test_rfc6030.doctest - test for examples from RFC6030

Copyright (C) 2014 Arthur de Jong

This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.

This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Lesser General Public License for more details.

You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
02110-1301 USA


>>> from pskc import PSKC


This tests Figure 2 from RFC6030. It is a basic key container example with
a simple plain text secret key.

>>> pskc = PSKC('tests/rfc6030-figure2.pskc')
>>> [key.secret for key in pskc.keys]
['1234']
>>> key = pskc.keys[0]
>>> key.id
'12345678'
>>> key.algorithm
'urn:ietf:params:xml:ns:keyprov:pskc:hotp'
>>> key.issuer
'Issuer-A'
>>> key.secret
'1234'


This tests Figure 3 from RFC6030. Relative to Figure 2 this includes
device, cryptographic module and user identification as well as some more
parameters.

>>> pskc = PSKC('tests/rfc6030-figure3.pskc')
>>> pskc.id
'exampleID1'
>>> key = pskc.keys[0]
>>> key.manufacturer
'Manufacturer'
>>> key.serial
'987654321'
>>> key.device_userid
'DC=example-bank,DC=net'
>>> key.crypto_module
'CM_ID_001'
>>> key.id
'12345678'
>>> key.algorithm
'urn:ietf:params:xml:ns:keyprov:pskc:hotp'
>>> key.issuer
'Issuer'
>>> key.response_encoding
'DECIMAL'
>>> key.response_length
8
>>> key.secret
'12345678901234567890'
>>> key.counter
0
>>> key.userid
'UID=jsmith,DC=example-bank,DC=net'


This tests Figure 4 from RFC6030. In this case the key value itself is not
contained but can be derived using the serial and out-of-band agreements
on the meanings of key_profile and key_reference.

>>> pskc = PSKC('tests/rfc6030-figure4.pskc')
>>> key = pskc.keys[0]
>>> key.serial
'987654321'
>>> key.key_profile
'keyProfile1'
>>> key.key_reference
'MasterKeyLabel'
>>> key.counter
0


This tests the key policy properties as illustrated in Figure 5 from RFC6030.

>>> pskc = PSKC('tests/rfc6030-figure5.pskc')
>>> len(pskc.keys)
2
>>> key1, key2 = pskc.keys
>>> key1.serial
'987654321'
>>> key.algorithm
'urn:ietf:params:xml:ns:keyprov:pskc:hotp'
>>> key.response_length
8
>>> key.response_encoding
'DECIMAL'
>>> key1.secret
'12345678901234567890'
>>> key1.counter
0
>>> key1.policy.pin_min_length
4
>>> key1.policy.pin_max_length
4
>>> key1.policy.pin_key_id
'123456781'
>>> key1.policy.pin_encoding
'DECIMAL'
>>> key1.policy.pin_usage
'Local'
>>> key1.policy.key_usage
['OTP']
>>> key1.policy.may_use('OTP')
True
>>> key1.policy.may_use('Encrypt')
False
>>> key1.policy.unknown_policy_elements
False
>>> key2.id
'123456781'
>>> key2.serial
'987654321'
>>> key2.algorithm
'urn:ietf:params:xml:ns:keyprov:pskc:pin'
>>> key2.response_length
4
>>> key2.response_encoding
'DECIMAL'
>>> key2.secret
'1234'
>>> key1.policy.pin
'1234'