def setUp(self): super(WhenTestingP11CryptoPlugin, self).setUp() self.pkcs11 = mock.Mock() self.pkcs11.get_session.return_value = long(1) self.pkcs11.return_session.return_value = None self.pkcs11.generate_random.side_effect = generate_random_effect self.pkcs11.get_key_handle.return_value = long(2) self.pkcs11.encrypt.return_value = {'iv': b'0', 'ct': b'0'} self.pkcs11.decrypt.return_value = b'0' self.pkcs11.generate_key.return_value = long(3) self.pkcs11.wrap_key.return_value = {'iv': b'1', 'wrapped_key': b'1'} self.pkcs11.unwrap_key.return_value = long(4) self.pkcs11.compute_hmac.return_value = b'1' self.pkcs11.verify_hmac.return_value = None self.pkcs11.destroy_object.return_value = None self.cfg_mock = mock.MagicMock(name='config mock') self.cfg_mock.p11_crypto_plugin.mkek_label = 'mkek_label' self.cfg_mock.p11_crypto_plugin.hmac_label = 'hmac_label' self.cfg_mock.p11_crypto_plugin.mkek_length = 32 self.cfg_mock.p11_crypto_plugin.slot_id = 1 self.cfg_mock.p11_crypto_plugin.rw_session = True self.cfg_mock.p11_crypto_plugin.pkek_length = 32 self.cfg_mock.p11_crypto_plugin.pkek_cache_ttl = 900 self.cfg_mock.p11_crypto_plugin.pkek_cache_limit = 10 self.cfg_mock.p11_crypto_plugin.algorithm = 'CKM_AES_GCM' self.plugin = p11_crypto.P11CryptoPlugin( conf=self.cfg_mock, pkcs11=self.pkcs11 )
def setUp(self): super(WhenTestingP11CryptoPlugin, self).setUp() self.lib = mock.Mock() self.lib.C_Initialize.return_value = pkcs11.CKR_OK self.lib.C_OpenSession.return_value = pkcs11.CKR_OK self.lib.C_CloseSession.return_value = pkcs11.CKR_OK self.lib.C_FindObjectsInit.return_value = pkcs11.CKR_OK self.lib.C_FindObjects.return_value = pkcs11.CKR_OK self.lib.C_FindObjectsFinal.return_value = pkcs11.CKR_OK self.lib.C_GenerateKey.return_value = pkcs11.CKR_OK self.lib.C_Login.return_value = pkcs11.CKR_OK self.lib.C_GenerateRandom.side_effect = write_random_first_byte self.ffi = pkcs11.build_ffi() setattr(self.ffi, 'dlopen', lambda x: self.lib) self.cfg_mock = mock.MagicMock(name='config mock') self.cfg_mock.p11_crypto_plugin.mkek_label = "mkek" self.cfg_mock.p11_crypto_plugin.hmac_label = "hmac" self.cfg_mock.p11_crypto_plugin.mkek_length = 32 self.cfg_mock.p11_crypto_plugin.slot_id = 1 with mock.patch.object(pkcs11.PKCS11, 'get_key_handle') as mocked: mocked.return_value = long(1) self.plugin = p11_crypto.P11CryptoPlugin(ffi=self.ffi, conf=self.cfg_mock) self.test_session = self.plugin.pkcs11.create_working_session()
def __init__(self, db_connection, library_path, login, slot_id): self.dry_run = False self.db_engine = session.create_engine(db_connection) self._session_creator = scoping.scoped_session( orm.sessionmaker(bind=self.db_engine, autocommit=True)) self.crypto_plugin = p11_crypto.P11CryptoPlugin(CONF) self.plugin_name = utils.generate_fullname_for(self.crypto_plugin) self.pkcs11 = self.crypto_plugin.pkcs11 self.session = self.pkcs11.get_session()
def __init__(self, conf): self.dry_run = False self.db_engine = sqlalchemy.create_engine(conf.sql_connection) self._session_creator = scoping.scoped_session( orm.sessionmaker(bind=self.db_engine, autocommit=True)) self.crypto_plugin = p11_crypto.P11CryptoPlugin(conf) self.pkcs11 = self.crypto_plugin.pkcs11 self.plugin_name = utils.generate_fullname_for(self.crypto_plugin) self.hsm_session = self.pkcs11.get_session() self.new_mkek_label = self.crypto_plugin.mkek_label self.new_hmac_label = self.crypto_plugin.hmac_label self.new_mkek = self.crypto_plugin._get_master_key(self.new_mkek_label) self.new_mkhk = self.crypto_plugin._get_master_key(self.new_hmac_label)
def test_configurable_slot_id(self): self.cfg_mock.p11_crypto_plugin.slot_id = 99 with mock.patch.object(pkcs11.PKCS11, 'get_key_handle') as mocked: mocked.return_value = long(1) test_plugin = p11_crypto.P11CryptoPlugin(ffi=self.ffi, conf=self.cfg_mock) with mock.patch.object(test_plugin.pkcs11, 'open_session') as mocked: def mocked_open_session(slot): self.assertEqual(99, slot) mocked.side_effect = mocked_open_session test_plugin.pkcs11.create_working_session()
def setUp(self): super(WhenTestingP11CryptoPlugin, self).setUp() self.pkcs11 = mock.Mock() self.pkcs11.get_session.return_value = int(1) self.pkcs11.return_session.return_value = None self.pkcs11.generate_random.side_effect = generate_random_effect self.pkcs11.get_key_handle.return_value = int(2) self.pkcs11.encrypt.return_value = {'iv': b'0', 'ct': b'0'} self.pkcs11.decrypt.return_value = b'0' self.pkcs11.generate_key.return_value = int(3) self.pkcs11.wrap_key.return_value = {'iv': b'1', 'wrapped_key': b'1'} self.pkcs11.unwrap_key.return_value = int(4) self.pkcs11.compute_hmac.return_value = b'1' self.pkcs11.verify_hmac.return_value = None self.pkcs11.destroy_object.return_value = None self.pkcs11.finalize.return_value = None self.cfg_mock = mock.MagicMock(name='config mock') self.cfg_mock.p11_crypto_plugin.mkek_label = 'mkek_label' self.cfg_mock.p11_crypto_plugin.hmac_label = 'hmac_label' self.cfg_mock.p11_crypto_plugin.mkek_length = 32 self.cfg_mock.p11_crypto_plugin.slot_id = 1 self.cfg_mock.p11_crypto_plugin.token_serial_number = None self.cfg_mock.p11_crypto_plugin.token_label = None self.cfg_mock.p11_crypto_plugin.token_labels = None self.cfg_mock.p11_crypto_plugin.rw_session = True self.cfg_mock.p11_crypto_plugin.pkek_length = 32 self.cfg_mock.p11_crypto_plugin.pkek_cache_ttl = 900 self.cfg_mock.p11_crypto_plugin.pkek_cache_limit = 10 self.cfg_mock.p11_crypto_plugin.encryption_mechanism = 'CKM_AES_CBC' self.cfg_mock.p11_crypto_plugin.seed_file = '' self.cfg_mock.p11_crypto_plugin.seed_length = 32 self.cfg_mock.p11_crypto_plugin.hmac_keywrap_mechanism = \ 'CKM_SHA256_HMAC' self.plugin_name = 'Test PKCS11 plugin' self.cfg_mock.p11_crypto_plugin.plugin_name = self.plugin_name self.plugin = p11_crypto.P11CryptoPlugin(conf=self.cfg_mock, pkcs11=self.pkcs11)
def setUp(self): super(WhenTestingP11CryptoPlugin, self).setUp() self.lib = mock.Mock() self.lib.C_Initialize.return_value = p11_crypto.CKR_OK self.lib.C_OpenSession.return_value = p11_crypto.CKR_OK self.lib.C_FindObjectsInit.return_value = p11_crypto.CKR_OK self.lib.C_FindObjects.return_value = p11_crypto.CKR_OK self.lib.C_FindObjectsFinal.return_value = p11_crypto.CKR_OK self.lib.C_GenerateKey.return_value = p11_crypto.CKR_OK self.lib.C_Login.return_value = p11_crypto.CKR_OK self.lib.C_GenerateRandom.side_effect = write_random_first_byte self.ffi = p11_crypto._build_ffi() setattr(self.ffi, 'dlopen', lambda x: self.lib) self.cfg_mock = mock.MagicMock(name='config mock') self.cfg_mock.p11_crypto_plugin.mkek_label = "mkek" self.cfg_mock.p11_crypto_plugin.hmac_label = "hmac" self.cfg_mock.p11_crypto_plugin.mkek_length = 32 self.plugin = p11_crypto.P11CryptoPlugin(ffi=self.ffi, conf=self.cfg_mock)