From 6030f33977b16e73f1d6930f4e8c9a92349a6fcb Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Sun, 11 Dec 2022 00:07:22 +0100
Subject: [PATCH] Added more tests

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 tests/pico-fido/test_minpinlength.py | 42 +++++++++++++++++++++++++++-
 1 file changed, 41 insertions(+), 1 deletion(-)

diff --git a/tests/pico-fido/test_minpinlength.py b/tests/pico-fido/test_minpinlength.py
index 57ea515..fdc4382 100644
--- a/tests/pico-fido/test_minpinlength.py
+++ b/tests/pico-fido/test_minpinlength.py
@@ -20,6 +20,13 @@ def SetMinPin(device):
     cfg = FidoConfig(device)
     cfg.set_min_pin_length(MINPINLENGTH,rp_ids=['example.com'])
 
+@pytest.fixture(scope="function")
+def SetMinPinWrongRpid(device):
+    device.reset()
+    ClientPin(device.client()._backend.ctap2).set_pin(PIN)
+    cfg = FidoConfig(device)
+    cfg.set_min_pin_length(MINPINLENGTH,rp_ids=['notanexample.com'])
+
 def PinToken(device):
     return ClientPin(device.client()._backend.ctap2).get_pin_token(PIN, permissions=ClientPin.PERMISSION.MAKE_CREDENTIAL | ClientPin.PERMISSION.AUTHENTICATOR_CFG)
 
@@ -28,7 +35,40 @@ def FidoConfig(device):
     pin_protocol = PinProtocolV2()
     return Config(device.client()._backend.ctap2, pin_protocol, pt)
 
-def test_minpin(MCMinPin, SetMinPin):
+def test_minpin(SetMinPin, MCMinPin):
     assert MCMinPin.auth_data.extensions
     assert "minPinLength" in MCMinPin.auth_data.extensions
     assert MCMinPin.auth_data.extensions['minPinLength'] == MINPINLENGTH
+
+def test_minpin_bad_rpid(SetMinPinWrongRpid, MCMinPin):
+    assert not MCMinPin.auth_data.extensions
+    assert "minPinLength" not in MCMinPin.auth_data.extensions
+
+def test_setminpin(device, SetMinPin, MCMinPin):
+    cfg = FidoConfig(device)
+    cfg.set_min_pin_length(MINPINLENGTH+2,rp_ids=['example.com'])
+    res = device.doMC(rk=True, extensions={'minPinLength': True})['res'].attestation_object
+    assert res.auth_data.extensions
+    assert "minPinLength" in res.auth_data.extensions
+    assert res.auth_data.extensions['minPinLength'] == MINPINLENGTH+2
+
+def test_no_setminpin(device, SetMinPin, MCMinPin):
+    cfg = FidoConfig(device)
+    with pytest.raises(CtapError) as e:
+        cfg.set_min_pin_length(MINPINLENGTH-2,rp_ids=['example.com'])
+    assert e.value.code == CtapError.ERR.PIN_POLICY_VIOLATION
+
+def test_setminpin_check_force(device, SetMinPin, MCMinPin):
+    cfg = FidoConfig(device)
+    cfg.set_min_pin_length(len(PIN)+1,rp_ids=['example.com'])
+    info = device.client()._backend.ctap2.get_info()
+    assert info.force_pin_change == True
+
+@pytest.mark.parametrize(
+    "force", [True, False]
+)
+def test_setminpin_set_forcee(device, SetMinPin, MCMinPin, force):
+    cfg = FidoConfig(device)
+    cfg.set_min_pin_length(MINPINLENGTH,rp_ids=['example.com'],force_change_pin=force)
+    info = device.client()._backend.ctap2.get_info()
+    assert info.force_pin_change == force