def testM2CryptoCompatibility(self): old_driver_signing_public_key = rdf_crypto.RSAPublicKey(""" -----BEGIN PUBLIC KEY----- MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALnfFW1FffeKPs5PLUhFOSkNrr9TDCOD QAI3WluLh0sW7/ro93eoIZ0FbipnTpzGkPpriONbSOXmxWNTo0b9ma8CAwEAAQ== -----END PUBLIC KEY----- """) serialized_blob = open( os.path.join(self.base_path, "m2crypto/signed_blob"), "rb").read() blob = rdf_crypto.SignedBlob.FromSerializedString(serialized_blob) self.assertTrue(blob.Verify(old_driver_signing_public_key))
def ValidateEndConfig(self, config_obj, errors_fatal=True): """Given a generated client config, attempt to check for common errors.""" errors = [] if not config.CONFIG["ClientBuilder.fleetspeak_enabled"]: location = config_obj.Get("Client.server_urls", context=self.context) if not location: errors.append("Empty Client.server_urls") for url in location: if not url.startswith("http"): errors.append("Bad Client.server_urls specified %s" % url) key_data = config_obj.GetRaw("Client.executable_signing_public_key", default=None, context=self.context) if key_data is None: errors.append("Missing Client.executable_signing_public_key.") elif not key_data.startswith("-----BEGIN PUBLIC"): errors.append("Invalid Client.executable_signing_public_key: %s" % key_data) else: rsa_key = rdf_crypto.RSAPublicKey() rsa_key.ParseFromString(key_data) logging.info( "Executable signing key successfully parsed from config (%d-bit)", rsa_key.KeyLen()) if not config.CONFIG["ClientBuilder.fleetspeak_enabled"]: certificate = config_obj.GetRaw("CA.certificate", default=None, context=self.context) if certificate is None or not certificate.startswith( "-----BEGIN CERTIF"): errors.append("CA certificate missing from config.") for bad_opt in ["Client.private_key"]: if config_obj.Get(bad_opt, context=self.context, default=""): errors.append( "Client cert in conf, this should be empty at deployment" " %s" % bad_opt) if errors_fatal and errors: for error in errors: logging.error("Build Config Error: %s", error) raise RuntimeError("Bad configuration generated. Terminating.") else: return errors