def test_get_gpg(self):
from secure_mail import utils
previous_value = utils.GNUPG_ENCODING
try:
utils.GNUPG_ENCODING = None
utils.get_gpg()
finally:
utils.GNUPG_ENCODING = previous_value
def test_get_gpg_specified_encoding(self):
from secure_mail import utils
previous_value = utils.GNUPG_ENCODING
try:
utils.GNUPG_ENCODING = 'utf-8'
gpg_obj = utils.get_gpg()
finally:
utils.GNUPG_ENCODING = previous_value
self.assertEqual(gpg_obj.encoding, 'utf-8')
def delete(self):
"""
Remove any keys for this address.
"""
gpg = get_gpg()
for key in gpg.list_keys():
if self.address in addresses_for_key(gpg, key):
gpg.delete_keys(key["fingerprint"], True)
gpg.delete_keys(key["fingerprint"])
super(Address, self).delete()
def clean_key(self):
"""
Validate the key contains an email address.
"""
key = self.cleaned_data["key"]
gpg = get_gpg()
result = gpg.import_keys(key)
if result.count == 0:
raise forms.ValidationError(_("Invalid Key"))
return key
def test_get_gpg_default_encoding(self):
from secure_mail import utils
previous_value = utils.GNUPG_ENCODING
try:
utils.GNUPG_ENCODING = None
gpg_obj = utils.get_gpg()
finally:
utils.GNUPG_ENCODING = previous_value
# GPG.encoding is hard-coded to latin-1 in gnupg.py
self.assertEqual(gpg_obj.encoding, 'latin-1')
def delete(self):
"""
Remove any keys for this address.
"""
gpg = get_gpg()
for key in gpg.list_keys():
if self.address in addresses_for_key(gpg, key):
gpg.delete_keys(key["fingerprint"],
secret=True,
passphrase=SIGNING_KEY_PASSPHRASE)
gpg.delete_keys(key["fingerprint"])
super(Address, self).delete()
def save(self, *args, **kwargs):
gpg = get_gpg()
result = gpg.import_keys(self.key)
addresses = []
for key in result.results:
addresses.extend(addresses_for_key(gpg, key))
self.fingerprint = result.fingerprints[0]
super(Key, self).save(*args, **kwargs)
for address in addresses:
address, _ = Address.objects.get_or_create(key=self,
address=address)
address.use_asc = self.use_asc
address.save()
def check_signing_key(app_configs, **kwargs):
errors = []
if SIGNING_KEY_FINGERPRINT is not None:
gpg = get_gpg()
try:
gpg.list_keys(True).key_map[SIGNING_KEY_FINGERPRINT]
except (AttributeError, KeyError):
errors = [
Error("The key specified by the "
"SECURE_MAIL_SIGNING_KEY_FINGERPRINT setting ({fp}) "
"does not exist in the GPG keyring.".format(
fp=SIGNING_KEY_FINGERPRINT),
hint="Adjust the SECURE_MAIL_GNUPG_HOME setting "
"(currently set to {gnupg_home}, correct the key "
"fingerprint, or generate a new key by running "
"python manage.py email_signing_key --generate "
"to fix.".format(gnupg_home=GNUPG_HOME),
id='secure_mail.E0001')
]
return errors
"""
Script to generate and upload a signing key to keyservers
"""
from __future__ import print_function
import argparse
from django.core.management.base import LabelCommand, CommandError
from django.utils.translation import ugettext as _
from secure_mail.models import Key
from secure_mail.settings import SIGNING_KEY_DATA
from secure_mail.utils import get_gpg
gpg = get_gpg()
# This is split out so we can mock it for tests
def upload_keys(keyservers, fingerprint):
gpg.send_keys(keyservers, fingerprint) # pragma: nocover
# Create an action that *extends* a list, instead of *appending* to it
class ExtendAction(argparse.Action):
def __call__(self, parser, namespace, values, option_string=None):
items = getattr(namespace, self.dest) or []
items.extend(values)
setattr(namespace, self.dest, items)
def setUpClass(cls):
cls.gpg = get_gpg()
super(GPGMixin, cls).setUpClass()
