.(.*)")
+def import_key(openpgp_keyno_str):
+    openpgp_keyno = int(openpgp_keyno_str)
+    t = rsa_keys.build_privkey_template(openpgp_keyno, scc.keyno)
+    scc.result = ftc.token.cmd_put_data_odd(0x3f, 0xff, t)
+
+@When("requesting (.+): ([0-9a-fA-F]+)")
+def get_data(name, tag_str):
+    tag = int(tag_str, 16)
+    tagh = tag >> 8
+    tagl = tag & 0xff
+    scc.result = ftc.token.cmd_get_data(tagh, tagl)
+
+@When("removing a key OPENPGP.(.*)")
+def remove_key(openpgp_keyno_str):
+    openpgp_keyno = int(openpgp_keyno_str)
+    t = rsa_keys.build_privkey_template_for_remove(openpgp_keyno)
+    scc.result = ftc.token.cmd_put_data_odd(0x3f, 0xff, t)
+
+@Then("you should get: (.*)")
+def check_result(v):
+    value = ast.literal_eval("'" + v + "'")
+    assert_equal(scc.result, value)
+
+@Then("it should get success")
+def check_success():
+    assert_equal(scc.result, True)
+
+@Then("you should get NULL")
+def check_null():
+    assert_equal(scc.result, "")
+
+@Then("data should match: (.*)")
+def check_regexp(re):
+    assert_regexp_matches(scc.result, re)