def test_create_payload(self): env = MagicEnvelope( message="<status_message><foo>bar</foo></status_message>", private_key="key", author_handle="*****@*****.**") payload = env.create_payload() assert payload == "PHN0YXR1c19tZXNzYWdlPjxmb28-YmFyPC9mb28-PC9zdGF0dXNfbWVzc2FnZT4="
def test_fetch_public_key__calls_sender_key_fetcher(self, mock_fetch): mock_fetcher = Mock(return_value="public key") env = MagicEnvelope(author_handle="spam@eggs", sender_key_fetcher=mock_fetcher) env.fetch_public_key() mock_fetcher.assert_called_once_with("spam@eggs") assert not mock_fetch.called
def test_build(self): env = MagicEnvelope( message="<status_message><foo>bar</foo></status_message>", private_key=get_dummy_private_key(), author_handle="*****@*****.**") doc = env.build() assert isinstance(doc, _Element)
def content_fetch_view(request, objtype, guid): """Diaspora content fetch view. Returns the signed payload for the public content. Non-public content will return 404. If the content is not local, redirect to content author server. Args: objtype (str) - Diaspora content type. Currently if it is `status_message`, `post` or `reshare`, we try to find `Content`. guid (str) - The object guid to look for. """ if objtype not in ["status_message", "post", "reshare", "comment"]: raise Http404() content = get_object_or_404(Content, guid=guid, visibility=Visibility.PUBLIC) if not content.local: url = "https://%s/fetch/%s/%s" % (content.author.handle.split("@")[1], objtype, guid) return HttpResponseRedirect(url) entity = make_federable_content(content) message = get_full_xml_representation(entity, content.author.private_key) document = MagicEnvelope(message=message, private_key=content.author.private_key, author_handle=content.author.handle) return HttpResponse(document.render(), content_type="application/magic-envelope+xml")
def test_create_payload_wrapped(self): env = MagicEnvelope( message="<status_message><foo>bar</foo></status_message>", private_key="key", author_handle="*****@*****.**", wrap_payload=True, ) payload = env.create_payload() assert payload == "PFhNTD48cG9zdD48c3RhdHVzX21lc3NhZ2U-PGZvbz5iYXI8L2Zvbz48L3N0YXR1c19tZXNzYWdlPjwvcG9zdD4" \ "8L1hNTD4="
def test_extract_payload(self, diaspora_public_payload): env = MagicEnvelope() env.payload = diaspora_public_payload assert not env.doc assert not env.author_handle assert not env.message env.extract_payload() assert isinstance(env.doc, _Element) assert env.author_handle == "*****@*****.**" assert env.message == b"<status_message><foo>bar</foo></status_message>"
def test_build_signature(self): env = MagicEnvelope( message="<status_message><foo>bar</foo></status_message>", private_key=get_dummy_private_key(), author_handle="*****@*****.**") env.create_payload() signature, key_id = env._build_signature() assert signature == b'Cmk08MR4Tp8r9eVybD1hORcR_8NLRVxAu0biOfJbkI1xLx1c480zJ720cpVyKaF9CxVjW3lvlvRz' \ b'5YbswMv0izPzfHpXoWTXH-4UPrXaGYyJnrNvqEB2UWn4iHKJ2Rerto8sJY2b95qbXD6Nq75EoBNu' \ b'b5P7DYc16ENhp38YwBRnrBEvNOewddpOpEBVobyNB7no_QR8c_xkXie-hUDFNwI0z7vax9HkaBFb' \ b'vEmzFPMZAAdWyjxeGiWiqY0t2ZdZRCPTezy66X6Q0qc4I8kfT-Mt1ctjGmNMoJ4Lgu-PrO5hSRT4' \ b'QBAVyxaog5w-B0PIPuC-mUW5SZLsnX3_ZuwJww==' assert key_id == b"Zm9vYmFyQGV4YW1wbGUuY29t"
def build_send(self, entity: BaseEntity, from_user: UserType, to_user_key: RsaKey = None) -> Union[str, Dict]: """ Build POST data for sending out to remotes. :param entity: The outbound ready entity for this protocol. :param from_user: The user sending this payload. Must have ``private_key`` and ``id`` properties. :param to_user_key: (Optional) Public key of user we're sending a private payload to. :returns: dict or string depending on if private or public payload. """ if entity.outbound_doc is not None: # Use pregenerated outbound document xml = entity.outbound_doc else: xml = entity.to_xml() me = MagicEnvelope(etree.tostring(xml), private_key=from_user.rsa_private_key, author_handle=from_user.handle) rendered = me.render() if to_user_key: return EncryptedPayload.encrypt(rendered, to_user_key) return rendered
def verify_signature(self): """ Verify the signed XML elements to have confidence that the claimed author did actually generate this message. """ if self.get_contact_key: sender_key = self.get_contact_key(self.sender_handle) else: sender_key = fetch_public_key(self.sender_handle) if not sender_key: raise NoSenderKeyFoundError("Could not find a sender contact to retrieve key") MagicEnvelope(doc=self.doc, public_key=sender_key, verify=True)
def test_verify(self, private_key, public_key): me = MagicEnvelope( message="<status_message><foo>bar</foo></status_message>", private_key=private_key, author_handle="*****@*****.**") me.build() output = me.render() MagicEnvelope(payload=output, public_key=public_key, verify=True) with pytest.raises(SignatureVerificationError): MagicEnvelope(payload=output, public_key=PUBKEY, verify=True)
def test_render(self): env = MagicEnvelope( message="<status_message><foo>bar</foo></status_message>", private_key=get_dummy_private_key(), author_handle="*****@*****.**") env.build() output = env.render() assert output == '<me:env xmlns:me="http://salmon-protocol.org/ns/magic-env"><me:encoding>base64url' \ '</me:encoding><me:alg>RSA-SHA256</me:alg><me:data type="application/xml">' \ 'PHN0YXR1c19tZXNzYWdlPjxmb28-YmFyPC9mb28-PC9zdGF0dXNfbWVzc2FnZT4=</me:data>' \ '<me:sig key_id="Zm9vYmFyQGV4YW1wbGUuY29t">Cmk08MR4Tp8r9eVybD1hORcR_8NLRVxAu0biOfJbk' \ 'I1xLx1c480zJ720cpVyKaF9CxVjW3lvlvRz5YbswMv0izPzfHpXoWTXH-4UPrXaGYyJnrNvqEB2UWn4iHK' \ 'J2Rerto8sJY2b95qbXD6Nq75EoBNub5P7DYc16ENhp38YwBRnrBEvNOewddpOpEBVobyNB7no_QR8c_xkX' \ 'ie-hUDFNwI0z7vax9HkaBFbvEmzFPMZAAdWyjxeGiWiqY0t2ZdZRCPTezy66X6Q0qc4I8kfT-Mt1ctjGmNM' \ 'oJ4Lgu-PrO5hSRT4QBAVyxaog5w-B0PIPuC-mUW5SZLsnX3_ZuwJww==</me:sig></me:env>' env2 = MagicEnvelope( message="<status_message><foo>bar</foo></status_message>", private_key=get_dummy_private_key(), author_handle="*****@*****.**") output2 = env2.render() assert output2 == output
def test_verify_on_init(self, mock_verify, diaspora_public_payload): MagicEnvelope(payload=diaspora_public_payload) assert not mock_verify.called MagicEnvelope(payload=diaspora_public_payload, verify=True) assert mock_verify.called
def get_sender(self): if self.legacy: return self.get_sender_legacy() return MagicEnvelope.get_sender(self.doc)
def test_fetch_public_key__calls_fetch_public_key(self, mock_fetch): env = MagicEnvelope(author_handle="spam@eggs") env.fetch_public_key() mock_fetch.assert_called_once_with("spam@eggs")
def test_message_from_doc(self, diaspora_public_payload): env = MagicEnvelope(payload=diaspora_public_payload) assert env.message_from_doc() == env.message
def test_verify__calls_fetch_public_key(self, diaspora_public_payload): me = MagicEnvelope(payload=diaspora_public_payload) with pytest.raises(TypeError): with patch.object(me, "fetch_public_key") as mock_fetch: me.verify() mock_fetch.assert_called_once_with()
def test_get_sender(self): doc = etree.fromstring(bytes(DIASPORA_PUBLIC_PAYLOAD, encoding="utf-8")) assert MagicEnvelope.get_sender(doc) == "*****@*****.**"
def get_sender(self): return MagicEnvelope.get_sender(self.doc)