def test_sign_handler(self):
publickey.Identity('alice', basedir=self.pbp_path, create=True)
publickey.Identity('bob', basedir=self.pbp_path, create=True)
msg=self.tmp_dir+'/msg'
msg2=self.tmp_dir+'/msg2'
signed=self.tmp_dir+'/signed'
with open(msg, 'w') as fd:
fd.write('0' * 1080)
pbp.sign_handler(infile=msg, outfile=signed, self='alice', basedir=self.pbp_path)
sender = pbp.verify_handler(infile=signed, outfile=msg2, basedir=self.pbp_path)
with open(msg2, 'r') as fd:
res = fd.read()
self.assertEquals(res, '0'*1080)
self.assertEquals(sender, 'alice')
def test_sign_handler(self):
publickey.Identity('alice', basedir=self.pbp_path, create=True)
publickey.Identity('bob', basedir=self.pbp_path, create=True)
msg = self.tmp_dir + '/msg'
msg2 = self.tmp_dir + '/msg2'
signed = self.tmp_dir + '/signed'
with open(msg, 'w') as fd:
fd.write('0' * 1080)
pbp.sign_handler(infile=msg,
outfile=signed,
self='alice',
basedir=self.pbp_path)
sender = pbp.verify_handler(infile=signed,
outfile=msg2,
basedir=self.pbp_path)
with open(msg2, 'r') as fd:
res = fd.read()
self.assertEquals(res, '0' * 1080)
self.assertEquals(sender, 'alice')
armor=opts.armor,
basedir=opts.basedir)
# verify
elif opts.action=='v':
if PITCHFORK and opts.PITCHFORK:
ensure_signature_specified(opts)
ensure_recipient_specified(opts)
pitchfork.init()
res=pitchfork.verify(opts.signature,
opts.recipient[0],
infile=opts.infile,
outfile=opts.outfile)
else:
res = verify_handler(infile=opts.infile,
outfile=opts.outfile,
basedir=opts.basedir)
if res:
print >>sys.stderr, "[pbp] good message from", res
else:
print >>sys.stderr, '[pbp] VERIFICATION FAILED'
# key sign
elif opts.action=='m':
ensure_name_specified(opts)
ensure_self_specified(opts)
sig = keysign_handler(name=opts.name,
self=opts.self,
basedir=opts.basedir)
if sig: print "[pbp] key signed in", sig
else: print >>sys.stderr, '[pbp] SIGNATURE FAILED'
def main():
# main command line handler for pbp
parser = argparse.ArgumentParser(description='pbp')
group = parser.add_mutually_exclusive_group()
group.add_argument('--gen-key', '-g', dest='action', action='store_const', const='g', help="generates a new key")
group.add_argument('--encrypt', '-c', dest='action', action='store_const', const='c',help="encrypts")
group.add_argument('--decrypt', '-d', dest='action', action='store_const', const='d',help="decrypts")
group.add_argument('--sign', '-s', dest='action', action='store_const', const='s',help="signs")
group.add_argument('--master-sign', '-m', dest='action', action='store_const', const='m',help="signs keys with your masterkey")
group.add_argument('--verify', '-v', dest='action', action='store_const', const='v',help="verifies")
group.add_argument('--list', '-l', dest='action', action='store_const', const='l',help="lists public keys")
group.add_argument('--list-secret', '-L', dest='action', action='store_const', const='L',help="Lists secret keys")
group.add_argument('--export-key', '-x', dest='action', action='store_const', const='x',help="export public key")
group.add_argument('--import-key', '-X', dest='action', action='store_const', const='X',help="import public key")
group.add_argument('--check-sigs', '-C', dest='action', action='store_const', const='C',help="lists all known sigs on a public key")
group.add_argument('--fcrypt', '-e', dest='action', action='store_const', const='e',help="encrypts a message using PFS to a peer")
group.add_argument('--fdecrypt', '-E', dest='action', action='store_const', const='E',help="decrypts a message using PFS to a peer")
group.add_argument('--dh-start', '-Ds', dest='action', action='store_const', const='ds',help="initiates an ECDH key exchange")
group.add_argument('--dh-end', '-De', dest='action', action='store_const', const='de',help="finalizes an ECDH key exchange")
group.add_argument('--rand-stream', '-R', dest='action', action='store_const', const='R',help="generate arbitrary random stream")
parser.add_argument('--recipient', '-r', action='append', help="designates a recipient for public key encryption")
parser.add_argument('--name', '-n', help="sets the name for a new key")
parser.add_argument('--basedir', '-b', '--base-dir', help="set the base directory for all key storage needs", default=defaultbase)
parser.add_argument('--self', '-S', help="sets your own key")
parser.add_argument('--size', '-Rs',help="size of random stream to generate")
parser.add_argument('--dh-peers', '-Dp',help="the number of peers participating in a ECDH key exchange")
parser.add_argument('--infile', '-i', help="file to operate on")
parser.add_argument('--armor', '-a', action='store_true', help="ascii armors the output")
parser.add_argument('--outfile', '-o', help="file to output to")
opts=parser.parse_args()
opts.basedir=os.path.expandvars( os.path.expanduser(opts.basedir))
# Generate key
if opts.action=='g':
ensure_name_specified(opts)
publickey.Identity(opts.name, create=True, basedir=opts.basedir)
# list public keys
elif opts.action=='l':
for i in publickey.get_public_keys(opts.basedir):
print ('valid' if i.valid > datetime.datetime.utcnow() > i.created
else 'invalid'), i.keyid(), i.name
# list secret keys
elif opts.action=='L':
for i in publickey.get_secret_keys(opts.basedir):
print ('valid' if i.valid > datetime.datetime.utcnow() > i.created
else 'invalid'), i.keyid(), i.name
# encrypt
elif opts.action=='c':
if opts.recipient or opts.self:
ensure_self_specified(opts)
ensure_recipient_specified(opts)
encrypt_handler(infile=opts.infile,
outfile=opts.outfile,
recipient=opts.recipient,
self=opts.self,
basedir=opts.basedir)
# decrypt
elif opts.action=='d':
decrypt_handler(infile=opts.infile,
outfile=opts.outfile,
self=opts.self,
basedir=opts.basedir)
# sign
elif opts.action=='s':
ensure_self_specified(opts)
sign_handler(infile=opts.infile,
outfile=opts.outfile,
self=opts.self,
armor=opts.armor,
basedir=opts.basedir)
# verify
elif opts.action=='v':
res = verify_handler(infile=opts.infile,
outfile=opts.outfile,
basedir=opts.basedir)
if res:
print >>sys.stderr, "good message from", res
else:
print >>sys.stderr, 'verification failed'
# key sign
elif opts.action=='m':
ensure_name_specified(opts)
ensure_self_specified(opts)
sig = keysign_handler(name=opts.name,
self=opts.self,
basedir=opts.basedir)
if sig: print "key signed in", sig
else: print >>sys.stderr, 'signature failed'
def main():
# main command line handler for pbp
parser = argparse.ArgumentParser(description='pbp')
group = parser.add_mutually_exclusive_group()
group.add_argument('--gen-key', '-g', dest='action', action='store_const', const='g', help="generates a new key")
group.add_argument('--encrypt', '-c', dest='action', action='store_const', const='c',help="encrypts")
group.add_argument('--decrypt', '-d', dest='action', action='store_const', const='d',help="decrypts")
group.add_argument('--sign', '-s', dest='action', action='store_const', const='s',help="signs")
group.add_argument('--master-sign', '-m', dest='action', action='store_const', const='m',help="signs keys with your masterkey")
group.add_argument('--verify', '-v', dest='action', action='store_const', const='v',help="verifies")
group.add_argument('--hash', '-H', dest='action', action='store_const', const='h',help="hashes")
group.add_argument('--list', '-l', dest='action', action='store_const', const='l',help="lists public keys")
group.add_argument('--list-secret', '-L', dest='action', action='store_const', const='L',help="Lists secret keys")
group.add_argument('--export-key', '-x', dest='action', action='store_const', const='x',help="export public key")
group.add_argument('--import-key', '-X', dest='action', action='store_const', const='X',help="import public key")
group.add_argument('--check-sigs', '-C', dest='action', action='store_const', const='C',help="lists all known sigs on a public key")
group.add_argument('--fcrypt', '-e', dest='action', action='store_const', const='e',help="encrypts a message using PFS to a peer")
group.add_argument('--fdecrypt', '-E', dest='action', action='store_const', const='E',help="decrypts a message using PFS to a peer")
group.add_argument( '-D1', dest='action', action='store_const', const='d1',help="initiates an ECDH key exchange")
group.add_argument( '-D2', dest='action', action='store_const', const='d2',help="responds to an ECDH key request")
group.add_argument( '-D3', dest='action', action='store_const', const='d3',help="finalizes an ECDH key exchange")
group.add_argument('--dh-start', '-Ds', dest='action', action='store_const', const='ds',help="initiates an ECDH key exchange")
group.add_argument('--dh-end', '-De', dest='action', action='store_const', const='de',help="finalizes an ECDH key exchange")
group.add_argument('--rand-stream', '-R', dest='action', action='store_const', const='R',help="generate arbitrary random stream")
if PITCHFORK: parser.add_argument('--pitchfork', '-P', dest='PITCHFORK', action='store_const', const='P',help="arms PITCHFORK", default=False)
parser.add_argument('--signature', '-z', help="sets the pitchfork sig to verify")
parser.add_argument('--recipient', '-r', action='append', help="designates a recipient for public key encryption")
parser.add_argument('--name', '-n', help="sets the name for a new key")
parser.add_argument('--basedir', '-b', '--base-dir', help="set the base directory for all key storage needs", default=defaultbase)
parser.add_argument('--self', '-S', help="sets your own key")
parser.add_argument('--key', '-k', help="some password or secret")
parser.add_argument('--dh-param', '-DP',help="public parameter for ECDH key exchange")
parser.add_argument('--dh-exp', '-DE',help="secret exp for final step of a ECDH key exchange")
parser.add_argument('--size', '-Rs',help="size of random stream to generate")
parser.add_argument('--dh-peers', '-Dp',help="the number of peers participating in a ECDH key exchange")
parser.add_argument('--infile', '-i', help="file to operate on")
parser.add_argument('--armor', '-a', action='store_true', help="ascii armors the output")
parser.add_argument('--outfile', '-o', help="file to output to")
opts=parser.parse_args()
opts.basedir=os.path.expandvars( os.path.expanduser(opts.basedir))
# Generate key
if opts.action=='g':
ensure_name_specified(opts)
publickey.Identity(opts.name, create=True, basedir=opts.basedir)
# list public keys
elif opts.action=='l':
if PITCHFORK:
pitchfork.init()
res = pitchfork.listkeys(opts.name)
if(res):
keys, stats = res
pitchfork.print_keys(keys)
pitchfork.storage_stats(stats, keys)
else:
print 'none'
else:
for i in publickey.get_public_keys(opts.basedir):
print ('valid' if i.valid > datetime.datetime.utcnow() > i.created
else 'invalid'), i.keyid(), i.name
# list secret keys
elif opts.action=='L':
for i in publickey.get_secret_keys(opts.basedir):
print ('valid' if i.valid > datetime.datetime.utcnow() > i.created
else 'invalid'), i.keyid(), i.name
# encrypt
elif opts.action=='c':
if PITCHFORK:
ensure_recipient_specified(opts)
pitchfork.init()
res=pitchfork.encrypt(opts.recipient[0],
infile=opts.infile,
outfile=opts.outfile)
if res:
print >>sys.stderr, b85encode(res)
return
if opts.recipient or opts.self:
ensure_self_specified(opts)
ensure_recipient_specified(opts)
encrypt_handler(infile=opts.infile,
outfile=opts.outfile,
recipient=opts.recipient,
self=opts.self,
basedir=opts.basedir)
# decrypt
elif opts.action=='d':
if PITCHFORK:
ensure_recipient_specified(opts)
pitchfork.init()
res=pitchfork.decrypt(opts.recipient[0],
infile=opts.infile,
outfile=opts.outfile)
else:
sender = decrypt_handler(infile=opts.infile,
outfile=opts.outfile,
self=opts.self,
basedir=opts.basedir)
if sender:
print >>sys.stderr, 'good message from', sender
# sign
elif opts.action=='s':
if PITCHFORK:
ensure_recipient_specified(opts)
pitchfork.init()
res=pitchfork.sign(opts.recipient[0],
infile=opts.infile,
outfile=opts.outfile)
if res:
print >>sys.stderr, b85encode(res[0]), b85encode(res[1])
return
ensure_self_specified(opts)
sign_handler(infile=opts.infile,
outfile=opts.outfile,
self=opts.self,
armor=opts.armor,
basedir=opts.basedir)
# verify
elif opts.action=='v':
if PITCHFORK:
ensure_signature_specified(opts)
ensure_recipient_specified(opts)
pitchfork.init()
res=pitchfork.verify(opts.signature,
opts.recipient[0],
infile=opts.infile,
outfile=opts.outfile)
else:
res = verify_handler(infile=opts.infile,
outfile=opts.outfile,
basedir=opts.basedir)
if res:
print >>sys.stderr, "good message from", res
else:
print >>sys.stderr, 'verification failed'
# key sign
elif opts.action=='m':
ensure_name_specified(opts)
ensure_self_specified(opts)
sig = keysign_handler(name=opts.name,
self=opts.self,
basedir=opts.basedir)
if sig: print "key signed in", sig
else: print >>sys.stderr, 'signature failed'
res = pitchfork.sign(opts.recipient[0], infile=opts.infile, outfile=opts.outfile)
if res:
print >> sys.stderr, b85encode(res[0]), b85encode(res[1])
return
ensure_self_specified(opts)
sign_handler(infile=opts.infile, outfile=opts.outfile, self=opts.self, armor=opts.armor, basedir=opts.basedir)
# verify
elif opts.action == "v":
if PITCHFORK and opts.PITCHFORK:
ensure_signature_specified(opts)
ensure_recipient_specified(opts)
pitchfork.init()
res = pitchfork.verify(opts.signature, opts.recipient[0], infile=opts.infile, outfile=opts.outfile)
else:
res = verify_handler(infile=opts.infile, outfile=opts.outfile, basedir=opts.basedir)
if res:
print >> sys.stderr, "[pbp] good message from", res
else:
print >> sys.stderr, "[pbp] VERIFICATION FAILED"
# key sign
elif opts.action == "m":
ensure_name_specified(opts)
ensure_self_specified(opts)
sig = keysign_handler(name=opts.name, self=opts.self, basedir=opts.basedir)
if sig:
print "[pbp] key signed in", sig
else:
print >> sys.stderr, "[pbp] SIGNATURE FAILED"