def test_zzz_unlock(self):
""" Test unlock of keystore after reconfiguration. """
if self.hsm.version.have_unlock():
Params = PrimaryAdminYubiKey
YK = test_common.FakeYubiKey(pyhsm.yubikey.modhex_decode(Params[0]).decode('hex'),
Params[1].decode('hex'), Params[2].decode('hex')
)
# After reconfigure, we know the counter values for PrimaryAdminYubiKey is zero
# in the internal db. However, the test suite initialization will unlock the keystore
# (in test_common.YHSM_TestCase.setUp) so a value of 0/1 should result in a replayed OTP.
YK.use_ctr = 0
YK.session_ctr = 1
# first verify counters 1/0 gives the expected YSM_OTP_REPLAY
try:
self.hsm.unlock(otp = YK.from_key())
except pyhsm.exception.YHSM_CommandFailed, e:
if e.status != pyhsm.defines.YSM_OTP_REPLAY:
raise
# now do real unlock with values 2/1 (there is an extra unlock done somewhere...)
YK.use_ctr = 2
self.assertTrue(self.hsm.unlock(password = HsmPassphrase.decode("hex"), otp = YK.from_key()))
def test_zzz_unlock(self):
""" Test unlock of keystore after reconfiguration. """
if self.hsm.version.have_unlock():
Params = PrimaryAdminYubiKey
YK = test_common.FakeYubiKey(
pyhsm.yubikey.modhex_decode(Params[0]).decode('hex'),
Params[1].decode('hex'), Params[2].decode('hex'))
# After reconfigure, we know the counter values for PrimaryAdminYubiKey is zero
# in the internal db. However, the test suite initialization will unlock the keystore
# (in test_common.YHSM_TestCase.setUp) so a value of 0/1 should result in a replayed OTP.
YK.use_ctr = 0
YK.session_ctr = 1
# first verify counters 1/0 gives the expected YSM_OTP_REPLAY
try:
self.hsm.unlock(otp=YK.from_key())
except pyhsm.exception.YHSM_CommandFailed, e:
if e.status != pyhsm.defines.YSM_OTP_REPLAY:
raise
# now do real unlock with values 2/1 (there is an extra unlock done somewhere...)
YK.use_ctr = 2
self.assertTrue(
self.hsm.unlock(password=HsmPassphrase.decode("hex"),
otp=YK.from_key()))
# After reconfigure, we know the counter values for PrimaryAdminYubiKey is zero
# in the internal db. However, the test suite initialization will unlock the keystore
# (in test_common.YHSM_TestCase.setUp) so a value of 0/1 should result in a replayed OTP.
YK.use_ctr = 0
YK.session_ctr = 1
# first verify counters 1/0 gives the expected YSM_OTP_REPLAY
try:
self.hsm.unlock(otp = YK.from_key())
except pyhsm.exception.YHSM_CommandFailed, e:
if e.status != pyhsm.defines.YSM_OTP_REPLAY:
raise
# now do real unlock with values 2/1 (there is an extra unlock done somewhere...)
YK.use_ctr = 2
self.assertTrue(self.hsm.unlock(password = HsmPassphrase.decode("hex"), otp = YK.from_key()))
else:
self.assertTrue(self.hsm.unlock(password = HsmPassphrase.decode("hex")))
def test_zzz_echo(self):
""" Test echo after reconfiguration. """
self.assertTrue(self.hsm.echo('test'))
def config_do(self, cmd, add_cr = True):
# Don't have to output command - it is echoed
#sys.__stderr__.write("> " + cmd + "\n")
if add_cr:
self.ser.write(cmd + "\r")
else:
self.ser.write(cmd)
#time.sleep(0.5)
recv = ''
fail_count = 0
YK.use_ctr = 0
YK.session_ctr = 1
# first verify counters 1/0 gives the expected YSM_OTP_REPLAY
try:
self.hsm.unlock(otp=YK.from_key())
except pyhsm.exception.YHSM_CommandFailed, e:
if e.status != pyhsm.defines.YSM_OTP_REPLAY:
raise
# now do real unlock with values 2/1 (there is an extra unlock done somewhere...)
YK.use_ctr = 2
self.assertTrue(
self.hsm.unlock(password=HsmPassphrase.decode("hex"),
otp=YK.from_key()))
else:
self.assertTrue(
self.hsm.unlock(password=HsmPassphrase.decode("hex")))
def test_zzz_echo(self):
""" Test echo after reconfiguration. """
self.assertTrue(self.hsm.echo('test'))
def config_do(self, cmd, add_cr=True):
# Don't have to output command - it is echoed
#sys.__stderr__.write("> " + cmd + "\n")
if add_cr:
self.ser.write(cmd + "\r")
else:
self.ser.write(cmd)
#time.sleep(0.5)
recv = ''
fail_count = 0
def test_zzz_unlock(self):
""" Test unlock of keystore after reconfiguration. """
self.assertTrue(self.hsm.key_storage_unlock(HsmPassphrase.decode("hex")))