def test_17_update_token(self): db_token = Token.query.filter_by(serial=self.serial1).first() token = TotpTokenClass(db_token) # Failed update: genkey wrong self.assertRaises(Exception, token.update, {"description": "new desc", "genkey": "17"}) # genkey and otpkey used at the same time token.update({"otpkey": self.otpkey, "genkey": "1"}) token.update({"otpkey": self.otpkey, "pin": "654321", "otplen": 6}) self.assertTrue(token.check_pin("654321")) self.assertTrue(token.token.otplen == 6) # update hashlib token.update({"otpkey": self.otpkey, "hashlib": "sha1"}) self.assertTrue(token.get_tokeninfo("hashlib") == "sha1", token.get_tokeninfo()) # save pin encrypted token.update({"genkey": 1, "pin": "secret", "encryptpin": "true"}) # check if the PIN is encrypted self.assertTrue(token.token.pin_hash.startswith("@@"), token.token.pin_hash) # update token without otpkey raises an error self.assertRaises(Exception, token.update, {"description": "test"}) # update time settings db_token = Token.query.filter_by(serial=self.serial1).first() token = TotpTokenClass(db_token) token.update({"otpkey": self.otpkey, "otplen": 6, "timeShift": 10, "timeWindow": 180, "timeStep": 30 })
def test_19_pin_otp_functions(self): db_token = Token.query.filter_by(serial=self.serial1).first() db_token.set_pin("test") token = TotpTokenClass(db_token) # check OTP according to RFC 4226 token.update({"otpkey": self.otpkey}) self.assertTrue(db_token.otplen == 6, 6) set_prepend_pin() res, pin, otp = token.split_pin_pass("test123456") self.assertTrue(pin == "test", pin) self.assertTrue(otp == "123456", otp) self.assertTrue(token.check_pin(pin), pin) # get the OTP value for counter 1417549521 res = token.get_otp(time_seconds=1417549521) self.assertTrue(res[0] == 1, res) self.assertTrue(res[2] == "589836", res) check = token.check_otp("722053", counter=47251647) # The OTP 722053 is of counter 47251647 self.assertTrue(check == 47251647, check) # The tokenclass saves the counter to the database self.assertTrue(token.token.count == 47251647, token.token.count) check = token.check_otp("705493", counter=47251648) # The OTP 705493 is of counter 47251649, but it matches also. self.assertTrue(check == 47251649, check) # successful authentication res = token.authenticate("test589836") # This is the OTP value of the counter=47251650 self.assertTrue(res == (True, 47251650, None), res) # try the same OTP value again will fail! res = token.authenticate("test589836") # This is the OTP value of the counter=47251650 self.assertTrue(res == (True, -1, None), res) res = token.get_multi_otp() self.assertTrue(res[0] is False, res) token.update({"otpkey": self.otpkey, "otplen": 6, "timeShift": 0}) token.token.count = 0 res = token.get_multi_otp(count=5) self.assertTrue(res[0], res) self.assertTrue(res[1] == "OK", res) self.assertTrue(len(res[2].get("otp")) == 5, res[2].get("otp")) # Simulate the server time res = token.get_multi_otp(count=5, timestamp=47251644 * 30) self.assertTrue(res[0], res) self.assertTrue(res[1] == "OK", res) self.assertTrue(len(res[2].get("otp")) == 5, res[2].get("otp")) self.assertTrue(47251648 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47251647 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47251646 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47251645 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47251644 in res[2].get("otp"), res[2].get("otp")) # Simulate the server time res = token.get_multi_otp(count=5, curTime=datetime.datetime(2014, 12,12)) self.assertTrue(res[0], res) self.assertTrue(res[1] == "OK", res) self.assertTrue(len(res[2].get("otp")) == 5, res[2].get("otp")) self.assertTrue(47278080 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47278081 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47278082 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47278083 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47278084 in res[2].get("otp"), res[2].get("otp")) # do some failing otp checks token.token.otplen = "invalid otp counter" self.assertRaises(Exception, token.check_otp, "123456") token.token.otplen = 0 # Previous OTP value used again token.token.otplen = 6 #token.token.count = 47251640 # The OTP for this counter was already presented to the server token.token.count = 47251648 # 47251647 -> 722053 res = token.check_otp("722053", options={"initTime": 47251649 * 30}) #self.assertTrue(res == 47251647, res) self.assertTrue(res == -1, res) # simple get_otp of current time r = token.get_otp() self.assertTrue(r > 47251648, r) r = token.get_otp(current_time=datetime.datetime.now()) self.assertTrue(r > 47251648, r)
def test_15_check_pin(self): db_token = Token.query.filter_by(serial=self.serial1).first() token = TotpTokenClass(db_token) token.set_pin("test") self.assertTrue(token.check_pin("test")) self.assertFalse(token.check_pin("wrong pin"))
def test_19_pin_otp_functions(self): db_token = Token.query.filter_by(serial=self.serial1).first() db_token.set_pin("test") token = TotpTokenClass(db_token) # check OTP according to RFC 4226 token.update({"otpkey": self.otpkey}) self.assertTrue(db_token.otplen == 6, 6) set_prepend_pin() res, pin, otp = token.split_pin_pass("test123456") self.assertTrue(pin == "test", pin) self.assertTrue(otp == "123456", otp) self.assertTrue(token.check_pin(pin), pin) # get the OTP value for counter 1417549521 res = token.get_otp(time_seconds=1417549521) self.assertTrue(res[0] == 1, res) self.assertTrue(res[2] == "589836", res) check = token.check_otp("722053", counter=47251647) # The OTP 722053 is of counter 47251647 self.assertTrue(check == 47251647, check) # The tokenclass saves the counter to the database self.assertTrue(token.token.count == 47251647, token.token.count) check = token.check_otp("705493", counter=47251648) # The OTP 705493 is of counter 47251649, but it matches also. self.assertTrue(check == 47251649, check) # successful authentication res = token.authenticate("test589836") # This is the OTP value of the counter=47251650 self.assertTrue(res == (True, 47251650, None), res) # try the same OTP value again will fail! res = token.authenticate("test589836") # This is the OTP value of the counter=47251650 self.assertTrue(res == (True, -1, None), res) res = token.get_multi_otp() self.assertTrue(res[0] is False, res) token.update({"otpkey": self.otpkey, "otplen": 6}) token.token.count = 0 res = token.get_multi_otp(count=5) self.assertTrue(res[0], res) self.assertTrue(res[1] == "OK", res) self.assertTrue(len(res[2].get("otp")) == 5, res[2].get("otp")) # Simulate the server time res = token.get_multi_otp(count=5, timestamp=47251644 * 30) self.assertTrue(res[0], res) self.assertTrue(res[1] == "OK", res) self.assertTrue(len(res[2].get("otp")) == 5, res[2].get("otp")) self.assertTrue(47251648 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47251647 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47251646 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47251645 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47251644 in res[2].get("otp"), res[2].get("otp")) # Simulate the server time res = token.get_multi_otp(count=5, curTime=datetime.datetime(2014, 12,12)) self.assertTrue(res[0], res) self.assertTrue(res[1] == "OK", res) self.assertTrue(len(res[2].get("otp")) == 5, res[2].get("otp")) self.assertTrue(47278080 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47278081 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47278082 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47278083 in res[2].get("otp"), res[2].get("otp")) self.assertTrue(47278084 in res[2].get("otp"), res[2].get("otp")) # do some failing otp checks token.token.otplen = "invalid otp counter" self.assertRaises(Exception, token.check_otp, "123456") token.token.otplen = 0 # Previous OTP value used again token.token.otplen = 6 #token.token.count = 47251640 # The OTP for this counter was already presented to the server token.token.count = 47251648 # 47251647 -> 722053 res = token.check_otp("722053", options={"initTime": 47251649 * 30}) #self.assertTrue(res == 47251647, res) self.assertTrue(res == -1, res) # simple get_otp of current time r = token.get_otp() self.assertTrue(r > 47251648, r) r = token.get_otp(current_time=datetime.datetime.now()) self.assertTrue(r > 47251648, r)