#!/usr/bin/env python # Copyright (c) 2016, NORDUnet A/S # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: # - Redistributions of source code must retain the above copyright notice, # this list of conditions and the following disclaimer. # # - Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # - Neither the name of the NORDUnet nor the names of its contributors may # be used to endorse or promote products derived from this software # without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS # IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A # PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED # TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR # PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF # LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING # NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ LibHAL unit tests, using libhal.py and the Python unit_test framework. """ # There's some overlap between these tests and the PKCS #11 unit tests, # because in many cases we're testing the same functionality, just via # different APIs. import unittest import datetime import sys from libhal import * try: from Crypto.Util.number import inverse from Crypto.PublicKey import RSA from Crypto.Signature import PKCS1_v1_5 from Crypto.Hash.SHA256 import SHA256Hash as SHA256 from Crypto.Hash.SHA384 import SHA384Hash as SHA384 from Crypto.Hash.SHA512 import SHA512Hash as SHA512 pycrypto_loaded = True except ImportError: pycrypto_loaded = False try: from ecdsa.keys import SigningKey as ECDSA_SigningKey, VerifyingKey as ECDSA_VerifyingKey from ecdsa.ellipticcurve import Point from ecdsa.curves import NIST256p, NIST384p, NIST521p if not pycrypto_loaded: from hashlib import sha256 as SHA256, sha384 as SHA384, sha512 as SHA512 ecdsa_loaded = True except ImportError: ecdsa_loaded = False def main(): from sys import argv global args args = parse_arguments(argv[1:]) argv = argv[:1] + args.only_test logging.basicConfig(level = logging.DEBUG if args.debug else logging.INFO) unittest.main(verbosity = 1 if args.quiet else 2, argv = argv, catchbreak = True, testRunner = TextTestRunner) def parse_arguments(argv = ()): from argparse import ArgumentParser, ArgumentDefaultsHelpFormatter parser = ArgumentParser(description = __doc__, formatter_class = ArgumentDefaultsHelpFormatter) parser.add_argument("--quiet", action = "store_true", help = "suppress chatter") parser.add_argument("--debug", action = "store_true", help = "debug-level logging") parser.add_argument("--wheel-pin", default = "fnord", help = "PIN for wheel user") parser.add_argument("--so-pin", default = "fnord", help = "PIN for security officer") parser.add_argument("--user-pin", default = "fnord", help = "PIN for normal user") parser.add_argument("--all-tests", action = "store_true", help = "enable tests usually skipped") parser.add_argument("--only-test", default = [], nargs = "+", help = "only run tests named here") return parser.parse_args(argv) args = parse_arguments() hsm = None pin_map = { HAL_USER_NORMAL : "user_pin", HAL_USER_SO : "so_pin", HAL_USER_WHEEL : "wheel_pin" } def setUpModule(): global hsm hsm = HSM() def tearDownModule(): hsm.logout() #hsm.close() # Subclass a few bits of unittest to add timing reports for individual tests. class TestCase(unittest.TestCase): def setUp(self): super(TestCase, self).setUp() self.startTime = datetime.datetime.now() def tearDown(self): self.endTime = datetime.datetime.now() super(TestCase, self).tearDown() class TextTestResult(unittest.TextTestResult): def addSuccess(self, test): if self.showAll and hasattr(test, "startTime") and hasattr(test, "endTime"): self.stream.write("runtime {} ... ".format(test.endTime - test.startTime)) self.stream.flush() super(TextTestResult, self).addSuccess(test) class TextTestRunner(unittest.TextTestRunner): resultclass = TextTestResult # Tests below here class TestBasic(TestCase): """ Test basic functions that don't involve keys, digests, or PINs. """ def test_get_version(self): version = hsm.get_version() # Might want to inspect the result here self.assertIsInstance(version, int) def test_get_random(self): length = 32 random = hsm.get_random(length) self.assertIsInstance(random, str) self.assertEqual(length, len(random)) class TestPIN(TestCase): """ Test functions involving PINs. """ def setUp(self): hsm.logout() super(TestPIN, self).setUp() def tearDown(self): super(TestPIN, self).tearDown() hsm.logout() def test_is_logged_in(self): for user in pin_map: self.assertRaises(HAL_ERROR_FORBIDDEN, hsm.is_logged_in, user) def login_logout(self, user1): pin = getattr(args, pin_map[user1]) hsm.login(user1, pin) for user2 in pin_map: if user2 == user1: hsm.is_logged_in(user2) else: self.assertRaises(HAL_ERROR_FORBIDDEN, hsm.is_logged_in, user2) hsm.logout() def test_login_wheel(self): self.login_logout(HAL_USER_WHEEL) def test_login_so(self): self.login_logout(HAL_USER_SO) def test_login_user(self): self.login_logout(HAL_USER_NORMAL) # Eventually we will want a test of set_pin(), probably under a # @unittest.skipUnless to prevent it from being run unless the # user requests it. Punt that one for the moment. class TestDigest(TestCase): """ Test digest/HMAC functions. """ # Should use NIST test vectors, this is just a placeholder. def test_basic_hash(self): h = hsm.hash_initialize(HAL_DIGEST_ALGORITHM_SHA256) h.update("Hi, Mom") h.finalize() def test_basic_hmac(self): h = hsm.hash_initialize(HAL_DIGEST_ALGORITHM_SHA256, key = "secret") h.update("Hi, Dad") h.finalize() # Will need something to test for pkey access when not logged in # properly (ie, test that we get an appropriate exception under a long # list of screwy conditions and that we don't get it under another # long list of screwy conditions, due to the PKCS #11 compatible # access check semantics). Defer for now. class TestCaseLoggedIn(TestCase): """ Abstract class to handle login for PKey tests. """ @classmethod def setUpClass(cls): hsm.login(HAL_USER_NORMAL, args.user_pin) @classmethod def tearDownClass(cls): hsm.logout() class TestPKeyGen(TestCaseLoggedIn): """ Tests involving key generation. """ def sign_verify(self, hashalg, k1, k2): h = hsm.hash_initialize(hashalg) h.update("Your mother was a hamster") data = h.finalize() sig = k1.sign(data = data) k1.verify(signature = sig, data = data) k2.verify(signature = sig, data = data) def gen_sign_verify_rsa(self, hashalg, keylen): k1 = hsm.pkey_generate_rsa(keylen) self.addCleanup(k1.delete) k2 = hsm.pkey_load(HAL_KEY_TYPE_RSA_PUBLIC, HAL_CURVE_NONE, k1.public_key) self.addCleanup(k2.delete) self.sign_verify(hashalg, k1, k2) def gen_sign_verify_ecdsa(self, hashalg, curve): k1 = hsm.pkey_generate_ec(curve) self.addCleanup(k1.delete) k2 = hsm.pkey_load(HAL_KEY_TYPE_EC_PUBLIC, curve, k1.public_key) self.addCleanup(k2.delete) self.sign_verify(hashalg, k1, k2) def test_gen_sign_verify_ecdsa_p256_sha256(self): self.gen_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA256, HAL_CURVE_P256) def test_gen_sign_verify_ecdsa_p384_sha384(self): self.gen_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA384, HAL_CURVE_P384) def test_gen_sign_verify_ecdsa_p521_sha512(self): self.gen_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA512, HAL_CURVE_P521) def test_gen_sign_verify_rsa_1024_p256_sha256(self): self.gen_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA256, 1024) @unittest.skipUnless(args.all_tests, "Slow") def test_gen_sign_verify_rsa_2048_sha384(self): self.gen_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA384, 2048) @unittest.skipUnless(args.all_tests, "Hideously slow") def test_gen_sign_verify_rsa_4096_sha512(self): self.gen_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA512, 4096) def test_gen_unsupported_length(self): with self.assertRaises(HAL_ERROR_BAD_ARGUMENTS): hsm.pkey_generate_rsa(1028).delete() class TestPKeyHashing(TestCaseLoggedIn): """ Tests involving various ways of doing the hashing for public key operations. """ def load_sign_verify_rsa(self, alg, keylen, method): k1 = hsm.pkey_load(HAL_KEY_TYPE_RSA_PRIVATE, HAL_CURVE_NONE, PreloadedKey.db[HAL_KEY_TYPE_RSA_PRIVATE, keylen].der) self.addCleanup(k1.delete) k2 = hsm.pkey_load(HAL_KEY_TYPE_RSA_PUBLIC, HAL_CURVE_NONE, PreloadedKey.db[HAL_KEY_TYPE_RSA_PUBLIC, keylen].der) self.addCleanup(k2.delete) method(alg, k1, k2) def load_sign_verify_ecdsa(self, alg, curve, method): k1 = hsm.pkey_load(HAL_KEY_TYPE_EC_PRIVATE, curve, PreloadedKey.db[HAL_KEY_TYPE_EC_PRIVATE, curve].der) self.addCleanup(k1.delete) k2 = hsm.pkey_load(HAL_KEY_TYPE_EC_PUBLIC, curve, PreloadedKey.db[HAL_KEY_TYPE_EC_PUBLIC, curve].der) self.addCleanup(k2.delete) method(alg, k1, k2) @staticmethod def h(alg, mixed_mode = False): h = hsm.hash_initialize(alg, mixed_mode = mixed_mode) h.update("Your mother was a hamster") return h def sign_verify_data(self, alg, k1, k2): data = self.h(alg, mixed_mode = True).finalize() sig = k1.sign(data = data) k1.verify(signature = sig, data = data) k2.verify(signature = sig, data = data) def sign_verify_remote_remote(self, alg, k1, k2): sig = k1.sign(hash = self.h(alg, mixed_mode = False)) k1.verify(signature = sig, hash = self.h(alg, mixed_mode = False)) k2.verify(signature = sig, hash = self.h(alg, mixed_mode = False)) def sign_verify_remote_local(self, alg, k1, k2): sig = k1.sign(hash = self.h(alg, mixed_mode = False)) k1.verify(signature = sig, hash = self.h(alg, mixed_mode = True)) k2.verify(signature = sig, hash = self.h(alg, mixed_mode = True)) def sign_verify_local_remote(self, alg, k1, k2): sig = k1.sign(hash = self.h(alg, mixed_mode = True)) k1.verify(signature = sig, hash = self.h(alg, mixed_mode = False)) k2.verify(signature = sig, hash = self.h(alg, mixed_mode = False)) def sign_verify_local_local(self, alg, k1, k2): sig = k1.sign(hash = self.h(alg, mixed_mode = True)) k1.verify(signature = sig, hash = self.h(alg, mixed_mode = True)) k2.verify(signature = sig, hash = self.h(alg, mixed_mode = True)) def test_load_sign_verify_rsa_1024_sha256_data(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA256, 1024, self.sign_verify_data) def test_load_sign_verify_rsa_2048_sha384_data(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA384, 2048, self.sign_verify_data) def test_load_sign_verify_rsa_4096_sha512_data(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA512, 4096, self.sign_verify_data) def test_load_sign_verify_ecdsa_p256_sha256_data(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA256, HAL_CURVE_P256, self.sign_verify_data) def test_load_sign_verify_ecdsa_p384_sha384_data(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA384, HAL_CURVE_P384, self.sign_verify_data) def test_load_sign_verify_ecdsa_p521_sha512_data(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA512, HAL_CURVE_P521, self.sign_verify_data) def test_load_sign_verify_rsa_1024_sha256_remote_remote(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA256, 1024, self.sign_verify_remote_remote) def test_load_sign_verify_rsa_2048_sha384_remote_remote(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA384, 2048, self.sign_verify_remote_remote) def test_load_sign_verify_rsa_4096_sha512_remote_remote(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA512, 4096, self.sign_verify_remote_remote) def test_load_sign_verify_ecdsa_p256_sha256_remote_remote(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA256, HAL_CURVE_P256, self.sign_verify_remote_remote) def test_load_sign_verify_ecdsa_p384_sha384_remote_remote(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA384, HAL_CURVE_P384, self.sign_verify_remote_remote) def test_load_sign_verify_ecdsa_p521_sha512_remote_remote(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA512, HAL_CURVE_P521, self.sign_verify_remote_remote) def test_load_sign_verify_rsa_1024_sha256_remote_local(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA256, 1024, self.sign_verify_remote_local) def test_load_sign_verify_rsa_2048_sha384_remote_local(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA384, 2048, self.sign_verify_remote_local) def test_load_sign_verify_rsa_4096_sha512_remote_local(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA512, 4096, self.sign_verify_remote_local) def test_load_sign_verify_ecdsa_p256_sha256_remote_local(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA256, HAL_CURVE_P256, self.sign_verify_remote_local) def test_load_sign_verify_ecdsa_p384_sha384_remote_local(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA384, HAL_CURVE_P384, self.sign_verify_remote_local) def test_load_sign_verify_ecdsa_p521_sha512_remote_local(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA512, HAL_CURVE_P521, self.sign_verify_remote_local) def test_load_sign_verify_rsa_1024_sha256_local_remote(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA256, 1024, self.sign_verify_local_remote) def test_load_sign_verify_rsa_2048_sha384_local_remote(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA384, 2048, self.sign_verify_local_remote) def test_load_sign_verify_rsa_4096_sha512_local_remote(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA512, 4096, self.sign_verify_local_remote) def test_load_sign_verify_ecdsa_p256_sha256_local_remote(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA256, HAL_CURVE_P256, self.sign_verify_local_remote) def test_load_sign_verify_ecdsa_p384_sha384_local_remote(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA384, HAL_CURVE_P384, self.sign_verify_local_remote) def test_load_sign_verify_ecdsa_p521_sha512_local_remote(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA512, HAL_CURVE_P521, self.sign_verify_local_remote) def test_load_sign_verify_rsa_1024_sha256_local_local(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA256, 1024, self.sign_verify_local_local) def test_load_sign_verify_rsa_2048_sha384_local_local(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA384, 2048, self.sign_verify_local_local) def test_load_sign_verify_rsa_4096_sha512_local_local(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA512, 4096, self.sign_verify_local_local) def test_load_sign_verify_ecdsa_p256_sha256_local_local(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA256, HAL_CURVE_P256, self.sign_verify_local_local) def test_load_sign_verify_ecdsa_p384_sha384_local_local(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA384, HAL_CURVE_P384, self.sign_verify_local_local) def test_load_sign_verify_ecdsa_p521_sha512_local_local(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA512, HAL_CURVE_P521, self.sign_verify_local_local) @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package") class TestPKeyRSAInterop(TestCaseLoggedIn): @staticmethod def h(alg, text): h = hsm.hash_initialize(alg, mixed_mode = True) h.update(text) return h def load_sign_verify_rsa(self, alg, pyhash, keylen): hamster = "Your mother was a hamster" sk = PreloadedKey.db[HAL_KEY_TYPE_RSA_PRIVATE, keylen] vk = PreloadedKey.db[HAL_KEY_TYPE_RSA_PUBLIC, keylen] k1 = hsm.pkey_load(HAL_KEY_TYPE_RSA_PRIVATE, HAL_CURVE_NONE, sk.der) self.addCleanup(k1.delete) k2 = hsm.pkey_load(HAL_KEY_TYPE_RSA_PUBLIC, HAL_CURVE_NONE, vk.der) self.addCleanup(k2.delete) sig1 = k1.sign(hash = self.h(alg, hamster)) sig2 = sk.sign(hamster, pyhash) self.assertEqual(sig1, sig2) k1.verify(signature = sig2, hash = self.h(alg, hamster)) k2.verify(signature = sig2, hash = self.h(alg, hamster)) sk.verify(hamster, pyhash, sig1) vk.verify(hamster, pyhash, sig1) def test_interop_rsa_1024_sha256(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA256, SHA256, 1024) def test_interop_rsa_2048_sha384(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA384, SHA384, 2048) def test_interop_rsa_4096_sha512(self): self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA512, SHA512, 4096) @unittest.skipUnless(ecdsa_loaded, "Requires Python ECDSA package") class TestPKeyECDSAInterop(TestCaseLoggedIn): @staticmethod def h(alg, text): h = hsm.hash_initialize(alg, mixed_mode = True) h.update(text) return h def load_sign_verify_ecdsa(self, alg, pyhash, curve): hamster = "Your mother was a hamster" sk = PreloadedKey.db[HAL_KEY_TYPE_EC_PRIVATE, curve] vk = PreloadedKey.db[HAL_KEY_TYPE_EC_PUBLIC, curve] k1 = hsm.pkey_load(HAL_KEY_TYPE_EC_PRIVATE, curve, sk.der) self.addCleanup(k1.delete) k2 = hsm.pkey_load(HAL_KEY_TYPE_EC_PUBLIC, curve, vk.der) self.addCleanup(k2.delete) sig1 = k1.sign(hash = self.h(alg, hamster)) sig2 = sk.sign(hamster, pyhash) k1.verify(signature = sig2, hash = self.h(alg, hamster)) k2.verify(signature = sig2, hash = self.h(alg, hamster)) vk.verify(hamster, pyhash, sig1) def test_interop_ecdsa_p256_sha256(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA256, SHA256, HAL_CURVE_P256) def test_interop_ecdsa_p384_sha384(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA384, SHA384, HAL_CURVE_P384) def test_interop_ecdsa_p521_sha512(self): self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA512, SHA512, HAL_CURVE_P521) class TestPKeyList(TestCaseLoggedIn): """ Tests involving PKey list and match functions. """ def load_keys(self, flags): uuids = set() for obj in PreloadedKey.db.itervalues(): with hsm.pkey_load(obj.keytype, obj.curve, obj.der, flags) as k: self.addCleanup(lambda uuid: hsm.pkey_open(uuid, flags = flags).delete(), k.uuid) uuids.add(k.uuid) k.set_attributes(dict((i, a) for i, a in enumerate((str(obj.keytype), str(obj.fn2))))) return uuids def match(self, flags, **kwargs): uuids = kwargs.pop("uuids", None) kwargs.update(flags = flags) n = 0 for uuid in hsm.pkey_match(**kwargs): if uuids is None or uuid in uuids: with hsm.pkey_open(uuid, flags) as k: n += 1 yield n, k def ks_match(self, flags): tags = [] uuids = set() for i in xrange(2): uuids |= self.load_keys(flags) tags.extend(PreloadedKey.db) self.assertEqual(len(tags), len(uuids)) matched_uuids = set(k.uuid for n, k in self.match(flags = flags)) self.assertGreaterEqual(matched_uuids, uuids) for keytype in set(HALKeyType.index.itervalues()) - {HAL_KEY_TYPE_NONE}: for n, k in self.match(flags = flags, uuids = uuids, type = keytype): self.assertEqual(k.key_type, keytype) self.assertEqual(k.get_attributes({0}).pop(0), str(keytype)) self.assertEqual(n, sum(1 for t1, t2 in tags if t1 == keytype)) for curve in set(HALCurve.index.itervalues()) - {HAL_CURVE_NONE}: for n, k in self.match(flags = flags, uuids = uuids, curve = curve): self.assertEqual(k.key_curve, curve) self.assertEqual(k.get_attributes({1}).pop(1), str(curve)) self.assertIn(k.key_type, (HAL_KEY_TYPE_EC_PUBLIC, HAL_KEY_TYPE_EC_PRIVATE)) self.assertEqual(n, sum(1 for t1, t2 in tags if t2 == curve)) for keylen in set(kl for kt, kl in tags if not isinstance(kl, Enum)): for n, k in self.match(flags = flags, uuids = uuids, attributes = {1 : str(keylen)}): self.assertEqual(keylen, int(k.get_attributes({1}).pop(1))) self.assertIn(k.key_type, (HAL_KEY_TYPE_RSA_PUBLIC, HAL_KEY_TYPE_RSA_PRIVATE)) self.assertEqual(n, sum(1 for t1, t2 in tags if not isinstance(t2, Enum) and t2 == keylen)) for n, k in self.match(flags = flags, uuids = uuids, type = HAL_KEY_TYPE_RSA_PUBLIC, attributes = {1 : "2048"}): self.assertEqual(k.key_type, HAL_KEY_TYPE_RSA_PUBLIC) self.assertEqual(n, sum(1 for t1, t2 in tags if t1 == HAL_KEY_TYPE_RSA_PUBLIC and t2 == 2048)) def test_ks_match_token(self): self.ks_match(HAL_KEY_FLAG_TOKEN) def test_ks_match_volatile(self): self.ks_match(0) class TestPKeyAttribute(TestCaseLoggedIn): """ Attribute creation/lookup/deletion tests. """ def load_and_fill(self, flags, n_keys = 1, n_attrs = 2, n_fill = 0): pinwheel = Pinwheel() for i in xrange(n_keys): for obj in PreloadedKey.db.itervalues(): with hsm.pkey_load(obj.keytype, obj.curve, obj.der, flags) as k: pinwheel() self.addCleanup(lambda uuid: hsm.pkey_open(uuid, flags = flags).delete(), k.uuid) k.set_attributes(dict((j, "Attribute {}{}".format(j, "*" * n_fill)) for j in xrange(n_attrs))) pinwheel() def test_attribute_bloat_volatile_many(self): self.load_and_fill(0, n_attrs = 128) # 192 def test_attribute_bloat_volatile_big(self): self.load_and_fill(0, n_attrs = 6, n_fill = 512) def test_attribute_bloat_token_many(self): self.load_and_fill(HAL_KEY_FLAG_TOKEN, n_attrs = 128) def test_attribute_bloat_token_big(self): self.load_and_fill(HAL_KEY_FLAG_TOKEN, n_attrs = 4, n_fill = 512) # [16, 1024] class TestPKeyAttributeP11(TestCaseLoggedIn): """ Attribute creation/lookup/deletion tests based on a PKCS #11 trace. """ def setUp(self): der = PreloadedKey.db[HAL_KEY_TYPE_EC_PRIVATE, HAL_CURVE_P256].der self.k = hsm.pkey_load(HAL_KEY_TYPE_EC_PRIVATE, HAL_CURVE_P256, der, HAL_KEY_FLAG_TOKEN) self.addCleanup(self.k.delete) super(TestPKeyAttributeP11, self).setUp() def test_set_many_attributes(self): self.k.set_attributes({ 0x001 : "\x01", 0x108 : "\x01", 0x105 : "\x00", 0x002 : "\x01", 0x107 : "\x00", 0x102 : "\x45\x43\x2d\x50\x32\x35\x36", 0x003 : "\x45\x43\x2d\x50\x32\x35\x36", 0x162 : "\x00", 0x103 : "\x01", 0x000 : "\x03\x00\x00\x00", 0x100 : "\x03\x00\x00\x00", 0x101 : "", 0x109 : "\x00", 0x10c : "\x00", 0x110 : "", 0x111 : "", 0x163 : "\x00", 0x166 : "\xff\xff\xff\xff", 0x170 : "\x01", 0x210 : "\x00", 0x163 : "\x01", 0x166 : "\x40\x10\x00\x00", 0x180 : "\x06\x08\x2a\x86\x48\xce\x3d\x03\x01\x07" }) def test_set_many_attributes_with_deletions(self): self.k.set_attributes({ 0x001 : "\x01", 0x108 : "\x01", 0x105 : "\x00", 0x002 : "\x01", 0x107 : "\x00", 0x102 : "\x45\x43\x2d\x50\x32\x35\x36", 0x003 : "\x45\x43\x2d\x50\x32\x35\x36", 0x162 : "\x00", 0x103 : "\x01", 0x000 : "\x03\x00\x00\x00", 0x100 : "\x03\x00\x00\x00", 0x101 : None, 0x109 : "\x00", 0x10c : "\x00", 0x110 : None, 0x111 : None, 0x163 : "\x00", 0x166 : "\xff\xff\xff\xff", 0x170 : "\x01", 0x210 : "\x00", 0x163 : "\x01", 0x166 : "\x40\x10\x00\x00", 0x180 : "\x06\x08\x2a\x86\x48\xce\x3d\x03\x01\x07" }) class TestPKeyAttributeWriteSpeedToken(TestCaseLoggedIn): """ Attribute speed tests. """ def setUp(self): der = PreloadedKey.db[HAL_KEY_TYPE_EC_PRIVATE, HAL_CURVE_P256].der self.k = hsm.pkey_load(HAL_KEY_TYPE_EC_PRIVATE, HAL_CURVE_P256, der, HAL_KEY_FLAG_TOKEN) self.addCleanup(self.k.delete) super(TestPKeyAttributeWriteSpeedToken, self).setUp() def set_attributes(self, n_attrs): self.k.set_attributes(dict((i, "Attribute {}".format(i)) for i in xrange(n_attrs))) def test_set_1_attribute(self): self.set_attributes(1) def test_set_6_attributes(self): self.set_attributes(6) def test_set_12_attributes(self): self.set_attributes(12) class TestPKeyAttributeWriteSpeedVolatile(TestCaseLoggedIn): """ Attribute speed tests. """ def setUp(self): der = PreloadedKey.db[HAL_KEY_TYPE_EC_PRIVATE, HAL_CURVE_P256].der self.k = hsm.pkey_load(HAL_KEY_TYPE_EC_PRIVATE, HAL_CURVE_P256, der, 0) self.addCleanup(self.k.delete) super(TestPKeyAttributeWriteSpeedVolatile, self).setUp() def set_attributes(self, n_attrs): self.k.set_attributes(dict((i, "Attribute {}".format(i)) for i in xrange(n_attrs))) def test_set_1_attribute(self): self.set_attributes(1) def test_set_6_attributes(self): self.set_attributes(6) def test_set_12_attributes(self): self.set_attributes(12) class TestPKeyAttributeReadSpeedToken(TestCaseLoggedIn): """ Attribute speed tests. """ def setUp(self): der = PreloadedKey.db[HAL_KEY_TYPE_EC_PRIVATE, HAL_CURVE_P256].der self.k = hsm.pkey_load(HAL_KEY_TYPE_EC_PRIVATE, HAL_CURVE_P256, der, HAL_KEY_FLAG_TOKEN) self.addCleanup(self.k.delete) self.k.set_attributes(dict((i, "Attribute {}".format(i)) for i in xrange(12))) super(TestPKeyAttributeReadSpeedToken, self).setUp() def verify_attributes(self, n_attrs, attributes): expected = dict((i, "Attribute {}".format(i)) for i in xrange(n_attrs)) self.assertEqual(attributes, expected) def get_attributes(self, n_attrs): attributes = self.k.get_attributes(range(n_attrs)) self.verify_attributes(n_attrs, attributes) def test_get_1_attribute(self): self.get_attributes(1) def test_get_6_attributes(self): self.get_attributes(6) def test_get_12_attributes(self): self.get_attributes(12) class TestPKeyAttributeReadSpeedVolatile(TestCaseLoggedIn): """ Attribute speed tests. """ def setUp(self): der = PreloadedKey.db[HAL_KEY_TYPE_EC_PRIVATE, HAL_CURVE_P256].der self.k = hsm.pkey_load(HAL_KEY_TYPE_EC_PRIVATE, HAL_CURVE_P256, der, 0) self.addCleanup(self.k.delete) self.k.set_attributes(dict((i, "Attribute {}".format(i)) for i in xrange(12))) super(TestPKeyAttributeReadSpeedVolatile, self).setUp() def verify_attributes(self, n_attrs, attributes): expected = dict((i, "Attribute {}".format(i)) for i in xrange(n_attrs)) self.assertEqual(attributes, expected) def get_attributes(self, n_attrs): attributes = self.k.get_attributes(range(n_attrs)) self.verify_attributes(n_attrs, attributes) def test_get_1_attribute(self): self.get_attributes(1) def test_get_6_attributes(self): self.get_attributes(6) def test_get_12_attributes(self): self.get_attributes(12) @unittest.skipUnless(ecdsa_loaded, "Requires Python ECDSA package") class TestPkeyECDSAVerificationNIST(TestCaseLoggedIn): """ ECDSA verification tests based on Suite B Implementer's Guide to FIPS 186-3. """ def verify(self, Qx, Qy, H, r, s, hal_curve, py_curve, py_hash): Q = ECDSA_VerifyingKey.from_public_point(Point(py_curve.curve, Qx, Qy), py_curve, py_hash).to_der() k = hsm.pkey_load(HAL_KEY_TYPE_EC_PUBLIC, hal_curve, Q) self.addCleanup(k.delete) k.verify(signature = (r + s).decode("hex"), data = H.decode("hex")) def test_suite_b_p256_verify(self): self.verify( Qx = 0x8101ece47464a6ead70cf69a6e2bd3d88691a3262d22cba4f7635eaff26680a8, Qy = 0xd8a12ba61d599235f67d9cb4d58f1783d3ca43e78f0a5abaa624079936c0c3a9, H = "7c3e883ddc8bd688f96eac5e9324222c8f30f9d6bb59e9c5f020bd39ba2b8377", r = "7214bc9647160bbd39ff2f80533f5dc6ddd70ddf86bb815661e805d5d4e6f27c", s = "7d1ff961980f961bdaa3233b6209f4013317d3e3f9e1493592dbeaa1af2bc367", hal_curve = HAL_CURVE_P256, py_curve = NIST256p, py_hash = SHA256) def test_suite_b__p384_verify(self): self.verify( Qx = 0x1fbac8eebd0cbf35640b39efe0808dd774debff20a2a329e91713baf7d7f3c3e81546d883730bee7e48678f857b02ca0, Qy = 0xeb213103bd68ce343365a8a4c3d4555fa385f5330203bdd76ffad1f3affb95751c132007e1b240353cb0a4cf1693bdf9, H = "b9210c9d7e20897ab86597266a9d5077e8db1b06f7220ed6ee75bd8b45db37891f8ba5550304004159f4453dc5b3f5a1", r = "a0c27ec893092dea1e1bd2ccfed3cf945c8134ed0c9f81311a0f4a05942db8dbed8dd59f267471d5462aa14fe72de856", s = "20ab3f45b74f10b6e11f96a2c8eb694d206b9dda86d3c7e331c26b22c987b7537726577667adadf168ebbe803794a402", hal_curve = HAL_CURVE_P384, py_curve = NIST384p, py_hash = SHA384) # Entire classes of tests still missing: # # * pkey attribute functions # # * pkey list and match functions # # * token vs session key tests # # Preloaded keys should suffice for all of these. class Pinwheel(object): """ Activity pinwheel, as needed. """ def __init__(self): self.pinwheel = tuple("\b\b{} ".format(c) for c in "-/|\\") self.modulo = len(self.pinwheel) self.position = 0 if not args.quiet: from sys import stdout stdout.write(". ") stdout.flush() def __call__(self): if not args.quiet: from sys import stdout stdout.write(self.pinwheel[self.position]) stdout.flush() self.position = (self.position + 1) % self.modulo class PreloadedKey(object): """ Keys for preload tests, here at the end because they're large. For the moment, we use PKCS #1.5 format for RSA and secg format for ECDSA, because those are the formats that everything (including our own ASN.1 code) supports. Arguably, we should be using PKCS #8 to get a single, consistent, self-identifying private key format, but we're not there yet and it's not particularly urgent given widespread availablity of conversion tools (eg, "openssl pkcs8"). """ db = {} def __init__(self, keytype, fn2, obj, der, keylen = None, curve = HAL_CURVE_NONE): self.keytype = keytype self.fn2 = fn2 self.obj = obj self.der = der self.keylen = keylen self.curve = curve self.db[keytype, fn2] = self class PreloadedRSAKey(PreloadedKey): @classmethod def importKey(cls, keylen, pem): if pycrypto_loaded: k1 = RSA.importKey(pem) k2 = k1.publickey() cls(HAL_KEY_TYPE_RSA_PRIVATE, keylen, k1, k1.exportKey("DER"), keylen = keylen) cls(HAL_KEY_TYPE_RSA_PUBLIC, keylen, k2, k2.exportKey("DER"), keylen = keylen) def sign(self, text, hash): return PKCS1_v1_5.PKCS115_SigScheme(self.obj).sign(hash(text)) def verify(self, text, hash, signature): return PKCS1_v1_5.PKCS115_SigScheme(self.obj).verify(hash(text), signature) class PreloadedECKey(PreloadedKey): @classmethod def importKey(cls, curve, pem): if ecdsa_loaded: k1 = ECDSA_SigningKey.from_pem(pem) k2 = k1.get_verifying_key() cls(HAL_KEY_TYPE_EC_PRIVATE, curve, k1, k1.to_der(), curve = curve) cls(HAL_KEY_TYPE_EC_PUBLIC, curve, k2, k2.to_der(), curve = curve) def sign(self, text, hash): return self.obj.sign(text, hashfunc = hash) def verify(self, text, hash, signature): return self.obj.verify(signature, text, hashfunc = hash) # openssl genrsa 1024 PreloadedRSAKey.importKey(1024, '''\ -----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQC95QlDOvlQhdCe/a7eIoX9SGPVfXfA8/62ilnF+NcwLrhxkr2R 4EVQB65+9AbxqM8Hqol6fhZzmDs48cl2tOFGJpE8iMhiFm4i6SGl2RXYaG0xi+lJ FrXXCLFQovIEMuukBE129wra1xIB72tYR14lu8REX+Mhpbuz44M1jlCrlQIDAQAB AoGAeU928l8bZIiH9PnlG318kYkMVhd4SGjXQK/zl9hXSC2goNV4i1d1kCHIJMwq H3mTALe+aeVg3GnU85Tq+g2llzogoyXl8q902KbvImrM/XSbsue9/oj0OSgw+jKB faFzX6FxAtNV5pmU9QiwauBIl/3yPCF9ifim5zg+pWCqLaECQQD59Z/R6TrTHxp6 w2vH4CJyP5KORcf+eMa50SAriMVBXsJzsBiLLVxKIZfWbQn9gytJqJZKmIHezZQm dyam84fpAkEAwnvSF27RhxLXE037+t7k5MZti6BfNTeUBrwffteepL6qax9HK+h9 IQZ1vfNIqjZm8i7kQQyy4L8tRnk8mjZmzQJBAIUwfXWTilW+yBRMFx1M7+3itAv9 YODWqEWRCkxIN5tqi8CrP5jBleCmX8rRFTaxcxpvq42aD/GRp3SLntvs/ikCQCSg GOKc1gyv+Z0DFK8cBtMmoz6mRwfInbHe/7dtd8zis0lVLJwSPm5Xvxi0ljyn3h9B wW6Wq6Ezn50j+8u27wkCQQCcIFE01BDAdtFHtTJ3aaEM9IdMCYrcJ0I/Y0NTE2M6 lsTSiPyQjc4dQQJxFduvWHLx28bx+l7FTav7FaKntCJo -----END RSA PRIVATE KEY----- ''') # openssl genrsa 2048 PreloadedRSAKey.importKey(2048, '''\ -----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAsbvq6syhDXD/OMVAuLoMceGQLUIiezfShVqFfyMqADjqhFRW Wbonn0XV9ZkypU4Ib9n6PtLATNaefhpsUlI4s+20YTlQ7GiwJ9p97/N1o1u060ja 4LdqhfYtn8GZX+JAfa5NqpmLKCJ58XJ3q28MPLRwYp5yKckjkzchZHFyjs1W7r5a JfeJ/vsQusX3klmCehJ1jxSHPh8o6lTjFMnBK8t360YTu0UGK/RUcEAYO7l7FWjd 8PjZfawXIrOAhCLkVvDFfpsl2oyFIL9d1QE87WdyyZXAtWLs62gnX+kiBq9gUhu5 GsgcQifHBcRiGZfH0TRIMgIsSjsorzHqJ9uoQwIDAQABAoIBAGqzx5/5A8NfEEpT 2bxNLcV8xqL1LmBNLh0TMEwYn1GM2fZh74lkwf7T3VTaCVbGlzgXZC4tNneq7XIF iPyPEi2rSnyH/XZAj2kNukfBIOHW37HVhloco14TYmajwuGWomMRrtz521pYAF+c +g042N7k8Qez2hQOBkaOdYSouz7RNdJUGUocRhcSkh+QZTBwtQxrkuhhHN+zkIri +Q09hF2hAliHrh6mow8ci0gRsXnZzsdJfTX8CasHWTIll4gfrvWnUY7iYqB6ynRU YN+7IgQXMUFLziIlH1qN+DlEYdznsgAPSS3JdTWh0cvjiO8wTFAnOIdsj+BpKoDB PK2zzDkCgYEA3TP8h4Ds/y1tDijE3Sarrg0vWuY97sJmAla4qFHH4hscZ84NDzTM I/ohLPJgpeR2MaBqZmVk9UFrd3rdt3/lX6kSO7Kffa9rVgfOB4CqJ4joso3j0qY8 V/iVBcDcD1h4aXCRX2tMJICUTgVU/N8/2wBEElcOUjZHGlcHmbHndlUCgYEAzbFm ttPuIHrYHkmOm/DjYB65+WD8gfPMdeUbnx+yIt5xwimIbq1qWzl4++goTAAyaU/7 qM9IfveRue0B7yjnPa8fjN+CcXMGM6a3BIqeIv1icfgjHxlt7D+64FpENWXHvFE0 MhRliINfkTHm+U4+1s0045a+bLdTbfVly1gATDcCgYEAyOaoWmFL3k7hl1SLx9eR YVj0Q3iNk0XX5BPjTmxIQCEjYVwRHFh1d897Rhk0kja26kepmypH0UADXNaofDqa lpE10CZhGIOz1sTr6ICBCbscrN6VpgH5GGTa5AjPVNijNBBa1/DZjOWCzIGnOKuC kWLicE3E4gIN/exBKOQdNqkCgYEAjA5PMg38BoGexoCvad8L81b4qqUvSg0HGv91 X1Plp3hvXRWKoFHUKWlox528UoOPz8V2ReteIZXQ1BhdSMtBKO8lPHa0CyuW/XR3 CdCY/Jorfg7HW1WlU0fRpxHPf8xdxAxGzhK1T86kM+kWrIpqnzf62zy5TK1HUYfW WC8DhOECgYBzU8hIA0PU7aRPUs0o9MO9XcvVPvdX6UOKdNb9CnBMudS/chKHJUYP d0fFAiVaRX0JMQ0RSrenxCqfWVtW3T3wFYNHB/IFRIUT3I44wwXJTNOeoi3FDTMx EQfc0UFoFHyc3mYEKR4zHheqQG5OFBN89LqG3S+O69vc1qwCvNKL+Q== -----END RSA PRIVATE KEY----- ''') # openssl genrsa 4096 PreloadedRSAKey.importKey(4096, '''\ -----BEGIN RSA PRIVATE KEY----- MIIJKAIBAAKCAgEAzWpYSQt+DrUNI+EJT/ko92wM2POfFnmm3Kc34nmuK6sez0DJ r9Vib9R5K46RNgqcUdAodjU6cy3/MZA53SqP7RwR/LQtWmK2a+T4iey2vQZ0iCDA 2NI4gjgmCAjZnOD/m5yUXjCig/wJ8pGXolg8oHnvdeLg1joIOSF9OudLrI6aJnDg OfdegzmCWXmWl7TXrqHVIWZhZZF7qQZRso6ZQ1/8mjpvVD0drASBxMnIzvpe4ynr Y2NB807X/D5bbScp292ZKTNf5unPN1SsFy5ymzfLZrfNksYef6xPXcVr6OiObi49 De8e11aNPj6fgLzzqAu1rjjrDkgvXx5G7gPJXq1aq6uxB2cKMrRS+ivmyC8vQlzP lQwW20oYeeOfCg7ddNAJcu3jNTuNJaZdhc9szpVhV8DXZoXe/RzUNjZH7wUqueHy fpbLwS+h3McJqrbWFdCQBivZnoI05cF2JIHEeR3S0Gyo2/IheNeFX2Tt8oDnHY4a olRHiR5CMdM8UoGSxR9Y12fZ9dcqdCH3d6wDAsBDHTCE8ZIwFwhW6iA+g54YE3X7 BlsgWr60poCDgH+CJjh0VDVxqL7r+w76sD9WAQMa7Gb+Mp2XCYnIZPXTrsmwVbZ9 s5vFXUEODYom6qBlbZB8gyZzee5Skc1jx2fnmqxRtflA4W3xVAQFof2rFiUCAwEA AQKCAgBxhQXJSFqf0hqy61h0I+Qp6EKpWuleSFiYtKjDti803tql+s37KFfAKZHV KnLBhNeitwDFYuEsag0P3P69ZRopFUwzdXdi7g6WTfG0d2b9y6V23XL14Cduf400 /38TnZxk6QFtlD8b5ZuxvBgqlczbeseFRJ6whV2qBQHqHYzKjfxOpi6kmjpXFt8c h39b04smbTUVwjitIttOK7nWjcvRWiiFKyn/Sc8uE0eL81/QUrlBnRcC1AXMapQe SG/KQMx3P123UTb8q9XiZB6+qOKZORplZ8pqBKcyM42g6suZ6XtdFJyVKMLIioKA FaecQ8/73IzI/ZeZSvcy/85/FwSfGjHD7C7vL9kfg77no+IvHYlBYiIqtTddpQH5 LGJAJnOGtk047/OjTmL8QyylvDAv8jBeZZdbOX7L+8jk5DbHmfUcDjvBS9g+Fbfk jDurphrp1dHn/YgaA27NZs87TPWX1aVPiOlXEhO9SHHiiKCHDpBzV1gW/eiho33s +uEr57ZoakzonN/zNb7KqHUO/ZGwMg+V9bVIgThqbdgmxNz7JFz14CN79yPmW5QT 1P1v7a6xWaZTALe2HGvy0B+iRzhLpay1tI4O/omPj9vUzVJwGHztVt0RddcmA9wV Y3qglRNl+YvNlm6BUn8KwPIqki8JoioA8J1EQ5mz/K0fbrzcOQKCAQEA8TCqq0pb mfxtsf42zhsSUw1VdcCIG0IYcSWxIiCfujryAQX1tmstZeRchlykXmdO+JDcpvMy BKBD7188JEWjCX1IRRtHxTJ5WG+pE8sNPLNL8eZVZ+CEbNjVk4dtWGLwyNm+rQkM NmOlm+7ZHdezBXljZOeqZbdsTSDQcGYG8JxlvLpAN60pjIGvTdTrdnksMhB4PK+l 7KtyEVDWXU/VT6kqhP3Ri1doHv/81BplgfjEJM8ZxmasfP4SlJ1olKqsHMFSrclj ZCAemKEexVyzg8cHm9ghj6MLQZe3gs94V6h8I2ifrBBNHMrZgYg2Db0GeyYrr+kZ GDjT0DZp0jgyfwKCAQEA2gdTclmrfAU/67ziOJbjkMgfhBdteE1BbJDNUca0zB6q Ju4BwNgt0cxHMbltgE2/8hWP95HIaQdh1mIgwSK93MxRbaAvAQfF3muJxvMR5Mru DejE+IEK9eZetgkNHGWyfiFzBWHda/Z9PQkqYtRfop5qFBVAPZ4YzR5hT0j64eDQ N/z9C0ZB6RL9EcXJgEYgGI3wP8Qsrw3JRBQN0SCVRmrEJm4WIXs+CEHOk56/VbPM v82uwbHVghS0U9bEZvNoeq7ZQjS2tRXXRJeOgQyCNvYy670T0KvQZoDb59EbEDSz eQZS1J7rDEBHW+VwRSJA8noMEgZdEv8AxbEF2CddWwKCAQAMwH71iXvoW1FNbNxm 70V7wKO5ExHfJxJ1wQFphYIMbZtn9HG2UFpZHcbKj9Fc8GdbewU/inIljnepC0b5 v/jLwqT0imm0AmQqCdVNp5mukOg+BOiVEmjN/HTmVO2yE6EZbXHIYkcUBRa3dNxj 2IitjGp15k27DQSb21VJ7AsH46z5WnuUtgIRXLXxDoXYgLWWfApvYvYJ2lKwma6L xnHHwXDvESBoFpn5sZ0jdbXSNl3geFarh7gs753534ys940cBBij+ZbYr14Owc4H r0wKdpZvZfD4UC2DLUtVjjSVpeHSWXC/vyjkkdEIKTR6a3kRP8ZliZR7FF4Wjxnv NGtvAoIBAEu5g6gRsNewUxUjU0boUT115ExSfrjrzC9S05z1cNH8TIic3YsHClL1 qjyA9KE9X89K4efQgFTKNZbqGgo6cMsBQ77ZhbnL41Nu8jlhLvPR74BxOgg9eXsS eg6rchxMzgO0xmg2J1taDwFl74zHyjeG4bz77IX6JQ8I4C9TX5+YH3lyqsiBrF6x M6g6k9Ozh24/zhO3pPVfymmUtX/O20nLxzi5v4H9dfwULxVia33upsxvOaUYiNlX K5J641gGbmE93UN7X4HhhhTStrHnkEpalDEASKOPKSCQ3M/U9ptYUoVURuyGDYkB wkcOl0HLtdcBwLN59lWkr7X519fNREUCggEBAMk39k+shD2DW8ubE/LgoforwfT2 558FPxpZ+pGwMHL3ZnLuQuiROyPyQZj/ZmmLAa2TPrwS/ssln46Y2KesejWK/0Hq 8SaFLhOjacF8u5IOOKBZvx+HOT6ctRNBVyzt9A8wu0DE6nzc5HQpm9TMXrOLuZ0L u22yFikwoIgYpU6hBdbg1mnirZS/ZyqJV9gWB6ZYyUAUGdgBqL6euSAAqBp93qz8 sQLesqTufT1mVZd/ndLyvjDJjNKUE0w1g/1xNtg6N5aM+7pc/DwE/s+EtCxc/858 dQYLBHIPcw6e0FdL3nTs44BpAqcK28N5eWbe/KaZ3EA0lHRmyOQ++WgU6jo= -----END RSA PRIVATE KEY----- ''') # openssl ecparam -genkey -name prime256v1 | openssl ec PreloadedECKey.importKey(HAL_CURVE_P256, '''\ -----BEGIN EC PRIVATE KEY----- MHcCAQEEIPBrVhD1iFF2e8wPkPf4N1038iR8xPgku/CVOT8lcSztoAoGCCqGSM49 AwEHoUQDQgAE3mB5BmN5Fa4fV74LsDWIpBUxktPqYGJ6WOBrjPs1HWkNU7JHO3qY 9yy+CXFSPb89GWQgb5wLtNPn4QYMj+KRTA== -----END EC PRIVATE KEY----- ''') # openssl ecparam -genkey -name secp384r1 | openssl ec PreloadedECKey.importKey(HAL_CURVE_P384, '''\ -----BEGIN EC PRIVATE KEY----- MIGkAgEBBDCVGo35Hbrf3Iys7mWRIm5yjg+6vPIgzbp2jCbDyszBo+wTxmQambG4 g8yocp4wM6+gBwYFK4EEACKhZANiAATYwa+M8T8jsNHKmMZTvPPflUIfrjuZZo1D 3kkkmN4r6cTNctjaeRdAfD0X40l4yPnGIP9ParuKVVl1y0TdQ7BS3g/Gj/LP33HD ESP8gFDIKFCWSDX0uhmy+HsGsPwgNoY= -----END EC PRIVATE KEY----- ''') # openssl ecparam -genkey -name secp521r1 | openssl ec PreloadedECKey.importKey(HAL_CURVE_P521, '''\ -----BEGIN EC PRIVATE KEY----- MIHcAgEBBEIBtf+LKhJNQEJRFQ2cGQPcviwfp9IKSnD5EFTqAPtv7/+t2FtmdHHP /fWIlZ7jcC5N9dWy6bKGu3+FqwgZAYLpsqigBwYFK4EEACOhgYkDgYYABADdfcUe P0oAZQ5308v5ijcg4hePvhvVi+QKcrwmE9kirXCFoYN1tzPmXZmw8lNJenrbwaNz opJR84LBHnomGPogAQGF0aRk0jE8w1j1oMfrrzV6vCWnkh7pyzsDnrLU1HrkWeqw ihzwMzYJgFzToDH+fCh7nrBFZZZ9P9gPYMlSM5UMeA== -----END EC PRIVATE KEY----- ''') if __name__ == "__main__": main() mmitter Paul Selkirk <paul@psgd.org> 2016-04-14 18:50:38 -0400 import mbed rtos library' href='/sw/stm32/commit/libraries/mbed/targets/cmsis/TARGET_STM/TARGET_STM32F4/stm32f4xx_hal_spi.c?h=parade_of_half_baked_ideas&id=4a38cf6f44d1c013cbe794093ea6c5b50337431a'>4a38cf6
58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95
170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202
234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308
338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373
482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513
576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604
769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823
836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861
881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953
955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980
997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028
1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106
1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172
1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260
1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351
1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503
1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 1528
1537 1538 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652
1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679 1680 1681 1682 1683 1684 1685 1686 1687 1688 1689 1690 1691 1692 1693 1694
1696 1697 1698 1699 1700 1701 1702 1703 1704 1705 1706 1707 1708 1709 1710 1711 1712 1713 1714 1715 1716 1717 1718 1719 1720 1721 1722 1723 1724 1725 1726
1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 1747 1748 1749 1750 1751 1752 1753 1754 1755
1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787
1789 1790 1791 1792 1793 1794 1795 1796 1797 1798 1799 1800 1801 1802 1803 1804 1805 1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 1816 1817 1818 1819 1820 1821 1822 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 1834 1835 1836 1837 1838
1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850 1851 1852 1853 1854 1855 1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867
1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 1893 1894
1896 1897 1898 1899 1900 1901 1902 1903 1904 1905 1906 1907 1908 1909 1910 1911 1912 1913 1914 1915 1916 1917 1918
1930 1931 1932 1933 1934 1935 1936 1937 1938 1939 1940 1941 1942 1943 1944 1945 1946 1947 1948 1949 1950 1951 1952 1953 1954 1955 1956 1957 1958 1959 1960 1961 1962 1963 1964 1965 1966 1967 1968 1969 1970 1971 1972 1973 1974 1975 1976 1977
2182 2183 2184 2185 2186 2187 2188 2189 2190 2191 2192 2193 2194 2195 2196 2197 2198 2199 2200 2201 2202 2203 2204
2210 2211 2212 2213 2214 2215 2216 2217 2218 2219 2220 2221 2222 2223 2224 2225 2226 2227 2228 2229 2230 2231 2232 2233 2234 2235 2236 2237 2238 2239 2240 2241 2242 2243 2244 2245 2246 2247 2248 2249 2250 2251 2252 2253 2254 2255 2256 2257 2258 2259 2260 2261 2262 2263 2264 2265 2266 2267 2268 2269 2270 2271 2272 2273 2274 2275 2276 2277 2278 2279 2280 2281 2282 2283 2284 2285 2286 2287 2288 2289 2290 2291 2292 2293 2294 2295 2296 2297 2298