keepassxc/tests/TestYkChallengeResponseKey.cpp
2021-07-13 22:08:33 -04:00

95 lines
3.2 KiB
C++

/*
* Copyright (C) 2014 Kyle Manna <kyle@kylemanna.com>
* Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>
*
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 2 or (at your option)
* version 3 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "TestYkChallengeResponseKey.h"
#include "core/Tools.h"
#include "crypto/Crypto.h"
#include "keys/ChallengeResponseKey.h"
#include <QCryptographicHash>
#include <QSignalSpy>
#include <QTest>
QTEST_GUILESS_MAIN(TestYubiKeyChallengeResponse)
void TestYubiKeyChallengeResponse::initTestCase()
{
// crypto subsystem needs to be initialized for YubiKey testing
QVERIFY(Crypto::init());
if (!YubiKey::instance()->isInitialized()) {
QSKIP("Unable to initialize YubiKey interface.");
}
}
void TestYubiKeyChallengeResponse::testDetectDevices()
{
YubiKey::instance()->findValidKeys();
// Wait for the hardware to respond
QSignalSpy detected(YubiKey::instance(), SIGNAL(detectComplete(bool)));
QTRY_VERIFY_WITH_TIMEOUT(detected.count() > 0, 2000);
// Look at the information retrieved from the key(s)
for (auto key : YubiKey::instance()->foundKeys()) {
auto displayName = YubiKey::instance()->getDisplayName(key);
QVERIFY(displayName.contains("Challenge-Response - Slot") || displayName.contains("Configured Slot -"));
QVERIFY(displayName.contains(QString::number(key.first)));
QVERIFY(displayName.contains(QString::number(key.second)));
}
}
/**
* Secret key for the YubiKey slot used by the unit test is
* 1c e3 0f d7 8d 20 dc fa 40 b5 0c 18 77 9a fb 0f 02 28 8d b7
* This secret can be on either slot but must be passive.
*/
void TestYubiKeyChallengeResponse::testKeyChallenge()
{
auto keys = YubiKey::instance()->foundKeys();
if (keys.isEmpty()) {
QSKIP("No YubiKey devices were detected.");
}
// Find a key that is configured in passive mode
bool wouldBlock = false;
YubiKeySlot pKey(0, 0);
for (auto key : keys) {
if (YubiKey::instance()->testChallenge(key, &wouldBlock) && !wouldBlock) {
pKey = key;
break;
}
Tools::wait(100);
}
if (pKey.first == 0) {
/* Testing active mode in unit tests is unreasonable */
QSKIP("No YubiKey contains a slot in passive mode.");
}
QScopedPointer<ChallengeResponseKey> key(new ChallengeResponseKey(pKey));
QByteArray ba("UnitTest");
QVERIFY(key->challenge(ba));
QCOMPARE(key->rawKey().size(), 20);
auto hash = QString(QCryptographicHash::hash(key->rawKey(), QCryptographicHash::Sha256).toHex());
QCOMPARE(hash, QString("2f7802c7112c301303526e7737b54d546c905076dca6e9538edf761a2264cd70"));
}