def test_openpgp_put_delete_key(self): pgp = openpgp.OpenPGPScheme(self._soledad) self.assertRaises(KeyNotFound, pgp.get_key, ADDRESS) pgp.put_ascii_key(PUBLIC_KEY) key = pgp.get_key(ADDRESS, private=False) pgp.delete_key(key) self.assertRaises(KeyNotFound, pgp.get_key, ADDRESS)
def test_openpgp_encrypt_decrypt_asym(self): # encrypt pgp = openpgp.OpenPGPScheme(self._soledad) pgp.put_ascii_key(PUBLIC_KEY) pubkey = pgp.get_key(ADDRESS, private=False) cyphertext = openpgp.encrypt_asym('data', pubkey) # assert self.assertTrue(cyphertext is not None) self.assertTrue(cyphertext != '') self.assertTrue(cyphertext != 'data') self.assertTrue(openpgp.is_encrypted_asym(cyphertext)) self.assertFalse(openpgp.is_encrypted_sym(cyphertext)) self.assertTrue(openpgp.is_encrypted(cyphertext)) # decrypt self.assertRaises( KeyNotFound, pgp.get_key, ADDRESS, private=True) pgp.put_ascii_key(PRIVATE_KEY) privkey = pgp.get_key(ADDRESS, private=True) plaintext = openpgp.decrypt_asym(cyphertext, privkey) pgp.delete_key(pubkey) pgp.delete_key(privkey) self.assertRaises( KeyNotFound, pgp.get_key, ADDRESS, private=False) self.assertRaises( KeyNotFound, pgp.get_key, ADDRESS, private=True)
def test_missing_key_accepts_address(self): """ Test if server accepts to send unencrypted when 'encrypted_only' is False. """ # remove key from key manager pubkey = self._km.get_key(ADDRESS, openpgp.OpenPGPKey) pgp = openpgp.OpenPGPScheme(self._soledad) pgp.delete_key(pubkey) # mock the key fetching self._km.fetch_keys_from_server = Mock(return_value=[]) # change the configuration self._config['encrypted_only'] = False # prepare the SMTP factory proto = SMTPFactory( self._km, self._config).buildProtocol(('127.0.0.1', 0)) transport = proto_helpers.StringTransport() proto.makeConnection(transport) proto.lineReceived(self.EMAIL_DATA[0] + '\r\n') proto.lineReceived(self.EMAIL_DATA[1] + '\r\n') proto.lineReceived(self.EMAIL_DATA[2] + '\r\n') # ensure the address was accepted lines = transport.value().rstrip().split('\n') self.assertEqual( '250 Recipient address accepted', lines[-1], 'Address should have been accepted with appropriate message.')
def test_sign_verify(self): pgp = openpgp.OpenPGPScheme(self._soledad) pgp.put_ascii_key(PRIVATE_KEY) data = 'data' privkey = pgp.get_key(ADDRESS, private=True) signed = openpgp.sign(data, privkey) pubkey = pgp.get_key(ADDRESS, private=False) self.assertTrue(openpgp.verify(signed, pubkey))
def test_encrypt_sym_sign_with_public_raises(self): pgp = openpgp.OpenPGPScheme(self._soledad) pgp.put_ascii_key(PUBLIC_KEY) data = 'data' pubkey = pgp.get_key(ADDRESS, private=False) self.assertRaises( AssertionError, openpgp.encrypt_sym, data, '123', sign=pubkey)
def test_verify_with_private_raises(self): pgp = openpgp.OpenPGPScheme(self._soledad) pgp.put_ascii_key(PRIVATE_KEY) data = 'data' privkey = pgp.get_key(ADDRESS, private=True) signed = openpgp.sign(data, privkey) self.assertRaises( AssertionError, openpgp.verify, signed, privkey)
def _test_openpgp_gen_key(self): pgp = openpgp.OpenPGPScheme(self._soledad) self.assertRaises(KeyNotFound, pgp.get_key, '*****@*****.**') key = pgp.gen_key('*****@*****.**') self.assertIsInstance(key, openpgp.OpenPGPKey) self.assertEqual( '*****@*****.**', key.address, 'Wrong address bound to key.') self.assertEqual( '4096', key.length, 'Wrong key length.')
def test_encrypt_sym_sign_decrypt_verify(self): pgp = openpgp.OpenPGPScheme(self._soledad) pgp.put_ascii_key(PRIVATE_KEY) data = 'data' privkey = pgp.get_key(ADDRESS, private=True) pubkey = pgp.get_key(ADDRESS, private=False) encrypted_and_signed = openpgp.encrypt_sym(data, '123', sign=privkey) res = openpgp.decrypt_sym( encrypted_and_signed, '123', verify=pubkey) self.assertEqual(data, res)
def test_decrypt_sym_verify_with_private_raises(self): pgp = openpgp.OpenPGPScheme(self._soledad) pgp.put_ascii_key(PRIVATE_KEY) data = 'data' privkey = pgp.get_key(ADDRESS, private=True) encrypted_and_signed = openpgp.encrypt_sym(data, '123', sign=privkey) self.assertRaises( AssertionError, openpgp.decrypt_sym, encrypted_and_signed, 'decrypt', verify=privkey)
def test_decrypt_sym_verify_with_private_raises(self): pgp = openpgp.OpenPGPScheme(self._soledad) pgp.put_ascii_key(PRIVATE_KEY) data = 'data' privkey = pgp.get_key(ADDRESS, private=True) encrypted_and_signed = openpgp.encrypt_sym(data, '123', sign=privkey) pgp.put_ascii_key(PUBLIC_KEY_2) wrongkey = pgp.get_key('*****@*****.**') self.assertRaises( errors.InvalidSignature, openpgp.verify, encrypted_and_signed, wrongkey)
def test_verify_with_wrong_key_raises(self): pgp = openpgp.OpenPGPScheme(self._soledad) pgp.put_ascii_key(PRIVATE_KEY) data = 'data' privkey = pgp.get_key(ADDRESS, private=True) signed = openpgp.sign(data, privkey) pgp.put_ascii_key(PUBLIC_KEY_2) wrongkey = pgp.get_key(ADDRESS_2) self.assertRaises( errors.InvalidSignature, openpgp.verify, signed, wrongkey)
def test_get_public_key(self): pgp = openpgp.OpenPGPScheme(self._soledad) self.assertRaises(KeyNotFound, pgp.get_key, ADDRESS) pgp.put_ascii_key(PUBLIC_KEY) self.assertRaises( KeyNotFound, pgp.get_key, ADDRESS, private=True) key = pgp.get_key(ADDRESS, private=False) self.assertEqual(ADDRESS, key.address) self.assertFalse(key.private) self.assertEqual(KEY_FINGERPRINT, key.fingerprint) pgp.delete_key(key) self.assertRaises(KeyNotFound, pgp.get_key, ADDRESS)
def test_openpgp_put_ascii_key(self): pgp = openpgp.OpenPGPScheme(self._soledad) self.assertRaises(KeyNotFound, pgp.get_key, ADDRESS) pgp.put_ascii_key(PUBLIC_KEY) key = pgp.get_key(ADDRESS, private=False) self.assertIsInstance(key, openpgp.OpenPGPKey) self.assertEqual( ADDRESS, key.address, 'Wrong address bound to key.') self.assertEqual( '4096', key.length, 'Wrong key length.') pgp.delete_key(key) self.assertRaises(KeyNotFound, pgp.get_key, ADDRESS)
def setUp(self): # mimic BaseLeapTest.setUpClass behaviour, because this is deprecated # in Twisted: http://twistedmatrix.com/trac/ticket/1870 self.old_path = os.environ['PATH'] self.old_home = os.environ['HOME'] self.tempdir = tempfile.mkdtemp(prefix="leap_tests-") self.home = self.tempdir bin_tdir = os.path.join( self.tempdir, 'bin') os.environ["PATH"] = bin_tdir os.environ["HOME"] = self.tempdir # setup our own stuff address = '*****@*****.**' # user's address in the form user@provider uuid = '*****@*****.**' passphrase = '123' secret_path = os.path.join(self.tempdir, 'secret.gpg') local_db_path = os.path.join(self.tempdir, 'soledad.u1db') server_url = 'http://provider/' cert_file = '' # mock key fetching and storing so Soledad doesn't fail when trying to # reach the server. Soledad._fetch_keys_from_shared_db = Mock(return_value=None) Soledad._assert_keys_in_shared_db = Mock(return_value=None) # instantiate soledad self._soledad = Soledad( uuid, passphrase, secret_path, local_db_path, server_url, cert_file, ) self._config = { 'host': 'http://provider/', 'port': 25, 'username': address, 'password': '******', 'encrypted_only': True } nickserver_url = '' # the url of the nickserver self._km = KeyManager(address, nickserver_url, self._soledad) # insert test keys in key manager. pgp = openpgp.OpenPGPScheme(self._soledad) pgp.put_ascii_key(PRIVATE_KEY) pgp.put_ascii_key(PRIVATE_KEY_2)
def test_encrypt_asym_sign_decrypt_verify(self): pgp = openpgp.OpenPGPScheme(self._soledad) pgp.put_ascii_key(PRIVATE_KEY) pubkey = pgp.get_key(ADDRESS, private=False) privkey = pgp.get_key(ADDRESS, private=True) pgp.put_ascii_key(PRIVATE_KEY_2) pubkey2 = pgp.get_key(ADDRESS_2, private=False) privkey2 = pgp.get_key(ADDRESS_2, private=True) data = 'data' encrypted_and_signed = openpgp.encrypt_asym( data, pubkey2, sign=privkey) res = openpgp.decrypt_asym( encrypted_and_signed, privkey2, verify=pubkey) self.assertTrue(data, res)