keystor: port fixtures tests to Rust

Rust tests are easier to maintain than C tests.

Author: benma

src/rust/bitbox02-sys/build.rs

@@ -73,6 +73,7 @@ const ALLOWLIST_FNS: &[&str] = &[
     "keystore_encrypt_and_store_seed",
     "keystore_get_bip39_word",
     "keystore_get_ed25519_seed",
+    "keystore_get_u2f_seed",
     "keystore_is_locked",
     "keystore_lock",
     "keystore_mock_unlocked",

src/rust/bitbox02/src/keystore.rs

@@ -319,6 +319,16 @@ pub fn get_ed25519_seed() -> Result<zeroize::Zeroizing<Vec<u8>>, ()> {
     }
 }
 
+// Currently only used in the functional tests below.
+#[cfg(feature = "testing")]
+pub fn get_u2f_seed() -> Result<zeroize::Zeroizing<Vec<u8>>, ()> {
+    let mut seed = zeroize::Zeroizing::new([0u8; 32].to_vec());
+    match unsafe { bitbox02_sys::keystore_get_u2f_seed(seed.as_mut_ptr()) } {
+        true => Ok(seed),
+        false => Err(()),
+    }
+}
+
 pub fn secp256k1_schnorr_sign(
     keypath: &[u32],
     msg: &[u8; 32],
@@ -347,6 +357,7 @@ pub fn secp256k1_schnorr_sign(
 mod tests {
     use super::*;
     use crate::testing::{mock_memory, mock_unlocked, mock_unlocked_using_mnemonic};
+    use alloc::string::ToString;
     use util::bip32::HARDENED;
 
     #[test]
@@ -519,4 +530,80 @@ mod tests {
             ));
         }
     }
+
+    #[test]
+    fn test_fixtures() {
+        struct Test {
+            seed_len: usize,
+            mnemonic_passphrase: &'static str,
+            expected_mnemonic: &'static str,
+            expected_xpub: &'static str,
+            expected_u2f_seed_hex: &'static str,
+        }
+        let seed = hex::decode("cb33c20cea62a5c277527e2002da82e6e2b37450a755143a540a54cea8da9044")
+            .unwrap();
+
+        let tests = [
+            Test {
+                seed_len: 32,
+                mnemonic_passphrase: "",
+                expected_mnemonic: "sleep own lobster state clean thrive tail exist cactus bitter pass soccer clinic riot dream turkey before sport action praise tunnel hood donate man",
+                expected_xpub: "xpub6Cj6NNCGj2CRPHvkuEG1rbW3nrNCAnLjaoTg1P67FCGoahSsbg9WQ7YaMEEP83QDxt2kZ3hTPAPpGdyEZcfAC1C75HfR66UbjpAb39f4PnG",
+                expected_u2f_seed_hex: "4f464a6667ad88eebcd0f02982761e474ee0dd16253160320f49d1d6681745e9",
+            },
+            Test {
+                seed_len: 32,
+                mnemonic_passphrase: "abc",
+                expected_mnemonic: "sleep own lobster state clean thrive tail exist cactus bitter pass soccer clinic riot dream turkey before sport action praise tunnel hood donate man",
+                expected_xpub: "xpub6DXBP3HhFdhUTafatEULxfTXUUxDVuCxfa9RAiBU5r6aRgKiABbeBDyqwWWjmKPP1BZvpvVNMbVR5LeHzhQphtLcPZ8jk3MdLBgc2sACJwR",
+                expected_u2f_seed_hex: "d599da991ad83baaf449c789e2dff1539dd66983b47a1dec1c00ff3f352cccbc",
+            },
+            Test {
+                seed_len: 24,
+                mnemonic_passphrase: "",
+                expected_mnemonic: "sleep own lobster state clean thrive tail exist cactus bitter pass soccer clinic riot dream turkey before subject",
+                expected_xpub: "xpub6C7fKxGtTzEVxCC22U2VHx4GpaVy77DzU6KdZ1CLuHgoUGviBMWDc62uoQVxqcRa5RQbMPnffjpwxve18BG81VJhJDXnSpRe5NGKwVpXiAb",
+                expected_u2f_seed_hex: "fb9dc3fb0a17390776df5c3d8f9261bc5fd5df9f00414cee1393e37e0efda7ef",
+            },
+            Test {
+                seed_len: 16,
+                mnemonic_passphrase: "",
+                expected_mnemonic: "sleep own lobster state clean thrive tail exist cactus bitter pass sniff",
+                expected_xpub: "xpub6DLvpzjKpJ8k4xYrWYPmZQkUe9dkG1eRig2v6Jz4iYgo8hcpHWx87gGoCGDaB2cHFZ3ExUfe1jDiMu7Ch6gA4ULCBhvwZj29mHCPYSux3YV",
+                expected_u2f_seed_hex: "20d68b206aff9667b623a460ce61fc94762de67561d6855ca9a6df7b409b2a54",
+            },
+        ];
+
+        for test in tests {
+            mock_memory();
+            lock();
+            let seed = &seed[..test.seed_len];
+            assert!(unlock_bip39(test.mnemonic_passphrase).is_err());
+            assert!(encrypt_and_store_seed(seed, "foo").is_ok());
+            assert!(unlock_bip39(test.mnemonic_passphrase).is_err());
+            assert!(is_locked());
+            assert!(unlock("foo").is_ok());
+            assert!(is_locked());
+            assert!(unlock_bip39(test.mnemonic_passphrase).is_ok());
+            assert!(!is_locked());
+            assert_eq!(
+                bip39_mnemonic_from_seed(&copy_seed().unwrap())
+                    .unwrap()
+                    .as_str(),
+                test.expected_mnemonic,
+            );
+            let keypath = &[44 + HARDENED, 0 + HARDENED, 0 + HARDENED];
+            let encoded_xpub = encode_xpub_at_keypath(keypath).unwrap();
+            assert_eq!(
+                bitcoin::bip32::Xpub::decode(&encoded_xpub)
+                    .unwrap()
+                    .to_string(),
+                test.expected_xpub,
+            );
+            assert_eq!(
+                hex::encode(get_u2f_seed().unwrap()),
+                test.expected_u2f_seed_hex,
+            );
+        }
+    }
 }

test/unit-test/CMakeLists.txt

@@ -232,8 +232,6 @@ set(TEST_LIST
    "-Wl,--wrap=secp256k1_anti_exfil_sign,--wrap=memory_is_initialized,--wrap=memory_is_seeded,--wrap=memory_get_failed_unlock_attempts,--wrap=memory_reset_failed_unlock_attempts,--wrap=memory_increment_failed_unlock_attempts,--wrap=memory_set_encrypted_seed_and_hmac,--wrap=memory_get_encrypted_seed_and_hmac,--wrap=memory_get_salt_root,--wrap=reset_reset,--wrap=random_32_bytes"
    keystore_antiklepto
    ""
-   keystore_functional
-   "-Wl,--wrap=memory_is_initialized,--wrap=memory_is_seeded,--wrap=memory_set_encrypted_seed_and_hmac,--wrap=memory_get_encrypted_seed_and_hmac,--wrap=memory_get_salt_root,--wrap=memory_get_failed_unlock_attempts,--wrap=memory_reset_failed_unlock_attempts,--wrap=memory_increment_failed_unlock_attempts"
    gestures
    ""
    random