def verify_gpg_signature(detached_file, signature_file, key_file):
signature = read_file(signature_file, binary=True)
#not generic but ok if the signature is generated in linux
#this is to avoid the signature to be misinterpreted when parsed in another OS
signature = signature.replace('\n', os.linesep)
key = read_file(key_file, binary=True)
message = read_file(detached_file, binary=True)
result = verify_str(signature, key, detached=message)
return result == message
def verify_gpg_signature(detached_file, signature_file, key_file):
signature = read_file(signature_file, binary=True)
#not generic but ok if the signature is generated in linux
#this is to avoid the signature to be misinterpreted when parsed in another OS
signature = signature.replace('\n', os.linesep)
key = read_file(key_file, binary=True)
message = read_file(detached_file, binary=True)
result = verify_str(signature, key, detached=message)
return result == message
def testE02SignTextKeyID(self):
"sign_str()/verify_str() text (0x01) using key ID"
lit_d = read_test_file(['pgpfiles','cleartext.txt'])
seckey_d = read_test_file(['pgpfiles','key','DSAELG1.sec.asc'])
pubkey_d = read_test_file(['pgpfiles','key','DSAELG1.pub.asc'])
signed = sign_str(0x01, seckey_d, target=lit_d,
use_key=(None, '0CFC2B6DCC079DF3'),
passphrase='test')
verified = verify_str(signed, pubkey_d)
self.assertEqual(lit_d, list_pkts(verified)[0].body.data)
def testE01SignBinaryAsMsgViaUID(self):
"sign_str()/verify_str() binary (0x00) using user ID"
lit_d = read_test_file(['pgpfiles','cleartext.txt'])
seckey_d = read_test_file(['pgpfiles','key','DSAELG1.sec.asc'])
pubkey_d = read_test_file(['pgpfiles','key','DSAELG1.pub.asc'])
signed = sign_str(0x00, seckey_d, target=lit_d,
use_userid=(None,'Tester'),
passphrase='test')
verified = verify_str(signed, pubkey_d)
self.assertEqual(lit_d, list_pkts(verified)[0].body.data)
def testE02SignTextKeyID(self):
"sign_str()/verify_str() text (0x01) using key ID"
lit_d = read_test_file(['pgpfiles', 'cleartext.txt'])
seckey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.sec.asc'])
pubkey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.pub.asc'])
signed = sign_str(0x01,
seckey_d,
target=lit_d,
use_key=(None, '0CFC2B6DCC079DF3'),
passphrase='test')
verified = verify_str(signed, pubkey_d)
self.assertEqual(lit_d, list_pkts(verified)[0].body.data)
def testE01SignBinaryAsMsgViaUID(self):
"sign_str()/verify_str() binary (0x00) using user ID"
lit_d = read_test_file(['pgpfiles', 'cleartext.txt'])
seckey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.sec.asc'])
pubkey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.pub.asc'])
signed = sign_str(0x00,
seckey_d,
target=lit_d,
use_userid=(None, 'Tester'),
passphrase='test')
verified = verify_str(signed, pubkey_d)
self.assertEqual(lit_d, list_pkts(verified)[0].body.data)
def testE03SignDetached(self):
"sign_str()/verify_str() detached binary (0x00) using key ID"
lit_d = read_test_file(['pgpfiles','cleartext.txt'])
seckey_d = read_test_file(['pgpfiles','key','DSAELG1.sec.asc'])
pubkey_d = read_test_file(['pgpfiles','key','DSAELG1.pub.asc'])
sigtype = 0x01
keyid_d = "0CFC2B6DCC079DF3"
passphrase = "test"
sigpkt = sign_str(0x01, seckey_d, target=lit_d,
use_key=(None, '0CFC2B6DCC079DF3'),
passphrase='test',
detach=True)
verified = verify_str(sigpkt, pubkey_d, detached=lit_d)
self.assertEqual(lit_d, verified)
def testE05SignBinaryAsStringUsingUID(self):
"sign_str()/verify_str() check literal data options"
lit_d = read_test_file(['pgpfiles','cleartext.txt'])
seckey_d = read_test_file(['pgpfiles','key','DSAELG1.sec.asc'])
pubkey_d = read_test_file(['pgpfiles','key','DSAELG1.pub.asc'])
signed = sign_str(0x00, seckey_d, target=lit_d,
use_userid=(None,'Tester'),
passphrase='test',
lit_filename='testfilename',
lit_modified=100)
verified = verify_str(signed, pubkey_d) # verified strips sigs..
literal_body = list_as_signed(verified)[0].literals[0].body
self.assertEqual('b', literal_body.format)
self.assertEqual(lit_d, literal_body.data)
self.assertEqual('testfilename', literal_body.filename)
self.assertEqual(100, literal_body.modified)
def testE03SignDetached(self):
"sign_str()/verify_str() detached binary (0x00) using key ID"
lit_d = read_test_file(['pgpfiles', 'cleartext.txt'])
seckey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.sec.asc'])
pubkey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.pub.asc'])
sigtype = 0x01
keyid_d = "0CFC2B6DCC079DF3"
passphrase = "test"
sigpkt = sign_str(0x01,
seckey_d,
target=lit_d,
use_key=(None, '0CFC2B6DCC079DF3'),
passphrase='test',
detach=True)
verified = verify_str(sigpkt, pubkey_d, detached=lit_d)
self.assertEqual(lit_d, verified)
def testE04SignSubkey(self):
"sign_str()/verify_str() subkey direct (0x1F) w/ lots of subpackets"
seckey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.sec.asc'])
pubkey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.pub.asc'])
keyid = "0CFC2B6DCC079DF3"
opts = {
'use_key': (None, keyid),
'passphrase': "test",
'target': pubkey_d,
'target_key': (None, "CB7D6980A1F2BEF6"),
'sig_signerid': keyid,
'sig_created': 100,
'sig_expires': 4294967295,
'sig_keyexpires': 4294967200,
'sig_revoker':
(0x80, 1, "AB06532F70BD5CD68978D0181AC964878A17BAC6"),
#'sig_note':"n1@test::v1 ,, n2@test:: v2,,n3@test:: v3 ",
'sig_note': [("n1@test", "v1"), ("n2@test", "v2"),
("n3@test", "v3")],
'sig_policyurl': "http://policy.com"
}
#keymsg = sign_str(0x1F, seckey_d, **opts)
signed = sign_str(0x1F, seckey_d, **opts)
keymsg = list_as_signed(signed)[0]
sigpkt = keymsg._b_subkeys['CB7D6980A1F2BEF6'].local_direct[0]
# the subpkt order is determined by their order of appendage in
# sign_str() which isn't important, it's just convenient for testing
h = sigpkt.body.hashed_subpkts
[signerid, created, sig_exp, key_exp, n1, n2, n3, url, revoker] = h
self.assertEqual((0x10, keyid), (signerid.type, signerid.value))
self.assertEqual((0x02, 100), (created.type, created.value))
self.assertEqual((0x03, 4294967295), (sig_exp.type, sig_exp.value))
self.assertEqual((0x09, 4294967200), (key_exp.type, key_exp.value))
self.assertEqual((0x14, "n1@test", "v1"),
(n1.type, n1.value[1], n1.value[2]))
self.assertEqual((0x14, "n2@test", "v2"),
(n2.type, n2.value[1], n2.value[2]))
self.assertEqual((0x14, "n3@test", "v3"),
(n3.type, n3.value[1], n3.value[2]))
self.assertEqual((0x1A, "http://policy.com"), (url.type, url.value))
self.assertEqual(
(0x0C, (128, 1, "AB06532F70BD5CD68978D0181AC964878A17BAC6")),
(revoker.type, revoker.value))
# verify new sig (everything in signed is verified against pubkey_d)
verified = verify_str(signed, pubkey_d)
self.assertEqual(verified, signed)
def testE05SignBinaryAsStringUsingUID(self):
"sign_str()/verify_str() check literal data options"
lit_d = read_test_file(['pgpfiles', 'cleartext.txt'])
seckey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.sec.asc'])
pubkey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.pub.asc'])
signed = sign_str(0x00,
seckey_d,
target=lit_d,
use_userid=(None, 'Tester'),
passphrase='test',
lit_filename='testfilename',
lit_modified=100)
verified = verify_str(signed, pubkey_d) # verified strips sigs..
literal_body = list_as_signed(verified)[0].literals[0].body
self.assertEqual('b', literal_body.format)
self.assertEqual(lit_d, literal_body.data)
self.assertEqual('testfilename', literal_body.filename)
self.assertEqual(100, literal_body.modified)
def testE04SignSubkey(self):
"sign_str()/verify_str() subkey direct (0x1F) w/ lots of subpackets"
seckey_d = read_test_file(['pgpfiles','key','DSAELG1.sec.asc'])
pubkey_d = read_test_file(['pgpfiles','key','DSAELG1.pub.asc'])
keyid = "0CFC2B6DCC079DF3"
opts = {'use_key':(None, keyid),
'passphrase':"test",
'target':pubkey_d,
'target_key':(None,"CB7D6980A1F2BEF6"),
'sig_signerid':keyid,
'sig_created':100,
'sig_expires':4294967295,
'sig_keyexpires':4294967200,
'sig_revoker':(0x80,1,"AB06532F70BD5CD68978D0181AC964878A17BAC6"),
#'sig_note':"n1@test::v1 ,, n2@test:: v2,,n3@test:: v3 ",
'sig_note':[("n1@test","v1"),("n2@test","v2"),("n3@test","v3")],
'sig_policyurl':"http://policy.com"}
#keymsg = sign_str(0x1F, seckey_d, **opts)
signed = sign_str(0x1F, seckey_d, **opts)
keymsg = list_as_signed(signed)[0]
sigpkt = keymsg._b_subkeys['CB7D6980A1F2BEF6'].local_direct[0]
# the subpkt order is determined by their order of appendage in
# sign_str() which isn't important, it's just convenient for testing
h = sigpkt.body.hashed_subpkts
[signerid, created, sig_exp, key_exp, n1, n2, n3, url, revoker] = h
self.assertEqual((0x10, keyid), (signerid.type, signerid.value))
self.assertEqual((0x02, 100), (created.type, created.value))
self.assertEqual((0x03, 4294967295), (sig_exp.type, sig_exp.value))
self.assertEqual((0x09, 4294967200), (key_exp.type, key_exp.value))
self.assertEqual((0x14, "n1@test", "v1"), (n1.type, n1.value[1], n1.value[2]))
self.assertEqual((0x14, "n2@test", "v2"), (n2.type, n2.value[1], n2.value[2]))
self.assertEqual((0x14, "n3@test", "v3"), (n3.type, n3.value[1], n3.value[2]))
self.assertEqual((0x1A, "http://policy.com"), (url.type, url.value))
self.assertEqual((0x0C, (128, 1, "AB06532F70BD5CD68978D0181AC964878A17BAC6")), (revoker.type, revoker.value))
# verify new sig (everything in signed is verified against pubkey_d)
verified = verify_str(signed, pubkey_d)
self.assertEqual(verified, signed)
def testB05VerifyKey(self):
"verify_str() verify local key sigs (headers lost in armored output)"
key_d = read_test_file(['pgpfiles','key','DSAELG1.pub.asc'])
verified = verify_str(key_d, key_d)
self.assertEqual(list_as_signed(key_d), list_as_signed(verified))
def testB04VerifyDSACompressed(self):
"verify_str() DSA compressed one-pass sig with armored key (native output)"
lit_d = "\xac/b\rcleartext.txt?\x07+kThis is some ordinary text.\n"
sig_d = read_test_file(['pgpfiles','sig','sig.DSAELG1.comp.gpg'])
key_d = read_test_file(['pgpfiles','key','DSAELG1.pub.asc'])
self.assertEqual(lit_d, verify_str(sig_d, key_d)) # no armoring
def testB03VerifyDSADetached(self):
"verify_str() DSA detached sig with armored key"
sig_d = read_test_file(['pgpfiles','sig','sig.DSAELG1.detached.gpg'])
det_d = read_test_file(['pgpfiles','cleartext.txt'])
key_d = read_test_file(['pgpfiles','key','DSAELG1.pub.asc'])
self.assertEqual(det_d, verify_str(sig_d, key_d, detached=det_d))
def testB03VerifyDSADetached(self):
"verify_str() DSA detached sig with armored key"
sig_d = read_test_file(['pgpfiles', 'sig', 'sig.DSAELG1.detached.gpg'])
det_d = read_test_file(['pgpfiles', 'cleartext.txt'])
key_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.pub.asc'])
self.assertEqual(det_d, verify_str(sig_d, key_d, detached=det_d))
def testB05VerifyKey(self):
"verify_str() verify local key sigs (headers lost in armored output)"
key_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.pub.asc'])
verified = verify_str(key_d, key_d)
self.assertEqual(list_as_signed(key_d), list_as_signed(verified))
def testB04VerifyDSACompressed(self):
"verify_str() DSA compressed one-pass sig with armored key (native output)"
lit_d = "\xac/b\rcleartext.txt?\x07+kThis is some ordinary text.\n"
sig_d = read_test_file(['pgpfiles', 'sig', 'sig.DSAELG1.comp.gpg'])
key_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.pub.asc'])
self.assertEqual(lit_d, verify_str(sig_d, key_d)) # no armoring
def testB01VerifyDSAClearsigned(self):
"verify_str() DSA clearsigned with armored key"
sig_d = read_test_file(['pgpfiles', 'sig', 'sig.DSAELG1.clear.asc'])
key_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.pub.asc'])
self.assertEqual("This is some ordinary text.",
verify_str(sig_d, key_d))
def testB02VerifyDSANativeOnePass(self):
"verify_str() DSA one-pass sig (armored output)"
sig_d = read_test_file(['pgpfiles','sig','sig.DSAELG1.onepass.gpg'])
key_d = read_test_file(['pgpfiles','key','DSAELG1.pub.asc'])
armored = verify_str(sig_d, key_d, armor=True)
self.assertEqual(True, looks_armored(armored))
def testB01VerifyDSAClearsigned(self):
"verify_str() DSA clearsigned with armored key"
sig_d = read_test_file(['pgpfiles','sig','sig.DSAELG1.clear.asc'])
key_d = read_test_file(['pgpfiles','key','DSAELG1.pub.asc'])
self.assertEqual("This is some ordinary text.", verify_str(sig_d, key_d))
def testB02VerifyDSANativeOnePass(self):
"verify_str() DSA one-pass sig (armored output)"
sig_d = read_test_file(['pgpfiles', 'sig', 'sig.DSAELG1.onepass.gpg'])
key_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.pub.asc'])
armored = verify_str(sig_d, key_d, armor=True)
self.assertEqual(True, looks_armored(armored))
