Ϫfj>dZddlZddlZddlmZddlmZddlmZddl m Z ddl m Z ddl mZe d Zed Zer2dd lmZdd lmZdd lmZddlmZmZmZej7ZndZdZGddej<ZGddej<Z y)z& Tests for L{twisted.conch.ssh.keys}. N)dedent)keydata) randbytes)FilePath) requireModule)unittest cryptographyz Cannot run without cryptography.)default_backend)hashes)padding)commonkeyssexpyFc tsd|_|S)Nz$ed25519 not supported on this system)ED25519_SUPPORTEDskip)fs >/usr/lib/python3/dist-packages/twisted/conch/test/test_keys.pyskipWithoutEd25519r$s 7 Hc`eZdZeeZdZdZdZdZ dZ dZ dZ d Z d Zd Zd Zd ZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZ dZ!dZ"dZ#d Z$d!Z%d"Z&d#Z'd$Z(d%Z)d&Z*e+d'Z,d(Z-d)Z.d*Z/d+Z0e+d,Z1d-Z2d.Z3d/Z4e+d0Z5d1Z6d2Z7d3Z8d4Z9e+d5Z:d6Z;d7Zd:Z?d;Z@d<ZAe+d=ZBe+d>ZCd?ZDd@ZEdAZFdBZGdCZHdDZIdEZJdFZKdGZLdHZMdIZNe+dJZOdKZPdLZQdMZRdNZSdOZTdPZUdQZVdRZWe+dSZXe+dTZYy)UKeyTestsNc tjjtjdtjdtjdtjdtjdtjdj |_tjjtjdtjdtjdtjd tjd  j |_ tjjtjd tjdtjd tjd j |_ tjjtjd tjdtjd tjd j |_tjjtjd tjdtjd tjd j |_t"rRtjj%tj&dtj&dj |_d|_d|_|j/t0dd|j3|_t7|j4d5}|j9tj:dddy#1swYyxYw)Nnedpqu)rrrrrrygx)r rrr!r" privateValuecurve)r"r r#r$ak)r%r&sssh-rsa~YWpu@1SOE/xG3U d ,'=QgxjIޯb@r ΣzM1q5 {wjKNCi}RT DJH l[|^nъaYBǾ7 9j.9p?N/) >AµjUWԮBtyfˆkuNɓY.VL44`CǦ6Y% 4^rY .%HAs7ssh-dss(?;TFA E@4,d ٮ[-nQfjrgp< secureRandomc d|zS)N)r"s rz KeyTests.setUp..hs ! rwb)rKey_fromRSAComponentsrRSAData _keyObjectrsaObj_fromDSAComponentsDSADatadsaObj_fromECComponentsECDatanistp256ecObjECDatanistp384ecObj384ECDatanistp521ecObj521r_fromEd25519Components Ed25519Data ed25519Obj rsaSignature dsaSignaturepatchrmktempkeyFileopenwriteprivateRSA_lsh)selfrs rsetUpzKeyTests.setUp.shh11ooc"ooc"ooc"ooc"ooc"ooc" 2  * hh11ooc"ooc"ooc"ooc"ooc" 2 * XX//$$S)$$S) //?((1 0 * 22$$S)$$S) //?((1 3 * 22$$S)$$S) //?((1 3 * "hh==%%c*g.A.A#.F>j O ;     9n.CD{{} $,, % , GGG** + , , ,s . MM cBtj|jyN)osunlinkrCrGs rtearDownzKeyTests.tearDownms $,,rc|jtj|jj d|jtj|j j d|jtj|j j d|jtj|jj d|jtj|jj dtr>|jtj|jj dyy)zU The L{keys.Key.size} method returns the size of key object in bits. ii N) assertEqualrr-r1sizer4r7r9r;rr>rMs r test_sizezKeyTests.test_sizeps $++.335t< $++.335t< $**-224c: $--0557= $--0557=    TXXdoo6;;=s C rcP |jtjjtj d|jtjjtj d|jtjjtjdtr=|jtjjtjd|jtjjtjd|jtjjtjd|jtjjtjd|jtjjtjd|jtjjtjd|jtjjtjdtr=|jtjjtj d|jtjjtj"d|jtjjtj$d|jtjjtj&d|jtjjtj(d|jtjjtj*d|jtjjtj,d|jtjjdd|jtjjdd|jtjjd d y ) z_ Test that the _guessStringType method guesses string types correctly. public_opensshprivate_openssh public_lsh private_lshagentv3sssh-rsablobsssh-dsss not a keyN)rSrr-_guessStringTyperpublicRSA_opensshpublicDSA_opensshpublicECDSA_opensshrpublicEd25519_opensshprivateRSA_opensshprivateRSA_openssh_newprivateDSA_opensshprivateDSA_openssh_newprivateECDSA_opensshprivateECDSA_openssh_newprivateEd25519_openssh_new publicRSA_lsh publicDSA_lshrFprivateDSA_lshprivateRSA_agentv3privateDSA_agentv3rMs rtest__guessStringTypezKeyTests.test__guessStringType|s@  HH % %g&?&? @BR   HH % %g&?&? @BR   HH % %g&A&A BDT     ))'*G*GH    HH % %g&@&@ ACT   HH % %g&D&D EGX   HH % %g&@&@ ACT   HH % %g&D&D EGX   HH % %g&B&B CEV   HH % %g&F&F G      ))'*L*LM!  2273H3HI<X 2273H3HI<X  HH % %g&<&< =}   HH % %g&<&< =}   HH % %g&@&@ A9   HH % %g&@&@ A9   HH % %&T U    HH % %&T U   22<@$GrcRtjjtj}tjjtj }|j |j|jtjjtj}tjjtj}|j |j|jtjjtj}tjjtj}|j |j|jtrtjjtj}tjjtj}|j |j|jyy)zn The L{keys.Key.public} method returns a public key for both public and private keys. N)rr- fromStringrrbr^rSpublicrdr_rfr`rrhra) rG privateRSAKey publicRSAKey privateDSAKey publicDSAKeyprivateECDSAKeypublicECDSAKeyprivateEd25519KeypublicEd25519Keys r test_publiczKeyTests.test_publicsh++G,F,FG xx**7+D+DE  --/1D1D1FG++G,F,FG xx**7+D+DE  --/1D1D1FG((--g.J.JK,,W-H-HI //1>3H3H3JK  $ 3 3G4V4V W #xx2273P3PQ    .5579I9P9P9R S rctjjtj}tjjtj }tjjtj }|j|jj|j|j|j|jj|j|j|j|jj|j|jtrztjjtj}|j|jj|j|jyy)zg The L{keys.Key.isPublic} method returns True for public keys otherwise False. N) rr-rprrbrdrf assertTruerqisPublic assertFalserrh)rGrsaKeydsaKeyecdsaKey ed25519Keys r test_isPubliczKeyTests.test_isPublics< $$W%?%?@$$W%?%?@88&&w'C'CD  0023 *+  0023 *+ )2245 **,- ,,W-O-OPJ OOJ--/88: ;   Z002 3 rcP|j||||j|||yrJ)_testPublicFromString_testPrivateFromString)rGrqprivatetypedatas r_testPublicPrivateFromStringz%KeyTests._testPublicPrivateFromStrings& ""646 ##GT48rc6tjj|}|j|j |j |j ||jjD]\}}|j |||yrJ) rr-rpr|r}rSrritems)rGrqrr publicKeyr&vs rrzKeyTests._testPublicFromStringsyHH''/   **,- )40NN$**, )DAq   T!Wa ( )rc6tjj|}|j|j |j |j ||jD](\}}|j |j||*yrJ) rr-rpr~r}rSrrr)rGrrr privateKeyr&rs rrzKeyTests._testPrivateFromStringsyXX((1  ,,./ *D1JJL 6DAq   Z__.q11 5 6rc|jtjtjdtj|jtj tj dtj|jtjjtjdtjjtj |jtjtjdtjt r?|jtj"tj$dtj&yy)zN Test that keys are correctly generated from OpenSSH strings. ECRSA encrypted passphraseDSAEd25519N)rrr`rfr6r^rbr/rSrr-rpprivateRSA_openssh_encryptedr_rdr3rrarhr=rMs rtest_fromOpenSSHzKeyTests.test_fromOpenSSHs  ))  ' '  ( (   " "  ))  % %  & &  OO   HH  44   HH   : : ;  ))  % %  & &  OO     - ---22##   rc|d}|jtjtjj|dy)z. Tests for invalid key types. s -----BEGIN FOO PRIVATE KEY----- MIGkAgEBBDAtAi7I8j73WCX20qUM5hhHwHuFzYWYYILs2Sh8UZ+awNkARZ/Fu2LU LLl5RtOQpbWgBwYFK4EEACKhZANiAATU17sA9P5FRwSknKcFsjjsk0+E3CeXPYX0 Tk/M0HK3PpWQWgrO8JdRHP9eFE9O/23P8BumwFt7F/AvPlCzVd35VfraFT0o4cCW G0RqpQ+np31aKmeJshkcYALEchnU+tQ= -----END EC PRIVATE KEY-----N) assertRaisesr BadKeyErrorr-_fromString_PRIVATE_OPENSSHrGbadKeys rtest_fromOpenSSHErrorszKeyTests.test_fromOpenSSHErrors"s2     dhhBBFD rcd}|jtjj|tjj|dzy)zP If key strings have trailing whitespace, it should be ignored. -----BEGIN DSA PRIVATE KEY----- MIIBuwIBAAKBgQDylESNuc61jq2yatCzZbenlr9llG+p9LhIpOLUbXhhHcwC6hrh EZIdCKqTO0USLrGoP5uS9UHAUoeN62Z0KXXWTwOWGEQn/syyPzNJtnBorHpNUT9D Qzwl1yUa53NNgEctpo4NoEFOx8PuU6iFLyvgHCjNn2MsuGuzkZm7sI9ZpQIVAJiR 9dPc08KLdpJyRxz8T74b4FQRAoGAGBc4Z5Y6R/HZi7AYM/iNOM8su6hrk8ypkBwR a3Dbhzk97fuV3SF1SDrcQu4zF7c4CtH609N5nfZs2SUjLLGPWln83Ysb8qhh55Em AcHXuROrHS/sDsnqu8FQp86MaudrqMExCOYyVPE7jaBWW+/JWFbKCxmgOCSdViUJ esJpBFsCgYEA7+jtVvSt9yrwsS/YU1QGP5wRAiDYB+T5cK4HytzAqJKRdC5qS4zf C7R0eKcDHHLMYO39aPnCwXjscisnInEhYGNblTDyPyiyNxAOXuC8x7luTmwzMbNJ /ow0IqSj0VF72VJN9uSoPpFd4lLT0zN8v42RWja0M8ohWNf+YNJluPgCFE0PT4Vm SUrCyZXsNh6VXwjs3gKQ -----END DSA PRIVATE KEY----- N)rSrr-rprGprivateDSADatas r test_fromOpenSSH_with_whitespacez)KeyTests.test_fromOpenSSH_with_whitespace0sB !  HH   / HH   6 7 rc*tjjtjd}|j |j dtjjtjdzd}|j ||y)z Newer versions of OpenSSH generate encrypted keys which have a longer IV than the older versions. These newer keys are also loaded. stestxprrrN)rr-rpr privateRSA_openssh_encrypted_aesrSr)rGkeykey2s rtest_fromNewerOpenSSHzKeyTests.test_fromNewerOpenSSHGs{ hh!!  4 4"  U+xx""  4 4u <#  d#rctjtjftjtjftj tj ftjtjftjtjffD]Q\}}|jtjj|tjj|S|jtjjtjdtjjtj dy)z OpenSSH 6.5 introduced a newer "openssh-key-v1" private key format (made the default in OpenSSH 7.8). Loading keys in this format produces identical results to loading the same keys in the old PEM-based format. rrN)rrbrcrdrerfrgprivateECDSA_openssh384privateECDSA_openssh384_newprivateECDSA_openssh521privateECDSA_openssh521_newrSrr-rp privateRSA_openssh_encrypted_newr)rGoldnews rtest_fromOpenSSH_v1_formatz#KeyTests.test_fromOpenSSH_v1_formatUs ' ')G)G H  ' ')G)G H  ) )7+K+K L  , ,g.Q.Q R  , ,g.Q.Q R   QHC   TXX005txx7J7J37O P Q  HH  88\   HH  44    rc d}|jtjj|tjj|j ddy)zp Test that keys are correctly generated from OpenSSH strings with Windows line endings. rrs N)rSrr-rpreplacers r%test_fromOpenSSH_windows_line_endingsz.KeyTests.test_fromOpenSSH_windows_line_endingsmsJ !  HH   / HH   6 6ug F G rctjddddgggg}|jtjtj j dtj|zdzy) za C{BadKeyError} exception is raised when public key has an unknown type. s public-keybad-keyp2{})rN) rpackrrrr-rpbase64 b64encoderGsexps r!test_fromLSHPublicUnsupportedTypez*KeyTests.test_fromLSHPublicUnsupportedTypesd zzMJt +EFGH     HH  ((..5  rctjddddgggg}|jtjtj j |y)zb C{BadKeyError} exception is raised when private key has an unknown type. s private-keyrrrN)rrrrrr-rprs r"test_fromLSHPrivateUnsupportedTypez+KeyTests.test_fromLSHPrivateUnsupportedTypesJ zzNZ$,FGHI     HH    rc|jtjtjdtjy)zR RSA public and private keys can be generated from a LSH strings. rN)rrrirFr/rMs rtest_fromLSHRSAzKeyTests.test_fromLSHRSA. ))  ! !  " "  OO  rc|jtjtjdtjy)zH DSA public and private key can be generated from LSHs. rN)rrrjrkr3rMs rtest_fromLSHDSAzKeyTests.test_fromLSHDSArrc2|jtjdtj|jtjdtj |j tjtjjdy)zO Test that keys are correctly generated from Agent v3 strings. rrs$ssh-fooN) rrrlr/rmr3rrrr-rprMs rtest_fromAgentv3zKeyTests.test_fromAgentv3sc ##G$>$>wW ##G$>$>wW     HH   D rc\tj|j}|jddj }|j tjj |d||jtjtjj |dy)zf L{keys.Key.fromString} applies Normalization Form KC to Unicode passphrases. opensshverschlüsseltrverschlüsseltunassigned ￿N) rr-r1toStringencoderSrprPassphraseNormalizationErrorrGrkey_datas r*test_fromStringNormalizesUnicodePassphrasez3KeyTests.test_fromStringNormalizesUnicodePassphrases hht{{#<< 6J6Q6Q6S<T  HH  5J  KS   - - HH   *  rc|jtjtjjd|jtjtjjdd|jtjtjjt j d|jtjtjjtj|jjdd|jtjtjjd|jtjtjjdd |jtjtjjd d |jtjtjjd d |jtjtjjd d y )zW keys.Key.fromString should raise BadKeyError when the key is invalid. rbad_types unencryptedrrrs-----BEGIN RSA KEY----- wA== s-----BEGIN ENCRYPTED RSA KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: weird type 4Ed/a9OgJWHJsne7yOGWeWMzHYKsxuP9w1v0aYcp+puS75wvhHLiUnNwxz0KDi6n T3YkKLBsoCWS68ApR2J9yeQ6R+EyS+UQDrO9nwqo3DB5BT3Ggt8S1wE7vjNLQD0H g/SJnlqwsECNhh8aAx+Ag0m3ZKOZiRD5mCkcDQsZET7URSmFytDKOjhFn3u6ZFVB sXrfpYc6TJtOQlHd/52JB6aAbjt6afSv955Z7enIi+5yEJ5y7oYQTaE5zrFMP7N5 9LbfJFlKXxEddy/DErRLxEjmC+t4svHesoJKc2jjjyNPiOoGGF3kJXea62vsjdNV gMK5Eged3TBVIk2dv8rtJUvyFeCUtjQ1UJZIebScRR47KrbsIpCmU8I4/uHWm5hW 0mOwvdx1L/mqx/BHqVU9Dw2COhOdLbFxlFI92chkovkmNk4P48ziyVnpm7ME22sE vfCMsyirdqB1mrL4CSM7FXONv+CgfBfeYVkYW8RfJac9U1L/O+JNn7yee414O/rS hRYw4UdWnH6Gg6niklVKWNY0ZwUZC8zgm2iqy8YCYuneS37jC+OEKP+/s6HSKuqk 2bzcl3/TcZXNSM815hnFRpz0anuyAsvwPNRyvxG2/DacJHL1f6luV4B0o6W410yf qXQx01DLo7nuyhJqoH3UGCyyXB+/QUs0mbG2PAEn3f5dVs31JMdbt+PrxURXXjKk 4cexpUcIpqqlfpIRe3RD0sDVbH4OXsGhi2kiTfPZu7mgyFxKopRbn1KwU1qKinfY EU9O4PoTak/tPT+5jFNhaP+HrURoi/pU8EAUNSktl7xAkHYwkN/9Cm7DeBghgf3n 8+tyCGYDsB5utPD0/Xe9yx0Qhc/kMm4xIyQDyA937dk3mUvLC9vulnAP8I+Izim0 fZ182+D1bWwykoD0997mUHG/AUChWR01V1OLwRyPv2wUtiS8VNG76Y2aqKlgqP1P V+IvIEqR4ERvSBVFzXNF8Y6j/sVxo8+aZw+d0L1Ns/R55deErGg3B8i/2EqGd3r+ 0jps9BqFHHWW87n3VyEB3jWCMj8Vi2EJIfa/7pSaViFIQn8LiBLf+zxG5LTOToK5 xkN42fReDcqi3UNfKNGnv4dsplyTR2hyx65lsj4bRKDGLKOuB1y7iB0AGb0LtcAI dcsVlcCeUquDXtqKvRnwfIMg+ZunyjqHBhj3qgRgbXbT6zjaSdNnih569aTg0Vup VykzZ7+n/KVcGLmvX0NesdoI7TKbq4TnEIOynuG5Sf+2GpARO5bjcWKSZeN/Ybgk gccf8Cqf6XWqiwlWd0B7BR3SymeHIaSymC45wmbgdstrbk7Ppa2Tp9AZku8M2Y7c 8mY9b+onK075/ypiwBm4L4GRNTFLnoNQJXx0OSl4FNRWsn6ztbD+jZhu8Seu10Jw SEJVJ+gmTKdRLYORJKyqhDet6g7kAxs4EoJ25WsOnX5nNr00rit+NkMPA7xbJT+7 CfI51GQLw7pUPeO2WNt6yZO/YkzZrqvTj5FEwybkUyBv7L0gkqu9wjfDdUw0fVHE xEm4DxjEoaIp8dW/JOzXQ2EF+WaSOgdYsw3Ac+rnnjnNptCdOEDGP6QBkt+oXj4P -----END RSA PRIVATE KEY----- encrypteds-----BEGIN ENCRYPTED RSA KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: FOO-123-BAR,01234567 4Ed/a9OgJWHJsne7yOGWeWMzHYKsxuP9w1v0aYcp+puS75wvhHLiUnNwxz0KDi6n T3YkKLBsoCWS68ApR2J9yeQ6R+EyS+UQDrO9nwqo3DB5BT3Ggt8S1wE7vjNLQD0H g/SJnlqwsECNhh8aAx+Ag0m3ZKOZiRD5mCkcDQsZET7URSmFytDKOjhFn3u6ZFVB sXrfpYc6TJtOQlHd/52JB6aAbjt6afSv955Z7enIi+5yEJ5y7oYQTaE5zrFMP7N5 9LbfJFlKXxEddy/DErRLxEjmC+t4svHesoJKc2jjjyNPiOoGGF3kJXea62vsjdNV gMK5Eged3TBVIk2dv8rtJUvyFeCUtjQ1UJZIebScRR47KrbsIpCmU8I4/uHWm5hW 0mOwvdx1L/mqx/BHqVU9Dw2COhOdLbFxlFI92chkovkmNk4P48ziyVnpm7ME22sE vfCMsyirdqB1mrL4CSM7FXONv+CgfBfeYVkYW8RfJac9U1L/O+JNn7yee414O/rS hRYw4UdWnH6Gg6niklVKWNY0ZwUZC8zgm2iqy8YCYuneS37jC+OEKP+/s6HSKuqk 2bzcl3/TcZXNSM815hnFRpz0anuyAsvwPNRyvxG2/DacJHL1f6luV4B0o6W410yf qXQx01DLo7nuyhJqoH3UGCyyXB+/QUs0mbG2PAEn3f5dVs31JMdbt+PrxURXXjKk 4cexpUcIpqqlfpIRe3RD0sDVbH4OXsGhi2kiTfPZu7mgyFxKopRbn1KwU1qKinfY EU9O4PoTak/tPT+5jFNhaP+HrURoi/pU8EAUNSktl7xAkHYwkN/9Cm7DeBghgf3n 8+tyCGYDsB5utPD0/Xe9yx0Qhc/kMm4xIyQDyA937dk3mUvLC9vulnAP8I+Izim0 fZ182+D1bWwykoD0997mUHG/AUChWR01V1OLwRyPv2wUtiS8VNG76Y2aqKlgqP1P V+IvIEqR4ERvSBVFzXNF8Y6j/sVxo8+aZw+d0L1Ns/R55deErGg3B8i/2EqGd3r+ 0jps9BqFHHWW87n3VyEB3jWCMj8Vi2EJIfa/7pSaViFIQn8LiBLf+zxG5LTOToK5 xkN42fReDcqi3UNfKNGnv4dsplyTR2hyx65lsj4bRKDGLKOuB1y7iB0AGb0LtcAI dcsVlcCeUquDXtqKvRnwfIMg+ZunyjqHBhj3qgRgbXbT6zjaSdNnih569aTg0Vup VykzZ7+n/KVcGLmvX0NesdoI7TKbq4TnEIOynuG5Sf+2GpARO5bjcWKSZeN/Ybgk gccf8Cqf6XWqiwlWd0B7BR3SymeHIaSymC45wmbgdstrbk7Ppa2Tp9AZku8M2Y7c 8mY9b+onK075/ypiwBm4L4GRNTFLnoNQJXx0OSl4FNRWsn6ztbD+jZhu8Seu10Jw SEJVJ+gmTKdRLYORJKyqhDet6g7kAxs4EoJ25WsOnX5nNr00rit+NkMPA7xbJT+7 CfI51GQLw7pUPeO2WNt6yZO/YkzZrqvTj5FEwybkUyBv7L0gkqu9wjfDdUw0fVHE xEm4DxjEoaIp8dW/JOzXQ2EF+WaSOgdYsw3Ac+rnnjnNptCdOEDGP6QBkt+oXj4P -----END RSA PRIVATE KEY-----s-----BEGIN ENCRYPTED RSA KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,01234 4Ed/a9OgJWHJsne7yOGWeWMzHYKsxuP9w1v0aYcp+puS75wvhHLiUnNwxz0KDi6n T3YkKLBsoCWS68ApR2J9yeQ6R+EyS+UQDrO9nwqo3DB5BT3Ggt8S1wE7vjNLQD0H g/SJnlqwsECNhh8aAx+Ag0m3ZKOZiRD5mCkcDQsZET7URSmFytDKOjhFn3u6ZFVB sXrfpYc6TJtOQlHd/52JB6aAbjt6afSv955Z7enIi+5yEJ5y7oYQTaE5zrFMP7N5 9LbfJFlKXxEddy/DErRLxEjmC+t4svHesoJKc2jjjyNPiOoGGF3kJXea62vsjdNV gMK5Eged3TBVIk2dv8rtJUvyFeCUtjQ1UJZIebScRR47KrbsIpCmU8I4/uHWm5hW 0mOwvdx1L/mqx/BHqVU9Dw2COhOdLbFxlFI92chkovkmNk4P48ziyVnpm7ME22sE vfCMsyirdqB1mrL4CSM7FXONv+CgfBfeYVkYW8RfJac9U1L/O+JNn7yee414O/rS hRYw4UdWnH6Gg6niklVKWNY0ZwUZC8zgm2iqy8YCYuneS37jC+OEKP+/s6HSKuqk 2bzcl3/TcZXNSM815hnFRpz0anuyAsvwPNRyvxG2/DacJHL1f6luV4B0o6W410yf qXQx01DLo7nuyhJqoH3UGCyyXB+/QUs0mbG2PAEn3f5dVs31JMdbt+PrxURXXjKk 4cexpUcIpqqlfpIRe3RD0sDVbH4OXsGhi2kiTfPZu7mgyFxKopRbn1KwU1qKinfY EU9O4PoTak/tPT+5jFNhaP+HrURoi/pU8EAUNSktl7xAkHYwkN/9Cm7DeBghgf3n 8+tyCGYDsB5utPD0/Xe9yx0Qhc/kMm4xIyQDyA937dk3mUvLC9vulnAP8I+Izim0 fZ182+D1bWwykoD0997mUHG/AUChWR01V1OLwRyPv2wUtiS8VNG76Y2aqKlgqP1P V+IvIEqR4ERvSBVFzXNF8Y6j/sVxo8+aZw+d0L1Ns/R55deErGg3B8i/2EqGd3r+ 0jps9BqFHHWW87n3VyEB3jWCMj8Vi2EJIfa/7pSaViFIQn8LiBLf+zxG5LTOToK5 xkN42fReDcqi3UNfKNGnv4dsplyTR2hyx65lsj4bRKDGLKOuB1y7iB0AGb0LtcAI dcsVlcCeUquDXtqKvRnwfIMg+ZunyjqHBhj3qgRgbXbT6zjaSdNnih569aTg0Vup VykzZ7+n/KVcGLmvX0NesdoI7TKbq4TnEIOynuG5Sf+2GpARO5bjcWKSZeN/Ybgk gccf8Cqf6XWqiwlWd0B7BR3SymeHIaSymC45wmbgdstrbk7Ppa2Tp9AZku8M2Y7c 8mY9b+onK075/ypiwBm4L4GRNTFLnoNQJXx0OSl4FNRWsn6ztbD+jZhu8Seu10Jw SEJVJ+gmTKdRLYORJKyqhDet6g7kAxs4EoJ25WsOnX5nNr00rit+NkMPA7xbJT+7 CfI51GQLw7pUPeO2WNt6yZO/YkzZrqvTj5FEwybkUyBv7L0gkqu9wjfDdUw0fVHE xEm4DxjEoaIp8dW/JOzXQ2EF+WaSOgdYsw3Ac+rnnjnNptCdOEDGP6QBkt+oXj4P -----END RSA PRIVATE KEY-----s-----BEGIN ENCRYPTED RSA KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,01234 4Ed/a9OgJWHJsne7yOGWeWMzHYKsxuP9w1v0aYcp+puS75wvhHLiUnNwxz0KDi6n T3YkKLBsoCWS68ApR2J9yeQ6R+EyS+UQDrO9nwqo3DB5BT3Ggt8S1wE7vjNLQD0H g/SJnlqwsECNhh8aAx+Ag0m3ZKOZiRD5mCkcDQsZET7URSmFytDKOjhFn3u6ZFVB sXrfpYc6TJtOQlHd/52JB6aAbjt6afSv955Z7enIi+5yEJ5y7oYQTaE5zrFMP7N5 9LbfJFlKXxEddy/DErRLxEjmC+t4svHesoJKc2jjjyNPiOoGGF3kJXea62vsjdNV gMK5Eged3TBVIk2dv8rtJUvyFeCUtjQ1UJZIebScRR47KrbsIpCmU8I4/uHWm5hW 0mOwvdx1L/mqx/BHqVU9Dw2COhOdLbFxlFI92chkovkmNk4P48ziyVnpm7ME22sE vfCMsyirdqB1mrL4CSM7FXONv+CgfBfeYVkYW8RfJac9U1L/O+JNn7yee414O/rS hRYw4UdWnH6Gg6niklVKWNY0ZwUZC8zgm2iqy8YCYuneS37jC+OEKP+/s6HSKuqk 2bzcl3/TcZXNSM815hnFRpz0anuyAsvwPNRyvxG2/DacJHL1f6luV4B0o6W410yf qXQx01DLo7nuyhJqoH3UGCyyXB+/QUs0mbG2PAEn3f5dVs31JMdbt+PrxURXXjKk 4cexpUcIpqqlfpIRe3RD0sDVbH4OXsGhi2kiTfPZu7mgyFxKopRbn1KwU1qKinfY EU9O4PoTak/tPT+5jFNhaP+HrURoi/pU8EAUNSktl7xAkHYwkN/9Cm7DeBghgf3n 8+tyCGYDsB5utPD0/Xe9yx0Qhc/kMm4xIyQDyA937dk3mUvLC9vulnAP8I+Izim0 fZ182+D1bWwykoD0997mUHG/AUChWR01V1OLwRyPv2wUtiS8VNG76Y2aqKlgqP1P V+IvIEqR4ERvSBVFzXNF8Y6j/sVxo8+aZw+d0L1Ns/R55deErGg3B8i/2EqGd3r+ 0jps9BqFHHWW87n3VyEB3jWCMj8Vi2EJIfa/7pSaViFIQn8LiBLf+zxG5LTOToK5 xkN42fReDcqi3UNfKNGnv4dsplyTR2hyx65lsj4bRKDGLKOuB1y7iB0AGb0LtcAI dcsVlcCeUquDXtqKvRnwfIMg+ZunyjqHBhj3qgRgbXbT6zjaSdNnih569aTg0Vup VykzZ7+n/KVcGLmvX0NesdoI7TKbq4TnEIOynuG5Sf+2GpARO5bjcWKSZeN/Ybgk gccf8Cqf6XWqiwlWd0B7BR3SymeHIaSymC45wmbgdstrbk7Ppa2Tp9AZku8M2Y7c 8mY9b+onK075/ypiwBm4L4GRNTFLnoNQJXx0OSl4FNRWsn6ztbD+jZhu8Seu10Jw SEJVJ+gmTKdRLYORJKyqhDet6g7kAxs4EoJ25WsOnX5nNr00rit+NkMPA7xbJT+7 CfI51GQLw7pUPeO2WNt6yZO/YkzZrqvTj5FEwybkUyBv7L0gkqu9wjfDdUw0fVHE xEm4DxjEoaIp8dW/JOzXQ2EF+WaSOgdYsw3Ac+rnnjnNptCdOEDGP6QBkt+oXj4P -----END RSA PRIVATE KEY-----N) rrrr-rprriEncryptedKeyErrorr1rrMs rtest_fromStringErrorszKeyTests.test_fromStringErrorss $**DHH,?,?E $**DHH,?,?jQ     HH    ! !%     " " HH   HHT[[ ! * *9 * N    dhh113U      HH   !<#C " H     HH   !<#C " H     HH   !<#C " H     HH   !<#C " rc|jtjj|jtjj t j|jtjtjj|jd|jtjtjj|jdy)z5 Test that fromFile works correctly. r unencryptedrN) rSrr-fromFilerCrprrFrrrMs r test_fromFilezKeyTests.test_fromFile{s  HH  dll +TXX-@-@AWAW-X  $**DHH,=,=t||ZX    dhh//-  rctjjddj}tj|}|j |j|y)zJ Test that the PublicKey object is initialized correctly. rrN)rr-r.r0rS)rGobjrs r test_initzKeyTests.test_initsDhh))A)3>>hhsm -rc tj|j}tj|j}tjtjjddj}tj|j }|j ||k(|j||k(|j||k(|j|tk(|j|dk(y)z? Test that Key objects are compared correctly. rrrN) rr-r1r.r0r4r|r~objectrGrsa1rsa2rsa3dsas r test_equalzKeyTests.test_equalsxx $xx $xx33a13=HHIhht{{#  % & % ( &rc tj|j}tj|j}tjtjjddj}tj|j }|j ||k7|j||k7|j||k7|j|tk7|j|dk7y)zC Test that Key objects are not-compared correctly. rrrN) rr-r1r.r0r4r~r|rrs r test_notEqualzKeyTests.test_notEqualsxx $xx $xx33a13=HHIhht{{# &  %  $ '  %rcntjd}|jt|jy)zO The L{keys.Key.data} method raises RuntimeError for bad keys. rN)rr-r RuntimeErrorrrs rtest_dataErrorzKeyTests.test_dataErrors%# , 4rc|jtj|jj d|jtj|j j dy)z Test that the fingerprint method returns fingerprint in L{FingerprintFormats.MD5-HEX} format by default. /85:25:04:32:58:55:96:9f:57:ee:fb:a8:1a:ea:69:da/63:15:b3:0e:e6:4f:50:de:91:48:3d:01:6b:b3:13:c1N)rSrr-r1 fingerprintr4rMs rtest_fingerprintdefaultz KeyTests.test_fingerprintdefaultsZ  HHT[[ ! - - / =   HHT[[ ! - - / = rc\|jtj|jj tj j d|jtj|jj tj j dy)z fingerprint method generates key fingerprint in L{FingerprintFormats.MD5-HEX} format if explicitly specified. rrN)rSrr-r1rFingerprintFormatsMD5_HEXr4rMs rtest_fingerprint_md5_hexz!KeyTests.test_fingerprint_md5_hexsv  HHT[[ ! - -d.E.E.M.M N =   HHT[[ ! - -d.E.E.M.M N = rc\|jtj|jj tj j d|jtj|jj tj j dy)z fingerprint method generates key fingerprint in L{FingerprintFormats.SHA256-BASE64} format if explicitly specified. z,FBTCOoknq0mHy+kpfnY9tDdcAJuWtCpuQMaV3EsvbUI=z,Wz5o2YbKyxOEcJn1au/UaALSVruUzfz0vaLI1xiIGyY=N)rSrr-r1rr SHA256_BASE64r4rMs rtest_fingerprintsha256zKeyTests.test_fingerprintsha256sv  HHT[[ ! - -d.E.E.S.S T :   HHT[[ ! - -d.E.E.S.S T : rc|jtj5}tj|jj dddd|j djjdy#1swY3xYw)zk A C{BadFingerPrintFormat} error is raised when unsupported formats are requested. z sha256-baseNz+Unsupported fingerprint format: sha256-baser) rrBadFingerPrintFormatr-r1rrS exceptionargs)rGems rtest_fingerprintBadFormatz"KeyTests.test_fingerprintBadFormatsl   t88 9 =R HHT[[ ! - -m < =  92<<;L;LQ;O  = =s /BB c|jtj|jj d|jtj|jj d|jtj|j j d|jtj|j j d|jtj|jj d|jtj|jj tjdtrz|jtj|jj d|jtj|jj d|jttjd j|jttjd j |jttj|j|jttj|j y ) zS Test that the type method returns the correct type for an object. rssh-rsarssh-dssrr$r ssh-ed25519N)rSrr-r1rsshTyper4r7rr6rr>rrrMs r test_typezKeyTests.test_types $++.335u= $++.668*E $++.335u= $++.668*E $**-224d;  HHTZZ ( ( *G,B,B7,K     TXXdoo6;;=y I   TXXdoo6>>@. Q ,(;(;< ,(>(>? ,(;(;< ,(>(>?rc|jtj|jj gd|jtj|j j dg|jtj|j j dgtr>|jtj|jj dg|jttjdj|jttj|jy)z L{keys.Key.supportedSignatureAlgorithms} returns the appropriate public key signature algorithms for each key type. ) rsa-sha2-512 rsa-sha2-256rr secdsa-sha2-nistp256r N) rSrr-r1supportedSignatureAlgorithmsr4r7rr>rrrMs r!test_supportedSignatureAlgorithmsz*KeyTests.test_supportedSignatureAlgorithmss  HHT[[ ! > > @ :   HHT[[ ! > > @:,   HHTZZ = = ? # $     )FFH   ,(S(ST ,(S(STrctjd}|jtjtj j |y)ze A C{BadKeyError} error is raised whey the blob has an unsupported key type. ssh-badN)r NSrrrr-rprGbadBlobs rtest_fromBlobUnsupportedTypez%KeyTests.test_fromBlobUnsupportedTypes4 ))J' $**DHH,?,?Irctjdtjdd}tjdtj|dztj|dz}t j j|}|j|j|j||jy)zQ A public RSA key is correctly generated from a public key blob. rrrrN) rr/r rMPrr-rpr|r}rSr)rG rsaPublicDatarsaBlobrs rtest_fromBlobRSAzKeyTests.test_fromBlobRSAs %% IIj !ii c*+ ,ii c*+ ,  $$W- )*  6rcHtjdtjdtjdtjdd}tjdtj|dztj|dztj|dztj|dz}t j j|}|j|j|j||jy)zQ A public DSA key is correctly generated from a public key blob. rrr!r )rrr!r r N) rr3r rrrr-rpr|r}rSr)rG dsaPublicDatadsaBlobrs rtest_fromBlobDSAzKeyTests.test_fromBlobDSA/s %%%%   IIj !ii c*+ ,ii c*+ ,ii c*+ ,ii c*+  , $$W- )*  6rc*ddlm}tjdtjdtjdd}t j |dt j |dddzt j d |j |dd z|j |dd zz}tjj|}|j|j|j||jy) zA Key.fromString generates ECDSA keys from blobs. rutilsr"r r$r"r r$N )r r#rr6r r int_to_bytesrr-rpr|r}rSr)rGr# ecPublicDataecblobeckeys rtest_fromBlobECDSAzKeyTests.test_fromBlobECDSAFs ''','',++G4  IIl7+ ,ii W-bc23 4ii$$\#%6;<$$\#%6;<  ##F+ () uzz|4rcFdtjdi}tjdtj|dz}tj j |}|j|j|j||jy)zU A public Ed25519 key is correctly generated from a public key blob. r%r N) rr=r rrr-rpr|r}rSr)rGed25519PublicData ed25519Blobrs rtest_fromBlobEd25519zKeyTests.test_fromBlobEd25519`s $$S) ii/&))rctjd}|jtjtj j |y)zh C{BadKeyError} is raised when loading a private blob with an unsupported type. rN)r rrrrr-_fromString_PRIVATE_BLOBrs r#test_fromPrivateBlobUnsupportedTypez,KeyTests.test_fromPrivateBlobUnsupportedTypeps4 ))J' $**DHH,M,MwWrcTtjdtjtjdztjtjdztjtjdztjtjdztjtjdztjtjdz}t j j|}|j|j|jtj|j|j|t j j|jy) zS A private RSA key is correctly generated from a private key blob. rrrrrrrN) r rrrr/rr-r2r~r}rSr privateBlob)rGrrs rtest_fromPrivateBlobRSAz KeyTests.test_fromPrivateBlobRSAys) IIj !ii,- .ii,- .ii,- .ii,-  . ii,-  . ii,-  . 227; *+ &++-8  DHH55f6H6H6JK rctjdtjtjdztjtjdztjtjdztjtjdztjtjdz}t j j|}|j|j|jtj|j|j|t j j|jy)zS A private DSA key is correctly generated from a private key blob. r rrr!r r"N) r rrrr3rr-r2r~r}rSrr5)rGrrs rtest_fromPrivateBlobDSAz KeyTests.test_fromPrivateBlobDSAs  IIj !ii,- .ii,- .ii,- .ii,-  . ii,-  . 227; *+ &++-8  DHH55f6H6H6JK rcddlm}ddlm}|j t j dt j d|j}tjt j dtjt j ddd ztj|jtj|jj|jj ztj"t j d z}t$j&j)|}|j+|j-|j/t j |j1|j/|t$j&j)|j3y ) zR A private EC key is correctly generated from a private key blob. r serialization)ecr"r r$r$r%Nr#)cryptography.hazmat.primitivesr;)cryptography.hazmat.primitives.asymmetricr<EllipticCurvePublicNumbersrr6 SECP256R1r r public_keyr public_bytesEncodingX962 PublicFormatUncompressedPointrrr-r2r~r}rSrr5)rGr;r< publicNumbersr*r+s rtest_fromPrivateBlobECDSAz"KeyTests.test_fromPrivateBlobECDSAs_ A@55$$S)$$S),,.6 IIg,,W5 6ii..w7<= >ii(():;HH!**//!..@@ ii..~>? @ 11&9 )* //>  A A%BSBSBU VWrcDtjdtjtjdztjtjdtjdzz}tj j |}|j|j|jtj|j|j|tj j |jy)zW A private Ed25519 key is correctly generated from a private key blob. r r%r&N) r rrr=rr-r2r~r}rSrr5)rGr/rs rtest_fromPrivateBlobEd25519z$KeyTests.test_fromPrivateBlobEd25519s IIn %ii++C01 2ii++C073F3Fs3KKL M  XX66{C  ,,./ ,,joo.?@  99*:P:P:RS rc|jtj|jj t j dt j|jjjjzt j|jjjjzy)zL Return the over-the-wire SSH format of the RSA public key. rN) rSrr-r1r\r rrprivate_numberspublic_numbersrrrMs r test_blobRSAzKeyTests.test_blobRSAs  HHT[[ ! & & ( IIj !ii 335DDFFG Hii 335DDFFG H rc(|jjj}|jt j |jj tjdtj|jjztj|jjztj|jjztj|jzy)zL Return the over-the-wire SSH format of the DSA public key. r N)r4rLrMrSrr-r\r rrparameter_numbersrrr!r rGrGs r test_blobDSAzKeyTests.test_blobDSAs 335DD   HHT[[ ! & & ( IIj !ii 7799: ;ii 7799: ;ii 7799: ;ii (  ) rc ddlm}|jjjdzdz}|j t j|jjtjtjdtjtjdddztjd|j|jjjj |z|j|jjjj"|zzy) zK Return the over-the-wire SSH format of the EC public key. rr"r$r%Nr&)r r#r7r$key_sizerSrr-r\r rrr6r(rLrMr"r )rGr# byteLengths r test_blobECzKeyTests.test_blobECs 'jj&&//!39   HHTZZ % % ' IIg,,W5 6ii..w7<= >ii$$JJ..0??AA:$$JJ..0??AA:   rcddlm}|jjj |j j |jj }|jtj|jjtjdtj|zy)zP Return the over-the-wire SSH format of the Ed25519 public key. rr:r N)r=r;r>rArBrCRawrErSrr-r\r r)rGr; publicBytess rtest_blobEd25519zKeyTests.test_blobEd25519s Aoo002??  " " & & (B(B(F(F   HHT__ % * * , IIn % +(> > rcntjd}|jt|jy)zx C{RuntimeError} is raised when the blob is requested for a Key which is not wrapping anything. N)rr-rrr\rs rtest_blobNoKeyzKeyTests.test_blobNoKeys% $ , 4rc|jj}|jtj|jj t jdt j|jjzt j|jjzt j|jzt j|jzt j|jzt j|jzy)zn L{keys.Key.privateBlob} returns the SSH protocol-level format of an RSA private key. rN)r1rLrSrr-r5r rrrMrrriqmprr)rGnumberss rtest_privateBlobRSAzKeyTests.test_privateBlobRSAs ++--/  HHT[[ ! - - / IIj !ii..001 2ii..001 2ii " #ii %  & ii "  # ii "  # rc|jjj}|jt j |jj tjdtj|jjztj|jjztj|jjztj|jztj|jjjzy)zm L{keys.Key.privateBlob} returns the SSH protocol-level format of a DSA private key. r N)r4rLrMrSrr-r5r rrrPrrr!r r"rQs rtest_privateBlobDSAzKeyTests.test_privateBlobDSA/s  335DD   HHT[[ ! - - / IIj !ii 7799: ;ii 7799: ;ii 7799: ;ii (  ) ii 335778  9 rc bddlm}|jtj|j j tjtjdtjtjdddztj|j jj|jj|jj ztj"|j j%j&zy)zj L{keys.Key.privateBlob} returns the SSH ptotocol-level format of EC private key. rr:r$r%N)r=r;rSrr-r7r5r rrr6rArBrCrDrErFrrL private_value)rGr;s rtest_privateBlobECzKeyTests.test_privateBlobEC@s A  HHTZZ , , . IIg,,W5 6ii..w7<= >ii %%'44!**//!..@@ ii 224BBC D rcXddlm}|jjj |j j |jj }|jj|j j |jj |j}|jtj|jjtj dtj |ztj ||zzy)zr L{keys.Key.privateBlob} returns the SSH protocol-level format of an Ed25519 private key. rr:r N)r=r;r>rArBrCrZrE private_bytes PrivateFormat NoEncryptionrSrr-r5r r)rGr;r[ privateBytess rtest_privateBlobEd25519z KeyTests.test_privateBlobEd25519Ts Aoo002??  " " & & (B(B(F(F 44  " " & &  ' ' + +  & & (  HHT__ % 1 1 3 IIn %ii $ %ii {23 4 rcntjd}|jt|jy)zV Raises L{RuntimeError} if the underlying key object does not exists. N)rr-rrr5rs rtest_privateBlobNoKeyObjectz$KeyTests.test_privateBlobNoKeyObjectls'$ ,(:(:;rc>tjjtj}|j |j djtj|j|j ddjddkD|j |jj dtjdd|j |jj dd tjy) zO L{keys.Key.toString} serializes an RSA key in OpenSSH format. rrrsDEK-InforNr%commentcomment) rr-rprrlrSrstriprbr|findrqr^rGrs rtest_toOpenSSHRSAzKeyTests.test_toOpenSSHRSAtshh!!'"<"<= i0668':T:TU  LL|L < A A+ NQR R   JJL ! !) ,g.G.G.L   JJL ! !)Z ! @  % % rctjjtj}|j dd}|j ddd}|j d|jd|j d|jd|j |tjj||j |tjj|dy ) zT L{keys.Key.toString} serializes an RSA key in OpenSSH's v1 format. rv1subtyperr{r#-----BEGIN OPENSSH PRIVATE KEY-----rrN)rr-rprrbrrS splitlinesrGr new_key_datanew_enc_key_datas rtest_toOpenSSHRSA_v1_formatz$KeyTests.test_toOpenSSHRSA_v1_formathh!!'"<"<=||It|< << 4K<X  2L4K4K4Ma4P   24D4O4O4QRS4T  dhh11,?@  $$%5+$N rctjjtj}|j |j djtj|j |jj ddtj|j |jj dtjddy)zN L{keys.Key.toString} serializes a DSA key in OpenSSH format. rrqrrNr%) rr-rprrkrSrrtrdrqr_rvs rtest_toOpenSSHDSAzKeyTests.test_toOpenSSHDSAshh!!'"8"89 i0668':T:TU  JJL ! !)Z ! @  % %   JJL ! !) ,g.G.G.L rctjjtj}|j dd}|j ddd}|j d|jd|j d|jd|j |tjj||j |tjj|dy ) zS L{keys.Key.toString} serializes a DSA key in OpenSSH's v1 format. rryrzrr|r}rrN)rr-rprrdrrSr~rs rtest_toOpenSSHDSA_v1_formatz$KeyTests.test_toOpenSSHDSA_v1_formatrrc\tjjtj}|j |j jddtj|j |j jdtjddy)zQ L{keys.Key.toString} serializes an ECDSA key in OpenSSH format. rrqrrNr%) rr-rprrfrSrqrr`rvs rtest_toOpenSSHECDSAzKeyTests.test_toOpenSSHECDSAshh!!'">">?  JJL ! !)Z ! @  ' '   JJL ! !) ,g.I.I#2.N rctjjtj}|j dd}|j ddd}|j d|jd|j d|jd|j |tjj||j |tjj|dy ) zV L{keys.Key.toString} serializes an ECDSA key in OpenSSH's v1 format. rryrzrr|r}rrN)rr-rprrfrrSr~rs rtest_toOpenSSHECDSA_v1_formatz&KeyTests.test_toOpenSSHECDSA_v1_formatshh!!'">">?||It|< << 4K<X  2L4K4K4Ma4P   24D4O4O4QRS4T  dhh11,?@  $$%5+$N rc8tjjtj}|j d}|j dd}|j d|jd|j d|jd|j |tjj||j |tjj|d|j ||j ddy) zX L{keys.Key.toString} serializes an Ed25519 key in OpenSSH's v1 format. rrrr}rryrzN)rr-rprrhrrSr~rs rtest_toOpenSSHEd25519zKeyTests.test_toOpenSSHEd25519s hh!!'"D"DE||I. << k<J  2L4K4K4Ma4P   24D4O4O4QRS4T  dhh11,?@  $$%5+$N  s||It|'LMrctjjtj}|j t |jddy)z L{keys.Key.toString} refuses to serialize an Ed25519 key in OpenSSH's old PEM format, as no encoding of Ed25519 is defined for that format. rPEMrzN)rr-rprrhr ValueErrorrrvs r test_toOpenSSHEd25519_PEM_formatz)KeyTests.test_toOpenSSHEd25519_PEM_formats9hh!!'"D"DE *cllIuMrc6tjjtj}|j |j dtj|j |jj dtjy)zK L{keys.Key.toString} serializes an RSA key in LSH format. lshN) rr-rprrbrSrrFrqrirvs r test_toLSHRSAzKeyTests.test_toLSHRSAdhh!!'"<"<= e,g.D.DE ..u5w7L7LMrc6tjjtj}|j |j dtj|j |jj dtjy)zJ L{keys.Key.toString} serializes a DSA key in LSH format. rN) rr-rprrdrSrrkrqrjrvs r test_toLSHDSAzKeyTests.test_toLSHDSArrctjjtj}|j |j dtjy)zP L{keys.Key.toString} serializes an RSA key in Agent v3 format. r[N)rr-rprrbrSrrlrvs rtest_toAgentv3RSAzKeyTests.test_toAgentv3RSA=hh!!'"<"<= i0'2L2LMrctjjtj}|j |j dtjy)zO L{keys.Key.toString} serializes a DSA key in Agent v3 format. r[N)rr-rprrdrSrrmrvs rtest_toAgentv3DSAzKeyTests.test_toAgentv3DSA rrc@tj|j}|jdd}|j tjj |dj ||jtj|jddy)zd L{keys.Key.toString} applies Normalization Form KC to Unicode passphrases. rrrrrN) rr-r1rrSrprrrrs r(test_toStringNormalizesUnicodePassphrasez1KeyTests.test_toStringNormalizesUnicodePassphrases hht{{#<< 6K<L  HH  5I5P5P5R  S    - - LL *  rc|jtjtj|jj dy)zm L{keys.Key.toString} raises L{keys.BadKeyError} when passed an invalid format type. rN)rrrr-r1rrMs rtest_toStringErrorszKeyTests.test_toStringErrors&s/ $**DHHT[[,A,J,JJWrc bd}tjjtj}|j |}|j |jj|||j |j||tj|\}}|j|d|j|jjjtj|d|tj t#j$y)zR Signed data can be verified using RSA (with SHA-1, the default). some-datarrN)rr-rprrbsignr|rqverifyr getNSrS assertIsNoner0rAr PKCS1v15r SHA1rGrr signature signatureTypes rtest_signAndVerifyRSAzKeyTests.test_signAndVerifyRSA-shh!!'"<"<=HHTN   ++It<=  9d34#)<< #: y  3  NN % % ' . . Y'*D'2B2B2Dfkkm  rc fd}tjjtj}|j |d}|j |jj|||j |j||tj|\}}|j|d|j|jjjtj|d|tj t#j$y)zE Signed data can be verified using RSA with SHA-256. rrrrN)rr-rprrbrr|rqrr rrSrr0rAr rr SHA256rs rtest_signAndVerifyRSASHA256z$KeyTests.test_signAndVerifyRSASHA256?hh!!'"<"<=HHTHA   ++It<=  9d34#)<< #: y 8  NN % % ' . . Y'*D'2B2B2Dfmmo  rc fd}tjjtj}|j |d}|j |jj|||j |j||tj|\}}|j|d|j|jjjtj|d|tj t#j$y)zE Signed data can be verified using RSA with SHA-512. rrrrN)rr-rprrbrr|rqrr rrSrr0rAr rr SHA512rs rtest_signAndVerifyRSASHA512z$KeyTests.test_signAndVerifyRSASHA512Qrrc$d}tjjtj}|j |}|j |jj|||j |j||y)z8 Signed data can be verified using DSA. rN) rr-rprrdrr|rqrrGrrrs rtest_signAndVerifyDSAzKeyTests.test_signAndVerifyDSAcsfhh!!'"<"<=HHTN   ++It<=  9d34rc\d}tjjtj}|j |}tjjtj }|j |}tjjtj}|j |}|j|jj|||j|j|||j|jj|||j|j|||j|jj|||j|j||y)z7 Signed data can be verified using EC. rN) rr-rprrfrrrr|rqr)rGrrrkey384 signature384key521 signature521s rtest_signAndVerifyECzKeyTests.test_signAndVerifyECms"hh!!'">">?HHTN $$W%D%DE{{4( $$W%D%DE{{4(   ++It<=  9d34  ..|TBC  lD9:  ..|TBC  lD9:rc$d}tjjtj}|j |}|j |jj|||j |j||y)z< Signed data can be verified using Ed25519. rN) rr-rprrhrr|rqrrs rtest_signAndVerifyEd25519z"KeyTests.test_signAndVerifyEd25519sf hh!!'"D"DEHHTN   ++It<=  9d34rcltjjtj}|j tj |jddtjjtj}|j tj |jddy)z L{keys.Key.sign} raises L{keys.BadSignatureAlgorithmError} when asked to sign with a public key algorithm that doesn't make sense with the given key. s some datar rN) rr-rprrbrBadSignatureAlgorithmErrorrrfrvs rtest_signWithWrongAlgorithmz$KeyTests.test_signWithWrongAlgorithms hh!!'"<"<=   + + HH $  hh!!'">">?   + + HH $  rc`tjjtj}|j |j |jd|j|j |jd|j|j |jdy)zC A known-good RSA signature verifies successfully. raN) rr-rprr^r|rr?r~r@rvs rtest_verifyRSAzKeyTests.test_verifyRSAyhh!!'";";<  4#4#4c:; D$5$5t<= D$5$5s;N)rSreprrr-r1rMs rtest_reprPrivateRSAzKeyTests.test_reprPrivateRSAs.  $++& 'F !I rc|jttj|jj dy)zm The repr of a L{keys.Key} contains all of the RSA components for an RSA public key. a\N)rSrrr-r1rqrMs rtest_reprPublicRSAzKeyTests.test_reprPublicRSA s5  $++&--/ 0  rc|jttj|jj t djditjy)zl The repr of a L{keys.Key} contains all the OpenSSH format for an ECDSA public key. z Nr*) rSrrr-r7rqrformatrr6rMs rtest_reprPublicECDSAzKeyTests.test_reprPublicECDSA+s]  $**%,,. / F f /-- / rc|jttj|jt dj ditjy)zm The repr of a L{keys.Key} contains all the OpenSSH format for an ECDSA private key. a Nr*) rSrrr-r7rrrr6rMs rtest_reprPrivateECDSAzKeyTests.test_reprPrivateECDSA?sT  $**% & F  f /-- / rc|jttj|jj t dy)zn The repr of a L{keys.Key} contains all the OpenSSH format for an Ed25519 public key. z N)rSrrr-r>rqrrMs rtest_reprPublicEd25519zKeyTests.test_reprPublicEd25519Us=  $//*113 4   rc|jttj|jt dy)zo The repr of a L{keys.Key} contains all the OpenSSH format for an Ed25519 private key. a N)rSrrr-r>rrMs rtest_reprPrivateEd25519z KeyTests.test_reprPrivateEd25519gs4  $//* +    r)Z__name__ __module__ __qualname__r skipCryptographyrrHrNrUrnrzrrrrrrrrrrrrrrrrrrrrrrrrrrr rrrr r,rr0r3r6r8rHrJrNrRrXr\r^rbrdrgrmrorwrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr*rrrr*sM=,~  DAHFT04(9)6#J   . $ 0 ,           &g R  . ' &5        @(U0J7&7.54 ? ?X , *X<  $     ,    5 " " (  .< " $   $   $NN&NNNNNN (X $ $ $5;*55 *==BN ` > ( ,  "  rrc*eZdZdZeeZdZdZdZ y)PersistentRSAKeyTestsz1 Tests for L{keys._getPersistentRSAKey}. Nct|j}|jd}tj|d}|j |j d|j|jy)z L{keys._getPersistentRSAKey} will put the key in C{directory}/C{filename}, with the key length of C{keySize}. mykey.pemrQkeySizeN) rrBchildr_getPersistentRSAKeyrSrTr|existsrGtempDirrCrs rtest_providedArgumentsz,PersistentRSAKeyTests.test_providedArgumentss] 4;;=)-- ,''> T* ()rct|j}|jd}tj|d}|j |j d|j|j|j}tj|d}|j |j d|j |j|y)zm L{keys._getPersistentRSAKey} will not regenerate the key if the key already exists. rrQrrPN) rrBrrrrSrTr|r getContent)rGrrCr keyContents rtest_noRegenerationz)PersistentRSAKeyTests.test_noRegenerations 4;;=)-- ,''> T* ()'') ''> T* ++-z:rct|j}|jd}tj|d}d|_|j |jdy)z If the key generated by L{keys.getPersistentRSAKey} is set to None the key size should then become 0. rrQrNr)rrBrrrr0rSrTrs rtest_keySizeZeroz&PersistentRSAKeyTests.test_keySizeZerosQ 4;;=)-- ,''> Q'r) rrr__doc__r rrrrrr*rrrr~s# *;& (rr)!rrrKtextwraprtwisted.conch.testrtwisted.pythonrtwisted.python.filepathrtwisted.python.reflectr twisted.trialrr rcryptography.hazmat.backendsr r=r r>r twisted.conch.sshr rred25519_supportedrrTestCaserrr*rrrs  &$,0"^, 9<5A55');;= Q x  Q h21(H--1(r