def test_01_simple(self): with self.pkcs11: self.assertIsInstance(get_hsm(), AESHardwareSecurityModule) r = encryptPin("test") pin = decryptPin(r) self.assertEqual(pin, "test") self.assertTrue(get_hsm().is_ready) self.assertEqual(self.pkcs11.session_mock.encrypt.call_count, 1)
def test_01_simple(self): with self.pkcs11: self.assertIsInstance(get_hsm(), AESHardwareSecurityModule) r = encryptPin("test") pin = decryptPin(r) self.assertEqual(pin, "test") self.assertTrue(get_hsm().is_ready) self.assertEqual(self.pkcs11.session_mock.encrypt.call_count, 1)
def test_01_set_password(self): with self.pkcs11: hsm = init_hsm() self.assertIsInstance(hsm, AESHardwareSecurityModule) with self.assertRaises(HSMException): get_hsm() self.assertIs(get_hsm(require_ready=False), hsm) ready = set_hsm_password("test123!") self.assertTrue(ready) self.assertIs(hsm, init_hsm()) self.assertIs(get_hsm(), hsm)
def test_01_set_password(self): with self.pkcs11: hsm = init_hsm() self.assertIsInstance(hsm, AESHardwareSecurityModule) with self.assertRaises(HSMException): get_hsm() self.assertIs(get_hsm(require_ready=False), hsm) ready = set_hsm_password("test123!") self.assertTrue(ready) self.assertIs(hsm, init_hsm()) self.assertIs(get_hsm(), hsm)
def test_02_fault_recovery(self): with self.pkcs11: hsm = get_hsm() self.assertIsInstance(hsm, AESHardwareSecurityModule) # encryption initially works r = encryptPin("test") pin = decryptPin(r) self.assertEqual(pin, "test") self.assertTrue(hsm.is_ready) # the HSM disappears generate_random_call_count = self.pkcs11.session_mock.generateRandom.call_count open_session_call_count = self.pkcs11.mock.openSession.call_count with self.pkcs11.simulate_disconnect(100): with self.assertRaises(PyKCS11Error): encryptPin("test") # we have tried to generate a random number once self.assertEqual( self.pkcs11.session_mock.generateRandom.call_count, generate_random_call_count + 1) # we have tried to open a new session once self.assertEqual(self.pkcs11.mock.openSession.call_count, open_session_call_count + 1) # HSM is now defunct # try to recover now r = encryptPin("test") pin = decryptPin(r) self.assertEqual(pin, "test")
def test_02_fault_recovery(self): with self.pkcs11: hsm = get_hsm() self.assertIsInstance(hsm, AESHardwareSecurityModule) # encryption initially works r = encryptPin("test") pin = decryptPin(r) self.assertEqual(pin, "test") self.assertTrue(hsm.is_ready) # the HSM disappears generate_random_call_count = self.pkcs11.session_mock.generateRandom.call_count open_session_call_count = self.pkcs11.mock.openSession.call_count with self.pkcs11.simulate_disconnect(100): with self.assertRaises(PyKCS11Error): encryptPin("test") # we have tried to generate a random number once self.assertEqual(self.pkcs11.session_mock.generateRandom.call_count, generate_random_call_count + 1) # we have tried to open a new session once self.assertEqual(self.pkcs11.mock.openSession.call_count, open_session_call_count + 1) # HSM is now defunct # try to recover now r = encryptPin("test") pin = decryptPin(r) self.assertEqual(pin, "test")
def get_security_module(): """ Get the status of the security module. """ hsm = get_hsm(require_ready=False) is_ready = hsm.is_ready res = {"is_ready": is_ready} g.audit_object.log({'success': res}) return send_result(res)
def get_security_module(): """ Get the status of the security module. """ hsm = get_hsm(require_ready=False) is_ready = hsm.is_ready res = {"is_ready": is_ready} g.audit_object.log({'success': res}) return send_result(res)