def test_04_failure(self):
db_token = Token(self.serial2, tokentype="vasco")
db_token.save()
token = VascoTokenClass(db_token)
token.update({"otpkey": hexlify("X"*248),
"pin": self.otppin})
r = token.authenticate("{}123456".format(self.otppin))
self.assertEqual(r[0], True)
self.assertEqual(r[1], -1)
# failure, but the token secret has been updated nonetheless
key = token.token.get_otpkey().getKey()
self.assertEqual(key, "X"*24 + "Y"*224)
# wrong PIN, the token secret has not been updated
r = token.authenticate("WRONG123456".format(self.otppin))
self.assertEqual(r[0], False)
self.assertEqual(r[1], -1)
key = token.token.get_otpkey().getKey()
self.assertEqual(key, "X"*24 + "Y"*224)
# another failure, but the token secret has been updated again!
r = token.authenticate("{}234567".format(self.otppin))
self.assertEqual(r[0], True)
self.assertEqual(r[1], -1)
key = token.token.get_otpkey().getKey()
self.assertEqual(key, "X"*24 + "Z"*224)
token.delete_token()
def test_05_success(self):
db_token = Token(self.serial2, tokentype="vasco")
db_token.save()
token = VascoTokenClass(db_token)
token.update({
"otpkey": hexlify(b"X" * 248).decode("utf-8"),
"pin": self.otppin
})
# wrong PIN, the token secret has not been updated
r = token.authenticate("WRONG123456".format(self.otppin))
self.assertEqual(r[0], False)
self.assertEqual(r[1], -1)
key = token.token.get_otpkey().getKey()
self.assertEqual(key, b"X" * 24 + b"X" * 224)
# correct PIN + OTP
r = token.authenticate("{}123456".format(self.otppin))
self.assertEqual(r[0], True)
self.assertEqual(r[1], 0) # TODO: that is success?
key = token.token.get_otpkey().getKey()
self.assertEqual(key, b"X" * 24 + b"Y" * 224)
# another success
r = token.authenticate("{}234567".format(self.otppin))
self.assertEqual(r[0], True)
self.assertEqual(r[1], 0) # TODO: that is success?
key = token.token.get_otpkey().getKey()
self.assertEqual(key, b"X" * 24 + b"Z" * 224)
token.delete_token()
def test_05_success(self):
db_token = Token(self.serial2, tokentype="vasco")
db_token.save()
token = VascoTokenClass(db_token)
token.update({"otpkey": hexlify("X"*248),
"pin": self.otppin})
# wrong PIN, the token secret has not been updated
r = token.authenticate("WRONG123456".format(self.otppin))
self.assertEqual(r[0], False)
self.assertEqual(r[1], -1)
key = token.token.get_otpkey().getKey()
self.assertEqual(key, "X"*24 + "X"*224)
# correct PIN + OTP
r = token.authenticate("{}123456".format(self.otppin))
self.assertEqual(r[0], True)
self.assertEqual(r[1], 0) # TODO: that is success?
key = token.token.get_otpkey().getKey()
self.assertEqual(key, "X"*24 + "Y"*224)
# another success
r = token.authenticate("{}234567".format(self.otppin))
self.assertEqual(r[0], True)
self.assertEqual(r[1], 0) # TODO: that is success?
key = token.token.get_otpkey().getKey()
self.assertEqual(key, "X"*24 + "Z"*224)
token.delete_token()
def test_04_failure(self):
db_token = Token(self.serial2, tokentype="vasco")
db_token.save()
token = VascoTokenClass(db_token)
token.update({
"otpkey": hexlify(b"X" * 248).decode("utf-8"),
"pin": self.otppin
})
r = token.authenticate("{}123456".format(self.otppin))
self.assertEqual(r[0], True)
self.assertEqual(r[1], -1)
# failure, but the token secret has been updated nonetheless
key = token.token.get_otpkey().getKey()
self.assertEqual(key, b"X" * 24 + b"Y" * 224)
# wrong PIN, the token secret has not been updated
r = token.authenticate("WRONG123456".format(self.otppin))
self.assertEqual(r[0], False)
self.assertEqual(r[1], -1)
key = token.token.get_otpkey().getKey()
self.assertEqual(key, b"X" * 24 + b"Y" * 224)
# another failure, but the token secret has been updated again!
r = token.authenticate("{}234567".format(self.otppin))
self.assertEqual(r[0], True)
self.assertEqual(r[1], -1)
key = token.token.get_otpkey().getKey()
self.assertEqual(key, b"X" * 24 + b"Z" * 224)
token.delete_token()