"Fossies" - the Fresh Open Source Software Archive

Member "LinOTP-release-2.11/linotpd/src/linotp/tests/test_additionals.py" (12 Nov 2019, 12110 Bytes) of package /linux/misc/LinOTP-release-2.11.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Python source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 # -*- coding: utf-8 -*-
    2 #
    3 #    LinOTP - the open source solution for two factor authentication
    4 #    Copyright (C) 2010 - 2019 KeyIdentity GmbH
    5 #
    6 #    This file is part of LinOTP server.
    7 #
    8 #    This program is free software: you can redistribute it and/or
    9 #    modify it under the terms of the GNU Affero General Public
   10 #    License, version 3, as published by the Free Software Foundation.
   11 #
   12 #    This program is distributed in the hope that it will be useful,
   13 #    but WITHOUT ANY WARRANTY; without even the implied warranty of
   14 #    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   15 #    GNU Affero General Public License for more details.
   16 #
   17 #    You should have received a copy of the
   18 #               GNU Affero General Public License
   19 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
   20 #
   21 #
   22 #    E-mail: linotp@keyidentity.com
   23 #    Contact: www.linotp.org
   24 #    Support: www.keyidentity.com
   25 #
   26 
   27 """
   28      This file contains some tests, which should become
   29      part of the functional tests
   30 """
   31 
   32 from unittest import TestCase
   33 from linotp.lib.crypto.pbkdf2 import pbkdf2
   34 from linotp.lib.utils import config_get
   35 from linotp.lib.ImportOTP.PSKC import parsePSKCdata
   36 from linotp.lib.ImportOTP.DPWplain import parseDPWdata
   37 
   38 import binascii
   39 import tempfile
   40 
   41 
   42 
   43 class PBKDF2(TestCase):
   44 
   45     def test_pbkdf(self):
   46         '''
   47         Test password based key derivation function
   48         '''
   49         expected_key = { 1000: "979d33c5e39bf7fc20ef",
   50                          10: "3c28a7f09aa19108a17d",
   51                          100: "303155b866685ad279fa" }
   52         for key_length in expected_key.keys():
   53             key = binascii.hexlify(pbkdf2("my password", "salt", 10, key_length))
   54             print key, expected_key[key_length]
   55             assert key == expected_key[key_length]
   56 
   57 
   58 class TestUtils(TestCase):
   59 
   60     def test_get_config(self):
   61         '''
   62         Test get_config
   63         '''
   64         ini_file = '''
   65 [section1]
   66 key1 = value1
   67 key2 = value2
   68 [section2]
   69 key3 = value3
   70 '''
   71         t = tempfile.NamedTemporaryFile(delete=False)
   72 
   73         t.write(ini_file)
   74         t.close()
   75         print "section1,key1:", config_get("section1", "key1", ini_file=t.name)
   76         assert config_get("section1", "key1", ini_file=t.name) == "value1"
   77         assert config_get("section1", "key2", ini_file=t.name) == "value2"
   78         assert config_get("section2", "key3", ini_file=t.name) == "value3"
   79         assert config_get("section3", "key4", default="Hallo", ini_file=t.name) == "Hallo"
   80         assert config_get("section2", "key4", default="Bubu", ini_file=t.name) == "Bubu"
   81 
   82 
   83 class TestPSKC(TestCase):
   84 
   85     XML1 = '''<?xml version="1.0" encoding="UTF-8"?>
   86        <KeyContainer Version="1.0"
   87            Id="exampleID1"
   88            xmlns="urn:ietf:params:xml:ns:keyprov:pskc">
   89            <KeyPackage>
   90                <DeviceInfo>
   91                    <Manufacturer>Manufacturer</Manufacturer>
   92                    <SerialNo>987654321</SerialNo>
   93                    <UserId>DC=example-bank,DC=net</UserId>
   94                </DeviceInfo>
   95                <CryptoModuleInfo>
   96                    <Id>CM_ID_001</Id>
   97                </CryptoModuleInfo>
   98                <Key Id="12345678"
   99                    Algorithm="urn:ietf:params:xml:ns:keyprov:pskc:hotp">
  100                    <Issuer>Issuer</Issuer>
  101                    <AlgorithmParameters>
  102                        <ResponseFormat Length="8" Encoding="DECIMAL"/>
  103                    </AlgorithmParameters>
  104                    <Data>
  105                        <Secret>
  106                            <PlainValue>MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=
  107                            </PlainValue>
  108                        </Secret>
  109                        <Counter>
  110                            <PlainValue>0</PlainValue>
  111                        </Counter>
  112                    </Data>
  113                    <UserId>UID=jsmith,DC=example-bank,DC=net</UserId>
  114                </Key>
  115            </KeyPackage>
  116        </KeyContainer>
  117        '''
  118 
  119 
  120     XML2 = '''<?xml version="1.0" encoding="UTF-8"?>
  121        <KeyContainer Version="1.0"
  122            Id="exampleID1"
  123            xmlns="urn:ietf:params:xml:ns:keyprov:pskc">
  124            <KeyPackage>
  125                <DeviceInfo>
  126                    <Manufacturer>Manufacturer</Manufacturer>
  127                    <SerialNo>987654321</SerialNo>
  128                    <UserId>DC=example-bank,DC=net</UserId>
  129                </DeviceInfo>
  130                <CryptoModuleInfo>
  131                    <Id>CM_ID_001</Id>
  132                </CryptoModuleInfo>
  133                <Key Id="ABCD12345678"
  134                    Algorithm="urn:ietf:params:xml:ns:keyprov:pskc:hotp">
  135                    <Issuer>Issuer</Issuer>
  136                    <AlgorithmParameters>
  137                        <ResponseFormat Length="8" Encoding="DECIMAL"/>
  138                    </AlgorithmParameters>
  139                    <Data>
  140                        <Secret>
  141                            <PlainValue>MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=
  142                            </PlainValue>
  143                        </Secret>
  144                        <Counter>
  145                            <PlainValue>0</PlainValue>
  146                        </Counter>
  147                    </Data>
  148                    <UserId>UID=jsmith,DC=example-bank,DC=net</UserId>
  149                </Key>
  150            </KeyPackage>
  151            <KeyPackage>
  152                <DeviceInfo>
  153                    <Manufacturer>Manufacturer</Manufacturer>
  154                    <SerialNo>987654321</SerialNo>
  155                    <UserId>DC=example-bank,DC=net</UserId>
  156                </DeviceInfo>
  157                <CryptoModuleInfo>
  158                    <Id>CM_ID_001</Id>
  159                </CryptoModuleInfo>
  160                <Key Id="A1C212345678"
  161                    Algorithm="urn:ietf:params:xml:ns:keyprov:pskc:hotp">
  162                    <Issuer>Issuer</Issuer>
  163                    <AlgorithmParameters>
  164                        <ResponseFormat Length="8" Encoding="DECIMAL"/>
  165                    </AlgorithmParameters>
  166                    <Data>
  167                        <Secret>
  168                            <PlainValue>MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=
  169                            </PlainValue>
  170                        </Secret>
  171                        <Counter>
  172                            <PlainValue>0</PlainValue>
  173                        </Counter>
  174                    </Data>
  175                    <UserId>UID=jsmith,DC=example-bank,DC=net</UserId>
  176                </Key>
  177            </KeyPackage>
  178        </KeyContainer>
  179        '''
  180 
  181     XML3 = '''<?xml version="1.0" encoding="UTF-8"?>
  182  <KeyContainer Version="1.0"
  183      xmlns="urn:ietf:params:xml:ns:keyprov:pskc"
  184      xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
  185      xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
  186      <EncryptionKey>
  187          <ds:KeyName>Pre-shared-key</ds:KeyName>
  188      </EncryptionKey>
  189      <MACMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
  190          <MACKey>
  191              <xenc:EncryptionMethod
  192              Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
  193              <xenc:CipherData>
  194                  <xenc:CipherValue>
  195      ESIzRFVmd4iZABEiM0RVZgKn6WjLaTC1sbeBMSvIhRejN9vJa2BOlSaMrR7I5wSX
  196                  </xenc:CipherValue>
  197              </xenc:CipherData>
  198          </MACKey>
  199      </MACMethod>
  200      <KeyPackage>
  201          <DeviceInfo>
  202              <Manufacturer>Manufacturer</Manufacturer>
  203              <SerialNo>987654321</SerialNo>
  204          </DeviceInfo>
  205          <CryptoModuleInfo>
  206                      <Id>CM_ID_001</Id>
  207          </CryptoModuleInfo>
  208          <Key Id="12345678"
  209              Algorithm="urn:ietf:params:xml:ns:keyprov:pskc:hotp">
  210              <Issuer>Issuer</Issuer>
  211              <AlgorithmParameters>
  212                  <ResponseFormat Length="8" Encoding="DECIMAL"/>
  213              </AlgorithmParameters>
  214              <Data>
  215                  <Secret>
  216                      <EncryptedValue>
  217                          <xenc:EncryptionMethod
  218              Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
  219                          <xenc:CipherData>
  220                              <xenc:CipherValue>
  221      AAECAwQFBgcICQoLDA0OD+cIHItlB3Wra1DUpxVvOx2lef1VmNPCMl8jwZqIUqGv
  222                              </xenc:CipherValue>
  223                          </xenc:CipherData>
  224                      </EncryptedValue>
  225                      <ValueMAC>Su+NvtQfmvfJzF6bmQiJqoLRExc=
  226                      </ValueMAC>
  227                  </Secret>
  228                  <Counter>
  229                      <PlainValue>0</PlainValue>
  230                  </Counter>
  231              </Data>
  232          </Key>
  233      </KeyPackage>
  234  </KeyContainer>'''
  235 
  236     XML4 = '''<?xml version="1.0" encoding="UTF-8"?>
  237   <pskc:KeyContainer
  238     xmlns:pskc="urn:ietf:params:xml:ns:keyprov:pskc"
  239     xmlns:xenc11="http://www.w3.org/2009/xmlenc11#"
  240     xmlns:pkcs5=
  241     "http://www.rsasecurity.com/rsalabs/pkcs/schemas/pkcs-5v2-0#"
  242     xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Version="1.0">
  243       <pskc:EncryptionKey>
  244           <xenc11:DerivedKey>
  245               <xenc11:KeyDerivationMethod
  246                 Algorithm=
  247    "http://www.rsasecurity.com/rsalabs/pkcs/schemas/pkcs-5v2-0#pbkdf2">
  248                   <pkcs5:PBKDF2-params>
  249                       <Salt>
  250                           <Specified>Ej7/PEpyEpw=</Specified>
  251                       </Salt>
  252                       <IterationCount>1000</IterationCount>
  253                       <KeyLength>16</KeyLength>
  254                       <PRF/>
  255                   </pkcs5:PBKDF2-params>
  256               </xenc11:KeyDerivationMethod>
  257               <xenc:ReferenceList>
  258                   <xenc:DataReference URI="#ED"/>
  259               </xenc:ReferenceList>
  260               <xenc11:MasterKeyName>My Password 1</xenc11:MasterKeyName>
  261           </xenc11:DerivedKey>
  262       </pskc:EncryptionKey>
  263       <pskc:MACMethod
  264           Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
  265           <pskc:MACKey>
  266               <xenc:EncryptionMethod
  267               Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
  268               <xenc:CipherData>
  269                   <xenc:CipherValue>
  270   2GTTnLwM3I4e5IO5FkufoOEiOhNj91fhKRQBtBJYluUDsPOLTfUvoU2dStyOwYZx
  271                   </xenc:CipherValue>
  272               </xenc:CipherData>
  273           </pskc:MACKey>
  274       </pskc:MACMethod>
  275       <pskc:KeyPackage>
  276           <pskc:DeviceInfo>
  277               <pskc:Manufacturer>TokenVendorAcme</pskc:Manufacturer>
  278               <pskc:SerialNo>987654321</pskc:SerialNo>
  279           </pskc:DeviceInfo>
  280           <pskc:CryptoModuleInfo>
  281               <pskc:Id>CM_ID_001</pskc:Id>
  282           </pskc:CryptoModuleInfo>
  283           <pskc:Key Algorithm=        "urn:ietf:params:xml:ns:keyprov:pskc:hotp" Id="123456">
  284               <pskc:Issuer>Example-Issuer</pskc:Issuer>
  285               <pskc:AlgorithmParameters>
  286                   <pskc:ResponseFormat Length="8" Encoding="DECIMAL"/>
  287               </pskc:AlgorithmParameters>
  288               <pskc:Data>
  289                   <pskc:Secret>
  290                   <pskc:EncryptedValue Id="ED">
  291                       <xenc:EncryptionMethod
  292                           Algorithm=
  293   "http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
  294                           <xenc:CipherData>
  295                               <xenc:CipherValue>
  296         oTvo+S22nsmS2Z/RtcoF8Hfh+jzMe0RkiafpoDpnoZTjPYZu6V+A4aEn032yCr4f
  297                           </xenc:CipherValue>
  298                       </xenc:CipherData>
  299                       </pskc:EncryptedValue>
  300                       <pskc:ValueMAC>LP6xMvjtypbfT9PdkJhBZ+D6O4w=
  301                       </pskc:ValueMAC>
  302                   </pskc:Secret>
  303               </pskc:Data>
  304           </pskc:Key>
  305       </pskc:KeyPackage>
  306   </pskc:KeyContainer>'''
  307 
  308     def test_01_xml1(self):
  309         '''
  310         testing import PSKC #1 -- no valid OATH serial
  311         '''
  312         res = parsePSKCdata(self.XML1)
  313         print res
  314         assert res == {}
  315 
  316     def test_02_xml1(self):
  317         '''
  318         testing import PSKC #1 -- ignore OATH serial
  319         '''
  320         res = parsePSKCdata(self.XML1,  do_checkserial=False)
  321         print res
  322         assert len(res) == 1
  323         assert res.get('12345678')
  324         assert res.get('12345678').get('otplen') == 8
  325         assert res.get('12345678').get('hmac_key') == '3132333435363738393031323334353637383930'
  326 
  327     def test_03_xml2(self):
  328         '''
  329         testing import PSKC #2 -- 2 valid OATH serials
  330         '''
  331         res = parsePSKCdata(self.XML2)
  332         print res
  333         assert len(res) == 2
  334 
  335     def test_04_preshared_key(self):
  336         '''
  337         testing import PSKC #3 -- preshared key
  338         '''
  339         res = parsePSKCdata(self.XML3, preshared_key_hex="12345678901234567890123456789012", do_checkserial=False)
  340         print res
  341         assert res.get('12345678').get('hmac_key') == "3132333435363738393031323334353637383930"
  342 
  343     def test_05_password_based(self):
  344         '''
  345         testing import PSKC #4 -- password based encryption
  346         '''
  347         res = parsePSKCdata(self.XML4, password="qwerty", do_checkserial=False)
  348         print res
  349         assert res.get('123456').get('hmac_key') == "3132333435363738393031323334353637383930"
  350 
  351 
  352 class TestDPWImport(TestCase):
  353 
  354     DPW = '''dpw123456  12121212121212
  355 dpw23456789     3434343434343434'''
  356 
  357     def test_01_Import(self):
  358         '''
  359         testing import of day password tokens
  360         '''
  361         res = parseDPWdata(self.DPW)
  362         print res
  363         assert len(res) == 2
  364         assert res.get("dpw23456789").get("hmac_key") == "3434343434343434"
  365         assert res.get("dpw123456").get("hmac_key") == "12121212121212"
  366