def testD07CertificationRevocation(self):
"crypto.signature: verify() certification revocation"
key_d = read_test_file(['pgpfiles', 'key', 'DSAELG2.revoked_uid.gpg'])
pkts = list_pkts(key_d)
keymsg = list_msgs(pkts)[0]
primary_key, uid, revoker = pkts[0], pkts[3], pkts[4]
verified = verify(revoker, uid, primary_key)
self.assertEqual(True, verify(revoker, uid, primary_key))
def testD07CertificationRevocation(self):
"crypto.signature: verify() certification revocation"
key_d = read_test_file(['pgpfiles','key','DSAELG2.revoked_uid.gpg'])
pkts = list_pkts(key_d)
keymsg = list_msgs(pkts)[0]
primary_key, uid, revoker = pkts[0], pkts[3], pkts[4]
verified = verify(revoker, uid, primary_key)
self.assertEqual(True, verify(revoker, uid, primary_key))
def verify_subkey(keydata):
keymsg = list_msgs(list_pkts(keydata))[0]
subkey = keymsg._b_subkeys[0].leader # first subkey
subkeysig = keymsg._b_subkeys[0].local_bindings[
0] # first applicable signature
pubkey = keymsg._b_primary.leader # public key
return verify(subkeysig, subkey, pubkey)
def verify_userid(keydata):
keymsg = list_msgs(list_pkts(keydata))[0]
userid = keymsg._b_userids[0].leader # first user id
useridsig = keymsg._b_userids[0].local_bindings[
0] # first applicable signature
pubkey = keymsg._b_primary.leader
return verify(useridsig, userid, pubkey)
def testD03aDSAv4UIDPrivate(self):
"crypto.signature: verify() private key user ID v4 DSA"
msgs = list_msgs(list_pkts(dsaseckey_d))
keymsg = msgs[0]
uid = keymsg._b_userids[0].leader # first user id
sig = keymsg._b_userids[0].local_bindings[0] # first applicable signature
key = keymsg._b_primary.leader # public key
self.assertEqual(1, verify(sig, uid, key))
def testF01DSADirectPrimary(self):
"crypto.signature: sign() v4 DSA direct (self signature on primary)"
seckey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.sec.gpg'])
seckeypkt = list_pkts(seckey_d)[0]
sigtype = SIG_DIRECT
sigpkt = sign(sigtype, seckeypkt, seckeypkt, passphrase="test")
verified = verify(sigpkt, seckeypkt, seckeypkt)
self.assertEqual(1, verified)
def testD04aDSAv4SubkeyPrivate(self):
"crypto.signature: verify() pivate key subkey binding v4 DSA"
msgs = list_msgs(list_pkts(dsaseckey_d))
keymsg = msgs[0]
subkey = keymsg._b_subkeys[0].leader # first subkey
subkeysig = keymsg._b_subkeys[0].local_bindings[0] # first applicable signature
pubkey = keymsg._b_primary.leader # public key
self.assertEqual(1, verify(subkeysig, subkey, pubkey))
def testF01DSADirectPrimary(self):
"crypto.signature: sign() v4 DSA direct (self signature on primary)"
seckey_d = read_test_file(['pgpfiles','key','DSAELG1.sec.gpg'])
seckeypkt = list_pkts(seckey_d)[0]
sigtype = SIG_DIRECT
sigpkt = sign(sigtype, seckeypkt, seckeypkt, passphrase="test")
verified = verify(sigpkt, seckeypkt, seckeypkt)
self.assertEqual(1, verified)
def testD06SubkeyRevocation(self):
"crypto.signature: verify() subkey revocation"
d = read_test_file(['pgpfiles','key','DSAELG2.subkeyrevoc.gpg'])
keymsg = list_msgs(list_pkts(d))[0]
revblock = keymsg._b_subkeys['90AFB828686B6E9A'] # known revoked block
key = keymsg._b_primary.leader
sig = revblock.local_bindings[0]
subkey = revblock.leader
self.assertEqual(1, verify(sig, subkey, key))
def testE04SignatureCreationV4RSAText(self):
"crypto.signature: sign() v4 RSA no subpkts TEXT"
seckey_d = read_test_file(['pgpfiles', 'key', 'RSA1.sec.gpg'])
seckeypkt = list_pkts(seckey_d)[0]
msg = 'testmessage\r\nyaddaboo\n\nsdfll\r\n'
sigtype = SIG_TEXT
sigpkt = sign(sigtype, msg, seckeypkt, passphrase="test")
verified = verify(sigpkt, msg, seckeypkt)
self.assertEqual(1, verified)
def testD06SubkeyRevocation(self):
"crypto.signature: verify() subkey revocation"
d = read_test_file(['pgpfiles', 'key', 'DSAELG2.subkeyrevoc.gpg'])
keymsg = list_msgs(list_pkts(d))[0]
revblock = keymsg._b_subkeys['90AFB828686B6E9A'] # known revoked block
key = keymsg._b_primary.leader
sig = revblock.local_bindings[0]
subkey = revblock.leader
self.assertEqual(1, verify(sig, subkey, key))
def testE01SignatureCreationV4DSABinaryNoPass(self):
"crypto.signature: sign() v4 DSA no pass, no subpkts BINARY"
seckey_d = read_test_file(['pgpfiles','key','DSAELG1.sec.nopass.gpg'])
seckeypkt = list_pkts(seckey_d)[0]
msg = 'testmessage'
sigtype = SIG_BINARY
sigpkt = sign(sigtype, msg, seckeypkt)
verified = verify(sigpkt, msg, seckeypkt)
self.assertEqual(1, verified)
def testD04aDSAv4SubkeyPrivate(self):
"crypto.signature: verify() pivate key subkey binding v4 DSA"
msgs = list_msgs(list_pkts(dsaseckey_d))
keymsg = msgs[0]
subkey = keymsg._b_subkeys[0].leader # first subkey
subkeysig = keymsg._b_subkeys[0].local_bindings[
0] # first applicable signature
pubkey = keymsg._b_primary.leader # public key
self.assertEqual(1, verify(subkeysig, subkey, pubkey))
def testD03aDSAv4UIDPrivate(self):
"crypto.signature: verify() private key user ID v4 DSA"
msgs = list_msgs(list_pkts(dsaseckey_d))
keymsg = msgs[0]
uid = keymsg._b_userids[0].leader # first user id
sig = keymsg._b_userids[0].local_bindings[
0] # first applicable signature
key = keymsg._b_primary.leader # public key
self.assertEqual(1, verify(sig, uid, key))
def testE04SignatureCreationV4RSAText(self):
"crypto.signature: sign() v4 RSA no subpkts TEXT"
seckey_d = read_test_file(['pgpfiles','key','RSA1.sec.gpg'])
seckeypkt = list_pkts(seckey_d)[0]
msg = 'testmessage\r\nyaddaboo\n\nsdfll\r\n'
sigtype = SIG_TEXT
sigpkt = sign(sigtype, msg, seckeypkt, passphrase="test")
verified = verify(sigpkt, msg, seckeypkt)
self.assertEqual(1, verified)
def testG01CreateUIDRevocation(self):
"crypto.signature: sign() local certification revocation (0x30)"
key_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.sec.gpg'])
pkts = list_pkts(key_d)
seckey, uid = pkts[0], pkts[1]
sigtype = SIG_CERTREVOC
opts = {'passphrase': 'test', 'primary': seckey}
sigpkt = sign(sigtype, uid, seckey, **opts)
verified = verify(sigpkt, uid, seckey)
self.assertEqual(True, verified)
def testF02DSADirectSubkey(self):
"crypto.signature: sign() v4 DSA direct (self signature on subkey)"
seckey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.sec.gpg'])
pkts = list_pkts(seckey_d)
seckeypkt, subkeypkt = pkts[0], pkts[3]
sigtype = SIG_DIRECT
opts = {'passphrase': 'test', 'primary': seckeypkt}
sigpkt = sign(sigtype, subkeypkt, seckeypkt, **opts)
verified = verify(sigpkt, subkeypkt, seckeypkt)
self.assertEqual(1, verified)
def testE01SignatureCreationV4DSABinaryNoPass(self):
"crypto.signature: sign() v4 DSA no pass, no subpkts BINARY"
seckey_d = read_test_file(
['pgpfiles', 'key', 'DSAELG1.sec.nopass.gpg'])
seckeypkt = list_pkts(seckey_d)[0]
msg = 'testmessage'
sigtype = SIG_BINARY
sigpkt = sign(sigtype, msg, seckeypkt)
verified = verify(sigpkt, msg, seckeypkt)
self.assertEqual(1, verified)
def testG01CreateUIDRevocation(self):
"crypto.signature: sign() local certification revocation (0x30)"
key_d = read_test_file(['pgpfiles','key','DSAELG1.sec.gpg'])
pkts = list_pkts(key_d)
seckey, uid = pkts[0], pkts[1]
sigtype = SIG_CERTREVOC
opts = {'passphrase':'test', 'primary':seckey}
sigpkt = sign(sigtype, uid, seckey, **opts)
verified = verify(sigpkt, uid, seckey)
self.assertEqual(True, verified)
def testF02DSADirectSubkey(self):
"crypto.signature: sign() v4 DSA direct (self signature on subkey)"
seckey_d = read_test_file(['pgpfiles','key','DSAELG1.sec.gpg'])
pkts = list_pkts(seckey_d)
seckeypkt, subkeypkt = pkts[0], pkts[3]
sigtype = SIG_DIRECT
opts = {'passphrase':'test', 'primary':seckeypkt}
sigpkt = sign(sigtype, subkeypkt, seckeypkt, **opts)
verified = verify(sigpkt, subkeypkt, seckeypkt)
self.assertEqual(1, verified)
def testD08CertificationRevocation(self):
"crypto.signature: verify() foreign user ID certification"
key_d = read_test_file(['pgpfiles','key','DSAELG2.pub.foreign_uid_cert.gpg'])
sigkey_d = read_test_file(['pgpfiles','key','RSA1.pub.gpg'])
sigpkt = list_pkts(sigkey_d)[0]
pkts = list_pkts(key_d)
primary_key, uid, cert = pkts[0], pkts[1], pkts[3]
opts = {'primary':primary_key}
verified = verify(cert, uid, sigpkt, **opts)
self.assertEqual(True, verified)
def testD08CertificationRevocation(self):
"crypto.signature: verify() foreign user ID certification"
key_d = read_test_file(
['pgpfiles', 'key', 'DSAELG2.pub.foreign_uid_cert.gpg'])
sigkey_d = read_test_file(['pgpfiles', 'key', 'RSA1.pub.gpg'])
sigpkt = list_pkts(sigkey_d)[0]
pkts = list_pkts(key_d)
primary_key, uid, cert = pkts[0], pkts[1], pkts[3]
opts = {'primary': primary_key}
verified = verify(cert, uid, sigpkt, **opts)
self.assertEqual(True, verified)
def testF03DSADirectForeign(self):
"crypto.signature: sign() v4 DSA direct on foreign primary key"
targetkey_d = read_test_file(['pgpfiles','key','DSAELG3.pub.gpg'])
seckey_d = read_test_file(['pgpfiles','key','DSAELG1.sec.gpg'])
targetkeypkt = list_pkts(targetkey_d)[0]
seckeypkt = list_pkts(seckey_d)[0]
sigtype = SIG_DIRECT
opts = {'passphrase':'test', 'primary':targetkeypkt}
sigpkt = sign(sigtype, targetkeypkt, seckeypkt, **opts)
verified = verify(sigpkt, targetkeypkt, seckeypkt,
primary=targetkeypkt)
self.assertEqual(1, verified)
def testE08SignatureCreationV3RSATextSubpackets(self):
"crypto.signature: sign() v3 RSA with hashed subpkts TEXT"
import time
seckey_d = read_test_file(['pgpfiles','key','RSA1.sec.gpg'])
seckeypkt = list_pkts(seckey_d)[0]
msg = 'testmessage\r\nyaddaboo\n\nsdfll\r\n'
sigtype = SIG_TEXT
created = int(time.time()) - 5000
opts = {'passphrase':'test', 'version':3, 'created':created,
'keyid':seckeypkt.body.id}
sigpkt = sign(sigtype, msg, seckeypkt, **opts)
verified = verify(sigpkt, msg, seckeypkt)
self.assertEqual(1, verified)
def testE06SignatureCreationV4RSABinarySubpackets(self):
"crypto.signature: sign() v4 RSA with hashed subpkts BINARY"
seckey_d = read_test_file(['pgpfiles','key','RSA1.sec.gpg'])
seckeypkt = list_pkts(seckey_d)[0]
msg = 'testmessage\r\nyaddaboo\n\nsdfll\r\n'
sigtype = SIG_BINARY
created = int(time.time()) - 5000
subpkt_created = create_SignatureSubpacket(SIGSUB_CREATED, created)
subpkt_keyid = create_SignatureSubpacket(SIGSUB_SIGNERID, seckeypkt.body.id)
opts = {'passphrase':'test', 'hashed_subpkts':[subpkt_created],
'unhashed_subpkts':[subpkt_keyid]}
sigpkt = sign(sigtype, msg, seckeypkt, **opts)
verified = verify(sigpkt, msg, seckeypkt)
self.assertEqual(1, verified)
def testF03DSADirectForeign(self):
"crypto.signature: sign() v4 DSA direct on foreign primary key"
targetkey_d = read_test_file(['pgpfiles', 'key', 'DSAELG3.pub.gpg'])
seckey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.sec.gpg'])
targetkeypkt = list_pkts(targetkey_d)[0]
seckeypkt = list_pkts(seckey_d)[0]
sigtype = SIG_DIRECT
opts = {'passphrase': 'test', 'primary': targetkeypkt}
sigpkt = sign(sigtype, targetkeypkt, seckeypkt, **opts)
verified = verify(sigpkt,
targetkeypkt,
seckeypkt,
primary=targetkeypkt)
self.assertEqual(1, verified)
def testE08SignatureCreationV3RSATextSubpackets(self):
"crypto.signature: sign() v3 RSA with hashed subpkts TEXT"
import time
seckey_d = read_test_file(['pgpfiles', 'key', 'RSA1.sec.gpg'])
seckeypkt = list_pkts(seckey_d)[0]
msg = 'testmessage\r\nyaddaboo\n\nsdfll\r\n'
sigtype = SIG_TEXT
created = int(time.time()) - 5000
opts = {
'passphrase': 'test',
'version': 3,
'created': created,
'keyid': seckeypkt.body.id
}
sigpkt = sign(sigtype, msg, seckeypkt, **opts)
verified = verify(sigpkt, msg, seckeypkt)
self.assertEqual(1, verified)
def testE06SignatureCreationV4RSABinarySubpackets(self):
"crypto.signature: sign() v4 RSA with hashed subpkts BINARY"
seckey_d = read_test_file(['pgpfiles', 'key', 'RSA1.sec.gpg'])
seckeypkt = list_pkts(seckey_d)[0]
msg = 'testmessage\r\nyaddaboo\n\nsdfll\r\n'
sigtype = SIG_BINARY
created = int(time.time()) - 5000
subpkt_created = create_SignatureSubpacket(SIGSUB_CREATED, created)
subpkt_keyid = create_SignatureSubpacket(SIGSUB_SIGNERID,
seckeypkt.body.id)
opts = {
'passphrase': 'test',
'hashed_subpkts': [subpkt_created],
'unhashed_subpkts': [subpkt_keyid]
}
sigpkt = sign(sigtype, msg, seckeypkt, **opts)
verified = verify(sigpkt, msg, seckeypkt)
self.assertEqual(1, verified)
def verify_userid(keydata):
keymsg = list_msgs(list_pkts(keydata))[0]
userid = keymsg._b_userids[0].leader # first user id
useridsig = keymsg._b_userids[0].local_bindings[0] # first applicable signature
pubkey = keymsg._b_primary.leader
return verify(useridsig, userid, pubkey)
def find_key_prefs(keys):
"""Return a dictionary with an intersection of keys' preferences.
:Parameters:
- `keys`: list of `openpgp.sap.msg.KeyMsg.KeyMsg` subclass instances
:Returns: dictionary with keys 'sym', 'hash', 'comp' set with list of
appropriate codes in descending order of popularity
"""
sym_v, hash_v, comp_v = [], [], []
for key in keys:
sym_b = hash_b = comp_b = None # for *_v extension capability below
sigs = [] # where to look for preference blocks
for block in key._b_userids.list() + key._b_userattrs:
sigs.extend([s for s in block.local_bindings + block.local_direct])
# grab hashed local signatures
has_hashed = lambda x: hasattr(x, 'hashed_subpkts')
for sig in [s for s in sigs if has_hashed(s.body)]:
# sigs are all "equal," so just fill up the spaces asap
if CRYPT.verify(sig, block.leader, key._b_primary.leader):
for subpkt in sig.body.hashed_subpkts:
if SIGSUB_SYMCODE == subpkt.type:
sym_b = subpkt.value
elif SIGSUB_HASHCODE == subpkt.type:
hash_b = subpkt.value
elif SIGSUB_COMPCODE == subpkt.type:
comp_b = subpkt.value
if sym_b and hash_b and comp_b: # break out
break
if sym_b and hash_b and comp_b: # still breaking out..
break
# extend with list of preferences if present, otherwise nullify
if sym_b and sym_v is not None:
sym_v.append(unique_order(sym_b))
else:
sym_v = None
if hash_b and hash_v is not None:
hash_v.append(unique_order(hash_b))
else:
hash_v = None
if comp_b and comp_v is not None:
comp_v.append(unique_order(comp_b))
else:
comp_v = None
tally = {'sym':[], 'hash':[], 'comp':[]}
if sym_v:
tally['sym'] += intersect_order(sym_v)
if hash_v:
tally['hash'] += intersect_order(hash_v)
if comp_v:
tally['comp'] += intersect_order(comp_v)
return tally
def testD02RSAPGPSig(self):
"crypto.signature: verify() v3 RSA One-Pass"
keypkt = list_pkts(rsapubkey_d)[0]
msgs = list_msgs(list_pkts(rsasig_d))
sigmsg = msgs[0]
self.assertEqual(1, verify(sigmsg.sigs[0], sigmsg.msg, keypkt))
def testD05PrimaryRevocation(self):
"crypto.signature: verify() primary key revocation"
d = read_test_file(['pgpfiles', 'key', 'DSAELG1.pub.revoked.gpg'])
keypkt, revocpkt = list_pkts(d)[:2]
self.assertEqual(1, verify(revocpkt, keypkt, keypkt))
def testD05PrimaryRevocation(self):
"crypto.signature: verify() primary key revocation"
d = read_test_file(['pgpfiles','key','DSAELG1.pub.revoked.gpg'])
keypkt, revocpkt = list_pkts(d)[:2]
self.assertEqual(1, verify(revocpkt, keypkt, keypkt))
def testD02RSAPGPSig(self):
"crypto.signature: verify() v3 RSA One-Pass"
keypkt = list_pkts(rsapubkey_d)[0]
msgs = list_msgs(list_pkts(rsasig_d))
sigmsg = msgs[0]
self.assertEqual(1, verify(sigmsg.sigs[0], sigmsg.msg, keypkt))
def verify_subkey(keydata):
keymsg = list_msgs(list_pkts(keydata))[0]
subkey = keymsg._b_subkeys[0].leader # first subkey
subkeysig = keymsg._b_subkeys[0].local_bindings[0] # first applicable signature
pubkey = keymsg._b_primary.leader # public key
return verify(subkeysig, subkey, pubkey)
