Example #1
0
 def test_3_simple(self):
     """
     verify that we can establish an ssh link with ourselves across the
     loopback sockets.  this is hardly "simple" but it's simpler than the
     later tests. :)
     """
     host_key = RSAKey.from_private_key_file('tests/test_rsa.key')
     public_host_key = RSAKey(data=str(host_key))
     self.ts.add_server_key(host_key)
     event = threading.Event()
     server = NullServer()
     self.assert_(not event.isSet())
     self.assertEquals(None, self.tc.get_username())
     self.assertEquals(None, self.ts.get_username())
     self.assertEquals(False, self.tc.is_authenticated())
     self.assertEquals(False, self.ts.is_authenticated())
     self.ts.start_server(event, server)
     self.tc.connect(hostkey=public_host_key,
                     username='******',
                     password='******')
     event.wait(1.0)
     self.assert_(event.isSet())
     self.assert_(self.ts.is_active())
     self.assertEquals('slowdive', self.tc.get_username())
     self.assertEquals('slowdive', self.ts.get_username())
     self.assertEquals(True, self.tc.is_authenticated())
     self.assertEquals(True, self.ts.is_authenticated())
Example #2
0
 def test_3_simple(self):
     """
     verify that we can establish an ssh link with ourselves across the
     loopback sockets.  this is hardly "simple" but it's simpler than the
     later tests. :)
     """
     host_key = RSAKey.from_private_key_file('tests/test_rsa.key')
     public_host_key = RSAKey(data=str(host_key))
     self.ts.add_server_key(host_key)
     event = threading.Event()
     server = NullServer()
     self.assert_(not event.isSet())
     self.assertEquals(None, self.tc.get_username())
     self.assertEquals(None, self.ts.get_username())
     self.assertEquals(False, self.tc.is_authenticated())
     self.assertEquals(False, self.ts.is_authenticated())
     self.ts.start_server(event, server)
     self.tc.connect(hostkey=public_host_key,
                     username='******', password='******')
     event.wait(1.0)
     self.assert_(event.isSet())
     self.assert_(self.ts.is_active())
     self.assertEquals('slowdive', self.tc.get_username())
     self.assertEquals('slowdive', self.ts.get_username())
     self.assertEquals(True, self.tc.is_authenticated())
     self.assertEquals(True, self.ts.is_authenticated())
Example #3
0
 def test_6_compare_rsa(self):
     # verify that the private & public keys compare equal
     key = RSAKey.from_private_key_file('tests/test_rsa.key')
     self.assertEquals(key, key)
     pub = RSAKey(data=str(key))
     self.assert_(key.can_sign())
     self.assert_(not pub.can_sign())
     self.assertEquals(key, pub)
Example #4
0
def get_public_rsa_fingerprint(pubkey_location):
    try:
        k = RSAKey.from_private_key_file(pubkey_location)
    except ssh.SSHException:
        raise exception.SSHError("Invalid RSA private key file: %s" %
                                 pubkey_location)
    md5digest = hashlib.md5(str(k)).hexdigest()
    return insert_char_every_n_chars(md5digest, ':', 2)
Example #5
0
def get_public_rsa_fingerprint(pubkey_location):
    try:
        k = RSAKey.from_private_key_file(pubkey_location)
    except ssh.SSHException:
        raise exception.SSHError("Invalid RSA private key file: %s" %
                                 pubkey_location)
    md5digest = hashlib.md5(str(k)).hexdigest()
    return insert_char_every_n_chars(md5digest, ':', 2)
Example #6
0
 def test_3_load_rsa_password(self):
     key = RSAKey.from_private_key_file("tests/test_rsa_password.key", b"television")
     self.assertEquals(b"ssh-rsa", key.get_name())
     exp_rsa = FINGER_RSA.split()[1].replace(b":", b"")
     my_rsa = hexlify(key.get_fingerprint())
     self.assertEquals(exp_rsa, my_rsa)
     self.assertEquals(PUB_RSA.split()[1], key.get_base64())
     self.assertEquals(1024, key.get_bits())
Example #7
0
 def test_6_compare_rsa(self):
     # verify that the private & public keys compare equal
     key = RSAKey.from_private_key_file("tests/test_rsa.key")
     self.assertEquals(key, key)
     pub = RSAKey(data=bytes(key))
     self.assert_(key.can_sign())
     self.assert_(not pub.can_sign())
     self.assertEquals(key, pub)
Example #8
0
 def start_server(self):
     host_key = RSAKey.from_private_key_file('tests/test_rsa.key')
     self.public_host_key = RSAKey(data=str(host_key))
     self.ts.add_server_key(host_key)
     self.event = threading.Event()
     self.server = NullServer()
     self.assert_(not self.event.isSet())
     self.ts.start_server(self.event, self.server)
Example #9
0
 def start_server(self):
     host_key = RSAKey.from_private_key_file('tests/test_rsa.key')
     self.public_host_key = RSAKey(data=str(host_key))
     self.ts.add_server_key(host_key)
     self.event = threading.Event()
     self.server = NullServer()
     self.assert_(not self.event.isSet())
     self.ts.start_server(self.event, self.server)
Example #10
0
 def test_3_load_rsa_password(self):
     key = RSAKey.from_private_key_file('tests/test_rsa_password.key',
                                        'television')
     self.assertEquals('ssh-rsa', key.get_name())
     exp_rsa = FINGER_RSA.split()[1].replace(':', '')
     my_rsa = hexlify(key.get_fingerprint())
     self.assertEquals(exp_rsa, my_rsa)
     self.assertEquals(PUB_RSA.split()[1], key.get_base64())
     self.assertEquals(1024, key.get_bits())
Example #11
0
 def getIdentityKey(self):
     keyfile = self.identityfile
     if not os.path.exists(keyfile):
         key = RSAKey.generate(1024)
         key.write_private_key_file(keyfile)
     else:
         try:
             key = DSAKey.from_private_key_file(keyfile)
         except:
             key = RSAKey.from_private_key_file(keyfile)
     return keyfile, "ssh-rsa %s hostout@hostout" % key.get_base64()
Example #12
0
 def test_8_sign_rsa(self):
     # verify that the rsa private key can sign and verify
     key = RSAKey.from_private_key_file("tests/test_rsa.key")
     msg = key.sign_ssh_data(rng, b"ice weasels")
     self.assert_(type(msg) is Message)
     msg.rewind()
     self.assertEquals(b"ssh-rsa", msg.get_string())
     sig = b"".join([chr(int(x, 16)).encode("latin-1") for x in SIGNED_RSA.split(b":")])
     self.assertEquals(sig, msg.get_string())
     msg.rewind()
     pub = RSAKey(data=bytes(key))
     self.assert_(pub.verify_ssh_sig(b"ice weasels", msg))
Example #13
0
 def getIdentityKey(self):
     keyfile = os.path.abspath(os.path.join(self.getLocalBuildoutPath(),'hostout_rsa'))
     keyfile = self.options.get('identity-file', keyfile)
     if not os.path.exists(keyfile):
         key = RSAKey.generate(1024)
         key.write_private_key_file(keyfile)
     else:
         try:
             key = DSAKey.from_private_key_file(keyfile)
         except:
             key = RSAKey.from_private_key_file(keyfile)
     return keyfile, "ssh-rsa %s hostout@hostout" % key.get_base64()
Example #14
0
 def test_8_sign_rsa(self):
     # verify that the rsa private key can sign and verify
     key = RSAKey.from_private_key_file('tests/test_rsa.key')
     msg = key.sign_ssh_data(rng, 'ice weasels')
     self.assert_(type(msg) is Message)
     msg.rewind()
     self.assertEquals('ssh-rsa', msg.get_string())
     sig = ''.join([chr(int(x, 16)) for x in SIGNED_RSA.split(':')])
     self.assertEquals(sig, msg.get_string())
     msg.rewind()
     pub = RSAKey(data=str(key))
     self.assert_(pub.verify_ssh_sig('ice weasels', msg))
Example #15
0
    def test_2_load_rsa(self):
        key = RSAKey.from_private_key_file("tests/test_rsa.key")
        self.assertEquals(b"ssh-rsa", key.get_name())
        exp_rsa = FINGER_RSA.split()[1].replace(b":", b"")
        my_rsa = hexlify(key.get_fingerprint())
        self.assertEquals(exp_rsa, my_rsa)
        self.assertEquals(PUB_RSA.split()[1], key.get_base64())
        self.assertEquals(1024, key.get_bits())

        s = io.BytesIO()
        key.write_private_key(s)
        self.assertEquals(RSA_PRIVATE_OUT, s.getvalue())
        s.seek(0)
        key2 = RSAKey.from_private_key(s)
        self.assertEquals(key, key2)
Example #16
0
    def test_2_load_rsa(self):
        key = RSAKey.from_private_key_file('tests/test_rsa.key')
        self.assertEquals('ssh-rsa', key.get_name())
        exp_rsa = FINGER_RSA.split()[1].replace(':', '')
        my_rsa = hexlify(key.get_fingerprint())
        self.assertEquals(exp_rsa, my_rsa)
        self.assertEquals(PUB_RSA.split()[1], key.get_base64())
        self.assertEquals(1024, key.get_bits())

        s = StringIO.StringIO()
        key.write_private_key(s)
        self.assertEquals(RSA_PRIVATE_OUT, s.getvalue())
        s.seek(0)
        key2 = RSAKey.from_private_key(s)
        self.assertEquals(key, key2)
Example #17
0
 def test_3a_long_banner(self):
     """
     verify that a long banner doesn't mess up the handshake.
     """
     host_key = RSAKey.from_private_key_file('tests/test_rsa.key')
     public_host_key = RSAKey(data=str(host_key))
     self.ts.add_server_key(host_key)
     event = threading.Event()
     server = NullServer()
     self.assert_(not event.isSet())
     self.socks.send(LONG_BANNER)
     self.ts.start_server(event, server)
     self.tc.connect(hostkey=public_host_key,
                     username='******', password='******')
     event.wait(1.0)
     self.assert_(event.isSet())
     self.assert_(self.ts.is_active())
Example #18
0
 def test_3a_long_banner(self):
     """
     verify that a long banner doesn't mess up the handshake.
     """
     host_key = RSAKey.from_private_key_file('tests/test_rsa.key')
     public_host_key = RSAKey(data=str(host_key))
     self.ts.add_server_key(host_key)
     event = threading.Event()
     server = NullServer()
     self.assert_(not event.isSet())
     self.socks.send(LONG_BANNER)
     self.ts.start_server(event, server)
     self.tc.connect(hostkey=public_host_key,
                     username='******',
                     password='******')
     event.wait(1.0)
     self.assert_(event.isSet())
     self.assert_(self.ts.is_active())
Example #19
0
def get_private_rsa_fingerprint(key_location):
    """
    Returns the fingerprint of a private RSA key as a 59-character string (40
    characters separated every 2 characters by a ':'). The fingerprint is
    computed using a SHA1 digest of the DER encoded RSA private key.
    """
    try:
        k = RSAKey.from_private_key_file(key_location)
    except ssh.SSHException:
        raise exception.SSHError("Invalid RSA private key file: %s" %
                                 key_location)
    params = dict(invq=util.mod_inverse(k.q, k.p), dp=k.d % (k.p - 1),
                  dq=k.d % (k.q - 1), d=k.d, n=k.n, p=k.p, q=k.q, e=k.e)
    assert len(params) == 8
    # must convert from pkcs1 to pkcs8 and then DER encode
    pkcs8der = export_rsa_to_pkcs8(params)
    sha1digest = hashlib.sha1(pkcs8der).hexdigest()
    return insert_char_every_n_chars(sha1digest, ':', 2)
Example #20
0
 def setup_test_server(self, client_options=None, server_options=None):
     host_key = RSAKey.from_private_key_file('tests/test_rsa.key')
     public_host_key = RSAKey(data=str(host_key))
     self.ts.add_server_key(host_key)
     
     if client_options is not None:
         client_options(self.tc.get_security_options())
     if server_options is not None:
         server_options(self.ts.get_security_options())
     
     event = threading.Event()
     self.server = NullServer()
     self.assert_(not event.isSet())
     self.ts.start_server(event, self.server)
     self.tc.connect(hostkey=public_host_key,
                     username='******', password='******')
     event.wait(1.0)
     self.assert_(event.isSet())
     self.assert_(self.ts.is_active())
Example #21
0
    def setup_test_server(self, client_options=None, server_options=None):
        host_key = RSAKey.from_private_key_file('tests/test_rsa.key')
        public_host_key = RSAKey(data=str(host_key))
        self.ts.add_server_key(host_key)

        if client_options is not None:
            client_options(self.tc.get_security_options())
        if server_options is not None:
            server_options(self.ts.get_security_options())

        event = threading.Event()
        self.server = NullServer()
        self.assert_(not event.isSet())
        self.ts.start_server(event, self.server)
        self.tc.connect(hostkey=public_host_key,
                        username='******',
                        password='******')
        event.wait(1.0)
        self.assert_(event.isSet())
        self.assert_(self.ts.is_active())
Example #22
0
def get_private_rsa_fingerprint(key_location):
    """
    Returns the fingerprint of a private RSA key as a 59-character string (40
    characters separated every 2 characters by a ':'). The fingerprint is
    computed using a SHA1 digest of the DER encoded RSA private key.
    """
    try:
        k = RSAKey.from_private_key_file(key_location)
    except ssh.SSHException:
        raise exception.SSHError("Invalid RSA private key file: %s" %
                                 key_location)
    params = dict(invq=util.mod_inverse(k.q, k.p),
                  dp=k.d % (k.p - 1),
                  dq=k.d % (k.q - 1),
                  d=k.d,
                  n=k.n,
                  p=k.p,
                  q=k.q,
                  e=k.e)
    assert len(params) == 8
    # must convert from pkcs1 to pkcs8 and then DER encode
    pkcs8der = export_rsa_to_pkcs8(params)
    sha1digest = hashlib.sha1(pkcs8der).hexdigest()
    return insert_char_every_n_chars(sha1digest, ':', 2)