Пример #1
0
 def test_missing_key_rejects_address(self):
     """
     Test if server rejects to send unencrypted when 'encrypted_only' is
     True.
     """
     # remove key from key manager
     pubkey = yield self._km.get_key(ADDRESS, openpgp.OpenPGPKey)
     pgp = openpgp.OpenPGPScheme(self._soledad,
                                 gpgbinary=self.GPG_BINARY_PATH)
     yield pgp.delete_key(pubkey)
     # mock the key fetching
     self._km._fetch_keys_from_server = Mock(
         return_value=fail(errors.KeyNotFound()))
     # prepare the SMTP factory
     proto = SMTPFactory(u'*****@*****.**',
                         self._km,
                         self._config['encrypted_only'],
                         outgoing_mail=Mock()).buildProtocol(
                             ('127.0.0.1', 0))
     transport = proto_helpers.StringTransport()
     proto.makeConnection(transport)
     yield self.getReply(self.EMAIL_DATA[0] + '\r\n', proto, transport)
     yield self.getReply(self.EMAIL_DATA[1] + '\r\n', proto, transport)
     reply = yield self.getReply(self.EMAIL_DATA[2] + '\r\n', proto,
                                 transport)
     # ensure the address was rejected
     self.assertEqual(
         '550 Cannot receive for specified address\r\n', reply,
         'Address should have been rejecetd with appropriate message.')
     proto.setTimeout(None)
Пример #2
0
 def test_missing_key_accepts_address(self):
     """
     Test if server accepts to send unencrypted when 'encrypted_only' is
     False.
     """
     # remove key from key manager
     pubkey = self._km.get_key(ADDRESS, openpgp.OpenPGPKey)
     pgp = openpgp.OpenPGPScheme(self._soledad,
                                 gpgbinary=self.GPG_BINARY_PATH)
     pgp.delete_key(pubkey)
     # mock the key fetching
     self._km.fetch_keys_from_server = Mock(return_value=[])
     # prepare the SMTP factory with encrypted only equal to false
     proto = SMTPFactory(u'*****@*****.**', self._km,
                         self._config['host'], self._config['port'],
                         self._config['cert'], self._config['key'],
                         False).buildProtocol(('127.0.0.1', 0))
     transport = proto_helpers.StringTransport()
     proto.makeConnection(transport)
     proto.lineReceived(self.EMAIL_DATA[0] + '\r\n')
     proto.lineReceived(self.EMAIL_DATA[1] + '\r\n')
     proto.lineReceived(self.EMAIL_DATA[2] + '\r\n')
     # ensure the address was accepted
     lines = transport.value().rstrip().split('\n')
     self.assertEqual(
         '250 Recipient address accepted', lines[-1],
         'Address should have been accepted with appropriate message.')
Пример #3
0
    def test_openpgp_encrypt_decrypt(self):
        data = 'data'
        pgp = openpgp.OpenPGPScheme(self._soledad,
                                    gpgbinary=self.gpg_binary_path)

        # encrypt
        yield pgp.put_ascii_key(PUBLIC_KEY, ADDRESS)
        pubkey = yield pgp.get_key(ADDRESS, private=False)
        cyphertext = pgp.encrypt(data, pubkey)

        self.assertTrue(cyphertext is not None)
        self.assertTrue(cyphertext != '')
        self.assertTrue(cyphertext != data)
        self.assertTrue(pgp.is_encrypted(cyphertext))
        self.assertTrue(pgp.is_encrypted(cyphertext))

        # decrypt
        yield self._assert_key_not_found(pgp, ADDRESS, private=True)
        yield pgp.put_ascii_key(PRIVATE_KEY, ADDRESS)
        privkey = yield pgp.get_key(ADDRESS, private=True)
        decrypted, _ = pgp.decrypt(cyphertext, privkey)
        self.assertEqual(decrypted, data)

        yield pgp.delete_key(pubkey)
        yield pgp.delete_key(privkey)
        yield self._assert_key_not_found(pgp, ADDRESS, private=False)
        yield self._assert_key_not_found(pgp, ADDRESS, private=True)
Пример #4
0
 def test_openpgp_put_delete_key(self):
     pgp = openpgp.OpenPGPScheme(self._soledad,
                                 gpgbinary=self.gpg_binary_path)
     yield self._assert_key_not_found(pgp, ADDRESS)
     yield pgp.put_ascii_key(PUBLIC_KEY, ADDRESS)
     key = yield pgp.get_key(ADDRESS, private=False)
     yield pgp.delete_key(key)
     yield self._assert_key_not_found(pgp, ADDRESS)
Пример #5
0
 def test_verify_with_private_raises(self):
     data = 'data'
     pgp = openpgp.OpenPGPScheme(self._soledad,
                                 gpgbinary=self.gpg_binary_path)
     yield pgp.put_ascii_key(PRIVATE_KEY, ADDRESS)
     privkey = yield pgp.get_key(ADDRESS, private=True)
     signed = pgp.sign(data, privkey)
     self.assertRaises(AssertionError, pgp.verify, signed, privkey)
Пример #6
0
 def _test_openpgp_gen_key(self):
     pgp = openpgp.OpenPGPScheme(self._soledad,
                                 gpgbinary=self.gpg_binary_path)
     yield self._assert_key_not_found(pgp, '*****@*****.**')
     key = yield pgp.gen_key('*****@*****.**')
     self.assertIsInstance(key, openpgp.OpenPGPKey)
     self.assertEqual(['*****@*****.**'], key.address,
                      'Wrong address bound to key.')
     self.assertEqual(4096, key.length, 'Wrong key length.')
Пример #7
0
 def test_sign_verify_detached_sig(self):
     data = 'data'
     pgp = openpgp.OpenPGPScheme(self._soledad,
                                 gpgbinary=self.gpg_binary_path)
     yield pgp.put_ascii_key(PRIVATE_KEY, ADDRESS)
     privkey = yield pgp.get_key(ADDRESS, private=True)
     signature = yield pgp.sign(data, privkey, detach=True)
     pubkey = yield pgp.get_key(ADDRESS, private=False)
     validsign = pgp.verify(data, pubkey, detached_sig=signature)
     self.assertTrue(validsign)
Пример #8
0
 def test_verify_with_wrong_key_raises(self):
     data = 'data'
     pgp = openpgp.OpenPGPScheme(self._soledad,
                                 gpgbinary=self.gpg_binary_path)
     yield pgp.put_ascii_key(PRIVATE_KEY, ADDRESS)
     privkey = yield pgp.get_key(ADDRESS, private=True)
     signed = pgp.sign(data, privkey)
     yield pgp.put_ascii_key(PUBLIC_KEY_2, ADDRESS_2)
     wrongkey = yield pgp.get_key(ADDRESS_2)
     self.assertFalse(pgp.verify(signed, wrongkey))
Пример #9
0
 def test_openpgp_put_ascii_key(self):
     pgp = openpgp.OpenPGPScheme(self._soledad,
                                 gpgbinary=self.gpg_binary_path)
     yield self._assert_key_not_found(pgp, ADDRESS)
     yield pgp.put_ascii_key(PUBLIC_KEY, ADDRESS)
     key = yield pgp.get_key(ADDRESS, private=False)
     self.assertIsInstance(key, openpgp.OpenPGPKey)
     self.assertTrue(ADDRESS in key.address, 'Wrong address bound to key.')
     self.assertEqual(4096, key.length, 'Wrong key length.')
     yield pgp.delete_key(key)
     yield self._assert_key_not_found(pgp, ADDRESS)
Пример #10
0
 def test_get_public_key(self):
     pgp = openpgp.OpenPGPScheme(self._soledad,
                                 gpgbinary=self.gpg_binary_path)
     yield self._assert_key_not_found(pgp, ADDRESS)
     yield pgp.put_ascii_key(PUBLIC_KEY, ADDRESS)
     yield self._assert_key_not_found(pgp, ADDRESS, private=True)
     key = yield pgp.get_key(ADDRESS, private=False)
     self.assertTrue(ADDRESS in key.address)
     self.assertFalse(key.private)
     self.assertEqual(KEY_FINGERPRINT, key.fingerprint)
     yield pgp.delete_key(key)
     yield self._assert_key_not_found(pgp, ADDRESS)
Пример #11
0
 def test_encrypt_sign_with_public_raises(self):
     data = 'data'
     pgp = openpgp.OpenPGPScheme(self._soledad,
                                 gpgbinary=self.gpg_binary_path)
     yield pgp.put_ascii_key(PRIVATE_KEY, ADDRESS)
     privkey = yield pgp.get_key(ADDRESS, private=True)
     pubkey = yield pgp.get_key(ADDRESS, private=False)
     self.assertRaises(AssertionError,
                       pgp.encrypt,
                       data,
                       privkey,
                       sign=pubkey)
Пример #12
0
 def test_decrypt_verify_with_private_raises(self):
     data = 'data'
     pgp = openpgp.OpenPGPScheme(self._soledad,
                                 gpgbinary=self.gpg_binary_path)
     yield pgp.put_ascii_key(PRIVATE_KEY, ADDRESS)
     privkey = yield pgp.get_key(ADDRESS, private=True)
     pubkey = yield pgp.get_key(ADDRESS, private=False)
     encrypted_and_signed = pgp.encrypt(data, pubkey, sign=privkey)
     self.assertRaises(AssertionError,
                       pgp.decrypt,
                       encrypted_and_signed,
                       privkey,
                       verify=privkey)
Пример #13
0
 def test_decrypt_verify_with_wrong_key(self):
     data = 'data'
     pgp = openpgp.OpenPGPScheme(self._soledad,
                                 gpgbinary=self.gpg_binary_path)
     yield pgp.put_ascii_key(PRIVATE_KEY, ADDRESS)
     privkey = yield pgp.get_key(ADDRESS, private=True)
     pubkey = yield pgp.get_key(ADDRESS, private=False)
     encrypted_and_signed = pgp.encrypt(data, pubkey, sign=privkey)
     yield pgp.put_ascii_key(PUBLIC_KEY_2, ADDRESS_2)
     wrongkey = yield pgp.get_key(ADDRESS_2)
     decrypted, validsign = pgp.decrypt(encrypted_and_signed,
                                        privkey,
                                        verify=wrongkey)
     self.assertEqual(decrypted, data)
     self.assertFalse(validsign)
Пример #14
0
    def test_encrypt_sign_decrypt_verify(self):
        pgp = openpgp.OpenPGPScheme(self._soledad,
                                    gpgbinary=self.gpg_binary_path)

        yield pgp.put_ascii_key(PRIVATE_KEY, ADDRESS)
        pubkey = yield pgp.get_key(ADDRESS, private=False)
        privkey = yield pgp.get_key(ADDRESS, private=True)

        yield pgp.put_ascii_key(PRIVATE_KEY_2, ADDRESS_2)
        pubkey2 = yield pgp.get_key(ADDRESS_2, private=False)
        privkey2 = yield pgp.get_key(ADDRESS_2, private=True)

        data = 'data'
        encrypted_and_signed = pgp.encrypt(data, pubkey2, sign=privkey)
        res, validsign = pgp.decrypt(encrypted_and_signed,
                                     privkey2,
                                     verify=pubkey)
        self.assertEqual(data, res)
        self.assertTrue(validsign)
Пример #15
0
    def _keymanager_instance(self, address):
        """
        Return a Key Manager instance for tests.
        """
        self._config = {
            'host': 'http://provider/',
            'port': 25,
            'username': address,
            'password': '******',
            'encrypted_only': True,
            'cert': u'src/leap/mail/smtp/tests/cert/server.crt',
            'key': u'src/leap/mail/smtp/tests/cert/server.key',
        }

        class Response(object):
            status_code = 200
            headers = {'content-type': 'application/json'}

            def json(self):
                return {'address': ADDRESS_2, 'openpgp': PUBLIC_KEY_2}

            def raise_for_status(self):
                pass

        nickserver_url = ''  # the url of the nickserver
        km = KeyManager(address,
                        nickserver_url,
                        self._soledad,
                        ca_cert_path='',
                        gpgbinary=self.GPG_BINARY_PATH)
        km._fetcher.put = Mock()
        km._fetcher.get = Mock(return_value=Response())

        # insert test keys in key manager.
        pgp = openpgp.OpenPGPScheme(self._soledad,
                                    gpgbinary=self.GPG_BINARY_PATH)
        pgp.put_ascii_key(PRIVATE_KEY)
        pgp.put_ascii_key(PRIVATE_KEY_2)

        return km
Пример #16
0
 def test_sign_with_public_raises(self):
     data = 'data'
     pgp = openpgp.OpenPGPScheme(self._soledad,
                                 gpgbinary=self.gpg_binary_path)
     yield pgp.put_ascii_key(PUBLIC_KEY, ADDRESS)
     self.assertRaises(AssertionError, pgp.sign, data, ADDRESS, OpenPGPKey)