def test_03_retry(self): with PKCS11Mock() as pkcs11: hsm = AESHardwareSecurityModule({ "module": "testmodule", }) hsm.setup_module({"password": "******"}) self.assertTrue(hsm.is_ready) self.assertIs(hsm.session, pkcs11.session_mock) # session is opened once self.assertEqual(pkcs11.mock.openSession.mock_calls, [call(slot=1)]) # simulate that encryption succeeds after five tries password = "******" * 16 with pkcs11.simulate_failure(pkcs11.session_mock.encrypt, 5): encrypted = hsm.encrypt_password(password) # the session has been opened initially, and five times after that self.assertEqual(pkcs11.mock.openSession.mock_calls, [call(slot=1)] * 6) # simulate that decryption succeeds after five tries with pkcs11.simulate_failure(pkcs11.session_mock.decrypt, 5): self.assertEqual(hsm.decrypt_password(encrypted), password) # the session has been opened initially, five times during encryption, and five times now self.assertEqual(pkcs11.mock.openSession.mock_calls, [call(slot=1)] * 11) # simulate that random generation succeeds after five tries with pkcs11.simulate_failure(pkcs11.session_mock.generateRandom, 5): self.assertEqual(hsm.random(4), b"\x00\x01\x02\x03") self.assertEqual(pkcs11.mock.openSession.mock_calls, [call(slot=1)] * 16)
def test_03_retry(self): with PKCS11Mock() as pkcs11: hsm = AESHardwareSecurityModule({ "module": "testmodule", }) hsm.setup_module({ "password": "******" }) self.assertTrue(hsm.is_ready) self.assertIs(hsm.session, pkcs11.session_mock) # session is opened once self.assertEqual(pkcs11.mock.openSession.mock_calls, [ call(slot=1) ]) # simulate that encryption succeeds after five tries password = "******" * 16 with pkcs11.simulate_failure(pkcs11.session_mock.encrypt, 5): encrypted = hsm.encrypt_password(password) # the session has been opened initially, and five times after that self.assertEqual(pkcs11.mock.openSession.mock_calls, [call(slot=1)] * 6) # simulate that decryption succeeds after five tries with pkcs11.simulate_failure(pkcs11.session_mock.decrypt, 5): self.assertEqual(hsm.decrypt_password(encrypted), password) # the session has been opened initially, five times during encryption, and five times now self.assertEqual(pkcs11.mock.openSession.mock_calls, [call(slot=1)] * 11) # simulate that random generation succeeds after five tries with pkcs11.simulate_failure(pkcs11.session_mock.generateRandom, 5): self.assertEqual(hsm.random(4), b"\x00\x01\x02\x03") self.assertEqual(pkcs11.mock.openSession.mock_calls, [call(slot=1)] * 16)
def test_02_basic(self): with PKCS11Mock() as pkcs11: hsm = AESHardwareSecurityModule({ "module": "testmodule", }) self.assertFalse(hsm.is_ready) self.assertEqual(pkcs11.mock.openSession.call_count, 0) hsm.setup_module({"password": "******"}) self.assertTrue(hsm.is_ready) self.assertEqual(pkcs11.mock.openSession.call_count, 1) self.assertIs(hsm.session, pkcs11.session_mock) # mock just returns \x00\x01... for random values self.assertEqual(hsm.random(4), b"\x00\x01\x02\x03") pkcs11.session_mock.generateRandom.assert_called_once_with(4) password = "******" * 16 crypted = hsm.encrypt_password(password) # to generate the IV pkcs11.session_mock.generateRandom.assert_called_with(16) text = hsm.decrypt_password(crypted) self.assertEqual(text, password) self.assertEqual(pkcs11.session_mock.encrypt.call_count, 1) self.assertEqual(pkcs11.session_mock.encrypt.call_count, 1) # during the whole usage, we have only used one session self.assertEqual(pkcs11.mock.openSession.call_count, 1)
def test_02_basic(self): with PKCS11Mock() as pkcs11: hsm = AESHardwareSecurityModule({ "module": "testmodule", }) self.assertFalse(hsm.is_ready) self.assertEqual(pkcs11.mock.openSession.call_count, 0) hsm.setup_module({ "password": "******" }) self.assertTrue(hsm.is_ready) self.assertEqual(pkcs11.mock.openSession.call_count, 1) self.assertIs(hsm.session, pkcs11.session_mock) # mock just returns \x00\x01... for random values self.assertEqual(hsm.random(4), b"\x00\x01\x02\x03") pkcs11.session_mock.generateRandom.assert_called_once_with(4) password = "******" * 16 crypted = hsm.encrypt_password(password) # to generate the IV pkcs11.session_mock.generateRandom.assert_called_with(16) text = hsm.decrypt_password(crypted) self.assertEqual(text, password) self.assertEqual(pkcs11.session_mock.encrypt.call_count, 1) self.assertEqual(pkcs11.session_mock.encrypt.call_count, 1) # during the whole usage, we have only used one session self.assertEqual(pkcs11.mock.openSession.call_count, 1)