1. Advisor
  2. bless
  3. functions
  4. bless.ssh.certificate_authorities.ssh_certificate_authority_factory.get_ssh_certificate_authority
View all bless analysis

How to use the bless.ssh.certificate_authorities.ssh_certificate_authority_factory.get_ssh_certificate_authority function in bless

To help you get started, we’ve selected a few bless examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github Netflix / bless / tests / ssh / test_ssh_certificate_builder_factory.py View on Github external
def test_invalid_key_request():
    with pytest.raises(TypeError):
        ca = get_ssh_certificate_authority(RSA_CA_PRIVATE_KEY, RSA_CA_PRIVATE_KEY_PASSWORD)
        get_ssh_certificate_builder(ca, SSHCertificateType.USER, 'bogus')
github Netflix / bless / tests / ssh / test_ssh_certificate_authority_factory.py View on Github external
def test_valid_key_missing_password():
    with pytest.raises(TypeError):
        get_ssh_certificate_authority(RSA_CA_PRIVATE_KEY)
github Netflix / bless / tests / ssh / test_ssh_certificate_authority_factory.py View on Github external
def test_valid_key_valid_password():
    ca = get_ssh_certificate_authority(RSA_CA_PRIVATE_KEY, RSA_CA_PRIVATE_KEY_PASSWORD)
    assert isinstance(ca, RSACertificateAuthority)
    assert SSHPublicKeyType.RSA == ca.public_key_type
    assert 65537 == ca.e
    assert ca.get_signature_key() == RSA_CA_SSH_PUBLIC_KEY
github Netflix / bless / tests / ssh / test_ssh_certificate_authority_factory.py View on Github external
def test_valid_key_not_encrypted_invalid_pass():
    with pytest.raises(TypeError):
        get_ssh_certificate_authority(RSA_CA_PRIVATE_KEY_NOT_ENCRYPTED, b'bogus')
github Netflix / bless / tests / ssh / test_ssh_certificate_builder_factory.py View on Github external
def test_valid_rsa_request():
    ca = get_ssh_certificate_authority(RSA_CA_PRIVATE_KEY, RSA_CA_PRIVATE_KEY_PASSWORD)
    cert_builder = get_ssh_certificate_builder(ca, SSHCertificateType.USER, EXAMPLE_RSA_PUBLIC_KEY)
    cert = cert_builder.get_cert_file()
    assert isinstance(cert_builder, RSACertificateBuilder)
    assert cert.startswith(SSHCertifiedKeyType.RSA)
github Netflix / bless / tests / ssh / test_ssh_certificate_authority_factory.py View on Github external
def test_invalid_key():
    with pytest.raises(TypeError):
        get_ssh_certificate_authority(b'bogus')
github Netflix / bless / tests / ssh / test_ssh_certificate_builder_factory.py View on Github external
def test_valid_ed25519_request():
    ca = get_ssh_certificate_authority(RSA_CA_PRIVATE_KEY, RSA_CA_PRIVATE_KEY_PASSWORD)
    cert_builder = get_ssh_certificate_builder(ca, SSHCertificateType.USER, EXAMPLE_ED25519_PUBLIC_KEY)
    cert = cert_builder.get_cert_file()
    assert isinstance(cert_builder, ED25519CertificateBuilder)
    assert cert.startswith(SSHCertifiedKeyType.ED25519)
github Netflix / bless / tests / ssh / test_ssh_certificate_authority_factory.py View on Github external
def test_valid_key_invalid_password():
    with pytest.raises(ValueError):
        get_ssh_certificate_authority(RSA_CA_PRIVATE_KEY, b'bogus')
github Netflix / bless / tests / ssh / test_ssh_certificate_authority_factory.py View on Github external
def test_valid_key_not_encrypted():
    ca = get_ssh_certificate_authority(RSA_CA_PRIVATE_KEY_NOT_ENCRYPTED)
    assert SSHPublicKeyType.RSA == ca.public_key_type
    assert 65537 == ca.e
github Netflix / bless / bless / aws_lambda / bless_lambda.py View on Github external
config.getkmsauthkeyids(),
                    config.get(KMSAUTH_SECTION, KMSAUTH_SERVICE_ID_OPTION),
                    region
                )
                # decrypt_token will raise a TokenValidationError if token doesn't match
                validator.decrypt_token(
                    "2/user/{}".format(request.bastion_user),
                    request.kmsauth_token
                )
            except TokenValidationError as e:
                return error_response('KMSAuthValidationError', str(e))
        else:
            return error_response('InputValidationError', 'Invalid request, missing kmsauth token')

    # Build the cert
    ca = get_ssh_certificate_authority(ca_private_key, ca_private_key_password)
    cert_builder = get_ssh_certificate_builder(ca, SSHCertificateType.USER,
                                               request.public_key_to_sign)
    for username in request.remote_usernames.split(','):
        cert_builder.add_valid_principal(username)

    cert_builder.set_valid_before(valid_before)
    cert_builder.set_valid_after(valid_after)

    if certificate_extensions:
        for e in certificate_extensions.split(','):
            if e:
                cert_builder.add_extension(e)
    else:
        cert_builder.clear_extensions()

    # cert_builder is needed to obtain the SSH public key's fingerprint

bless

A Bluetooth Low Energy Server supplement to Bleak

GitHub
MIT
Latest version published 5 months ago

Package Health Score

69 / 100
Full package analysis

Popular bless functions

Similar packages