Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

{Core} Migrate generate_ssh_keys from paramiko to cryptography #30063

Draft
wants to merge 1 commit into
base: dev
Choose a base branch
from
Draft

{Core} Migrate generate_ssh_keys from paramiko to cryptography #30063

wants to merge 1 commit into from

Conversation

jiasli
Copy link
Member

@jiasli jiasli commented Oct 10, 2024
edited
Loading

Description
Migrate generate_ssh_keys from paramiko to cryptography.

https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/ contains some useful examples for working with RSA keys.

@azure-client-tools-bot-prd azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Oct 10, 2024
edited
Loading

❌AzureCLI-FullTest
️✔️acr
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️acs
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️advisor
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️ams
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️apim
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️appconfig
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️appservice
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️aro
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️backup
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️batch
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️batchai
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️billing
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️botservice
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️cdn
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️cloud
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️cognitiveservices
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️compute_recommender
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️config
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️configure
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️consumption
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️container
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️containerapp
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
❌core
❌2018-03-01-hybrid
❌3.11
Type Test Case Error Message Line
Failed test_error_raised_when_private_key_file_exists_IOError self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_IOError>

    def test_error_raised_when_private_key_file_exists_IOError(self):
        # Create private key file
        private_key_path = self._create_new_temp_key_file(self.private_key)
    
        with mock.patch('paramiko.RSAKey') as mocked_RSAKey:
            # mock failed RSAKey generation
            mocked_RSAKey.side_effect = IOError("Mocked IOError")
    
            # assert that CLIError raised when generate_ssh_keys is called
>           with self.assertRaises(CLIError):
E           AssertionError: CLIError not raised

src/azure-cli-core/azure/cli/core/tests/test_keys.py:82: AssertionError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:72
Failed test_error_raised_when_private_key_file_exists_encrypted self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_encrypted>

    def test_error_raised_when_private_key_file_exists_encrypted(self):
        # Create empty private key file
        private_key_path = self.create_new_temp_key_file("")
    
        # Write encrypted / passworded key into file
        self.key.write_private_key_file(private_key_path, password="test")
    
        # Check that CLIError exception is raised when generate_ssh_keys is called.
        with self.assertRaises(CLIError):
            public_key_path = private_key_path + ".pub"
>           generate_ssh_keys(private_key_path, public_key_path)

src/azure-cli-core/azure/cli/core/tests/test_keys.py:99: 
                                       _ 

    def generate_ssh_keys(private_key_filepath, public_key_filepath):
        from cryptography.hazmat.primitives.asymmetric import rsa
        from cryptography.hazmat.primitives import serialization
    
        if os.path.isfile(public_key_filepath):
            try:
                with open(public_key_filepath, 'r') as public_key_file:
                    public_key = public_key_file.read()
                    pub_ssh_dir = os.path.dirname(public_key_filepath)
                    logger.warning("Public SSH key file '%s' already exists in the directory: '%s'. "
                                   "New SSH key files will not be generated.",
                                   public_key_filepath, pub_ssh_dir)
    
                    return public_key
            except IOError as e:
                raise CLIError(e)
    
        ssh_dir = os.path.dirname(private_key_filepath)
        if not os.path.exists(ssh_dir):
            os.makedirs(ssh_dir)
            os.chmod(ssh_dir, 0o700)
    
        if os.path.isfile(private_key_filepath):
            # Try to use existing private key if it exists.
            # https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#key-loading
            with open(private_key_filepath, "rb") as f:
                private_bytes = f.read()
>           private_key = serialization.load_pem_private_key(private_bytes, password=None)
E           TypeError: Password was not given but private key is encrypted

src/azure-cli-core/azure/cli/core/keys.py:64: TypeError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:88
❌3.12
Type Test Case Error Message Line
Failed test_error_raised_when_private_key_file_exists_IOError self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_IOError>

    def test_error_raised_when_private_key_file_exists_IOError(self):
        # Create private key file
        private_key_path = self._create_new_temp_key_file(self.private_key)
    
        with mock.patch('paramiko.RSAKey') as mocked_RSAKey:
            # mock failed RSAKey generation
            mocked_RSAKey.side_effect = IOError("Mocked IOError")
    
            # assert that CLIError raised when generate_ssh_keys is called
>           with self.assertRaises(CLIError):
E           AssertionError: CLIError not raised

src/azure-cli-core/azure/cli/core/tests/test_keys.py:82: AssertionError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:72
Failed test_error_raised_when_private_key_file_exists_encrypted self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_encrypted>

    def test_error_raised_when_private_key_file_exists_encrypted(self):
        # Create empty private key file
        private_key_path = self.create_new_temp_key_file("")
    
        # Write encrypted / passworded key into file
        self.key.write_private_key_file(private_key_path, password="test")
    
        # Check that CLIError exception is raised when generate_ssh_keys is called.
        with self.assertRaises(CLIError):
            public_key_path = private_key_path + ".pub"
>           generate_ssh_keys(private_key_path, public_key_path)

src/azure-cli-core/azure/cli/core/tests/test_keys.py:99: 
                                       _ 

    def generate_ssh_keys(private_key_filepath, public_key_filepath):
        from cryptography.hazmat.primitives.asymmetric import rsa
        from cryptography.hazmat.primitives import serialization
    
        if os.path.isfile(public_key_filepath):
            try:
                with open(public_key_filepath, 'r') as public_key_file:
                    public_key = public_key_file.read()
                    pub_ssh_dir = os.path.dirname(public_key_filepath)
                    logger.warning("Public SSH key file '%s' already exists in the directory: '%s'. "
                                   "New SSH key files will not be generated.",
                                   public_key_filepath, pub_ssh_dir)
    
                    return public_key
            except IOError as e:
                raise CLIError(e)
    
        ssh_dir = os.path.dirname(private_key_filepath)
        if not os.path.exists(ssh_dir):
            os.makedirs(ssh_dir)
            os.chmod(ssh_dir, 0o700)
    
        if os.path.isfile(private_key_filepath):
            # Try to use existing private key if it exists.
            # https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#key-loading
            with open(private_key_filepath, "rb") as f:
                private_bytes = f.read()
>           private_key = serialization.load_pem_private_key(private_bytes, password=None)
E           TypeError: Password was not given but private key is encrypted

src/azure-cli-core/azure/cli/core/keys.py:64: TypeError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:88
❌3.9
Type Test Case Error Message Line
Failed test_error_raised_when_private_key_file_exists_IOError self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_IOError>

    def test_error_raised_when_private_key_file_exists_IOError(self):
        # Create private key file
        private_key_path = self._create_new_temp_key_file(self.private_key)
    
        with mock.patch('paramiko.RSAKey') as mocked_RSAKey:
            # mock failed RSAKey generation
            mocked_RSAKey.side_effect = IOError("Mocked IOError")
    
            # assert that CLIError raised when generate_ssh_keys is called
            with self.assertRaises(CLIError):
                public_key_path = private_key_path + ".pub"
>               generate_ssh_keys(private_key_path, public_key_path)
E               AssertionError: CLIError not raised

src/azure-cli-core/azure/cli/core/tests/test_keys.py:84: AssertionError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:72
Failed test_error_raised_when_private_key_file_exists_encrypted self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_encrypted>

    def test_error_raised_when_private_key_file_exists_encrypted(self):
        # Create empty private key file
        private_key_path = self.create_new_temp_key_file("")
    
        # Write encrypted / passworded key into file
        self.key.write_private_key_file(private_key_path, password="test")
    
        # Check that CLIError exception is raised when generate_ssh_keys is called.
        with self.assertRaises(CLIError):
            public_key_path = private_key_path + ".pub"
>           generate_ssh_keys(private_key_path, public_key_path)

src/azure-cli-core/azure/cli/core/tests/test_keys.py:99: 
                                       _ 

    def generate_ssh_keys(private_key_filepath, public_key_filepath):
        from cryptography.hazmat.primitives.asymmetric import rsa
        from cryptography.hazmat.primitives import serialization
    
        if os.path.isfile(public_key_filepath):
            try:
                with open(public_key_filepath, 'r') as public_key_file:
                    public_key = public_key_file.read()
                    pub_ssh_dir = os.path.dirname(public_key_filepath)
                    logger.warning("Public SSH key file '%s' already exists in the directory: '%s'. "
                                   "New SSH key files will not be generated.",
                                   public_key_filepath, pub_ssh_dir)
    
                    return public_key
            except IOError as e:
                raise CLIError(e)
    
        ssh_dir = os.path.dirname(private_key_filepath)
        if not os.path.exists(ssh_dir):
            os.makedirs(ssh_dir)
            os.chmod(ssh_dir, 0o700)
    
        if os.path.isfile(private_key_filepath):
            # Try to use existing private key if it exists.
            # https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#key-loading
            with open(private_key_filepath, "rb") as f:
                private_bytes = f.read()
>           private_key = serialization.load_pem_private_key(private_bytes, password=None)
E           TypeError: Password was not given but private key is encrypted

src/azure-cli-core/azure/cli/core/keys.py:64: TypeError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:88
❌2019-03-01-hybrid
❌3.11
Type Test Case Error Message Line
Failed test_error_raised_when_private_key_file_exists_IOError self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_IOError>

    def test_error_raised_when_private_key_file_exists_IOError(self):
        # Create private key file
        private_key_path = self._create_new_temp_key_file(self.private_key)
    
        with mock.patch('paramiko.RSAKey') as mocked_RSAKey:
            # mock failed RSAKey generation
            mocked_RSAKey.side_effect = IOError("Mocked IOError")
    
            # assert that CLIError raised when generate_ssh_keys is called
>           with self.assertRaises(CLIError):
E           AssertionError: CLIError not raised

src/azure-cli-core/azure/cli/core/tests/test_keys.py:82: AssertionError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:72
Failed test_error_raised_when_private_key_file_exists_encrypted self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_encrypted>

    def test_error_raised_when_private_key_file_exists_encrypted(self):
        # Create empty private key file
        private_key_path = self.create_new_temp_key_file("")
    
        # Write encrypted / passworded key into file
        self.key.write_private_key_file(private_key_path, password="test")
    
        # Check that CLIError exception is raised when generate_ssh_keys is called.
        with self.assertRaises(CLIError):
            public_key_path = private_key_path + ".pub"
>           generate_ssh_keys(private_key_path, public_key_path)

src/azure-cli-core/azure/cli/core/tests/test_keys.py:99: 
                                       _ 

    def generate_ssh_keys(private_key_filepath, public_key_filepath):
        from cryptography.hazmat.primitives.asymmetric import rsa
        from cryptography.hazmat.primitives import serialization
    
        if os.path.isfile(public_key_filepath):
            try:
                with open(public_key_filepath, 'r') as public_key_file:
                    public_key = public_key_file.read()
                    pub_ssh_dir = os.path.dirname(public_key_filepath)
                    logger.warning("Public SSH key file '%s' already exists in the directory: '%s'. "
                                   "New SSH key files will not be generated.",
                                   public_key_filepath, pub_ssh_dir)
    
                    return public_key
            except IOError as e:
                raise CLIError(e)
    
        ssh_dir = os.path.dirname(private_key_filepath)
        if not os.path.exists(ssh_dir):
            os.makedirs(ssh_dir)
            os.chmod(ssh_dir, 0o700)
    
        if os.path.isfile(private_key_filepath):
            # Try to use existing private key if it exists.
            # https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#key-loading
            with open(private_key_filepath, "rb") as f:
                private_bytes = f.read()
>           private_key = serialization.load_pem_private_key(private_bytes, password=None)
E           TypeError: Password was not given but private key is encrypted

src/azure-cli-core/azure/cli/core/keys.py:64: TypeError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:88
❌3.12
Type Test Case Error Message Line
Failed test_error_raised_when_private_key_file_exists_IOError self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_IOError>

    def test_error_raised_when_private_key_file_exists_IOError(self):
        # Create private key file
        private_key_path = self._create_new_temp_key_file(self.private_key)
    
        with mock.patch('paramiko.RSAKey') as mocked_RSAKey:
            # mock failed RSAKey generation
            mocked_RSAKey.side_effect = IOError("Mocked IOError")
    
            # assert that CLIError raised when generate_ssh_keys is called
>           with self.assertRaises(CLIError):
E           AssertionError: CLIError not raised

src/azure-cli-core/azure/cli/core/tests/test_keys.py:82: AssertionError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:72
Failed test_error_raised_when_private_key_file_exists_encrypted self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_encrypted>

    def test_error_raised_when_private_key_file_exists_encrypted(self):
        # Create empty private key file
        private_key_path = self.create_new_temp_key_file("")
    
        # Write encrypted / passworded key into file
        self.key.write_private_key_file(private_key_path, password="test")
    
        # Check that CLIError exception is raised when generate_ssh_keys is called.
        with self.assertRaises(CLIError):
            public_key_path = private_key_path + ".pub"
>           generate_ssh_keys(private_key_path, public_key_path)

src/azure-cli-core/azure/cli/core/tests/test_keys.py:99: 
                                       _ 

    def generate_ssh_keys(private_key_filepath, public_key_filepath):
        from cryptography.hazmat.primitives.asymmetric import rsa
        from cryptography.hazmat.primitives import serialization
    
        if os.path.isfile(public_key_filepath):
            try:
                with open(public_key_filepath, 'r') as public_key_file:
                    public_key = public_key_file.read()
                    pub_ssh_dir = os.path.dirname(public_key_filepath)
                    logger.warning("Public SSH key file '%s' already exists in the directory: '%s'. "
                                   "New SSH key files will not be generated.",
                                   public_key_filepath, pub_ssh_dir)
    
                    return public_key
            except IOError as e:
                raise CLIError(e)
    
        ssh_dir = os.path.dirname(private_key_filepath)
        if not os.path.exists(ssh_dir):
            os.makedirs(ssh_dir)
            os.chmod(ssh_dir, 0o700)
    
        if os.path.isfile(private_key_filepath):
            # Try to use existing private key if it exists.
            # https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#key-loading
            with open(private_key_filepath, "rb") as f:
                private_bytes = f.read()
>           private_key = serialization.load_pem_private_key(private_bytes, password=None)
E           TypeError: Password was not given but private key is encrypted

src/azure-cli-core/azure/cli/core/keys.py:64: TypeError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:88
❌3.9
Type Test Case Error Message Line
Failed test_error_raised_when_private_key_file_exists_IOError self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_IOError>

    def test_error_raised_when_private_key_file_exists_IOError(self):
        # Create private key file
        private_key_path = self._create_new_temp_key_file(self.private_key)
    
        with mock.patch('paramiko.RSAKey') as mocked_RSAKey:
            # mock failed RSAKey generation
            mocked_RSAKey.side_effect = IOError("Mocked IOError")
    
            # assert that CLIError raised when generate_ssh_keys is called
            with self.assertRaises(CLIError):
                public_key_path = private_key_path + ".pub"
>               generate_ssh_keys(private_key_path, public_key_path)
E               AssertionError: CLIError not raised

src/azure-cli-core/azure/cli/core/tests/test_keys.py:84: AssertionError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:72
Failed test_error_raised_when_private_key_file_exists_encrypted self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_encrypted>

    def test_error_raised_when_private_key_file_exists_encrypted(self):
        # Create empty private key file
        private_key_path = self.create_new_temp_key_file("")
    
        # Write encrypted / passworded key into file
        self.key.write_private_key_file(private_key_path, password="test")
    
        # Check that CLIError exception is raised when generate_ssh_keys is called.
        with self.assertRaises(CLIError):
            public_key_path = private_key_path + ".pub"
>           generate_ssh_keys(private_key_path, public_key_path)

src/azure-cli-core/azure/cli/core/tests/test_keys.py:99: 
                                       _ 

    def generate_ssh_keys(private_key_filepath, public_key_filepath):
        from cryptography.hazmat.primitives.asymmetric import rsa
        from cryptography.hazmat.primitives import serialization
    
        if os.path.isfile(public_key_filepath):
            try:
                with open(public_key_filepath, 'r') as public_key_file:
                    public_key = public_key_file.read()
                    pub_ssh_dir = os.path.dirname(public_key_filepath)
                    logger.warning("Public SSH key file '%s' already exists in the directory: '%s'. "
                                   "New SSH key files will not be generated.",
                                   public_key_filepath, pub_ssh_dir)
    
                    return public_key
            except IOError as e:
                raise CLIError(e)
    
        ssh_dir = os.path.dirname(private_key_filepath)
        if not os.path.exists(ssh_dir):
            os.makedirs(ssh_dir)
            os.chmod(ssh_dir, 0o700)
    
        if os.path.isfile(private_key_filepath):
            # Try to use existing private key if it exists.
            # https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#key-loading
            with open(private_key_filepath, "rb") as f:
                private_bytes = f.read()
>           private_key = serialization.load_pem_private_key(private_bytes, password=None)
E           TypeError: Password was not given but private key is encrypted

src/azure-cli-core/azure/cli/core/keys.py:64: TypeError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:88
❌2020-09-01-hybrid
❌3.11
Type Test Case Error Message Line
Failed test_error_raised_when_private_key_file_exists_IOError self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_IOError>

    def test_error_raised_when_private_key_file_exists_IOError(self):
        # Create private key file
        private_key_path = self._create_new_temp_key_file(self.private_key)
    
        with mock.patch('paramiko.RSAKey') as mocked_RSAKey:
            # mock failed RSAKey generation
            mocked_RSAKey.side_effect = IOError("Mocked IOError")
    
            # assert that CLIError raised when generate_ssh_keys is called
>           with self.assertRaises(CLIError):
E           AssertionError: CLIError not raised

src/azure-cli-core/azure/cli/core/tests/test_keys.py:82: AssertionError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:72
Failed test_error_raised_when_private_key_file_exists_encrypted self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_encrypted>

    def test_error_raised_when_private_key_file_exists_encrypted(self):
        # Create empty private key file
        private_key_path = self.create_new_temp_key_file("")
    
        # Write encrypted / passworded key into file
        self.key.write_private_key_file(private_key_path, password="test")
    
        # Check that CLIError exception is raised when generate_ssh_keys is called.
        with self.assertRaises(CLIError):
            public_key_path = private_key_path + ".pub"
>           generate_ssh_keys(private_key_path, public_key_path)

src/azure-cli-core/azure/cli/core/tests/test_keys.py:99: 
                                       _ 

    def generate_ssh_keys(private_key_filepath, public_key_filepath):
        from cryptography.hazmat.primitives.asymmetric import rsa
        from cryptography.hazmat.primitives import serialization
    
        if os.path.isfile(public_key_filepath):
            try:
                with open(public_key_filepath, 'r') as public_key_file:
                    public_key = public_key_file.read()
                    pub_ssh_dir = os.path.dirname(public_key_filepath)
                    logger.warning("Public SSH key file '%s' already exists in the directory: '%s'. "
                                   "New SSH key files will not be generated.",
                                   public_key_filepath, pub_ssh_dir)
    
                    return public_key
            except IOError as e:
                raise CLIError(e)
    
        ssh_dir = os.path.dirname(private_key_filepath)
        if not os.path.exists(ssh_dir):
            os.makedirs(ssh_dir)
            os.chmod(ssh_dir, 0o700)
    
        if os.path.isfile(private_key_filepath):
            # Try to use existing private key if it exists.
            # https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#key-loading
            with open(private_key_filepath, "rb") as f:
                private_bytes = f.read()
>           private_key = serialization.load_pem_private_key(private_bytes, password=None)
E           TypeError: Password was not given but private key is encrypted

src/azure-cli-core/azure/cli/core/keys.py:64: TypeError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:88
❌3.12
Type Test Case Error Message Line
Failed test_error_raised_when_private_key_file_exists_IOError self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_IOError>

    def test_error_raised_when_private_key_file_exists_IOError(self):
        # Create private key file
        private_key_path = self._create_new_temp_key_file(self.private_key)
    
        with mock.patch('paramiko.RSAKey') as mocked_RSAKey:
            # mock failed RSAKey generation
            mocked_RSAKey.side_effect = IOError("Mocked IOError")
    
            # assert that CLIError raised when generate_ssh_keys is called
>           with self.assertRaises(CLIError):
E           AssertionError: CLIError not raised

src/azure-cli-core/azure/cli/core/tests/test_keys.py:82: AssertionError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:72
Failed test_error_raised_when_private_key_file_exists_encrypted self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_encrypted>

    def test_error_raised_when_private_key_file_exists_encrypted(self):
        # Create empty private key file
        private_key_path = self.create_new_temp_key_file("")
    
        # Write encrypted / passworded key into file
        self.key.write_private_key_file(private_key_path, password="test")
    
        # Check that CLIError exception is raised when generate_ssh_keys is called.
        with self.assertRaises(CLIError):
            public_key_path = private_key_path + ".pub"
>           generate_ssh_keys(private_key_path, public_key_path)

src/azure-cli-core/azure/cli/core/tests/test_keys.py:99: 
                                       _ 

    def generate_ssh_keys(private_key_filepath, public_key_filepath):
        from cryptography.hazmat.primitives.asymmetric import rsa
        from cryptography.hazmat.primitives import serialization
    
        if os.path.isfile(public_key_filepath):
            try:
                with open(public_key_filepath, 'r') as public_key_file:
                    public_key = public_key_file.read()
                    pub_ssh_dir = os.path.dirname(public_key_filepath)
                    logger.warning("Public SSH key file '%s' already exists in the directory: '%s'. "
                                   "New SSH key files will not be generated.",
                                   public_key_filepath, pub_ssh_dir)
    
                    return public_key
            except IOError as e:
                raise CLIError(e)
    
        ssh_dir = os.path.dirname(private_key_filepath)
        if not os.path.exists(ssh_dir):
            os.makedirs(ssh_dir)
            os.chmod(ssh_dir, 0o700)
    
        if os.path.isfile(private_key_filepath):
            # Try to use existing private key if it exists.
            # https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#key-loading
            with open(private_key_filepath, "rb") as f:
                private_bytes = f.read()
>           private_key = serialization.load_pem_private_key(private_bytes, password=None)
E           TypeError: Password was not given but private key is encrypted

src/azure-cli-core/azure/cli/core/keys.py:64: TypeError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:88
❌3.9
Type Test Case Error Message Line
Failed test_error_raised_when_private_key_file_exists_IOError self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_IOError>

    def test_error_raised_when_private_key_file_exists_IOError(self):
        # Create private key file
        private_key_path = self._create_new_temp_key_file(self.private_key)
    
        with mock.patch('paramiko.RSAKey') as mocked_RSAKey:
            # mock failed RSAKey generation
            mocked_RSAKey.side_effect = IOError("Mocked IOError")
    
            # assert that CLIError raised when generate_ssh_keys is called
            with self.assertRaises(CLIError):
                public_key_path = private_key_path + ".pub"
>               generate_ssh_keys(private_key_path, public_key_path)
E               AssertionError: CLIError not raised

src/azure-cli-core/azure/cli/core/tests/test_keys.py:84: AssertionError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:72
Failed test_error_raised_when_private_key_file_exists_encrypted self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_encrypted>

    def test_error_raised_when_private_key_file_exists_encrypted(self):
        # Create empty private key file
        private_key_path = self.create_new_temp_key_file("")
    
        # Write encrypted / passworded key into file
        self.key.write_private_key_file(private_key_path, password="test")
    
        # Check that CLIError exception is raised when generate_ssh_keys is called.
        with self.assertRaises(CLIError):
            public_key_path = private_key_path + ".pub"
>           generate_ssh_keys(private_key_path, public_key_path)

src/azure-cli-core/azure/cli/core/tests/test_keys.py:99: 
                                       _ 

    def generate_ssh_keys(private_key_filepath, public_key_filepath):
        from cryptography.hazmat.primitives.asymmetric import rsa
        from cryptography.hazmat.primitives import serialization
    
        if os.path.isfile(public_key_filepath):
            try:
                with open(public_key_filepath, 'r') as public_key_file:
                    public_key = public_key_file.read()
                    pub_ssh_dir = os.path.dirname(public_key_filepath)
                    logger.warning("Public SSH key file '%s' already exists in the directory: '%s'. "
                                   "New SSH key files will not be generated.",
                                   public_key_filepath, pub_ssh_dir)
    
                    return public_key
            except IOError as e:
                raise CLIError(e)
    
        ssh_dir = os.path.dirname(private_key_filepath)
        if not os.path.exists(ssh_dir):
            os.makedirs(ssh_dir)
            os.chmod(ssh_dir, 0o700)
    
        if os.path.isfile(private_key_filepath):
            # Try to use existing private key if it exists.
            # https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#key-loading
            with open(private_key_filepath, "rb") as f:
                private_bytes = f.read()
>           private_key = serialization.load_pem_private_key(private_bytes, password=None)
E           TypeError: Password was not given but private key is encrypted

src/azure-cli-core/azure/cli/core/keys.py:64: TypeError		 src/azure-cli-core/azure/cli/core/tests/test_keys.py:88
❌latest
❌3.11
Type Test Case Error Message Line
Failed test_error_raised_when_private_key_file_exists_IOError self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_IOError>

    def test_error_raised_when_private_key_file_exists_IOError(self):
        # Create private key file
        private_key_path = self._create_new_temp_key_file(self.private_key)
    
        with mock.patch('paramiko.RSAKey') as mocked_RSAKey:
            # mock failed RSAKey generation
            mocked_RSAKey.side_effect = IOError("Mocked IOError")
    
            # assert that CLIError raised when generate_ssh_keys is called
>           with self.assertRaises(CLIError):
E           AssertionError: CLIError not raised

src/azure-cli-core/azure/cli/core/tests/test_keys.py:82: AssertionError		 azure/cli/core/tests/test_keys.py:72
Failed test_error_raised_when_private_key_file_exists_encrypted self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_encrypted>

    def test_error_raised_when_private_key_file_exists_encrypted(self):
        # Create empty private key file
        private_key_path = self.create_new_temp_key_file("")
    
        # Write encrypted / passworded key into file
        self.key.write_private_key_file(private_key_path, password="test")
    
        # Check that CLIError exception is raised when generate_ssh_keys is called.
        with self.assertRaises(CLIError):
            public_key_path = private_key_path + ".pub"
>           generate_ssh_keys(private_key_path, public_key_path)

src/azure-cli-core/azure/cli/core/tests/test_keys.py:99: 
                                       _ 

    def generate_ssh_keys(private_key_filepath, public_key_filepath):
        from cryptography.hazmat.primitives.asymmetric import rsa
        from cryptography.hazmat.primitives import serialization
    
        if os.path.isfile(public_key_filepath):
            try:
                with open(public_key_filepath, 'r') as public_key_file:
                    public_key = public_key_file.read()
                    pub_ssh_dir = os.path.dirname(public_key_filepath)
                    logger.warning("Public SSH key file '%s' already exists in the directory: '%s'. "
                                   "New SSH key files will not be generated.",
                                   public_key_filepath, pub_ssh_dir)
    
                    return public_key
            except IOError as e:
                raise CLIError(e)
    
        ssh_dir = os.path.dirname(private_key_filepath)
        if not os.path.exists(ssh_dir):
            os.makedirs(ssh_dir)
            os.chmod(ssh_dir, 0o700)
    
        if os.path.isfile(private_key_filepath):
            # Try to use existing private key if it exists.
            # https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#key-loading
            with open(private_key_filepath, "rb") as f:
                private_bytes = f.read()
>           private_key = serialization.load_pem_private_key(private_bytes, password=None)
E           TypeError: Password was not given but private key is encrypted

src/azure-cli-core/azure/cli/core/keys.py:64: TypeError		 azure/cli/core/tests/test_keys.py:88
❌3.12
Type Test Case Error Message Line
Failed test_error_raised_when_private_key_file_exists_IOError self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_IOError>

    def test_error_raised_when_private_key_file_exists_IOError(self):
        # Create private key file
        private_key_path = self._create_new_temp_key_file(self.private_key)
    
        with mock.patch('paramiko.RSAKey') as mocked_RSAKey:
            # mock failed RSAKey generation
            mocked_RSAKey.side_effect = IOError("Mocked IOError")
    
            # assert that CLIError raised when generate_ssh_keys is called
>           with self.assertRaises(CLIError):
E           AssertionError: CLIError not raised

src/azure-cli-core/azure/cli/core/tests/test_keys.py:82: AssertionError		 azure/cli/core/tests/test_keys.py:72
Failed test_error_raised_when_private_key_file_exists_encrypted self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_encrypted>

    def test_error_raised_when_private_key_file_exists_encrypted(self):
        # Create empty private key file
        private_key_path = self.create_new_temp_key_file("")
    
        # Write encrypted / passworded key into file
        self.key.write_private_key_file(private_key_path, password="test")
    
        # Check that CLIError exception is raised when generate_ssh_keys is called.
        with self.assertRaises(CLIError):
            public_key_path = private_key_path + ".pub"
>           generate_ssh_keys(private_key_path, public_key_path)

src/azure-cli-core/azure/cli/core/tests/test_keys.py:99: 
                                       _ 

    def generate_ssh_keys(private_key_filepath, public_key_filepath):
        from cryptography.hazmat.primitives.asymmetric import rsa
        from cryptography.hazmat.primitives import serialization
    
        if os.path.isfile(public_key_filepath):
            try:
                with open(public_key_filepath, 'r') as public_key_file:
                    public_key = public_key_file.read()
                    pub_ssh_dir = os.path.dirname(public_key_filepath)
                    logger.warning("Public SSH key file '%s' already exists in the directory: '%s'. "
                                   "New SSH key files will not be generated.",
                                   public_key_filepath, pub_ssh_dir)
    
                    return public_key
            except IOError as e:
                raise CLIError(e)
    
        ssh_dir = os.path.dirname(private_key_filepath)
        if not os.path.exists(ssh_dir):
            os.makedirs(ssh_dir)
            os.chmod(ssh_dir, 0o700)
    
        if os.path.isfile(private_key_filepath):
            # Try to use existing private key if it exists.
            # https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#key-loading
            with open(private_key_filepath, "rb") as f:
                private_bytes = f.read()
>           private_key = serialization.load_pem_private_key(private_bytes, password=None)
E           TypeError: Password was not given but private key is encrypted

src/azure-cli-core/azure/cli/core/keys.py:64: TypeError		 azure/cli/core/tests/test_keys.py:88
❌3.9
Type Test Case Error Message Line
Failed test_error_raised_when_private_key_file_exists_IOError self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_IOError>

    def test_error_raised_when_private_key_file_exists_IOError(self):
        # Create private key file
        private_key_path = self._create_new_temp_key_file(self.private_key)
    
        with mock.patch('paramiko.RSAKey') as mocked_RSAKey:
            # mock failed RSAKey generation
            mocked_RSAKey.side_effect = IOError("Mocked IOError")
    
            # assert that CLIError raised when generate_ssh_keys is called
            with self.assertRaises(CLIError):
                public_key_path = private_key_path + ".pub"
>               generate_ssh_keys(private_key_path, public_key_path)
E               AssertionError: CLIError not raised

src/azure-cli-core/azure/cli/core/tests/test_keys.py:84: AssertionError		 azure/cli/core/tests/test_keys.py:72
Failed test_error_raised_when_private_key_file_exists_encrypted self = <azure.cli.core.tests.test_keys.TestGenerateSSHKeys testMethod=test_error_raised_when_private_key_file_exists_encrypted>

    def test_error_raised_when_private_key_file_exists_encrypted(self):
        # Create empty private key file
        private_key_path = self.create_new_temp_key_file("")
    
        # Write encrypted / passworded key into file
        self.key.write_private_key_file(private_key_path, password="test")
    
        # Check that CLIError exception is raised when generate_ssh_keys is called.
        with self.assertRaises(CLIError):
            public_key_path = private_key_path + ".pub"
>           generate_ssh_keys(private_key_path, public_key_path)

src/azure-cli-core/azure/cli/core/tests/test_keys.py:99: 
                                       _ 

    def generate_ssh_keys(private_key_filepath, public_key_filepath):
        from cryptography.hazmat.primitives.asymmetric import rsa
        from cryptography.hazmat.primitives import serialization
    
        if os.path.isfile(public_key_filepath):
            try:
                with open(public_key_filepath, 'r') as public_key_file:
                    public_key = public_key_file.read()
                    pub_ssh_dir = os.path.dirname(public_key_filepath)
                    logger.warning("Public SSH key file '%s' already exists in the directory: '%s'. "
                                   "New SSH key files will not be generated.",
                                   public_key_filepath, pub_ssh_dir)
    
                    return public_key
            except IOError as e:
                raise CLIError(e)
    
        ssh_dir = os.path.dirname(private_key_filepath)
        if not os.path.exists(ssh_dir):
            os.makedirs(ssh_dir)
            os.chmod(ssh_dir, 0o700)
    
        if os.path.isfile(private_key_filepath):
            # Try to use existing private key if it exists.
            # https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#key-loading
            with open(private_key_filepath, "rb") as f:
                private_bytes = f.read()
>           private_key = serialization.load_pem_private_key(private_bytes, password=None)
E           TypeError: Password was not given but private key is encrypted

src/azure-cli-core/azure/cli/core/keys.py:64: TypeError		 azure/cli/core/tests/test_keys.py:88
️✔️cosmosdb
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️databoxedge
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️dla
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️dls
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️dms
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️eventgrid
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️eventhubs
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️feedback
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️find
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️hdinsight
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️identity
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️iot
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️keyvault
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️kusto
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️lab
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️managedservices
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️maps
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️marketplaceordering
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️monitor
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️mysql
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️netappfiles
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️network
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️policyinsights
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️privatedns
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️profile
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️rdbms
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️redis
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️relay
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️resource
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️role
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️search
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️security
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️servicebus
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️serviceconnector
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️servicefabric
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️signalr
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️sql
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️sqlvm
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️storage
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️synapse
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️telemetry
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️util
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️vm
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9

@azure-client-tools-bot-prd azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Oct 10, 2024
edited
Loading

️✔️AzureCLI-BreakingChangeTest
️✔️Non Breaking Changes

@yonzhan
Copy link
Collaborator

yonzhan commented Oct 10, 2024

Core

@microsoft-github-policy-service microsoft-github-policy-service bot added Auto-Assign Auto assign by bot Core CLI core infrastructure labels Oct 10, 2024
@jiasli
Copy link
Member Author

jiasli commented Oct 10, 2024

paramiko is still used by below command modules:

acs

azure-cli/src/azure-cli/azure/cli/command_modules/acs/tests/latest/test_managed_cluster_decorator.py

Line 466 in aec2b88

import paramiko

batchai

azure-cli/src/azure-cli/azure/cli/command_modules/batchai/custom.py

Line 21 in 6bbf23a

import paramiko

lab

azure-cli/src/azure-cli/azure/cli/command_modules/lab/validators.py

Line 479 in 8fb9aa4

import paramiko

yonzhan
yonzhan previously approved these changes Oct 10, 2024
View reviewed changes
@jiasli jiasli changed the title {Core} Remove paramiko dependency from core {Core} Migrate generate_ssh_keys from paramiko to cryptography Oct 10, 2024
jiasli
jiasli commented Oct 10, 2024
View reviewed changes
src/azure-cli-core/azure/cli/core/keys.py


def _open(filename, mode):
return os.open(filename, flags=os.O_WRONLY | os.O_TRUNC | os.O_CREAT, mode=mode)
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Setting file mode at creation time avoids the time gap between open and chmod. See #21719

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yonzhan yonzhan yonzhan left review comments

@evelyn-ys evelyn-ys Awaiting requested review from evelyn-ys evelyn-ys will be requested when the pull request is marked ready for review evelyn-ys is a code owner

@jsntcy jsntcy Awaiting requested review from jsntcy jsntcy will be requested when the pull request is marked ready for review jsntcy is a code owner

@kairu-ms kairu-ms Awaiting requested review from kairu-ms kairu-ms will be requested when the pull request is marked ready for review kairu-ms is a code owner

@zhoxing-ms zhoxing-ms Awaiting requested review from zhoxing-ms zhoxing-ms will be requested when the pull request is marked ready for review zhoxing-ms is a code owner

@calvinhzy calvinhzy Awaiting requested review from calvinhzy calvinhzy will be requested when the pull request is marked ready for review calvinhzy is a code owner

@necusjz necusjz Awaiting requested review from necusjz necusjz will be requested when the pull request is marked ready for review necusjz is a code owner

@bebound bebound Awaiting requested review from bebound bebound will be requested when the pull request is marked ready for review bebound is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@jiasli jiasli

Labels
Auto-Assign Auto assign by bot Core CLI core infrastructure
Projects
None yet
Milestone
October 2024 (2024-11-05)
Development

Successfully merging this pull request may close these issues.
2 participants
@jiasli @yonzhan