More tests (3).

tests/openpgp_card.py

@@ -102,6 +102,37 @@ class OpenPGP_Card(object):
                 passwd_new = b""
             return self.cmd_change_reference_data(who, passwd_old + passwd_new)
 
+    # Higher layer SETUP_RESET_CODE possibly using KDF Data Object
+    def setup_reset_code(self, resetcode):
+        if self.__kdf_iters:
+            salt = self.__kdf_salt_user
+            if self.__kdf_salt_reset:
+                    salt = self.__kdf_salt_user
+            reset_hash = kdf_calc(resetcode, salt, self.__kdf_iters)
+            return self.cmd_put_data(0x00, 0xd3, reset_hash)
+        else:
+            return self.cmd_put_data(0x00, 0xd3, resetcode)
+
+    # Higher layer reset passwd possibly using KDF Data Object
+    def reset_passwd_by_resetcode(self, resetcode, pw1):
+        if self.__kdf_iters:
+            salt = self.__kdf_salt_user
+            if self.__kdf_salt_reset:
+                    salt = self.__kdf_salt_user
+            reset_hash = kdf_calc(resetcode, salt, self.__kdf_iters)
+            pw1_hash = kdf_calc(pw1, self.__kdf_salt_user, self.__kdf_iters)
+            return self.cmd_reset_retry_counter(0, 0x81, reset_hash + pw1_hash)
+        else:
+            return self.cmd_reset_retry_counter(0, 0x81, resetcode + pw1)
+
+    # Higher layer reset passwd possibly using KDF Data Object
+    def reset_passwd_by_admin(self, pw1):
+        if self.__kdf_iters:
+            pw1_hash = kdf_calc(pw1, self.__kdf_salt_user, self.__kdf_iters)
+            return self.cmd_reset_retry_counter(2, 0x81, pw1_hash)
+        else:
+            return self.cmd_reset_retry_counter(2, 0x81, pw1)
+
     def cmd_get_response(self, expected_len):
         result = b""
         while True:

tests/test_001_personalize_card.py

@@ -32,7 +32,7 @@ def test_setup_pw3_0(card):
     assert r
 
 def test_verify_pw3_0(card):
-    v = card.cmd_verify(3, PW3_TEST0)
+    v = card.verify(3, PW3_TEST0)
     assert v
 
 def test_login_put(card):
@@ -158,11 +158,11 @@ def test_setup_pw1_0(card):
     assert r
 
 def test_verify_pw1_0(card):
-    v = card.cmd_verify(1, PW1_TEST0)
+    v = card.verify(1, PW1_TEST0)
     assert v
 
 def test_verify_pw1_0_2(card):
-    v = card.cmd_verify(2, PW1_TEST0)
+    v = card.verify(2, PW1_TEST0)
     assert v
 
 def test_setup_pw1_1(card):
@@ -170,27 +170,27 @@ def test_setup_pw1_1(card):
     assert r
 
 def test_verify_pw1_1(card):
-    v = card.cmd_verify(1, PW1_TEST1)
+    v = card.verify(1, PW1_TEST1)
     assert v
 
 def test_verify_pw1_1_2(card):
-    v = card.cmd_verify(2, PW1_TEST1)
+    v = card.verify(2, PW1_TEST1)
     assert v
 
 def test_setup_reset_code(card):
-    r = card.cmd_put_data(0x00, 0xd3, RESETCODE_TEST)
+    r = card.setup_reset_code(RESETCODE_TEST)
     assert r
 
 def test_reset_code(card):
-    r = card.cmd_reset_retry_counter(0, 0x81, RESETCODE_TEST + PW1_TEST2)
+    r = card.reset_passwd_by_resetcode(RESETCODE_TEST, PW1_TEST2)
     assert r
 
 def test_verify_pw1_2(card):
-    v = card.cmd_verify(1, PW1_TEST2)
+    v = card.verify(1, PW1_TEST2)
     assert v
 
 def test_verify_pw1_2_2(card):
-    v = card.cmd_verify(2, PW1_TEST2)
+    v = card.verify(2, PW1_TEST2)
     assert v
 
 def test_setup_pw3_1(card):
@@ -198,19 +198,19 @@ def test_setup_pw3_1(card):
     assert r
 
 def test_verify_pw3_1(card):
-    v = card.cmd_verify(3, PW3_TEST1)
+    v = card.verify(3, PW3_TEST1)
     assert v
 
 def test_reset_userpass_admin(card):
-    r = card.cmd_reset_retry_counter(2, 0x81, PW1_TEST3)
+    r = card.reset_passwd_by_admin(PW1_TEST3)
     assert r
 
 def test_verify_pw1_3(card):
-    v = card.cmd_verify(1, PW1_TEST3)
+    v = card.verify(1, PW1_TEST3)
     assert v
 
 def test_verify_pw1_3_2(card):
-    v = card.cmd_verify(2, PW1_TEST3)
+    v = card.verify(2, PW1_TEST3)
     assert v
 
 def test_setup_pw1_4(card):
@@ -218,11 +218,11 @@ def test_setup_pw1_4(card):
     assert r
 
 def test_verify_pw1_4(card):
-    v = card.cmd_verify(1, PW1_TEST4)
+    v = card.verify(1, PW1_TEST4)
     assert v
 
 def test_verify_pw1_4_2(card):
-    v = card.cmd_verify(2, PW1_TEST4)
+    v = card.verify(2, PW1_TEST4)
     assert v
 
 def test_setup_pw3_2(card):
@@ -230,7 +230,7 @@ def test_setup_pw3_2(card):
     assert r
 
 def test_verify_pw3_2(card):
-    v = card.cmd_verify(3, PW3_TEST0)
+    v = card.verify(3, PW3_TEST0)
     assert v
 
 def test_sign_0(card):

tests/test_002_personalize_reset.py

@@ -57,23 +57,23 @@ def test_pw1_status_put(card):
     assert r
 
 def test_setup_pw3_0(card):
-    r = card.cmd_change_reference_data(3, PW3_TEST0 + FACTORY_PASSPHRASE_PW3)
+    r = card.change_passwd(3, PW3_TEST0, FACTORY_PASSPHRASE_PW3)
     assert r
 
 def test_verify_pw3_0(card):
-    v = card.cmd_verify(3, FACTORY_PASSPHRASE_PW3)
+    v = card.verify(3, FACTORY_PASSPHRASE_PW3)
     assert v
 
 def test_setup_pw1_0(card):
-    r = card.cmd_change_reference_data(1, PW1_TEST4 + FACTORY_PASSPHRASE_PW1)
+    r = card.change_passwd(1, PW1_TEST4, FACTORY_PASSPHRASE_PW1)
     assert r
 
 def test_verify_pw1_0(card):
-    v = card.cmd_verify(1, FACTORY_PASSPHRASE_PW1)
+    v = card.verify(1, FACTORY_PASSPHRASE_PW1)
     assert v
 
 def test_verify_pw1_0_2(card):
-    v = card.cmd_verify(2, FACTORY_PASSPHRASE_PW1)
+    v = card.verify(2, FACTORY_PASSPHRASE_PW1)
     assert v
 
 def test_setup_reset_code(card):

tests/test_004_reset_pw3.py

@@ -28,14 +28,14 @@ def test_setup_pw3_null(card):
     assert r
 
 def test_verify_pw3(card):
-    v = card.cmd_verify(3, FACTORY_PASSPHRASE_PW3)
+    v = card.verify(3, FACTORY_PASSPHRASE_PW3)
     assert v
 
 # Check PW1 again to see the possiblity of admin-less mode
 def test_verify_pw1(card):
-    v = card.cmd_verify(1, FACTORY_PASSPHRASE_PW1)
+    v = card.verify(1, FACTORY_PASSPHRASE_PW1)
     assert v
 
 def test_verify_pw1_2(card):
-    v = card.cmd_verify(2, FACTORY_PASSPHRASE_PW1)
+    v = card.verify(2, FACTORY_PASSPHRASE_PW1)
     assert v

tests/test_007_kdf_full.py

@@ -1,5 +1,5 @@
 """
-test_007_kdf.py - test KDF data object
+test_007_kdf_full.py - test KDF data object
 
 Copyright (C) 2018  g10 Code GmbH
 Author: NIIBE Yutaka <gniibe@fsij.org>
@@ -23,7 +23,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 from card_const import *
 from constants_for_test import *
 
-def test_verify_pw3_0(card):
+def test_verify_pw3(card):
     v = card.verify(3, FACTORY_PASSPHRASE_PW3)
     assert v
 
@@ -32,27 +32,3 @@ def test_kdf_put_full(card):
     if r:
         card.configure_with_kdf()
     assert r
-
-def test_verify_pw3_1(card):
-    v = card.verify(3, FACTORY_PASSPHRASE_PW3)
-    assert v
-
-def test_kdf_put_single(card):
-    r = card.cmd_put_data(0x00, 0xf9, KDF_SINGLE)
-    if r:
-        card.configure_with_kdf()
-    assert r
-
-def test_verify_pw3_2(card):
-    v = card.verify(3, FACTORY_PASSPHRASE_PW3)
-    assert v
-
-def test_kdf_put_none(card):
-    r = card.cmd_put_data(0x00, 0xf9, b"")
-    if r:
-        card.configure_with_kdf()
-    assert r
-
-def test_verify_pw3_3(card):
-    v = card.verify(3, FACTORY_PASSPHRASE_PW3)
-    assert v

tests/test_008_personalize_card.py

@@ -0,0 +1 @@
+test_001_personalize_card.py

tests/test_009_personalize_reset.py

@@ -0,0 +1 @@
+test_002_personalize_reset.py

tests/test_010_remove_keys.py

@@ -0,0 +1 @@
+test_003_remove_keys.py

tests/test_011_reset_pw3.py

@@ -0,0 +1 @@
+test_004_reset_pw3.py

tests/test_012_kdf_single.py

@@ -0,0 +1,34 @@
+"""
+test_012_kdf_single.py - test KDF data object
+
+Copyright (C) 2018  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from card_const import *
+from constants_for_test import *
+
+def test_verify_pw3(card):
+    v = card.verify(3, FACTORY_PASSPHRASE_PW3)
+    assert v
+
+def test_kdf_put_single(card):
+    r = card.cmd_put_data(0x00, 0xf9, KDF_SINGLE)
+    if r:
+        card.configure_with_kdf()
+    assert r

tests/test_013_personalize_card.py

@@ -0,0 +1 @@
+test_001_personalize_card.py

tests/test_014_personalize_reset.py

@@ -0,0 +1 @@
+test_002_personalize_reset.py

tests/test_015_remove_keys.py

@@ -0,0 +1 @@
+test_003_remove_keys.py

tests/test_016_reset_pw3.py

@@ -0,0 +1 @@
+test_004_reset_pw3.py

tests/test_017_kdf_none.py

@@ -0,0 +1,38 @@
+"""
+test_017_kdf_none.py - test KDF data object
+
+Copyright (C) 2018  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from card_const import *
+from constants_for_test import *
+
+def test_verify_pw3(card):
+    v = card.verify(3, FACTORY_PASSPHRASE_PW3)
+    assert v
+
+def test_kdf_put_none(card):
+    r = card.cmd_put_data(0x00, 0xf9, b"")
+    if r:
+        card.configure_with_kdf()
+    assert r
+
+def test_verify_pw3_1(card):
+    v = card.verify(3, FACTORY_PASSPHRASE_PW3)
+    assert v