There are errors in file _pkcs11.pyx that lead to a wrong behavior of the module.
In class:
cdef class MechanismWithParam under the tag "# Unpack mechanism parameters".
Please change the following:
1)
if mechanism is Mechanism.RSA_PKCS_OAEP
by
if mechanism == Mechanism.RSA_PKCS_OAEP
2)
elif mechanism is Mechanism.AES_ECB_ENCRYPT_DATA
by
elif mechanism == Mechanism.AES_ECB_ENCRYPT_DATA
3)
elif mechanism is Mechanism.AES_CBC_ENCRYPT_DATA
by
elif mechanism == Mechanism.AES_CBC_ENCRYPT_DATA
The "is" operand should not be used to compare enumerate and leads to wrong behavior if enumerates with large int values (>256) are compared. The best practice is to use the "==" operand instead when comparing enumerates.
This part of the code does not work as intended as the compared int values are large:
AES_ECB_ENCRYPT_DATA = 4356
AES_CBC_ENCRYPT_DATA = 4357
You can test the "is" operand problem with int value > 256 as follow:
Hello,
There are errors in file _pkcs11.pyx that lead to a wrong behavior of the module.
In class: cdef class MechanismWithParam under the tag "# Unpack mechanism parameters".
Please change the following: 1) if mechanism is Mechanism.RSA_PKCS_OAEP by if mechanism == Mechanism.RSA_PKCS_OAEP
2) elif mechanism is Mechanism.AES_ECB_ENCRYPT_DATA by elif mechanism == Mechanism.AES_ECB_ENCRYPT_DATA
3) elif mechanism is Mechanism.AES_CBC_ENCRYPT_DATA by elif mechanism == Mechanism.AES_CBC_ENCRYPT_DATA
The "is" operand should not be used to compare enumerate and leads to wrong behavior if enumerates with large int values (>256) are compared. The best practice is to use the "==" operand instead when comparing enumerates. This part of the code does not work as intended as the compared int values are large: AES_ECB_ENCRYPT_DATA = 4356 AES_CBC_ENCRYPT_DATA = 4357
You can test the "is" operand problem with int value > 256 as follow:
Thanks