From e7d63eed3c339f8004e22eca66be7f9dcd93404d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sosth=C3=A8ne=20Gu=C3=A9don?= Date: Mon, 19 Feb 2024 11:41:22 +0100 Subject: [PATCH] Remove bundled filesystem dumps --- .reuse/dep5 | 5 ----- failure-paths.md | 10 +++++++++ src/migrate.rs | 38 ++++++++++++++++++++++++++++------ test_fs/fido-trussed-auth.lfs | Bin 65536 -> 0 bytes test_fs/fido-trussed.lfs | Bin 65536 -> 0 bytes 5 files changed, 42 insertions(+), 11 deletions(-) delete mode 100644 .reuse/dep5 create mode 100644 failure-paths.md delete mode 100644 test_fs/fido-trussed-auth.lfs delete mode 100644 test_fs/fido-trussed.lfs diff --git a/.reuse/dep5 b/.reuse/dep5 deleted file mode 100644 index 4cdc386..0000000 --- a/.reuse/dep5 +++ /dev/null @@ -1,5 +0,0 @@ -Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ - -Files: test_fs/* -Copyright: Nitrokey GmbH -License: CC0-1.0 diff --git a/failure-paths.md b/failure-paths.md new file mode 100644 index 0000000..c549707 --- /dev/null +++ b/failure-paths.md @@ -0,0 +1,10 @@ +- can_lifecycle_run -> not because other ops would also not fail +- Length check -> not because error is different +- admin_verified check -> error is different +- state.reset_user_code_with_pw3 + - get_user_key() + - admin_kek() -> Can't be because different error, and admin was checked + - unwrap_key + - set_pin_with_key can't because panic + - Bytes::from_slice -> can't because length is checked + - set_pin_len() could fail but this would be weird diff --git a/src/migrate.rs b/src/migrate.rs index d6aa020..6e98215 100644 --- a/src/migrate.rs +++ b/src/migrate.rs @@ -82,6 +82,25 @@ mod tests { File(usize), } + fn prepare_fs(fs: &dyn DynFilesystem, value: &FsValues, path: &Path) { + match value { + FsValues::File(f_data_len) => { + fs.create_file_and_then(path,&mut |f| { + f.set_len(*f_data_len).unwrap(); + Ok(()) + }).unwrap(); + } + FsValues::Dir(d) => { + if path != path!("/") { + fs.create_dir(path).unwrap(); + } + for (p, v) in *d { + prepare_fs(fs, v, &path.join(p)); + } + } + } + } + fn test_fs_equality(fs: &dyn DynFilesystem, value: &FsValues, path: &Path) { match value { FsValues::Dir(d) => { @@ -176,9 +195,13 @@ mod tests { ), ]); - Filesystem::mount_and_then(&mut NoBackendStorage::new(&mut storage), |fs| { + let backend = &mut NoBackendStorage::new(&mut storage); + + Filesystem::format(backend).unwrap(); + Filesystem::mount_and_then(backend, |fs| { + prepare_fs(fs, &TEST_VALUES, path!("/")); test_fs_equality(fs, &TEST_VALUES, path!("/")); - migrate_remove_dat(fs, &[path!("fido")]).unwrap(); + migrate_remove_dat(fs, &[path!("secrets"), path!("opcard")]).unwrap(); test_fs_equality(fs, &TEST_VALUES, path!("/")); Ok(()) }) @@ -187,9 +210,7 @@ mod tests { #[test] fn migration_full() { - let mut storage = RamDirect { - buf: *include_bytes!("../test_fs/fido-trussed-auth.lfs"), - }; + let mut storage = RamDirect::default(); const AUTH_SECRETS_DIR: FsValues = FsValues::Dir(&[ (path!("application_salt"), FsValues::File(16)), @@ -246,7 +267,12 @@ mod tests { ), ]); - Filesystem::mount_and_then(&mut NoBackendStorage::new(&mut storage), |fs| { + + let backend = &mut NoBackendStorage::new(&mut storage); + + Filesystem::format(backend).unwrap(); + Filesystem::mount_and_then(backend, |fs| { + prepare_fs(fs, &TEST_BEFORE, path!("/")); test_fs_equality(fs, &TEST_BEFORE, path!("/")); migrate_remove_dat(fs, &[path!("secrets"), path!("opcard")]).unwrap(); test_fs_equality(fs, &TEST_AFTER, path!("/")); diff --git a/test_fs/fido-trussed-auth.lfs b/test_fs/fido-trussed-auth.lfs deleted file mode 100644 index f3e16fd975468e2a9f9fd279406aef3b4546d729..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 65536 zcmeI*3s4mI9S88`I3p^NvyJvNX*t^&O?}|)J$LbiO4JA{S{1}r+}+!g3*2#Xhk`Nn z5liZ$D#lo~9phV4O_Pi|J`%pw}0Sfnjvvzge`eT3M^BXWocp7=LV4 z)VRncG4wx{pNIg}bc5>O;u!d}_S6lrAwzC%w$5VM_X_ea4bg)rQ!z7E1hJZeAcD zyOj8SDQ>@T{4z!jEAhYHvb3DyUsmGl-5ysCMUEao5eL?0u7)Wx6WDR!Q|)mzmoS|= z76?E90uX=z1Rwwb2tWV=5P$##AOHafKmY;|fB*y_009U<00Izz00bZa0SG_<0uX=z z1Rwwb2tWV=5P$##AOHafKmY;|fB*y_009U<00Izz00bZa0SG_<0uX=z1Rwwb2tWV= z5P$##AOHafKmY;|fB*y_009U<00Izz00iz+AcE4rRu)-V=^J@Nne)Ivb9~Tz36U-# zNYf>>vC(cjtqCzzj2fot5+af=SCllDDH49t=Xsya2g#ebz#aQP!{`G-cF;thH0MwB zhV8A#shxoSf8xb!drQANV@NvjN#?QEGxuzxZAL@C%~@(3d^R0{CfyACP>-#?yEZC|%AFN%c3(p%#^F>A_Fw7%< zk1x(_HYuUlQ0tk6IjJ?d_{^KN4aPY;9!(X>ES8Q@&yAc9+`5b!%Ky4Prg+7k&E653UiosS<`aqY9PBZvgCp^ zlPPV>m@PZA{yluxflj|IopvaysC&^H^7W(JdzHrp`xxd*L1A)AfnB#%|Lf4-<82d7 zCyPcjZWBgs_aUHO|1}fs>L-lwPf@e1eg0F&fBmVeBq%G5|J1ND{`>2^&mz<$_-sM~ z&G^!XQzwCX^?#a7JJ&b4XCNp9Y{}-L0c?+ohzb`TLqm^#v z`ahPx8ml%;_5L4_B@=xgJcyzs(yHA5)v$8^zu?}sBbl6L+@$4f#-xZhPhR$N zRXulq-lP8?=q;DY{?9bMTAo#Q%ML4VlPqRI;8+VMTb!cR>5wfJhhXPKwYt^YvF3EuX!ic+le)ya$up7s>~d*FO^#Z#T_fd-xNjyu{8scWKk!DXe1{rutI# z>3VqUm3q9FtBKL;seWWPYZJ^eOL82`v#i77<|Nk6^DaBjDd(0D6N-9@${tLs*}yQz zrx+$E$4AHALn&wUJCjP%)6Ur19*aIV47Reo8sN50{Ni zR@;l&!CN_pWR;v&yMyD+4wf1xD{`VF@NU+jylD)#&zb4xi?t3)J79E7tLEPX=Y8#{LYjgs`wD-%o0Z$+(`+~Kv0VFXe*QD%-t!mS8=GNTW1pZ!C zkx!H4JX$GiEIGZqO3h38r2C(No)2`nS@by3dKkq@qLuCjj2foL1Kr#gxUSk%2tOzR z!pG8#1vci=w>TNHPs%OuhrisVe^VZLvGDC9_RJ;1)=|6my;45Oufz#|>*MiFR=)PR zn%_yv@zFbhyr5^QoIzjaW_UdTuMm_n$bC?a9r@lSP_OI1nK3wRfTOJ>elwg_rmMF;vHfS?-Bu7bJd^^>_|k_{CxLqPfBOB8*~+=xl7n^F=^cVr`HiByrq|{dqaX5$ zwmdaIR+dE3Ey^yA=Pee_X{tTGZIydhYU3;Ujn?E>{qcWJY4+jVh*(cChK^4gn>RjfoIkwVE#$=sd7dnnC*aQ(3PwrtV$ zqk9*Z*0hAO(4I~CDX;I}Kcc^`VaJWwjU&*I`v0A_{?k*lGhL};!KTUDTo1!uBgqtf;BpqLK05i{5>2oKGqr zde_6k&L2pif%Q+1ba9Ki*m|AS|dWG$kGH7OJIBNB$G~-v`MyXc6I+b znUlNs|K~owe`fc;cjliPK@fzetG6cC?sn%&HdoSL36dZ*^4|g^^Wxp>oqsoyAe`}a z(Gw#}yQ0sq{YVHPOSj4XjCsh<)LkdzYspkS(ZO9%=yFL`osQ_rpdt-uPwiSuC}}-G zba`=Z`Z+Jsk3#xdo86j^lslV|qNPDuNh4+Aod@@yQ`ZCOzz{&FVFLm{00;m9AOHk_ z01yBIKmZ5;0U!VbfB+Bx0zd!=00AHX1b_e#00KY&2mk>f00e*l5C8%|00;m9AOHk_ z01yBIKmZ5;fgb>YvVxgXahBu|3yPg?d%hzJeH{D1tBe15+>}$wzdi222Rm+LJF(8} z0^aGgJEmieTSYy@e1}UC3*GivQWnb2%Co!jc(<4%xgv7#=N#UZQ%b!;t)(_m*C_{e zlKPCQpf*s+lt8Vf7Es?%i>cFgw>?jCx%oV2RA3%&hf-T05CHoVVE-1Nhmbf_?EgRr zF$t%pY$Y@i<-{9;-8yr&B=Cjq9LE5AzSY6!N$QM{NX2wvOA14c~5?^SaX|=nY zxqR_xq%CJ?q9Si<`$R1w#y)#jTvHKK{*#ivduDyrr)+r#P4rF8$d#AB9y#M!!J=Q% zReuU6%AwoWP`Um)gf5~Vb;|-^f4}@cuzzq)vjEuNFaHnh9~}EfpfRfVy7wX@SS1^6 zC;iPBd%E+LVMl7;-`l--;YYoa zVm1^XTaY;M*mF8Ut2IbA$!y?^BBSSdmS$Lqu?Pl>Sz;J7Z(;?dtiE@OinO;%)-K#u zp4RhP-qDfW7fVM+Zk-XGY|<^;a_kEf9~aG8Ftz zuBL-B9vs$fXYt;bM%P{%R~tKiVELK)@t~*n{q03#cOO1HdXNT;5ex#Ma{YGu zPVLcIsN)_20kFSc{vX)?9@Df-MgZ*Zm;VR$Zx?glQ%R`Uzwn1TyT2clq0WY zE!Z{U(r2Fj;*_O*Q?69LaeHNEB3V^d`FizV4q}~-S2gmpaX9_Oj?Y(LXJ3lnU2<(~ zOvQL_QR0q%J1S0(d7)%%wDY&0mSLS&qv8agroqQn5NJFRAQ6@X@b$kL{r;;KYSMoB z!ZWv&Q-_SN>#Xtzl*eqbKcJ+sKS0eKctkz~t?$$k>!a9E>_4QS;-5u3UJFV|WBp1^ z1o#gM<6!;|%aa~D-ADi}>xZBJ|JErLxa=;sG`pSQ*k{^oQ-}qaI^>F*1P|2shwJgr}_$O6z=5o>^UwI#uyu$SE zO<#FmmHc^40PpRa4c0RepSDvVnrxhLasO7%t=I;O9YTNrB{JP(Z7Zrsq_yq2Q z{r!601MDAs+v6782m8bI9~!3gs}&LGw*rs5E(5@#5B4z3`P3-R5FZkR#0?mE@|DW&wg5QJIp$`eIP_chRNYDtsMkv4kEzJLt z79($#c#feBBF7;oK&K<9H1u7Zj&?j5tfbLIkhb^i^3CB#@`u@DWIou!m_Vzpe}W+O z2G(j5&9vEs-iabeoDSt7znS!=9K5bR^YQ%HbBN~xwBvNQQf8l8j_wbUspwdX$QZ2x zXEM-?ggkq*PA;#OoMt@9s`Z^owbTSu)*QLKTFNFK_bdA>@zC?c+t3<#@f(V6YfD3)9d(4>?cT^trlzXOf5N zjmldlx6eb78!t#|xl$fyVMT#A8m%_Tz_Av(zI`6@@2O{Jsr7Mr38<`%4duNRJ8hd< ze!tVG8rZ^^KwIKJpPxKwLgC~|6YJmoVdD!2_`CzMAqx$^8{PuhJ7w|ViW_UabIBF| zOit)`wm!&n_^&?f_t?4hiQkod(&SpY-{&@z*D`@n@&7d~Hx)DjKp+72_v?ND*gpWq zZAFm*u)kmPKVbh>7%KoOp<@3gljs5HCluK{fiQM`q3b{Z2mk>f00e*l5C8%|00;m9 zAOHlyhCl%3fBc&Nh54W6=Vt<)8vy(JHUA6t545G5FF#c5uWi10kQ-nEZMpxC)_=^U zCoAhe+6#I0i=M3#%FskAcmDf*d1H7ib!OqJhm%%xUw?L8{hj|+W0Lc}%lqKnt0Qha zAK;Eb@vR~dD%U@(|J*8b-FKz1ade@hKmZ5;0U!VbfB+Bx0zd!=00AHX1b_e#00KY& z2mk>f00e*l5C8%|00;m9AOHk_01yBIKmZ5;0U!VbfB+Bx0zd!=00AHX1b_e#00KY& z2mk>f00e*l5C8%|00;m9AOHk_01yBIKmZ5;0U!VbfB+Bx0zd!=00AHX1b_e#2oiyR E12FM3KL7v#