def test_chap_encryption(self): private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048, backend=default_backend()) priv_pem = private_key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption()) priv_key_file = tempfile.mkstemp() with open(priv_key_file[1], "wb") as kf: kf.write(priv_pem) pub_pem = private_key.public_key().public_bytes( encoding=serialization.Encoding.PEM, format=serialization.PublicFormat.SubjectPublicKeyInfo) pub_key_file = tempfile.mkstemp() with open(pub_key_file[1], "wb") as kf: kf.write(pub_pem) settings.config.priv_key = priv_key_file[1] settings.config.pub_key = pub_key_file[1] settings.config.ceph_config_dir = "" chap = CHAP("username", "passwordverylonglong", False) encrypted_password = chap.encrypted_password(True) chap2 = CHAP(chap.user, encrypted_password, True) self.assertEqual(chap2.user, "username") self.assertEqual(chap2.password, "passwordverylonglong") self.assertEqual(chap2.password_str, encrypted_password) self.assertNotEqual(encrypted_password, "passwordverylonglong")
def set_discovery_auth_config(username, password, mutual_username, mutual_password, config): encryption_enabled = encryption_available() discovery_auth_config = { 'username': '', 'password': '', 'password_encryption_enabled': encryption_enabled, 'mutual_username': '', 'mutual_password': '', 'mutual_password_encryption_enabled': encryption_enabled } if username != '': chap = CHAP(username, password, encryption_enabled) chap_mutual = CHAP(mutual_username, mutual_password, encryption_enabled) discovery_auth_config['username'] = chap.user discovery_auth_config['password'] = chap.encrypted_password( encryption_enabled) discovery_auth_config['mutual_username'] = chap_mutual.user discovery_auth_config['mutual_password'] = \ chap_mutual.encrypted_password(encryption_enabled) config.update_item('discovery_auth', '', discovery_auth_config)