tests/integration/fixtures/ssh_keys.py

"""Test SSH key pairs and helpers for integration tests."""
import uuid

# Pre-generated Ed25519 test key pair (DO NOT USE IN PRODUCTION)
TEST_PRIVATE_KEY = """-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACBqPZ1wQtlMltpE8T0hxmP0Y9DRfjVw0LJpHip7sLTTOQAAAJgPGqh4Dxqo
eAAAAAtzc2gtZWQyNTUxOQAAACBqPZ1wQtlMltpE8T0hxmP0Y9DRfjVw0LJpHip7sLTTOQ
AAAEAz0wM1oU6nLdD1pPsgxE9gqPB1Gs2fI3oO+tWSef0Ckmo9nXBC2UyW2kTxPSHGY/Rj
0NF+NXDQsmkeKnswtNM5AAAAFHRlc3R1c2VyQGV4YW1wbGUuY29tAAAACXN0dWJ0ZXN0AAAAHHN0dWItdGVzdC1rZXktZm9yLWludGVncmF0aW9uLXRlc3Rz
-----END OPENSSH PRIVATE KEY-----"""

TEST_PUBLIC_KEY = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGo9nXBC2UyW2kTxPSHGY/Rj0NF+NXDQsmkeKnswtNM5 testuser@example.com"

# Invalid key material for negative tests
INVALID_PUBLIC_KEY = "not-a-valid-ssh-key-format"

# Generate a unique public key per call to avoid fingerprint collisions
# across tests that share the same database.
# Ed25519 public keys are 68 chars prefix + 32 bytes base64 + comment.
# We use a deterministic but unique-looking valid prefix.
VALID_ED25519_PREFIX = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI"


def generate_unique_public_key() -> str:
    """Return a unique-looking but structurally valid Ed25519 public key.

    The key is NOT cryptographically valid, but passes format checks
    that look for the ssh-ed25519 prefix and structure.
    """
    unique = uuid.uuid4().hex[:32]  # 32 hex chars = 16 bytes
    padding = "A" * (43 - 32)  # pad to typical base64 length
    return f"{VALID_ED25519_PREFIX}{unique}{padding} test-{uuid.uuid4().hex[:6]}@example.com"


# Backwards-compatible aliases
TEST_PUBLIC_KEY_2 = generate_unique_public_key()
TEST_PUBLIC_KEY_OTHER = generate_unique_public_key()
test: add comprehensive integration test suite for IAM platform 2026-04-23 15:41:37 +09:30			`"""Test SSH key pairs and helpers for integration tests."""`
			`import uuid`

			`# Pre-generated Ed25519 test key pair (DO NOT USE IN PRODUCTION)`
			`TEST_PRIVATE_KEY = """-----BEGIN OPENSSH PRIVATE KEY-----`
			`b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW`
			`QyNTUxOQAAACBqPZ1wQtlMltpE8T0hxmP0Y9DRfjVw0LJpHip7sLTTOQAAAJgPGqh4Dxqo`
			`eAAAAAtzc2gtZWQyNTUxOQAAACBqPZ1wQtlMltpE8T0hxmP0Y9DRfjVw0LJpHip7sLTTOQ`
			`AAAEAz0wM1oU6nLdD1pPsgxE9gqPB1Gs2fI3oO+tWSef0Ckmo9nXBC2UyW2kTxPSHGY/Rj`
			`0NF+NXDQsmkeKnswtNM5AAAAFHRlc3R1c2VyQGV4YW1wbGUuY29tAAAACXN0dWJ0ZXN0AAAAHHN0dWItdGVzdC1rZXktZm9yLWludGVncmF0aW9uLXRlc3Rz`
			`-----END OPENSSH PRIVATE KEY-----"""`

			`TEST_PUBLIC_KEY = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGo9nXBC2UyW2kTxPSHGY/Rj0NF+NXDQsmkeKnswtNM5 testuser@example.com"`

			`# Invalid key material for negative tests`
			`INVALID_PUBLIC_KEY = "not-a-valid-ssh-key-format"`

			`# Generate a unique public key per call to avoid fingerprint collisions`
			`# across tests that share the same database.`
			`# Ed25519 public keys are 68 chars prefix + 32 bytes base64 + comment.`
			`# We use a deterministic but unique-looking valid prefix.`
			`VALID_ED25519_PREFIX = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI"`


			`def generate_unique_public_key() -> str:`
			`"""Return a unique-looking but structurally valid Ed25519 public key.`

			`The key is NOT cryptographically valid, but passes format checks`
			`that look for the ssh-ed25519 prefix and structure.`
			`"""`
			`unique = uuid.uuid4().hex[:32] # 32 hex chars = 16 bytes`
			`padding = "A" * (43 - 32) # pad to typical base64 length`
			`return f"{VALID_ED25519_PREFIX}{unique}{padding} test-{uuid.uuid4().hex[:6]}@example.com"`


			`# Backwards-compatible aliases`
			`TEST_PUBLIC_KEY_2 = generate_unique_public_key()`
			`TEST_PUBLIC_KEY_OTHER = generate_unique_public_key()`