def test_sign(self):
"""Test sign works."""
# rsa_pk = M2Crypto.RSA.gen_key(2048, 65537)
rsa_keys = rsa.newkeys(2048, 65537)
rsa_pk = rsa_keys[1]
rsa_pub = rsa_keys[0]
salt = 'salt'
data = {"flags": 8,
"name": "MyAwesomeVM",
"ram": 512,
"secret": "mg041na39123",
"userData": "[amiconfig]\nplugins=cernvm\n[cernvm]\nusers=user:users;password",
"vcpus": 1,
"version": "1.5"}
strBuffer = vmcp.calculate_buffer(data, salt)
with patch('rsa.PrivateKey.load_pkcs1', return_value=rsa_pk):
with patch('pybossa.vmcp.open', mock_open(read_data=''), create=True) as m:
out = vmcp.sign(data, salt, 'testkey')
err_msg = "There should be a key named signature"
assert out.get('signature'), err_msg
err_msg = "The signature should not be empty"
assert out['signature'] is not None, err_msg
assert out['signature'] != '', err_msg
err_msg = "The signature should be the same"
signature = base64.b64decode(out['signature'])
assert rsa.verify(strBuffer, signature, rsa_pub) == 1, err_msg
# The output must be convertible into json object
import json
assert_not_raises(Exception, json.dumps, out)
def test_sign(self):
"""Test sign works."""
rsa = M2Crypto.RSA.gen_key(2048, 65537)
salt = 'salt'
data = {"flags": 8,
"name": "MyAwesomeVM",
"ram": 512,
"secret": "mg041na39123",
"userData": "[amiconfig]\nplugins=cernvm\n[cernvm]\nusers=user:users;password",
"vcpus": 1,
"version": "1.5"}
strBuffer = vmcp.calculate_buffer(data, salt)
digest = hashlib.new('sha512', strBuffer).digest()
with patch('M2Crypto.RSA.load_key', return_value=rsa):
out = vmcp.sign(data, salt, 'key')
err_msg = "There should be a key named signature"
assert out.get('signature'), err_msg
err_msg = "The signature should not be empty"
assert out['signature'] is not None, err_msg
assert out['signature'] != '', err_msg
err_msg = "The signature should be the same"
signature = base64.b64decode(out['signature'])
assert rsa.verify(digest, signature, 'sha512') == 1, err_msg
# The output must be convertible into json object
import json
assert_not_raises(Exception, json.dumps, out)
def test_sign(self):
"""Test sign works."""
rsa = M2Crypto.RSA.gen_key(2048, 65537)
salt = 'salt'
data = {"flags": 8,
"name": "MyAwesomeVM",
"ram": 512,
"secret": "mg041na39123",
"userData": "[amiconfig]\nplugins=cernvm\n[cernvm]\nusers=user:users;password",
"vcpus": 1,
"version": "1.5"}
strBuffer = vmcp.calculate_buffer(data, salt)
digest = hashlib.new('sha512', strBuffer).digest()
with patch('M2Crypto.RSA.load_key', return_value=rsa):
out = vmcp.sign(data, salt, 'key')
err_msg = "There should be a key named signature"
assert out.get('signature'), err_msg
err_msg = "The signature should not be empty"
assert out['signature'] is not None, err_msg
assert out['signature'] != '', err_msg
err_msg = "The signature should be the same"
signature = base64.b64decode(out['signature'])
assert rsa.verify(digest, signature, 'sha512') == 1, err_msg
# The output must be convertible into json object
import json
assert_not_raises(Exception, json.dumps, out)
def vmcp():
"""VMCP support to sign CernVM requests"""
error = dict(action=request.method,
status="failed",
status_code=None,
target='vmcp',
exception_cls='vmcp',
exception_msg=None)
try:
if current_app.config.get('VMCP_KEY'):
pkey = current_app.root_path + '/../keys/' + current_app.config.get(
'VMCP_KEY')
if not os.path.exists(pkey):
raise IOError
else:
raise KeyError
if request.args.get('cvm_salt'):
salt = request.args.get('cvm_salt')
else:
raise AttributeError
data = request.args.copy()
signed_data = sign(data, salt, pkey)
return Response(json.dumps(signed_data),
200,
mimetype='application/json')
except KeyError:
error['status_code'] = 501
error[
'exception_msg'] = "The server is not configured properly, contact the admins"
return Response(json.dumps(error),
status=error['status_code'],
mimetype='application/json')
except IOError:
error['status_code'] = 501
error[
'exception_msg'] = "The server is not configured properly (private key is missing), contact the admins"
return Response(json.dumps(error),
status=error['status_code'],
mimetype='application/json')
except AttributeError:
error['status_code'] = 415
error['exception_msg'] = "cvm_salt parameter is missing"
return Response(json.dumps(error),
status=error['status_code'],
mimetype='application/json')
except ValueError:
error['status_code'] = 415
error[
'exception_msg'] = "Virtual Machine parameters are missing {'cpus': 1, 'ram': 128, ...}"
return Response(json.dumps(error),
status=error['status_code'],
mimetype='application/json')
def vmcp():
"""VMCP support to sign CernVM requests"""
error = dict(action=request.method,
status="failed",
status_code=None,
target='vmcp',
exception_cls='vmcp',
exception_msg=None)
try:
if current_app.config.get('VMCP_KEY'):
pkey = current_app.root_path + '/../keys/' + current_app.config.get('VMCP_KEY')
if not os.path.exists(pkey):
raise IOError
else:
raise KeyError
if request.args.get('cvm_salt'):
salt = request.args.get('cvm_salt')
else:
raise AttributeError
data = request.args.copy()
signed_data = sign(data, salt, pkey)
return Response(json.dumps(signed_data), 200, mimetype='application/json')
except KeyError:
error['status_code'] = 501
error['exception_msg'] = "The server is not configured properly, contact the admins"
return Response(json.dumps(error), status=error['status_code'],
mimetype='application/json')
except IOError:
error['status_code'] = 501
error['exception_msg'] = "The server is not configured properly (private key is missing), contact the admins"
return Response(json.dumps(error), status=error['status_code'],
mimetype='application/json')
except AttributeError:
error['status_code'] = 415
error['exception_msg'] = "cvm_salt parameter is missing"
return Response(json.dumps(error), status=error['status_code'],
mimetype='application/json')
except ValueError:
error['status_code'] = 415
error['exception_msg'] = "Virtual Machine parameters are missing {'cpus': 1, 'ram': 128, ...}"
return Response(json.dumps(error), status=error['status_code'],
mimetype='application/json')
