Пример #1
0
class SSHPublicKeyCheckerTestCase(TestCase):
    """
    Tests for L{SSHPublicKeyChecker}
    """
    def setUp(self):
        self.credentials = SSHPrivateKey(
            'alice', 'ssh-rsa', publicRSA_openssh, 'foo',
             Key.fromString(privateRSA_openssh).sign('foo'))
        self.keydb = _KeyDB(lambda _: [Key.fromString(publicRSA_openssh)])
        self.checker = SSHPublicKeyChecker(self.keydb)

    def test_credentials_without_signature(self):
        """
        Calling L{SSHPublicKeyChecker.requestAvatarId} with credentials that
        do not have a signature fails with L{ValidPublicKey}
        """
        self.credentials.signature = None
        self.failureResultOf(self.checker.requestAvatarId(self.credentials),
                             ValidPublicKey)

    def test_credentials_with_bad_key(self):
        """
        Calling L{SSHPublicKeyChecker.requestAvatarId} with credentials that
        have a bad key fails with L{BadKeyError}
        """
        self.credentials.blob = ''
        self.failureResultOf(self.checker.requestAvatarId(self.credentials),
                             BadKeyError)

    def test_failure_getting_authorized_keys(self):
        """
        If L{IAuthorizedKeysDB.getAuthorizedKeys} raises an exception,
        L{SSHPublicKeyChecker.requestAvatarId} fails with L{UnauthorizedLogin}
        """
        def fail(_):
            raise _DummyException()

        self.keydb = _KeyDB(fail)
        self.checker = SSHPublicKeyChecker(self.keydb)
        self.failureResultOf(self.checker.requestAvatarId(self.credentials),
                             UnauthorizedLogin)
        self.flushLoggedErrors(_DummyException)

    def test_credentials_no_matching_key(self):
        """
        If L{IAuthorizedKeysDB.getAuthorizedKeys} returns no keys that match
        the credentials, L{SSHPublicKeyChecker.requestAvatarId} fails with
        L{UnauthorizedLogin}
        """
        self.credentials.blob = publicDSA_openssh
        self.failureResultOf(self.checker.requestAvatarId(self.credentials),
                             UnauthorizedLogin)

    def test_credentials_invalid_signature(self):
        """
        Calling L{SSHPublicKeyChecker.requestAvatarId} with credentials that
        are incorrectly signed fails with L{UnauthorizedLogin}
        """
        self.credentials.signature = (
            Key.fromString(privateDSA_openssh).sign('foo'))
        self.failureResultOf(self.checker.requestAvatarId(self.credentials),
                             UnauthorizedLogin)

    def test_failure_verifying_key(self):
        """
        If L{Key.verify} raises an exception,
        L{SSHPublicKeyChecker.requestAvatarId} fails with L{UnauthorizedLogin}
        """
        def fail(*args, **kwargs):
            raise _DummyException()

        self.patch(Key, 'verify', fail)

        self.failureResultOf(self.checker.requestAvatarId(self.credentials),
                             UnauthorizedLogin)
        self.flushLoggedErrors(_DummyException)

    def test_username_returned_on_success(self):
        """
        L{SSHPublicKeyChecker.requestAvatarId}, if successful, callbacks with
        the username
        """
        d = self.checker.requestAvatarId(self.credentials)
        self.assertEqual('alice', self.successResultOf(d))
Пример #2
0
class SSHPublicKeyCheckerTestCase(TestCase):
    """
    Tests for L{SSHPublicKeyChecker}
    """
    def setUp(self):
        self.credentials = SSHPrivateKey(
            'alice', 'ssh-rsa', publicRSA_openssh, 'foo',
            Key.fromString(privateRSA_openssh).sign('foo'))
        self.keydb = _KeyDB(lambda _: [Key.fromString(publicRSA_openssh)])
        self.checker = SSHPublicKeyChecker(self.keydb)

    def test_credentials_without_signature(self):
        """
        Calling L{SSHPublicKeyChecker.requestAvatarId} with credentials that
        do not have a signature fails with L{ValidPublicKey}
        """
        self.credentials.signature = None
        self.failureResultOf(self.checker.requestAvatarId(self.credentials),
                             ValidPublicKey)

    def test_credentials_with_bad_key(self):
        """
        Calling L{SSHPublicKeyChecker.requestAvatarId} with credentials that
        have a bad key fails with L{BadKeyError}
        """
        self.credentials.blob = ''
        self.failureResultOf(self.checker.requestAvatarId(self.credentials),
                             BadKeyError)

    def test_failure_getting_authorized_keys(self):
        """
        If L{IAuthorizedKeysDB.getAuthorizedKeys} raises an exception,
        L{SSHPublicKeyChecker.requestAvatarId} fails with L{UnauthorizedLogin}
        """
        def fail(_):
            raise _DummyException()

        self.keydb = _KeyDB(fail)
        self.checker = SSHPublicKeyChecker(self.keydb)
        self.failureResultOf(self.checker.requestAvatarId(self.credentials),
                             UnauthorizedLogin)
        self.flushLoggedErrors(_DummyException)

    def test_credentials_no_matching_key(self):
        """
        If L{IAuthorizedKeysDB.getAuthorizedKeys} returns no keys that match
        the credentials, L{SSHPublicKeyChecker.requestAvatarId} fails with
        L{UnauthorizedLogin}
        """
        self.credentials.blob = publicDSA_openssh
        self.failureResultOf(self.checker.requestAvatarId(self.credentials),
                             UnauthorizedLogin)

    def test_credentials_invalid_signature(self):
        """
        Calling L{SSHPublicKeyChecker.requestAvatarId} with credentials that
        are incorrectly signed fails with L{UnauthorizedLogin}
        """
        self.credentials.signature = (
            Key.fromString(privateDSA_openssh).sign('foo'))
        self.failureResultOf(self.checker.requestAvatarId(self.credentials),
                             UnauthorizedLogin)

    def test_failure_verifying_key(self):
        """
        If L{Key.verify} raises an exception,
        L{SSHPublicKeyChecker.requestAvatarId} fails with L{UnauthorizedLogin}
        """
        def fail(*args, **kwargs):
            raise _DummyException()

        self.patch(Key, 'verify', fail)

        self.failureResultOf(self.checker.requestAvatarId(self.credentials),
                             UnauthorizedLogin)
        self.flushLoggedErrors(_DummyException)

    def test_username_returned_on_success(self):
        """
        L{SSHPublicKeyChecker.requestAvatarId}, if successful, callbacks with
        the username
        """
        d = self.checker.requestAvatarId(self.credentials)
        self.assertEqual('alice', self.successResultOf(d))