def testD07CertificationRevocation(self): "crypto.signature: verify() certification revocation" key_d = read_test_file(['pgpfiles', 'key', 'DSAELG2.revoked_uid.gpg']) pkts = list_pkts(key_d) keymsg = list_msgs(pkts)[0] primary_key, uid, revoker = pkts[0], pkts[3], pkts[4] verified = verify(revoker, uid, primary_key) self.assertEqual(True, verify(revoker, uid, primary_key))
def testD07CertificationRevocation(self): "crypto.signature: verify() certification revocation" key_d = read_test_file(['pgpfiles','key','DSAELG2.revoked_uid.gpg']) pkts = list_pkts(key_d) keymsg = list_msgs(pkts)[0] primary_key, uid, revoker = pkts[0], pkts[3], pkts[4] verified = verify(revoker, uid, primary_key) self.assertEqual(True, verify(revoker, uid, primary_key))
def verify_subkey(keydata): keymsg = list_msgs(list_pkts(keydata))[0] subkey = keymsg._b_subkeys[0].leader # first subkey subkeysig = keymsg._b_subkeys[0].local_bindings[ 0] # first applicable signature pubkey = keymsg._b_primary.leader # public key return verify(subkeysig, subkey, pubkey)
def verify_userid(keydata): keymsg = list_msgs(list_pkts(keydata))[0] userid = keymsg._b_userids[0].leader # first user id useridsig = keymsg._b_userids[0].local_bindings[ 0] # first applicable signature pubkey = keymsg._b_primary.leader return verify(useridsig, userid, pubkey)
def testD03aDSAv4UIDPrivate(self): "crypto.signature: verify() private key user ID v4 DSA" msgs = list_msgs(list_pkts(dsaseckey_d)) keymsg = msgs[0] uid = keymsg._b_userids[0].leader # first user id sig = keymsg._b_userids[0].local_bindings[0] # first applicable signature key = keymsg._b_primary.leader # public key self.assertEqual(1, verify(sig, uid, key))
def testF01DSADirectPrimary(self): "crypto.signature: sign() v4 DSA direct (self signature on primary)" seckey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.sec.gpg']) seckeypkt = list_pkts(seckey_d)[0] sigtype = SIG_DIRECT sigpkt = sign(sigtype, seckeypkt, seckeypkt, passphrase="test") verified = verify(sigpkt, seckeypkt, seckeypkt) self.assertEqual(1, verified)
def testD04aDSAv4SubkeyPrivate(self): "crypto.signature: verify() pivate key subkey binding v4 DSA" msgs = list_msgs(list_pkts(dsaseckey_d)) keymsg = msgs[0] subkey = keymsg._b_subkeys[0].leader # first subkey subkeysig = keymsg._b_subkeys[0].local_bindings[0] # first applicable signature pubkey = keymsg._b_primary.leader # public key self.assertEqual(1, verify(subkeysig, subkey, pubkey))
def testF01DSADirectPrimary(self): "crypto.signature: sign() v4 DSA direct (self signature on primary)" seckey_d = read_test_file(['pgpfiles','key','DSAELG1.sec.gpg']) seckeypkt = list_pkts(seckey_d)[0] sigtype = SIG_DIRECT sigpkt = sign(sigtype, seckeypkt, seckeypkt, passphrase="test") verified = verify(sigpkt, seckeypkt, seckeypkt) self.assertEqual(1, verified)
def testD06SubkeyRevocation(self): "crypto.signature: verify() subkey revocation" d = read_test_file(['pgpfiles','key','DSAELG2.subkeyrevoc.gpg']) keymsg = list_msgs(list_pkts(d))[0] revblock = keymsg._b_subkeys['90AFB828686B6E9A'] # known revoked block key = keymsg._b_primary.leader sig = revblock.local_bindings[0] subkey = revblock.leader self.assertEqual(1, verify(sig, subkey, key))
def testE04SignatureCreationV4RSAText(self): "crypto.signature: sign() v4 RSA no subpkts TEXT" seckey_d = read_test_file(['pgpfiles', 'key', 'RSA1.sec.gpg']) seckeypkt = list_pkts(seckey_d)[0] msg = 'testmessage\r\nyaddaboo\n\nsdfll\r\n' sigtype = SIG_TEXT sigpkt = sign(sigtype, msg, seckeypkt, passphrase="test") verified = verify(sigpkt, msg, seckeypkt) self.assertEqual(1, verified)
def testD06SubkeyRevocation(self): "crypto.signature: verify() subkey revocation" d = read_test_file(['pgpfiles', 'key', 'DSAELG2.subkeyrevoc.gpg']) keymsg = list_msgs(list_pkts(d))[0] revblock = keymsg._b_subkeys['90AFB828686B6E9A'] # known revoked block key = keymsg._b_primary.leader sig = revblock.local_bindings[0] subkey = revblock.leader self.assertEqual(1, verify(sig, subkey, key))
def testE01SignatureCreationV4DSABinaryNoPass(self): "crypto.signature: sign() v4 DSA no pass, no subpkts BINARY" seckey_d = read_test_file(['pgpfiles','key','DSAELG1.sec.nopass.gpg']) seckeypkt = list_pkts(seckey_d)[0] msg = 'testmessage' sigtype = SIG_BINARY sigpkt = sign(sigtype, msg, seckeypkt) verified = verify(sigpkt, msg, seckeypkt) self.assertEqual(1, verified)
def testD04aDSAv4SubkeyPrivate(self): "crypto.signature: verify() pivate key subkey binding v4 DSA" msgs = list_msgs(list_pkts(dsaseckey_d)) keymsg = msgs[0] subkey = keymsg._b_subkeys[0].leader # first subkey subkeysig = keymsg._b_subkeys[0].local_bindings[ 0] # first applicable signature pubkey = keymsg._b_primary.leader # public key self.assertEqual(1, verify(subkeysig, subkey, pubkey))
def testD03aDSAv4UIDPrivate(self): "crypto.signature: verify() private key user ID v4 DSA" msgs = list_msgs(list_pkts(dsaseckey_d)) keymsg = msgs[0] uid = keymsg._b_userids[0].leader # first user id sig = keymsg._b_userids[0].local_bindings[ 0] # first applicable signature key = keymsg._b_primary.leader # public key self.assertEqual(1, verify(sig, uid, key))
def testE04SignatureCreationV4RSAText(self): "crypto.signature: sign() v4 RSA no subpkts TEXT" seckey_d = read_test_file(['pgpfiles','key','RSA1.sec.gpg']) seckeypkt = list_pkts(seckey_d)[0] msg = 'testmessage\r\nyaddaboo\n\nsdfll\r\n' sigtype = SIG_TEXT sigpkt = sign(sigtype, msg, seckeypkt, passphrase="test") verified = verify(sigpkt, msg, seckeypkt) self.assertEqual(1, verified)
def testG01CreateUIDRevocation(self): "crypto.signature: sign() local certification revocation (0x30)" key_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.sec.gpg']) pkts = list_pkts(key_d) seckey, uid = pkts[0], pkts[1] sigtype = SIG_CERTREVOC opts = {'passphrase': 'test', 'primary': seckey} sigpkt = sign(sigtype, uid, seckey, **opts) verified = verify(sigpkt, uid, seckey) self.assertEqual(True, verified)
def testF02DSADirectSubkey(self): "crypto.signature: sign() v4 DSA direct (self signature on subkey)" seckey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.sec.gpg']) pkts = list_pkts(seckey_d) seckeypkt, subkeypkt = pkts[0], pkts[3] sigtype = SIG_DIRECT opts = {'passphrase': 'test', 'primary': seckeypkt} sigpkt = sign(sigtype, subkeypkt, seckeypkt, **opts) verified = verify(sigpkt, subkeypkt, seckeypkt) self.assertEqual(1, verified)
def testE01SignatureCreationV4DSABinaryNoPass(self): "crypto.signature: sign() v4 DSA no pass, no subpkts BINARY" seckey_d = read_test_file( ['pgpfiles', 'key', 'DSAELG1.sec.nopass.gpg']) seckeypkt = list_pkts(seckey_d)[0] msg = 'testmessage' sigtype = SIG_BINARY sigpkt = sign(sigtype, msg, seckeypkt) verified = verify(sigpkt, msg, seckeypkt) self.assertEqual(1, verified)
def testG01CreateUIDRevocation(self): "crypto.signature: sign() local certification revocation (0x30)" key_d = read_test_file(['pgpfiles','key','DSAELG1.sec.gpg']) pkts = list_pkts(key_d) seckey, uid = pkts[0], pkts[1] sigtype = SIG_CERTREVOC opts = {'passphrase':'test', 'primary':seckey} sigpkt = sign(sigtype, uid, seckey, **opts) verified = verify(sigpkt, uid, seckey) self.assertEqual(True, verified)
def testF02DSADirectSubkey(self): "crypto.signature: sign() v4 DSA direct (self signature on subkey)" seckey_d = read_test_file(['pgpfiles','key','DSAELG1.sec.gpg']) pkts = list_pkts(seckey_d) seckeypkt, subkeypkt = pkts[0], pkts[3] sigtype = SIG_DIRECT opts = {'passphrase':'test', 'primary':seckeypkt} sigpkt = sign(sigtype, subkeypkt, seckeypkt, **opts) verified = verify(sigpkt, subkeypkt, seckeypkt) self.assertEqual(1, verified)
def testD08CertificationRevocation(self): "crypto.signature: verify() foreign user ID certification" key_d = read_test_file(['pgpfiles','key','DSAELG2.pub.foreign_uid_cert.gpg']) sigkey_d = read_test_file(['pgpfiles','key','RSA1.pub.gpg']) sigpkt = list_pkts(sigkey_d)[0] pkts = list_pkts(key_d) primary_key, uid, cert = pkts[0], pkts[1], pkts[3] opts = {'primary':primary_key} verified = verify(cert, uid, sigpkt, **opts) self.assertEqual(True, verified)
def testD08CertificationRevocation(self): "crypto.signature: verify() foreign user ID certification" key_d = read_test_file( ['pgpfiles', 'key', 'DSAELG2.pub.foreign_uid_cert.gpg']) sigkey_d = read_test_file(['pgpfiles', 'key', 'RSA1.pub.gpg']) sigpkt = list_pkts(sigkey_d)[0] pkts = list_pkts(key_d) primary_key, uid, cert = pkts[0], pkts[1], pkts[3] opts = {'primary': primary_key} verified = verify(cert, uid, sigpkt, **opts) self.assertEqual(True, verified)
def testF03DSADirectForeign(self): "crypto.signature: sign() v4 DSA direct on foreign primary key" targetkey_d = read_test_file(['pgpfiles','key','DSAELG3.pub.gpg']) seckey_d = read_test_file(['pgpfiles','key','DSAELG1.sec.gpg']) targetkeypkt = list_pkts(targetkey_d)[0] seckeypkt = list_pkts(seckey_d)[0] sigtype = SIG_DIRECT opts = {'passphrase':'test', 'primary':targetkeypkt} sigpkt = sign(sigtype, targetkeypkt, seckeypkt, **opts) verified = verify(sigpkt, targetkeypkt, seckeypkt, primary=targetkeypkt) self.assertEqual(1, verified)
def testE08SignatureCreationV3RSATextSubpackets(self): "crypto.signature: sign() v3 RSA with hashed subpkts TEXT" import time seckey_d = read_test_file(['pgpfiles','key','RSA1.sec.gpg']) seckeypkt = list_pkts(seckey_d)[0] msg = 'testmessage\r\nyaddaboo\n\nsdfll\r\n' sigtype = SIG_TEXT created = int(time.time()) - 5000 opts = {'passphrase':'test', 'version':3, 'created':created, 'keyid':seckeypkt.body.id} sigpkt = sign(sigtype, msg, seckeypkt, **opts) verified = verify(sigpkt, msg, seckeypkt) self.assertEqual(1, verified)
def testE06SignatureCreationV4RSABinarySubpackets(self): "crypto.signature: sign() v4 RSA with hashed subpkts BINARY" seckey_d = read_test_file(['pgpfiles','key','RSA1.sec.gpg']) seckeypkt = list_pkts(seckey_d)[0] msg = 'testmessage\r\nyaddaboo\n\nsdfll\r\n' sigtype = SIG_BINARY created = int(time.time()) - 5000 subpkt_created = create_SignatureSubpacket(SIGSUB_CREATED, created) subpkt_keyid = create_SignatureSubpacket(SIGSUB_SIGNERID, seckeypkt.body.id) opts = {'passphrase':'test', 'hashed_subpkts':[subpkt_created], 'unhashed_subpkts':[subpkt_keyid]} sigpkt = sign(sigtype, msg, seckeypkt, **opts) verified = verify(sigpkt, msg, seckeypkt) self.assertEqual(1, verified)
def testF03DSADirectForeign(self): "crypto.signature: sign() v4 DSA direct on foreign primary key" targetkey_d = read_test_file(['pgpfiles', 'key', 'DSAELG3.pub.gpg']) seckey_d = read_test_file(['pgpfiles', 'key', 'DSAELG1.sec.gpg']) targetkeypkt = list_pkts(targetkey_d)[0] seckeypkt = list_pkts(seckey_d)[0] sigtype = SIG_DIRECT opts = {'passphrase': 'test', 'primary': targetkeypkt} sigpkt = sign(sigtype, targetkeypkt, seckeypkt, **opts) verified = verify(sigpkt, targetkeypkt, seckeypkt, primary=targetkeypkt) self.assertEqual(1, verified)
def testE08SignatureCreationV3RSATextSubpackets(self): "crypto.signature: sign() v3 RSA with hashed subpkts TEXT" import time seckey_d = read_test_file(['pgpfiles', 'key', 'RSA1.sec.gpg']) seckeypkt = list_pkts(seckey_d)[0] msg = 'testmessage\r\nyaddaboo\n\nsdfll\r\n' sigtype = SIG_TEXT created = int(time.time()) - 5000 opts = { 'passphrase': 'test', 'version': 3, 'created': created, 'keyid': seckeypkt.body.id } sigpkt = sign(sigtype, msg, seckeypkt, **opts) verified = verify(sigpkt, msg, seckeypkt) self.assertEqual(1, verified)
def testE06SignatureCreationV4RSABinarySubpackets(self): "crypto.signature: sign() v4 RSA with hashed subpkts BINARY" seckey_d = read_test_file(['pgpfiles', 'key', 'RSA1.sec.gpg']) seckeypkt = list_pkts(seckey_d)[0] msg = 'testmessage\r\nyaddaboo\n\nsdfll\r\n' sigtype = SIG_BINARY created = int(time.time()) - 5000 subpkt_created = create_SignatureSubpacket(SIGSUB_CREATED, created) subpkt_keyid = create_SignatureSubpacket(SIGSUB_SIGNERID, seckeypkt.body.id) opts = { 'passphrase': 'test', 'hashed_subpkts': [subpkt_created], 'unhashed_subpkts': [subpkt_keyid] } sigpkt = sign(sigtype, msg, seckeypkt, **opts) verified = verify(sigpkt, msg, seckeypkt) self.assertEqual(1, verified)
def verify_userid(keydata): keymsg = list_msgs(list_pkts(keydata))[0] userid = keymsg._b_userids[0].leader # first user id useridsig = keymsg._b_userids[0].local_bindings[0] # first applicable signature pubkey = keymsg._b_primary.leader return verify(useridsig, userid, pubkey)
def find_key_prefs(keys): """Return a dictionary with an intersection of keys' preferences. :Parameters: - `keys`: list of `openpgp.sap.msg.KeyMsg.KeyMsg` subclass instances :Returns: dictionary with keys 'sym', 'hash', 'comp' set with list of appropriate codes in descending order of popularity """ sym_v, hash_v, comp_v = [], [], [] for key in keys: sym_b = hash_b = comp_b = None # for *_v extension capability below sigs = [] # where to look for preference blocks for block in key._b_userids.list() + key._b_userattrs: sigs.extend([s for s in block.local_bindings + block.local_direct]) # grab hashed local signatures has_hashed = lambda x: hasattr(x, 'hashed_subpkts') for sig in [s for s in sigs if has_hashed(s.body)]: # sigs are all "equal," so just fill up the spaces asap if CRYPT.verify(sig, block.leader, key._b_primary.leader): for subpkt in sig.body.hashed_subpkts: if SIGSUB_SYMCODE == subpkt.type: sym_b = subpkt.value elif SIGSUB_HASHCODE == subpkt.type: hash_b = subpkt.value elif SIGSUB_COMPCODE == subpkt.type: comp_b = subpkt.value if sym_b and hash_b and comp_b: # break out break if sym_b and hash_b and comp_b: # still breaking out.. break # extend with list of preferences if present, otherwise nullify if sym_b and sym_v is not None: sym_v.append(unique_order(sym_b)) else: sym_v = None if hash_b and hash_v is not None: hash_v.append(unique_order(hash_b)) else: hash_v = None if comp_b and comp_v is not None: comp_v.append(unique_order(comp_b)) else: comp_v = None tally = {'sym':[], 'hash':[], 'comp':[]} if sym_v: tally['sym'] += intersect_order(sym_v) if hash_v: tally['hash'] += intersect_order(hash_v) if comp_v: tally['comp'] += intersect_order(comp_v) return tally
def testD02RSAPGPSig(self): "crypto.signature: verify() v3 RSA One-Pass" keypkt = list_pkts(rsapubkey_d)[0] msgs = list_msgs(list_pkts(rsasig_d)) sigmsg = msgs[0] self.assertEqual(1, verify(sigmsg.sigs[0], sigmsg.msg, keypkt))
def testD05PrimaryRevocation(self): "crypto.signature: verify() primary key revocation" d = read_test_file(['pgpfiles', 'key', 'DSAELG1.pub.revoked.gpg']) keypkt, revocpkt = list_pkts(d)[:2] self.assertEqual(1, verify(revocpkt, keypkt, keypkt))
def testD05PrimaryRevocation(self): "crypto.signature: verify() primary key revocation" d = read_test_file(['pgpfiles','key','DSAELG1.pub.revoked.gpg']) keypkt, revocpkt = list_pkts(d)[:2] self.assertEqual(1, verify(revocpkt, keypkt, keypkt))
def verify_subkey(keydata): keymsg = list_msgs(list_pkts(keydata))[0] subkey = keymsg._b_subkeys[0].leader # first subkey subkeysig = keymsg._b_subkeys[0].local_bindings[0] # first applicable signature pubkey = keymsg._b_primary.leader # public key return verify(subkeysig, subkey, pubkey)