def test_gnupg_encrypt_decrypt(self): """ Tests GnuPG encryption and decryption """ # test for unicode input ciphertext_for_unicode = gpgme_encrypt( message=self.rnd_password_unicode, recipient_key_id=self.recipient_key_id) ciphertext_for_unicode2 = gpgme_encrypt( message=self.rnd_password_unicode, recipient_key_id=self.recipient_key_id) # test for bytestring input ciphertext_for_str = gpgme_encrypt( message=self.rnd_password_str, recipient_key_id=self.recipient_key_id) # test for decrypt of unicode self.assertEqual(self.rnd_password_unicode, gpgme_decrypt(ciphertext_for_unicode).decode('utf-8'), 'Unicode string not properly decrypted') # test decrypt for bytesstring self.assertEqual(self.rnd_password_str, gpgme_decrypt(ciphertext_for_str), 'Bytestring not properly decrypted') # theoretical and HIGHLY improbable chance for failure # when GnuPG and the OS work properly # The same input encrypted twice should NOT result # in identical ciphertext self.assertNotEqual(ciphertext_for_unicode, ciphertext_for_unicode2, 'Weak cryptography') self.assertEqual(gpgme_decrypt(ciphertext_for_unicode), gpgme_decrypt(ciphertext_for_unicode2), 'Identical input should result in identical decrypt')
def test_gnupg_encrypt_decrypt(self): """ Tests GnuPG encryption and decryption """ # test for unicode input ciphertext_for_unicode = gpgme_encrypt( message=self.rnd_password_unicode, recipient_key_id=self.recipient_key_id ) ciphertext_for_unicode2 = gpgme_encrypt( message=self.rnd_password_unicode, recipient_key_id=self.recipient_key_id ) # test for bytestring input ciphertext_for_str = gpgme_encrypt(message=self.rnd_password_str, recipient_key_id=self.recipient_key_id) # test for decrypt of unicode self.assertEqual( self.rnd_password_unicode, gpgme_decrypt(ciphertext_for_unicode).decode("utf-8"), "Unicode string not properly decrypted", ) # test decrypt for bytesstring self.assertEqual(self.rnd_password_str, gpgme_decrypt(ciphertext_for_str), "Bytestring not properly decrypted") # theoretical and HIGHLY improbable chance for failure # when GnuPG and the OS work properly # The same input encrypted twice should NOT result # in identical ciphertext self.assertNotEqual(ciphertext_for_unicode, ciphertext_for_unicode2, "Weak cryptography") self.assertEqual( gpgme_decrypt(ciphertext_for_unicode), gpgme_decrypt(ciphertext_for_unicode2), "Identical input should result in identical decrypt", )
def test_add_message(entity, gpg_key, gpg_data): tag = 'some-tag' payload = gpgme_encrypt(message='not encrypted, but who cares', recipient_key_id=gpg_key) row = gpg_data.add_message(entity.entity_id, tag, gpg_key, payload) assert row['message_id'] > 0 assert (row['entity_id'], row['tag'], row['recipient'], row['message']) == (entity.entity_id, tag, gpg_key, payload)
def encrypt_message(self, tag, plaintext): """ Encrypt a plaintext for each recipient for a given tag. :param tag: message tag :param plaintext: the raw data to encrypt :return: a generator that yields tuples with: (tag, recipient, encrypted message) """ for recipient in self.get_recipients(tag): encrypted = gpgme_encrypt(message=plaintext, recipient_key_id=recipient) yield tag, recipient, encrypted
def gpg_message(database, entity, gpg_key, gpg_data): tag = 'some-unique-tag-ea7e7b0bb82c825f' payload = gpgme_encrypt(message='a super secret message', recipient_key_id=gpg_key) orig = gpg_data.add_message(entity.entity_id, tag, gpg_key, payload) # manipulate the message so it looks a bit older database.execute( """ UPDATE [:table schema=cerebrum name=entity_gpg_data] SET created = :ts WHERE message_id = :msgid """, { 'msgid': orig['message_id'], 'ts': datetime.datetime.now() - datetime.timedelta(days=1), }) return dict(gpg_data.get_message_by_id(orig['message_id']))
def add_gpg_data(self, tag, data): """Add GPG encrypted data for the current entity. :param str tag: Data tag :param str data: Raw payload :returns: The saved message IDs, if any :rtype: list of ints or empty list """ message_ids = [] recipients = self._tag_to_recipients.get(tag, None) if recipients is None: raise ValueError("Unknown GPG data tag {!r}".format(tag)) for recipient in recipients: message = gpgme_encrypt(message=data, recipient_key_id=recipient) message_id = self.add_gpg_message(tag=tag, recipient=recipient, message=message) message_ids.append(message_id) return message_ids
def test_get_message_by_id(entity, gpg_key, gpg_data): tag = 'some-tag' payload = gpgme_encrypt(message='secret message', recipient_key_id=gpg_key) row = gpg_data.add_message(entity.entity_id, tag, gpg_key, payload) fetched = gpg_data.get_message_by_id(row['message_id']) assert dict(fetched) == dict(row)