Skip to content

Commit

Permalink
Moved to OOP
Browse files Browse the repository at this point in the history
  • Loading branch information
@msetina
msetina committed Apr 11, 2024
1 parent 152b7c3 commit 025774d
Show file tree
Hide file tree
Showing 10 changed files with 470 additions and 203 deletions.
223 changes: 94 additions & 129 deletions cryptography_keys_tests/test_base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,50 +34,43 @@ def test_change_pin(self):

def test_rsa_key_creation(self):
from pkcs11_cryptography_keys import list_token_admins
from pkcs11_cryptography_keys.card_token.PKCS11_key_definition import (
PKCS11KeyUsageAllNoDerive,
KeyTypes,
)

for admin in list_token_admins(_pkcs11lib, "1234", True):
with admin as current_admin:
settings = {
"key_type": "RSA",
"RSA_length": 2048,
"key_usage": {
"crypt": True,
"sign": True,
"wrap": True,
"recover": False,
},
}
rsa_priv_key = current_admin.create_key_pair(settings)
keydef = PKCS11KeyUsageAllNoDerive()
rsa_priv_key = current_admin.create_key_pair(
keydef, key_type=KeyTypes.RSA, RSA_length=2048
)
assert rsa_priv_key is not None
assert rsa_priv_key.key_size == 2048
ku = rsa_priv_key.read_key_usage()
for ka, val in settings["key_usage"].items():
assert ku[ka] == val
# ku = rsa_priv_key.read_key_usage()
# for ka, val in settings["key_usage"].items():
# assert ku[ka] == val
r = current_admin.delete_key_pair()
assert r

def test_ec_key_creation(self):
from pkcs11_cryptography_keys import list_token_admins
from cryptography.hazmat.primitives.asymmetric.ec import SECP384R1
from pkcs11_cryptography_keys.card_token.PKCS11_key_definition import (
PKCS11KeyUsageAll,
KeyTypes,
)

for admin in list_token_admins(_pkcs11lib, "1234", True):
with admin as current_admin:
settings = {
"key_type": "EC",
"EC_curve": SECP384R1(),
"key_usage": {
"crypt": True,
"sign": True,
"wrap": True,
"derive": True,
"recover": False,
},
}
ec_priv_key = current_admin.create_key_pair(settings)
keydef = PKCS11KeyUsageAll()
ec_priv_key = current_admin.create_key_pair(
keydef, key_type=KeyTypes.EC, EC_curve=SECP384R1()
)
assert ec_priv_key.curve.__class__ is SECP384R1
ku = ec_priv_key.read_key_usage()
for ka, val in settings["key_usage"].items():
assert ku[ka] == val
# ku = ec_priv_key.read_key_usage()
# for ka, val in settings["key_usage"].items():
# assert ku[ka] == val
r = current_admin.delete_key_pair()
assert ec_priv_key is not None
assert r
Expand All @@ -89,22 +82,19 @@ def test_rsa_encryption_PKCS1v15(self):
PKCS11KeySession,
)
from cryptography.hazmat.primitives.asymmetric import padding
from pkcs11_cryptography_keys.card_token.PKCS11_key_definition import (
PKCS11KeyUsageAllNoDerive,
KeyTypes,
)

data = b"How to encode this sentence"
for label in list_token_labels(_pkcs11lib):
a_session = PKCS11AdminSession(_pkcs11lib, label, "1234", True)
with a_session as current_admin:
settings = {
"key_type": "RSA",
"RSA_length": 2048,
"key_usage": {
"crypt": True,
"sign": True,
"wrap": True,
"recover": True,
},
}
rsa_priv_key = current_admin.create_key_pair(settings)
keydef = PKCS11KeyUsageAllNoDerive()
rsa_priv_key = current_admin.create_key_pair(
keydef, key_type=KeyTypes.RSA, RSA_length=2048
)
assert rsa_priv_key is not None
k_session = PKCS11KeySession(_pkcs11lib, label, "1234")
with k_session as current_key:
Expand All @@ -127,22 +117,19 @@ def test_rsa_encryption_PKCS1v15(self):
# )
# from cryptography.hazmat.primitives import hashes
# from cryptography.hazmat.primitives.asymmetric import padding
# from pkcs11_cryptography_keys.card_token.PKCS11_key_definition import (
# PKCS11KeyUsageAllNoDerive,
# KeyTypes,
# )

# message = b"encrypted data"
# for label in list_token_labels(_pkcs11lib):
# a_session = PKCS11AdminSession(_pkcs11lib, label, "1234", True)
# with a_session as current_admin:
# settings = {
# "key_type": "RSA",
# "RSA_length": 2048,
# "key_usage": {
# "crypt": True,
# "sign": True,
# "wrap": True,
# "recover": True,
# },
# }
# rsa_priv_key = current_admin.create_key_pair(settings)
# keydef = PKCS11KeyUsageAllNoDerive()
# rsa_priv_key = current_admin.create_key_pair(
# keydef, key_type=KeyTypes.RSA, RSA_length=2048
# )
# assert rsa_priv_key is not None
# k_session = PKCS11KeySession(_pkcs11lib, label, "1234")
# with k_session as current_key:
Expand Down Expand Up @@ -173,22 +160,19 @@ def test_rsa_encryption_OAEP(self):
)
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from pkcs11_cryptography_keys.card_token.PKCS11_key_definition import (
PKCS11KeyUsageAllNoDerive,
KeyTypes,
)

message = b"encrypted data"
for label in list_token_labels(_pkcs11lib):
a_session = PKCS11AdminSession(_pkcs11lib, label, "1234", True)
with a_session as current_admin:
settings = {
"key_type": "RSA",
"RSA_length": 2048,
"key_usage": {
"crypt": True,
"sign": True,
"wrap": True,
"recover": True,
},
}
rsa_priv_key = current_admin.create_key_pair(settings)
keydef = PKCS11KeyUsageAllNoDerive()
rsa_priv_key = current_admin.create_key_pair(
keydef, key_type=KeyTypes.RSA, RSA_length=2048
)
assert rsa_priv_key is not None
k_session = PKCS11KeySession(_pkcs11lib, label, "1234")
with k_session as current_key:
Expand Down Expand Up @@ -220,22 +204,19 @@ def test_rsa_sign_verify_PKCS1(self):
)
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from pkcs11_cryptography_keys.card_token.PKCS11_key_definition import (
PKCS11KeyUsageAllNoDerive,
KeyTypes,
)

data = b"How to encode this sentence"
for label in list_token_labels(_pkcs11lib):
a_session = PKCS11AdminSession(_pkcs11lib, label, "1234", True)
with a_session as current_admin:
settings = {
"key_type": "RSA",
"RSA_length": 2048,
"key_usage": {
"crypt": True,
"sign": True,
"wrap": True,
"recover": True,
},
}
rsa_priv_key = current_admin.create_key_pair(settings)
keydef = PKCS11KeyUsageAllNoDerive()
rsa_priv_key = current_admin.create_key_pair(
keydef, key_type=KeyTypes.RSA, RSA_length=2048
)
assert rsa_priv_key is not None
k_session = PKCS11KeySession(_pkcs11lib, label, "1234")
with k_session as current_key:
Expand All @@ -257,22 +238,19 @@ def test_rsa_sign_verify_PSS_digest_length(self):
)
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from pkcs11_cryptography_keys.card_token.PKCS11_key_definition import (
PKCS11KeyUsageAllNoDerive,
KeyTypes,
)

message = b"A message I want to sign"
for label in list_token_labels(_pkcs11lib):
a_session = PKCS11AdminSession(_pkcs11lib, label, "1234", True)
with a_session as current_admin:
settings = {
"key_type": "RSA",
"RSA_length": 2048,
"key_usage": {
"crypt": True,
"sign": True,
"wrap": True,
"recover": True,
},
}
rsa_priv_key = current_admin.create_key_pair(settings)
keydef = PKCS11KeyUsageAllNoDerive()
rsa_priv_key = current_admin.create_key_pair(
keydef, key_type=KeyTypes.RSA, RSA_length=2048
)
assert rsa_priv_key is not None
k_session = PKCS11KeySession(_pkcs11lib, label, "1234")
with k_session as current_key:
Expand Down Expand Up @@ -307,22 +285,19 @@ def test_rsa_sign_verify_PSS_max_length(self):
)
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from pkcs11_cryptography_keys.card_token.PKCS11_key_definition import (
PKCS11KeyUsageAllNoDerive,
KeyTypes,
)

message = b"A message I want to sign"
for label in list_token_labels(_pkcs11lib):
a_session = PKCS11AdminSession(_pkcs11lib, label, "1234", True)
with a_session as current_admin:
settings = {
"key_type": "RSA",
"RSA_length": 2048,
"key_usage": {
"crypt": True,
"sign": True,
"wrap": True,
"recover": True,
},
}
rsa_priv_key = current_admin.create_key_pair(settings)
keydef = PKCS11KeyUsageAllNoDerive()
rsa_priv_key = current_admin.create_key_pair(
keydef, key_type=KeyTypes.RSA, RSA_length=2048
)
assert rsa_priv_key is not None
k_session = PKCS11KeySession(_pkcs11lib, label, "1234")
with k_session as current_key:
Expand Down Expand Up @@ -357,22 +332,19 @@ def test_rsa_sign_verify_PSS_message_length(self):
)
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from pkcs11_cryptography_keys.card_token.PKCS11_key_definition import (
PKCS11KeyUsageAllNoDerive,
KeyTypes,
)

message = b"A message I want to sign"
for label in list_token_labels(_pkcs11lib):
a_session = PKCS11AdminSession(_pkcs11lib, label, "1234", True)
with a_session as current_admin:
settings = {
"key_type": "RSA",
"RSA_length": 2048,
"key_usage": {
"crypt": True,
"sign": True,
"wrap": True,
"recover": True,
},
}
rsa_priv_key = current_admin.create_key_pair(settings)
keydef = PKCS11KeyUsageAllNoDerive()
rsa_priv_key = current_admin.create_key_pair(
keydef, key_type=KeyTypes.RSA, RSA_length=2048
)
assert rsa_priv_key is not None
k_session = PKCS11KeySession(_pkcs11lib, label, "1234")
with k_session as current_key:
Expand Down Expand Up @@ -409,22 +381,19 @@ def test_rsa_sign_verify_PSS_auto(self):
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.exceptions import UnsupportedAlgorithm
import pytest
from pkcs11_cryptography_keys.card_token.PKCS11_key_definition import (
PKCS11KeyUsageAllNoDerive,
KeyTypes,
)

message = b"A message I want to sign"
for label in list_token_labels(_pkcs11lib):
a_session = PKCS11AdminSession(_pkcs11lib, label, "1234", True)
with a_session as current_admin:
settings = {
"key_type": "RSA",
"RSA_length": 2048,
"key_usage": {
"crypt": True,
"sign": True,
"wrap": True,
"recover": True,
},
}
rsa_priv_key = current_admin.create_key_pair(settings)
keydef = PKCS11KeyUsageAllNoDerive()
rsa_priv_key = current_admin.create_key_pair(
keydef, key_type=KeyTypes.RSA, RSA_length=2048
)
assert rsa_priv_key is not None
k_session = PKCS11KeySession(_pkcs11lib, label, "1234")
with k_session as current_key:
Expand Down Expand Up @@ -458,6 +427,10 @@ def test_ec_sign_verify(self):
SECP384R1,
)
from cryptography.hazmat.primitives.asymmetric import utils
from pkcs11_cryptography_keys.card_token.PKCS11_key_definition import (
PKCS11KeyUsageAll,
KeyTypes,
)

data = b"How to encode this sentence"
chosen_hash = hashes.SHA256()
Expand All @@ -467,18 +440,10 @@ def test_ec_sign_verify(self):
for label in list_token_labels(_pkcs11lib):
a_session = PKCS11AdminSession(_pkcs11lib, label, "1234", True)
with a_session as current_admin:
settings = {
"key_type": "EC",
"EC_curve": SECP384R1(),
"key_usage": {
"crypt": True,
"sign": True,
"wrap": True,
"derive": True,
"recover": True,
},
}
ec_priv_key = current_admin.create_key_pair(settings)
keydef = PKCS11KeyUsageAll()
ec_priv_key = current_admin.create_key_pair(
keydef, key_type=KeyTypes.EC, EC_curve=SECP384R1()
)
assert ec_priv_key is not None
k_session = PKCS11KeySession(_pkcs11lib, label, "1234")
with k_session as current_key:
Expand Down
22 changes: 9 additions & 13 deletions cryptography_keys_tests/test_certs.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,10 @@ def test_create_cert(self):
PKCS11SlotSession,
)
from pkcs11_cryptography_keys import list_token_labels
from pkcs11_cryptography_keys.card_token.PKCS11_key_definition import (
PKCS11KeyUsageAllNoDerive,
KeyTypes,
)

email = "[email protected]"
subject = x509.Name(
Expand Down Expand Up @@ -73,17 +77,10 @@ def test_create_cert(self):
_pkcs11lib, label, "1234", True, "sig_token", b"254"
)
with create_session as current_admin:
settings = {
"key_type": "RSA",
"RSA_length": 2048,
"key_usage": {
"crypt": True,
"sign": True,
"wrap": True,
"recover": True,
},
}
rsa_priv_key = current_admin.create_key_pair(settings)
keydef = PKCS11KeyUsageAllNoDerive()
rsa_priv_key = current_admin.create_key_pair(
keydef, key_type=KeyTypes.RSA, RSA_length=2048
)
assert rsa_priv_key is not None

key_session = PKCS11KeySession(
Expand Down Expand Up @@ -116,9 +113,8 @@ def test_create_cert(self):
)

admin_session = PKCS11AdminSession(_pkcs11lib, label, "1234", True)
settings = {"subject": subject, "certificate": certificate}
with admin_session as token_admin:
token_admin.write_certificate(settings)
token_admin.write_certificate(subject, certificate)

slot_session = PKCS11SlotSession(_pkcs11lib, label, "1234")
cnt = 0
Expand Down
Loading

0 comments on commit 025774d

Please sign in to comment.