diff options
Diffstat (limited to 'unit_tests.py')
-rw-r--r-- | unit_tests.py | 128 |
1 files changed, 66 insertions, 62 deletions
diff --git a/unit_tests.py b/unit_tests.py index 186daa9..512d648 100644 --- a/unit_tests.py +++ b/unit_tests.py @@ -23,6 +23,10 @@ try: except ImportError: pycrypto_loaded = False +try: + long +except NameError: + long = int def log(msg): if not args.quiet: @@ -138,7 +142,7 @@ class TestDevice(TestCase): "Test C_GetTokenInfo()" token_info = p11.C_GetTokenInfo(args.slot) self.assertIsInstance(token_info, CK_TOKEN_INFO) - self.assertEqual(token_info.label.rstrip(), "Cryptech Token") + self.assertEqual(token_info.label.rstrip(), b"Cryptech Token") def test_sessions_serial(self): "Test C_OpenSession() for useful (serial) cases" @@ -180,7 +184,7 @@ class TestDevice(TestCase): session = p11.C_OpenSession(args.slot) n = 17 random = p11.C_GenerateRandom(session, n) - self.assertIsInstance(random, str) + self.assertIsInstance(random, bytes) self.assertEqual(len(random), n) def test_findObjects_operation_state(self): @@ -189,7 +193,7 @@ class TestDevice(TestCase): with self.assertRaises(CKR_OPERATION_NOT_INITIALIZED): for handle in p11.C_FindObjects(session): - self.assertIsInstance(handle, (int, int)) + self.assertIsInstance(handle, (int, long)) with self.assertRaises(CKR_OPERATION_NOT_INITIALIZED): p11.C_FindObjectsFinal(session) @@ -200,7 +204,7 @@ class TestDevice(TestCase): p11.C_FindObjectsInit(session, CKA_CLASS = CKO_PRIVATE_KEY) for handle in p11.C_FindObjects(session): - self.assertIsInstance(handle, (int, int)) + self.assertIsInstance(handle, (int, long)) p11.C_FindObjectsFinal(session) @@ -247,36 +251,36 @@ class TestKeys(TestCase): self.assertIsKeypair( p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN, CKA_TOKEN = False, - CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256, + CKA_ID = b"EC-P256", CKA_EC_PARAMS = self.oid_p256, CKA_SIGN = True, CKA_VERIFY = True)) self.assertIsKeypair( p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN, CKA_TOKEN = True, - CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256, + CKA_ID = b"EC-P256", CKA_EC_PARAMS = self.oid_p256, CKA_SIGN = True, CKA_VERIFY = True)) self.assertIsKeypair( p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN, public_CKA_TOKEN = False, private_CKA_TOKEN = True, - CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256, + CKA_ID = b"EC-P256", CKA_EC_PARAMS = self.oid_p256, CKA_SIGN = True, CKA_VERIFY = True)) self.assertIsKeypair( p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN, public_CKA_TOKEN = True, private_CKA_TOKEN = False, - CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256, + CKA_ID = b"EC-P256", CKA_EC_PARAMS = self.oid_p256, CKA_SIGN = True, CKA_VERIFY = True)) def test_gen_sign_verify_ecdsa_p256_sha256(self): "Generate/sign/verify with ECDSA-P256-SHA-256" public_key, private_key = p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN, - CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256, + CKA_ID = b"EC-P256", CKA_EC_PARAMS = self.oid_p256, CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) self.assertIsKeypair(public_key, private_key) - hamster = "Your mother was a hamster" + hamster = b"Your mother was a hamster" p11.C_SignInit(self.session, CKM_ECDSA_SHA256, private_key) sig = p11.C_Sign(self.session, hamster) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) p11.C_VerifyInit(self.session, CKM_ECDSA_SHA256, public_key) p11.C_Verify(self.session, hamster, sig) @@ -284,13 +288,13 @@ class TestKeys(TestCase): "Generate/sign/verify with ECDSA-P384-SHA-384" #if not args.all_tests: self.skipTest("SHA-384 not available in current build") public_key, private_key = p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN, - CKA_ID = "EC-P384", CKA_EC_PARAMS = self.oid_p384, + CKA_ID = b"EC-P384", CKA_EC_PARAMS = self.oid_p384, CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) self.assertIsKeypair(public_key, private_key) - hamster = "Your mother was a hamster" + hamster = b"Your mother was a hamster" p11.C_SignInit(self.session, CKM_ECDSA_SHA384, private_key) sig = p11.C_Sign(self.session, hamster) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) p11.C_VerifyInit(self.session, CKM_ECDSA_SHA384, public_key) p11.C_Verify(self.session, hamster, sig) @@ -298,13 +302,13 @@ class TestKeys(TestCase): "Generate/sign/verify with ECDSA-P521-SHA-512" #if not args.all_tests: self.skipTest("SHA-512 not available in current build") public_key, private_key = p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN, - CKA_ID = "EC-P521", CKA_EC_PARAMS = self.oid_p521, + CKA_ID = b"EC-P521", CKA_EC_PARAMS = self.oid_p521, CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) self.assertIsKeypair(public_key, private_key) - hamster = "Your mother was a hamster" + hamster = b"Your mother was a hamster" p11.C_SignInit(self.session, CKM_ECDSA_SHA512, private_key) sig = p11.C_Sign(self.session, hamster) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) p11.C_VerifyInit(self.session, CKM_ECDSA_SHA512, public_key) p11.C_Verify(self.session, hamster, sig) @@ -313,12 +317,12 @@ class TestKeys(TestCase): "RSA 1024-bit generate/sign/verify test" public_key, private_key = p11.C_GenerateKeyPair( self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 1024, - CKA_ID = "RSA-1024", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) + CKA_ID = b"RSA-1024", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) self.assertIsKeypair(public_key, private_key) - hamster = "Your mother was a hamster" + hamster = b"Your mother was a hamster" p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key) sig = p11.C_Sign(self.session, hamster) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key) p11.C_Verify(self.session, hamster, sig) @@ -327,24 +331,24 @@ class TestKeys(TestCase): #if not args.all_tests: self.skipTest("RSA key generation is still painfully slow") public_key, private_key = p11.C_GenerateKeyPair( self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 2048, - CKA_ID = "RSA-2048", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) + CKA_ID = b"RSA-2048", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) self.assertIsKeypair(public_key, private_key) - hamster = "Your mother was a hamster" + hamster = b"Your mother was a hamster" p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key) sig = p11.C_Sign(self.session, hamster) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key) p11.C_Verify(self.session, hamster, sig) @staticmethod def _build_ecpoint(x, y): - bytes_per_coordinate = (max(x.bit_length(), y.bit_length()) + 15) / 16 + bytes_per_coordinate = (max(x.bit_length(), y.bit_length()) + 15) // 16 value = b"\x04" + binascii.unhexlify("{0:0{2}x}{1:0{2}x}".format(x, y, bytes_per_coordinate)) if len(value) < 128: - length = struct.pack("U", len(value)) + length = struct.pack("B", len(value)) else: n = len(value).bit_length() - length = struct.pack("U", (n + 7) / 8) + binascii.unhexlify("{0:0{1}x}".format(len(value), (n + 15) / 16))) + length = struct.pack("B", (n + 7) // 8) + binascii.unhexlify("{0:0{1}x}".format(len(value), (n + 15) // 16)) tag = b"\x04" return tag + length + value @@ -359,8 +363,8 @@ class TestKeys(TestCase): session = self.session, CKA_CLASS = CKO_PUBLIC_KEY, CKA_KEY_TYPE = CKK_EC, - CKA_LABEL = "EC-P-256 test case from \"Suite B Implementer's Guide to FIPS 186-3\"", - CKA_ID = "EC-P-256", + CKA_LABEL = b"EC-P-256 test case from \"Suite B Implementer's Guide to FIPS 186-3\"", + CKA_ID = b"EC-P-256", CKA_VERIFY = True, CKA_EC_POINT = Q, CKA_EC_PARAMS = self.oid_p256) @@ -379,8 +383,8 @@ class TestKeys(TestCase): session = self.session, CKA_CLASS = CKO_PUBLIC_KEY, CKA_KEY_TYPE = CKK_EC, - CKA_LABEL = "EC-P-384 test case from \"Suite B Implementer's Guide to FIPS 186-3\"", - CKA_ID = "EC-P-384", + CKA_LABEL = b"EC-P-384 test case from \"Suite B Implementer's Guide to FIPS 186-3\"", + CKA_ID = b"EC-P-384", CKA_VERIFY = True, CKA_EC_POINT = Q, CKA_EC_PARAMS = self.oid_p384) @@ -392,13 +396,13 @@ class TestKeys(TestCase): "Generate/sign/verify/destroy/reload/verify with ECDSA-P256-SHA-256" public_key, private_key = p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN, public_CKA_TOKEN = False, private_CKA_TOKEN = True, - CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256, + CKA_ID = b"EC-P256", CKA_EC_PARAMS = self.oid_p256, CKA_SIGN = True, CKA_VERIFY = True) self.assertIsKeypair(public_key, private_key) - hamster = "Your mother was a hamster" + hamster = b"Your mother was a hamster" p11.C_SignInit(self.session, CKM_ECDSA_SHA256, private_key) sig = p11.C_Sign(self.session, hamster) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) p11.C_VerifyInit(self.session, CKM_ECDSA_SHA256, public_key) p11.C_Verify(self.session, hamster, sig) @@ -419,7 +423,7 @@ class TestKeys(TestCase): def _extract_rsa_public_key(self, handle): a = p11.C_GetAttributeValue(self.session, handle, CKA_MODULUS, CKA_PUBLIC_EXPONENT) - return RSA.construct((a[CKA_MODULUS], a[CKA_PUBLIC_EXPONENT])) + return RSA.construct((long(a[CKA_MODULUS]), long(a[CKA_PUBLIC_EXPONENT]))) def assertRawRSASignatureMatches(self, handle, plain, sig): pubkey = self._extract_rsa_public_key(handle) @@ -433,11 +437,11 @@ class TestKeys(TestCase): tralala = b"tralala-en-hopsasa" public_key, private_key = p11.C_GenerateKeyPair( self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 1024, - CKA_ID = "RSA-1024", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) + CKA_ID = b"RSA-1024", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) self.assertIsKeypair(public_key, private_key) p11.C_SignInit(self.session, CKM_RSA_PKCS, private_key) sig = p11.C_Sign(self.session, tralala) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) self.assertRawRSASignatureMatches(public_key, tralala, sig) p11.C_VerifyInit(self.session, CKM_RSA_PKCS, public_key) p11.C_Verify(self.session, tralala, sig) @@ -449,11 +453,11 @@ class TestKeys(TestCase): tralala = b"tralala-en-hopsasa" public_key, private_key = p11.C_GenerateKeyPair( self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 3416, - CKA_ID = "RSA-3416", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) + CKA_ID = b"RSA-3416", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) self.assertIsKeypair(public_key, private_key) p11.C_SignInit(self.session, CKM_RSA_PKCS, private_key) sig = p11.C_Sign(self.session, tralala) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) self.assertRawRSASignatureMatches(public_key, tralala, sig) p11.C_VerifyInit(self.session, CKM_RSA_PKCS, public_key) p11.C_Verify(self.session, tralala, sig) @@ -484,22 +488,22 @@ class TestKeys(TestCase): @unittest.skipUnless(pycrypto_loaded, "requires PyCrypto") def test_load_sign_verify_rsa_1024(self): "Load/sign/verify with RSA-1024-SHA-512 and externally-supplied key" - public_key, private_key = self._load_rsa_keypair(rsa_1024_pem, "RSA-1024") - hamster = "Your mother was a hamster" + public_key, private_key = self._load_rsa_keypair(rsa_1024_pem, b"RSA-1024") + hamster = b"Your mother was a hamster" p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key) sig = p11.C_Sign(self.session, hamster) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key) p11.C_Verify(self.session, hamster, sig) @unittest.skipUnless(pycrypto_loaded, "requires PyCrypto") def test_load_sign_verify_rsa_2048(self): "Load/sign/verify with RSA-2048-SHA-512 and externally-supplied key" - public_key, private_key = self._load_rsa_keypair(rsa_2048_pem, "RSA-2048") - hamster = "Your mother was a hamster" + public_key, private_key = self._load_rsa_keypair(rsa_2048_pem, b"RSA-2048") + hamster = b"Your mother was a hamster" p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key) sig = p11.C_Sign(self.session, hamster) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key) p11.C_Verify(self.session, hamster, sig) @@ -508,11 +512,11 @@ class TestKeys(TestCase): "Load/sign/verify with RSA-3416-SHA-512 and externally-supplied key" if not args.all_tests: self.skipTest("Key length not a multiple of 32, so expected to fail (fairly quickly)") - public_key, private_key = self._load_rsa_keypair(rsa_3416_pem, "RSA-3416") - hamster = "Your mother was a hamster" + public_key, private_key = self._load_rsa_keypair(rsa_3416_pem, b"RSA-3416") + hamster = b"Your mother was a hamster" p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key) sig = p11.C_Sign(self.session, hamster) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key) p11.C_Verify(self.session, hamster, sig) @@ -522,12 +526,12 @@ class TestKeys(TestCase): self.skipTest("Key length not a multiple of 32, so expected to fail (very slowly)") public_key, private_key = p11.C_GenerateKeyPair( self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 3416, - CKA_ID = "RSA-3416", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) + CKA_ID = b"RSA-3416", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) self.assertIsKeypair(public_key, private_key) - hamster = "Your mother was a hamster" + hamster = b"Your mother was a hamster" p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key) sig = p11.C_Sign(self.session, hamster) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key) p11.C_Verify(self.session, hamster, sig) @@ -536,26 +540,26 @@ class TestKeys(TestCase): with self.assertRaises(CKR_ATTRIBUTE_VALUE_INVALID): p11.C_GenerateKeyPair( self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 1028, - CKA_ID = "RSA-1028", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) + CKA_ID = b"RSA-1028", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) def test_gen_sign_verify_rsa_1032(self): "Generate/sign/verify with RSA-1032-SHA-512 (sic)" public_key, private_key = p11.C_GenerateKeyPair( self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 1032, - CKA_ID = "RSA-1032", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) + CKA_ID = b"RSA-1032", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True) self.assertIsKeypair(public_key, private_key) - hamster = "Your mother was a hamster" + hamster = b"Your mother was a hamster" p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key) sig = p11.C_Sign(self.session, hamster) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key) p11.C_Verify(self.session, hamster, sig) @unittest.skipUnless(pycrypto_loaded, "requires PyCrypto") def test_load_sign_verify_rsa_1024_with_rpki_data(self): "Load/sign/verify with RSA-1024-SHA-256, externally-supplied key" - public_key, private_key = self._load_rsa_keypair(rsa_1024_pem, "RSA-1024") - tbs = ''' + public_key, private_key = self._load_rsa_keypair(rsa_1024_pem, b"RSA-1024") + tbs = b''' 31 6B 30 1A 06 09 2A 86 48 86 F7 0D 01 09 03 31 0D 06 0B 2A 86 48 86 F7 0D 01 09 10 01 1A 30 1C 06 09 2A 86 48 86 F7 0D 01 09 05 31 0F 17 0D 31 @@ -564,11 +568,11 @@ class TestKeys(TestCase): 0F 1F 86 AF 45 25 4D 8F E1 1F C9 EA B3 83 4A 41 17 C1 42 B7 43 AD 51 5E F5 A2 F8 E3 25 ''' - tbs = binascii.unhexlify("".join(tbs.split())) + tbs = binascii.unhexlify(b"".join(tbs.split())) p11.C_SignInit(self.session, CKM_SHA256_RSA_PKCS, private_key) p11.C_SignUpdate(self.session, tbs) sig = p11.C_SignFinal(self.session) - self.assertIsInstance(sig, str) + self.assertIsInstance(sig, bytes) p11.C_VerifyInit(self.session, CKM_SHA256_RSA_PKCS, public_key) p11.C_Verify(self.session, tbs, sig) verifier = PKCS1_v1_5.new(RSA.importKey(rsa_1024_pem)) @@ -583,14 +587,14 @@ class TestKeys(TestCase): def _find_objects(self, chunk_size = 10, template = None, **kwargs): p11.C_FindObjectsInit(self.session, template, **kwargs) for handle in p11.C_FindObjects(self.session, chunk_size): - self.assertIsInstance(handle, (int, int)) + self.assertIsInstance(handle, (int, long)) p11.C_FindObjectsFinal(self.session) @unittest.skipUnless(pycrypto_loaded, "requires PyCrypto") def test_findObjects(self): - self._load_rsa_keypair(rsa_1024_pem, "RSA-1024") - self._load_rsa_keypair(rsa_2048_pem, "RSA-2048") - self._load_rsa_keypair(rsa_3416_pem, "RSA-3416") + self._load_rsa_keypair(rsa_1024_pem, b"RSA-1024") + self._load_rsa_keypair(rsa_2048_pem, b"RSA-2048") + self._load_rsa_keypair(rsa_3416_pem, b"RSA-3416") self._find_objects(chunk_size = 1, CKA_CLASS = CKO_PUBLIC_KEY) self._find_objects(chunk_size = 1, CKA_CLASS = CKO_PRIVATE_KEY) self._find_objects(chunk_size = 10, CKA_CLASS = CKO_PUBLIC_KEY) |