def test_01_simple(self):
with self.pkcs11:
self.assertIsInstance(get_hsm(), AESHardwareSecurityModule)
r = encryptPin("test")
pin = decryptPin(r)
self.assertEqual(pin, "test")
self.assertTrue(get_hsm().is_ready)
self.assertEqual(self.pkcs11.session_mock.encrypt.call_count, 1)
def test_01_simple(self):
with self.pkcs11:
self.assertIsInstance(get_hsm(), AESHardwareSecurityModule)
r = encryptPin("test")
pin = decryptPin(r)
self.assertEqual(pin, "test")
self.assertTrue(get_hsm().is_ready)
self.assertEqual(self.pkcs11.session_mock.encrypt.call_count, 1)
def test_01_set_password(self):
with self.pkcs11:
hsm = init_hsm()
self.assertIsInstance(hsm, AESHardwareSecurityModule)
with self.assertRaises(HSMException):
get_hsm()
self.assertIs(get_hsm(require_ready=False), hsm)
ready = set_hsm_password("test123!")
self.assertTrue(ready)
self.assertIs(hsm, init_hsm())
self.assertIs(get_hsm(), hsm)
def test_01_set_password(self):
with self.pkcs11:
hsm = init_hsm()
self.assertIsInstance(hsm, AESHardwareSecurityModule)
with self.assertRaises(HSMException):
get_hsm()
self.assertIs(get_hsm(require_ready=False), hsm)
ready = set_hsm_password("test123!")
self.assertTrue(ready)
self.assertIs(hsm, init_hsm())
self.assertIs(get_hsm(), hsm)
def test_02_fault_recovery(self):
with self.pkcs11:
hsm = get_hsm()
self.assertIsInstance(hsm, AESHardwareSecurityModule)
# encryption initially works
r = encryptPin("test")
pin = decryptPin(r)
self.assertEqual(pin, "test")
self.assertTrue(hsm.is_ready)
# the HSM disappears
generate_random_call_count = self.pkcs11.session_mock.generateRandom.call_count
open_session_call_count = self.pkcs11.mock.openSession.call_count
with self.pkcs11.simulate_disconnect(100):
with self.assertRaises(PyKCS11Error):
encryptPin("test")
# we have tried to generate a random number once
self.assertEqual(
self.pkcs11.session_mock.generateRandom.call_count,
generate_random_call_count + 1)
# we have tried to open a new session once
self.assertEqual(self.pkcs11.mock.openSession.call_count,
open_session_call_count + 1)
# HSM is now defunct
# try to recover now
r = encryptPin("test")
pin = decryptPin(r)
self.assertEqual(pin, "test")
def test_02_fault_recovery(self):
with self.pkcs11:
hsm = get_hsm()
self.assertIsInstance(hsm, AESHardwareSecurityModule)
# encryption initially works
r = encryptPin("test")
pin = decryptPin(r)
self.assertEqual(pin, "test")
self.assertTrue(hsm.is_ready)
# the HSM disappears
generate_random_call_count = self.pkcs11.session_mock.generateRandom.call_count
open_session_call_count = self.pkcs11.mock.openSession.call_count
with self.pkcs11.simulate_disconnect(100):
with self.assertRaises(PyKCS11Error):
encryptPin("test")
# we have tried to generate a random number once
self.assertEqual(self.pkcs11.session_mock.generateRandom.call_count,
generate_random_call_count + 1)
# we have tried to open a new session once
self.assertEqual(self.pkcs11.mock.openSession.call_count,
open_session_call_count + 1)
# HSM is now defunct
# try to recover now
r = encryptPin("test")
pin = decryptPin(r)
self.assertEqual(pin, "test")
def get_security_module():
"""
Get the status of the security module.
"""
hsm = get_hsm(require_ready=False)
is_ready = hsm.is_ready
res = {"is_ready": is_ready}
g.audit_object.log({'success': res})
return send_result(res)
def get_security_module():
"""
Get the status of the security module.
"""
hsm = get_hsm(require_ready=False)
is_ready = hsm.is_ready
res = {"is_ready": is_ready}
g.audit_object.log({'success': res})
return send_result(res)
