def test_renew_master_key_fail(fx_authorized_servers, fx_master_key, tmpdir): remote_set = { Remote('user', '127.0.0.1', port) for port in fx_authorized_servers } store = FailureTestMasterKeyStore(str(tmpdir.join('id_rsa'))) store.save(fx_master_key) for t, path, ev in fx_authorized_servers.values(): assert authorized_key_set(path) == {fx_master_key} with raises(RenewalFailure): renew_master_key(remote_set, store) assert store.load() == fx_master_key for t, path, ev in fx_authorized_servers.values(): assert fx_master_key in authorized_key_set(path)
def test_renew_master_key(fx_authorized_servers, fx_master_key, tmpdir): remote_set = { Remote('user', '127.0.0.1', port) for port in fx_authorized_servers } store = FileSystemMasterKeyStore(str(tmpdir.join('id_rsa'))) store.save(fx_master_key) for t, path, ev in fx_authorized_servers.values(): assert authorized_key_set(path) == {fx_master_key} new_key = renew_master_key(remote_set, store) assert new_key != fx_master_key assert store.load() == new_key for t, path, ev in fx_authorized_servers.values(): assert authorized_key_set(path) == {new_key}
def test_renew_master_key(fx_authorized_servers, fx_master_key, tmpdir, key_type: Type[PKey], bits: int): remote_set = { Remote('user', '127.0.0.1', port) for port in fx_authorized_servers } store = FileSystemMasterKeyStore(str(tmpdir.join('id_rsa'))) store.save(fx_master_key) for t, path, ev in fx_authorized_servers.values(): assert authorized_key_set(path) == {fx_master_key} new_key = renew_master_key(remote_set, store, key_type, bits) assert new_key.get_bits() == bits or bits is None assert isinstance(new_key, key_type) assert new_key != fx_master_key assert store.load() == new_key for t, path, ev in fx_authorized_servers.values(): assert authorized_key_set(path) == {new_key}