示例#1
0
    def testStoreExistingKey(self):
        '''Use a known ASCII Armored key and try storing it twice.  It should not get imported a second time'''

        keys = self.gpg.list_keys(secret=False)
        for key in keys:
            assert key[
                'keyid'] != self.sampleKeyId, "Imported sample key already in keyring"

        numkeys = len(keys)

        numImported = util.storekey(self.sampleKey,
                                    gnupghome=self.gnupghome,
                                    gpgbin=self.gpgbin)

        assert numImported == 1, "sample key not imported into keyring"

        numImported = util.storekey(self.sampleKey,
                                    gnupghome=self.gnupghome,
                                    gpgbin=self.gpgbin)

        assert numImported == 0, "sample key imported when it shouldn't have been into keyring"

        keys = self.gpg.list_keys(secret=False)

        assert len(keys) == 1, "no key found matching id"
        for key in keys:
            assert key[
                'keyid'] == self.sampleKeyId, "exported key is not expected"
 def validate_digital_signature(self, doc):
     from LRSignature.verify.Verify import Verify_0_21
     from LRSignature import util
     from LRSignature import errors
     
     verifytool = Verify_0_21(gpgbin=gpgbin)
     try:
         verified = verifytool.verify(doc)
         
         assert verified == True, "Signature did not validate for document."
     except errors.MissingPublicKey:
         
         locations = doc['digital_signature']['key_location']
         numImported = 0
         for location in locations:
             rawKeys = util.fetchkeys(location)
             for rawKey in rawKeys:
                 numImported += util.storekey(self.sampleKey, gpgbin=gpgbin)
             if numImported > 0:
                 break
             
         assert numImported > 0, "No new public keys were imported, but were needed"
         
         try:
             verified = verifytool.verify(doc)
         
             assert verified == True, "Signature did not validate for document."
         
         except errors.MissingPublicKey:
             raise AssertionError("No public key available that can be retrieved to validate doc")
    def validate_digital_signature(self, doc):
        from LRSignature.verify.Verify import Verify_0_21
        from LRSignature import util
        from LRSignature import errors

        verifytool = Verify_0_21(gpgbin=gpgbin)
        try:
            verified = verifytool.verify(doc)

            assert verified == True, "Signature did not validate for document."
        except errors.MissingPublicKey:

            locations = doc['digital_signature']['key_location']
            numImported = 0
            for location in locations:
                rawKeys = util.fetchkeys(location)
                for rawKey in rawKeys:
                    numImported += util.storekey(self.sampleKey, gpgbin=gpgbin)
                if numImported > 0:
                    break

            assert numImported > 0, "No new public keys were imported, but were needed"

            try:
                verified = verifytool.verify(doc)

                assert verified == True, "Signature did not validate for document."

            except errors.MissingPublicKey:
                raise AssertionError(
                    "No public key available that can be retrieved to validate doc"
                )
示例#4
0
def _import_keys(key_locations):
    num_imported = 0
    for loc in key_locations:
        raw_keys = util.fetchkeys(loc)
        for raw_key in raw_keys:
            num_imported += util.storekey(raw_key,
                                          gpgbin=gpg_location)
        if num_imported > 0:
            return
示例#5
0
 def testStoreExistingKey(self):
     '''Use a known ASCII Armored key and try storing it twice.  It should not get imported a second time'''
     
     keys = self.gpg.list_keys(secret=False)
     for key in keys:
         assert key['keyid'] != self.sampleKeyId, "Imported sample key already in keyring"
     
     numkeys = len(keys)
     
     numImported = util.storekey(self.sampleKey, gnupghome=self.gnupghome, gpgbin=self.gpgbin)
     
     assert numImported == 1, "sample key not imported into keyring"
     
     numImported = util.storekey(self.sampleKey, gnupghome=self.gnupghome, gpgbin=self.gpgbin)
     
     assert numImported == 0, "sample key imported when it shouldn't have been into keyring"
     
     keys = self.gpg.list_keys(secret=False)
     
     assert len(keys) == 1, "no key found matching id"
     for key in keys:
         assert key['keyid'] == self.sampleKeyId, "exported key is not expected"
示例#6
0
    def _validate_digital_signature(self, doc):
        from LRSignature import util
        from LRSignature import errors

        result = {}
        result = {"verified": False}
        if doc.has_key("doc_ID"):
            result["doc_ID"] = doc["doc_ID"]
        if doc.has_key("resource_locator"):
            result["resource_locator"] = doc["resource_locator"]

        try:
            result["verified"] = self.verifytool.verify(doc)

        except errors.MissingPublicKey:

            locations = doc['digital_signature']['key_location']
            numImported = 0
            for location in locations:
                rawKeys = util.fetchkeys(location)
                for rawKey in rawKeys:
                    numImported += util.storekey(self.sampleKey,
                                                 gpgbin=self.args.gpgbin,
                                                 gnupgHome=self.args.gnupghome)
                if numImported > 0:
                    break

            try:
                result["verified"] = self.verifytool.verify(doc)

            except errors.MissingPublicKey:
                result["verified"] = False
                result["error"] = "No available public key to validate."

        except errors.BadSignatureFormat as e:
            result["verified"] = False
            result["error"] = e.message

        except errors.UnknownKeyException as e:
            result["verified"] = False
            result["error"] = e.message

        except errors.UnsupportedSignatureAlgorithm as e:
            result["verified"] = False
            result["error"] = e.message

        except Exception as e:
            result["verified"] = False
            result["error"] = e.message

        return result
示例#7
0
    def _validate_digital_signature(self, doc):
        from LRSignature import util
        from LRSignature import errors


        result = {}
        result = {"verified": False}
        if doc.has_key("doc_ID"):
            result["doc_ID"] = doc["doc_ID"]
        if doc.has_key("resource_locator"):
            result["resource_locator"] = doc["resource_locator"]

        try:
            result["verified"] = self.verifytool.verify(doc)

        except errors.MissingPublicKey:

            locations = doc['digital_signature']['key_location']
            numImported = 0
            for location in locations:
                rawKeys = util.fetchkeys(location)
                for rawKey in rawKeys:
                    numImported += util.storekey(self.sampleKey, gpgbin=self.args.gpgbin, gnupgHome=self.args.gnupghome)
                if numImported > 0:
                    break

            try:
                result["verified"] = self.verifytool.verify(doc)


            except errors.MissingPublicKey:
                result["verified"] = False
                result["error"] = "No available public key to validate."

        except errors.BadSignatureFormat as e:
            result["verified"] = False
            result["error"] = e.message

        except errors.UnknownKeyException as e:
            result["verified"] = False
            result["error"] = e.message

        except errors.UnsupportedSignatureAlgorithm as e:
            result["verified"] = False
            result["error"] = e.message

        except Exception as e:
            result["verified"] = False
            result["error"] = e.message

        return result
示例#8
0
 def testStoreKey(self):
     '''Use a known ASCII Armored key and store it via util.storekey(...)'''
     
     keys = self.gpg.list_keys(secret=False)
     for key in keys:
         assert key['keyid'] != self.sampleKeyId, "Imported sample key already in keyring"
     
     numkeys = len(keys)
     
     numImported = util.storekey(self.sampleKey, gnupghome=self.gnupghome, gpgbin=self.gpgbin)
     
     assert numImported == 1, "sample key not imported into keyring"
     
     keys = self.gpg.list_keys(secret=False)
     
     assert len(keys) == 1, "no key found matching id"
     for key in keys:
         assert key['keyid'] == self.sampleKeyId, "exported key is not expected"
示例#9
0
    def testStoreKey(self):
        '''Use a known ASCII Armored key and store it via util.storekey(...)'''

        keys = self.gpg.list_keys(secret=False)
        for key in keys:
            assert key[
                'keyid'] != self.sampleKeyId, "Imported sample key already in keyring"

        numkeys = len(keys)

        numImported = util.storekey(self.sampleKey,
                                    gnupghome=self.gnupghome,
                                    gpgbin=self.gpgbin)

        assert numImported == 1, "sample key not imported into keyring"

        keys = self.gpg.list_keys(secret=False)

        assert len(keys) == 1, "no key found matching id"
        for key in keys:
            assert key[
                'keyid'] == self.sampleKeyId, "exported key is not expected"
            # try again...
            return get_verification_info(document, attempt+1)
        # ran out of key servers, try locations in envelope.
        elif attempt == len(_KEYSERVERS):
            try:
                for loc in document["digital_signature"]["key_location"]:
                    keys = []
                    try:
                        keys = util.fetchkeys(loc)
                    except Exception, e:
                        log.info("Problem fetching key from location: %s", e)

                    for key in keys:
                        try:
                            util.storekey(key, gpg.gnupghome, gpg.gpgbinary)
                        except Exception, e:
                            log.info("Problem importing or storing key from location: %s", e)

                # try again...
                return get_verification_info(document, attempt+1)
            except:
                pass

    except SignatureException as ex:
        # Catch all other SignatureExceptions to avoid trickling higher...
        pass


    return None
示例#11
0
                v = gpg.verify(document["digital_signature"]["signature"])
                res = gpg.recv_keys(_KEYSERVERS[attempt], v.key_id)
            except Exception, e:
                log.info("Problem with getting keys from keyserver: %s", e)
                pass

            # try again...
            return get_verification_info(document, attempt+1)
        # ran out of key servers, try locations in envelope.
        elif attempt == len(_KEYSERVERS):
            try:
                for loc in document["digital_signature"]["key_location"]:
                    try:
                        keys = util.fetchkeys(loc)
                        for key in keys:
                            util.storekey(key, this.gpg.gnupghome, this.gpg.gpgbinary)
                    except Exception, e:
                        log.info("Problem importing or storing key from location: %s", e)
                
                # try again...
                return get_verification_info(document, attempt+1)
            except:
                pass


    return None

       
_node_key_info = None
def get_node_key_info():
    global _node_key_info
示例#12
0
            # try again...
            return get_verification_info(document, attempt + 1)
        # ran out of key servers, try locations in envelope.
        elif attempt == len(_KEYSERVERS):
            try:
                for loc in document["digital_signature"]["key_location"]:
                    keys = []
                    try:
                        keys = util.fetchkeys(loc)
                    except Exception, e:
                        log.info("Problem fetching key from location: %s", e)

                    for key in keys:
                        try:
                            util.storekey(key, gpg.gnupghome, gpg.gpgbinary)
                        except Exception, e:
                            log.info(
                                "Problem importing or storing key from location: %s",
                                e)

                # try again...
                return get_verification_info(document, attempt + 1)
            except:
                pass

    except SignatureException as ex:
        # Catch all other SignatureExceptions to avoid trickling higher...
        pass

    return None