keepassxc/tests/TestYkChallengeResponseKey.cpp

/*
 *  Copyright (C) 2014 Kyle Manna <kyle@kylemanna.com>
 *  Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>
 *
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation, either version 2 or (at your option)
 *  version 3 of the License.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

#include "TestYkChallengeResponseKey.h"

#include "core/Tools.h"
#include "crypto/Crypto.h"
#include "keys/ChallengeResponseKey.h"

#include <QCryptographicHash>
#include <QSignalSpy>
#include <QTest>

QTEST_GUILESS_MAIN(TestYubiKeyChallengeResponse)

void TestYubiKeyChallengeResponse::initTestCase()
{
    // crypto subsystem needs to be initialized for YubiKey testing
    QVERIFY(Crypto::init());

    if (!YubiKey::instance()->isInitialized()) {
        QSKIP("Unable to initialize YubiKey interface.");
    }
}

void TestYubiKeyChallengeResponse::testDetectDevices()
{
    YubiKey::instance()->findValidKeys();

    // Look at the information retrieved from the key(s)
    const auto foundKeys = YubiKey::instance()->foundKeys();
    for (auto i = foundKeys.cbegin(); i != foundKeys.cend(); ++i) {
        const auto& displayName = i.value();
        QVERIFY(displayName.contains("Challenge-Response - Slot") || displayName.contains("Configured Slot -"));
        QVERIFY(displayName.contains(QString::number(i.key().first)));
        QVERIFY(displayName.contains(QString::number(i.key().second)));
    }
}

/**
 * Secret key for the YubiKey slot used by the unit test is
 * 1c e3 0f d7 8d 20 dc fa 40 b5 0c 18 77 9a fb 0f 02 28 8d b7
 * This secret can be on either slot but must be passive.
 */
void TestYubiKeyChallengeResponse::testKeyChallenge()
{
    auto keys = YubiKey::instance()->foundKeys().keys();
    if (keys.isEmpty()) {
        QSKIP("No YubiKey devices were detected.");
    }

    // Find a key that is configured in passive mode
    bool wouldBlock = false;
    YubiKeySlot pKey(0, 0);
    for (auto key : keys) {
        if (YubiKey::instance()->testChallenge(key, &wouldBlock) && !wouldBlock) {
            pKey = key;
            break;
        }
        Tools::wait(100);
    }

    if (pKey.first == 0) {
        /* Testing active mode in unit tests is unreasonable */
        QSKIP("No YubiKey contains a slot in passive mode.");
    }

    QScopedPointer<ChallengeResponseKey> key(new ChallengeResponseKey(pKey));

    QByteArray ba("UnitTest");
    QVERIFY(key->challenge(ba));
    QCOMPARE(key->rawKey().size(), 20);
    auto hash = QString(QCryptographicHash::hash(key->rawKey(), QCryptographicHash::Sha256).toHex());
    QCOMPARE(hash, QString("2f7802c7112c301303526e7737b54d546c905076dca6e9538edf761a2264cd70"));
}
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00			`/*`
			`* Copyright (C) 2014 Kyle Manna <kyle@kylemanna.com>`
Update and fix copyright headers 2017-06-09 21:40:36 +00:00			`* Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00			`*`
			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation, either version 2 or (at your option)`
			`* version 3 of the License.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*/`

			`#include "TestYkChallengeResponseKey.h"`
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869 2020-04-06 12:42:20 +00:00
			`#include "core/Tools.h"`
Move useful QTest template specializations to global header file Fix KDBX test linker errors on Windows 2018-01-24 12:22:20 +00:00			`#include "crypto/Crypto.h"`
Fix challenge-response key data after Botan * Fix #6420 * Refactor Challenge-Response key files to be more streamlined. Added a test to confirm raw key data is accurate. 2021-04-23 03:07:49 +00:00			`#include "keys/ChallengeResponseKey.h"`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00
Fix challenge-response key data after Botan * Fix #6420 * Refactor Challenge-Response key files to be more streamlined. Added a test to confirm raw key data is accurate. 2021-04-23 03:07:49 +00:00			`#include <QCryptographicHash>`
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869 2020-04-06 12:42:20 +00:00			`#include <QSignalSpy>`
Optimize includes across code base 2021-07-12 02:10:29 +00:00			`#include <QTest>`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869 2020-04-06 12:42:20 +00:00			`QTEST_GUILESS_MAIN(TestYubiKeyChallengeResponse)`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869 2020-04-06 12:42:20 +00:00			`void TestYubiKeyChallengeResponse::initTestCase()`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00			`{`
Fix warnings about Crypto already having been initialized 2017-02-24 20:00:48 +00:00			`// crypto subsystem needs to be initialized for YubiKey testing`
			`QVERIFY(Crypto::init());`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869 2020-04-06 12:42:20 +00:00			`if (!YubiKey::instance()->isInitialized()) {`
			`QSKIP("Unable to initialize YubiKey interface.");`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00			`}`
			`}`

Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869 2020-04-06 12:42:20 +00:00			`void TestYubiKeyChallengeResponse::testDetectDevices()`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00			`{`
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869 2020-04-06 12:42:20 +00:00			`YubiKey::instance()->findValidKeys();`

			`// Look at the information retrieved from the key(s)`
Automatically detect USB device changes 2023-12-10 18:48:43 +00:00			`const auto foundKeys = YubiKey::instance()->foundKeys();`
			`for (auto i = foundKeys.cbegin(); i != foundKeys.cend(); ++i) {`
			`const auto& displayName = i.value();`
Fix challenge-response key data after Botan * Fix #6420 * Refactor Challenge-Response key files to be more streamlined. Added a test to confirm raw key data is accurate. 2021-04-23 03:07:49 +00:00			`QVERIFY(displayName.contains("Challenge-Response - Slot") \|\| displayName.contains("Configured Slot -"));`
Automatically detect USB device changes 2023-12-10 18:48:43 +00:00			`QVERIFY(displayName.contains(QString::number(i.key().first)));`
			`QVERIFY(displayName.contains(QString::number(i.key().second)));`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00			`}`
			`}`

Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869 2020-04-06 12:42:20 +00:00			`/**`
			`* Secret key for the YubiKey slot used by the unit test is`
			`* 1c e3 0f d7 8d 20 dc fa 40 b5 0c 18 77 9a fb 0f 02 28 8d b7`
			`* This secret can be on either slot but must be passive.`
			`*/`
			`void TestYubiKeyChallengeResponse::testKeyChallenge()`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00			`{`
Automatically detect USB device changes 2023-12-10 18:48:43 +00:00			`auto keys = YubiKey::instance()->foundKeys().keys();`
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869 2020-04-06 12:42:20 +00:00			`if (keys.isEmpty()) {`
			`QSKIP("No YubiKey devices were detected.");`
			`}`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869 2020-04-06 12:42:20 +00:00			`// Find a key that is configured in passive mode`
			`bool wouldBlock = false;`
			`YubiKeySlot pKey(0, 0);`
			`for (auto key : keys) {`
			`if (YubiKey::instance()->testChallenge(key, &wouldBlock) && !wouldBlock) {`
			`pKey = key;`
			`break;`
			`}`
			`Tools::wait(100);`
Add braces around single line statements * Ran clang-tidy with "readability-braces-around-statements" to find missing braces around statements. 2020-01-08 03:06:31 +00:00			`}`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869 2020-04-06 12:42:20 +00:00			`if (pKey.first == 0) {`
			`/* Testing active mode in unit tests is unreasonable */`
			`QSKIP("No YubiKey contains a slot in passive mode.");`
Add braces around single line statements * Ran clang-tidy with "readability-braces-around-statements" to find missing braces around statements. 2020-01-08 03:06:31 +00:00			`}`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00
Fix challenge-response key data after Botan * Fix #6420 * Refactor Challenge-Response key files to be more streamlined. Added a test to confirm raw key data is accurate. 2021-04-23 03:07:49 +00:00			`QScopedPointer<ChallengeResponseKey> key(new ChallengeResponseKey(pKey));`
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869 2020-04-06 12:42:20 +00:00
			`QByteArray ba("UnitTest");`
			`QVERIFY(key->challenge(ba));`
Fix challenge-response key data after Botan * Fix #6420 * Refactor Challenge-Response key files to be more streamlined. Added a test to confirm raw key data is accurate. 2021-04-23 03:07:49 +00:00			`QCOMPARE(key->rawKey().size(), 20);`
			`auto hash = QString(QCryptographicHash::hash(key->rawKey(), QCryptographicHash::Sha256).toHex());`
			`QCOMPARE(hash, QString("2f7802c7112c301303526e7737b54d546c905076dca6e9538edf761a2264cd70"));`
tests: Add YubiKey Tests * Basic testing for YubiKey code. Signed-off-by: Kyle Manna <kyle@kylemanna.com> 2014-05-26 07:46:41 +00:00			`}`