diff --git a/ChangeLog b/ChangeLog index 9b1750e..db283fa 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ 2012-07-05 Niibe Yutaka + More tests. + * test/*: Add tests for admin-less mode. + * test/features/990_reset_passphrase.feature: This is now for + admin-less mode. + * test/features/970_key_removal.feature: Ditto. + * src/openpgp.c (cmd_change_password): Call ac_reset_admin when admin-less mode. (cmd_reset_user_password): Likewise. diff --git a/test/features/370_key_removal.feature b/test/features/370_key_removal.feature new file mode 100644 index 0000000..5f89bc1 --- /dev/null +++ b/test/features/370_key_removal.feature @@ -0,0 +1,39 @@ +Feature: key removal + In order to use a token + A token should have keys + + Scenario: remove OPENPGP.1 key (sign) + When removing a key OPENPGP.1 + Then it should get success + + Scenario: remove OPENPGP.2 key (decrypt) + When removing a key OPENPGP.2 + Then it should get success + + Scenario: remove OPENPGP.3 key (authentication) + When removing a key OPENPGP.3 + Then it should get success + + Scenario: remove data object Finger print sig + Given cmd_put_data with c7 and "" + Then it should get success + + Scenario: remove data object Finger print dec + Given cmd_put_data with c8 and "" + Then it should get success + + Scenario: remove data object Finger print aut + Given cmd_put_data with c9 and "" + Then it should get success + + Scenario: remove data object keygeneration data/time sig + Given cmd_put_data with ce and "" + Then it should get success + + Scenario: remove data object keygeneration data/time dec + Given cmd_put_data with cf and "" + Then it should get success + + Scenario: remove data object keygeneration data/time aut + Given cmd_put_data with d0 and "" + Then it should get success diff --git a/test/features/380_personalization_reset.feature b/test/features/380_personalization_reset.feature new file mode 100644 index 0000000..51a3430 --- /dev/null +++ b/test/features/380_personalization_reset.feature @@ -0,0 +1,27 @@ +Feature: removal of data objects + In order to use a token + A token should have personalized data + + Scenario: remove data object Login + Given cmd_put_data with 5e and "" + Then it should get success + + Scenario: remove data object Name + Given cmd_put_data with 5b and "" + Then it should get success + + Scenario: remove data object Language preference + Given cmd_put_data with 5f2d and "" + Then it should get success + + Scenario: remove data object Sex + Given cmd_put_data with 5f35 and "" + Then it should get success + + Scenario: remove data object URL + Given cmd_put_data with 5f50 and "" + Then it should get success + + Scenario: remove data object pw1 status bytes + Given cmd_put_data with c4 and "\x00" + Then it should get success diff --git a/test/features/390_reset_passphrase.feature b/test/features/390_reset_passphrase.feature new file mode 100644 index 0000000..853c515 --- /dev/null +++ b/test/features/390_reset_passphrase.feature @@ -0,0 +1,7 @@ +Feature: reset pass phrase + In order to conform OpenPGP card 2.0 specification + A token should support pass phrase: PW1, PW3 and reset code + + Scenario: setup PW3 (admin-full mode) + Given cmd_change_reference_data with 3 and "admin pass phrase" + Then it should get success diff --git a/test/features/400_empty_check.feature b/test/features/400_empty_check.feature new file mode 100644 index 0000000..4f4d35e --- /dev/null +++ b/test/features/400_empty_check.feature @@ -0,0 +1,79 @@ +Feature: confirm empty token + In order to start tests + A token should be empty (no data, no keys) + + Scenario: data object Login + When requesting login data: 5e + Then you should get NULL + + Scenario: data object Name + When requesting name: 5b + Then you should get NULL + + Scenario: data object Language preference + When requesting anguage preference: 5f2d + Then you should get NULL + + Scenario: data object Sex + When requesting sex: 5f35 + Then you should get NULL + + Scenario: data object URL + When requesting URL: 5f50 + Then you should get NULL + + Scenario: data object ds counter + When requesting ds counter: 93 + Then you should get: \x00\x00\x00 + + Scenario: data object pw1 status bytes + When requesting pw1 status bytes: c4 + Then you should get: \x00\x7f\x7f\x7f\x03\x03\x03 + + Scenario: data object finger print 0 + When requesting finger print: c5 + Then you should get: \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 + + Scenario: data object finger print 1 + When requesting finger print: c7 + Then you should get NULL + + Scenario: data object finger print 2 + When requesting finger print: c8 + Then you should get NULL + + Scenario: data object finger print 3 + When requesting finger print: c9 + Then you should get NULL + + Scenario: data object CA finger print 0 + When requesting finger print: c6 + Then you should get: \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 + + Scenario: data object CA finger print 1 + When requesting finger print: ca + Then you should get NULL + + Scenario: data object CA finger print 2 + When requesting finger print: cb + Then you should get NULL + + Scenario: data object CA finger print 3 + When requesting finger print: cc + Then you should get NULL + + Scenario: data object date/time of key pair 0 + When requesting date/time of key pair: cd + Then you should get: \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 + + Scenario: data object date/time of key pair 1 + When requesting date/time of key pair: ce + Then you should get NULL + + Scenario: data object date/time of key pair 2 + When requesting date/time of key pair: cf + Then you should get NULL + + Scenario: data object date/time of key pair 3 + When requesting date/time of key pair: d0 + Then you should get NULL diff --git a/test/features/401_empty_check_passphrase.feature b/test/features/401_empty_check_passphrase.feature new file mode 100644 index 0000000..f026b08 --- /dev/null +++ b/test/features/401_empty_check_passphrase.feature @@ -0,0 +1,15 @@ +Feature: confirm empty token + In order to start tests + A token should be empty (no pass phrase) + + Scenario: verify PW1 factory setting (1) + Given cmd_verify with 1 and "123456" + Then it should get success + + Scenario: verify PW1 factory setting (2) + Given cmd_verify with 2 and "123456" + Then it should get success + + Scenario: verify PW3 factory setting + Given cmd_verify with 3 and "12345678" + Then it should get success diff --git a/test/features/402_get_data_static.feature b/test/features/402_get_data_static.feature new file mode 100644 index 0000000..9de7425 --- /dev/null +++ b/test/features/402_get_data_static.feature @@ -0,0 +1,27 @@ +Feature: command GET DATA + In order to conform OpenPGP card 2.0 specification + A token should support all mandatory features of the specification + + Scenario: data object historical bytes + When requesting historical bytes: 5f52 + Then you should get: \x00\x31\x84\x73\x80\x01\x80\x00\x90\x00 + + Scenario: data object extended capabilities + When requesting extended capabilities: c0 + Then you should get: \x30\x00\x00\x00\x00\x00\x00\xff\x01\x00 + + Scenario: data object algorithm attributes 1 + When requesting algorithm attributes 1: c1 + Then you should get: \x01\x08\x00\x00\x20\x00 + + Scenario: data object algorithm attributes 2 + When requesting algorithm attributes 2: c2 + Then you should get: \x01\x08\x00\x00\x20\x00 + + Scenario: data object algorithm attributes 3 + When requesting algorighm attributes 3: c3 + Then you should get: \x01\x08\x00\x00\x20\x00 + + Scenario: data object AID + When requesting AID: 4f + Then data should match: \xd2\x76\x00\x01\x24\x01\x02\x00......\x00\x00 diff --git a/test/features/410_setup_passphrase.feature b/test/features/410_setup_passphrase.feature new file mode 100644 index 0000000..5ac2543 --- /dev/null +++ b/test/features/410_setup_passphrase.feature @@ -0,0 +1,55 @@ +Feature: setup pass phrase + In order to conform OpenPGP card 2.0 specification + A token should support pass phrase: PW1, PW3 and reset code + + Scenario: setup PW1 (admin-less mode) + Given cmd_change_reference_data with 1 and "123456user pass phrase" + Then it should get success + + Scenario: verify PW1 (1) + Given cmd_verify with 1 and "user pass phrase" + Then it should get success + + Scenario: verify PW1 (2) + Given cmd_verify with 2 and "user pass phrase" + Then it should get success + + Scenario: verify PW3 (admin-less mode) + Given cmd_verify with 3 and "user pass phrase" + Then it should get success + + Scenario: setup reset code (in admin-less mode) + Given cmd_put_data with d3 and "example reset code 000" + Then it should get success + + Scenario: reset pass phrase by reset code (in admin-less mode) + Given cmd_reset_retry_counter with 0 and "example reset code 000new user pass phrase" + Then it should get success + + Scenario: verify PW1 (1) again + Given cmd_verify with 1 and "new user pass phrase" + Then it should get success + + Scenario: verify PW1 (2) again + Given cmd_verify with 2 and "new user pass phrase" + Then it should get success + + Scenario: verify PW3 (admin-less mode) again + Given cmd_verify with 3 and "new user pass phrase" + Then it should get success + + Scenario: change PW1 + Given cmd_change_reference_data with 1 and "new user pass phraseanother user pass phrase" + Then it should get success + + Scenario: verify PW1 (1) again + Given cmd_verify with 1 and "another user pass phrase" + Then it should get success + + Scenario: verify PW1 (2) again + Given cmd_verify with 2 and "another user pass phrase" + Then it should get success + + Scenario: verify PW3 (admin-less mode) again + Given cmd_verify with 3 and "another user pass phrase" + Then it should get success diff --git a/test/features/420_personalization_write.feature b/test/features/420_personalization_write.feature new file mode 100644 index 0000000..2fdd387 --- /dev/null +++ b/test/features/420_personalization_write.feature @@ -0,0 +1,27 @@ +Feature: personalize token write + In order to use a token + A token should be personalized with name, sex, url, etc. + + Scenario: data object Login + Given cmd_put_data with 5e and "gpg_user" + Then it should get success + + Scenario: data object Name + Given cmd_put_data with 5b and "GnuPG User" + Then it should get success + + Scenario: data object Language preference + Given cmd_put_data with 5f2d and "ja" + Then it should get success + + Scenario: data object Sex + Given cmd_put_data with 5f35 and "1" + Then it should get success + + Scenario: data object URL + Given cmd_put_data with 5f50 and "http://www.fsij.org/gnuk/" + Then it should get success + + Scenario: data object pw1 status bytes + Given cmd_put_data with c4 and "\x01" + Then it should get success diff --git a/test/features/421_personalization_read.feature b/test/features/421_personalization_read.feature new file mode 100644 index 0000000..5f0f972 --- /dev/null +++ b/test/features/421_personalization_read.feature @@ -0,0 +1,27 @@ +Feature: personalize token read + In order to use a token + A token should be personalized with name, sex, url, etc. + + Scenario: data object Login + When requesting login data: 5e + Then you should get: gpg_user + + Scenario: data object Name + When requesting name: 5b + Then you should get: GnuPG User + + Scenario: data object Language preference + When requesting anguage preference: 5f2d + Then you should get: ja + + Scenario: data object Sex + When requesting sex: 5f35 + Then you should get: 1 + + Scenario: data object URL + When requesting URL: 5f50 + Then you should get: http://www.fsij.org/gnuk/ + + Scenario: data object pw1 status bytes + When requesting pw1 status bytes: c4 + Then you should get: \x01\x7f\x7f\x7f\x03\x03\x03 diff --git a/test/features/430_key_registration.feature b/test/features/430_key_registration.feature new file mode 100644 index 0000000..4381307 --- /dev/null +++ b/test/features/430_key_registration.feature @@ -0,0 +1,56 @@ +Feature: import keys to token + In order to use a token + A token should have keys + + Scenario: importing OPENPGP.1 key (sign) + Given a RSA key pair 0 + And importing it to the token as OPENPGP.1 + Then it should get success + + Scenario: importing OPENPGP.2 key (decrypt) + Given a RSA key pair 1 + And importing it to the token as OPENPGP.2 + Then it should get success + + Scenario: importing OPENPGP.3 key (authentication) + Given a RSA key pair 2 + And importing it to the token as OPENPGP.3 + Then it should get success + + Scenario: setup data object Finger print sig + Given a fingerprint of OPENPGP.1 key + And put the data to c7 + Then it should get success + + Scenario: setup data object Finger print dec + Given a fingerprint of OPENPGP.2 key + And put the data to c8 + Then it should get success + + Scenario: setup data object Finger print aut + Given a fingerprint of OPENPGP.3 key + And put the data to c9 + Then it should get success + + Scenario: setup data object keygeneration data/time sig + Given a timestamp of OPENPGP.1 key + And put the data to ce + Then it should get success + + Scenario: setup data object keygeneration data/time dec + Given a timestamp of OPENPGP.2 key + And put the data to cf + Then it should get success + + Scenario: setup data object keygeneration data/time aut + Given a timestamp of OPENPGP.3 key + And put the data to d0 + Then it should get success + + Scenario: verify PW1 (1) again + Given cmd_verify with 1 and "another user pass phrase" + Then it should get success + + Scenario: verify PW1 (2) again + Given cmd_verify with 2 and "another user pass phrase" + Then it should get success diff --git a/test/features/440_passphrase_change.feature b/test/features/440_passphrase_change.feature new file mode 100644 index 0000000..9f567e6 --- /dev/null +++ b/test/features/440_passphrase_change.feature @@ -0,0 +1,51 @@ +Feature: change pass phrase + In order to conform OpenPGP card 2.0 specification + A token should support pass phrase: PW1, PW3 and reset code + + Scenario: change PW1 (in admin-less mode) + Given cmd_change_reference_data with 1 and "another user pass phrasePASSPHRASE SHOULD BE LONG" + Then it should get success + + Scenario: verify PW1 (1) again + Given cmd_verify with 1 and "PASSPHRASE SHOULD BE LONG" + Then it should get success + + Scenario: verify PW1 (2) again + Given cmd_verify with 2 and "PASSPHRASE SHOULD BE LONG" + Then it should get success + + Scenario: verify PW3 (admin-less mode) + Given cmd_verify with 3 and "PASSPHRASE SHOULD BE LONG" + Then it should get success + + Scenario: setup reset code again (in admin-less mode) + Given cmd_put_data with d3 and "example reset code 000" + Then it should get success + + Scenario: reset pass phrase by reset code (in admin-less mode) + Given cmd_reset_retry_counter with 0 and "example reset code 000new user pass phrase" + Then it should get success + + Scenario: verify PW1 (1) again + Given cmd_verify with 1 and "new user pass phrase" + Then it should get success + + Scenario: verify PW1 (2) again + Given cmd_verify with 2 and "new user pass phrase" + Then it should get success + + Scenario: change PW1 + Given cmd_change_reference_data with 1 and "new user pass phraseanother user pass phrase" + Then it should get success + + Scenario: verify PW1 (1) again + Given cmd_verify with 1 and "another user pass phrase" + Then it should get success + + Scenario: verify PW1 (2) again + Given cmd_verify with 2 and "another user pass phrase" + Then it should get success + + Scenario: verify PW3 (admin-less mode) + Given cmd_verify with 3 and "another user pass phrase" + Then it should get success diff --git a/test/features/500_compute_signature.feature b/test/features/500_compute_signature.feature new file mode 100644 index 0000000..67fcbcc --- /dev/null +++ b/test/features/500_compute_signature.feature @@ -0,0 +1,31 @@ +Feature: compute digital signature + In order to use a token + A token should compute digital signature properly + + Scenario: compute digital signature by OPENPGP.1 key (1) + Given a message "This is a test message." + And let a token compute digital signature + And compute digital signature on host with RSA key pair 0 + Then results should be same + + Scenario: compute digital signature by OPENPGP.1 key (2) + Given a message "This is another test message.\nMultiple lines.\n" + And let a token compute digital signature + And compute digital signature on host with RSA key pair 0 + Then results should be same + + Scenario: compute digital signature by OPENPGP.3 key (1) + Given a message "This is a test message." + And let a token authenticate + And compute digital signature on host with RSA key pair 2 + Then results should be same + + Scenario: compute digital signature by OPENPGP.3 key (2) + Given a message "This is another test message.\nMultiple lines.\n" + And let a token authenticate + And compute digital signature on host with RSA key pair 2 + Then results should be same + + Scenario: data object ds counter + When requesting ds counter: 93 + Then you should get: \x00\x00\x02 diff --git a/test/features/501_decryption.feature b/test/features/501_decryption.feature new file mode 100644 index 0000000..1985dee --- /dev/null +++ b/test/features/501_decryption.feature @@ -0,0 +1,16 @@ +Feature: decryption + In order to use a token + A token should decrypt encrypted data + + Scenario: decrypt by OPENPGP.2 key (1) + Given a plain text "This is a test message." + And encrypt it on host with RSA key pair 1 + And let a token decrypt encrypted data + Then decrypted data should be same as a plain text + + Scenario: decrypt by OPENPGP.2 key (2) + Given a plain text "RSA decryption is as easy as pie." + And encrypt it on host with RSA key pair 1 + And let a token decrypt encrypted data + Then decrypted data should be same as a plain text + diff --git a/test/features/600_key_removal.feature b/test/features/600_key_removal.feature new file mode 100644 index 0000000..2bcf353 --- /dev/null +++ b/test/features/600_key_removal.feature @@ -0,0 +1,44 @@ +@keygen +Feature: key removal + In order to use a token + A token should have keys + + Scenario: remove OPENPGP.1 key (sign) + When removing a key OPENPGP.1 + Then it should get success + + Scenario: remove OPENPGP.2 key (decrypt) + When removing a key OPENPGP.2 + Then it should get success + + Scenario: remove OPENPGP.3 key (authentication) + When removing a key OPENPGP.3 + Then it should get success + + Scenario: verify PW3 (admin-less mode) + Given cmd_verify with 3 and "12345678" + Then it should get success + + Scenario: remove data object Finger print sig + Given cmd_put_data with c7 and "" + Then it should get success + + Scenario: remove data object Finger print dec + Given cmd_put_data with c8 and "" + Then it should get success + + Scenario: remove data object Finger print aut + Given cmd_put_data with c9 and "" + Then it should get success + + Scenario: remove data object keygeneration data/time sig + Given cmd_put_data with ce and "" + Then it should get success + + Scenario: remove data object keygeneration data/time dec + Given cmd_put_data with cf and "" + Then it should get success + + Scenario: remove data object keygeneration data/time aut + Given cmd_put_data with d0 and "" + Then it should get success diff --git a/test/features/601_setup_passphrase.feature b/test/features/601_setup_passphrase.feature new file mode 100644 index 0000000..476c2b0 --- /dev/null +++ b/test/features/601_setup_passphrase.feature @@ -0,0 +1,40 @@ +@keygen +Feature: setup pass phrase + In order to conform OpenPGP card 2.0 specification + A token should support pass phrase: PW1, PW3 and reset code + + Scenario: setup PW1 (admin-less mode) + Given cmd_change_reference_data with 1 and "123456user pass phrase" + Then it should get success + + Scenario: verify PW1 (1) + Given cmd_verify with 1 and "user pass phrase" + Then it should get success + + Scenario: verify PW1 (2) + Given cmd_verify with 2 and "user pass phrase" + Then it should get success + + Scenario: verify PW3 (admin-less mode) + Given cmd_verify with 3 and "user pass phrase" + Then it should get success + + Scenario: setup reset code (in admin-less mode) + Given cmd_put_data with d3 and "example reset code 000" + Then it should get success + + Scenario: reset pass phrase by reset code (in admin-less mode) + Given cmd_reset_retry_counter with 0 and "example reset code 000another user pass phrase" + Then it should get success + + Scenario: verify PW1 (1) again + Given cmd_verify with 1 and "another user pass phrase" + Then it should get success + + Scenario: verify PW1 (2) again + Given cmd_verify with 2 and "another user pass phrase" + Then it should get success + + Scenario: verify PW3 (admin-less mode) again + Given cmd_verify with 3 and "another user pass phrase" + Then it should get success diff --git a/test/features/602_keygen.feature b/test/features/602_keygen.feature new file mode 100644 index 0000000..b9c69a3 --- /dev/null +++ b/test/features/602_keygen.feature @@ -0,0 +1,30 @@ +@keygen +Feature: key generation + In order to use a token + A token should have keys + + Scenario: generate OPENPGP.1 key (sign) + When generating a key of OPENPGP.1 + And put the first data to c7 + And put the second data to ce + Then it should get success + + Scenario: generate OPENPGP.2 key (decrypt) + When generating a key of OPENPGP.2 + And put the first data to c8 + And put the second data to cf + Then it should get success + + Scenario: generate OPENPGP.3 key (authentication) + When generating a key of OPENPGP.3 + And put the first data to c9 + And put the second data to d0 + Then it should get success + + Scenario: verify PW1 (1) after keygen + Given cmd_verify with 1 and "another user pass phrase" + Then it should get success + + Scenario: verify PW1 (2) after keygen + Given cmd_verify with 2 and "another user pass phrase" + Then it should get success diff --git a/test/features/603_passphrase_change.feature b/test/features/603_passphrase_change.feature new file mode 100644 index 0000000..accb4b8 --- /dev/null +++ b/test/features/603_passphrase_change.feature @@ -0,0 +1,67 @@ +Feature: change pass phrase + In order to conform OpenPGP card 2.0 specification + A token should support pass phrase: PW1, PW3 and reset code + + Scenario: change PW1 + Given cmd_change_reference_data with 1 and "another user pass phrasePASSPHRASE SHOULD BE LONG" + Then it should get success + + Scenario: verify PW1 (1) again + Given cmd_verify with 1 and "PASSPHRASE SHOULD BE LONG" + Then it should get success + + Scenario: verify PW1 (2) again + Given cmd_verify with 2 and "PASSPHRASE SHOULD BE LONG" + Then it should get success + + Scenario: verify PW3 (admin-less mode) + Given cmd_verify with 3 and "PASSPHRASE SHOULD BE LONG" + Then it should get success + + Scenario: setup reset code again (in admin-less mode) + Given cmd_put_data with d3 and "example reset code 111" + Then it should get success + + Scenario: reset pass phrase by reset code (in admin-less mode) + Given cmd_reset_retry_counter with 0 and "example reset code 111new user pass phrase" + Then it should get success + + Scenario: verify PW1 (1) again + Given cmd_verify with 1 and "new user pass phrase" + Then it should get success + + Scenario: verify PW1 (2) again + Given cmd_verify with 2 and "new user pass phrase" + Then it should get success + + Scenario: verify PW3 (admin-less mode) + Given cmd_verify with 3 and "new user pass phrase" + Then it should get success + + Scenario: reset pass phrase by admin (in admin-less mode) + Given cmd_reset_retry_counter with 2 and "new user pass phrase" + Then it should get success + + Scenario: verify PW1 (1) again + Given cmd_verify with 1 and "new user pass phrase" + Then it should get success + + Scenario: verify PW1 (2) again + Given cmd_verify with 2 and "new user pass phrase" + Then it should get success + + Scenario: change PW1 + Given cmd_change_reference_data with 1 and "new user pass phraseanother user pass phrase" + Then it should get success + + Scenario: verify PW1 (1) again + Given cmd_verify with 1 and "another user pass phrase" + Then it should get success + + Scenario: verify PW1 (2) again + Given cmd_verify with 2 and "another user pass phrase" + Then it should get success + + Scenario: verify PW3 (admin-less mode) + Given cmd_verify with 3 and "another user pass phrase" + Then it should get success diff --git a/test/features/610_compute_signature.feature b/test/features/610_compute_signature.feature new file mode 100644 index 0000000..d7bc959 --- /dev/null +++ b/test/features/610_compute_signature.feature @@ -0,0 +1,36 @@ +@keygen +Feature: compute digital signature + In order to use a token + A token should compute digital signature properly + + Scenario: compute digital signature by OPENPGP.1 key (1) + Given a message "This is a test message." + And a public key from token for OPENPGP.1 + And let a token compute digital signature + And verify signature + Then it should get success + + Scenario: compute digital signature by OPENPGP.1 key (2) + Given a message "This is another test message.\nMultiple lines.\n" + And a public key from token for OPENPGP.1 + And let a token compute digital signature + And verify signature + Then it should get success + + Scenario: compute digital signature by OPENPGP.3 key (1) + Given a message "This is a test message." + And a public key from token for OPENPGP.3 + And let a token authenticate + And verify signature + Then it should get success + + Scenario: compute digital signature by OPENPGP.3 key (2) + Given a message "This is another test message.\nMultiple lines.\n" + And a public key from token for OPENPGP.3 + And let a token authenticate + And verify signature + Then it should get success + + Scenario: data object ds counter + When requesting ds counter: 93 + Then you should get: \x00\x00\x02 diff --git a/test/features/611_decryption.feature b/test/features/611_decryption.feature new file mode 100644 index 0000000..e1cc98c --- /dev/null +++ b/test/features/611_decryption.feature @@ -0,0 +1,19 @@ +@keygen +Feature: decryption + In order to use a token + A token should decrypt encrypted data + + Scenario: decrypt by OPENPGP.2 key (1) + Given a plain text "This is a test message." + And a public key from token for OPENPGP.2 + And encrypt it on host + And let a token decrypt encrypted data + Then decrypted data should be same as a plain text + + Scenario: decrypt by OPENPGP.2 key (2) + Given a plain text "RSA decryption is as easy as pie." + And a public key from token for OPENPGP.2 + And encrypt it on host + And let a token decrypt encrypted data + Then decrypted data should be same as a plain text + diff --git a/test/features/970_key_removal.feature b/test/features/970_key_removal.feature index 5f89bc1..a8c50b1 100644 --- a/test/features/970_key_removal.feature +++ b/test/features/970_key_removal.feature @@ -14,6 +14,10 @@ Feature: key removal When removing a key OPENPGP.3 Then it should get success + Scenario: verify PW3 (admin-less mode) + Given cmd_verify with 3 and "12345678" + Then it should get success + Scenario: remove data object Finger print sig Given cmd_put_data with c7 and "" Then it should get success diff --git a/test/features/990_reset_passphrase.feature b/test/features/990_reset_passphrase.feature index 853c515..78edf9a 100644 --- a/test/features/990_reset_passphrase.feature +++ b/test/features/990_reset_passphrase.feature @@ -1,7 +1,7 @@ -Feature: reset pass phrase +Feature: confirm factory setting pass phrase In order to conform OpenPGP card 2.0 specification A token should support pass phrase: PW1, PW3 and reset code - Scenario: setup PW3 (admin-full mode) - Given cmd_change_reference_data with 3 and "admin pass phrase" + Scenario: verify PW3 (admin-less mode) + Given cmd_verify with 3 and "12345678" Then it should get success