aboutsummaryrefslogtreecommitdiff
path: root/unit-tests.py
diff options
context:
space:
mode:
Diffstat (limited to 'unit-tests.py')
-rw-r--r--unit-tests.py60
1 files changed, 47 insertions, 13 deletions
diff --git a/unit-tests.py b/unit-tests.py
index 10aa810..9ebf91e 100644
--- a/unit-tests.py
+++ b/unit-tests.py
@@ -132,6 +132,10 @@ class TestCase(unittest.TestCase):
self.endTime = datetime.datetime.now()
super(TestCase, self).tearDown()
+ def skipUnlessAll(self, reason):
+ if not args.all_tests:
+ self.skipTest(reason)
+
class TextTestResult(unittest.TextTestResult):
def addSuccess(self, test):
@@ -197,15 +201,12 @@ class TestPIN(TestCase):
self.assertRaises(HAL_ERROR_FORBIDDEN, hsm.is_logged_in, user2)
hsm.logout()
- @unittest.skipUnless(args.all_tests, "Slow")
def test_login_wheel(self):
self.login_logout(HAL_USER_WHEEL)
- @unittest.skipUnless(args.all_tests, "Slow")
def test_login_so(self):
self.login_logout(HAL_USER_SO)
- @unittest.skipUnless(args.all_tests, "Slow")
def test_login_user(self):
self.login_logout(HAL_USER_NORMAL)
@@ -292,18 +293,19 @@ class TestPKeyGen(TestCaseLoggedIn):
def test_gen_sign_verify_rsa_1024_sha256(self):
self.gen_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA256, 1024)
- @unittest.skipUnless(args.all_tests, "Slow")
def test_gen_sign_verify_rsa_2048_sha384(self):
+ self.skipUnlessAll("Slow")
self.gen_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA384, 2048)
- @unittest.skipUnless(args.all_tests, "Hideously slow")
def test_gen_sign_verify_rsa_4096_sha512(self):
+ self.skipUnlessAll("Hideously slow")
self.gen_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA512, 4096)
def test_gen_unsupported_length(self):
with self.assertRaises(HAL_ERROR_BAD_ARGUMENTS):
hsm.pkey_generate_rsa(1028).delete()
+
class TestPKeyHashing(TestCaseLoggedIn):
"""
Tests involving various ways of doing the hashing for public key operations.
@@ -597,17 +599,20 @@ class TestPKeyMatch(TestCaseLoggedIn):
tags.extend(PreloadedKey.db)
self.assertEqual(len(tags), len(uuids))
+ n = 0
self.assertEqual(uuids, set(k.uuid for n, k in self.match(mask = mask,
flags = flags,
uuids = uuids)))
for keytype in set(HALKeyType.index.itervalues()) - {HAL_KEY_TYPE_NONE}:
+ n = 0
for n, k in self.match(mask = mask, flags = flags, uuids = uuids, type = keytype):
self.assertEqual(k.key_type, keytype)
self.assertEqual(k.get_attributes({0}).pop(0), str(keytype))
self.assertEqual(n, sum(1 for t1, t2 in tags if t1 == keytype))
for curve in set(HALCurve.index.itervalues()) - {HAL_CURVE_NONE}:
+ n = 0
for n, k in self.match(mask = mask, flags = flags, uuids = uuids, curve = curve):
self.assertEqual(k.key_curve, curve)
self.assertEqual(k.get_attributes({1}).pop(1), str(curve))
@@ -616,6 +621,7 @@ class TestPKeyMatch(TestCaseLoggedIn):
self.assertEqual(n, sum(1 for t1, t2 in tags if t2 == curve))
for keylen in set(kl for kt, kl in tags if not isinstance(kl, Enum)):
+ n = 0
for n, k in self.match(mask = mask, flags = flags, uuids = uuids,
attributes = {1 : str(keylen)}):
self.assertEqual(keylen, int(k.get_attributes({1}).pop(1)))
@@ -624,6 +630,7 @@ class TestPKeyMatch(TestCaseLoggedIn):
self.assertEqual(n, sum(1 for t1, t2 in tags
if not isinstance(t2, Enum) and t2 == keylen))
+ n = 0
for n, k in self.match(mask = mask, flags = flags, uuids = uuids,
type = HAL_KEY_TYPE_RSA_PUBLIC, attributes = {1 : "2048"}):
self.assertEqual(k.key_type, HAL_KEY_TYPE_RSA_PUBLIC)
@@ -650,7 +657,7 @@ class TestPKeyAttribute(TestCaseLoggedIn):
try:
with hsm.pkey_open(uuid) as pkey:
pkey.delete()
- except:
+ except Exception as e:
logger.debug("Problem deleting key %s: %s", uuid, e)
def load_and_fill(self, flags, n_keys = 1, n_attrs = 2, n_fill = 0):
@@ -664,17 +671,36 @@ class TestPKeyAttribute(TestCaseLoggedIn):
for j in xrange(n_attrs)))
pinwheel()
+ # These sizes work with a 4096-byte keystore block; if you tweak
+ # the undelrying block size, you may need to tweak these tests too.
+
+ def test_attribute_svelt_volatile_many(self):
+ self.load_and_fill(0, n_attrs = 64)
+
def test_attribute_bloat_volatile_many(self):
- self.load_and_fill(0, n_attrs = 128) # 192
+ with self.assertRaises(HAL_ERROR_RESULT_TOO_LONG):
+ self.load_and_fill(0, n_attrs = 128)
+
+ def test_attribute_svelt_volatile_big(self):
+ self.load_and_fill(0, n_attrs = 6, n_fill = 256)
def test_attribute_bloat_volatile_big(self):
- self.load_and_fill(0, n_attrs = 6, n_fill = 512)
+ with self.assertRaises(HAL_ERROR_RESULT_TOO_LONG):
+ self.load_and_fill(0, n_attrs = 6, n_fill = 512)
+
+ def test_attribute_svelt_token_many(self):
+ self.load_and_fill(HAL_KEY_FLAG_TOKEN, n_attrs = 64)
def test_attribute_bloat_token_many(self):
- self.load_and_fill(HAL_KEY_FLAG_TOKEN, n_attrs = 128)
+ with self.assertRaises(HAL_ERROR_RESULT_TOO_LONG):
+ self.load_and_fill(HAL_KEY_FLAG_TOKEN, n_attrs = 128)
+
+ def test_attribute_svelt_token_big(self):
+ self.load_and_fill(HAL_KEY_FLAG_TOKEN, n_attrs = 6, n_fill = 256)
def test_attribute_bloat_token_big(self):
- self.load_and_fill(HAL_KEY_FLAG_TOKEN, n_attrs = 4, n_fill = 512) # [16, 1024]
+ with self.assertRaises(HAL_ERROR_RESULT_TOO_LONG):
+ self.load_and_fill(HAL_KEY_FLAG_TOKEN, n_attrs = 6, n_fill = 512)
@unittest.skipUnless(ecdsa_loaded, "Requires Python ECDSA package")
@@ -903,11 +929,19 @@ class TestPKeyBackup(TestCaseLoggedIn):
encryptedPrivateKeyInfo = DerSequence()
encryptedPrivateKeyInfo.decode(der)
encryptionAlgorithm = DerSequence()
- encryptionAlgorithm.decode(encryptedPrivateKeyInfo[0])
algorithm = DerObjectId()
- algorithm.decode(encryptionAlgorithm[0])
encryptedData = DerOctetString()
- encryptedData.decode(encryptedPrivateKeyInfo[1])
+ encryptionAlgorithm.decode(encryptedPrivateKeyInfo[0])
+ # <kludge>
+ # Sigh, bugs in PyCrypto ASN.1 code. Should do:
+ #
+ #algorithm.decode(encryptionAlgorithm[0])
+ #encryptedData.decode(encryptedPrivateKeyInfo[1])
+ #
+ # but due to bugs in those methods we must instead do:
+ DerObject.decode(algorithm, encryptionAlgorithm[0])
+ DerObject.decode(encryptedData, encryptedPrivateKeyInfo[1])
+ # </kludge>
if algorithm.payload != oid:
raise ValueError
return encryptedData.payload
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 01:42:56 +0000