def test_code_from_hash_with_alternate_lengths(self): """Test Otp.code_from_hash(). Try with alternate code lengths. """ cut = HOTP() # code_length 1 # should_be = ("4", "2", "2", "9", "4", "6", "2", "3", "1", "9") for i in range(0, 10): code = cut.code_from_hash(self.expected[i][2], 1) self.assertEqual(should_be[i], code) # code_length 9 # should_be = ( "284755224", "094287082", "137359152", "726969429", "640338314", "868254676", "918287922", "082162583", "673399871", "645520489") for i in range(0, 10): code = cut.code_from_hash(self.expected[i][2], 9) self.assertEqual(should_be[i], code)
def test_convert_base32_bad_chars(self): """Test Otp.convert_base32_secret_key(). Check that an input base32 encoded string that is not encoded correctly throws the expected exception. """ cut = HOTP() # First be certain the method works with a correct base32-encoded # input string # in_string = "ABCDEFGH" cut.convert_base32_secret_key(in_string) # Then check that it throws the expected exception with an # incorrectly coded input string. # # lower case not acceptable in_string = "abcdefgh" with self.assertRaises(ValueError): cut.convert_base32_secret_key(in_string) # numbers outside 2-7 not acceptable in_string = "ABCDEFG1" with self.assertRaises(ValueError): cut.convert_base32_secret_key(in_string) # padding character elsewhere than end of string in_string = "ABCD=FGH" with self.assertRaises(ValueError): cut.convert_base32_secret_key(in_string)
def test_generate_code_from_time_period_not_numeric(self): """Test Otp.generate_code_from_time(). Check for appropriate exception to non-numeric period. """ cut = HOTP() with self.assertRaises(ValueError): cut.generate_code_from_time(self.secret, period="abc")
def reference_generate_code_from_time(self, secret_key): """Reference implementation of generate_code_from_time method. A reference/alternate implementation of Otp.generate_code_from_time() which is to be used to generate expected values for unit tests. Returns: A tuple containing: * The time-based OTP, as a string of digits. * The integer number of seconds remaining in the current interval. """ import time import datetime from hashlib import sha1 import hmac cut = HOTP() # message := current Unix time ÷ 30 # local_now = datetime.datetime.now() seconds_now = time.mktime(local_now.timetuple()) intervals = seconds_now // 30 remaining_seconds = seconds_now - (intervals * 30) message = cut.num_to_counter(intervals) # hash := HMAC-SHA1(key, message) # hmac = hmac.new(secret_key, message, sha1) hash = hmac.hexdigest() # offset := last nibble of hash # offset = int("0" + hash[-1], 16) offset *= 2 # truncated_hash := hash[offset..offset+3] # (that is 4 bytes starting at the offset) # truncated_hash = hash[offset: offset + (4 * 2)] # Set the first bit of truncated_hash to zero # (remove the most significant bit) # new_high_order_byte = hex( int(truncated_hash[0:2], 16) & int('7F', 16))[2:] new_high_order_byte = \ "0" * (2 - len(new_high_order_byte)) + new_high_order_byte truncated_hash = new_high_order_byte + truncated_hash[2:] # code := truncated_hash mod 1000000 # int_hash = int(truncated_hash, 16) code = int_hash % 1000000 # pad code with 0 until length of code is 6 # code_string = str(code) code_string = "0" * (6 - len(code_string)) + code_string # return code # return code_string, int(30 - remaining_seconds)
def test_generate_code_from_counter_secret_wrong_type(self): """Test Otp.generate_code_from_counter(). Check for appropriate exception to wrong secret type. """ cut = HOTP() with self.assertRaises(TypeError): cut.generate_code_from_counter(1.234, self.expected[0][0])
def test_code_from_hash_bad_hash(self): """Test Otp.code_from_hash(). Check that the RFC4226 test cases work for code_from_hash() """ cut = HOTP() with self.assertRaises(TypeError): cut.code_from_hash("abc")
def test_generate_code_from_time_secret_wrong_type(self): """Test Otp.generate_code_from_time(). Check for appropriate exception to wrong secret type. """ cut = HOTP() with self.assertRaises(TypeError): cut.generate_code_from_time(1.234)
def test_generate_code_from_time_period_wrong_type(self): """Test Otp.generate_code_from_time(). Check for appropriate exception to wrong period type. """ cut = HOTP() with self.assertRaises(TypeError): cut.generate_code_from_time(self.secret, period=(6, 3))
def test_code_from_hash_long_code_length(self): """Test Otp.code_from_hash(). Check that the RFC4226 test cases work for code_from_hash() """ cut = HOTP() with self.assertRaises(ValueError): cut.code_from_hash(self.expected[0][2], 11)
def reference_generate_code_from_time(self, secret_key): """Reference implementation of generate_code_from_time method. A reference/alternate implementation of Otp.generate_code_from_time() which is to be used to generate expected values for unit tests. Returns: A tuple containing: * The time-based OTP, as a string of digits. * The integer number of seconds remaining in the current interval. """ import time import datetime from hashlib import sha1 import hmac cut = HOTP() # message := current Unix time ÷ 30 # local_now = datetime.datetime.now() seconds_now = time.mktime(local_now.timetuple()) intervals = seconds_now // 30 remaining_seconds = seconds_now - (intervals * 30) message = cut.num_to_counter(intervals) # hash := HMAC-SHA1(key, message) # hmac = hmac.new(secret_key, message, sha1) hash = hmac.hexdigest() # offset := last nibble of hash # offset = int("0" + hash[-1], 16) offset *= 2 # truncated_hash := hash[offset..offset+3] # (that is 4 bytes starting at the offset) # truncated_hash = hash[offset:offset + (4 * 2)] # Set the first bit of truncated_hash to zero # (remove the most significant bit) # new_high_order_byte = hex( int(truncated_hash[0:2], 16) & int('7F', 16))[2:] new_high_order_byte = \ "0" * (2 - len(new_high_order_byte)) + new_high_order_byte truncated_hash = new_high_order_byte + truncated_hash[2:] # code := truncated_hash mod 1000000 # int_hash = int(truncated_hash, 16) code = int_hash % 1000000 # pad code with 0 until length of code is 6 # code_string = str(code) code_string = "0" * (6 - len(code_string)) + code_string # return code # return code_string, int(30 - remaining_seconds)
def test_code_from_hash_wrong_length(self): """Test Otp.code_from_hash(). Check that the RFC4226 test cases work for code_from_hash() """ cut = HOTP() with self.assertRaises(ValueError): cut.code_from_hash(bytes.fromhex("abcdef"))
def test_generate_code_from_counter_counter_bad(self): """Test Otp.generate_code_from_counter(). Check for appropriate exception to invalid counter value. """ cut = HOTP() with self.assertRaises(ValueError): cut.generate_code_from_counter(self.secret, -1)
def test_generate_code_from_counter_counter_wrong_type(self): """Test Otp.generate_code_from_counter(). Check for appropriate exception to wrong counter type. """ cut = HOTP() with self.assertRaises(ValueError): cut.generate_code_from_counter(self.secret, "abcdefgh")
def test_generate_code_from_counter_code_length_not_numeric(self): """Test Otp.generate_code_from_counter(). Check for appropriate exception to non-numeric code_length. """ cut = HOTP() with self.assertRaises(ValueError): cut.generate_code_from_counter( self.secret, self.expected[0][0], code_length="abc")
def test_generate_code_from_counter_code_length_wrong_type(self): """Test Otp.generate_code_from_counter(). Check for appropriate exception to wrong code_length type. """ cut = HOTP() with self.assertRaises(TypeError): cut.generate_code_from_counter( self.secret, self.expected[0][0], code_length=(6, 3))
def test_generate_code_from_counter_counter_bad(self): """Test Otp.generate_code_from_counter(). Check for appropriate exception to invalid counter value. """ cut = HOTP() with self.assertRaises(ValueError): cut.generate_code_from_counter( self.secret, -1)
def test_generate_code_from_counter_counter_wrong_type(self): """Test Otp.generate_code_from_counter(). Check for appropriate exception to wrong counter type. """ cut = HOTP() with self.assertRaises(ValueError): cut.generate_code_from_counter( self.secret, "abcdefgh")
def test_generate_code_from_counter_secret_wrong_type(self): """Test Otp.generate_code_from_counter(). Check for appropriate exception to wrong secret type. """ cut = HOTP() with self.assertRaises(TypeError): cut.generate_code_from_counter( 1.234, self.expected[0][0])
def test_hash_from_hmac_not_20bytes(self): """Test Otp.hash_from_hmac(). Check that HMAC length validation is performed. """ cut = HOTP() hmac = bytes.fromhex("ff0102030405060708090a0b0c0d0e0f101112") with self.assertRaises(ValueError): cut.hash_from_hmac(hmac)
def test_code_from_hash(self): """Test Otp.code_from_hash(). Check that the RFC4226 test cases work for code_from_hash() """ cut = HOTP() for i in range(0, 10): code = cut.code_from_hash(self.expected[i][2]) self.assertEqual(self.expected[i][3], code)
def test_counter_from_time_period_wrong_type(self): """Test Otp.counter_from_time(). Check that providing a period that is not numeric or convertable to numeric raises the appropriate exception. """ cut = HOTP() with self.assertRaises(TypeError): cut.counter_from_time(period=(6, 3))
def test_hash_from_hmac_not_byte_string(self): """Test Otp.hash_from_hmac(). Check that HMAC type (byte string) validation is performed. """ cut = HOTP() hmac = bytearray.fromhex("ff0102030405060708090a0b0c0d0e0f101112f0") with self.assertRaises(TypeError): cut.hash_from_hmac(hmac)
def test_generate_hmac(self): """Test Otp.generate_hmac(). Check that the RFC4226 test cases work for generate_hmac(). """ cut = HOTP() for i in range(0, 10): hmac = cut.generate_hmac(self.secret, self.expected[i][0]) self.assertEqual(self.expected[i][1], hmac)
def test_generate_code_from_time_period_wrong_type(self): """Test Otp.generate_code_from_time(). Check for appropriate exception to wrong period type. """ cut = HOTP() with self.assertRaises(TypeError): cut.generate_code_from_time( self.secret, period=(6, 3))
def test_generate_code_from_time_secret_wrong_base32_length(self): """Test Otp.generate_code_from_time(). Check for appropriate exception to secret string that is invalid base32 encoding (too long, bad padding). """ cut = HOTP() with self.assertRaises(ValueError): cut.generate_code_from_time("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQAAA")
def test_generate_code_from_time_period_not_numeric(self): """Test Otp.generate_code_from_time(). Check for appropriate exception to non-numeric period. """ cut = HOTP() with self.assertRaises(ValueError): cut.generate_code_from_time( self.secret, period="abc")
def test_generate_code_from_time_secret_bad_base32(self): """Test Otp.generate_code_from_time(). Check for appropriate exception to secret string that is invalid base32 encoding. """ cut = HOTP() with self.assertRaises(ValueError): cut.generate_code_from_time("GEZDGNBVGY1TQOJQGEZDGNBVGY1TQOJQ")
def test_generate_hmac_counter_not_byte_string(self): """Test Otp.generate_hmac(). Check that a counter that is other than a byte string. """ cut = HOTP() # If the counter byte string is less than 8 bytes # with self.assertRaises(TypeError): cut.generate_hmac(self.secret, "1234")
def test_num_to_counter_too_large(self): """Test Otp.num_to_counter(). Check that an exception is raised if a very value is passed to num_to_counter(). """ cut = HOTP() num = 2**64 with self.assertRaises(ValueError): cut.num_to_counter(num)
def test_generate_hmac_secret_not_byte_string(self): """Test Otp.generate_hmac(). Check that a counter that is other than a byte string. """ cut = HOTP() # If the counter byte string is less than 8 bytes # with self.assertRaises(TypeError): cut.generate_hmac("1234567890", self.expected[1][0])
def test_generate_code_from_time_secret_bad_base32(self): """Test Otp.generate_code_from_time(). Check for appropriate exception to secret string that is invalid base32 encoding. """ cut = HOTP() with self.assertRaises(ValueError): cut.generate_code_from_time( "GEZDGNBVGY1TQOJQGEZDGNBVGY1TQOJQ")
def test_generate_code_from_counter_counter_long(self): """Test Otp.generate_code_from_counter(). Check for appropriate exception to counter byte string that is too short. """ cut = HOTP() with self.assertRaises(ValueError): cut.generate_code_from_counter( self.secret, bytes.fromhex("010203040506070809"))
def test_num_to_counter_negative(self): """Test Otp.num_to_counter(). Check that an exception is raised if a negative value is passed to num_to_counter(). """ cut = HOTP() num = -1 with self.assertRaises(ValueError): cut.num_to_counter(num)
def test_generate_code_from_time_secret_wrong_base32_length(self): """Test Otp.generate_code_from_time(). Check for appropriate exception to secret string that is invalid base32 encoding (too long, bad padding). """ cut = HOTP() with self.assertRaises(ValueError): cut.generate_code_from_time( "GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQAAA")
def test_hash_from_hmac(self): """Test Otp.hash_from_hmac(). Check that expected truncated hash values are produced. """ cut = HOTP() for i in range(0, 10): hash = cut.hash_from_hmac(self.expected[i][1]) self.assertEqual(self.expected[i][2], hash) return
def test_num_to_counter_not_number(self): """Test Otp.num_to_counter(). Check that an exception is raised if a non-numeric value is passed to num_to_counter(). """ cut = HOTP() num = "abcd" with self.assertRaises(ValueError): cut.num_to_counter(num)
def test_generate_code_from_counter_counter_long(self): """Test Otp.generate_code_from_counter(). Check for appropriate exception to counter byte string that is too short. """ cut = HOTP() with self.assertRaises(ValueError): cut.generate_code_from_counter(self.secret, bytes.fromhex("010203040506070809"))
def test_hmac_from_counter(self): """Test Otp.generate_hmac(). Check that expected HMAC-SHA-1 digest values are produced. """ cut = HOTP() for i in range(0, 10): counter = cut.num_to_counter(i) actual_hmac = cut.generate_hmac(self.secret, counter) self.assertEqual(self.expected[i][1], actual_hmac)
def test_hash_from_hmac_clear_high_bit(self): """Test Otp.hash_from_hmac(). Check that the high order bit is cleared in the truncated hash. """ cut = HOTP() hmac = bytes.fromhex("ff0102030405060708090a0b0c0d0e0f101112f0") expected = bytes.fromhex("7f010203") hash = cut.hash_from_hmac(hmac) self.assertEqual(expected, hash)