def test_verify_public_key_good(self, mock_unwrap): test_credssp_context = HttpCredSSPAuth('', '') test_ntlm_context = ntlm.Ntlm() test_ntlm_context.session_security = session_security.SessionSecurity(1, 'key'.encode()) test_credssp_context.context = test_ntlm_context test_ts_request = TSRequest() test_ts_request.parse_data(public_key_ts_request) test_public_key = hex_to_byte('00') + server_pub_key_token[1:] test_credssp_context._verify_public_keys(test_public_key, test_ts_request)
def test_verify_public_key_invalid(self, mock_unwrap): test_credssp_context = HttpCredSSPAuth('', '') test_ntlm_context = ntlm.Ntlm() test_ntlm_context.session_security = session_security.SessionSecurity(1, 'key'.encode()) test_credssp_context.context = test_ntlm_context test_ts_request = TSRequest() test_ts_request.parse_data(public_key_ts_request) # Use the wrong first byte to ensure the keys don't match test_public_key = hex_to_byte('01') + server_pub_key_token[1:] with self.assertRaises(AssertionError) as context: test_credssp_context._verify_public_keys(test_public_key, test_ts_request) assert context.exception.args[0] == 'Could not verify key sent from the server, possibly man in the middle attack'