def test_serialize_padding(): for i in xrange(1, 5): user = "******" * i unique_data = '\x859\x9eHK\xc6\x83=\x0c,\xda\xf7K\x8e\xc3\xea}:$\xf8' challenge = protocol.Challenge(unique_data=unique_data, valid_from=1365084334, valid_to=1367073504, fingerprint="\t\x02\xc8|\x83[", server_name="example.com", username=user) assert len(protocol.Challenge.serialize(challenge)) % 4 == 0
def test_serialize_challenge(): unique_data = '\x859\x9eHK\xc6\x83=\x0c,\xda\xf7K\x8e\xc3\xea}:$\xf8' challenge = protocol.Challenge(unique_data=unique_data, valid_from=1365084334, valid_to=1367073504, fingerprint="\t\x02\xc8|\x83[", server_name="example.com", username="******") buf = protocol.Challenge.serialize(challenge) res = ('c\x00\x00\x00\x859\x9eHK\xc6\x83=\x0c,\xda\xf7K\x8e\xc3\xea}:$' '\xf8Q]\x88\xaeQ{\xe2\xe0\x00\x00\x00\x06\t\x02\xc8|\x83[' '\x00\x00\x00\x00\x00\x0bexample.com\x00\x00\x00\x00\x04user') assert buf == res
def create_challenge(self, username, version=0): """This method returns a challenge suitable for ssh-agent signing. @param username the username of the user requesting a challenge @param version the highest protocol version the clients supports @exception ProtocolVersionError if the client supports """ if len(username) > 64: raise ValueError("Username is too long: " + username) try: key = self.key_provider.get_key(username) fingerprint = key.fingerprint() except exceptions.NoSuchUserException: log.info("No public key found for '%s', faking it." % username) fingerprint = self._hmac(username)[:6] if version < 1: if self.lowest_supported_version > version: raise exceptions.ProtocolVersionError( "Client needs to support at least version %d" % self.lowest_supported_version) c = protocol.Challenge( fingerprint=fingerprint, server_name=self.server_name, unique_data=self.urandom.read(20), valid_from=int(self.now_func() - CLOCK_FUDGE), valid_to=int(self.now_func() + RESP_TIMEOUT), username=username) b = c.serialize() payload = protocol.VerifiablePayload(digest=self._hmac(b), payload=b) return ssh.base64url_encode(payload.serialize()) else: c = msgpack_protocol.Challenge( fingerprint=fingerprint, server_name=self.server_name, unique_data=self.urandom.read(20), valid_from=int(self.now_func() - CLOCK_FUDGE), valid_to=int(self.now_func() + RESP_TIMEOUT), username=username) return ssh.base64url_encode(c.serialize(self.secret))