def import_key_material(gpg, dir, verification_data, cmd_output=None, msg_callback=None): """ Import keys if needed :param verification_mode: verification mode being used :param dir: directory to download to :param filename_url: URL for the main file to be downloaded :param verification_data: parsed JSON containing verification data :param cmd_output: command output :param msg_callback: message callback object, can be used to collect additional data via .echo() :return: True if succesful, False if not, None if skipped """ keyfile_path = None if 'keyfile_url' in verification_data: keyfile_path = os.path.join(dir, FILENAME_KEYS) # Do the actual import import_result = IcetrustUtils.pgp_import_keys( gpg, keyfile=keyfile_path, keyid=None if keyfile_path else verification_data['keyid'], keyserver=None if keyfile_path else verification_data['keyserver'], cmd_output=cmd_output, msg_callback=msg_callback) return import_result
def test_invalid_file_verbose(self, tmp_path, mock_msg_callback): gpg = IcetrustUtils.pgp_init(tmp_path) assert IcetrustUtils.pgp_import_keys( gpg, keyfile='foobar', msg_callback=mock_msg_callback) is False assert len(mock_msg_callback.messages) == 1 assert mock_msg_callback.messages[ 0] == "[Errno 2] No such file or directory: 'foobar'"
def test_invalid_fromkeyid(self, mock_msg_callback): # TODO: Switch to use tmp_path fixture temp_dir_obj = tempfile.TemporaryDirectory() tmp_path = os.path.join(temp_dir_obj.name, '') gpg = IcetrustUtils.pgp_init(tmp_path) assert IcetrustUtils.pgp_import_keys( gpg, keyid='foobar', keyserver='keyserver.ubuntu.com', msg_callback=mock_msg_callback) is False
def test_valid_fromfile_verbose(self, tmp_path, mock_msg_callback): gpg = IcetrustUtils.pgp_init(tmp_path) assert IcetrustUtils.pgp_import_keys( gpg, keyfile=os.path.join(TEST_DIR, 'pgp_keys.txt'), msg_callback=mock_msg_callback) is True assert len(mock_msg_callback.messages) == 2 assert mock_msg_callback.messages[ 0] == '--- Results of key import ---\n' assert '[GNUPG:] IMPORTED FBFCC82A015E7330' in mock_msg_callback.messages[ 1]
def pgp(verbose, filename, signaturefile, keyfile, keyid, keyserver): """Verify FILENAME via a PGP signature in SIGNATUREFILE using provided keys""" # Check input parameters if keyfile is None and (keyid is None or keyserver is None): click.echo("ERROR: Either '--keyfile' or '--keyid/--keyserver' parameters must be set!") sys.exit(2) # Initialize PGP and import keys gpg = IcetrustUtils.pgp_init(verbose) import_result = IcetrustUtils.pgp_import_keys(gpg, keyfile=keyfile, keyid=keyid, keyserver=keyserver, msg_callback=IcetrustUtils.process_verbose_flag(verbose)) if import_result is False: _process_result(import_result) # Verify file verification_result = IcetrustUtils.pgp_verify(gpg, filename, signaturefile, msg_callback=IcetrustUtils.process_verbose_flag(verbose)) _process_result(verification_result)
def pgpchecksumfile(verbose, filename, checksumfile, signaturefile, algorithm, keyfile, keyid, keyserver): """Verify FILENAME via a PGP-signed CHECKSUMFILE, with a signature in SIGNATUREFILE using provided keys""" # Check input parameters if keyfile is None and (keyid is None or keyserver is None): click.echo("ERROR: Either '--keyfile' or '--keyid/--keyserver' parameters must be set!") sys.exit(2) # Initialize PGP and import keys gpg = IcetrustUtils.pgp_init(verbose) import_result = IcetrustUtils.pgp_import_keys(gpg, keyfile=keyfile, keyid=keyid, keyserver=keyserver, msg_callback=IcetrustUtils.process_verbose_flag(verbose)) if import_result is False: _process_result(import_result) # Verify checksums file verification_result = IcetrustUtils.pgp_verify(gpg, checksumfile, signaturefile, msg_callback=IcetrustUtils.process_verbose_flag(verbose)) if verification_result.status is False: _process_result(verification_result) # Check hash against the checksums file checksum_valid = IcetrustUtils.verify_checksum(filename, algorithm, checksumfile=checksumfile, msg_callback=IcetrustUtils.process_verbose_flag(verbose)) _process_result(checksum_valid)
def test_invalid_missing_arguments3(self, tmp_path): gpg = IcetrustUtils.pgp_init(tmp_path) with pytest.raises(ValueError): IcetrustUtils.pgp_import_keys(gpg, keyserver='foobar')
def test_invalid_file_no_keys(self, tmp_path): gpg = IcetrustUtils.pgp_init(tmp_path) assert IcetrustUtils.pgp_import_keys( gpg, keyfile=os.path.join(TEST_DIR, 'file1.txt.sig')) is False
def test_invalid_file(self, tmp_path): gpg = IcetrustUtils.pgp_init(tmp_path) assert IcetrustUtils.pgp_import_keys(gpg, keyfile='foobar') is False
def test_valid_fromfile(self, tmp_path): gpg = IcetrustUtils.pgp_init(tmp_path) assert IcetrustUtils.pgp_import_keys( gpg, keyfile=os.path.join(TEST_DIR, 'pgp_keys.txt')) is True