Python RotateServerKey Examples

Programming Language: Python

Namespace/Package Name: grr.server.maintenance_utils

Method/Function: RotateServerKey

Examples at hotexamples.com: 2

Python RotateServerKey - 2 examples found. These are the top rated real world Python examples of grr.server.maintenance_utils.RotateServerKey extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

File: front_end_test.py Project: mlynchcogent/grr

  def testServerKeyRotation(self):
    self._MakeClientRecord()

    # Now the server should know about the client.
    decoded_messages = self.ClientServerCommunicate()
    for i in range(len(decoded_messages)):
      self.assertEqual(decoded_messages[i].auth_state,
                       rdf_flows.GrrMessage.AuthorizationState.AUTHENTICATED)

    # Suppress the output.
    with utils.Stubber(maintenance_utils, "EPrint", lambda msg: None):
      maintenance_utils.RotateServerKey()

    server_certificate = config.CONFIG["Frontend.certificate"]
    server_private_key = config.CONFIG["PrivateKeys.server_key"]

    self.assertNotEqual(server_certificate, self.server_certificate)
    self.assertNotEqual(server_private_key, self.server_private_key)

    self.server_communicator = front_end.ServerCommunicator(
        certificate=server_certificate,
        private_key=server_private_key,
        token=self.token)

    # Clients can't connect at this point since they use the outdated
    # session key.
    with self.assertRaises(communicator.DecryptionError):
      self.ClientServerCommunicate()

    # After the client reloads the server cert, this should start
    # working again.
    self.client_communicator.LoadServerCertificate(
        server_certificate=server_certificate,
        ca_certificate=config.CONFIG["CA.certificate"])
    self.assertEqual(len(list(self.ClientServerCommunicate())), 10)

Example #2

Show file

File: config_updater.py Project: yeyingtomorrow/grr

                mode="rw",
                token=token) as storage:
            storage.AddNotification(notification)
    elif flags.FLAGS.subparser_name == "rotate_server_key":
        print """
You are about to rotate the server key. Note that:

  - Clients might experience intermittent connection problems after
    the server keys rotated.

  - It's not possible to go back to an earlier key. Clients that see a
    new certificate will remember the cert's serial number and refuse
    to accept any certificate with a smaller serial number from that
    point on.
    """

        if raw_input("Continue? [yN]: ").upper() == "Y":
            if flags.FLAGS.keylength:
                keylength = int(flags.FLAGS.keylength)
            else:
                keylength = grr_config.CONFIG["Server.rsa_key_length"]

            maintenance_utils.RotateServerKey(cn=flags.FLAGS.common_name,
                                              keylength=keylength)
    elif flags.FLAGS.subparser_name == "migrate_data":
        data_migration.Migrate()


if __name__ == "__main__":
    flags.StartMain(main)