keepassxc

1
/*
2
 *  Copyright (C) 2014 Kyle Manna <kyle@kylemanna.com>
3
 *  Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>
4
 *
5
 *
6
 *  This program is free software: you can redistribute it and/or modify
7
 *  it under the terms of the GNU General Public License as published by
8
 *  the Free Software Foundation, either version 2 or (at your option)
9
 *  version 3 of the License.
10
 *
11
 *  This program is distributed in the hope that it will be useful,
12
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
13
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14
 *  GNU General Public License for more details.
15
 *
16
 *  You should have received a copy of the GNU General Public License
17
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
18
 */
19

20
#include "TestYkChallengeResponseKey.h"
21

22
#include "core/Tools.h"
23
#include "crypto/Crypto.h"
24
#include "keys/ChallengeResponseKey.h"
25

26
#include <QCryptographicHash>
27
#include <QSignalSpy>
28
#include <QTest>
29

30
QTEST_GUILESS_MAIN(TestYubiKeyChallengeResponse)
31

32
void TestYubiKeyChallengeResponse::initTestCase()
33
{
34
    // crypto subsystem needs to be initialized for YubiKey testing
35
    QVERIFY(Crypto::init());
36

37
    if (!YubiKey::instance()->isInitialized()) {
38
        QSKIP("Unable to initialize YubiKey interface.");
39
    }
40
}
41

42
void TestYubiKeyChallengeResponse::testDetectDevices()
43
{
44
    YubiKey::instance()->findValidKeys();
45

46
    // Look at the information retrieved from the key(s)
47
    const auto foundKeys = YubiKey::instance()->foundKeys();
48
    for (auto i = foundKeys.cbegin(); i != foundKeys.cend(); ++i) {
49
        const auto& displayName = i.value();
50
        QVERIFY(displayName.contains("Challenge-Response - Slot") || displayName.contains("Configured Slot -"));
51
        QVERIFY(displayName.contains(QString::number(i.key().first)));
52
        QVERIFY(displayName.contains(QString::number(i.key().second)));
53
    }
54
}
55

56
/**
57
 * Secret key for the YubiKey slot used by the unit test is
58
 * 1c e3 0f d7 8d 20 dc fa 40 b5 0c 18 77 9a fb 0f 02 28 8d b7
59
 * This secret can be on either slot but must be passive.
60
 */
61
void TestYubiKeyChallengeResponse::testKeyChallenge()
62
{
63
    auto keys = YubiKey::instance()->foundKeys().keys();
64
    if (keys.isEmpty()) {
65
        QSKIP("No YubiKey devices were detected.");
66
    }
67

68
    // Find a key that is configured in passive mode
69
    bool wouldBlock = false;
70
    YubiKeySlot pKey(0, 0);
71
    for (auto key : keys) {
72
        if (YubiKey::instance()->testChallenge(key, &wouldBlock) && !wouldBlock) {
73
            pKey = key;
74
            break;
75
        }
76
        Tools::wait(100);
77
    }
78

79
    if (pKey.first == 0) {
80
        /* Testing active mode in unit tests is unreasonable */
81
        QSKIP("No YubiKey contains a slot in passive mode.");
82
    }
83

84
    QScopedPointer<ChallengeResponseKey> key(new ChallengeResponseKey(pKey));
85

86
    QByteArray ba("UnitTest");
87
    QVERIFY(key->challenge(ba));
88
    QCOMPARE(key->rawKey().size(), 20);
89
    auto hash = QString(QCryptographicHash::hash(key->rawKey(), QCryptographicHash::Sha256).toHex());
90
    QCOMPARE(hash, QString("2f7802c7112c301303526e7737b54d546c905076dca6e9538edf761a2264cd70"));
91
}
92