-
Notifications
You must be signed in to change notification settings - Fork 43
/
Copy path__init__.py
191 lines (147 loc) · 7.12 KB
/
__init__.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
""" Creates tests from lists of both valid and invalid keys.
New test is generated for each key so that running unittests gives out meaningful errors.
"""
from .authorized_keys import items as list_of_authorized_keys
from .invalid_authorized_keys import items as list_of_invalid_authorized_keys
from .invalid_keys import keys as list_of_invalid_keys
from .invalid_options import options as list_of_invalid_options
from .valid_keys import keys as list_of_valid_keys
from .valid_keys_rfc4716 import keys as list_of_valid_keys_rfc4716
from .valid_options import options as list_of_valid_options
from sshpubkeys import AuthorizedKeysFile, InvalidOptionsError, SSHKey
import sys
import unittest
if sys.version_info.major == 2:
from io import BytesIO as StringIO
else:
from io import StringIO
DEFAULT_KEY = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGODBKRjsFB/1v3pDRGpA6xR+QpOJg9vat0brlbUNDD"
class TestMisc(unittest.TestCase):
def test_none_to_constructor(self):
ssh = SSHKey(None)
self.assertEqual(None, ssh.keydata) # Python2.6 does not have assertIsNone
self.assertRaises(ValueError, ssh.parse)
class TestKeys(unittest.TestCase):
def check_key(self, pubkey, bits, fingerprint_md5, fingerprint_sha256, options, comment, **kwargs): # pylint:disable=too-many-arguments
""" Checks valid key """
ssh = SSHKey(pubkey, **kwargs)
ssh.parse()
self.assertEqual(ssh.bits, bits)
self.assertEqual(ssh.hash_md5(), fingerprint_md5)
self.assertEqual(ssh.options_raw, options)
self.assertEqual(ssh.comment, comment)
if fingerprint_sha256 is not None:
self.assertEqual(ssh.hash_sha256(), fingerprint_sha256)
if ssh.ecdsa:
ec = ssh.ecdsa
repr(ec)
ec.to_pem()
ec.to_der()
ec.to_string("raw")
ec.to_string("uncompressed")
ec.to_string("compressed")
def check_fail(self, pubkey, expected_error, **kwargs):
""" Checks that key check raises specified exception """
# Don't use with statement here - it does not work with Python 2.6 unittest module
ssh_key = SSHKey(pubkey, **kwargs)
self.assertRaises(expected_error, ssh_key.parse)
def test_key_property(self):
ssh = SSHKey(DEFAULT_KEY)
self.assertEqual(ssh.key, DEFAULT_KEY.split()[1].encode())
class TestOptions(unittest.TestCase):
def check_valid_option(self, option, parsed_option):
ssh = SSHKey()
parsed = ssh.parse_options(option)
self.assertEqual(parsed, parsed_option)
def check_invalid_option(self, option, expected_error):
ssh = SSHKey()
self.assertRaises(expected_error, ssh.parse_options, option)
def test_disallow_options(self):
ssh = SSHKey(disallow_options=True)
key = """command="dump /home",no-pty,no-port-forwarding """ + DEFAULT_KEY
self.assertRaises(InvalidOptionsError, ssh.parse, key)
class TestAuthorizedKeys(unittest.TestCase):
def check_valid_file(self, file_str, valid_keys_count):
file_obj = StringIO(file_str)
key_file = AuthorizedKeysFile(file_obj)
for item in key_file.keys:
self.assertIsInstance(item, SSHKey)
self.assertEqual(len(key_file.keys), valid_keys_count)
def check_invalid_file(self, file_str, expected_error):
file_obj = StringIO(file_str)
self.assertRaises(expected_error, AuthorizedKeysFile, file_obj)
def test_disallow_options(self):
file_obj = StringIO("""command="dump /home",no-pty,no-port-forwarding """ + DEFAULT_KEY)
self.assertRaises(InvalidOptionsError, AuthorizedKeysFile, file_obj, disallow_options=True)
file_obj.seek(0)
key_file = AuthorizedKeysFile(file_obj)
self.assertEqual(len(key_file.keys), 1)
def loop_options(options):
""" Loop over list of options and dynamically create tests """
def ch(option, parsed_option):
return lambda self: self.check_valid_option(option, parsed_option)
for i, items in enumerate(options):
prefix_tmp = f"{items[0]}_{i}"
setattr(TestOptions, f"test_{prefix_tmp}", ch(items[1], items[2]))
def loop_invalid_options(options):
def ch(option, expected_error):
return lambda self: self.check_invalid_option(option, expected_error)
for i, items in enumerate(options):
prefix_tmp = f"{items[0]}_{i}"
setattr(TestOptions, f"test_{prefix_tmp}", ch(items[1], items[2]))
def loop_valid(keyset, prefix):
""" Loop over list of valid keys and dynamically create tests """
def ch(pubkey, bits, fingerprint_md5, fingerprint_sha256, options, comment, **kwargs): # pylint:disable=too-many-arguments
return lambda self: self.check_key(pubkey, bits, fingerprint_md5, fingerprint_sha256, options, comment, **kwargs)
for items in keyset:
modes = items.pop()
prefix_tmp = f"{prefix}_{items.pop()}"
for mode in modes:
if mode == "strict":
kwargs = {"strict": True}
else:
kwargs = {"strict": False}
if len(items) == 4:
pubkey, bits, fingerprint_md5, fingerprint_sha256 = items
options = comment = None
else:
pubkey, bits, fingerprint_md5, fingerprint_sha256, options, comment = items
setattr(
TestKeys, f"test_{prefix_tmp}_mode_{mode}",
ch(pubkey, bits, fingerprint_md5, fingerprint_sha256, options, comment, **kwargs)
)
def loop_invalid(keyset, prefix):
""" Loop over list of invalid keys and dynamically create tests """
def ch(pubkey, expected_error, **kwargs):
return lambda self: self.check_fail(pubkey, expected_error, **kwargs)
for items in keyset:
modes = items.pop()
prefix_tmp = f"{prefix}_{items.pop()}"
for mode in modes:
if mode == "strict":
kwargs = {"strict": True}
else:
kwargs = {"strict": False}
pubkey, expected_error = items
setattr(TestKeys, f"test_{prefix_tmp}_mode_{mode}", ch(pubkey, expected_error, **kwargs))
def loop_authorized_keys(keyset):
def ch(file_str, valid_keys_count):
return lambda self: self.check_valid_file(file_str, valid_keys_count)
for i, items in enumerate(keyset):
prefix_tmp = f"{items[0]}_{i}"
setattr(TestAuthorizedKeys, f"test_{prefix_tmp}", ch(items[1], items[2]))
def loop_invalid_authorized_keys(keyset):
def ch(file_str, expected_error, **kwargs):
return lambda self: self.check_invalid_file(file_str, expected_error, **kwargs)
for i, items in enumerate(keyset):
prefix_tmp = f"{items[0]}_{i}"
setattr(TestAuthorizedKeys, f"test_invalid_{prefix_tmp}", ch(items[1], items[2]))
loop_valid(list_of_valid_keys, "valid_key")
loop_valid(list_of_valid_keys_rfc4716, "valid_key_rfc4716")
loop_invalid(list_of_invalid_keys, "invalid_key")
loop_options(list_of_valid_options)
loop_invalid_options(list_of_invalid_options)
loop_authorized_keys(list_of_authorized_keys)
loop_invalid_authorized_keys(list_of_invalid_authorized_keys)
if __name__ == '__main__':
unittest.main()