예제 #1
0
def test_verify_file_embedded_sig():
    '''
    Verifies the signature on an embedded, signed file. This is a file signed
    with:

        gpg -u keybase.io/irc --sign helloworld.txt

    So it's binary output and suffixed with .gpg.
    '''
    k = keybase.Keybase('irc')
    pkey = k.get_public_key()
    fname = os.path.join(os.getcwd(), 'test', 'golden', 'helloworld.txt.gpg')
    verified = pkey.verify_file(
        fname,
        throw_error=True)
    assert verified
    # Compare this to a straight-up GnuPGP verification using the
    # known public key from the pair that signed the file.
    tempdir = tempfile.mkdtemp(suffix='.keybase-test')
    gpg = gnupg.GPG(homedir=tempdir, verbose=False, use_agent=False, binary=keybase.gpg())
    gpg.import_keys(GPG_KEY_DATA)
    with open(fname, 'rb') as fdata:
        vobj = gpg.verify_file(fdata)
        assert vobj.valid
    del gpg
    shutil.rmtree(tempdir)
예제 #2
0
def test_verify_file_detached_sig():
    '''
    Verifies the signature on a detatched, signed file. This is a file signed
    with:

        gpg -u keybase.io/irc --detach-sign helloworld.txt

    So it's the data file helloworld.txt plus the detached signature file
    helloworld.txt.sig that are used together to do the verification.
    '''
    k = keybase.Keybase('irc')
    pkey = k.get_public_key()
    fname = os.path.join(os.getcwd(), 'test', 'golden', 'helloworld.txt')
    fsig = os.path.join(os.getcwd(), 'test', 'golden', 'helloworld.txt.sig')
    verified = pkey.verify_file(
        fname,
        fsig)
    assert verified
    # Compare this to a straight-up GnuPGP verification using the
    # known public key from the pair that signed the file.
    tempdir = tempfile.mkdtemp(suffix='.keybase-test')
    gpg = gnupg.GPG(homedir=tempdir, verbose=False, use_agent=False, binary=keybase.gpg())
    gpg.import_keys(GPG_KEY_DATA)
    with open(fname, 'rb') as fobj:
        vobj = gpg.verify_file(fobj, fsig)
    assert vobj.valid
    del gpg
    shutil.rmtree(tempdir)
예제 #3
0
def test_verify_file_detached_sig():
    '''
    Verifies the signature on a detatched, signed file. This is a file signed
    with:

        gpg -u keybase.io/irc --detach-sign helloworld.txt

    So it's the data file helloworld.txt plus the detached signature file
    helloworld.txt.sig that are used together to do the verification.
    '''
    k = keybase.Keybase('irc')
    pkey = k.get_public_key()
    fname = os.path.join(os.getcwd(), 'test', 'golden', 'helloworld.txt')
    fsig = os.path.join(os.getcwd(), 'test', 'golden', 'helloworld.txt.sig')
    verified = pkey.verify_file(fname, fsig)
    assert verified
    # Compare this to a straight-up GnuPGP verification using the
    # known public key from the pair that signed the file.
    tempdir = tempfile.mkdtemp(suffix='.keybase-test')
    gpg = gnupg.GPG(homedir=tempdir,
                    verbose=False,
                    use_agent=False,
                    binary=keybase.gpg())
    gpg.import_keys(GPG_KEY_DATA)
    with open(fname, 'rb') as fobj:
        vobj = gpg.verify_file(fobj, fsig)
    assert vobj.valid
    del gpg
    shutil.rmtree(tempdir)
예제 #4
0
def test_verify_file_embedded_sig():
    '''
    Verifies the signature on an embedded, signed file. This is a file signed
    with:

        gpg -u keybase.io/irc --sign helloworld.txt

    So it's binary output and suffixed with .gpg.
    '''
    k = keybase.Keybase('irc')
    pkey = k.get_public_key()
    fname = os.path.join(os.getcwd(), 'test', 'golden', 'helloworld.txt.gpg')
    verified = pkey.verify_file(fname, throw_error=True)
    assert verified
    # Compare this to a straight-up GnuPGP verification using the
    # known public key from the pair that signed the file.
    tempdir = tempfile.mkdtemp(suffix='.keybase-test')
    gpg = gnupg.GPG(homedir=tempdir,
                    verbose=False,
                    use_agent=False,
                    binary=keybase.gpg())
    gpg.import_keys(GPG_KEY_DATA)
    with open(fname, 'rb') as fdata:
        vobj = gpg.verify_file(fdata)
        assert vobj.valid
    del gpg
    shutil.rmtree(tempdir)
예제 #5
0
def test_gpg_encrypt():
    '''
    This is a test of the basic gnupg module functionality. I was using this
    to sort out how the encrypt() function actually worked. Keeping it in
    here as a test of this module because if it fails, it likely means all the
    assumptions the keybase API code is based on are now wrong.
    '''
    tempdir = tempfile.mkdtemp(suffix='.keybase-test')
    gpg = gnupg.GPG(homedir=tempdir, verbose=False, use_agent=False, binary=keybase.gpg())
    gpg.import_keys(GPG_KEY_DATA)
    instring = 'Hello, world!'
    encrypted = str(gpg.encrypt(instring, gpg.list_keys()[0]['keyid'], compress_algo='ZIP'))
    assert encrypted
    assert not encrypted.isspace()
    assert encrypted != instring
    del gpg
    shutil.rmtree(tempdir)
예제 #6
0
def test_public_key_gpg_integration():
    '''
    A basic test for the KeybasePublicKey() class. Makes sure it plays
    nice with the GnuPGP Python module.
    '''
    key_fingerprint = '7cc0ce678c37fc27da3ce494f56b7a6f0a32a0b9'
    initopts = {'bundle': GPG_KEY_DATA, 'key_fingerprint': key_fingerprint}
    tempdir = tempfile.mkdtemp(suffix='.keybase-test')
    gpg = gnupg.GPG(homedir=tempdir, verbose=False, use_agent=False, binary=keybase.gpg())
    import_result = gpg.import_keys(GPG_KEY_DATA)
    assert len(import_result.fingerprints) > 0
    key = keybase.KeybasePublicKey(**initopts)
    assert key.key_fingerprint == key_fingerprint
    assert import_result.fingerprints[0].lower() == key_fingerprint
    assert key.key_fingerprint == import_result.fingerprints[0].lower()
    del gpg
    shutil.rmtree(tempdir)
예제 #7
0
def test_public_key_gpg_integration():
    '''
    A basic test for the KeybasePublicKey() class. Makes sure it plays
    nice with the GnuPGP Python module.
    '''
    key_fingerprint = '7cc0ce678c37fc27da3ce494f56b7a6f0a32a0b9'
    initopts = {'bundle': GPG_KEY_DATA, 'key_fingerprint': key_fingerprint}
    tempdir = tempfile.mkdtemp(suffix='.keybase-test')
    gpg = gnupg.GPG(homedir=tempdir,
                    verbose=False,
                    use_agent=False,
                    binary=keybase.gpg())
    import_result = gpg.import_keys(GPG_KEY_DATA)
    assert len(import_result.fingerprints) > 0
    key = keybase.KeybasePublicKey(**initopts)
    assert key.key_fingerprint == key_fingerprint
    assert import_result.fingerprints[0].lower() == key_fingerprint
    assert key.key_fingerprint == import_result.fingerprints[0].lower()
    del gpg
    shutil.rmtree(tempdir)
예제 #8
0
def test_gpg_encrypt():
    '''
    This is a test of the basic gnupg module functionality. I was using this
    to sort out how the encrypt() function actually worked. Keeping it in
    here as a test of this module because if it fails, it likely means all the
    assumptions the keybase API code is based on are now wrong.
    '''
    tempdir = tempfile.mkdtemp(suffix='.keybase-test')
    gpg = gnupg.GPG(homedir=tempdir,
                    verbose=False,
                    use_agent=False,
                    binary=keybase.gpg())
    gpg.import_keys(GPG_KEY_DATA)
    instring = 'Hello, world!'
    encrypted = str(
        gpg.encrypt(instring, gpg.list_keys()[0]['keyid'],
                    compress_algo='ZIP'))
    assert encrypted
    assert not encrypted.isspace()
    assert encrypted != instring
    del gpg
    shutil.rmtree(tempdir)