aboutsummaryrefslogtreecommitdiff
path: root/unit_tests.py
diff options
context:
space:
mode:
Diffstat (limited to 'unit_tests.py')
-rw-r--r--unit_tests.py128
1 files changed, 66 insertions, 62 deletions
diff --git a/unit_tests.py b/unit_tests.py
index 186daa9..512d648 100644
--- a/unit_tests.py
+++ b/unit_tests.py
@@ -23,6 +23,10 @@ try:
except ImportError:
pycrypto_loaded = False
+try:
+ long
+except NameError:
+ long = int
def log(msg):
if not args.quiet:
@@ -138,7 +142,7 @@ class TestDevice(TestCase):
"Test C_GetTokenInfo()"
token_info = p11.C_GetTokenInfo(args.slot)
self.assertIsInstance(token_info, CK_TOKEN_INFO)
- self.assertEqual(token_info.label.rstrip(), "Cryptech Token")
+ self.assertEqual(token_info.label.rstrip(), b"Cryptech Token")
def test_sessions_serial(self):
"Test C_OpenSession() for useful (serial) cases"
@@ -180,7 +184,7 @@ class TestDevice(TestCase):
session = p11.C_OpenSession(args.slot)
n = 17
random = p11.C_GenerateRandom(session, n)
- self.assertIsInstance(random, str)
+ self.assertIsInstance(random, bytes)
self.assertEqual(len(random), n)
def test_findObjects_operation_state(self):
@@ -189,7 +193,7 @@ class TestDevice(TestCase):
with self.assertRaises(CKR_OPERATION_NOT_INITIALIZED):
for handle in p11.C_FindObjects(session):
- self.assertIsInstance(handle, (int, int))
+ self.assertIsInstance(handle, (int, long))
with self.assertRaises(CKR_OPERATION_NOT_INITIALIZED):
p11.C_FindObjectsFinal(session)
@@ -200,7 +204,7 @@ class TestDevice(TestCase):
p11.C_FindObjectsInit(session, CKA_CLASS = CKO_PRIVATE_KEY)
for handle in p11.C_FindObjects(session):
- self.assertIsInstance(handle, (int, int))
+ self.assertIsInstance(handle, (int, long))
p11.C_FindObjectsFinal(session)
@@ -247,36 +251,36 @@ class TestKeys(TestCase):
self.assertIsKeypair(
p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN, CKA_TOKEN = False,
- CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256,
+ CKA_ID = b"EC-P256", CKA_EC_PARAMS = self.oid_p256,
CKA_SIGN = True, CKA_VERIFY = True))
self.assertIsKeypair(
p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN, CKA_TOKEN = True,
- CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256,
+ CKA_ID = b"EC-P256", CKA_EC_PARAMS = self.oid_p256,
CKA_SIGN = True, CKA_VERIFY = True))
self.assertIsKeypair(
p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN,
public_CKA_TOKEN = False, private_CKA_TOKEN = True,
- CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256,
+ CKA_ID = b"EC-P256", CKA_EC_PARAMS = self.oid_p256,
CKA_SIGN = True, CKA_VERIFY = True))
self.assertIsKeypair(
p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN,
public_CKA_TOKEN = True, private_CKA_TOKEN = False,
- CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256,
+ CKA_ID = b"EC-P256", CKA_EC_PARAMS = self.oid_p256,
CKA_SIGN = True, CKA_VERIFY = True))
def test_gen_sign_verify_ecdsa_p256_sha256(self):
"Generate/sign/verify with ECDSA-P256-SHA-256"
public_key, private_key = p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN,
- CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256,
+ CKA_ID = b"EC-P256", CKA_EC_PARAMS = self.oid_p256,
CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
self.assertIsKeypair(public_key, private_key)
- hamster = "Your mother was a hamster"
+ hamster = b"Your mother was a hamster"
p11.C_SignInit(self.session, CKM_ECDSA_SHA256, private_key)
sig = p11.C_Sign(self.session, hamster)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
p11.C_VerifyInit(self.session, CKM_ECDSA_SHA256, public_key)
p11.C_Verify(self.session, hamster, sig)
@@ -284,13 +288,13 @@ class TestKeys(TestCase):
"Generate/sign/verify with ECDSA-P384-SHA-384"
#if not args.all_tests: self.skipTest("SHA-384 not available in current build")
public_key, private_key = p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN,
- CKA_ID = "EC-P384", CKA_EC_PARAMS = self.oid_p384,
+ CKA_ID = b"EC-P384", CKA_EC_PARAMS = self.oid_p384,
CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
self.assertIsKeypair(public_key, private_key)
- hamster = "Your mother was a hamster"
+ hamster = b"Your mother was a hamster"
p11.C_SignInit(self.session, CKM_ECDSA_SHA384, private_key)
sig = p11.C_Sign(self.session, hamster)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
p11.C_VerifyInit(self.session, CKM_ECDSA_SHA384, public_key)
p11.C_Verify(self.session, hamster, sig)
@@ -298,13 +302,13 @@ class TestKeys(TestCase):
"Generate/sign/verify with ECDSA-P521-SHA-512"
#if not args.all_tests: self.skipTest("SHA-512 not available in current build")
public_key, private_key = p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN,
- CKA_ID = "EC-P521", CKA_EC_PARAMS = self.oid_p521,
+ CKA_ID = b"EC-P521", CKA_EC_PARAMS = self.oid_p521,
CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
self.assertIsKeypair(public_key, private_key)
- hamster = "Your mother was a hamster"
+ hamster = b"Your mother was a hamster"
p11.C_SignInit(self.session, CKM_ECDSA_SHA512, private_key)
sig = p11.C_Sign(self.session, hamster)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
p11.C_VerifyInit(self.session, CKM_ECDSA_SHA512, public_key)
p11.C_Verify(self.session, hamster, sig)
@@ -313,12 +317,12 @@ class TestKeys(TestCase):
"RSA 1024-bit generate/sign/verify test"
public_key, private_key = p11.C_GenerateKeyPair(
self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 1024,
- CKA_ID = "RSA-1024", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
+ CKA_ID = b"RSA-1024", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
self.assertIsKeypair(public_key, private_key)
- hamster = "Your mother was a hamster"
+ hamster = b"Your mother was a hamster"
p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key)
sig = p11.C_Sign(self.session, hamster)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key)
p11.C_Verify(self.session, hamster, sig)
@@ -327,24 +331,24 @@ class TestKeys(TestCase):
#if not args.all_tests: self.skipTest("RSA key generation is still painfully slow")
public_key, private_key = p11.C_GenerateKeyPair(
self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 2048,
- CKA_ID = "RSA-2048", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
+ CKA_ID = b"RSA-2048", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
self.assertIsKeypair(public_key, private_key)
- hamster = "Your mother was a hamster"
+ hamster = b"Your mother was a hamster"
p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key)
sig = p11.C_Sign(self.session, hamster)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key)
p11.C_Verify(self.session, hamster, sig)
@staticmethod
def _build_ecpoint(x, y):
- bytes_per_coordinate = (max(x.bit_length(), y.bit_length()) + 15) / 16
+ bytes_per_coordinate = (max(x.bit_length(), y.bit_length()) + 15) // 16
value = b"\x04" + binascii.unhexlify("{0:0{2}x}{1:0{2}x}".format(x, y, bytes_per_coordinate))
if len(value) < 128:
- length = struct.pack("U", len(value))
+ length = struct.pack("B", len(value))
else:
n = len(value).bit_length()
- length = struct.pack("U", (n + 7) / 8) + binascii.unhexlify("{0:0{1}x}".format(len(value), (n + 15) / 16)))
+ length = struct.pack("B", (n + 7) // 8) + binascii.unhexlify("{0:0{1}x}".format(len(value), (n + 15) // 16))
tag = b"\x04"
return tag + length + value
@@ -359,8 +363,8 @@ class TestKeys(TestCase):
session = self.session,
CKA_CLASS = CKO_PUBLIC_KEY,
CKA_KEY_TYPE = CKK_EC,
- CKA_LABEL = "EC-P-256 test case from \"Suite B Implementer's Guide to FIPS 186-3\"",
- CKA_ID = "EC-P-256",
+ CKA_LABEL = b"EC-P-256 test case from \"Suite B Implementer's Guide to FIPS 186-3\"",
+ CKA_ID = b"EC-P-256",
CKA_VERIFY = True,
CKA_EC_POINT = Q,
CKA_EC_PARAMS = self.oid_p256)
@@ -379,8 +383,8 @@ class TestKeys(TestCase):
session = self.session,
CKA_CLASS = CKO_PUBLIC_KEY,
CKA_KEY_TYPE = CKK_EC,
- CKA_LABEL = "EC-P-384 test case from \"Suite B Implementer's Guide to FIPS 186-3\"",
- CKA_ID = "EC-P-384",
+ CKA_LABEL = b"EC-P-384 test case from \"Suite B Implementer's Guide to FIPS 186-3\"",
+ CKA_ID = b"EC-P-384",
CKA_VERIFY = True,
CKA_EC_POINT = Q,
CKA_EC_PARAMS = self.oid_p384)
@@ -392,13 +396,13 @@ class TestKeys(TestCase):
"Generate/sign/verify/destroy/reload/verify with ECDSA-P256-SHA-256"
public_key, private_key = p11.C_GenerateKeyPair(self.session, CKM_EC_KEY_PAIR_GEN,
public_CKA_TOKEN = False, private_CKA_TOKEN = True,
- CKA_ID = "EC-P256", CKA_EC_PARAMS = self.oid_p256,
+ CKA_ID = b"EC-P256", CKA_EC_PARAMS = self.oid_p256,
CKA_SIGN = True, CKA_VERIFY = True)
self.assertIsKeypair(public_key, private_key)
- hamster = "Your mother was a hamster"
+ hamster = b"Your mother was a hamster"
p11.C_SignInit(self.session, CKM_ECDSA_SHA256, private_key)
sig = p11.C_Sign(self.session, hamster)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
p11.C_VerifyInit(self.session, CKM_ECDSA_SHA256, public_key)
p11.C_Verify(self.session, hamster, sig)
@@ -419,7 +423,7 @@ class TestKeys(TestCase):
def _extract_rsa_public_key(self, handle):
a = p11.C_GetAttributeValue(self.session, handle, CKA_MODULUS, CKA_PUBLIC_EXPONENT)
- return RSA.construct((a[CKA_MODULUS], a[CKA_PUBLIC_EXPONENT]))
+ return RSA.construct((long(a[CKA_MODULUS]), long(a[CKA_PUBLIC_EXPONENT])))
def assertRawRSASignatureMatches(self, handle, plain, sig):
pubkey = self._extract_rsa_public_key(handle)
@@ -433,11 +437,11 @@ class TestKeys(TestCase):
tralala = b"tralala-en-hopsasa"
public_key, private_key = p11.C_GenerateKeyPair(
self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 1024,
- CKA_ID = "RSA-1024", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
+ CKA_ID = b"RSA-1024", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
self.assertIsKeypair(public_key, private_key)
p11.C_SignInit(self.session, CKM_RSA_PKCS, private_key)
sig = p11.C_Sign(self.session, tralala)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
self.assertRawRSASignatureMatches(public_key, tralala, sig)
p11.C_VerifyInit(self.session, CKM_RSA_PKCS, public_key)
p11.C_Verify(self.session, tralala, sig)
@@ -449,11 +453,11 @@ class TestKeys(TestCase):
tralala = b"tralala-en-hopsasa"
public_key, private_key = p11.C_GenerateKeyPair(
self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 3416,
- CKA_ID = "RSA-3416", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
+ CKA_ID = b"RSA-3416", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
self.assertIsKeypair(public_key, private_key)
p11.C_SignInit(self.session, CKM_RSA_PKCS, private_key)
sig = p11.C_Sign(self.session, tralala)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
self.assertRawRSASignatureMatches(public_key, tralala, sig)
p11.C_VerifyInit(self.session, CKM_RSA_PKCS, public_key)
p11.C_Verify(self.session, tralala, sig)
@@ -484,22 +488,22 @@ class TestKeys(TestCase):
@unittest.skipUnless(pycrypto_loaded, "requires PyCrypto")
def test_load_sign_verify_rsa_1024(self):
"Load/sign/verify with RSA-1024-SHA-512 and externally-supplied key"
- public_key, private_key = self._load_rsa_keypair(rsa_1024_pem, "RSA-1024")
- hamster = "Your mother was a hamster"
+ public_key, private_key = self._load_rsa_keypair(rsa_1024_pem, b"RSA-1024")
+ hamster = b"Your mother was a hamster"
p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key)
sig = p11.C_Sign(self.session, hamster)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key)
p11.C_Verify(self.session, hamster, sig)
@unittest.skipUnless(pycrypto_loaded, "requires PyCrypto")
def test_load_sign_verify_rsa_2048(self):
"Load/sign/verify with RSA-2048-SHA-512 and externally-supplied key"
- public_key, private_key = self._load_rsa_keypair(rsa_2048_pem, "RSA-2048")
- hamster = "Your mother was a hamster"
+ public_key, private_key = self._load_rsa_keypair(rsa_2048_pem, b"RSA-2048")
+ hamster = b"Your mother was a hamster"
p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key)
sig = p11.C_Sign(self.session, hamster)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key)
p11.C_Verify(self.session, hamster, sig)
@@ -508,11 +512,11 @@ class TestKeys(TestCase):
"Load/sign/verify with RSA-3416-SHA-512 and externally-supplied key"
if not args.all_tests:
self.skipTest("Key length not a multiple of 32, so expected to fail (fairly quickly)")
- public_key, private_key = self._load_rsa_keypair(rsa_3416_pem, "RSA-3416")
- hamster = "Your mother was a hamster"
+ public_key, private_key = self._load_rsa_keypair(rsa_3416_pem, b"RSA-3416")
+ hamster = b"Your mother was a hamster"
p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key)
sig = p11.C_Sign(self.session, hamster)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key)
p11.C_Verify(self.session, hamster, sig)
@@ -522,12 +526,12 @@ class TestKeys(TestCase):
self.skipTest("Key length not a multiple of 32, so expected to fail (very slowly)")
public_key, private_key = p11.C_GenerateKeyPair(
self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 3416,
- CKA_ID = "RSA-3416", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
+ CKA_ID = b"RSA-3416", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
self.assertIsKeypair(public_key, private_key)
- hamster = "Your mother was a hamster"
+ hamster = b"Your mother was a hamster"
p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key)
sig = p11.C_Sign(self.session, hamster)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key)
p11.C_Verify(self.session, hamster, sig)
@@ -536,26 +540,26 @@ class TestKeys(TestCase):
with self.assertRaises(CKR_ATTRIBUTE_VALUE_INVALID):
p11.C_GenerateKeyPair(
self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 1028,
- CKA_ID = "RSA-1028", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
+ CKA_ID = b"RSA-1028", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
def test_gen_sign_verify_rsa_1032(self):
"Generate/sign/verify with RSA-1032-SHA-512 (sic)"
public_key, private_key = p11.C_GenerateKeyPair(
self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 1032,
- CKA_ID = "RSA-1032", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
+ CKA_ID = b"RSA-1032", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
self.assertIsKeypair(public_key, private_key)
- hamster = "Your mother was a hamster"
+ hamster = b"Your mother was a hamster"
p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key)
sig = p11.C_Sign(self.session, hamster)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key)
p11.C_Verify(self.session, hamster, sig)
@unittest.skipUnless(pycrypto_loaded, "requires PyCrypto")
def test_load_sign_verify_rsa_1024_with_rpki_data(self):
"Load/sign/verify with RSA-1024-SHA-256, externally-supplied key"
- public_key, private_key = self._load_rsa_keypair(rsa_1024_pem, "RSA-1024")
- tbs = '''
+ public_key, private_key = self._load_rsa_keypair(rsa_1024_pem, b"RSA-1024")
+ tbs = b'''
31 6B 30 1A 06 09 2A 86 48 86 F7 0D 01 09 03 31
0D 06 0B 2A 86 48 86 F7 0D 01 09 10 01 1A 30 1C
06 09 2A 86 48 86 F7 0D 01 09 05 31 0F 17 0D 31
@@ -564,11 +568,11 @@ class TestKeys(TestCase):
0F 1F 86 AF 45 25 4D 8F E1 1F C9 EA B3 83 4A 41
17 C1 42 B7 43 AD 51 5E F5 A2 F8 E3 25
'''
- tbs = binascii.unhexlify("".join(tbs.split()))
+ tbs = binascii.unhexlify(b"".join(tbs.split()))
p11.C_SignInit(self.session, CKM_SHA256_RSA_PKCS, private_key)
p11.C_SignUpdate(self.session, tbs)
sig = p11.C_SignFinal(self.session)
- self.assertIsInstance(sig, str)
+ self.assertIsInstance(sig, bytes)
p11.C_VerifyInit(self.session, CKM_SHA256_RSA_PKCS, public_key)
p11.C_Verify(self.session, tbs, sig)
verifier = PKCS1_v1_5.new(RSA.importKey(rsa_1024_pem))
@@ -583,14 +587,14 @@ class TestKeys(TestCase):
def _find_objects(self, chunk_size = 10, template = None, **kwargs):
p11.C_FindObjectsInit(self.session, template, **kwargs)
for handle in p11.C_FindObjects(self.session, chunk_size):
- self.assertIsInstance(handle, (int, int))
+ self.assertIsInstance(handle, (int, long))
p11.C_FindObjectsFinal(self.session)
@unittest.skipUnless(pycrypto_loaded, "requires PyCrypto")
def test_findObjects(self):
- self._load_rsa_keypair(rsa_1024_pem, "RSA-1024")
- self._load_rsa_keypair(rsa_2048_pem, "RSA-2048")
- self._load_rsa_keypair(rsa_3416_pem, "RSA-3416")
+ self._load_rsa_keypair(rsa_1024_pem, b"RSA-1024")
+ self._load_rsa_keypair(rsa_2048_pem, b"RSA-2048")
+ self._load_rsa_keypair(rsa_3416_pem, b"RSA-3416")
self._find_objects(chunk_size = 1, CKA_CLASS = CKO_PUBLIC_KEY)
self._find_objects(chunk_size = 1, CKA_CLASS = CKO_PRIVATE_KEY)
self._find_objects(chunk_size = 10, CKA_CLASS = CKO_PUBLIC_KEY)
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-17 04:01:36 +0000