def test_keyid_fingerprint_exception(base_context, keyid, fingerprint, path):
gpg = sgpg.GPG(base_context)
assert path
with pytest.raises(ScriptWorkerGPGException):
sgpg.keyid_to_fingerprint(gpg,
keyid.replace('C', '1').replace('F', 'C'))
with pytest.raises(ScriptWorkerGPGException):
sgpg.fingerprint_to_keyid(
gpg,
fingerprint.replace('C', '1').replace('F', 'C'))
def test_sign_key(context):
"""This test calls get_list_sigs_output in several different ways. Each
is valid; the main thing is more code coverage.
tru:o:1:1472876459:1:3:1:5
pub:u:4096:1:EA608995918B2DF9:1472876455:::u:::escaESCA:
fpr:::::::::A9F598A3179551CC664C15DEEA608995918B2DF9:
uid:u::::1472876455::6477C0BAC30FB3E244C8F1907D78C6B243AFD516::two (two) <two>:
sig:::1:EA608995918B2DF9:1472876455::::two (two) <two>:13x:::::8:
sig:::1:9633F5F38B9BD3C5:1472876459::::one (one) <one>:10l:::::8:
tru::1:1472876460:0:3:1:5
pub:u:4096:1:BC76BF8F77D1B3F5:1472876457:::u:::escaESCA:
fpr:::::::::7CFAD9E699D8559F1D3A50CCBC76BF8F77D1B3F5:
uid:u::::1472876457::91AC286E48FDA7378B86F63FA6DDC2A46B54808F::three (three) <three>:
sig:::1:BC76BF8F77D1B3F5:1472876457::::three (three) <three>:13x:::::8:
"""
gpg = sgpg.GPG(context)
# create my key, get fingerprint + keyid
my_fingerprint = sgpg.generate_key(
gpg, "one", "one", "one", key_length=GENERATE_KEY_SMALLER_KEY_SIZE)
my_keyid = sgpg.fingerprint_to_keyid(gpg, my_fingerprint)
# create signed key, get fingerprint + keyid
signed_fingerprint = sgpg.generate_key(
gpg, "two", "two", "two", key_length=GENERATE_KEY_SMALLER_KEY_SIZE)
signed_keyid = sgpg.fingerprint_to_keyid(gpg, signed_fingerprint)
# create unsigned key, get fingerprint + keyid
unsigned_fingerprint = sgpg.generate_key(
gpg,
"three",
"three",
"three",
key_length=GENERATE_KEY_SMALLER_KEY_SIZE)
unsigned_keyid = sgpg.fingerprint_to_keyid(gpg, unsigned_fingerprint)
# update gpg configs, sign signed key
sgpg.create_gpg_conf(context.config['gpg_home'],
my_fingerprint=my_fingerprint)
sgpg.check_ownertrust(context)
sgpg.sign_key(context, signed_fingerprint)
# signed key get_list_sigs_output
signed_output = sgpg.get_list_sigs_output(context, signed_fingerprint)
# unsigned key get_list_sigs_output
# Call get_list_sigs_output with validate=False, then parse it, for more code coverage
unsigned_output1 = sgpg.get_list_sigs_output(context,
unsigned_fingerprint,
validate=False)
unsigned_output = sgpg.parse_list_sigs_output(unsigned_output1, "unsigned")
# signed key has my signature + self-signed
assert sorted([signed_keyid,
my_keyid]) == sorted(signed_output['sig_keyids'])
assert ["one (one) <one>",
"two (two) <two>"] == sorted(signed_output['sig_uids'])
# unsigned key is only self-signed
assert [unsigned_keyid] == unsigned_output['sig_keyids']
assert ["three (three) <three>"] == unsigned_output['sig_uids']
# sign the unsigned key and test
sgpg.sign_key(context,
unsigned_fingerprint,
signing_key=signed_fingerprint)
# Call get_list_sigs_output with expected, for more code coverage
new_output = sgpg.get_list_sigs_output(
context,
unsigned_fingerprint,
expected={
"keyid": unsigned_keyid,
"fingerprint": unsigned_fingerprint,
"uid": "three (three) <three>",
"sig_keyids": [signed_keyid, unsigned_keyid],
"sig_uids": ["three (three) <three>", "two (two) <two>"]
})
# sig_uids goes unchecked; sig_keyids only checks that it's a subset.
# let's do another check.
assert ["three (three) <three>",
"two (two) <two>"] == sorted(new_output['sig_uids'])
def test_keyid_fingerprint_conversion(base_context, keyid, fingerprint, path):
gpg = sgpg.GPG(base_context)
assert path
assert sgpg.keyid_to_fingerprint(gpg, keyid) == fingerprint
assert sgpg.fingerprint_to_keyid(gpg, fingerprint) == keyid
