def test_wrong_type_unique_data(self): challenge = msgpack_protocol.Challenge( unique_data=42, valid_from=1365084334, valid_to=1365084634, fingerprint='L\x9a\x07\x12\xcb\x1e', server_name='server.example.com', username='******') self.assertRaises(ValueError, challenge.serialize, "secret")
def create_challenge(self, username, version=0): """This method returns a challenge suitable for ssh-agent signing. @param username the username of the user requesting a challenge @param version the highest protocol version the clients supports @exception ProtocolVersionError if the client supports """ if len(username) > 64: raise ValueError("Username is too long: " + username) try: key = self.key_provider.get_key(username) fingerprint = key.fingerprint() except exceptions.NoSuchUserException: log.info("No public key found for '%s', faking it." % username) fingerprint = self._hmac(username)[:6] if version < 1: if self.lowest_supported_version > version: raise exceptions.ProtocolVersionError( "Client needs to support at least version %d" % self.lowest_supported_version) c = protocol.Challenge( fingerprint=fingerprint, server_name=self.server_name, unique_data=self.urandom.read(20), valid_from=int(self.now_func() - CLOCK_FUDGE), valid_to=int(self.now_func() + RESP_TIMEOUT), username=username) b = c.serialize() payload = protocol.VerifiablePayload(digest=self._hmac(b), payload=b) return ssh.base64url_encode(payload.serialize()) else: c = msgpack_protocol.Challenge( fingerprint=fingerprint, server_name=self.server_name, unique_data=self.urandom.read(20), valid_from=int(self.now_func() - CLOCK_FUDGE), valid_to=int(self.now_func() + RESP_TIMEOUT), username=username) return ssh.base64url_encode(c.serialize(self.secret))
import unittest from crtauth import msgpack_protocol, exceptions, rsa import rsa_test SERIALIZED_CHALLENGE = ( '\x01c\xc4\x14uXFO\xd2\xdb\x7f\xfe}\x7f\x93\x91 vh\x89G6\x1f\xc2' '\xceQ]\x88\xae\xceQ]\x89\xda\xc4\x06L\x9a\x07\x12\xcb\x1e\xb2se' 'rver.example.com\xa8username\xc4 \xf7-\xe8\xc8\x1b\xf8\xc5G\xe9' '<p\xbde\xc1\xe8\x8f\xe75\x861\xed:?SJ\x7f\xe3V\xfb\xfc\x10\xb2') CHALLENGE = msgpack_protocol.Challenge( unique_data='uXFO\xd2\xdb\x7f\xfe}\x7f\x93\x91 vh\x89G6\x1f\xc2', valid_from=1365084334, valid_to=1365084634, fingerprint='L\x9a\x07\x12\xcb\x1e', server_name='server.example.com', username='******') SERIALIZED_RESPONSE = ( '\x01r\xc4h\x01c\xc4\x14uXFO\xd2\xdb\x7f\xfe}\x7f\x93\x91 vh\x89' 'G6\x1f\xc2\xceQ]\x88\xae\xceQ]\x89\xda\xc4\x06L\x9a\x07\x12\xcb' '\x1e\xb2server.example.com\xa8username\xc4 \xf7-\xe8\xc8\x1b\xf8' '\xc5G\xe9<p\xbde\xc1\xe8\x8f\xe75\x861\xed:?SJ\x7f\xe3V\xfb\xfc' '\x10\xb2\xc5\x01\x00?)\xaby\x18\xb7\x0c5B\xcf\x9a\xd4t*\x8b\t\xd0' '\x8f\xf3\xdaX\xa6z\xc1\'\xea}\xc9`\xa8\x96)\x19r\x85zi\x8e\xf1lJ' '\x91\xa5\x8e4}\xc8\x06q)\x97T\xf6A\x0b\x10\x90\xeb\xb6\x16\x02QK' '\xb8\x1b;\xd9\x83\x81M\xdf\xa5\x90\x00E{\xff\xad\x9e\xef\xf9\xf2O' '\xcb\x97\xe0\x9dK\xa5\nS\xf3r\xcc\x1d\x1bx\xa3\x10\xcb|x\x06\xae,' '\xdf\x92q\xb6\xfb%\xd78\xee{ \x8e\xcdF\xd2\xd9\x8f\xb6z\xfa\xbd'