def test_3_no_master_key(self):
from unittest.mock import patch
vault = crypto.VaultSpec.instance() # @UndefinedVariable
gpg_del_key(vault.GPG, vault.master_key)
## Check GNUPGKEY/master_key interaction.
#
env_val = 'some_value'
cfg_val = 'some_value'
cfg = trtc.Config()
cfg.VaultSpec.master_key = cfg_val
with patch.dict('os.environ', # @UndefinedVariable
{'GNUPGKEY': env_val}):
self.assertEqual(crypto.VaultSpec().master_key_resolved,
env_val)
self.assertEqual(crypto.VaultSpec(config=cfg).master_key_resolved,
env_val)
self.assertEqual(crypto.VaultSpec(config=cfg).master_key_resolved,
cfg_val)
try:
with _temp_master_key(vault, None):
with self.assertRaisesRegex(
ValueError,
'Cannot guess master-key! Found 0 keys'):
vault.encryptobj('enc_test', b'')
finally:
vault.master_key = gpg_gen_key(
vault.GPG,
key_length=1024,
name_real='test user3',
name_email='*****@*****.**').fingerprint
def _config(self):
c = trtc.Config()
c.ProjectsDB.repo_path = self._project_repo.name
c.Spec.verbose = c.ProjectsDB.verbose = 0
c.GpgSpec.master_key = 'ali baba'
c.DiceSpec.user_name = 'ali baba'
c.DiceSpec.user_email = '*****@*****.**'
return c
def setUpClass(cls):
cls._tdir = tdir = tempfile.mkdtemp(prefix='co2cipher-')
cfg = trtc.Config()
cfg.VaultSpec.gnupghome = tdir
crypto.VaultSpec.clear_instance() # @UndefinedVariable
vault = crypto.VaultSpec.instance(config=cfg) # @UndefinedVariable
key = cryptotc.gpg_gen_key(vault.GPG,
key_length=1024,
name_real='test user',
name_email='*****@*****.**')
vault.master_key = key.fingerprint
def setUpClass(cls):
cls.cfg = c = trtc.Config()
c.GpgSpec.gnupghome = tempfile.mkdtemp(prefix='gpghome-')
c.GpgSpec.keys_to_import = test_pgp_keys
c.GpgSpec.trust_to_import = test_pgp_trust
c.GpgSpec.master_key = test_pgp_fingerprint
c.GpgSpec.allow_test_key = True
crypto.GpgSpec(config=c)
## Clean memories from past tests
#
crypto.StamperAuthSpec.clear_instance() # @UndefinedVariable
crypto.GitAuthSpec.clear_instance() # @UndefinedVariable
crypto.VaultSpec.clear_instance() # @UndefinedVariable
def setUpClass(cls):
cls.cfg = cfg = trtc.Config()
cfg.VaultSpec.gnupghome = tempfile.mkdtemp(prefix='gpghome-')
## Clean memories from past tests
#
crypto.VaultSpec.clear_instance() # @UndefinedVariable
vault = crypto.VaultSpec.instance(config=cfg) # @UndefinedVariable
key = gpg_gen_key(
vault.GPG,
key_length=1024,
name_real='test user',
name_email='*****@*****.**')
vault.master_key = key.fingerprint
def setUpClass(cls):
cls.cfg = cfg = trtc.Config()
cfg.VaultSpec.gnupghome = tempfile.mkdtemp(prefix='gpghome-')
cfg.VaultSpec.keys_to_import = [test_pgp_key]
cfg.GpgSpec.trust_to_import = test_pgp_trust
## Clean memories from past tests
#
crypto.VaultSpec.clear_instance() # @UndefinedVariable
vault = crypto.VaultSpec.instance(config=cfg) # @UndefinedVariable
cls.ok_key = gpg_gen_key(
vault.GPG,
key_length=1024,
name_real='test user',
name_email='*****@*****.**')
def test_parse_stamps(self):
cfg = trtc.Config()
cfg.TstampReceiver.force = True
signer = self._SigChain(cfg=cfg)
trecv = tstamp.TstampReceiver(config=cfg)
chain = signer.load_stamp_chain()
errors = []
for sig_hex in chain:
try:
stamp = signer.load_sig_file(sig_hex)
_verdict = trecv.parse_tstamp_response(stamp)
#print(_verdict)
except Exception as ex:
errors.append(ex)
assert len(errors) == 0
def traitcfg(repodir, gpgdir):
cfg = trtc.Config()
cfg.GpgSpec.gnupghome = str(gpgdir)
cfg.GpgSpec.keys_to_import = test_pgp_keys
cfg.GpgSpec.trust_to_import = test_pgp_trust
cfg.GpgSpec.master_key = test_pgp_fingerprint
cfg.GpgSpec.allow_test_key = True
cfg.DiceSpec.user_name = "Test Vase"
cfg.DiceSpec.user_email = "*****@*****.**"
cfg.ProjectsDB.repo_path = str(repodir)
cfg.Spec.verbose = cfg.ProjectsDB.verbose = 0
cfg.WstampSpec.recipients = ["*****@*****.**"]
cfg.Project.max_dices_per_project = 10 # due to resets
return cfg
def test_GPG_EXECUTABLE(self):
from unittest.mock import patch
with patch.dict('os.environ', # @UndefinedVariable
{'GNUPGEXE': '/bad_path'}):
with self.assertRaisesRegex(
OSError,
r"Unable to run gpg \(/bad_path\) - it may not be available."):
crypto.GpgSpec().GPG
cfg = trtc.Config()
cfg.GpgSpec.gnupgexe = 'gpg'
with self.assertRaisesRegex(
OSError,
"Unable to run gpg \(/bad_path\) - it may not be available."):
crypto.GpgSpec(config=cfg).GPG
crypto.GpgSpec().GPG # Ok.
def setUpClass(cls):
cls.cfg = cfg = trtc.Config()
cfg.GpgSpec.gnupghome = tempfile.mkdtemp(prefix='gpghome-')
cfg.GpgSpec.keys_to_import = [test_pgp_key]
cfg.GpgSpec.trust_to_import = test_pgp_trust
gpg_spec = crypto.GpgSpec(config=cfg)
## Clean memories from past tests
#
crypto.StamperAuthSpec.clear_instance() # @UndefinedVariable
crypto.GitAuthSpec.clear_instance() # @UndefinedVariable
crypto.VaultSpec.clear_instance() # @UndefinedVariable
key = gpg_gen_key(
gpg_spec.GPG,
key_length=1024,
name_real='test user',
name_email='*****@*****.**')
cfg.GpgSpec.master_key = key.fingerprint
def setUpClass(cls):
cls._project_repo = tempfile.TemporaryDirectory()
log.debug('Temp-repo: %s', cls._project_repo)
cls.cfg = c = trtc.Config()
c.GpgSpec.gnupghome = tempfile.mkdtemp(prefix='gpghome-')
c.GpgSpec.keys_to_import = test_pgp_keys
c.GpgSpec.trust_to_import = test_pgp_trust
c.GpgSpec.master_key = test_pgp_fingerprint
c.GpgSpec.allow_test_key = True
c.DiceSpec.user_name = "Test Vase"
c.DiceSpec.user_email = "*****@*****.**"
c.Project.force = True
crypto.GpgSpec(config=c)
## Clean memories from past tests
#
crypto.StamperAuthSpec.clear_instance() # @UndefinedVariable
crypto.GitAuthSpec.clear_instance() # @UndefinedVariable
crypto.VaultSpec.clear_instance() # @UndefinedVariable
def test_GPGHOME(self):
from unittest.mock import patch
env_val = 'env_path'
cfg_val = 'cfg_path'
cfg = trtc.Config()
cfg.GpgSpec.gnupghome = cfg_val
with patch.dict('os.environ', # @UndefinedVariable
{'GNUPGHOME': env_val}):
self.assertEqual(crypto.GpgSpec().gnupghome, env_val)
self.assertEqual(crypto.GpgSpec().gnupghome_resolved, env_val)
cfg.GpgSpec.gnupghome = cfg_val
self.assertEqual(crypto.GpgSpec(config=cfg).gnupghome,
env_val)
self.assertEqual(crypto.GpgSpec(config=cfg).gnupghome_resolved,
env_val)
with patch.dict('os.environ', # @UndefinedVariable
clear=True):
self.assertEqual(crypto.GpgSpec(config=cfg).gnupghome, cfg_val)
self.assertEqual(crypto.GpgSpec(config=cfg).gnupghome_resolved, cfg_val)
def _SigChain(self, cfg=None):
cfg = cfg or trtc.Config()
cfg.SigChain.stamp_chain_dir = self._stamp_dir()
return tsigner.SigChain(config=cfg)
def test_app(self, case):
meth, cmd_cls = case
c = trtc.Config()
c.Cmd.raise_config_file_errors = True
cmd = cmd_cls(config=c)
meth(cmd)
