Пример #1
0
    def test_verify_invalid_signature(self):
        """Test verifying messages with invalid signatures."""
        f = open(os.path.join(self.files, 'invalid.sig'))
        invalid = f.read()
        f.close()

        verified, err_msg = gpg.verify('notasignedmessage')
        self.assertFalse(verified)
        self.assertEqual(err_msg, err_messages['not_signed'])

        verified, err_msg = gpg.verify(invalid)
        self.assertFalse(verified)
        self.assertEqual(err_msg, err_messages['invalid_sig'])
Пример #2
0
    def test_verify_valid_signature(self):
        """Test verifying a message with a valid signature."""
        f = open(os.path.join(self.files, 'valid.sig'))
        valid = f.read()
        f.close()

        verified, _ = gpg.verify(valid)
        self.assertTrue(verified)
Пример #3
0
def new_canary():
    if request.method == 'GET':
        return None

    if request.method == 'POST':
        try:
            signed = request.form['signedMessage']
            frequency_num = int(request.form['frequencyNum'])
            frequency_type = request.form['frequency']
        except KeyError:
            flash(err_messages['incomplete_form'], 'error')
            return None

        allowed_freqs = 'day', 'week', 'month'
        in_range = 1 <= frequency_num <= 100
        if frequency_type not in allowed_freqs or not in_range:
            flash(err_messages['invalid_freq'], 'error')
            return None
        # Get the frequency in days
        frequency = days(frequency_num, frequency_type)

        verified, err = gpg.verify(signed)
        # Start over if the message wasn't verified.
        if err and not verified:
            flash(err, 'error')
            return None

        fp = verified.fingerprint
        sigid_base64 = base64.urlsafe_b64encode(verified.signature_id)

        try:
            canary = Canary(sigid_base64, frequency, frequency_type)
            db_session.add(canary)
            db_session.commit()
        except IntegrityError:
            # Throw an error if a canary with that sigid already exists
            db_session.rollback()
            db_session.flush()
            flash(err_messages['dupe_canary'], 'error')
            return redirect(url_for('new_canary'))
        except Exception as e:
            db_session.rollback()
            db_session.flush()
            app.logger.error(e)
            """An unexpected database error should not reveal any
               error details to the user."""
            flash(err_messages['generic'], 'error')
            return None

        ciphertext = Challenge.generate(canary, fp)
        # TODO: This is sloppy.
        session['canary'] = dict(fp=verified.fingerprint.lower(),
                                 text=signed,
                                 uid=verified.username,
                                 keyid=verified.key_id,
                                 sigid_base64=sigid_base64,
                                 frequency=frequency,
                                 freq_type=frequency_type,
                                 ciphertext=str(ciphertext))

        flash(messages['verified'], 'message')
        return dict(canary=session['canary'])