Exemplo n.º 1
0
    def test_sign_and_encrypt_double_secret(self):
        "We want to produce as many signatures as possible"
        recv = DirectoryContext(homedir=self.key_receiver_homedir)
        params = """<GnupgKeyParms format="internal">
            %transient-key
            Key-Type: RSA
            Key-Length: 1024
            Name-Real: Joe Genkey Tester
            Name-Comment: with stupid passphrase
            Name-Email: [email protected]
            %no-protection
            #Passphrase: Crypt0R0cks
            #Expire-Date: 2020-12-31
        </GnupgKeyParms>
        """
        recv.op_genkey(params, None, None)
        gen_result = recv.op_genkey_result()
        assert_equal(2, len(list(recv.keylist(secret=True))))
        
        sender = DirectoryContext(homedir=self.key_sender_homedir)
        sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS)
        sender_keys = list(sender.keylist())
        assert_equal(1, len(sender_keys))
        sender_key = sender_keys[0]
        fpr = sender_key.fpr
        sink = gpg.Data()
        sender.op_export_keys(sender_keys, 0, sink)
        sink.seek(0, 0)
        public_sender_key = sink.read()
        # Now finally call the function under test
        uid_encrypted = list(sign_keydata_and_encrypt(public_sender_key,
            error_cb=None, homedir=self.key_receiver_homedir))
        assert_equals(len(sender_key.uids), len(uid_encrypted))

        uids_before = sender.get_key(fpr).uids
        sigs = [uid.signatures for uid in uids_before]
        sigs_before = [sig for signatures in sigs for sig in signatures]
        for uid, uid_enc in zip(uids_before, uid_encrypted):
            # FIXME: assert_equals(uid, uid_enc[0])
            assert_in(uid.name, uid_enc[0].uid)
            assert_in(uid.email, uid_enc[0].uid)
            ciphertext = uid_enc[1]
            log.debug("Decrypting %r", ciphertext)
            plaintext, result, vrfy = sender.decrypt(ciphertext)
            log.debug("Decrypt Result: %r", result)
            sender.op_import(plaintext)
            import_result = sender.op_import_result()
            log.debug("Import Result: %r", import_result)
            # Here is the important check for two new signatures
            assert_equals(2, import_result.new_signatures)
            updated_key = sender.get_key(fpr)
            log.debug("updated key: %r", updated_key)
            log.debug("updated key sigs: %r", [(uid, uid.signatures) for uid in updated_key.uids])

        uids_after = sender.get_key(fpr).uids
        sigs = [uid.signatures for uid in uids_after]
        sigs_after = [sig for signatures in sigs for sig in signatures]
        assert_greater(len(sigs_after), len(sigs_before))
Exemplo n.º 2
0
    def test_sign_and_encrypt(self):
        # This might be a secret key, too, so we import and export to
        # get hold of the public portion.
        keydata = open(self.key_sender_key, "rb").read()
        # We get the public portion of the key
        sender = TempContext()
        sender.op_import(keydata)
        result = sender.op_import_result()
        fpr = result.imports[0].fpr
        sink = gpg.Data()
        sender.op_export(fpr, 0, sink)
        sink.seek(0, 0)
        # This is the key that we will sign
        public_sender_key = sink.read()

        keys = get_usable_keys(homedir=self.key_sender_homedir)
        assert_equal(1, len(keys))
        key = keys[0]
        uids = key.uidslist
        # Now finally call the function under test
        uid_encrypted = list(sign_keydata_and_encrypt(public_sender_key,
                             error_cb=None, homedir=self.key_receiver_homedir))
        assert_equal(len(uids), len(uid_encrypted))

        # We need to explicitly request signatures
        uids_before = uids
        assert_equal(len(uids_before), len(sender.get_key(fpr).uids))

        sigs_before = [s for l in get_signatures_for_uids_on_key(sender,
                                    key).values() for s in l]
        # FIXME: Refactor this a little bit.
        # We have duplication of code with the other test below.
        for uid, uid_enc in zip(uids_before, uid_encrypted):
            uid_enc_str = uid_enc[0].uid
            # The test doesn't work so well, because comments
            # are not rendered :-/
            # assert_equal(uid, uid_enc[0])
            assert_in(uid.name, uid_enc_str)
            assert_in(uid.email, uid_enc_str)
            ciphertext = uid_enc[1]
            log.debug("Decrypting %r", ciphertext)
            plaintext, result, vrfy = sender.decrypt(ciphertext)
            log.debug("Decrypt Result: %r", result)
            sender.op_import(plaintext)
            import_result = sender.op_import_result()
            log.debug("Import Result: %r", import_result)
            assert_equal(1, import_result.new_signatures)
            updated_key = sender.get_key(fpr)
            log.debug("updated key: %r", updated_key)
            log.debug("updated key sigs: %r", [(uid, uid.signatures) for uid in updated_key.uids])

        sigs_after = [s for l in get_signatures_for_uids_on_key(sender,
                                    key).values() for s in l]
        assert_greater(len(sigs_after), len(sigs_before))
Exemplo n.º 3
0
    def test_sign_and_encrypt(self):
        secret_keydata = open(self.key_sender_key, "r").read()
        # We get the public portion of the key
        sender = TempContext()
        sender.op_import(secret_keydata)
        result = sender.op_import_result()
        fpr = result.imports[0].fpr
        sink = gpg.Data()
        sender.op_export(fpr, 0, sink)
        sink.seek(0, 0)
        # This is the key that we will sign
        public_sender_key = sink.read()

        keys = get_usable_secret_keys(homedir=self.key_sender_homedir)
        assert_equals(1, len(keys))
        key = keys[0]
        uids = key.uidslist
        # Now finally call the function under test
        uid_encrypted = list(
            sign_keydata_and_encrypt(public_sender_key,
                                     error_cb=None,
                                     homedir=self.key_receiver_homedir))
        assert_equals(len(uids), len(uid_encrypted))

        # We need to explicitly request signatures
        sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS)
        uids_before = sender.get_key(fpr).uids
        sigs = [uid.signatures for uid in uids_before]
        sigs_before = [sig for signatures in sigs for sig in signatures]
        for uid, uid_enc in zip(uids_before, uid_encrypted):
            # The test doesn't work so well, because comments
            # are not rendered :-/
            # assert_equals(uid, uid_enc[0])
            assert_in(uid.name, uid_enc[0].uid)
            assert_in(uid.email, uid_enc[0].uid)
            ciphertext = uid_enc[1]
            log.debug("Decrypting %r", ciphertext)
            plaintext, result, vrfy = sender.decrypt(ciphertext)
            log.debug("Decrypt Result: %r", result)
            sender.op_import(plaintext)
            import_result = sender.op_import_result()
            log.debug("Import Result: %r", import_result)
            assert_equals(1, import_result.new_signatures)
            updated_key = sender.get_key(fpr)
            log.debug("updated key: %r", updated_key)
            log.debug("updated key sigs: %r",
                      [(uid, uid.signatures) for uid in updated_key.uids])

        uids_after = sender.get_key(fpr).uids
        sigs = [uid.signatures for uid in uids_after]
        sigs_after = [sig for signatures in sigs for sig in signatures]
        assert_greater(len(sigs_after), len(sigs_before))
Exemplo n.º 4
0
    def test_sign_and_encrypt(self):
        secret_keydata = open(self.key_sender_key, "r").read()
        # We get the public portion of the key
        sender = TempContext()
        sender.op_import(secret_keydata)
        result = sender.op_import_result()
        fpr = result.imports[0].fpr
        sink = gpg.Data()
        sender.op_export(fpr, 0, sink)
        sink.seek(0, 0)
        # This is the key that we will sign
        public_sender_key = sink.read()

        keys = get_usable_secret_keys(homedir=self.key_sender_homedir)
        assert_equals(1, len(keys))
        key = keys[0]
        uids = key.uidslist
        # Now finally call the function under test
        uid_encrypted = list(sign_keydata_and_encrypt(public_sender_key,
            error_cb=None, homedir=self.key_receiver_homedir))
        assert_equals(len(uids), len(uid_encrypted))

        # We need to explicitly request signatures
        sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS)
        uids_before = sender.get_key(fpr).uids
        sigs = [uid.signatures for uid in uids_before]
        sigs_before = [sig for signatures in sigs for sig in signatures]
        for uid, uid_enc in zip(uids_before, uid_encrypted):
            # The test doesn't work so well, because comments
            # are not rendered :-/
            # assert_equals(uid, uid_enc[0])
            assert_in(uid.name, uid_enc[0].uid)
            assert_in(uid.email, uid_enc[0].uid)
            ciphertext = uid_enc[1]
            log.debug("Decrypting %r", ciphertext)
            plaintext, result, vrfy = sender.decrypt(ciphertext)
            log.debug("Decrypt Result: %r", result)
            sender.op_import(plaintext)
            import_result = sender.op_import_result()
            log.debug("Import Result: %r", import_result)
            assert_equals(1, import_result.new_signatures)
            updated_key = sender.get_key(fpr)
            log.debug("updated key: %r", updated_key)
            log.debug("updated key sigs: %r", [(uid, uid.signatures) for uid in updated_key.uids])

        uids_after = sender.get_key(fpr).uids
        sigs = [uid.signatures for uid in uids_after]
        sigs_after = [sig for signatures in sigs for sig in signatures]
        assert_greater(len(sigs_after), len(sigs_before))
Exemplo n.º 5
0
    def test_sign_and_encrypt_double_secret(self):
        "We want to produce as many signatures as possible"
        recv = DirectoryContext(homedir=self.key_receiver_homedir)
        params = """<GnupgKeyParms format="internal">
            %transient-key
            Key-Type: RSA
            Key-Length: 1024
            Name-Real: Joe Genkey Tester
            Name-Comment: with stupid passphrase
            Name-Email: [email protected]
            %no-protection
            #Passphrase: Crypt0R0cks
            #Expire-Date: 2020-12-31
        </GnupgKeyParms>
        """
        recv.op_genkey(params, None, None)
        gen_result = recv.op_genkey_result()
        assert_equal(2, len(list(recv.keylist(secret=True))))

        sender = DirectoryContext(homedir=self.key_sender_homedir)
        sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS)
        sender_keys = list(sender.keylist())
        assert_equal(1, len(sender_keys))
        sender_key = sender_keys[0]
        fpr = sender_key.fpr
        sink = gpg.Data()
        sender.op_export_keys(sender_keys, 0, sink)
        sink.seek(0, 0)
        public_sender_key = sink.read()
        # Now finally call the function under test
        uid_encrypted = list(
            sign_keydata_and_encrypt(public_sender_key,
                                     error_cb=None,
                                     homedir=self.key_receiver_homedir))
        assert_equals(len(sender_key.uids), len(uid_encrypted))

        uids_before = sender.get_key(fpr).uids
        sigs_before = [
            s for l in get_signatures_for_uids_on_key(
                sender, sender_key).values() for s in l
        ]
        for uid, uid_enc in zip(uids_before, uid_encrypted):
            uid_enc_str = uid_enc[0].uid
            log.info("Uid enc str: %r", uid_enc_str)
            log.info("Uid name: %r", uid.name)
            # FIXME: assert_equals(uid, uid_enc[0])
            # It's a bit weird to re-use the string treatment here.
            # But gpgme may return unencodable bytes (and uid, here, is
            # coming straight from gpgme).  We opted for our UID wrapper
            # to return consumable strings, i.e. safe to encode
            assert_in(to_valid_utf8_string(uid.name), uid_enc_str)
            assert_in(to_valid_utf8_string(uid.email), uid_enc_str)
            ciphertext = uid_enc[1]
            log.debug("Decrypting %r", ciphertext)
            plaintext, result, vrfy = sender.decrypt(ciphertext)
            log.debug("Decrypt Result: %r", result)
            sender.op_import(plaintext)
            import_result = sender.op_import_result()
            log.debug("Import Result: %r", import_result)
            # Here is the important check for two new signatures
            assert_equals(2, import_result.new_signatures)
            updated_key = sender.get_key(fpr)
            log.debug("updated key: %r", updated_key)
            log.debug("updated key sigs: %r",
                      [(uid, uid.signatures) for uid in updated_key.uids])

        sigs_after = [
            s for l in get_signatures_for_uids_on_key(
                sender, sender_key).values() for s in l
        ]

        assert_greater(len(sigs_after), len(sigs_before))
Exemplo n.º 6
0
    def test_sign_and_encrypt_double_secret(self):
        "We want to produce as many signatures as possible"
        recv = DirectoryContext(homedir=self.key_receiver_homedir)
        params = """<GnupgKeyParms format="internal">
            %transient-key
            Key-Type: RSA
            Key-Length: 1024
            Name-Real: Joe Genkey Tester
            Name-Comment: with stupid passphrase
            Name-Email: [email protected]
            %no-protection
            #Passphrase: Crypt0R0cks
            #Expire-Date: 2020-12-31
        </GnupgKeyParms>
        """
        recv.op_genkey(params, None, None)
        gen_result = recv.op_genkey_result()
        assert_equal(2, len(list(recv.keylist(secret=True))))

        sender = DirectoryContext(homedir=self.key_sender_homedir)
        sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS)
        sender_keys = list(sender.keylist())
        assert_equal(1, len(sender_keys))
        sender_key = sender_keys[0]
        fpr = sender_key.fpr
        sink = gpg.Data()
        sender.op_export_keys(sender_keys, 0, sink)
        sink.seek(0, 0)
        public_sender_key = sink.read()
        # Now finally call the function under test
        uid_encrypted = list(
            sign_keydata_and_encrypt(public_sender_key,
                                     error_cb=None,
                                     homedir=self.key_receiver_homedir))
        assert_equals(len(sender_key.uids), len(uid_encrypted))

        uids_before = sender.get_key(fpr).uids
        sigs = [uid.signatures for uid in uids_before]
        sigs_before = [sig for signatures in sigs for sig in signatures]
        for uid, uid_enc in zip(uids_before, uid_encrypted):
            # FIXME: assert_equals(uid, uid_enc[0])
            assert_in(uid.name, uid_enc[0].uid)
            assert_in(uid.email, uid_enc[0].uid)
            ciphertext = uid_enc[1]
            log.debug("Decrypting %r", ciphertext)
            plaintext, result, vrfy = sender.decrypt(ciphertext)
            log.debug("Decrypt Result: %r", result)
            sender.op_import(plaintext)
            import_result = sender.op_import_result()
            log.debug("Import Result: %r", import_result)
            # Here is the important check for two new signatures
            assert_equals(2, import_result.new_signatures)
            updated_key = sender.get_key(fpr)
            log.debug("updated key: %r", updated_key)
            log.debug("updated key sigs: %r",
                      [(uid, uid.signatures) for uid in updated_key.uids])

        uids_after = sender.get_key(fpr).uids
        sigs = [uid.signatures for uid in uids_after]
        sigs_after = [sig for signatures in sigs for sig in signatures]
        assert_greater(len(sigs_after), len(sigs_before))