async def test_secure_channel_key_expiration(srv_crypto_one_cert, mocker): timeout = 1 _, cert = srv_crypto_one_cert clt = Client(uri_crypto_cert) clt.secure_channel_timeout = timeout * 1000 user_cert = uacrypto.CertProperties(peer_creds['certificate'], "DER") user_key = uacrypto.CertProperties( path=peer_creds['private_key'], extension="PEM", ) server_cert = uacrypto.CertProperties(cert) await clt.set_security(security_policies.SecurityPolicyBasic256Sha256, user_cert, user_key, server_certificate=server_cert, mode=ua.MessageSecurityMode.SignAndEncrypt) async with clt: assert clt.uaclient.security_policy.symmetric_cryptography.Prev_Verifier is None assert clt.uaclient.security_policy.symmetric_cryptography.Prev_Decryptor is None await asyncio.sleep(timeout) sym_crypto = clt.uaclient.security_policy.symmetric_cryptography prev_verifier = sym_crypto.Prev_Verifier prev_decryptor = sym_crypto.Prev_Decryptor assert isinstance(prev_verifier, Verifier) assert isinstance(prev_decryptor, Decryptor) mock_decry_reset = mocker.patch.object(prev_verifier, "reset", wraps=prev_verifier.reset) mock_verif_reset = mocker.patch.object(prev_decryptor, "reset", wraps=prev_decryptor.reset) assert mock_decry_reset.call_count == 0 assert mock_verif_reset.call_count == 0 await asyncio.sleep(timeout * 0.3) assert await clt.get_objects_node().get_children() assert sym_crypto.key_expiration > 0 assert sym_crypto.prev_key_expiration > 0 assert sym_crypto.key_expiration > sym_crypto.prev_key_expiration assert mock_decry_reset.call_count == 1 assert mock_verif_reset.call_count == 1 assert clt.uaclient.security_policy.symmetric_cryptography.Prev_Verifier is None assert clt.uaclient.security_policy.symmetric_cryptography.Prev_Decryptor is None
async def test_encrypted_private_key_handling_success_with_cert_props( srv_crypto_encrypted_key_one_cert): _, cert = srv_crypto_encrypted_key_one_cert clt = Client(uri_crypto_cert) user_cert = uacrypto.CertProperties( encrypted_private_key_peer_creds['certificate'], "DER") user_key = uacrypto.CertProperties( path=encrypted_private_key_peer_creds['private_key'], password=encrypted_private_key_peer_creds['password'], extension="PEM", ) server_cert = uacrypto.CertProperties(cert) await clt.set_security(security_policies.SecurityPolicyBasic256Sha256, user_cert, user_key, server_certificate=server_cert, mode=ua.MessageSecurityMode.SignAndEncrypt) async with clt: assert await clt.get_objects_node().get_children()