def ca_set_authorization_data(h_session, h_object, old_auth_data, new_auth_data): """ User changes authorization data on key object (private, secret) :param h_session: session handle :param object: key handle to update :param old_auth_data: byte list, e.g. [11, 12, 13, ..] :param new_auth_data: byte list, e.g. [11, 12, 13, ..] :return: Ret code """ old_auth_data_ptr, old_auth_data_length = to_byte_array(old_auth_data) old_auth_data_ptr = cast(old_auth_data_ptr, POINTER(CK_UTF8CHAR)) new_auth_data_ptr, new_auth_data_length = to_byte_array(new_auth_data) new_auth_data_ptr = cast(new_auth_data_ptr, POINTER(CK_UTF8CHAR)) h_object = CK_OBJECT_HANDLE(h_object) h_session = CK_SESSION_HANDLE(h_session) return CA_SetAuthorizationData( h_session, h_object, old_auth_data_ptr, old_auth_data_length, new_auth_data_ptr, new_auth_data_length, )
def test_to_byte_array_list_fail_neg(self, list_val): """ to_byte_array() with incompatible param: :param list_val: random list of negative integers. -ValueError """ with pytest.raises(ValueError): pointer, leng = to_byte_array(list_val)
def test_to_byte_array_int(self, int_val): """ to_byte_array() with param: :param int_val: random positive integer """ pointer, leng = to_byte_array(int_val) self.verify_c_type(pointer, leng) py_bytes = self.reverse_case(pointer, leng, to_byte_array) assert int(py_bytes, 16) == int_val
def test_to_byte_array_from_hex(self, test_val): """ to_byte_array() with param: :param list_val: list of ints in range (0-255), convert to bytearray """ pointer, leng = to_byte_array(test_val) self.verify_c_type(pointer, leng) py_bytes = self.reverse_case(pointer, leng, to_byte_array) assert py_bytes == b"deadbeef"
def test_to_byte_array_hexstring(self, int_val): """ to_byte_array() with param: :param int_val: random integer to be converted to hex string. """ hex_string = hex(int_val).replace("0x", "").replace("L", "") pointer, leng = to_byte_array(hex_string) self.verify_c_type(pointer, leng) py_bytes = self.reverse_case(pointer, leng, to_byte_array) assert int(py_bytes, 16) == int(hex_string, 16)
def test_to_byte_array_int_neg_overflow(self, int_val): """ to_byte_array() with param: :param int_val: random int value. Will result in data loss """ pointer, leng = to_byte_array(int_val) self.verify_c_type(pointer, leng) py_bytes = self.reverse_case(pointer, leng, to_byte_array) LOG.debug("to_byte_array() data loss: %s => %s", b(hex(int_val)), py_bytes) assert int(py_bytes, 16) != int_val
def test_to_byte_array(self, list_val): """ to_byte_array() with param: :param list_val: list of ints in range (0-255), convert to bytearray """ b_array = bytearray(list_val) pointer, leng = to_byte_array(b_array) self.verify_c_type(pointer, leng) py_bytes = self.reverse_case(pointer, leng, to_byte_array) assert py_bytes == hexlify(b_array)
def test_to_byte_array_list(self, list_val): """ to_byte_array() with param: :param list_val: randomly list of postive integers (within byte range). """ pointer, leng = to_byte_array(list_val) self.verify_c_type(pointer, leng) py_bytes = self.reverse_case(pointer, leng, to_byte_array) # Create list from returned byte-string py_list = [] for i in range(0, len(py_bytes), 2): py_list.append(int(py_bytes[i:i + 2], 16)) assert py_list == list_val
def ca_authorize_key(h_session, h_object, auth_data): """ User authorizes key within session or access for use :param h_session: session handle :param object: key handle to authorize :param auth_data: authorization byte list, e.g. [11, 12, 13, ..] :return: Ret code """ auth_data_ptr, auth_data_length = to_byte_array(auth_data) auth_data_ptr = cast(auth_data_ptr, POINTER(CK_UTF8CHAR)) h_object = CK_OBJECT_HANDLE(h_object) h_session = CK_SESSION_HANDLE(h_session) return CA_AuthorizeKey(h_session, h_object, auth_data_ptr, auth_data_length)
def ca_reset_authorization_data(h_session, h_object, auth_data): """ CO resets auth data on unassigned key :param h_session: session handle :param object: key handle to update :param auth_data: byte list, e.g. [11, 12, 13, ..] :return: Ret code """ auth_data_ptr, auth_data_length = to_byte_array(auth_data) auth_data_ptr = cast(auth_data_ptr, POINTER(CK_UTF8CHAR)) h_object = CK_OBJECT_HANDLE(h_object) h_session = CK_SESSION_HANDLE(h_session) return CA_ResetAuthorizationData(h_session, h_object, auth_data_ptr, auth_data_length)
def ca_get_object_handle(slot, session, objectouid): """ Calls CA_GetObjectHandle to get the object handle from OUID :param slot: partition slot number :param session: session id that was opened to run the function :param objectouid: OUID, a string of the hex value that maps to object handle :return: a tuple containing the return code and the object handle mapping the given OUID """ objecttype = CK_ULONG() objecthandle = CK_ULONG() # ulContainerNumber is required which is of type CK_ULONG container_number = ca_get_session_info_ex(session)['containerNumber'] ouid, size_ouid = to_byte_array(int(objectouid, 16)) c_ouid = cast(ouid, POINTER(c_ubyte)) ret = CA_GetObjectHandle(CK_SLOT_ID(slot), container_number, c_ouid, byref(objecttype), byref(objecthandle)) if ret != CKR_OK: return ret, None return ret, objecthandle.value