def test_decrypt(self):
'''
Check that the encrypted message can be decrypted and returns the
original message.
'''
decrypted = decrypt(ENCRYPTED_MSG, self.certpath, self.keypath)
if decrypted.strip() != MSG:
self.fail('Failed to decrypt message.')
def test_decrypt(self):
'''
Check that the encrypted message can be decrypted and returns the
original message.
'''
decrypted = decrypt(ENCRYPTED_MSG, self.certpath, self.keypath)
if decrypted.strip() != MSG:
self.fail('Failed to decrypt message.')
def test_decrypt(self):
'''
Check that the encrypted message can be decrypted and returns the
original message.
'''
encrypted = encrypt(MSG, TEST_CERT_FILE)
decrypted = decrypt(encrypted, TEST_CERT_FILE, TEST_KEY_FILE)
if decrypted.strip() != MSG:
self.fail('Failed to decrypt message.')
def test_decrypt(self):
'''
Check that the encrypted message can be decrypted and returns the
original message.
'''
encrypted = encrypt(MSG, TEST_CERT_FILE)
decrypted = decrypt(encrypted, TEST_CERT_FILE, TEST_KEY_FILE)
if decrypted.strip() != MSG:
self.fail('Failed to decrypt message.')
def _handle_msg(self, text):
'''
Deal with the raw message contents appropriately:
- decrypt if necessary
- verify signature
Return plain-text message and signer's DN.
'''
if text is None or text == '':
return None, None
# if not text.startswith('MIME-Version: 1.0'):
# raise Ssm2Exception('Not a valid message.')
# encrypted - this could be nicer
if 'application/pkcs7-mime' in text or 'application/x-pkcs7-mime' in text:
try:
text = crypto.decrypt(text, self._cert, self._key)
except crypto.CryptoException, e:
log.error('Failed to decrypt message: %s', e)
return None, None
def _handle_msg(self, text):
'''
Deal with the raw message contents appropriately:
- decrypt if necessary
- verify signature
Return plain-text message and signer's DN.
'''
if text is None or text == '':
return None, None
# if not text.startswith('MIME-Version: 1.0'):
# raise Ssm2Exception('Not a valid message.')
# encrypted - this could be nicer
if 'application/pkcs7-mime' in text or 'application/x-pkcs7-mime' in text:
try:
text = crypto.decrypt(text, self._cert, self._key)
except crypto.CryptoException, e:
log.error('Failed to decrypt message: %s' % e)
return None, None
def test_encrypt(self):
'''
Not a correct test yet.
'''
encrypted = encrypt(MSG, TEST_CERT_FILE)
if not 'MIME-Version' in encrypted:
self.fail('Encrypted message is not MIME')
# Indirect testing, using the decrypt_message function.
decrypted = decrypt(encrypted, TEST_CERT_FILE, TEST_KEY_FILE)
if decrypted != MSG:
self.fail("Encrypted message wasn't decrypted successfully.")
# invalid cipher
try:
encrypted = encrypt(MSG, TEST_CERT_FILE, 'aes1024')
except CryptoException:
pass
def test_encrypt(self):
'''
Not a correct test yet.
'''
encrypted = encrypt(MSG, self.certpath)
if not 'MIME-Version' in encrypted:
self.fail('Encrypted message is not MIME')
# Indirect testing, using the decrypt_message function.
decrypted = decrypt(encrypted, self.certpath, self.keypath)
if decrypted != MSG:
self.fail("Encrypted message wasn't decrypted successfully.")
# invalid cipher
try:
encrypted = encrypt(MSG, self.certpath, 'aes1024')
except CryptoException:
pass
def _handle_msg(self, text):
"""Deal with the raw message contents appropriately.
Namely:
- decrypt if necessary
- verify signature
- Return plain-text message, signer's DN and an error/None.
"""
if text is None or text == '':
warning = 'Empty text passed to _handle_msg.'
log.warn(warning)
return None, None, warning
# if not text.startswith('MIME-Version: 1.0'):
# raise Ssm2Exception('Not a valid message.')
# encrypted - this could be nicer
if 'application/pkcs7-mime' in text or 'application/x-pkcs7-mime' in text:
try:
text = crypto.decrypt(text, self._cert, self._key)
except crypto.CryptoException as e:
error = 'Failed to decrypt message: %s' % e
log.error(error)
return None, None, error
# always signed
try:
message, signer = crypto.verify(text, self._capath,
self._check_crls)
except crypto.CryptoException as e:
error = 'Failed to verify message: %s' % e
log.error(error)
return None, None, error
if signer not in self._valid_dns:
warning = 'Signer not in valid DNs list: %s' % signer
log.warn(warning)
return None, signer, warning
else:
log.info('Valid signer: %s', signer)
return message, signer, None
