def test_chap_encryption(self):
private_key = rsa.generate_private_key(public_exponent=65537,
key_size=2048,
backend=default_backend())
priv_pem = private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption())
priv_key_file = tempfile.mkstemp()
with open(priv_key_file[1], "wb") as kf:
kf.write(priv_pem)
pub_pem = private_key.public_key().public_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo)
pub_key_file = tempfile.mkstemp()
with open(pub_key_file[1], "wb") as kf:
kf.write(pub_pem)
settings.config.priv_key = priv_key_file[1]
settings.config.pub_key = pub_key_file[1]
settings.config.ceph_config_dir = ""
chap = CHAP("")
chap._set_chap_str("username/passwordverylonglong")
chap2 = CHAP(chap._get_chap_str())
self.assertEqual(chap2._get_chap_str(),
"username/passwordverylonglong")
def test_chap_upgrade(self):
private_key = rsa.generate_private_key(public_exponent=65537,
key_size=2048,
backend=default_backend())
priv_pem = private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption())
priv_key_file = tempfile.mkstemp()
with open(priv_key_file[1], "wb") as kf:
kf.write(priv_pem)
pub_pem = private_key.public_key().public_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo)
pub_key_file = tempfile.mkstemp()
with open(pub_key_file[1], "wb") as kf:
kf.write(pub_pem)
settings.config.priv_key = priv_key_file[1]
settings.config.pub_key = pub_key_file[1]
settings.config.ceph_config_dir = ""
key = private_key.public_key()
encrypted_pw = b64encode(
key.encrypt(
"passwordverylonglong".encode('utf-8'),
padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA1()),
algorithm=hashes.SHA1(),
label=None))).decode('utf-8')
chap2 = CHAP("username/{}".format(encrypted_pw))
self.assertEqual(chap2._get_chap_str(),
"username/passwordverylonglong")
def test_chap_no_encryption(self):
chap = CHAP("")
chap._set_chap_str("username/password")
self.assertEqual(chap._get_chap_str(), "username/password")