def rnpkey_generate_multiple(): # Generate 5 keys with different user ids for i in range(0, 5): # generate the next key pipe = pswd_pipe(PASSWORD) userid = str(i) + '@rnp-multiple' ret, out, err = run_proc(RNPK, [ '--numbits', '2048', '--homedir', RNPDIR, '--pass-fd', str(pipe), '--userid', userid, '--generate-key' ]) os.close(pipe) if ret != 0: raise_err('key generation failed', err) # list keys using the rnpkeys, checking whether it reports correct key number ret, out, err = run_proc(RNPK, ['--homedir', RNPDIR, '--list-keys']) if ret != 0: raise_err('key list failed', err) match = re.match(RE_MULTIPLE_KEY_LIST, out) if not match: raise_err('wrong key list output', out) if not match.group(1) == str((i + 1) * 2): raise_err('wrong key count', out) # Checking the 5 keys output ret, out, err = run_proc(RNPK, ['--homedir', RNPDIR, '--list-keys']) if ret != 0: raise_err('key list failed', err) match = re.match(RE_MULTIPLE_KEY_5, out) if not match: raise_err('wrong key list output', out) # Cleanup and return clear_keyrings() return
def rnp_sign_cleartext(src, dst, signer): pipe = pswd_pipe(PASSWORD) ret, out, err = run_proc(RNP, [ '--homedir', RNPDIR, '--pass-fd', str(pipe), '--userid', signer, '--output', dst, '--clearsign', src ]) os.close(pipe) if ret != 0: raise_err('rnp cleartext signing failed', err)
def rnp_decrypt_file(src, dst): pipe = pswd_pipe(PASSWORD) ret, out, err = run_proc(RNP, [ '--homedir', RNPDIR, '--pass-fd', str(pipe), '--decrypt', src, '--output', dst ]) os.close(pipe) if ret != 0: raise_err('rnp decryption failed', out + err)
def rnp_genkey_rsa(userid, bits=2048): pipe = pswd_pipe(PASSWORD) ret, out, err = run_proc(RNPK, [ '--numbits', str(bits), '--homedir', RNPDIR, '--pass-fd', str(pipe), '--userid', userid, '--generate-key' ]) os.close(pipe) if ret != 0: raise_err('rsa key generation failed', err)
def setup(workdir): # Searching for rnp and gnupg global RNP, GPG, RNPK, WORKDIR, RNPDIR, GPGDIR, SMALLSIZE, RMWORKDIR logging.basicConfig(stream=sys.stdout, format="%(message)s") logging.getLogger().setLevel(logging.INFO) RNP = rnp_file_path('src/rnp/rnp') RNPK = rnp_file_path('src/rnpkeys/rnpkeys') GPG = find_utility('gpg') WORKDIR = os.getcwd() if workdir: WORKDIR = workdir elif not '/tmp/' in WORKDIR: WORKDIR = tempfile.mkdtemp(prefix='rnpptmp') RMWORKDIR = True logging.debug('Setting up test in {} ...'.format(WORKDIR)) # Creating working directory and populating it with test files RNPDIR = path.join(WORKDIR, '.rnp') GPGDIR = path.join(WORKDIR, '.gpg') os.mkdir(RNPDIR, 0700) os.mkdir(GPGDIR, 0700) # Generating key pipe = pswd_pipe(PASSWORD) params = [ '--homedir', RNPDIR, '--pass-fd', str(pipe), '--userid', 'performance@rnp', '--generate-key' ] # Run key generation ret, out, err = run_proc(RNPK, params) os.close(pipe) # Importing keys to GnuPG so it can build trustdb and so on ret, out, err = run_proc(GPG, [ '--batch', '--passphrase', '', '--homedir', GPGDIR, '--import', path.join(RNPDIR, 'pubring.gpg'), path.join(RNPDIR, 'secring.gpg') ]) # Generating small file for tests SMALLSIZE = 3312 st = 'lorem ipsum dol ' * (SMALLSIZE / 16) with open(path.join(WORKDIR, SMALLFILE), 'w+') as small_file: small_file.write(st) # Generating large file for tests print 'Generating large file of size {}'.format( size_to_readable(LARGESIZE)) st = '0123456789ABCDEF' * (1024 / 16) with open(path.join(WORKDIR, LARGEFILE), 'w') as fd: for i in range(0, LARGESIZE / 1024 - 1): fd.write(st)
def decrypt(self, output, input): pipe = pswd_pipe(self.password) params = self.common_params params += ['--pass-fd', str(pipe)] params += ['--userid', self.userid] params += ['--decrypt', input] params += ['--output', output] try: ret = self._run(self.rnp_bin, params) finally: os.close(pipe) return ret
def encrypt(self, recipient, output, input): pipe = pswd_pipe(self.password) params = self.common_params params += ['--pass-fd', str(pipe)] params += ['--recipient', recipient] params += ['--encrypt', input] params += ['--output', output] try: ret = self._run(self.rnp_bin, params) finally: os.close(pipe) return ret
def rnp_sign_detached(src, signer, armour=False): pipe = pswd_pipe(PASSWORD) params = [ '--homedir', RNPDIR, '--pass-fd', str(pipe), '--userid', signer, '--sign', '--detach', src ] if armour: params += ['--armor'] ret, out, err = run_proc(RNP, params) os.close(pipe) if ret != 0: raise_err('rnp detached signing failed', err)
def generte_key_batch(self, batch_input): pipe = pswd_pipe(self.__password) params = self.common_params params += ['--generate-key', '--expert'] params += ['--pass-fd', str(pipe)] params += ['--userid', self.userid] try: ret = self._run([self.__key_mgm_bin] + params, batch_input) finally: import os os.close(pipe) return ret
def sign(self, output, input): pipe = pswd_pipe(self.password) params = self.common_params params += ['--pass-fd', str(pipe)] params += ['--userid', self.userid] params += ['--sign', input] params += ['--output', output] try: ret = self._run([self.rnp_bin] + params) finally: import os os.close(pipe) return ret
def sign(self, output, input): pipe = pswd_pipe(self.password) params = self.common_params params += ['--pass-fd', str(pipe)] params += ['--userid', self.userid] params += ['--sign', input] params += ['--output', output] if self.hash: params += ['--hash', self.hash] try: ret = self._run(self.rnp_bin, params) finally: os.close(pipe) return ret
def rnpkey_generate_rsa(bits=None, cleanup=True): # Setup command line params if bits: params = ['--numbits', str(bits)] else: params = [] bits = 2048 userid = str(bits) + '@rnptest' # Open pipe for password pipe = pswd_pipe(PASSWORD) params = params + [ '--homedir', RNPDIR, '--pass-fd', str(pipe), '--userid', userid, '--generate-key' ] # Run key generation ret, out, err = run_proc(RNPK, params) os.close(pipe) if ret != 0: raise_err('key generation failed', err) # Check packets using the gpg match = check_packets(path.join(RNPDIR, 'pubring.gpg'), RE_RSA_KEY) if not match: raise_err('generated key check failed') keybits = int(match.group(1)) if keybits > bits or keybits <= bits - 8: raise_err('wrong key bits') keyid = match.group(2) if not match.group(3) == userid: raise_err('wrong user id') # List keys using the rnpkeys ret, out, err = run_proc(RNPK, ['--homedir', RNPDIR, '--list-keys']) if ret != 0: raise_err('key list failed', err) match = re.match(RE_RSA_KEY_LIST, out) # Compare key ids if not match: raise_err('wrong key list output', out) if not match.group(3)[-16:] == match.group(2) or not match.group( 2) == keyid.lower(): raise_err('wrong key ids') if not match.group(1) == str(bits): raise_err('wrong key bits in list') # Import key to the gnupg ret, out, err = run_proc(GPG, [ '--batch', '--passphrase', PASSWORD, '--homedir', GPGDIR, '--import', path.join(RNPDIR, 'pubring.gpg'), path.join(RNPDIR, 'secring.gpg') ]) if ret != 0: raise_err('gpg key import failed', err) # Cleanup and return if cleanup: clear_keyrings() return None else: return keyid
def rnpkey_export_to_gpg(cleanup=True): # Open pipe for password pipe = pswd_pipe(PASSWORD) # Run key generation ret, out, err = run_proc(RNPK, [ '--homedir', RNPDIR, '--pass-fd', str(pipe), '--userid', 'rsakey@rnp', '--generate-key' ]) os.close(pipe) if ret != 0: raise_err('key generation failed', err) # Export key ret, out, err = run_proc( RNPK, ['--homedir', RNPDIR, '--export-key', 'rsakey@rnp']) if ret != 0: raise_err('key export failed', err) pubpath = path.join(RNPDIR, 'rnpkey-pub.asc') with open(pubpath, 'w+') as f: f.write(out) # Import key with GPG ret, out, err = run_proc( GPG, ['--batch', '--homedir', GPGDIR, '--import', pubpath]) if ret != 0: raise_err('gpg : public key import failed', err) if cleanup: clear_keyrings()