def test_generate_and_write_ed25519_keypair(self): # Test normal case. temporary_directory = tempfile.mkdtemp(dir=self.temporary_directory) test_keypath = os.path.join(temporary_directory, 'ed25519_key') repo_lib.generate_and_write_ed25519_keypair(test_keypath, password='******') self.assertTrue(os.path.exists(test_keypath)) self.assertTrue(os.path.exists(test_keypath + '.pub')) # Ensure the generated key files are importable. imported_pubkey = \ repo_lib.import_ed25519_publickey_from_file(test_keypath + '.pub') self.assertTrue(tuf.formats.ED25519KEY_SCHEMA.matches(imported_pubkey)) imported_privkey = \ repo_lib.import_ed25519_privatekey_from_file(test_keypath, 'pw') self.assertTrue( tuf.formats.ED25519KEY_SCHEMA.matches(imported_privkey)) # Test improperly formatted arguments. self.assertRaises(tuf.FormatError, repo_lib.generate_and_write_ed25519_keypair, 3, password='******') self.assertRaises(tuf.FormatError, repo_lib.generate_and_write_rsa_keypair, test_keypath, password=3)
def test_import_ed25519_publickey_from_file(self): # Test normal case. # Generate ed25519 keys that can be imported. temporary_directory = tempfile.mkdtemp(dir=self.temporary_directory) ed25519_keypath = os.path.join(temporary_directory, "ed25519_key") repo_lib.generate_and_write_ed25519_keypair(ed25519_keypath, password="******") imported_ed25519_key = repo_lib.import_ed25519_publickey_from_file(ed25519_keypath + ".pub") self.assertTrue(tuf.formats.ED25519KEY_SCHEMA.matches(imported_ed25519_key)) # Test improperly formatted argument. self.assertRaises(tuf.FormatError, repo_lib.import_ed25519_publickey_from_file, 3) # Test invalid argument. # Non-existent key file. nonexistent_keypath = os.path.join(temporary_directory, "nonexistent_keypath") self.assertRaises(IOError, repo_lib.import_ed25519_publickey_from_file, nonexistent_keypath) # Invalid key file argument. invalid_keyfile = os.path.join(temporary_directory, "invalid_keyfile") with open(invalid_keyfile, "wb") as file_object: file_object.write(b"bad keyfile") self.assertRaises(tuf.Error, repo_lib.import_ed25519_publickey_from_file, invalid_keyfile) # Invalid public key imported (contains unexpected keytype.) keytype = imported_ed25519_key["keytype"] keyval = imported_ed25519_key["keyval"] ed25519key_metadata_format = tuf.keys.format_keyval_to_metadata(keytype, keyval, private=False) ed25519key_metadata_format["keytype"] = "invalid_keytype" with open(ed25519_keypath + ".pub", "wb") as file_object: file_object.write(json.dumps(ed25519key_metadata_format).encode("utf-8")) self.assertRaises(tuf.FormatError, repo_lib.import_ed25519_publickey_from_file, ed25519_keypath + ".pub")
def test_import_ed25519_privatekey_from_file(self): # Test normal case. # Generate ed25519 keys that can be imported. temporary_directory = tempfile.mkdtemp(dir=self.temporary_directory) ed25519_keypath = os.path.join(temporary_directory, 'ed25519_key') repo_lib.generate_and_write_ed25519_keypair(ed25519_keypath, password='******') imported_ed25519_key = \ repo_lib.import_ed25519_privatekey_from_file(ed25519_keypath, 'pw') self.assertTrue(tuf.formats.ED25519KEY_SCHEMA.matches(imported_ed25519_key)) # Test improperly formatted argument. self.assertRaises(tuf.FormatError, repo_lib.import_ed25519_privatekey_from_file, 3, 'pw') # Test invalid argument. # Non-existent key file. nonexistent_keypath = os.path.join(temporary_directory, 'nonexistent_keypath') self.assertRaises(IOError, repo_lib.import_ed25519_privatekey_from_file, nonexistent_keypath, 'pw') # Invalid key file argument. invalid_keyfile = os.path.join(temporary_directory, 'invalid_keyfile') with open(invalid_keyfile, 'wb') as file_object: file_object.write(b'bad keyfile') self.assertRaises(tuf.Error, repo_lib.import_ed25519_privatekey_from_file, invalid_keyfile, 'pw') # Invalid private key imported (contains unexpected keytype.) imported_ed25519_key['keytype'] = 'invalid_keytype' # Use 'pycrypto_keys.py' to bypass the key format validation performed by # 'keys.py'. salt, iterations, derived_key = \ tuf.pycrypto_keys._generate_derived_key('pw') # Store the derived key info in a dictionary, the object expected # by the non-public _encrypt() routine. derived_key_information = {'salt': salt, 'iterations': iterations, 'derived_key': derived_key} # Convert the key object to json string format and encrypt it with the # derived key. encrypted_key = \ tuf.pycrypto_keys._encrypt(json.dumps(imported_ed25519_key), derived_key_information) with open(ed25519_keypath, 'wb') as file_object: file_object.write(encrypted_key.encode('utf-8')) self.assertRaises(tuf.FormatError, repo_lib.import_ed25519_privatekey_from_file, ed25519_keypath, 'pw')
def test_import_ed25519_publickey_from_file(self): # Test normal case. # Generate ed25519 keys that can be imported. temporary_directory = tempfile.mkdtemp(dir=self.temporary_directory) ed25519_keypath = os.path.join(temporary_directory, 'ed25519_key') repo_lib.generate_and_write_ed25519_keypair(ed25519_keypath, password='******') imported_ed25519_key = \ repo_lib.import_ed25519_publickey_from_file(ed25519_keypath + '.pub') self.assertTrue( tuf.formats.ED25519KEY_SCHEMA.matches(imported_ed25519_key)) # Test improperly formatted argument. self.assertRaises(tuf.FormatError, repo_lib.import_ed25519_publickey_from_file, 3) # Test invalid argument. # Non-existent key file. nonexistent_keypath = os.path.join(temporary_directory, 'nonexistent_keypath') self.assertRaises(IOError, repo_lib.import_ed25519_publickey_from_file, nonexistent_keypath) # Invalid key file argument. invalid_keyfile = os.path.join(temporary_directory, 'invalid_keyfile') with open(invalid_keyfile, 'wb') as file_object: file_object.write(b'bad keyfile') self.assertRaises(tuf.Error, repo_lib.import_ed25519_publickey_from_file, invalid_keyfile) # Invalid public key imported (contains unexpected keytype.) keytype = imported_ed25519_key['keytype'] keyval = imported_ed25519_key['keyval'] ed25519key_metadata_format = \ tuf.keys.format_keyval_to_metadata(keytype, keyval, private=False) ed25519key_metadata_format['keytype'] = 'invalid_keytype' with open(ed25519_keypath + '.pub', 'wb') as file_object: file_object.write( json.dumps(ed25519key_metadata_format).encode('utf-8')) self.assertRaises(tuf.FormatError, repo_lib.import_ed25519_publickey_from_file, ed25519_keypath + '.pub')
def test_import_ed25519_privatekey_from_file(self): # Test normal case. # Generate ed25519 keys that can be imported. temporary_directory = tempfile.mkdtemp(dir=self.temporary_directory) ed25519_keypath = os.path.join(temporary_directory, "ed25519_key") repo_lib.generate_and_write_ed25519_keypair(ed25519_keypath, password="******") imported_ed25519_key = repo_lib.import_ed25519_privatekey_from_file(ed25519_keypath, "pw") self.assertTrue(tuf.formats.ED25519KEY_SCHEMA.matches(imported_ed25519_key)) # Test improperly formatted argument. self.assertRaises(tuf.FormatError, repo_lib.import_ed25519_privatekey_from_file, 3, "pw") # Test invalid argument. # Non-existent key file. nonexistent_keypath = os.path.join(temporary_directory, "nonexistent_keypath") self.assertRaises(IOError, repo_lib.import_ed25519_privatekey_from_file, nonexistent_keypath, "pw") # Invalid key file argument. invalid_keyfile = os.path.join(temporary_directory, "invalid_keyfile") with open(invalid_keyfile, "wb") as file_object: file_object.write(b"bad keyfile") self.assertRaises(tuf.Error, repo_lib.import_ed25519_privatekey_from_file, invalid_keyfile, "pw") # Invalid private key imported (contains unexpected keytype.) imported_ed25519_key["keytype"] = "invalid_keytype" # Use 'pycrypto_keys.py' to bypass the key format validation performed by # 'keys.py'. salt, iterations, derived_key = tuf.pycrypto_keys._generate_derived_key("pw") # Store the derived key info in a dictionary, the object expected # by the non-public _encrypt() routine. derived_key_information = {"salt": salt, "iterations": iterations, "derived_key": derived_key} # Convert the key object to json string format and encrypt it with the # derived key. encrypted_key = tuf.pycrypto_keys._encrypt(json.dumps(imported_ed25519_key), derived_key_information) with open(ed25519_keypath, "wb") as file_object: file_object.write(encrypted_key.encode("utf-8")) self.assertRaises(tuf.FormatError, repo_lib.import_ed25519_privatekey_from_file, ed25519_keypath, "pw")
def test_generate_and_write_ed25519_keypair(self): # Test normal case. temporary_directory = tempfile.mkdtemp(dir=self.temporary_directory) test_keypath = os.path.join(temporary_directory, "ed25519_key") repo_lib.generate_and_write_ed25519_keypair(test_keypath, password="******") self.assertTrue(os.path.exists(test_keypath)) self.assertTrue(os.path.exists(test_keypath + ".pub")) # Ensure the generated key files are importable. imported_pubkey = repo_lib.import_ed25519_publickey_from_file(test_keypath + ".pub") self.assertTrue(tuf.formats.ED25519KEY_SCHEMA.matches(imported_pubkey)) imported_privkey = repo_lib.import_ed25519_privatekey_from_file(test_keypath, "pw") self.assertTrue(tuf.formats.ED25519KEY_SCHEMA.matches(imported_privkey)) # Test improperly formatted arguments. self.assertRaises(tuf.FormatError, repo_lib.generate_and_write_ed25519_keypair, 3, password="******") self.assertRaises(tuf.FormatError, repo_lib.generate_and_write_rsa_keypair, test_keypath, password=3)
def generate_and_write_ed25519_keypair(filepath, password): return repo_lib.generate_and_write_ed25519_keypair(filepath, password)