def test_17_update_token(self):
db_token = Token.query.filter_by(serial=self.serial1).first()
token = TotpTokenClass(db_token)
# Failed update: genkey wrong
self.assertRaises(Exception,
token.update,
{"description": "new desc",
"genkey": "17"})
# genkey and otpkey used at the same time
token.update({"otpkey": self.otpkey,
"genkey": "1"})
token.update({"otpkey": self.otpkey,
"pin": "654321",
"otplen": 6})
self.assertTrue(token.check_pin("654321"))
self.assertTrue(token.token.otplen == 6)
# update hashlib
token.update({"otpkey": self.otpkey,
"hashlib": "sha1"})
self.assertTrue(token.get_tokeninfo("hashlib") == "sha1",
token.get_tokeninfo())
# save pin encrypted
token.update({"genkey": 1,
"pin": "secret",
"encryptpin": "true"})
# check if the PIN is encrypted
self.assertTrue(token.token.pin_hash.startswith("@@"),
token.token.pin_hash)
# update token without otpkey raises an error
self.assertRaises(Exception, token.update, {"description": "test"})
# update time settings
db_token = Token.query.filter_by(serial=self.serial1).first()
token = TotpTokenClass(db_token)
token.update({"otpkey": self.otpkey,
"otplen": 6,
"timeShift": 10,
"timeWindow": 180,
"timeStep": 30
})
def test_17_update_token(self):
db_token = Token.query.filter_by(serial=self.serial1).first()
token = TotpTokenClass(db_token)
# Failed update: genkey wrong
self.assertRaises(Exception,
token.update,
{"description": "new desc",
"genkey": "17"})
# genkey and otpkey used at the same time
token.update({"otpkey": self.otpkey,
"genkey": "1"})
token.update({"otpkey": self.otpkey,
"pin": "654321",
"otplen": 6})
self.assertTrue(token.check_pin("654321"))
self.assertTrue(token.token.otplen == 6)
# update hashlib
token.update({"otpkey": self.otpkey,
"hashlib": "sha1"})
self.assertTrue(token.get_tokeninfo("hashlib") == "sha1",
token.get_tokeninfo())
# save pin encrypted
token.update({"genkey": 1,
"pin": "secret",
"encryptpin": "true"})
# check if the PIN is encrypted
self.assertTrue(token.token.pin_hash.startswith("@@"),
token.token.pin_hash)
# update token without otpkey raises an error
self.assertRaises(Exception, token.update, {"description": "test"})
# update time settings
db_token = Token.query.filter_by(serial=self.serial1).first()
token = TotpTokenClass(db_token)
token.update({"otpkey": self.otpkey,
"otplen": 6,
"timeShift": 10,
"timeWindow": 180,
"timeStep": 30
})
def test_19_pin_otp_functions(self):
db_token = Token.query.filter_by(serial=self.serial1).first()
db_token.set_pin("test")
token = TotpTokenClass(db_token)
# check OTP according to RFC 4226
token.update({"otpkey": self.otpkey})
self.assertTrue(db_token.otplen == 6, 6)
set_prepend_pin()
res, pin, otp = token.split_pin_pass("test123456")
self.assertTrue(pin == "test", pin)
self.assertTrue(otp == "123456", otp)
self.assertTrue(token.check_pin(pin), pin)
# get the OTP value for counter 1417549521
res = token.get_otp(time_seconds=1417549521)
self.assertTrue(res[0] == 1, res)
self.assertTrue(res[2] == "589836", res)
check = token.check_otp("722053", counter=47251647)
# The OTP 722053 is of counter 47251647
self.assertTrue(check == 47251647, check)
# The tokenclass saves the counter to the database
self.assertTrue(token.token.count == 47251647, token.token.count)
check = token.check_otp("705493", counter=47251648)
# The OTP 705493 is of counter 47251649, but it matches also.
self.assertTrue(check == 47251649, check)
# successful authentication
res = token.authenticate("test589836")
# This is the OTP value of the counter=47251650
self.assertTrue(res == (True, 47251650, None), res)
# try the same OTP value again will fail!
res = token.authenticate("test589836")
# This is the OTP value of the counter=47251650
self.assertTrue(res == (True, -1, None), res)
res = token.get_multi_otp()
self.assertTrue(res[0] is False, res)
token.update({"otpkey": self.otpkey,
"otplen": 6,
"timeShift": 0})
token.token.count = 0
res = token.get_multi_otp(count=5)
self.assertTrue(res[0], res)
self.assertTrue(res[1] == "OK", res)
self.assertTrue(len(res[2].get("otp")) == 5, res[2].get("otp"))
# Simulate the server time
res = token.get_multi_otp(count=5, timestamp=47251644 * 30)
self.assertTrue(res[0], res)
self.assertTrue(res[1] == "OK", res)
self.assertTrue(len(res[2].get("otp")) == 5, res[2].get("otp"))
self.assertTrue(47251648 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47251647 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47251646 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47251645 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47251644 in res[2].get("otp"), res[2].get("otp"))
# Simulate the server time
res = token.get_multi_otp(count=5, curTime=datetime.datetime(2014,
12,12))
self.assertTrue(res[0], res)
self.assertTrue(res[1] == "OK", res)
self.assertTrue(len(res[2].get("otp")) == 5, res[2].get("otp"))
self.assertTrue(47278080 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47278081 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47278082 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47278083 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47278084 in res[2].get("otp"), res[2].get("otp"))
# do some failing otp checks
token.token.otplen = "invalid otp counter"
self.assertRaises(Exception, token.check_otp, "123456")
token.token.otplen = 0
# Previous OTP value used again
token.token.otplen = 6
#token.token.count = 47251640
# The OTP for this counter was already presented to the server
token.token.count = 47251648
# 47251647 -> 722053
res = token.check_otp("722053", options={"initTime": 47251649 * 30})
#self.assertTrue(res == 47251647, res)
self.assertTrue(res == -1, res)
# simple get_otp of current time
r = token.get_otp()
self.assertTrue(r > 47251648, r)
r = token.get_otp(current_time=datetime.datetime.now())
self.assertTrue(r > 47251648, r)
def test_15_check_pin(self):
db_token = Token.query.filter_by(serial=self.serial1).first()
token = TotpTokenClass(db_token)
token.set_pin("test")
self.assertTrue(token.check_pin("test"))
self.assertFalse(token.check_pin("wrong pin"))
def test_19_pin_otp_functions(self):
db_token = Token.query.filter_by(serial=self.serial1).first()
db_token.set_pin("test")
token = TotpTokenClass(db_token)
# check OTP according to RFC 4226
token.update({"otpkey": self.otpkey})
self.assertTrue(db_token.otplen == 6, 6)
set_prepend_pin()
res, pin, otp = token.split_pin_pass("test123456")
self.assertTrue(pin == "test", pin)
self.assertTrue(otp == "123456", otp)
self.assertTrue(token.check_pin(pin), pin)
# get the OTP value for counter 1417549521
res = token.get_otp(time_seconds=1417549521)
self.assertTrue(res[0] == 1, res)
self.assertTrue(res[2] == "589836", res)
check = token.check_otp("722053", counter=47251647)
# The OTP 722053 is of counter 47251647
self.assertTrue(check == 47251647, check)
# The tokenclass saves the counter to the database
self.assertTrue(token.token.count == 47251647, token.token.count)
check = token.check_otp("705493", counter=47251648)
# The OTP 705493 is of counter 47251649, but it matches also.
self.assertTrue(check == 47251649, check)
# successful authentication
res = token.authenticate("test589836")
# This is the OTP value of the counter=47251650
self.assertTrue(res == (True, 47251650, None), res)
# try the same OTP value again will fail!
res = token.authenticate("test589836")
# This is the OTP value of the counter=47251650
self.assertTrue(res == (True, -1, None), res)
res = token.get_multi_otp()
self.assertTrue(res[0] is False, res)
token.update({"otpkey": self.otpkey,
"otplen": 6})
token.token.count = 0
res = token.get_multi_otp(count=5)
self.assertTrue(res[0], res)
self.assertTrue(res[1] == "OK", res)
self.assertTrue(len(res[2].get("otp")) == 5, res[2].get("otp"))
# Simulate the server time
res = token.get_multi_otp(count=5, timestamp=47251644 * 30)
self.assertTrue(res[0], res)
self.assertTrue(res[1] == "OK", res)
self.assertTrue(len(res[2].get("otp")) == 5, res[2].get("otp"))
self.assertTrue(47251648 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47251647 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47251646 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47251645 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47251644 in res[2].get("otp"), res[2].get("otp"))
# Simulate the server time
res = token.get_multi_otp(count=5, curTime=datetime.datetime(2014,
12,12))
self.assertTrue(res[0], res)
self.assertTrue(res[1] == "OK", res)
self.assertTrue(len(res[2].get("otp")) == 5, res[2].get("otp"))
self.assertTrue(47278080 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47278081 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47278082 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47278083 in res[2].get("otp"), res[2].get("otp"))
self.assertTrue(47278084 in res[2].get("otp"), res[2].get("otp"))
# do some failing otp checks
token.token.otplen = "invalid otp counter"
self.assertRaises(Exception, token.check_otp, "123456")
token.token.otplen = 0
# Previous OTP value used again
token.token.otplen = 6
#token.token.count = 47251640
# The OTP for this counter was already presented to the server
token.token.count = 47251648
# 47251647 -> 722053
res = token.check_otp("722053", options={"initTime": 47251649 * 30})
#self.assertTrue(res == 47251647, res)
self.assertTrue(res == -1, res)
# simple get_otp of current time
r = token.get_otp()
self.assertTrue(r > 47251648, r)
r = token.get_otp(current_time=datetime.datetime.now())
self.assertTrue(r > 47251648, r)
def test_15_check_pin(self):
db_token = Token.query.filter_by(serial=self.serial1).first()
token = TotpTokenClass(db_token)
token.set_pin("test")
self.assertTrue(token.check_pin("test"))
self.assertFalse(token.check_pin("wrong pin"))
