async def test_pkcs11_with_replaced_cert(self): """Test authenticating with a PKCS#11 with replaced cert""" ckey = asyncssh.load_pkcs11_keys('xxx')[1] async with self.connect(username='******', pkcs11_provider='xxx', client_keys=[(ckey, 'pkcs11_cert.pub')]): pass
async def test_pkcs11_load_keys(self): """Test authenticating with explicitly loaded PKCS#11 keys""" for key in asyncssh.load_pkcs11_keys('xxx'): for sig_alg in key.sig_algorithms: sig_alg = sig_alg.decode('ascii') with self.subTest(key=key.get_comment(), sig_alg=sig_alg): async with self.connect(username='******', pkcs11_provider='xxx', client_keys=[key], signature_algs=[sig_alg]): pass
async def test_load_keys(self): """Test loading keys and certs from PKCS#11 tokens""" keys = asyncssh.load_pkcs11_keys('xxx') self.assertEqual(len(keys), 6 if self._certs_available else 3)
async def test_key_not_found(self): """Test PKCS#11 with no token found""" self.assertEqual(asyncssh.load_pkcs11_keys('xxx'), [])
async def test_match_key_id_bytes(self): """Test matching on PKCS#11 key id as bytes""" keys = asyncssh.load_pkcs11_keys('xxx', key_id=b'\x02') self.assertEqual(len(keys), 2 if self._certs_available else 1)
async def test_match_key_label(self): """Test matching on PKCS#11 key label""" keys = asyncssh.load_pkcs11_keys('xxx', key_label='EC key 2') self.assertEqual(len(keys), 2 if self._certs_available else 1)
async def test_match_token_serial_bytes(self): """Test matching on PKCS#11 token serial number as bytes""" keys = asyncssh.load_pkcs11_keys('xxx', token_serial=b'1234') self.assertEqual(len(keys), 4 if self._certs_available else 2)
async def test_load_keys_without_certs(self): """Test loading keys without certs from PKCS#11 tokens""" keys = asyncssh.load_pkcs11_keys('xxx', load_certs=False) self.assertEqual(len(keys), 3)