Skip to content

Test Case Fingerprint authentication

Jump to bottom
Sofía Celi edited this page Jun 7, 2019 · 11 revisions

Assumptions

  • This test will be run with alice@ and bob@ running with the localhost xmpp server

Before running test

  • Start Pidgin:
    • Enable alice@ and bob@
    • Shut down Pidgin
  • Remove all published values in prekey server by deleting the keys folder.
  • Remove all files starting with otr4. in the Pidgin configuration directory (defaults to ~/.purple).
  • Remove any entries in the otr.fingerprints file (in the Pidgin configuration directory) that is for alice@ or bob@
  • Make sure the XMPP server, otrng prekey server and XMPP prekey server are running

Running the test (online version)

  • Start Pidgin
  • Ensure that you see (in the console output) (the order will vary)
    • "Prekey Server: we have 0 prekey messages stored." two times
    • "Prekey Server: Publishing prekey messages." two times
    • "Prekey Server: received success" two times
  • Double click on "bob@localhost" to open a conversation window with Bob
  • Click the "OTR" menu
  • Ensure that "Start private conversation" is enabled, while "End private conversation" and "Authenticate buddy" are not enabled
  • Click on "Start private conversation"
  • Ensure that it says "Unverified conversation started." in the conversation window with bob@
  • Type "Hello, Bob" and press enter.
  • Ensure that the message shows up in the conversation window with bob@
  • Switch to bob's conversation window with alice@
  • Ensure that it says "Unverified conversation started".
  • Ensure that the "Hello, Bob" message shows up in that window
  • Type "Oh, hi Alice" and press enter.
  • Ensure that the message shows up in the conversation window with alice@
  • Switch to alice's conversation window with bob@
  • Ensure that the "Oh, hi Alice" message shows up in that window
  • Press the "OTR" menu, and then "Authenticate buddy"
  • Change the dropdown to the "Manual fingerprint verification" option
  • Ensure that you see 14 groups of 8 hexadecimal characters for alice@ and another for bob@
  • Copy the fingerprints to a temporary text file outside of Pidgin
  • Switch the "I have not" dropdown to say "I have"
  • Ensure that nothing shows up in the conversation window yet
  • Press the "Authenticate" button
  • Ensure that a new message saying "The privacy status of the current conversation is now: Private" has appeared in your window
  • Press the "OTR" menu
  • Ensure that the "Authenticate buddy" option has been replaced with "Reauthenticate buddy"
  • Switch over to bob's conversation window with alice@
  • Ensure that no message has shown up in that conversation window
  • Press the "OTR" menu
  • Ensure that the "Authenticate buddy" option is still available there
  • Open up the file "otr4.fingerprints"
  • Ensure the content:
    • There are two entries, one where the first column is "bob@localhost" and the second column is "alice@localhost", and a second entry where the two columns are switched
    • The entry with the first column being "bob@localhost" has a final column that says "trusted"
    • The entry with the first column being "alice@localhost" does not have a final column that says "trusted"
    • The entry with the first column being "bob@localhost" has the same 14 groups of letters that was displayed in the verification window
  • Stop Pidgin
  • Start Pidgin
  • Double click on "bob@localhost" to open a conversation window with Bob
  • Click the "OTR" menu
  • Click "Start private conversation"
  • Ensure that "Private conversation started." is written in the conversation window
  • Ensure that the "Authenticate buddy" option is not available on the "OTR" menu, but the "Reauthenticate buddy" option is
  • Close the conversation windows
  • Press the "Tools" menu, then "Plugins"
  • Scroll down to "Off-the-Record Messaging nextgen" and highlight the entry
  • Click the "Configure Plugin" button
  • Click the "Known fingerprints" tab
  • Ensure that the two lines shown here match what you verified in the otr4.fingerprints file earlier
  • Ensure that none of the four buttons are enabled
  • Click the line where "alice@localhost" is in the first column
  • Ensure that the "Start private conversation", "Verify fingerprint" and "Forget fingerprint" buttons are enabled
  • Click the "Verify fingerprint" button
  • Ensure that the two sets of fingerprints are the same as the ones you saved earlier
  • Switch the "I have not" drop down to "I have"
  • Ensure that the "Verified" column in the previous window hasn't changed from "No"
  • Press the "OK" button
  • Ensure that the "Verified" column in the "Known fingerprints" window has changed to "Yes"
  • Shut down Pidgin
  • Ensure that both lines in the otr4.fingerprints file now has "trusted" in the final column
Clone this wiki locally