def test_wrong_type_unique_data(self):
challenge = msgpack_protocol.Challenge(
unique_data=42,
valid_from=1365084334,
valid_to=1365084634,
fingerprint='L\x9a\x07\x12\xcb\x1e',
server_name='server.example.com',
username='******')
self.assertRaises(ValueError, challenge.serialize, "secret")
def create_challenge(self, username, version=0):
"""This method returns a challenge suitable for ssh-agent signing.
@param username the username of the user requesting a challenge
@param version the highest protocol version the clients supports
@exception ProtocolVersionError if the client supports
"""
if len(username) > 64:
raise ValueError("Username is too long: " + username)
try:
key = self.key_provider.get_key(username)
fingerprint = key.fingerprint()
except exceptions.NoSuchUserException:
log.info("No public key found for '%s', faking it." % username)
fingerprint = self._hmac(username)[:6]
if version < 1:
if self.lowest_supported_version > version:
raise exceptions.ProtocolVersionError(
"Client needs to support at least version %d" %
self.lowest_supported_version)
c = protocol.Challenge(
fingerprint=fingerprint,
server_name=self.server_name,
unique_data=self.urandom.read(20),
valid_from=int(self.now_func() - CLOCK_FUDGE),
valid_to=int(self.now_func() + RESP_TIMEOUT),
username=username)
b = c.serialize()
payload = protocol.VerifiablePayload(digest=self._hmac(b),
payload=b)
return ssh.base64url_encode(payload.serialize())
else:
c = msgpack_protocol.Challenge(
fingerprint=fingerprint,
server_name=self.server_name,
unique_data=self.urandom.read(20),
valid_from=int(self.now_func() - CLOCK_FUDGE),
valid_to=int(self.now_func() + RESP_TIMEOUT),
username=username)
return ssh.base64url_encode(c.serialize(self.secret))
import unittest
from crtauth import msgpack_protocol, exceptions, rsa
import rsa_test
SERIALIZED_CHALLENGE = (
'\x01c\xc4\x14uXFO\xd2\xdb\x7f\xfe}\x7f\x93\x91 vh\x89G6\x1f\xc2'
'\xceQ]\x88\xae\xceQ]\x89\xda\xc4\x06L\x9a\x07\x12\xcb\x1e\xb2se'
'rver.example.com\xa8username\xc4 \xf7-\xe8\xc8\x1b\xf8\xc5G\xe9'
'<p\xbde\xc1\xe8\x8f\xe75\x861\xed:?SJ\x7f\xe3V\xfb\xfc\x10\xb2')
CHALLENGE = msgpack_protocol.Challenge(
unique_data='uXFO\xd2\xdb\x7f\xfe}\x7f\x93\x91 vh\x89G6\x1f\xc2',
valid_from=1365084334,
valid_to=1365084634,
fingerprint='L\x9a\x07\x12\xcb\x1e',
server_name='server.example.com',
username='******')
SERIALIZED_RESPONSE = (
'\x01r\xc4h\x01c\xc4\x14uXFO\xd2\xdb\x7f\xfe}\x7f\x93\x91 vh\x89'
'G6\x1f\xc2\xceQ]\x88\xae\xceQ]\x89\xda\xc4\x06L\x9a\x07\x12\xcb'
'\x1e\xb2server.example.com\xa8username\xc4 \xf7-\xe8\xc8\x1b\xf8'
'\xc5G\xe9<p\xbde\xc1\xe8\x8f\xe75\x861\xed:?SJ\x7f\xe3V\xfb\xfc'
'\x10\xb2\xc5\x01\x00?)\xaby\x18\xb7\x0c5B\xcf\x9a\xd4t*\x8b\t\xd0'
'\x8f\xf3\xdaX\xa6z\xc1\'\xea}\xc9`\xa8\x96)\x19r\x85zi\x8e\xf1lJ'
'\x91\xa5\x8e4}\xc8\x06q)\x97T\xf6A\x0b\x10\x90\xeb\xb6\x16\x02QK'
'\xb8\x1b;\xd9\x83\x81M\xdf\xa5\x90\x00E{\xff\xad\x9e\xef\xf9\xf2O'
'\xcb\x97\xe0\x9dK\xa5\nS\xf3r\xcc\x1d\x1bx\xa3\x10\xcb|x\x06\xae,'
'\xdf\x92q\xb6\xfb%\xd78\xee{ \x8e\xcdF\xd2\xd9\x8f\xb6z\xfa\xbd'