summaryrefslogtreecommitdiff
path: root/tests/test_pkey.py
diff options
context:
space:
mode:
authorJeff Forcier <jeff@bitprophet.org>2021-12-13 15:55:36 -0500
committerJeff Forcier <jeff@bitprophet.org>2021-12-23 00:31:01 -0500
commit363a28d94cada17f012c1604a3c99c71a2bda003 (patch)
tree6979a1d39ced84c3b29d366a0026db5fd9a62851 /tests/test_pkey.py
parentdfffaeaa0170c784307d1c89dad60528a59b6ff2 (diff)
downloadparamiko-363a28d94cada17f012c1604a3c99c71a2bda003.tar.gz
Add support for RSA SHA2 host and public keys
Includes a handful of refactors and new semiprivate attributes on Transport and AuthHandler for better test visibility.
Diffstat (limited to 'tests/test_pkey.py')
-rw-r--r--tests/test_pkey.py26
1 files changed, 18 insertions, 8 deletions
diff --git a/tests/test_pkey.py b/tests/test_pkey.py
index 94b2492b..0cc20133 100644
--- a/tests/test_pkey.py
+++ b/tests/test_pkey.py
@@ -63,6 +63,8 @@ FINGER_ECDSA_256 = "256 25:19:eb:55:e6:a1:47:ff:4f:38:d2:75:6f:a5:d5:60"
FINGER_ECDSA_384 = "384 c1:8d:a0:59:09:47:41:8e:a8:a6:07:01:29:23:b4:65"
FINGER_ECDSA_521 = "521 44:58:22:52:12:33:16:0e:ce:0e:be:2c:7c:7e:cc:1e"
SIGNED_RSA = "20:d7:8a:31:21:cb:f7:92:12:f2:a4:89:37:f5:78:af:e6:16:b6:25:b9:97:3d:a2:cd:5f:ca:20:21:73:4c:ad:34:73:8f:20:77:28:e2:94:15:08:d8:91:40:7a:85:83:bf:18:37:95:dc:54:1a:9b:88:29:6c:73:ca:38:b4:04:f1:56:b9:f2:42:9d:52:1b:29:29:b4:4f:fd:c9:2d:af:47:d2:40:76:30:f3:63:45:0c:d9:1d:43:86:0f:1c:70:e2:93:12:34:f3:ac:c5:0a:2f:14:50:66:59:f1:88:ee:c1:4a:e9:d1:9c:4e:46:f0:0e:47:6f:38:74:f1:44:a8" # noqa
+SIGNED_RSA_256 = "cc:6:60:e0:0:2c:ac:9e:26:bc:d5:68:64:3f:9f:a7:e5:aa:41:eb:88:4a:25:5:9c:93:84:66:ef:ef:60:f4:34:fb:f4:c8:3d:55:33:6a:77:bd:b2:ee:83:f:71:27:41:7e:f5:7:5:0:a9:4c:7:80:6f:be:76:67:cb:58:35:b9:2b:f3:c2:d3:3c:ee:e1:3f:59:e0:fa:e4:5c:92:ed:ae:74:de:d:d6:27:16:8f:84:a3:86:68:c:94:90:7d:6e:cc:81:12:d8:b6:ad:aa:31:a8:13:3d:63:81:3e:bb:5:b6:38:4d:2:d:1b:5b:70:de:83:cc:3a:cb:31" # noqa
+SIGNED_RSA_512 = "87:46:8b:75:92:33:78:a0:22:35:32:39:23:c6:ab:e1:6:92:ad:bc:7f:6e:ab:19:32:e4:78:b2:2c:8f:1d:c:65:da:fc:a5:7:ca:b6:55:55:31:83:b1:a0:af:d1:95:c5:2e:af:56:ba:f5:41:64:f:39:9d:af:82:43:22:8f:90:52:9d:89:e7:45:97:df:f3:f2:bc:7b:3a:db:89:e:34:fd:18:62:25:1b:ef:77:aa:c6:6c:99:36:3a:84:d6:9c:2a:34:8c:7f:f4:bb:c9:a5:9a:6c:11:f2:cf:da:51:5e:1e:7f:90:27:34:de:b2:f3:15:4f:db:47:32:6b:a7" # noqa
FINGER_RSA_2K_OPENSSH = "2048 68:d1:72:01:bf:c0:0c:66:97:78:df:ce:75:74:46:d6"
FINGER_DSS_1K_OPENSSH = "1024 cf:1d:eb:d7:61:d3:12:94:c6:c0:c6:54:35:35:b0:82"
FINGER_EC_384_OPENSSH = "384 72:14:df:c1:9a:c3:e6:0e:11:29:d6:32:18:7b:ea:9b"
@@ -238,21 +240,29 @@ class KeyTest(unittest.TestCase):
self.assertTrue(not pub.can_sign())
self.assertEqual(key, pub)
- def test_sign_rsa(self):
- # verify that the rsa private key can sign and verify
+ def _sign_and_verify_rsa(self, algorithm, saved_sig):
key = RSAKey.from_private_key_file(_support("test_rsa.key"))
- msg = key.sign_ssh_data(b"ice weasels")
- self.assertTrue(type(msg) is Message)
+ msg = key.sign_ssh_data(b"ice weasels", algorithm)
+ assert isinstance(msg, Message)
msg.rewind()
- self.assertEqual("ssh-rsa", msg.get_text())
- sig = bytes().join(
- [byte_chr(int(x, 16)) for x in SIGNED_RSA.split(":")]
+ assert msg.get_text() == algorithm
+ expected = bytes().join(
+ [byte_chr(int(x, 16)) for x in saved_sig.split(":")]
)
- self.assertEqual(sig, msg.get_binary())
+ assert msg.get_binary() == expected
msg.rewind()
pub = RSAKey(data=key.asbytes())
self.assertTrue(pub.verify_ssh_sig(b"ice weasels", msg))
+ def test_sign_and_verify_ssh_rsa(self):
+ self._sign_and_verify_rsa("ssh-rsa", SIGNED_RSA)
+
+ def test_sign_and_verify_rsa_sha2_512(self):
+ self._sign_and_verify_rsa("rsa-sha2-512", SIGNED_RSA_512)
+
+ def test_sign_and_verify_rsa_sha2_256(self):
+ self._sign_and_verify_rsa("rsa-sha2-256", SIGNED_RSA_256)
+
def test_sign_dss(self):
# verify that the dss private key can sign and verify
key = DSSKey.from_private_key_file(_support("test_dss.key"))