def testGoogleDocFetchKey(self):
'''Attempt to retrieve key via HTTP file download via Google Docs'''
keyURL = "https://docs.google.com/uc?id=0ByJYdR0YE41yNDg2ZTkzYTItNmJjNC00YTgwLTkyYzctZTNiMzAwYzhjYTdh&export=download&hl=en"
fetchedKeys = util.fetchkeys(keyURL)
assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
self.checkKey(fetchedKeys[0], keysource="Google Doc source key")
def testHTTPFetchKey(self):
'''Attempt to retrieve key via HTTP GET that is a part of a file download request'''
keyURL = "http://sites.google.com/site/learningregistrytestdata/home/single-public-pgp-key/key0xA8A790EA220403B7.asc?attredirects=0&d=1"
fetchedKeys = util.fetchkeys(keyURL)
assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
self.checkKey(fetchedKeys[0], keysource="HTTP Download sourced key")
def testSKSFetchKey(self):
'''Attempt to retrieve key via HTTP GET from SKS keyserver'''
keyURL = "http://pool.sks-keyservers.net:11371/pks/lookup?op=get&search=0xA8A790EA220403B7"
fetchedKeys = util.fetchkeys(keyURL)
assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
self.checkKey(fetchedKeys[0], keysource="SKS source key")
def testWebSiteFetchKey(self):
'''Attempt to retrieve key via HTTP GET that is a part of an HTML web page'''
keyURL = "http://sites.google.com/site/learningregistrytestdata/home/single-public-pgp-key"
fetchedKeys = util.fetchkeys(keyURL)
assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
self.checkKey(fetchedKeys[0], keysource="HTML Web Page sourced key")
def testPGPFetchKey(self):
'''Attempt to retrieve key via HTTP GET from Symantec's PGP keyserver'''
keyURL = "http://keyserver.pgp.com/vkd/DownloadKey.event?keyid=0xA8A790EA220403B7"
fetchedKeys = util.fetchkeys(keyURL)
assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
self.checkKey(fetchedKeys[0], keysource="PGP sourced key")
def testPGPFetchKey(self):
'''Attempt to retrieve key via HTTP GET from Symantec's PGP keyserver'''
keyURL = "http://keyserver.pgp.com/vkd/DownloadKey.event?keyid=0xA8A790EA220403B7"
fetchedKeys = util.fetchkeys(keyURL)
assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
self.checkKey(fetchedKeys[0], keysource="PGP sourced key")
def validate_digital_signature(self, doc):
from LRSignature.verify.Verify import Verify_0_21
from LRSignature import util
from LRSignature import errors
verifytool = Verify_0_21(gpgbin=gpgbin)
try:
verified = verifytool.verify(doc)
assert verified == True, "Signature did not validate for document."
except errors.MissingPublicKey:
locations = doc['digital_signature']['key_location']
numImported = 0
for location in locations:
rawKeys = util.fetchkeys(location)
for rawKey in rawKeys:
numImported += util.storekey(self.sampleKey, gpgbin=gpgbin)
if numImported > 0:
break
assert numImported > 0, "No new public keys were imported, but were needed"
try:
verified = verifytool.verify(doc)
assert verified == True, "Signature did not validate for document."
except errors.MissingPublicKey:
raise AssertionError(
"No public key available that can be retrieved to validate doc"
)
def testHTTPFetchKey(self):
'''Attempt to retrieve key via HTTP GET that is a part of a file download request'''
keyURL = "http://sites.google.com/site/learningregistrytestdata/home/single-public-pgp-key/key0xA8A790EA220403B7.asc?attredirects=0&d=1"
fetchedKeys = util.fetchkeys(keyURL)
assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
self.checkKey(fetchedKeys[0], keysource="HTTP Download sourced key")
def testGoogleDocFetchKey(self):
'''Attempt to retrieve key via HTTP file download via Google Docs'''
keyURL = "https://docs.google.com/uc?id=0ByJYdR0YE41yNDg2ZTkzYTItNmJjNC00YTgwLTkyYzctZTNiMzAwYzhjYTdh&export=download&hl=en"
fetchedKeys = util.fetchkeys(keyURL)
assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
self.checkKey(fetchedKeys[0], keysource="Google Doc source key")
def testWebSiteFetchKey(self):
'''Attempt to retrieve key via HTTP GET that is a part of an HTML web page'''
keyURL = "http://sites.google.com/site/learningregistrytestdata/home/single-public-pgp-key"
fetchedKeys = util.fetchkeys(keyURL)
assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
self.checkKey(fetchedKeys[0], keysource="HTML Web Page sourced key")
def testSKSFetchKey(self):
'''Attempt to retrieve key via HTTP GET from SKS keyserver'''
keyURL = "http://pool.sks-keyservers.net:11371/pks/lookup?op=get&search=0xA8A790EA220403B7"
fetchedKeys = util.fetchkeys(keyURL)
assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
self.checkKey(fetchedKeys[0], keysource="SKS source key")
def validate_digital_signature(self, doc):
from LRSignature.verify.Verify import Verify_0_21
from LRSignature import util
from LRSignature import errors
verifytool = Verify_0_21(gpgbin=gpgbin)
try:
verified = verifytool.verify(doc)
assert verified == True, "Signature did not validate for document."
except errors.MissingPublicKey:
locations = doc['digital_signature']['key_location']
numImported = 0
for location in locations:
rawKeys = util.fetchkeys(location)
for rawKey in rawKeys:
numImported += util.storekey(self.sampleKey, gpgbin=gpgbin)
if numImported > 0:
break
assert numImported > 0, "No new public keys were imported, but were needed"
try:
verified = verifytool.verify(doc)
assert verified == True, "Signature did not validate for document."
except errors.MissingPublicKey:
raise AssertionError("No public key available that can be retrieved to validate doc")
def testMultipleFetchKey(self):
'''Attempt to retrieve multiple keys via HTTP GET that is a part of a file download request'''
keyURL = "http://sites.google.com/site/learningregistrytestdata/home/multiple-public-pgp-keys"
fetchedKeys = util.fetchkeys(keyURL)
assert len(fetchedKeys) == 2, "keys could not be retrieved from URL"
self.checkKey(fetchedKeys[0], keysource="HTTP Download sourced key 1")
self.checkKey(fetchedKeys[1], keysource="HTTP Download sourced key 2")
def testMultipleFetchKey(self):
'''Attempt to retrieve multiple keys via HTTP GET that is a part of a file download request'''
keyURL = "http://sites.google.com/site/learningregistrytestdata/home/multiple-public-pgp-keys"
fetchedKeys = util.fetchkeys(keyURL)
assert len(fetchedKeys) == 2, "keys could not be retrieved from URL"
self.checkKey(fetchedKeys[0], keysource="HTTP Download sourced key 1")
self.checkKey(fetchedKeys[1], keysource="HTTP Download sourced key 2")
def _import_keys(key_locations):
num_imported = 0
for loc in key_locations:
raw_keys = util.fetchkeys(loc)
for raw_key in raw_keys:
num_imported += util.storekey(raw_key,
gpgbin=gpg_location)
if num_imported > 0:
return
def _validate_digital_signature(self, doc):
from LRSignature import util
from LRSignature import errors
result = {}
result = {"verified": False}
if doc.has_key("doc_ID"):
result["doc_ID"] = doc["doc_ID"]
if doc.has_key("resource_locator"):
result["resource_locator"] = doc["resource_locator"]
try:
result["verified"] = self.verifytool.verify(doc)
except errors.MissingPublicKey:
locations = doc['digital_signature']['key_location']
numImported = 0
for location in locations:
rawKeys = util.fetchkeys(location)
for rawKey in rawKeys:
numImported += util.storekey(self.sampleKey, gpgbin=self.args.gpgbin, gnupgHome=self.args.gnupghome)
if numImported > 0:
break
try:
result["verified"] = self.verifytool.verify(doc)
except errors.MissingPublicKey:
result["verified"] = False
result["error"] = "No available public key to validate."
except errors.BadSignatureFormat as e:
result["verified"] = False
result["error"] = e.message
except errors.UnknownKeyException as e:
result["verified"] = False
result["error"] = e.message
except errors.UnsupportedSignatureAlgorithm as e:
result["verified"] = False
result["error"] = e.message
except Exception as e:
result["verified"] = False
result["error"] = e.message
return result
def _validate_digital_signature(self, doc):
from LRSignature import util
from LRSignature import errors
result = {}
result = {"verified": False}
if doc.has_key("doc_ID"):
result["doc_ID"] = doc["doc_ID"]
if doc.has_key("resource_locator"):
result["resource_locator"] = doc["resource_locator"]
try:
result["verified"] = self.verifytool.verify(doc)
except errors.MissingPublicKey:
locations = doc['digital_signature']['key_location']
numImported = 0
for location in locations:
rawKeys = util.fetchkeys(location)
for rawKey in rawKeys:
numImported += util.storekey(self.sampleKey,
gpgbin=self.args.gpgbin,
gnupgHome=self.args.gnupghome)
if numImported > 0:
break
try:
result["verified"] = self.verifytool.verify(doc)
except errors.MissingPublicKey:
result["verified"] = False
result["error"] = "No available public key to validate."
except errors.BadSignatureFormat as e:
result["verified"] = False
result["error"] = e.message
except errors.UnknownKeyException as e:
result["verified"] = False
result["error"] = e.message
except errors.UnsupportedSignatureAlgorithm as e:
result["verified"] = False
result["error"] = e.message
except Exception as e:
result["verified"] = False
result["error"] = e.message
return result
try:
v = gpg.verify(document["digital_signature"]["signature"])
res = gpg.recv_keys(_KEYSERVERS[attempt], v.key_id)
except Exception, e:
log.info("Problem with getting keys from keyserver: %s", e)
pass
# try again...
return get_verification_info(document, attempt + 1)
# ran out of key servers, try locations in envelope.
elif attempt == len(_KEYSERVERS):
try:
for loc in document["digital_signature"]["key_location"]:
keys = []
try:
keys = util.fetchkeys(loc)
except Exception, e:
log.info("Problem fetching key from location: %s", e)
for key in keys:
try:
util.storekey(key, gpg.gnupghome, gpg.gpgbinary)
except Exception, e:
log.info(
"Problem importing or storing key from location: %s",
e)
# try again...
return get_verification_info(document, attempt + 1)
except:
pass
try:
v = gpg.verify(document["digital_signature"]["signature"])
res = gpg.recv_keys(_KEYSERVERS[attempt], v.key_id)
except Exception, e:
log.info("Problem with getting keys from keyserver: %s", e)
pass
# try again...
return get_verification_info(document, attempt+1)
# ran out of key servers, try locations in envelope.
elif attempt == len(_KEYSERVERS):
try:
for loc in document["digital_signature"]["key_location"]:
keys = []
try:
keys = util.fetchkeys(loc)
except Exception, e:
log.info("Problem fetching key from location: %s", e)
for key in keys:
try:
util.storekey(key, gpg.gnupghome, gpg.gpgbinary)
except Exception, e:
log.info("Problem importing or storing key from location: %s", e)
# try again...
return get_verification_info(document, attempt+1)
except:
pass
except SignatureException as ex:
