def delete_key(docs):
if len(docs) == 0:
raise errors.KeyNotFound(key)
if len(docs) > 1:
logger.critical("There is more than one key for key_id %s" %
key.key_id)
doc = None
for d in docs:
if d.content['fingerprint'] == key.fingerprint:
doc = d
break
if doc is None:
raise errors.KeyNotFound(key)
return self._soledad.delete_doc(doc)
def test_missing_key_rejects_address(self):
"""
Test if server rejects to send unencrypted when 'encrypted_only' is
True.
"""
# remove key from key manager
pubkey = yield self._km.get_key(ADDRESS, openpgp.OpenPGPKey)
pgp = openpgp.OpenPGPScheme(self._soledad,
gpgbinary=self.GPG_BINARY_PATH)
yield pgp.delete_key(pubkey)
# mock the key fetching
self._km._fetch_keys_from_server = Mock(
return_value=fail(errors.KeyNotFound()))
# prepare the SMTP factory
proto = SMTPFactory(u'*****@*****.**',
self._km,
self._config['encrypted_only'],
outgoing_mail=Mock()).buildProtocol(
('127.0.0.1', 0))
transport = proto_helpers.StringTransport()
proto.makeConnection(transport)
yield self.getReply(self.EMAIL_DATA[0] + '\r\n', proto, transport)
yield self.getReply(self.EMAIL_DATA[1] + '\r\n', proto, transport)
reply = yield self.getReply(self.EMAIL_DATA[2] + '\r\n', proto,
transport)
# ensure the address was rejected
self.assertEqual(
'550 Cannot receive for specified address\r\n', reply,
'Address should have been rejecetd with appropriate message.')
proto.setTimeout(None)
def build_key(doc):
if doc is None:
raise errors.KeyNotFound(address)
leap_assert(address in doc.content[KEY_ADDRESS_KEY],
'Wrong address in key data.')
key = build_key_from_dict(OpenPGPKey, doc.content)
key._gpgbinary = self._gpgbinary
return key
def test_message_sign(self):
"""
Test if message is signed with sender key.
"""
# mock the key fetching
self._km._fetch_keys_from_server = Mock(
return_value=fail(errors.KeyNotFound()))
recipient = User('*****@*****.**', 'gateway.leap.se',
self.proto, ADDRESS)
self.outgoing_mail = OutgoingMail(self.fromAddr, self._km,
self._config['cert'],
self._config['key'],
self._config['host'],
self._config['port'])
def check_signed(res):
message, _ = res
self.assertTrue('Content-Type' in message)
self.assertEqual('multipart/signed', message.get_content_type())
self.assertEqual('application/pgp-signature',
message.get_param('protocol'))
self.assertEqual('pgp-sha512', message.get_param('micalg'))
# assert content of message
body = (message.get_payload(0).get_payload(0).get_payload(
decode=True))
self.assertEqual(self.expected_body, body)
# assert content of signature
self.assertTrue(
message.get_payload(1).get_payload().startswith(
'-----BEGIN PGP SIGNATURE-----\n'),
'Message does not start with signature header.')
self.assertTrue(
message.get_payload(1).get_payload().endswith(
'-----END PGP SIGNATURE-----\n'),
'Message does not end with signature footer.')
return message
def verify(message):
# replace EOL before verifying (according to rfc3156)
fp = StringIO()
g = RFC3156CompliantGenerator(fp,
mangle_from_=False,
maxheaderlen=76)
g.flatten(message.get_payload(0))
signed_text = re.sub('\r?\n', '\r\n', fp.getvalue())
def assert_verify(key):
self.assertTrue(ADDRESS_2 in key.address,
'Signature could not be verified.')
d = self._km.verify(
signed_text,
ADDRESS_2,
openpgp.OpenPGPKey,
detached_sig=message.get_payload(1).get_payload())
d.addCallback(assert_verify)
return d
d = self.outgoing_mail._maybe_encrypt_and_sign(self.raw, recipient)
d.addCallback(check_signed)
d.addCallback(verify)
return d