Exemplo n.º 1
0
    def test_sign(self):
        """Test sign works."""
        # rsa_pk = M2Crypto.RSA.gen_key(2048, 65537)
        rsa_keys = rsa.newkeys(2048, 65537)
        rsa_pk = rsa_keys[1]
        rsa_pub = rsa_keys[0]
        salt = 'salt'
        data = {"flags": 8,
                "name": "MyAwesomeVM",
                "ram": 512,
                "secret": "mg041na39123",
                "userData": "[amiconfig]\nplugins=cernvm\n[cernvm]\nusers=user:users;password",
                "vcpus": 1,
                "version": "1.5"}
        strBuffer = vmcp.calculate_buffer(data, salt)
        
        with patch('rsa.PrivateKey.load_pkcs1', return_value=rsa_pk):
            with patch('pybossa.vmcp.open', mock_open(read_data=''), create=True) as m:
                out = vmcp.sign(data, salt, 'testkey')
                err_msg = "There should be a key named signature"
                assert out.get('signature'), err_msg

                err_msg = "The signature should not be empty"
                assert out['signature'] is not None, err_msg
                assert out['signature'] != '', err_msg

                err_msg = "The signature should be the same"
                signature = base64.b64decode(out['signature'])
                assert rsa.verify(strBuffer, signature, rsa_pub) == 1, err_msg

                # The output must be convertible into json object
                import json
                assert_not_raises(Exception, json.dumps, out)
Exemplo n.º 2
0
    def test_sign(self):
        """Test sign works."""
        rsa = M2Crypto.RSA.gen_key(2048, 65537)
        salt = 'salt'
        data = {"flags": 8,
                "name": "MyAwesomeVM",
                "ram": 512,
                "secret": "mg041na39123",
                "userData": "[amiconfig]\nplugins=cernvm\n[cernvm]\nusers=user:users;password",
                "vcpus": 1,
                "version": "1.5"}
        strBuffer = vmcp.calculate_buffer(data, salt)
        digest = hashlib.new('sha512', strBuffer).digest()

        with patch('M2Crypto.RSA.load_key', return_value=rsa):
            out = vmcp.sign(data, salt, 'key')
            err_msg = "There should be a key named signature"
            assert out.get('signature'), err_msg

            err_msg = "The signature should not be empty"
            assert out['signature'] is not None, err_msg
            assert out['signature'] != '', err_msg

            err_msg = "The signature should be the same"
            signature = base64.b64decode(out['signature'])
            assert rsa.verify(digest, signature, 'sha512') == 1, err_msg

            # The output must be convertible into json object
            import json
            assert_not_raises(Exception, json.dumps, out)
Exemplo n.º 3
0
    def test_sign(self):
        """Test sign works."""
        rsa = M2Crypto.RSA.gen_key(2048, 65537)
        salt = 'salt'
        data = {"flags": 8,
                "name": "MyAwesomeVM",
                "ram": 512,
                "secret": "mg041na39123",
                "userData": "[amiconfig]\nplugins=cernvm\n[cernvm]\nusers=user:users;password",
                "vcpus": 1,
                "version": "1.5"}
        strBuffer = vmcp.calculate_buffer(data, salt)
        digest = hashlib.new('sha512', strBuffer).digest()

        with patch('M2Crypto.RSA.load_key', return_value=rsa):
            out = vmcp.sign(data, salt, 'key')
            err_msg = "There should be a key named signature"
            assert out.get('signature'), err_msg

            err_msg = "The signature should not be empty"
            assert out['signature'] is not None, err_msg
            assert out['signature'] != '', err_msg

            err_msg = "The signature should be the same"
            signature = base64.b64decode(out['signature'])
            assert rsa.verify(digest, signature, 'sha512') == 1, err_msg

            # The output must be convertible into json object
            import json
            assert_not_raises(Exception, json.dumps, out)
Exemplo n.º 4
0
def vmcp():
    """VMCP support to sign CernVM requests"""
    error = dict(action=request.method,
                 status="failed",
                 status_code=None,
                 target='vmcp',
                 exception_cls='vmcp',
                 exception_msg=None)
    try:
        if current_app.config.get('VMCP_KEY'):
            pkey = current_app.root_path + '/../keys/' + current_app.config.get(
                'VMCP_KEY')
            if not os.path.exists(pkey):
                raise IOError
        else:
            raise KeyError
        if request.args.get('cvm_salt'):
            salt = request.args.get('cvm_salt')
        else:
            raise AttributeError
        data = request.args.copy()
        signed_data = sign(data, salt, pkey)
        return Response(json.dumps(signed_data),
                        200,
                        mimetype='application/json')

    except KeyError:
        error['status_code'] = 501
        error[
            'exception_msg'] = "The server is not configured properly, contact the admins"
        return Response(json.dumps(error),
                        status=error['status_code'],
                        mimetype='application/json')
    except IOError:
        error['status_code'] = 501
        error[
            'exception_msg'] = "The server is not configured properly (private key is missing), contact the admins"
        return Response(json.dumps(error),
                        status=error['status_code'],
                        mimetype='application/json')

    except AttributeError:
        error['status_code'] = 415
        error['exception_msg'] = "cvm_salt parameter is missing"
        return Response(json.dumps(error),
                        status=error['status_code'],
                        mimetype='application/json')
    except ValueError:
        error['status_code'] = 415
        error[
            'exception_msg'] = "Virtual Machine parameters are missing {'cpus': 1, 'ram': 128, ...}"
        return Response(json.dumps(error),
                        status=error['status_code'],
                        mimetype='application/json')
Exemplo n.º 5
0
def vmcp():
    """VMCP support to sign CernVM requests"""
    error = dict(action=request.method,
                 status="failed",
                 status_code=None,
                 target='vmcp',
                 exception_cls='vmcp',
                 exception_msg=None)
    try:
        if current_app.config.get('VMCP_KEY'):
            pkey = current_app.root_path + '/../keys/' + current_app.config.get('VMCP_KEY')
            if not os.path.exists(pkey):
                raise IOError
        else:
            raise KeyError
        if request.args.get('cvm_salt'):
            salt = request.args.get('cvm_salt')
        else:
            raise AttributeError
        data = request.args.copy()
        signed_data = sign(data, salt, pkey)
        return Response(json.dumps(signed_data), 200, mimetype='application/json')

    except KeyError:
        error['status_code'] = 501
        error['exception_msg'] = "The server is not configured properly, contact the admins"
        return Response(json.dumps(error), status=error['status_code'],
                        mimetype='application/json')
    except IOError:
        error['status_code'] = 501
        error['exception_msg'] = "The server is not configured properly (private key is missing), contact the admins"
        return Response(json.dumps(error), status=error['status_code'],
                        mimetype='application/json')

    except AttributeError:
        error['status_code'] = 415
        error['exception_msg'] = "cvm_salt parameter is missing"
        return Response(json.dumps(error), status=error['status_code'],
                        mimetype='application/json')
    except ValueError:
        error['status_code'] = 415
        error['exception_msg'] = "Virtual Machine parameters are missing {'cpus': 1, 'ram': 128, ...}"
        return Response(json.dumps(error), status=error['status_code'],
                        mimetype='application/json')