def test_openpgp_put_delete_key(self):
pgp = openpgp.OpenPGPScheme(self._soledad)
self.assertRaises(KeyNotFound, pgp.get_key, ADDRESS)
pgp.put_ascii_key(PUBLIC_KEY)
key = pgp.get_key(ADDRESS, private=False)
pgp.delete_key(key)
self.assertRaises(KeyNotFound, pgp.get_key, ADDRESS)
def test_openpgp_encrypt_decrypt_asym(self):
# encrypt
pgp = openpgp.OpenPGPScheme(self._soledad)
pgp.put_ascii_key(PUBLIC_KEY)
pubkey = pgp.get_key(ADDRESS, private=False)
cyphertext = openpgp.encrypt_asym('data', pubkey)
# assert
self.assertTrue(cyphertext is not None)
self.assertTrue(cyphertext != '')
self.assertTrue(cyphertext != 'data')
self.assertTrue(openpgp.is_encrypted_asym(cyphertext))
self.assertFalse(openpgp.is_encrypted_sym(cyphertext))
self.assertTrue(openpgp.is_encrypted(cyphertext))
# decrypt
self.assertRaises(
KeyNotFound, pgp.get_key, ADDRESS, private=True)
pgp.put_ascii_key(PRIVATE_KEY)
privkey = pgp.get_key(ADDRESS, private=True)
plaintext = openpgp.decrypt_asym(cyphertext, privkey)
pgp.delete_key(pubkey)
pgp.delete_key(privkey)
self.assertRaises(
KeyNotFound, pgp.get_key, ADDRESS, private=False)
self.assertRaises(
KeyNotFound, pgp.get_key, ADDRESS, private=True)
def test_missing_key_accepts_address(self):
"""
Test if server accepts to send unencrypted when 'encrypted_only' is
False.
"""
# remove key from key manager
pubkey = self._km.get_key(ADDRESS, openpgp.OpenPGPKey)
pgp = openpgp.OpenPGPScheme(self._soledad)
pgp.delete_key(pubkey)
# mock the key fetching
self._km.fetch_keys_from_server = Mock(return_value=[])
# change the configuration
self._config['encrypted_only'] = False
# prepare the SMTP factory
proto = SMTPFactory(
self._km, self._config).buildProtocol(('127.0.0.1', 0))
transport = proto_helpers.StringTransport()
proto.makeConnection(transport)
proto.lineReceived(self.EMAIL_DATA[0] + '\r\n')
proto.lineReceived(self.EMAIL_DATA[1] + '\r\n')
proto.lineReceived(self.EMAIL_DATA[2] + '\r\n')
# ensure the address was accepted
lines = transport.value().rstrip().split('\n')
self.assertEqual(
'250 Recipient address accepted',
lines[-1],
'Address should have been accepted with appropriate message.')
def test_sign_verify(self):
pgp = openpgp.OpenPGPScheme(self._soledad)
pgp.put_ascii_key(PRIVATE_KEY)
data = 'data'
privkey = pgp.get_key(ADDRESS, private=True)
signed = openpgp.sign(data, privkey)
pubkey = pgp.get_key(ADDRESS, private=False)
self.assertTrue(openpgp.verify(signed, pubkey))
def test_encrypt_sym_sign_with_public_raises(self):
pgp = openpgp.OpenPGPScheme(self._soledad)
pgp.put_ascii_key(PUBLIC_KEY)
data = 'data'
pubkey = pgp.get_key(ADDRESS, private=False)
self.assertRaises(
AssertionError,
openpgp.encrypt_sym, data, '123', sign=pubkey)
def test_verify_with_private_raises(self):
pgp = openpgp.OpenPGPScheme(self._soledad)
pgp.put_ascii_key(PRIVATE_KEY)
data = 'data'
privkey = pgp.get_key(ADDRESS, private=True)
signed = openpgp.sign(data, privkey)
self.assertRaises(
AssertionError,
openpgp.verify, signed, privkey)
def _test_openpgp_gen_key(self):
pgp = openpgp.OpenPGPScheme(self._soledad)
self.assertRaises(KeyNotFound, pgp.get_key, '*****@*****.**')
key = pgp.gen_key('*****@*****.**')
self.assertIsInstance(key, openpgp.OpenPGPKey)
self.assertEqual(
'*****@*****.**', key.address, 'Wrong address bound to key.')
self.assertEqual(
'4096', key.length, 'Wrong key length.')
def test_encrypt_sym_sign_decrypt_verify(self):
pgp = openpgp.OpenPGPScheme(self._soledad)
pgp.put_ascii_key(PRIVATE_KEY)
data = 'data'
privkey = pgp.get_key(ADDRESS, private=True)
pubkey = pgp.get_key(ADDRESS, private=False)
encrypted_and_signed = openpgp.encrypt_sym(data, '123', sign=privkey)
res = openpgp.decrypt_sym(
encrypted_and_signed, '123', verify=pubkey)
self.assertEqual(data, res)
def test_decrypt_sym_verify_with_private_raises(self):
pgp = openpgp.OpenPGPScheme(self._soledad)
pgp.put_ascii_key(PRIVATE_KEY)
data = 'data'
privkey = pgp.get_key(ADDRESS, private=True)
encrypted_and_signed = openpgp.encrypt_sym(data, '123', sign=privkey)
self.assertRaises(
AssertionError,
openpgp.decrypt_sym,
encrypted_and_signed, 'decrypt', verify=privkey)
def test_decrypt_sym_verify_with_private_raises(self):
pgp = openpgp.OpenPGPScheme(self._soledad)
pgp.put_ascii_key(PRIVATE_KEY)
data = 'data'
privkey = pgp.get_key(ADDRESS, private=True)
encrypted_and_signed = openpgp.encrypt_sym(data, '123', sign=privkey)
pgp.put_ascii_key(PUBLIC_KEY_2)
wrongkey = pgp.get_key('*****@*****.**')
self.assertRaises(
errors.InvalidSignature,
openpgp.verify, encrypted_and_signed, wrongkey)
def test_verify_with_wrong_key_raises(self):
pgp = openpgp.OpenPGPScheme(self._soledad)
pgp.put_ascii_key(PRIVATE_KEY)
data = 'data'
privkey = pgp.get_key(ADDRESS, private=True)
signed = openpgp.sign(data, privkey)
pgp.put_ascii_key(PUBLIC_KEY_2)
wrongkey = pgp.get_key(ADDRESS_2)
self.assertRaises(
errors.InvalidSignature,
openpgp.verify, signed, wrongkey)
def test_get_public_key(self):
pgp = openpgp.OpenPGPScheme(self._soledad)
self.assertRaises(KeyNotFound, pgp.get_key, ADDRESS)
pgp.put_ascii_key(PUBLIC_KEY)
self.assertRaises(
KeyNotFound, pgp.get_key, ADDRESS, private=True)
key = pgp.get_key(ADDRESS, private=False)
self.assertEqual(ADDRESS, key.address)
self.assertFalse(key.private)
self.assertEqual(KEY_FINGERPRINT, key.fingerprint)
pgp.delete_key(key)
self.assertRaises(KeyNotFound, pgp.get_key, ADDRESS)
def test_openpgp_put_ascii_key(self):
pgp = openpgp.OpenPGPScheme(self._soledad)
self.assertRaises(KeyNotFound, pgp.get_key, ADDRESS)
pgp.put_ascii_key(PUBLIC_KEY)
key = pgp.get_key(ADDRESS, private=False)
self.assertIsInstance(key, openpgp.OpenPGPKey)
self.assertEqual(
ADDRESS, key.address, 'Wrong address bound to key.')
self.assertEqual(
'4096', key.length, 'Wrong key length.')
pgp.delete_key(key)
self.assertRaises(KeyNotFound, pgp.get_key, ADDRESS)
def setUp(self):
# mimic BaseLeapTest.setUpClass behaviour, because this is deprecated
# in Twisted: http://twistedmatrix.com/trac/ticket/1870
self.old_path = os.environ['PATH']
self.old_home = os.environ['HOME']
self.tempdir = tempfile.mkdtemp(prefix="leap_tests-")
self.home = self.tempdir
bin_tdir = os.path.join(
self.tempdir,
'bin')
os.environ["PATH"] = bin_tdir
os.environ["HOME"] = self.tempdir
# setup our own stuff
address = '*****@*****.**' # user's address in the form user@provider
uuid = '*****@*****.**'
passphrase = '123'
secret_path = os.path.join(self.tempdir, 'secret.gpg')
local_db_path = os.path.join(self.tempdir, 'soledad.u1db')
server_url = 'http://provider/'
cert_file = ''
# mock key fetching and storing so Soledad doesn't fail when trying to
# reach the server.
Soledad._fetch_keys_from_shared_db = Mock(return_value=None)
Soledad._assert_keys_in_shared_db = Mock(return_value=None)
# instantiate soledad
self._soledad = Soledad(
uuid,
passphrase,
secret_path,
local_db_path,
server_url,
cert_file,
)
self._config = {
'host': 'http://provider/',
'port': 25,
'username': address,
'password': '******',
'encrypted_only': True
}
nickserver_url = '' # the url of the nickserver
self._km = KeyManager(address, nickserver_url, self._soledad)
# insert test keys in key manager.
pgp = openpgp.OpenPGPScheme(self._soledad)
pgp.put_ascii_key(PRIVATE_KEY)
pgp.put_ascii_key(PRIVATE_KEY_2)
def test_encrypt_asym_sign_decrypt_verify(self):
pgp = openpgp.OpenPGPScheme(self._soledad)
pgp.put_ascii_key(PRIVATE_KEY)
pubkey = pgp.get_key(ADDRESS, private=False)
privkey = pgp.get_key(ADDRESS, private=True)
pgp.put_ascii_key(PRIVATE_KEY_2)
pubkey2 = pgp.get_key(ADDRESS_2, private=False)
privkey2 = pgp.get_key(ADDRESS_2, private=True)
data = 'data'
encrypted_and_signed = openpgp.encrypt_asym(
data, pubkey2, sign=privkey)
res = openpgp.decrypt_asym(
encrypted_and_signed, privkey2, verify=pubkey)
self.assertTrue(data, res)