def test_key(self):
with tempfile.NamedTemporaryFile('w+t') as fp:
fp.write(keybody)
fp.seek(0)
key = SigningKey.from_ssh_key(fp.name)
self.assertEqual(key.public_key(), '1adfc8bfe1d35616e64dffbd900096f23b066f914c8c2ffbb66f6075b96e116d')
def __init__(self, **kw):
# should put in checkconfig or similar
for key in kw.keys():
if key not in [u'authextra', u'authid', u'authrole', u'privkey']:
raise ValueError(
"Unexpected key '{}' for {}".format(key, self.__class__.__name__)
)
for key in [u'privkey', u'authid']:
if key not in kw:
raise ValueError(
"Must provide '{}' for cryptosign".format(key)
)
for key in kw.get('authextra', dict()):
if key not in [u'pubkey']:
raise ValueError(
"Unexpected key '{}' in 'authextra'".format(key)
)
from autobahn.wamp.cryptosign import SigningKey
self._privkey = SigningKey.from_key_bytes(
binascii.a2b_hex(kw[u'privkey'])
)
if u'pubkey' in kw.get(u'authextra', dict()):
pubkey = kw[u'authextra'][u'pubkey']
if pubkey != self._privkey.public_key():
raise ValueError(
"Public key doesn't correspond to private key"
)
else:
kw[u'authextra'] = kw.get(u'authextra', dict())
kw[u'authextra'][u'pubkey'] = self._privkey.public_key()
self._args = kw
def test_testvectors(self):
session = Mock()
session._transport.transport_details = self.transport_details
for testvec in testvectors:
priv_key = SigningKey.from_key_bytes(
binascii.a2b_hex(testvec['priv_key']))
challenge = types.Challenge("ticket",
dict(challenge=testvec['challenge']))
f_signed = priv_key.sign_challenge(session, challenge)
def success(signed):
self.assertEqual(
192,
len(signed),
)
self.assertEqual(
testvec['signature'],
signed,
)
def failed(err):
self.fail(str(err))
txaio.add_callbacks(f_signed, success, failed)
def __init__(self, **kw):
# should put in checkconfig or similar
for key in kw.keys():
if key not in ['authextra', 'authid', 'authrole', 'privkey']:
raise ValueError("Unexpected key '{}' for {}".format(
key, self.__class__.__name__))
for key in ['privkey']:
if key not in kw:
raise ValueError(
"Must provide '{}' for cryptosign".format(key))
for key in kw.get('authextra', dict()):
if key not in ['pubkey']:
raise ValueError(
"Unexpected key '{}' in 'authextra'".format(key))
from autobahn.wamp.cryptosign import SigningKey
self._privkey = SigningKey.from_key_bytes(
binascii.a2b_hex(kw['privkey']))
if 'pubkey' in kw.get('authextra', dict()):
pubkey = kw['authextra']['pubkey']
if pubkey != self._privkey.public_key():
raise ValueError(
"Public key doesn't correspond to private key")
else:
kw['authextra'] = kw.get('authextra', dict())
kw['authextra']['pubkey'] = self._privkey.public_key()
self._args = kw
def setUp(self):
self.key = SigningKey.from_ssh_data(keybody)
self.privkey_hex = self.key._key.encode(encoder=HexEncoder)
m = hashlib.sha256()
m.update("some TLS message".encode())
channel_id = m.digest()
self.transport_details = types.TransportDetails(channel_id={'tls-unique': channel_id})
def test_key(self):
with tempfile.NamedTemporaryFile('w+t') as fp:
fp.write(keybody)
fp.seek(0)
key = SigningKey.from_ssh_key(fp.name)
self.assertEqual(key.public_key(), '1adfc8bfe1d35616e64dffbd900096f23b066f914c8c2ffbb66f6075b96e116d')
def test_pubkey(self):
with tempfile.NamedTemporaryFile('w+t') as fp:
fp.write(pubkey)
fp.seek(0)
key = SigningKey.from_ssh_key(fp.name)
self.assertEqual(key.public_key(), '9569de18c7c0843212569dcddf2615c7f46125dc9b2292dea30b07b56a4d02a6')
self.assertEqual(key.comment(), '*****@*****.**')
def test_pubkey(self):
with tempfile.NamedTemporaryFile('w+t') as fp:
fp.write(pubkey)
fp.seek(0)
key = SigningKey.from_ssh_key(fp.name)
self.assertEqual(key.public_key(), '9569de18c7c0843212569dcddf2615c7f46125dc9b2292dea30b07b56a4d02a6')
self.assertEqual(key.comment(), '*****@*****.**')
def _create_signing_key():
"""
:returns: a new SigningKey instance and a hex encoding of the
private key data.
"""
keydata = os.urandom(32)
sk = SigningKey.from_key_bytes(keydata)
privkey_hex = sk._key.encode(encoder=encoding.HexEncoder).decode('ascii')
return sk, privkey_hex
def load_config(self, configfile=None, default=None):
"""
Check and load the node configuration from:
* from ``.crossbar/config.json`` or
* from built-in (empty) default configuration
This is the _second_ function being called after the Node has been instantiated.
IMPORTANT: this function is run _before_ start of Twisted reactor!
"""
self.log.debug(
'{klass}.load_config(configfile={configfile}, default={default}) ..',
klass=self.__class__.__name__,
configfile=configfile,
default=default)
if configfile:
config_path = os.path.abspath(os.path.join(self._cbdir,
configfile))
# the following will read the config, check the config and replace
# environment variable references in configuration values ("${MYVAR}") and
# finally return the parsed configuration object
self._config = self.personality.check_config_file(
self.personality, config_path)
config_source = Node.CONFIG_SOURCE_LOCALFILE
else:
config_path = None
if default:
self._config = default
config_source = Node.CONFIG_SOURCE_DEFAULT
else:
self._config = {'version': 2, 'controller': {}, 'workers': []}
config_source = Node.CONFIG_SOURCE_EMPTY
self.personality.check_config(self.personality, self._config)
if 'controller' in self._config and 'keyring' in self._config[
'controller']:
keyring_type = self._config['controller']['keyring']['type']
if keyring_type == 'file':
key_path = self._config['controller']['keyring']['path']
self._node_key = SigningKey.from_raw_key(key_path)
else:
raise RuntimeError(
"NotImplemented: hsm authentication is currently not implemented."
)
return config_source, config_path
def setUp(self):
self.key = SigningKey.from_ssh_data(keybody)
self.privkey_hex = self.key._key.encode(encoder=HexEncoder)
m = hashlib.sha256()
m.update("some TLS message".encode())
self.channel_id = m.digest()
def setUp(self):
self.key = SigningKey.from_ssh_data(keybody)
self.privkey_hex = self.key._key.encode(encoder=HexEncoder)
m = hashlib.sha256()
m.update("some TLS message".encode())
self.channel_id = m.digest()
async def spawn_probe(self, probe_id):
launched = Deferred()
all_done = Deferred()
class LogPrinter(object):
def write(self, data):
print(data.decode('utf8'), end='')
proto = CtsSubprocessProtocol(
all_done,
launched,
stdout=LogPrinter(),
stderr=LogPrinter(),
)
keydata = os.urandom(32)
signing_key = SigningKey.from_key_bytes(keydata)
probe_privkey_fname = path.join(self._workdir,
"{}.privkey".format(probe_id))
with open(probe_privkey_fname, 'wb') as f:
f.write(keydata)
# enroll this pubkey with the master
await self._session.call(
u"io.crossbar.cts.enroll_probe",
signing_key.public_key(),
)
args = (
sys.executable, # cts.probe from "our" venv, not testee's
u"-m",
"cts.probe",
u"--id",
str(probe_id),
u"--realm",
"io.crossbar.test", # str(self._session.config.realm),
u"--router",
self._router_uri,
u"--privkey-file",
probe_privkey_fname,
u"--launcher",
self._id,
# "--afinity", 1,
)
print("probe: {}".format(" ".join(args)))
transport = self._spawn(proto,
args[0],
args=args,
env={
"PYTHONUNBUFFERED": "1",
"LANG": environ["LANG"],
})
self._processes[probe_id] = (proto, transport, all_done, launched)
# XXX super-similar to spawn_testee...
def spawn_failed(fail):
print("Probe spawn failed:", fail)
if True: #self._debug:
fail.printTraceback()
err = RuntimeError("Failed to spawn probe.")
if not launched.called:
launched.errback(err)
return None
else:
# we haven't yet dealt with the error
return err
all_done.addErrback(spawn_failed)
x = await launched
# print("launched", x, probe_id)
# XXX should wait for probe_ready or something
return probe_id
print("Successfully paired with server\n")
print("Public key: {}".format(public_key_hex))
print("Private key: {}\n".format(private_key_hex))
if os.path.exists(KEYS_FILE):
Path(KEYS_FILE).unlink()
with open(KEYS_FILE, 'w+') as file:
file.write("{}\n".format(public_key_hex))
file.write("{}".format(private_key_hex))
print("Keys are save in {}".format(KEYS_FILE))
else:
print("Invalid OTP")
session.leave()
if __name__ == '__main__':
parser = argparse.ArgumentParser("DeskConnD pairing")
parser.add_argument("otp", type=int)
args = parser.parse_args()
key = PrivateKey.generate()
signing_key = SigningKey.from_key_bytes(key.encode())
public_key_hex = signing_key.public_key()
private_key_hex = key.encode(HexEncoder).decode('ascii')
auth = AuthAnonymous(authrole='anonymous')
component = Component(transports="ws://localhost:5020/ws",
realm="deskconn",
authentication={"anonymous": auth})
main()
run(component, log_level='warn')
def __init__(self, key, comment=None, reactor=None):
SigningKey.__init__(self, key, comment)
if not reactor:
from twisted.internet import reactor
self._reactor = reactor
def __init__(self, key, comment=None, reactor=None):
SigningKey.__init__(self, key, comment)
if not reactor:
from twisted.internet import reactor
self._reactor = reactor
