d-bis/app-ethereum
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Ragger tests

Browse Source
This commit is contained in:
Alexandre Paillier
2024-06-24 18:05:24 +02:00
parent e474a1c390
commit f1eab34f52
245 changed files with 142 additions and 171 deletions
Download Patch File Download Diff File Expand all files Collapse all files

206
tests/ragger/test_blind_sign.py
View File

@@ -1,5 +1,6 @@
from pathlib import Path
import json
from typing import Optional
import pytest
from web3 import Web3
@@ -18,15 +19,17 @@ from client.utils import recover_transaction
BIP32_PATH = "m/44'/60'/0'/0/0"
DEVICE_ADDR: Optional[bytes] = None
# Token approval, would require loading the "internal plugin" &
# providing the token metadata from the CAL
def test_blind_sign(firmware: Firmware,
backend: BackendInterface,
navigator: Navigator,
default_screenshot_path: Path):
app_client = EthAppClient(backend)
# TODO: do one test with nonce display
@pytest.fixture(name="sign", params=[True, False])
def sign_fixture(request) -> bool:
return request.param
def common_tx_params() -> dict:
with open(f"{ABIS_FOLDER}/erc20.json", encoding="utf-8") as file:
contract = Web3().eth.contract(
abi=json.load(file),
@@ -37,7 +40,7 @@ def test_blind_sign(firmware: Firmware,
bytes.fromhex("000000000022d473030f116ddee9f6b43ac78ba3"),
Web3.to_wei("2", "ether")
])
tx_params = {
return {
"nonce": 235,
"maxFeePerGas": Web3.to_wei(100, "gwei"),
"maxPriorityFeePerGas": Web3.to_wei(10, "gwei"),
@@ -47,21 +50,91 @@ def test_blind_sign(firmware: Firmware,
"data": data,
"chainId": 1
}
with pytest.raises(ExceptionRAPDU) as e:
with app_client.sign(BIP32_PATH, tx_params):
pass
assert e.value.status == StatusWord.INVALID_DATA
moves = []
if firmware.device.startswith("nano"):
if firmware.device == "nanos":
moves += [NavInsID.RIGHT_CLICK]
moves += [NavInsID.BOTH_CLICK]
# Token approval, would require loading the "internal plugin" &
# providing the token metadata from the CAL
def test_blind_sign(firmware: Firmware,
backend: BackendInterface,
navigator: Navigator,
default_screenshot_path: Path,
test_name: str,
sign: bool):
global DEVICE_ADDR
app_client = EthAppClient(backend)
if DEVICE_ADDR is None:
with app_client.get_public_addr(bip32_path=BIP32_PATH, display=False):
pass
_, DEVICE_ADDR, _ = ResponseParser.pk_addr(app_client.response().data)
tx_params = common_tx_params()
try:
with app_client.sign(BIP32_PATH, tx_params):
if sign:
test_name += "_signed"
else:
test_name += "_rejected"
moves = []
if firmware.device.startswith("nano"):
if firmware.device == "nanos":
moves += [NavInsID.RIGHT_CLICK] * 2
else:
moves += [NavInsID.RIGHT_CLICK] * 4
if not sign:
moves += [NavInsID.RIGHT_CLICK]
moves += [NavInsID.BOTH_CLICK]
if sign:
if firmware.device == "nanos":
moves += [NavInsID.RIGHT_CLICK] * 10
else:
moves += [NavInsID.RIGHT_CLICK] * 6
moves += [NavInsID.BOTH_CLICK]
else:
if sign:
moves += [NavInsID.USE_CASE_CHOICE_REJECT]
moves += [NavInsID.USE_CASE_CHOICE_CONFIRM]
moves += [NavInsID.USE_CASE_REVIEW_TAP] * 3
moves += [NavInsID.USE_CASE_REVIEW_CONFIRM]
else:
moves += [NavInsID.USE_CASE_CHOICE_CONFIRM]
navigator.navigate_and_compare(default_screenshot_path,
test_name,
moves)
except ExceptionRAPDU as e:
assert e.status == StatusWord.INVALID_DATA
else:
moves += [NavInsID.USE_CASE_CHOICE_CONFIRM]
navigator.navigate_and_compare(default_screenshot_path,
"blind-signed_approval",
moves)
assert sign is True
# verify signature
vrs = ResponseParser.signature(app_client.response().data)
addr = recover_transaction(tx_params, vrs)
assert addr == DEVICE_ADDR
def test_blind_sign_reject_in_risk_review(firmware: Firmware,
backend: BackendInterface,
navigator: Navigator,
default_screenshot_path: Path,
test_name: str):
app_client = EthAppClient(backend)
if firmware.device not in ["stax", "flex"]:
pytest.skip("Not supported on non-NBGL apps")
try:
with app_client.sign(BIP32_PATH, common_tx_params()):
moves = [NavInsID.USE_CASE_CHOICE_REJECT] * 2
navigator.navigate_and_compare(default_screenshot_path,
test_name,
moves)
except ExceptionRAPDU as e:
assert e.status == StatusWord.INVALID_DATA
else:
assert False # Should have thrown
# Token approval, would require loading the "internal plugin" &
@@ -72,65 +145,56 @@ def test_sign_parameter_selector(firmware: Firmware,
scenario_navigator: NavigateWithScenario,
test_name: str,
default_screenshot_path: Path):
global DEVICE_ADDR
app_client = EthAppClient(backend)
with app_client.get_public_addr(bip32_path=BIP32_PATH, display=False):
pass
_, DEVICE_ADDR, _ = ResponseParser.pk_addr(app_client.response().data)
if DEVICE_ADDR is None:
with app_client.get_public_addr(bip32_path=BIP32_PATH, display=False):
pass
_, DEVICE_ADDR, _ = ResponseParser.pk_addr(app_client.response().data)
with open(f"{ABIS_FOLDER}/erc20.json", encoding="utf-8") as file:
abi = json.load(file)
contract_name = "approve"
count = 0
for elt in abi:
if elt["name"] == contract_name:
count = len(elt["inputs"])
break
assert count == 2, "Invalid inputs number"
tx_params = {
"nonce": 235,
"maxFeePerGas": Web3.to_wei(100, "gwei"),
"maxPriorityFeePerGas": Web3.to_wei(10, "gwei"),
"gas": 44001,
# Maker: Dai Stablecoin
"to": bytes.fromhex("6b175474e89094c44da98b954eedeac495271d0f"),
"data": Web3().eth.contract(abi=abi).encodeABI(contract_name, [
# Uniswap Protocol: Permit2
bytes.fromhex("000000000022d473030f116ddee9f6b43ac78ba3"),
Web3.to_wei("2", "ether")
]),
"chainId": 1
}
settings_toggle(firmware, navigator, [SettingID.DEBUG_DATA, SettingID.BLIND_SIGNING])
settings_toggle(firmware, navigator, [SettingID.DEBUG_DATA])
tx_params = common_tx_params()
data_len = len(bytes.fromhex(tx_params["data"][2:]))
# selector
flows = 1
data_len -= 4
# parameters
flows += data_len // 32
with app_client.sign(BIP32_PATH, tx_params):
moves = []
if firmware.device.startswith("nano"):
end_text = "Approve"
nav_inst = NavInsID.RIGHT_CLICK
valid_instr = [NavInsID.BOTH_CLICK]
else:
end_text = "Confirm"
nav_inst = NavInsID.USE_CASE_REVIEW_TAP
valid_instr = [NavInsID.USE_CASE_REVIEW_CONFIRM]
if firmware.device == "nanos":
moves += [NavInsID.RIGHT_CLICK] * 2 + [NavInsID.BOTH_CLICK]
# Parameters on Nano S are split on multiple pages, hardcoded because the two parameters don't use the
# same amount of pages because of non-monospace fonts
moves += [NavInsID.RIGHT_CLICK] * 4 + [NavInsID.BOTH_CLICK]
moves += [NavInsID.RIGHT_CLICK] * 3 + [NavInsID.BOTH_CLICK]
else:
moves += ([NavInsID.RIGHT_CLICK] * 2 + [NavInsID.BOTH_CLICK]) * flows
# Loop for "Selector" + the contract inputs
for step in range(count + 1):
navigator.navigate_until_text_and_compare(nav_inst,
valid_instr,
end_text,
default_screenshot_path,
f"{test_name}/step_{step}",
screen_change_after_last_instruction=False)
step +=1
if firmware.device == "nanos":
moves += [NavInsID.RIGHT_CLICK] * 2
else:
moves += [NavInsID.RIGHT_CLICK] * 4
moves += [NavInsID.BOTH_CLICK]
# Transaction review
if firmware.device.startswith("nano"):
end_text = "Accept"
if firmware.device == "nanos":
pass
moves += [NavInsID.RIGHT_CLICK] * 9
else:
moves += [NavInsID.RIGHT_CLICK] * 5
moves += [NavInsID.BOTH_CLICK]
else:
end_text = "Sign"
scenario_navigator.review_approve(default_screenshot_path, f"{test_name}/step_{step}", end_text)
moves += ([NavInsID.USE_CASE_REVIEW_TAP] * 2 + [NavInsID.USE_CASE_REVIEW_CONFIRM]) * flows
moves += [NavInsID.USE_CASE_CHOICE_REJECT]
moves += [NavInsID.USE_CASE_CHOICE_CONFIRM]
moves += [NavInsID.USE_CASE_REVIEW_TAP] * 3
moves += [NavInsID.USE_CASE_REVIEW_CONFIRM]
navigator.navigate_and_compare(default_screenshot_path,
test_name,
moves)
# verify signature
vrs = ResponseParser.signature(app_client.response().data)