def test_04_failure(self): db_token = Token(self.serial2, tokentype="vasco") db_token.save() token = VascoTokenClass(db_token) token.update({"otpkey": hexlify("X"*248), "pin": self.otppin}) r = token.authenticate("{}123456".format(self.otppin)) self.assertEqual(r[0], True) self.assertEqual(r[1], -1) # failure, but the token secret has been updated nonetheless key = token.token.get_otpkey().getKey() self.assertEqual(key, "X"*24 + "Y"*224) # wrong PIN, the token secret has not been updated r = token.authenticate("WRONG123456".format(self.otppin)) self.assertEqual(r[0], False) self.assertEqual(r[1], -1) key = token.token.get_otpkey().getKey() self.assertEqual(key, "X"*24 + "Y"*224) # another failure, but the token secret has been updated again! r = token.authenticate("{}234567".format(self.otppin)) self.assertEqual(r[0], True) self.assertEqual(r[1], -1) key = token.token.get_otpkey().getKey() self.assertEqual(key, "X"*24 + "Z"*224) token.delete_token()
def test_05_success(self): db_token = Token(self.serial2, tokentype="vasco") db_token.save() token = VascoTokenClass(db_token) token.update({ "otpkey": hexlify(b"X" * 248).decode("utf-8"), "pin": self.otppin }) # wrong PIN, the token secret has not been updated r = token.authenticate("WRONG123456".format(self.otppin)) self.assertEqual(r[0], False) self.assertEqual(r[1], -1) key = token.token.get_otpkey().getKey() self.assertEqual(key, b"X" * 24 + b"X" * 224) # correct PIN + OTP r = token.authenticate("{}123456".format(self.otppin)) self.assertEqual(r[0], True) self.assertEqual(r[1], 0) # TODO: that is success? key = token.token.get_otpkey().getKey() self.assertEqual(key, b"X" * 24 + b"Y" * 224) # another success r = token.authenticate("{}234567".format(self.otppin)) self.assertEqual(r[0], True) self.assertEqual(r[1], 0) # TODO: that is success? key = token.token.get_otpkey().getKey() self.assertEqual(key, b"X" * 24 + b"Z" * 224) token.delete_token()
def test_05_success(self): db_token = Token(self.serial2, tokentype="vasco") db_token.save() token = VascoTokenClass(db_token) token.update({"otpkey": hexlify("X"*248), "pin": self.otppin}) # wrong PIN, the token secret has not been updated r = token.authenticate("WRONG123456".format(self.otppin)) self.assertEqual(r[0], False) self.assertEqual(r[1], -1) key = token.token.get_otpkey().getKey() self.assertEqual(key, "X"*24 + "X"*224) # correct PIN + OTP r = token.authenticate("{}123456".format(self.otppin)) self.assertEqual(r[0], True) self.assertEqual(r[1], 0) # TODO: that is success? key = token.token.get_otpkey().getKey() self.assertEqual(key, "X"*24 + "Y"*224) # another success r = token.authenticate("{}234567".format(self.otppin)) self.assertEqual(r[0], True) self.assertEqual(r[1], 0) # TODO: that is success? key = token.token.get_otpkey().getKey() self.assertEqual(key, "X"*24 + "Z"*224) token.delete_token()
def test_04_failure(self): db_token = Token(self.serial2, tokentype="vasco") db_token.save() token = VascoTokenClass(db_token) token.update({ "otpkey": hexlify(b"X" * 248).decode("utf-8"), "pin": self.otppin }) r = token.authenticate("{}123456".format(self.otppin)) self.assertEqual(r[0], True) self.assertEqual(r[1], -1) # failure, but the token secret has been updated nonetheless key = token.token.get_otpkey().getKey() self.assertEqual(key, b"X" * 24 + b"Y" * 224) # wrong PIN, the token secret has not been updated r = token.authenticate("WRONG123456".format(self.otppin)) self.assertEqual(r[0], False) self.assertEqual(r[1], -1) key = token.token.get_otpkey().getKey() self.assertEqual(key, b"X" * 24 + b"Y" * 224) # another failure, but the token secret has been updated again! r = token.authenticate("{}234567".format(self.otppin)) self.assertEqual(r[0], True) self.assertEqual(r[1], -1) key = token.token.get_otpkey().getKey() self.assertEqual(key, b"X" * 24 + b"Z" * 224) token.delete_token()