def test_sign_and_encrypt_double_secret(self): "We want to produce as many signatures as possible" recv = DirectoryContext(homedir=self.key_receiver_homedir) params = """<GnupgKeyParms format="internal"> %transient-key Key-Type: RSA Key-Length: 1024 Name-Real: Joe Genkey Tester Name-Comment: with stupid passphrase Name-Email: [email protected] %no-protection #Passphrase: Crypt0R0cks #Expire-Date: 2020-12-31 </GnupgKeyParms> """ recv.op_genkey(params, None, None) gen_result = recv.op_genkey_result() assert_equal(2, len(list(recv.keylist(secret=True)))) sender = DirectoryContext(homedir=self.key_sender_homedir) sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS) sender_keys = list(sender.keylist()) assert_equal(1, len(sender_keys)) sender_key = sender_keys[0] fpr = sender_key.fpr sink = gpg.Data() sender.op_export_keys(sender_keys, 0, sink) sink.seek(0, 0) public_sender_key = sink.read() # Now finally call the function under test uid_encrypted = list(sign_keydata_and_encrypt(public_sender_key, error_cb=None, homedir=self.key_receiver_homedir)) assert_equals(len(sender_key.uids), len(uid_encrypted)) uids_before = sender.get_key(fpr).uids sigs = [uid.signatures for uid in uids_before] sigs_before = [sig for signatures in sigs for sig in signatures] for uid, uid_enc in zip(uids_before, uid_encrypted): # FIXME: assert_equals(uid, uid_enc[0]) assert_in(uid.name, uid_enc[0].uid) assert_in(uid.email, uid_enc[0].uid) ciphertext = uid_enc[1] log.debug("Decrypting %r", ciphertext) plaintext, result, vrfy = sender.decrypt(ciphertext) log.debug("Decrypt Result: %r", result) sender.op_import(plaintext) import_result = sender.op_import_result() log.debug("Import Result: %r", import_result) # Here is the important check for two new signatures assert_equals(2, import_result.new_signatures) updated_key = sender.get_key(fpr) log.debug("updated key: %r", updated_key) log.debug("updated key sigs: %r", [(uid, uid.signatures) for uid in updated_key.uids]) uids_after = sender.get_key(fpr).uids sigs = [uid.signatures for uid in uids_after] sigs_after = [sig for signatures in sigs for sig in signatures] assert_greater(len(sigs_after), len(sigs_before))
def test_sign_and_encrypt(self): # This might be a secret key, too, so we import and export to # get hold of the public portion. keydata = open(self.key_sender_key, "rb").read() # We get the public portion of the key sender = TempContext() sender.op_import(keydata) result = sender.op_import_result() fpr = result.imports[0].fpr sink = gpg.Data() sender.op_export(fpr, 0, sink) sink.seek(0, 0) # This is the key that we will sign public_sender_key = sink.read() keys = get_usable_keys(homedir=self.key_sender_homedir) assert_equal(1, len(keys)) key = keys[0] uids = key.uidslist # Now finally call the function under test uid_encrypted = list(sign_keydata_and_encrypt(public_sender_key, error_cb=None, homedir=self.key_receiver_homedir)) assert_equal(len(uids), len(uid_encrypted)) # We need to explicitly request signatures uids_before = uids assert_equal(len(uids_before), len(sender.get_key(fpr).uids)) sigs_before = [s for l in get_signatures_for_uids_on_key(sender, key).values() for s in l] # FIXME: Refactor this a little bit. # We have duplication of code with the other test below. for uid, uid_enc in zip(uids_before, uid_encrypted): uid_enc_str = uid_enc[0].uid # The test doesn't work so well, because comments # are not rendered :-/ # assert_equal(uid, uid_enc[0]) assert_in(uid.name, uid_enc_str) assert_in(uid.email, uid_enc_str) ciphertext = uid_enc[1] log.debug("Decrypting %r", ciphertext) plaintext, result, vrfy = sender.decrypt(ciphertext) log.debug("Decrypt Result: %r", result) sender.op_import(plaintext) import_result = sender.op_import_result() log.debug("Import Result: %r", import_result) assert_equal(1, import_result.new_signatures) updated_key = sender.get_key(fpr) log.debug("updated key: %r", updated_key) log.debug("updated key sigs: %r", [(uid, uid.signatures) for uid in updated_key.uids]) sigs_after = [s for l in get_signatures_for_uids_on_key(sender, key).values() for s in l] assert_greater(len(sigs_after), len(sigs_before))
def test_sign_and_encrypt(self): secret_keydata = open(self.key_sender_key, "r").read() # We get the public portion of the key sender = TempContext() sender.op_import(secret_keydata) result = sender.op_import_result() fpr = result.imports[0].fpr sink = gpg.Data() sender.op_export(fpr, 0, sink) sink.seek(0, 0) # This is the key that we will sign public_sender_key = sink.read() keys = get_usable_secret_keys(homedir=self.key_sender_homedir) assert_equals(1, len(keys)) key = keys[0] uids = key.uidslist # Now finally call the function under test uid_encrypted = list( sign_keydata_and_encrypt(public_sender_key, error_cb=None, homedir=self.key_receiver_homedir)) assert_equals(len(uids), len(uid_encrypted)) # We need to explicitly request signatures sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS) uids_before = sender.get_key(fpr).uids sigs = [uid.signatures for uid in uids_before] sigs_before = [sig for signatures in sigs for sig in signatures] for uid, uid_enc in zip(uids_before, uid_encrypted): # The test doesn't work so well, because comments # are not rendered :-/ # assert_equals(uid, uid_enc[0]) assert_in(uid.name, uid_enc[0].uid) assert_in(uid.email, uid_enc[0].uid) ciphertext = uid_enc[1] log.debug("Decrypting %r", ciphertext) plaintext, result, vrfy = sender.decrypt(ciphertext) log.debug("Decrypt Result: %r", result) sender.op_import(plaintext) import_result = sender.op_import_result() log.debug("Import Result: %r", import_result) assert_equals(1, import_result.new_signatures) updated_key = sender.get_key(fpr) log.debug("updated key: %r", updated_key) log.debug("updated key sigs: %r", [(uid, uid.signatures) for uid in updated_key.uids]) uids_after = sender.get_key(fpr).uids sigs = [uid.signatures for uid in uids_after] sigs_after = [sig for signatures in sigs for sig in signatures] assert_greater(len(sigs_after), len(sigs_before))
def test_sign_and_encrypt(self): secret_keydata = open(self.key_sender_key, "r").read() # We get the public portion of the key sender = TempContext() sender.op_import(secret_keydata) result = sender.op_import_result() fpr = result.imports[0].fpr sink = gpg.Data() sender.op_export(fpr, 0, sink) sink.seek(0, 0) # This is the key that we will sign public_sender_key = sink.read() keys = get_usable_secret_keys(homedir=self.key_sender_homedir) assert_equals(1, len(keys)) key = keys[0] uids = key.uidslist # Now finally call the function under test uid_encrypted = list(sign_keydata_and_encrypt(public_sender_key, error_cb=None, homedir=self.key_receiver_homedir)) assert_equals(len(uids), len(uid_encrypted)) # We need to explicitly request signatures sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS) uids_before = sender.get_key(fpr).uids sigs = [uid.signatures for uid in uids_before] sigs_before = [sig for signatures in sigs for sig in signatures] for uid, uid_enc in zip(uids_before, uid_encrypted): # The test doesn't work so well, because comments # are not rendered :-/ # assert_equals(uid, uid_enc[0]) assert_in(uid.name, uid_enc[0].uid) assert_in(uid.email, uid_enc[0].uid) ciphertext = uid_enc[1] log.debug("Decrypting %r", ciphertext) plaintext, result, vrfy = sender.decrypt(ciphertext) log.debug("Decrypt Result: %r", result) sender.op_import(plaintext) import_result = sender.op_import_result() log.debug("Import Result: %r", import_result) assert_equals(1, import_result.new_signatures) updated_key = sender.get_key(fpr) log.debug("updated key: %r", updated_key) log.debug("updated key sigs: %r", [(uid, uid.signatures) for uid in updated_key.uids]) uids_after = sender.get_key(fpr).uids sigs = [uid.signatures for uid in uids_after] sigs_after = [sig for signatures in sigs for sig in signatures] assert_greater(len(sigs_after), len(sigs_before))
def test_sign_and_encrypt_double_secret(self): "We want to produce as many signatures as possible" recv = DirectoryContext(homedir=self.key_receiver_homedir) params = """<GnupgKeyParms format="internal"> %transient-key Key-Type: RSA Key-Length: 1024 Name-Real: Joe Genkey Tester Name-Comment: with stupid passphrase Name-Email: [email protected] %no-protection #Passphrase: Crypt0R0cks #Expire-Date: 2020-12-31 </GnupgKeyParms> """ recv.op_genkey(params, None, None) gen_result = recv.op_genkey_result() assert_equal(2, len(list(recv.keylist(secret=True)))) sender = DirectoryContext(homedir=self.key_sender_homedir) sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS) sender_keys = list(sender.keylist()) assert_equal(1, len(sender_keys)) sender_key = sender_keys[0] fpr = sender_key.fpr sink = gpg.Data() sender.op_export_keys(sender_keys, 0, sink) sink.seek(0, 0) public_sender_key = sink.read() # Now finally call the function under test uid_encrypted = list( sign_keydata_and_encrypt(public_sender_key, error_cb=None, homedir=self.key_receiver_homedir)) assert_equals(len(sender_key.uids), len(uid_encrypted)) uids_before = sender.get_key(fpr).uids sigs_before = [ s for l in get_signatures_for_uids_on_key( sender, sender_key).values() for s in l ] for uid, uid_enc in zip(uids_before, uid_encrypted): uid_enc_str = uid_enc[0].uid log.info("Uid enc str: %r", uid_enc_str) log.info("Uid name: %r", uid.name) # FIXME: assert_equals(uid, uid_enc[0]) # It's a bit weird to re-use the string treatment here. # But gpgme may return unencodable bytes (and uid, here, is # coming straight from gpgme). We opted for our UID wrapper # to return consumable strings, i.e. safe to encode assert_in(to_valid_utf8_string(uid.name), uid_enc_str) assert_in(to_valid_utf8_string(uid.email), uid_enc_str) ciphertext = uid_enc[1] log.debug("Decrypting %r", ciphertext) plaintext, result, vrfy = sender.decrypt(ciphertext) log.debug("Decrypt Result: %r", result) sender.op_import(plaintext) import_result = sender.op_import_result() log.debug("Import Result: %r", import_result) # Here is the important check for two new signatures assert_equals(2, import_result.new_signatures) updated_key = sender.get_key(fpr) log.debug("updated key: %r", updated_key) log.debug("updated key sigs: %r", [(uid, uid.signatures) for uid in updated_key.uids]) sigs_after = [ s for l in get_signatures_for_uids_on_key( sender, sender_key).values() for s in l ] assert_greater(len(sigs_after), len(sigs_before))
def test_sign_and_encrypt_double_secret(self): "We want to produce as many signatures as possible" recv = DirectoryContext(homedir=self.key_receiver_homedir) params = """<GnupgKeyParms format="internal"> %transient-key Key-Type: RSA Key-Length: 1024 Name-Real: Joe Genkey Tester Name-Comment: with stupid passphrase Name-Email: [email protected] %no-protection #Passphrase: Crypt0R0cks #Expire-Date: 2020-12-31 </GnupgKeyParms> """ recv.op_genkey(params, None, None) gen_result = recv.op_genkey_result() assert_equal(2, len(list(recv.keylist(secret=True)))) sender = DirectoryContext(homedir=self.key_sender_homedir) sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS) sender_keys = list(sender.keylist()) assert_equal(1, len(sender_keys)) sender_key = sender_keys[0] fpr = sender_key.fpr sink = gpg.Data() sender.op_export_keys(sender_keys, 0, sink) sink.seek(0, 0) public_sender_key = sink.read() # Now finally call the function under test uid_encrypted = list( sign_keydata_and_encrypt(public_sender_key, error_cb=None, homedir=self.key_receiver_homedir)) assert_equals(len(sender_key.uids), len(uid_encrypted)) uids_before = sender.get_key(fpr).uids sigs = [uid.signatures for uid in uids_before] sigs_before = [sig for signatures in sigs for sig in signatures] for uid, uid_enc in zip(uids_before, uid_encrypted): # FIXME: assert_equals(uid, uid_enc[0]) assert_in(uid.name, uid_enc[0].uid) assert_in(uid.email, uid_enc[0].uid) ciphertext = uid_enc[1] log.debug("Decrypting %r", ciphertext) plaintext, result, vrfy = sender.decrypt(ciphertext) log.debug("Decrypt Result: %r", result) sender.op_import(plaintext) import_result = sender.op_import_result() log.debug("Import Result: %r", import_result) # Here is the important check for two new signatures assert_equals(2, import_result.new_signatures) updated_key = sender.get_key(fpr) log.debug("updated key: %r", updated_key) log.debug("updated key sigs: %r", [(uid, uid.signatures) for uid in updated_key.uids]) uids_after = sender.get_key(fpr).uids sigs = [uid.signatures for uid in uids_after] sigs_after = [sig for signatures in sigs for sig in signatures] assert_greater(len(sigs_after), len(sigs_before))