def test_verify_public_key_good(self, mock_unwrap):
test_credssp_context = HttpCredSSPAuth('', '')
test_ntlm_context = ntlm.Ntlm()
test_ntlm_context.session_security = session_security.SessionSecurity(1, 'key'.encode())
test_credssp_context.context = test_ntlm_context
test_ts_request = TSRequest()
test_ts_request.parse_data(public_key_ts_request)
test_public_key = hex_to_byte('00') + server_pub_key_token[1:]
test_credssp_context._verify_public_keys(test_public_key, test_ts_request)
def test_verify_public_key_invalid(self, mock_unwrap):
test_credssp_context = HttpCredSSPAuth('', '')
test_ntlm_context = ntlm.Ntlm()
test_ntlm_context.session_security = session_security.SessionSecurity(1, 'key'.encode())
test_credssp_context.context = test_ntlm_context
test_ts_request = TSRequest()
test_ts_request.parse_data(public_key_ts_request)
# Use the wrong first byte to ensure the keys don't match
test_public_key = hex_to_byte('01') + server_pub_key_token[1:]
with self.assertRaises(AssertionError) as context:
test_credssp_context._verify_public_keys(test_public_key, test_ts_request)
assert context.exception.args[0] == 'Could not verify key sent from the server, possibly man in the middle attack'
