def test_sign_and_encrypt_double_secret(self):
"We want to produce as many signatures as possible"
recv = DirectoryContext(homedir=self.key_receiver_homedir)
params = """<GnupgKeyParms format="internal">
%transient-key
Key-Type: RSA
Key-Length: 1024
Name-Real: Joe Genkey Tester
Name-Comment: with stupid passphrase
Name-Email: [email protected]
%no-protection
#Passphrase: Crypt0R0cks
#Expire-Date: 2020-12-31
</GnupgKeyParms>
"""
recv.op_genkey(params, None, None)
gen_result = recv.op_genkey_result()
assert_equal(2, len(list(recv.keylist(secret=True))))
sender = DirectoryContext(homedir=self.key_sender_homedir)
sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS)
sender_keys = list(sender.keylist())
assert_equal(1, len(sender_keys))
sender_key = sender_keys[0]
fpr = sender_key.fpr
sink = gpg.Data()
sender.op_export_keys(sender_keys, 0, sink)
sink.seek(0, 0)
public_sender_key = sink.read()
# Now finally call the function under test
uid_encrypted = list(sign_keydata_and_encrypt(public_sender_key,
error_cb=None, homedir=self.key_receiver_homedir))
assert_equals(len(sender_key.uids), len(uid_encrypted))
uids_before = sender.get_key(fpr).uids
sigs = [uid.signatures for uid in uids_before]
sigs_before = [sig for signatures in sigs for sig in signatures]
for uid, uid_enc in zip(uids_before, uid_encrypted):
# FIXME: assert_equals(uid, uid_enc[0])
assert_in(uid.name, uid_enc[0].uid)
assert_in(uid.email, uid_enc[0].uid)
ciphertext = uid_enc[1]
log.debug("Decrypting %r", ciphertext)
plaintext, result, vrfy = sender.decrypt(ciphertext)
log.debug("Decrypt Result: %r", result)
sender.op_import(plaintext)
import_result = sender.op_import_result()
log.debug("Import Result: %r", import_result)
# Here is the important check for two new signatures
assert_equals(2, import_result.new_signatures)
updated_key = sender.get_key(fpr)
log.debug("updated key: %r", updated_key)
log.debug("updated key sigs: %r", [(uid, uid.signatures) for uid in updated_key.uids])
uids_after = sender.get_key(fpr).uids
sigs = [uid.signatures for uid in uids_after]
sigs_after = [sig for signatures in sigs for sig in signatures]
assert_greater(len(sigs_after), len(sigs_before))
def test_sign_and_encrypt(self):
# This might be a secret key, too, so we import and export to
# get hold of the public portion.
keydata = open(self.key_sender_key, "rb").read()
# We get the public portion of the key
sender = TempContext()
sender.op_import(keydata)
result = sender.op_import_result()
fpr = result.imports[0].fpr
sink = gpg.Data()
sender.op_export(fpr, 0, sink)
sink.seek(0, 0)
# This is the key that we will sign
public_sender_key = sink.read()
keys = get_usable_keys(homedir=self.key_sender_homedir)
assert_equal(1, len(keys))
key = keys[0]
uids = key.uidslist
# Now finally call the function under test
uid_encrypted = list(sign_keydata_and_encrypt(public_sender_key,
error_cb=None, homedir=self.key_receiver_homedir))
assert_equal(len(uids), len(uid_encrypted))
# We need to explicitly request signatures
uids_before = uids
assert_equal(len(uids_before), len(sender.get_key(fpr).uids))
sigs_before = [s for l in get_signatures_for_uids_on_key(sender,
key).values() for s in l]
# FIXME: Refactor this a little bit.
# We have duplication of code with the other test below.
for uid, uid_enc in zip(uids_before, uid_encrypted):
uid_enc_str = uid_enc[0].uid
# The test doesn't work so well, because comments
# are not rendered :-/
# assert_equal(uid, uid_enc[0])
assert_in(uid.name, uid_enc_str)
assert_in(uid.email, uid_enc_str)
ciphertext = uid_enc[1]
log.debug("Decrypting %r", ciphertext)
plaintext, result, vrfy = sender.decrypt(ciphertext)
log.debug("Decrypt Result: %r", result)
sender.op_import(plaintext)
import_result = sender.op_import_result()
log.debug("Import Result: %r", import_result)
assert_equal(1, import_result.new_signatures)
updated_key = sender.get_key(fpr)
log.debug("updated key: %r", updated_key)
log.debug("updated key sigs: %r", [(uid, uid.signatures) for uid in updated_key.uids])
sigs_after = [s for l in get_signatures_for_uids_on_key(sender,
key).values() for s in l]
assert_greater(len(sigs_after), len(sigs_before))
def test_sign_and_encrypt(self):
secret_keydata = open(self.key_sender_key, "r").read()
# We get the public portion of the key
sender = TempContext()
sender.op_import(secret_keydata)
result = sender.op_import_result()
fpr = result.imports[0].fpr
sink = gpg.Data()
sender.op_export(fpr, 0, sink)
sink.seek(0, 0)
# This is the key that we will sign
public_sender_key = sink.read()
keys = get_usable_secret_keys(homedir=self.key_sender_homedir)
assert_equals(1, len(keys))
key = keys[0]
uids = key.uidslist
# Now finally call the function under test
uid_encrypted = list(
sign_keydata_and_encrypt(public_sender_key,
error_cb=None,
homedir=self.key_receiver_homedir))
assert_equals(len(uids), len(uid_encrypted))
# We need to explicitly request signatures
sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS)
uids_before = sender.get_key(fpr).uids
sigs = [uid.signatures for uid in uids_before]
sigs_before = [sig for signatures in sigs for sig in signatures]
for uid, uid_enc in zip(uids_before, uid_encrypted):
# The test doesn't work so well, because comments
# are not rendered :-/
# assert_equals(uid, uid_enc[0])
assert_in(uid.name, uid_enc[0].uid)
assert_in(uid.email, uid_enc[0].uid)
ciphertext = uid_enc[1]
log.debug("Decrypting %r", ciphertext)
plaintext, result, vrfy = sender.decrypt(ciphertext)
log.debug("Decrypt Result: %r", result)
sender.op_import(plaintext)
import_result = sender.op_import_result()
log.debug("Import Result: %r", import_result)
assert_equals(1, import_result.new_signatures)
updated_key = sender.get_key(fpr)
log.debug("updated key: %r", updated_key)
log.debug("updated key sigs: %r",
[(uid, uid.signatures) for uid in updated_key.uids])
uids_after = sender.get_key(fpr).uids
sigs = [uid.signatures for uid in uids_after]
sigs_after = [sig for signatures in sigs for sig in signatures]
assert_greater(len(sigs_after), len(sigs_before))
def test_sign_and_encrypt(self):
secret_keydata = open(self.key_sender_key, "r").read()
# We get the public portion of the key
sender = TempContext()
sender.op_import(secret_keydata)
result = sender.op_import_result()
fpr = result.imports[0].fpr
sink = gpg.Data()
sender.op_export(fpr, 0, sink)
sink.seek(0, 0)
# This is the key that we will sign
public_sender_key = sink.read()
keys = get_usable_secret_keys(homedir=self.key_sender_homedir)
assert_equals(1, len(keys))
key = keys[0]
uids = key.uidslist
# Now finally call the function under test
uid_encrypted = list(sign_keydata_and_encrypt(public_sender_key,
error_cb=None, homedir=self.key_receiver_homedir))
assert_equals(len(uids), len(uid_encrypted))
# We need to explicitly request signatures
sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS)
uids_before = sender.get_key(fpr).uids
sigs = [uid.signatures for uid in uids_before]
sigs_before = [sig for signatures in sigs for sig in signatures]
for uid, uid_enc in zip(uids_before, uid_encrypted):
# The test doesn't work so well, because comments
# are not rendered :-/
# assert_equals(uid, uid_enc[0])
assert_in(uid.name, uid_enc[0].uid)
assert_in(uid.email, uid_enc[0].uid)
ciphertext = uid_enc[1]
log.debug("Decrypting %r", ciphertext)
plaintext, result, vrfy = sender.decrypt(ciphertext)
log.debug("Decrypt Result: %r", result)
sender.op_import(plaintext)
import_result = sender.op_import_result()
log.debug("Import Result: %r", import_result)
assert_equals(1, import_result.new_signatures)
updated_key = sender.get_key(fpr)
log.debug("updated key: %r", updated_key)
log.debug("updated key sigs: %r", [(uid, uid.signatures) for uid in updated_key.uids])
uids_after = sender.get_key(fpr).uids
sigs = [uid.signatures for uid in uids_after]
sigs_after = [sig for signatures in sigs for sig in signatures]
assert_greater(len(sigs_after), len(sigs_before))
def test_sign_and_encrypt_double_secret(self):
"We want to produce as many signatures as possible"
recv = DirectoryContext(homedir=self.key_receiver_homedir)
params = """<GnupgKeyParms format="internal">
%transient-key
Key-Type: RSA
Key-Length: 1024
Name-Real: Joe Genkey Tester
Name-Comment: with stupid passphrase
Name-Email: [email protected]
%no-protection
#Passphrase: Crypt0R0cks
#Expire-Date: 2020-12-31
</GnupgKeyParms>
"""
recv.op_genkey(params, None, None)
gen_result = recv.op_genkey_result()
assert_equal(2, len(list(recv.keylist(secret=True))))
sender = DirectoryContext(homedir=self.key_sender_homedir)
sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS)
sender_keys = list(sender.keylist())
assert_equal(1, len(sender_keys))
sender_key = sender_keys[0]
fpr = sender_key.fpr
sink = gpg.Data()
sender.op_export_keys(sender_keys, 0, sink)
sink.seek(0, 0)
public_sender_key = sink.read()
# Now finally call the function under test
uid_encrypted = list(
sign_keydata_and_encrypt(public_sender_key,
error_cb=None,
homedir=self.key_receiver_homedir))
assert_equals(len(sender_key.uids), len(uid_encrypted))
uids_before = sender.get_key(fpr).uids
sigs_before = [
s for l in get_signatures_for_uids_on_key(
sender, sender_key).values() for s in l
]
for uid, uid_enc in zip(uids_before, uid_encrypted):
uid_enc_str = uid_enc[0].uid
log.info("Uid enc str: %r", uid_enc_str)
log.info("Uid name: %r", uid.name)
# FIXME: assert_equals(uid, uid_enc[0])
# It's a bit weird to re-use the string treatment here.
# But gpgme may return unencodable bytes (and uid, here, is
# coming straight from gpgme). We opted for our UID wrapper
# to return consumable strings, i.e. safe to encode
assert_in(to_valid_utf8_string(uid.name), uid_enc_str)
assert_in(to_valid_utf8_string(uid.email), uid_enc_str)
ciphertext = uid_enc[1]
log.debug("Decrypting %r", ciphertext)
plaintext, result, vrfy = sender.decrypt(ciphertext)
log.debug("Decrypt Result: %r", result)
sender.op_import(plaintext)
import_result = sender.op_import_result()
log.debug("Import Result: %r", import_result)
# Here is the important check for two new signatures
assert_equals(2, import_result.new_signatures)
updated_key = sender.get_key(fpr)
log.debug("updated key: %r", updated_key)
log.debug("updated key sigs: %r",
[(uid, uid.signatures) for uid in updated_key.uids])
sigs_after = [
s for l in get_signatures_for_uids_on_key(
sender, sender_key).values() for s in l
]
assert_greater(len(sigs_after), len(sigs_before))
def test_sign_and_encrypt_double_secret(self):
"We want to produce as many signatures as possible"
recv = DirectoryContext(homedir=self.key_receiver_homedir)
params = """<GnupgKeyParms format="internal">
%transient-key
Key-Type: RSA
Key-Length: 1024
Name-Real: Joe Genkey Tester
Name-Comment: with stupid passphrase
Name-Email: [email protected]
%no-protection
#Passphrase: Crypt0R0cks
#Expire-Date: 2020-12-31
</GnupgKeyParms>
"""
recv.op_genkey(params, None, None)
gen_result = recv.op_genkey_result()
assert_equal(2, len(list(recv.keylist(secret=True))))
sender = DirectoryContext(homedir=self.key_sender_homedir)
sender.set_keylist_mode(gpg.constants.KEYLIST_MODE_SIGS)
sender_keys = list(sender.keylist())
assert_equal(1, len(sender_keys))
sender_key = sender_keys[0]
fpr = sender_key.fpr
sink = gpg.Data()
sender.op_export_keys(sender_keys, 0, sink)
sink.seek(0, 0)
public_sender_key = sink.read()
# Now finally call the function under test
uid_encrypted = list(
sign_keydata_and_encrypt(public_sender_key,
error_cb=None,
homedir=self.key_receiver_homedir))
assert_equals(len(sender_key.uids), len(uid_encrypted))
uids_before = sender.get_key(fpr).uids
sigs = [uid.signatures for uid in uids_before]
sigs_before = [sig for signatures in sigs for sig in signatures]
for uid, uid_enc in zip(uids_before, uid_encrypted):
# FIXME: assert_equals(uid, uid_enc[0])
assert_in(uid.name, uid_enc[0].uid)
assert_in(uid.email, uid_enc[0].uid)
ciphertext = uid_enc[1]
log.debug("Decrypting %r", ciphertext)
plaintext, result, vrfy = sender.decrypt(ciphertext)
log.debug("Decrypt Result: %r", result)
sender.op_import(plaintext)
import_result = sender.op_import_result()
log.debug("Import Result: %r", import_result)
# Here is the important check for two new signatures
assert_equals(2, import_result.new_signatures)
updated_key = sender.get_key(fpr)
log.debug("updated key: %r", updated_key)
log.debug("updated key sigs: %r",
[(uid, uid.signatures) for uid in updated_key.uids])
uids_after = sender.get_key(fpr).uids
sigs = [uid.signatures for uid in uids_after]
sigs_after = [sig for signatures in sigs for sig in signatures]
assert_greater(len(sigs_after), len(sigs_before))