def setUpClass(self):
"""Create and change into temporary directory,
generate key pair, dummy artifact and base arguments. """
self.working_dir = os.getcwd()
self.test_dir = tempfile.mkdtemp()
# Copy gpg keyring
self.default_gpg_keyid = "8465a1e2e0fb2b40adb2478e18fb3f537e0c8a17"
self.default_gpg_subkeyid = "c5a0abe6ec19d0d65f85e2c39be9df5131d924e9"
self.non_default_gpg_keyid = "8288ef560ed3795f9df2c0db56193089b285da58"
gpg_keyring_path = os.path.join(
os.path.dirname(os.path.realpath(__file__)), "gpg_keyrings", "rsa")
self.gnupg_home = os.path.join(self.test_dir, "rsa")
shutil.copytree(gpg_keyring_path, self.gnupg_home)
os.chdir(self.test_dir)
self.key_path = "test_key"
generate_and_write_rsa_keypair(self.key_path)
self.key = prompt_import_rsa_key_from_file(self.key_path)
self.test_step = "test_step"
self.test_link = FILENAME_FORMAT.format(step_name=self.test_step,
keyid=self.key["keyid"])
self.test_artifact = "test_artifact"
open(self.test_artifact, "w").close()
def test_create_and_import_encrypted_rsa_no_password(self):
"""Try import encrypted RSA key without or wrong pw, raises exception. """
name = "key3"
password = "******"
bits = 3072
generate_and_write_rsa_keypair(name, bits, password)
with self.assertRaises(securesystemslib.exceptions.CryptoError):
import_rsa_key_from_file(name)
with self.assertRaises(securesystemslib.exceptions.CryptoError):
import_rsa_key_from_file(name, "wrong-password")
def test_create_and_import_rsa(self):
"""Create RS key and import private and public key separately. """
name = "key1"
generate_and_write_rsa_keypair(name)
private_key = import_rsa_key_from_file(name)
public_key = import_rsa_key_from_file(name + ".pub")
securesystemslib.formats.KEY_SCHEMA.check_match(private_key)
self.assertTrue(private_key["keyval"].get("private"))
self.assertTrue(
securesystemslib.formats.PUBLIC_KEY_SCHEMA.matches(public_key))
def setUpClass(self):
"""Create and change into temporary directory,
generate key pair, dummy artifact and base arguments. """
self.test_dir = tempfile.mkdtemp()
os.chdir(self.test_dir)
self.key_path = "test_key"
generate_and_write_rsa_keypair(self.key_path)
self.key = prompt_import_rsa_key_from_file(self.key_path)
self.test_artifact = "test_artifact"
open(self.test_artifact, "w").close()
def test_create_and_import_encrypted_rsa_nondefault_length(self):
name = "key_encrypted_2"
password = "******"
bits = 2048
generate_and_write_rsa_keypair(name, bits, password)
private_key = import_rsa_key_from_file(name, password)
public_key = import_rsa_key_from_file(name + ".pub")
securesystemslib.formats.KEY_SCHEMA.check_match(private_key)
self.assertTrue(private_key["keyval"].get("private"))
self.assertTrue(
securesystemslib.formats.PUBLIC_KEY_SCHEMA.matches(public_key))
def test_create_and_import_encrypted_rsa(self):
"""Create ecrypted RSA key and import private and public key separately."""
name = "key_encrypted"
password = "******"
bits = 3072
generate_and_write_rsa_keypair(name, bits, password)
private_key = import_rsa_key_from_file(name, password)
public_key = import_rsa_key_from_file(name + ".pub")
securesystemslib.formats.KEY_SCHEMA.check_match(private_key)
self.assertTrue(private_key["keyval"].get("private"))
self.assertTrue(
securesystemslib.formats.PUBLIC_KEY_SCHEMA.matches(public_key))
def setUpClass(self):
"""Create and change into temporary directory, generate key pair and dummy
material, read key pair. """
self.set_up_test_dir()
self.step_name = "test_step"
self.key_path = "test_key"
generate_and_write_rsa_keypair(self.key_path)
self.key = prompt_import_rsa_key_from_file(self.key_path)
self.key_pub = prompt_import_rsa_key_from_file(self.key_path + ".pub")
self.test_artifact = "test_artifact"
open(self.test_artifact, "w").close()
def setUpClass(self):
"""Create and change into temporary directory, generate key pair and dummy
material, read key pair. """
self.set_up_test_dir()
self.key_path = "test_key"
generate_and_write_rsa_keypair(self.key_path)
self.key = prompt_import_rsa_key_from_file(self.key_path)
self.step_name = "test_step"
self.link_name_unfinished = UNFINISHED_FILENAME_FORMAT.format(
step_name=self.step_name, keyid=self.key["keyid"])
self.test_material = "test_material"
open(self.test_material, "w").close()
def setUpClass(self):
"""Create and change into temporary directory,
generate key pair, dummy artifact and base arguments. """
self.working_dir = os.getcwd()
self.test_dir = tempfile.mkdtemp()
os.chdir(self.test_dir)
self.key_path = "test_key"
generate_and_write_rsa_keypair(self.key_path)
self.key = prompt_import_rsa_key_from_file(self.key_path)
self.test_step = "test_step"
self.test_link = FILENAME_FORMAT.format(step_name=self.test_step,
keyid=self.key["keyid"])
self.test_artifact = "test_artifact"
open(self.test_artifact, "w").close()
def setUpClass(self):
"""Create and change into temporary directory, generate two key pairs
and dummy product. """
self.set_up_test_dir()
self.key_path = "test-key"
self.key_path2 = "test-key2"
generate_and_write_rsa_keypair(self.key_path)
generate_and_write_rsa_keypair(self.key_path2)
self.key = prompt_import_rsa_key_from_file(self.key_path)
self.key2 = prompt_import_rsa_key_from_file(self.key_path2)
self.step_name = "test-step"
self.link_name = "{}.{:.8}.link".format(self.step_name,
self.key["keyid"])
self.link_name_unfinished = UNFINISHED_FILENAME_FORMAT.format(
step_name=self.step_name, keyid=self.key["keyid"])
self.test_product = "test_product"
open(self.test_product, "w").close()
def test_import_rsa_public_keys_from_files_as_dict(self):
"""Create and import multiple rsa public keys and return KEYDICT. """
name1 = "key4"
name2 = "key5"
generate_and_write_rsa_keypair(name1)
generate_and_write_rsa_keypair(name2)
# Succefully import public keys as keydictionary
key_dict = import_rsa_public_keys_from_files_as_dict([name1 + ".pub",
name2 + ".pub"])
securesystemslib.formats.KEYDICT_SCHEMA.check_match(key_dict)
# Import wrongly formatted key raises an exception
not_an_rsa = "not_an_rsa"
open(not_an_rsa, "w").write(not_an_rsa)
with self.assertRaises(securesystemslib.exceptions.FormatError):
import_rsa_public_keys_from_files_as_dict([name1 + ".pub", not_an_rsa])
# Import private key raises an exception
with self.assertRaises(securesystemslib.exceptions.FormatError):
import_rsa_public_keys_from_files_as_dict([name1, name2])
def setUpClass(self):
"""Create and change into temporary directory,
generate key pair, dummy artifact and base arguments. """
self.set_up_test_dir()
self.set_up_gpg_keys()
self.rsa_key_path = "test_key_rsa"
generate_and_write_rsa_keypair(self.rsa_key_path)
self.rsa_key = import_private_key_from_file(self.rsa_key_path,
KEY_TYPE_RSA)
self.ed25519_key_path = "test_key_ed25519"
generate_and_write_ed25519_keypair(self.ed25519_key_path)
self.ed25519_key = import_private_key_from_file(
self.ed25519_key_path, KEY_TYPE_ED25519)
self.test_step = "test_step"
self.test_link_rsa = FILENAME_FORMAT.format(
step_name=self.test_step, keyid=self.rsa_key["keyid"])
self.test_link_ed25519 = FILENAME_FORMAT.format(
step_name=self.test_step, keyid=self.ed25519_key["keyid"])
self.test_artifact = "test_artifact"
open(self.test_artifact, "w").close()
#!/usr/bin/python
from in_toto.models.layout import Layout, Step
from in_toto.models.metadata import Metablock
from in_toto.util import generate_and_write_rsa_keypair, import_rsa_key_from_file
generate_and_write_rsa_keypair("build_key")
build_key = import_rsa_key_from_file("build_key.pub")
layout = Layout()
build = Step(name="build")
build.expected_materials.append(['ALLOW', 'package.json'])
build.expected_materials.append(['ALLOW', 'index.js'])
build.expected_command = ['npm', 'install']
layout.steps.append(build)
layout.add_functionary_key(build_key)
build.pubkeys.append(build_key['keyid'])
generate_and_write_rsa_keypair("root_key")
root_key = import_rsa_key_from_file("root_key")
metablock = Metablock(signed=layout)
metablock.sign(root_key)
metablock.dump("root.layout")
def test_in_toto_keygen_generate_and_write_rsa_keypair(self):
"""in_toto_keygen_generate_and_write_rsa_keypair run through. """
bits = 3072
generate_and_write_rsa_keypair("bob", bits)
