def test_invalid_algorithm_checksumfile2(self): with pytest.raises(ValueError): IcetrustUtils.verify_checksum(os.path.join(TEST_DIR, 'file1.txt'), 'rc4', checksumfile=os.path.join( TEST_DIR, 'file1.txt.SHA256SUMS'))
def test_invalid_file_verbose(self, tmp_path, mock_msg_callback): gpg = IcetrustUtils.pgp_init(tmp_path) assert IcetrustUtils.pgp_import_keys( gpg, keyfile='foobar', msg_callback=mock_msg_callback) is False assert len(mock_msg_callback.messages) == 1 assert mock_msg_callback.messages[ 0] == "[Errno 2] No such file or directory: 'foobar'"
def test_invalid_fromkeyid(self, mock_msg_callback): # TODO: Switch to use tmp_path fixture temp_dir_obj = tempfile.TemporaryDirectory() tmp_path = os.path.join(temp_dir_obj.name, '') gpg = IcetrustUtils.pgp_init(tmp_path) assert IcetrustUtils.pgp_import_keys( gpg, keyid='foobar', keyserver='keyserver.ubuntu.com', msg_callback=mock_msg_callback) is False
def test_invalid_wrong_signature_verbose(self, tmp_path, copy_keyring, mock_msg_callback): gpg = IcetrustUtils.pgp_init(tmp_path) assert IcetrustUtils.pgp_verify( gpg, os.path.join(TEST_DIR, 'file1.txt'), os.path.join(TEST_DIR, 'file1.SHA256SUMS.txt.sig'), msg_callback=mock_msg_callback) is False assert len(mock_msg_callback.messages) == 1 assert mock_msg_callback.messages[0] ==\ "[Errno 2] No such file or directory: 'test_data/file1.SHA256SUMS.txt.sig'"
def test_valid_fromfile_verbose(self, tmp_path, mock_msg_callback): gpg = IcetrustUtils.pgp_init(tmp_path) assert IcetrustUtils.pgp_import_keys( gpg, keyfile=os.path.join(TEST_DIR, 'pgp_keys.txt'), msg_callback=mock_msg_callback) is True assert len(mock_msg_callback.messages) == 2 assert mock_msg_callback.messages[ 0] == '--- Results of key import ---\n' assert '[GNUPG:] IMPORTED FBFCC82A015E7330' in mock_msg_callback.messages[ 1]
def test_valid_file_verbose(self, tmp_path, copy_keyring, mock_msg_callback): gpg = IcetrustUtils.pgp_init(tmp_path) assert IcetrustUtils.pgp_verify(gpg, os.path.join(TEST_DIR, 'file1.txt'), os.path.join(TEST_DIR, 'file1.txt.sig'), msg_callback=mock_msg_callback) is True assert len(mock_msg_callback.messages) == 2 assert mock_msg_callback.messages[ 0] == '\n--- Results of verification ---' assert '[GNUPG:] SIG_ID crXxiKwsoGFwp1pyl+csVQd53aA 2021-04-22 1619099716' in mock_msg_callback.messages[ 1]
def import_key_material(gpg, dir, verification_data, cmd_output=None, msg_callback=None): """ Import keys if needed :param verification_mode: verification mode being used :param dir: directory to download to :param filename_url: URL for the main file to be downloaded :param verification_data: parsed JSON containing verification data :param cmd_output: command output :param msg_callback: message callback object, can be used to collect additional data via .echo() :return: True if succesful, False if not, None if skipped """ keyfile_path = None if 'keyfile_url' in verification_data: keyfile_path = os.path.join(dir, FILENAME_KEYS) # Do the actual import import_result = IcetrustUtils.pgp_import_keys( gpg, keyfile=keyfile_path, keyid=None if keyfile_path else verification_data['keyid'], keyserver=None if keyfile_path else verification_data['keyserver'], cmd_output=cmd_output, msg_callback=msg_callback) return import_result
def test_valid_checksum(self): cmd_output = [] assert IcetrustUtils.verify_checksum(os.path.join( TEST_DIR, 'file1.txt'), DEFAULT_HASH_ALGORITHM, checksum_value=FILE1_HASH, cmd_output=cmd_output) is True assert len(cmd_output) == 0
def test_doesnt_exists_file1_verbose(self, mock_msg_callback): assert IcetrustUtils.compare_files( os.path.join(TEST_DIR, 'foobar.txt'), os.path.join(TEST_DIR, 'file1.txt'), msg_callback=mock_msg_callback) is False assert len(mock_msg_callback.messages) == 1 assert mock_msg_callback.messages[ 0] == "[Errno 2] No such file or directory: 'test_data/foobar.txt'"
def test_invalid3_cmd_output(self): cmd_output = [] assert IcetrustUtils.compare_files(os.path.join(TEST_DIR, 'file2.txt'), os.path.join(TEST_DIR, 'file1.txt'), cmd_output=cmd_output) is False assert len(cmd_output) == 2 assert cmd_output[0] == 'File1 checksum: ' + FILE2_HASH assert cmd_output[1] == 'File2 checksum: ' + FILE1_HASH
def test_valid_verbose(self, mock_msg_callback): assert IcetrustUtils.compare_files( os.path.join(TEST_DIR, 'file1.txt'), os.path.join(TEST_DIR, 'file1.txt'), msg_callback=mock_msg_callback) is True assert len(mock_msg_callback.messages) == 2 assert mock_msg_callback.messages[0] == 'File1 checksum: ' + FILE1_HASH assert mock_msg_callback.messages[1] == 'File2 checksum: ' + FILE1_HASH
def test_valid_checksum_verbose(self, mock_msg_callback): assert IcetrustUtils.verify_checksum( os.path.join(TEST_DIR, 'file1.txt'), DEFAULT_HASH_ALGORITHM, checksum_value=FILE1_HASH, msg_callback=mock_msg_callback) is True assert len(mock_msg_callback.messages) == 2 assert mock_msg_callback.messages[0] == 'Algorithm: sha256' assert mock_msg_callback.messages[1] == 'File hash: ' + FILE1_HASH
def test_doesnt_exists_file_verbose(self, mock_msg_callback): assert IcetrustUtils.verify_checksum( os.path.join(TEST_DIR, 'foobar.txt'), DEFAULT_HASH_ALGORITHM, checksumfile=os.path.join(TEST_DIR, 'file1.txt.SHA256SUMS'), msg_callback=mock_msg_callback) is False assert len(mock_msg_callback.messages) == 1 assert mock_msg_callback.messages[ 0] == "[Errno 2] No such file or directory: 'test_data/foobar.txt'"
def pgp(verbose, filename, signaturefile, keyfile, keyid, keyserver): """Verify FILENAME via a PGP signature in SIGNATUREFILE using provided keys""" # Check input parameters if keyfile is None and (keyid is None or keyserver is None): click.echo("ERROR: Either '--keyfile' or '--keyid/--keyserver' parameters must be set!") sys.exit(2) # Initialize PGP and import keys gpg = IcetrustUtils.pgp_init(verbose) import_result = IcetrustUtils.pgp_import_keys(gpg, keyfile=keyfile, keyid=keyid, keyserver=keyserver, msg_callback=IcetrustUtils.process_verbose_flag(verbose)) if import_result is False: _process_result(import_result) # Verify file verification_result = IcetrustUtils.pgp_verify(gpg, filename, signaturefile, msg_callback=IcetrustUtils.process_verbose_flag(verbose)) _process_result(verification_result)
def test_doesnt_exists_checksum_file_valid(self, mock_msg_callback): assert IcetrustUtils.verify_checksum( os.path.join(TEST_DIR, 'file1.txt'), DEFAULT_HASH_ALGORITHM, checksumfile=os.path.join(TEST_DIR, 'foobar.txt'), msg_callback=mock_msg_callback) is False assert len(mock_msg_callback.messages) == 3 assert mock_msg_callback.messages[0] == 'Algorithm: sha256' assert mock_msg_callback.messages[1] == 'File hash: ' + FILE1_HASH assert mock_msg_callback.messages[ 2] == "[Errno 2] No such file or directory: 'test_data/foobar.txt'"
def test_invalid1_checksumfile_with_cmd_output(self): cmd_output = [] assert IcetrustUtils.verify_checksum( os.path.join(TEST_DIR, 'file1.txt.SHA256SUMS'), DEFAULT_HASH_ALGORITHM, checksumfile=os.path.join(TEST_DIR, 'file1.txt'), cmd_output=cmd_output) is False assert len(cmd_output) == 3 assert cmd_output[0] == 'Algorithm: sha256' assert cmd_output[ 1] == 'File checksum: ca68d23d93b2611b380a57fa076684e1f5fa76d0d6bbd6df00c9aed28347e383' assert cmd_output[2] == 'No match found in checksum file'
def pgpchecksumfile(verbose, filename, checksumfile, signaturefile, algorithm, keyfile, keyid, keyserver): """Verify FILENAME via a PGP-signed CHECKSUMFILE, with a signature in SIGNATUREFILE using provided keys""" # Check input parameters if keyfile is None and (keyid is None or keyserver is None): click.echo("ERROR: Either '--keyfile' or '--keyid/--keyserver' parameters must be set!") sys.exit(2) # Initialize PGP and import keys gpg = IcetrustUtils.pgp_init(verbose) import_result = IcetrustUtils.pgp_import_keys(gpg, keyfile=keyfile, keyid=keyid, keyserver=keyserver, msg_callback=IcetrustUtils.process_verbose_flag(verbose)) if import_result is False: _process_result(import_result) # Verify checksums file verification_result = IcetrustUtils.pgp_verify(gpg, checksumfile, signaturefile, msg_callback=IcetrustUtils.process_verbose_flag(verbose)) if verification_result.status is False: _process_result(verification_result) # Check hash against the checksums file checksum_valid = IcetrustUtils.verify_checksum(filename, algorithm, checksumfile=checksumfile, msg_callback=IcetrustUtils.process_verbose_flag(verbose)) _process_result(checksum_valid)
def test_invalid1_checksum(self): assert IcetrustUtils.verify_checksum(os.path.join( TEST_DIR, 'file1.txt.SHA256SUMS'), DEFAULT_HASH_ALGORITHM, checksum_value='foobar') is False
def test_version(self): runner = CliRunner() result = runner.invoke(cli, ['--version']) assert result.exit_code == 0 assert result.output == 'icetrust, version ' + IcetrustUtils.get_version( ) + '\n'
def test_valid(self): cmd_output = [] assert IcetrustUtils.compare_files(os.path.join(TEST_DIR, 'file1.txt'), os.path.join(TEST_DIR, 'file1.txt'), cmd_output=cmd_output) is True assert len(cmd_output) == 0
def test_doesnt_exists_all_files(self): assert IcetrustUtils.compare_files( os.path.join(TEST_DIR, 'foobar1.txt'), os.path.join(TEST_DIR, 'foobar2.txt')) is False
def test_process_verbose_flag_valid(self): assert IcetrustUtils.process_verbose_flag(False) is False assert IcetrustUtils.process_verbose_flag(None) is False
def test_get_version_format_valid(self): pattern = re.compile(r'^(\d+\.)?(\d+\.)?(\*|\d+)$') assert pattern.match(IcetrustUtils.get_version()) is not None
def test_invalid_missing_arguments1(self): with pytest.raises(ValueError): IcetrustUtils.verify_checksum(os.path.join(TEST_DIR, 'file1.txt'), DEFAULT_HASH_ALGORITHM)
def test_valid_checksum_uppercase(self): assert IcetrustUtils.verify_checksum( os.path.join(TEST_DIR, 'file1.txt'), DEFAULT_HASH_ALGORITHM, checksum_value=FILE1_HASH.upper()) is True
def test_invalid_algorithm_checksumfile1(self): assert IcetrustUtils.verify_checksum( os.path.join(TEST_DIR, 'file1.txt'), 'md5', checksumfile=os.path.join(TEST_DIR, 'file1.txt.SHA256SUMS')) is False
def test_invalid_algorithm_checksum2(self): with pytest.raises(ValueError): IcetrustUtils.verify_checksum(os.path.join(TEST_DIR, 'file1.txt'), 'rc4', checksum_value=FILE1_HASH)
def test_invalid_algorithm_checksum1(self): assert IcetrustUtils.verify_checksum( os.path.join(TEST_DIR, 'file1.txt'), 'md5', checksum_value=FILE1_HASH) is False
def test_invalid2_checksumfile(self): assert IcetrustUtils.verify_checksum( os.path.join(TEST_DIR, 'file2.txt'), DEFAULT_HASH_ALGORITHM, checksumfile=os.path.join(TEST_DIR, 'file1.txt.SHA256SUMS')) is False
def test_valid_checksum_whitespace(self): assert IcetrustUtils.verify_checksum( os.path.join(TEST_DIR, 'file1.txt'), DEFAULT_HASH_ALGORITHM, checksum_value=' ' + FILE1_HASH + ' ') is True