mirror of
https://github.com/keepassxreboot/keepassxc.git
synced 2024-10-01 01:26:01 -04:00
fd0bdaae80
* Fix #6420 * Refactor Challenge-Response key files to be more streamlined. Added a test to confirm raw key data is accurate.
96 lines
3.2 KiB
C++
96 lines
3.2 KiB
C++
/*
|
|
* Copyright (C) 2014 Kyle Manna <kyle@kylemanna.com>
|
|
* Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>
|
|
*
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 2 or (at your option)
|
|
* version 3 of the License.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#include "TestYkChallengeResponseKey.h"
|
|
#include "TestGlobal.h"
|
|
|
|
#include "core/Tools.h"
|
|
#include "crypto/Crypto.h"
|
|
#include "keys/ChallengeResponseKey.h"
|
|
|
|
#include <QCryptographicHash>
|
|
#include <QScopedPointer>
|
|
#include <QSignalSpy>
|
|
|
|
QTEST_GUILESS_MAIN(TestYubiKeyChallengeResponse)
|
|
|
|
void TestYubiKeyChallengeResponse::initTestCase()
|
|
{
|
|
// crypto subsystem needs to be initialized for YubiKey testing
|
|
QVERIFY(Crypto::init());
|
|
|
|
if (!YubiKey::instance()->isInitialized()) {
|
|
QSKIP("Unable to initialize YubiKey interface.");
|
|
}
|
|
}
|
|
|
|
void TestYubiKeyChallengeResponse::testDetectDevices()
|
|
{
|
|
YubiKey::instance()->findValidKeys();
|
|
|
|
// Wait for the hardware to respond
|
|
QSignalSpy detected(YubiKey::instance(), SIGNAL(detectComplete(bool)));
|
|
QTRY_VERIFY_WITH_TIMEOUT(detected.count() > 0, 2000);
|
|
|
|
// Look at the information retrieved from the key(s)
|
|
for (auto key : YubiKey::instance()->foundKeys()) {
|
|
auto displayName = YubiKey::instance()->getDisplayName(key);
|
|
QVERIFY(displayName.contains("Challenge-Response - Slot") || displayName.contains("Configured Slot -"));
|
|
QVERIFY(displayName.contains(QString::number(key.first)));
|
|
QVERIFY(displayName.contains(QString::number(key.second)));
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Secret key for the YubiKey slot used by the unit test is
|
|
* 1c e3 0f d7 8d 20 dc fa 40 b5 0c 18 77 9a fb 0f 02 28 8d b7
|
|
* This secret can be on either slot but must be passive.
|
|
*/
|
|
void TestYubiKeyChallengeResponse::testKeyChallenge()
|
|
{
|
|
auto keys = YubiKey::instance()->foundKeys();
|
|
if (keys.isEmpty()) {
|
|
QSKIP("No YubiKey devices were detected.");
|
|
}
|
|
|
|
// Find a key that is configured in passive mode
|
|
bool wouldBlock = false;
|
|
YubiKeySlot pKey(0, 0);
|
|
for (auto key : keys) {
|
|
if (YubiKey::instance()->testChallenge(key, &wouldBlock) && !wouldBlock) {
|
|
pKey = key;
|
|
break;
|
|
}
|
|
Tools::wait(100);
|
|
}
|
|
|
|
if (pKey.first == 0) {
|
|
/* Testing active mode in unit tests is unreasonable */
|
|
QSKIP("No YubiKey contains a slot in passive mode.");
|
|
}
|
|
|
|
QScopedPointer<ChallengeResponseKey> key(new ChallengeResponseKey(pKey));
|
|
|
|
QByteArray ba("UnitTest");
|
|
QVERIFY(key->challenge(ba));
|
|
QCOMPARE(key->rawKey().size(), 20);
|
|
auto hash = QString(QCryptographicHash::hash(key->rawKey(), QCryptographicHash::Sha256).toHex());
|
|
QCOMPARE(hash, QString("2f7802c7112c301303526e7737b54d546c905076dca6e9538edf761a2264cd70"));
|
|
}
|