Hack PKCS #11 to work with revised libhal pkey API.

author: Rob Austein <sra@hactrn.net> 2016-09-03 02:27:09 -0400
committer: Rob Austein <sra@hactrn.net> 2016-09-03 02:27:09 -0400
commit: 8a36a9c42b6c327056ca334d556c221c28375d15 (patch)
tree: cea62955ffe0cbb05b4c584ff441abc7a1e50d8b /unit_tests.py
parent: 1d60161a9eae18e339232bed879f0525925e10cb (diff)
1 files changed, 14 insertions, 9 deletions
diff --git a/unit_tests.py b/unit_tests.py
index c9d3886..02863c8 100644
--- a/unit_tests.py
+++ b/unit_tests.py
@@ -259,27 +259,32 @@ class TestKeys(TestCase):
     def test_keygen_token_vs_session(self):
         "Test C_GenerateKeypair() CKA_TOKEN restrictions"
 
-        with self.assertRaises(CKR_TEMPLATE_INCONSISTENT):
-            p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN, CKA_TOKEN = False,
-                                  CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256,
-                                  CKA_SIGN = True, CKA_VERIFY = True)
+        self.assertIsKeypair(
+          p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN, CKA_TOKEN = False,
+                                CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256,
+                                CKA_SIGN = True, CKA_VERIFY = True))
 
         self.assertIsKeypair(
           p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN, CKA_TOKEN = True,
                                 CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256,
                                 CKA_SIGN = True, CKA_VERIFY = True))
 
+        # Might need to do this until we expand the number of key slots
+        if False:
+          for handle in p11.FindObjects(self.session):
+            p11.C_DestroyObject(self.session, handle)
+
         self.assertIsKeypair(
             p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN,
                                   public_CKA_TOKEN = False, private_CKA_TOKEN = True,
                                   CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256,
                                   CKA_SIGN = True, CKA_VERIFY = True))
 
-        with self.assertRaises(CKR_TEMPLATE_INCONSISTENT):
-            p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN,
-                                  public_CKA_TOKEN = True, private_CKA_TOKEN = False,
-                                  CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256,
-                                  CKA_SIGN = True, CKA_VERIFY = True)
+        self.assertIsKeypair(
+          p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN,
+                                public_CKA_TOKEN = True, private_CKA_TOKEN = False,
+                                CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256,
+                                CKA_SIGN = True, CKA_VERIFY = True))
 
     def test_gen_sign_verify_ecdsa_p256_sha256(self):
         "Generate/sign/verify with ECDSA-P256-SHA-256"
author	Rob Austein <sra@hactrn.net>	2016-09-03 02:27:09 -0400
committer	Rob Austein <sra@hactrn.net>	2016-09-03 02:27:09 -0400
commit	8a36a9c42b6c327056ca334d556c221c28375d15 (patch)
tree	cea62955ffe0cbb05b4c584ff441abc7a1e50d8b /unit_tests.py
parent	1d60161a9eae18e339232bed879f0525925e10cb (diff)