def test_invalid_algorithm_checksumfile2(self):
with pytest.raises(ValueError):
IcetrustUtils.verify_checksum(os.path.join(TEST_DIR, 'file1.txt'),
'rc4',
checksumfile=os.path.join(
TEST_DIR,
'file1.txt.SHA256SUMS'))
def test_invalid_file_verbose(self, tmp_path, mock_msg_callback):
gpg = IcetrustUtils.pgp_init(tmp_path)
assert IcetrustUtils.pgp_import_keys(
gpg, keyfile='foobar', msg_callback=mock_msg_callback) is False
assert len(mock_msg_callback.messages) == 1
assert mock_msg_callback.messages[
0] == "[Errno 2] No such file or directory: 'foobar'"
def test_invalid_fromkeyid(self, mock_msg_callback):
# TODO: Switch to use tmp_path fixture
temp_dir_obj = tempfile.TemporaryDirectory()
tmp_path = os.path.join(temp_dir_obj.name, '')
gpg = IcetrustUtils.pgp_init(tmp_path)
assert IcetrustUtils.pgp_import_keys(
gpg,
keyid='foobar',
keyserver='keyserver.ubuntu.com',
msg_callback=mock_msg_callback) is False
def test_invalid_wrong_signature_verbose(self, tmp_path, copy_keyring,
mock_msg_callback):
gpg = IcetrustUtils.pgp_init(tmp_path)
assert IcetrustUtils.pgp_verify(
gpg,
os.path.join(TEST_DIR, 'file1.txt'),
os.path.join(TEST_DIR, 'file1.SHA256SUMS.txt.sig'),
msg_callback=mock_msg_callback) is False
assert len(mock_msg_callback.messages) == 1
assert mock_msg_callback.messages[0] ==\
"[Errno 2] No such file or directory: 'test_data/file1.SHA256SUMS.txt.sig'"
def test_valid_fromfile_verbose(self, tmp_path, mock_msg_callback):
gpg = IcetrustUtils.pgp_init(tmp_path)
assert IcetrustUtils.pgp_import_keys(
gpg,
keyfile=os.path.join(TEST_DIR, 'pgp_keys.txt'),
msg_callback=mock_msg_callback) is True
assert len(mock_msg_callback.messages) == 2
assert mock_msg_callback.messages[
0] == '--- Results of key import ---\n'
assert '[GNUPG:] IMPORTED FBFCC82A015E7330' in mock_msg_callback.messages[
1]
def test_valid_file_verbose(self, tmp_path, copy_keyring,
mock_msg_callback):
gpg = IcetrustUtils.pgp_init(tmp_path)
assert IcetrustUtils.pgp_verify(gpg,
os.path.join(TEST_DIR, 'file1.txt'),
os.path.join(TEST_DIR,
'file1.txt.sig'),
msg_callback=mock_msg_callback) is True
assert len(mock_msg_callback.messages) == 2
assert mock_msg_callback.messages[
0] == '\n--- Results of verification ---'
assert '[GNUPG:] SIG_ID crXxiKwsoGFwp1pyl+csVQd53aA 2021-04-22 1619099716' in mock_msg_callback.messages[
1]
def import_key_material(gpg,
dir,
verification_data,
cmd_output=None,
msg_callback=None):
"""
Import keys if needed
:param verification_mode: verification mode being used
:param dir: directory to download to
:param filename_url: URL for the main file to be downloaded
:param verification_data: parsed JSON containing verification data
:param cmd_output: command output
:param msg_callback: message callback object, can be used to collect additional data via .echo()
:return: True if succesful, False if not, None if skipped
"""
keyfile_path = None
if 'keyfile_url' in verification_data:
keyfile_path = os.path.join(dir, FILENAME_KEYS)
# Do the actual import
import_result = IcetrustUtils.pgp_import_keys(
gpg,
keyfile=keyfile_path,
keyid=None if keyfile_path else verification_data['keyid'],
keyserver=None if keyfile_path else verification_data['keyserver'],
cmd_output=cmd_output,
msg_callback=msg_callback)
return import_result
def test_valid_checksum(self):
cmd_output = []
assert IcetrustUtils.verify_checksum(os.path.join(
TEST_DIR, 'file1.txt'),
DEFAULT_HASH_ALGORITHM,
checksum_value=FILE1_HASH,
cmd_output=cmd_output) is True
assert len(cmd_output) == 0
def test_doesnt_exists_file1_verbose(self, mock_msg_callback):
assert IcetrustUtils.compare_files(
os.path.join(TEST_DIR, 'foobar.txt'),
os.path.join(TEST_DIR, 'file1.txt'),
msg_callback=mock_msg_callback) is False
assert len(mock_msg_callback.messages) == 1
assert mock_msg_callback.messages[
0] == "[Errno 2] No such file or directory: 'test_data/foobar.txt'"
def test_invalid3_cmd_output(self):
cmd_output = []
assert IcetrustUtils.compare_files(os.path.join(TEST_DIR, 'file2.txt'),
os.path.join(TEST_DIR, 'file1.txt'),
cmd_output=cmd_output) is False
assert len(cmd_output) == 2
assert cmd_output[0] == 'File1 checksum: ' + FILE2_HASH
assert cmd_output[1] == 'File2 checksum: ' + FILE1_HASH
def test_valid_verbose(self, mock_msg_callback):
assert IcetrustUtils.compare_files(
os.path.join(TEST_DIR, 'file1.txt'),
os.path.join(TEST_DIR, 'file1.txt'),
msg_callback=mock_msg_callback) is True
assert len(mock_msg_callback.messages) == 2
assert mock_msg_callback.messages[0] == 'File1 checksum: ' + FILE1_HASH
assert mock_msg_callback.messages[1] == 'File2 checksum: ' + FILE1_HASH
def test_valid_checksum_verbose(self, mock_msg_callback):
assert IcetrustUtils.verify_checksum(
os.path.join(TEST_DIR, 'file1.txt'),
DEFAULT_HASH_ALGORITHM,
checksum_value=FILE1_HASH,
msg_callback=mock_msg_callback) is True
assert len(mock_msg_callback.messages) == 2
assert mock_msg_callback.messages[0] == 'Algorithm: sha256'
assert mock_msg_callback.messages[1] == 'File hash: ' + FILE1_HASH
def test_doesnt_exists_file_verbose(self, mock_msg_callback):
assert IcetrustUtils.verify_checksum(
os.path.join(TEST_DIR, 'foobar.txt'),
DEFAULT_HASH_ALGORITHM,
checksumfile=os.path.join(TEST_DIR, 'file1.txt.SHA256SUMS'),
msg_callback=mock_msg_callback) is False
assert len(mock_msg_callback.messages) == 1
assert mock_msg_callback.messages[
0] == "[Errno 2] No such file or directory: 'test_data/foobar.txt'"
def pgp(verbose, filename, signaturefile, keyfile, keyid, keyserver):
"""Verify FILENAME via a PGP signature in SIGNATUREFILE using provided keys"""
# Check input parameters
if keyfile is None and (keyid is None or keyserver is None):
click.echo("ERROR: Either '--keyfile' or '--keyid/--keyserver' parameters must be set!")
sys.exit(2)
# Initialize PGP and import keys
gpg = IcetrustUtils.pgp_init(verbose)
import_result = IcetrustUtils.pgp_import_keys(gpg, keyfile=keyfile, keyid=keyid, keyserver=keyserver,
msg_callback=IcetrustUtils.process_verbose_flag(verbose))
if import_result is False:
_process_result(import_result)
# Verify file
verification_result = IcetrustUtils.pgp_verify(gpg, filename, signaturefile,
msg_callback=IcetrustUtils.process_verbose_flag(verbose))
_process_result(verification_result)
def test_doesnt_exists_checksum_file_valid(self, mock_msg_callback):
assert IcetrustUtils.verify_checksum(
os.path.join(TEST_DIR, 'file1.txt'),
DEFAULT_HASH_ALGORITHM,
checksumfile=os.path.join(TEST_DIR, 'foobar.txt'),
msg_callback=mock_msg_callback) is False
assert len(mock_msg_callback.messages) == 3
assert mock_msg_callback.messages[0] == 'Algorithm: sha256'
assert mock_msg_callback.messages[1] == 'File hash: ' + FILE1_HASH
assert mock_msg_callback.messages[
2] == "[Errno 2] No such file or directory: 'test_data/foobar.txt'"
def test_invalid1_checksumfile_with_cmd_output(self):
cmd_output = []
assert IcetrustUtils.verify_checksum(
os.path.join(TEST_DIR, 'file1.txt.SHA256SUMS'),
DEFAULT_HASH_ALGORITHM,
checksumfile=os.path.join(TEST_DIR, 'file1.txt'),
cmd_output=cmd_output) is False
assert len(cmd_output) == 3
assert cmd_output[0] == 'Algorithm: sha256'
assert cmd_output[
1] == 'File checksum: ca68d23d93b2611b380a57fa076684e1f5fa76d0d6bbd6df00c9aed28347e383'
assert cmd_output[2] == 'No match found in checksum file'
def pgpchecksumfile(verbose, filename, checksumfile, signaturefile, algorithm, keyfile, keyid, keyserver):
"""Verify FILENAME via a PGP-signed CHECKSUMFILE, with a signature in SIGNATUREFILE using provided keys"""
# Check input parameters
if keyfile is None and (keyid is None or keyserver is None):
click.echo("ERROR: Either '--keyfile' or '--keyid/--keyserver' parameters must be set!")
sys.exit(2)
# Initialize PGP and import keys
gpg = IcetrustUtils.pgp_init(verbose)
import_result = IcetrustUtils.pgp_import_keys(gpg, keyfile=keyfile, keyid=keyid, keyserver=keyserver,
msg_callback=IcetrustUtils.process_verbose_flag(verbose))
if import_result is False:
_process_result(import_result)
# Verify checksums file
verification_result = IcetrustUtils.pgp_verify(gpg, checksumfile, signaturefile,
msg_callback=IcetrustUtils.process_verbose_flag(verbose))
if verification_result.status is False:
_process_result(verification_result)
# Check hash against the checksums file
checksum_valid = IcetrustUtils.verify_checksum(filename, algorithm, checksumfile=checksumfile,
msg_callback=IcetrustUtils.process_verbose_flag(verbose))
_process_result(checksum_valid)
def test_invalid1_checksum(self):
assert IcetrustUtils.verify_checksum(os.path.join(
TEST_DIR, 'file1.txt.SHA256SUMS'),
DEFAULT_HASH_ALGORITHM,
checksum_value='foobar') is False
def test_version(self):
runner = CliRunner()
result = runner.invoke(cli, ['--version'])
assert result.exit_code == 0
assert result.output == 'icetrust, version ' + IcetrustUtils.get_version(
) + '\n'
def test_valid(self):
cmd_output = []
assert IcetrustUtils.compare_files(os.path.join(TEST_DIR, 'file1.txt'),
os.path.join(TEST_DIR, 'file1.txt'),
cmd_output=cmd_output) is True
assert len(cmd_output) == 0
def test_doesnt_exists_all_files(self):
assert IcetrustUtils.compare_files(
os.path.join(TEST_DIR, 'foobar1.txt'),
os.path.join(TEST_DIR, 'foobar2.txt')) is False
def test_process_verbose_flag_valid(self):
assert IcetrustUtils.process_verbose_flag(False) is False
assert IcetrustUtils.process_verbose_flag(None) is False
def test_get_version_format_valid(self):
pattern = re.compile(r'^(\d+\.)?(\d+\.)?(\*|\d+)$')
assert pattern.match(IcetrustUtils.get_version()) is not None
def test_invalid_missing_arguments1(self):
with pytest.raises(ValueError):
IcetrustUtils.verify_checksum(os.path.join(TEST_DIR, 'file1.txt'),
DEFAULT_HASH_ALGORITHM)
def test_valid_checksum_uppercase(self):
assert IcetrustUtils.verify_checksum(
os.path.join(TEST_DIR, 'file1.txt'),
DEFAULT_HASH_ALGORITHM,
checksum_value=FILE1_HASH.upper()) is True
def test_invalid_algorithm_checksumfile1(self):
assert IcetrustUtils.verify_checksum(
os.path.join(TEST_DIR, 'file1.txt'),
'md5',
checksumfile=os.path.join(TEST_DIR,
'file1.txt.SHA256SUMS')) is False
def test_invalid_algorithm_checksum2(self):
with pytest.raises(ValueError):
IcetrustUtils.verify_checksum(os.path.join(TEST_DIR, 'file1.txt'),
'rc4',
checksum_value=FILE1_HASH)
def test_invalid_algorithm_checksum1(self):
assert IcetrustUtils.verify_checksum(
os.path.join(TEST_DIR, 'file1.txt'),
'md5',
checksum_value=FILE1_HASH) is False
def test_invalid2_checksumfile(self):
assert IcetrustUtils.verify_checksum(
os.path.join(TEST_DIR, 'file2.txt'),
DEFAULT_HASH_ALGORITHM,
checksumfile=os.path.join(TEST_DIR,
'file1.txt.SHA256SUMS')) is False
def test_valid_checksum_whitespace(self):
assert IcetrustUtils.verify_checksum(
os.path.join(TEST_DIR, 'file1.txt'),
DEFAULT_HASH_ALGORITHM,
checksum_value=' ' + FILE1_HASH + ' ') is True
