def test_generate_key_pair_1024_bits(self): bits = 1024 (private_key, public_key, fingerprint) = crypto.generate_key_pair(bits) pub_bytes = public_key.encode('utf-8') pkey = serialization.load_ssh_public_key( pub_bytes, backends.default_backend()) self.assertEqual(bits, pkey.key_size)
def generate_key_pair(self, user, key_name): """Generates a key pair for a user Generates a public and private key, stores the public key using the key_name, and returns the private key and fingerprint. @type user: User or uid @param user: User for which to create key pair. @type key_name: str @param key_name: Name to use for the generated KeyPair. @rtype: tuple (private_key, fingerprint) @return: A tuple containing the private_key and fingerprint. """ # NOTE(vish): generating key pair is slow so check for legal # creation before creating keypair uid = User.safe_id(user) with self.driver() as drv: if not drv.get_user(uid): raise exception.NotFound("User %s doesn't exist" % user) if drv.get_key_pair(uid, key_name): raise exception.Duplicate("The keypair %s already exists" % key_name) private_key, public_key, fingerprint = crypto.generate_key_pair() self.create_key_pair(uid, key_name, public_key, fingerprint) return private_key, fingerprint
def _gen_key(self): """ Generate a key """ private_key, public_key, fingerprint = crypto.generate_key_pair() return {'private_key': private_key, 'public_key': public_key, 'fingerprint': fingerprint}
def test_generate_key_pair_2048_bits(self): (private_key, public_key, fingerprint) = crypto.generate_key_pair() raw_pub = public_key.split(' ')[1] if six.PY3: raw_pub = raw_pub.encode('ascii') raw_pub = base64.b64decode(raw_pub) pkey = paramiko.rsakey.RSAKey(None, raw_pub) self.assertEqual(2048, pkey.get_bits())
def is_valid_appliance(): nova_home = get_nova_home() ' Change to user nova ' LOG.debug(_('Executing as ' + whoami())) if whoami() == 'root': change_user('nova') if whoami() != 'nova': LOG.debug(_('nova does not exists')) return False if os.path.exists(nova_home) is False: ''' nova does not exists.Exiting now #todo : sys.exit() ''' return False # Check if the id_rsa and id_rsa.pub already exists. # If they exist don't generate new keys" if not os.path.exists(os.path.join(nova_home + '/.ssh/')): os.makedirs(os.path.join(nova_home + '/.ssh/'), 01700) if os.path.isfile( os.path.join(nova_home + '/.ssh/id_rsa.pub')) is False and \ os.path.isfile(os.path.join(nova_home + '/.ssh/id_rsa')) is False: ' Generate id_rsa and id_rsa.pub files. ' ' This will be stored in $NOVAHOME/.ssh/ ' ' use nova' private_key, public_key, _fingerprint = crypto.generate_key_pair() pub_file = open(os.path.join(nova_home + '/.ssh/id_rsa.pub'), "w+") pub_file.writelines(public_key) pub_file.close() private_file = open(os.path.join(nova_home + '/.ssh/id_rsa'), "w+") private_file.writelines(private_key) private_file.close() os.chmod(os.path.join(nova_home + '/.ssh/id_rsa.pub'), 0700) os.chmod(os.path.join(nova_home + '/.ssh/id_rsa'), 0700) # os.popen('ssh-keygen -t rsa', 'w').write(''' ''') LOG.debug(_('created new id_rsa and id_rsa.pub')) else: LOG.debug(_('id_rsa and id_rsa.pub exists')) ' create known_hosts file if it does not exist' if os.path.isfile(os.path.join(nova_home + '/.ssh/known_hosts')) is False: filename = os.path.join(nova_home + '/.ssh/known_hosts') handle = open(filename, 'w') handle.close os.chmod(os.path.join(nova_home + '/.ssh/known_hosts'), 0700) return True
def is_valid_appliance(): nova_home = get_nova_home() ' Change to user nova ' LOG.debug(_('Executing as ' + whoami())) if whoami() == 'root': change_user('nova') if whoami() != 'nova': LOG.debug(_('nova does not exists')) return False if os.path.exists(nova_home) is False: ''' nova does not exists.Exiting now #todo : sys.exit() ''' return False # Check if the id_rsa and id_rsa.pub already exists. # If they exist don't generate new keys" if not os.path.exists(os.path.join(nova_home + '/.ssh/')): os.makedirs(os.path.join(nova_home + '/.ssh/'), 01700) if os.path.isfile( os.path.join(nova_home + '/.ssh/id_rsa.pub')) is False and \ os.path.isfile(os.path.join(nova_home + '/.ssh/id_rsa')) is False: ' Generate id_rsa and id_rsa.pub files. ' ' This will be stored in $NOVAHOME/.ssh/ ' ' use nova' private_key, public_key, _fingerprint = crypto.generate_key_pair() pub_file = open(os.path.join(nova_home + '/.ssh/id_rsa.pub'), "w+") pub_file.writelines(public_key) pub_file.close() private_file = open(os.path.join(nova_home + '/.ssh/id_rsa'), "w+") private_file.writelines(private_key) private_file.close() os.chmod(os.path.join(nova_home + '/.ssh/id_rsa.pub'), 0700) os.chmod(os.path.join(nova_home + '/.ssh/id_rsa'), 0700) #os.popen('ssh-keygen -t rsa', 'w').write(''' ''') LOG.debug(_('created new id_rsa and id_rsa.pub')) else: LOG.debug(_('id_rsa and id_rsa.pub exists')) ' create known_hosts file if it does not exist' if os.path.isfile(os.path.join(nova_home + '/.ssh/known_hosts')) is False: filename = os.path.join(nova_home + '/.ssh/known_hosts') handle = open(filename, 'w') handle.close os.chmod(os.path.join(nova_home + '/.ssh/known_hosts'), 0700) return True
def test_generate_key_pair_mocked_private_key(self): keyin = six.StringIO() keyin.write(self.rsa_prv) keyin.seek(0) key = paramiko.RSAKey.from_private_key(keyin) with mock.patch.object(crypto, 'generate_key') as mock_generate: mock_generate.return_value = key (private_key, public_key, fingerprint) = crypto.generate_key_pair() self.assertEqual(self.rsa_pub, public_key) self.assertEqual(self.rsa_fp, fingerprint)
def generate_key_pair(self, user, key_name): # generating key pair is slow so delay generation # until after check user = User.safe_id(user) with LDAPWrapper() as conn: if not conn.user_exists(user): raise exception.NotFound("User %s doesn't exist" % user) if conn.key_pair_exists(user, key_name): raise exception.Duplicate("The keypair %s already exists" % key_name) private_key, public_key, fingerprint = crypto.generate_key_pair() self.create_key_pair(User.safe_id(user), key_name, public_key, fingerprint) return private_key, fingerprint
def test_generate_key_pair(self): (private_key, public_key, fingerprint) = crypto.generate_key_pair() raw_pub = public_key.split(' ')[1].decode('base64') pkey = paramiko.rsakey.RSAKey(None, raw_pub) self.assertEqual(2048, pkey.get_bits()) bits = 4096 (private_key, public_key, fingerprint) = crypto.generate_key_pair(bits) raw_pub = public_key.split(' ')[1].decode('base64') pkey = paramiko.rsakey.RSAKey(None, raw_pub) self.assertEqual(bits, pkey.get_bits()) keyin = StringIO.StringIO() keyin.write(self.rsa_prv) keyin.seek(0) key = paramiko.RSAKey.from_private_key(keyin) with mock.patch.object(paramiko.RSAKey, 'generate') as mock_generate: mock_generate.return_value = key (private_key, public_key, fingerprint) = crypto.generate_key_pair() self.assertEqual(self.rsa_pub, public_key) self.assertEqual(self.rsa_fp, fingerprint)
def generate_key_pair(self, uid, key_name): # generating key pair is slow so delay generation # until after check with LDAPWrapper() as conn: if not conn.user_exists(uid): raise UserError("User " + uid + " doesn't exist") if conn.key_pair_exists(uid, key_name): raise InvalidKeyPair( "The keypair '" + key_name + "' already exists.", "Duplicate") private_key, public_key, fingerprint = crypto.generate_key_pair() self.create_key_pair(uid, key_name, public_key, fingerprint) return private_key, fingerprint
def generate_key_pair(self, uid, key_name): # generating key pair is slow so delay generation # until after check with LDAPWrapper() as conn: if not conn.user_exists(uid): raise UserError("User " + uid + " doesn't exist") if conn.key_pair_exists(uid, key_name): raise InvalidKeyPair("The keypair '" + key_name + "' already exists.", "Duplicate") private_key, public_key, fingerprint = crypto.generate_key_pair() self.create_key_pair(uid, key_name, public_key, fingerprint) return private_key, fingerprint
def _gen_key(self, context, user_id, key_name): """Generate a key This is a module level method because it is slow and we need to defer it into a process pool.""" # NOTE(vish): generating key pair is slow so check for legal # creation before creating key_pair try: db.key_pair_get(context, user_id, key_name) raise exception.KeyPairExists(key_name=key_name) except exception.NotFound: pass private_key, public_key, fingerprint = crypto.generate_key_pair() key = {} key['user_id'] = user_id key['name'] = key_name key['public_key'] = public_key key['fingerprint'] = fingerprint db.key_pair_create(context, key) return {'private_key': private_key, 'fingerprint': fingerprint}
def test_generate_key_pair_2048_bits(self): (private_key, public_key, fingerprint) = crypto.generate_key_pair() raw_pub = public_key.split(' ')[1].decode('base64') pkey = paramiko.rsakey.RSAKey(None, raw_pub) self.assertEqual(2048, pkey.get_bits())
def _gen_key(self): """ Generate a key """ private_key, public_key, fingerprint = crypto.generate_key_pair() return {"private_key": private_key, "public_key": public_key, "fingerprint": fingerprint}
def test_generate_key_pair_1024_bits(self): bits = 1024 (private_key, public_key, fingerprint) = crypto.generate_key_pair(bits) raw_pub = base64.b64decode(public_key.split(' ')[1]) pkey = paramiko.rsakey.RSAKey(None, raw_pub) self.assertEqual(bits, pkey.get_bits())