diff options
| -rw-r--r-- | tests/keydata.py | 61 | ||||
| -rw-r--r-- | tests/test_openpgp.py | 57 |
2 files changed, 95 insertions, 23 deletions
diff --git a/tests/keydata.py b/tests/keydata.py index bbe4c2f..2ddd05b 100644 --- a/tests/keydata.py +++ b/tests/keydata.py @@ -15,6 +15,33 @@ pF0dI8rs9w6zMzVEq0lhDPpKFGDveoGfg/+TpvBNXZ7DWH23GM4kID3pk4LLMc24U1PhABEB AAE= ''') +SECRET_KEY = base64.b64decode(b''' +lQOYBFnwXJMBCACgaTVz+d10TGL9zR920sb0GBFsitAJ5ZFzO4E0cg3SHhwI+reMJQ6LLKmH +owY/E1dl5FBbnJoRMxXP7/eScQ7HlhYj1gMPN5XiS2pkPwVkmJKBDV42DLwoytC+ot0frRTJ +vSdEPCX81BNMgFiBSpkeZfXqb9XmU03bh6mFnrdd4CsHpTQGcsVXHK8QKhaxuqmHTALdpSzK +Cb/r0N/Z3sQExZhfLcBf/9UUVXj44Nwc6ooqZLRizHydxwQdxNu0aOFGEBn9WTi8Slf7MfR/ +pF0dI8rs9w6zMzVEq0lhDPpKFGDveoGfg/+TpvBNXZ7DWH23GM4kID3pk4LLMc24U1PhABEB +AAEAB/sEgeBMIXW9ClZvvj9HlfWcLz7yF1ZwKMC1BbOENz43LLxp7i2RJQtrErayxnxq8k6u +4ML3SAe2OwK+ZIZG2aFqL0fw+tb8KvotsSPMrE6o/HaFZMxEZYg19zj1WlsvRCxE3OlJDA2f +NJBUQnj6LQ/vYDsQOtM+VRHnfMDhLcwGObZnNPMwtmwkHLKWTgyTwAGnLObSheVutVbdyU6+ +wI3UXwAoilW2e+9pKtwaODjqT7pQ2maVSCY4MPGdLQpbPy61COstdpK/hRdI3liLuwszdlnT +1QhiLsOTHPt4JjYdv2jgDjQobbe/ziKNzFp1eoMHDkbjzAh7oD2FxJcZEYLnBADE5oryW+9G +lyYQe3x74QD5BGTZfvJctvEOgUg8BsoIfXJgBzwnEwOD0XBgJcl5qgt3IBH9Fn3JnYMpw12S +EG2W4N8VCIBxIkDEBABVJfp1Q7HAJ8GSmzENnvt1iaAZPUscaFVpMyuajsCDmyK92NMymGiN +Ab1H5MU4gaFGaEaajwQA0I7gglsehQA2MSyJD0Uj+0b6n9KtiUzjyWEOcITXn4buf4O8Llor +8gU0BWuv3hmIcvNsuJfmgXavVxq2UHtiGaO7T9Vk4Sr8MKS9EYrLNbK41Lyb+tjxk3jYjEyF +qCDNEtWKIZR4ENdRjo5gYKBtuqv1AYYSkflOTeaRlv/kIo8D/jVcyjmO19tNJM8lQE1xCvhp +5maXOoSk1UoUmDprsKA2Em47J83sVivrIwBySB2n9srQynnV+8I47mX7YzYtNQ6uXdL3p/5e +FRW+yfqVCShhSfyQdOmJ978UyQEwY0+0hhK372KatmaL9KEkKSuXgsqshv3XiB9yu3Su1jw5 +y2IQNP0= +''') + +PUBLIC_SUBKEY = base64.b64decode(b''' +uI0EX0UFkQEEALU4+b/dzg0XLBByu3//Oo/E9eA6evMIzV39ktdXLZr2WiSEaK1lXNpInsmE +8oJg/iF6p2X6bz37WmfgFJtq8z4oPvmD1HYk7e5C8/axM71/K8/QO8W7G4lZdbLBGxyJoySb +2Rpj2B/w44AMBDABYmlzyhM3vdF74V08fYYmUWMTABEBAAE= +''') + UID = base64.b64decode(b''' tCRnZW1hdG8gdGVzdCBrZXkgPGdlbWF0b0BleGFtcGxlLmNvbT4= ''') @@ -34,6 +61,19 @@ nN9awICBJeoZhpAZqZg323oiA7cbj/g0TTQLLJ6NL/Hmm1I7QAx51Aj+KgB6NqT/9wBkEs3Y 1hj62rV11dnAPXryUQ== ''') +PUBLIC_SUBKEY_SIG = base64.b64decode(b''' +iQHrBBgBCAAgFiEEgeEsFr2NzWC+GAhFE2iA5yp7E4QFAl9FBZECGwIAvwkQE2iA5yp7E4S0 +IAQZAQgAHRYhBH6d3jy+R+Q3QY33QDi50vdsyDPMBQJfRQWRAAoJEDi50vdsyDPMxF4EAJS/ +MW4l9ZRg0JBhapqrE+NFiaym051NXrdWQc34ZVO0oAnStc1U0s7+6+o67tND9X3YDkmPfRvn +4x0FgBcWjfA8T6N/wzJSuTH76JE3voMBX7xebVJ89gP8p9oQx+HNXVtouj6b3cdSTWGHNAb2 +Ji71DnkcDLD2l1P8wKSWCIO+K1sH/3WRcRlkZ9PXrsShDdLo8Cxip2tTPdFe8ahfSpix06ge +PPtGIwdGgeYMdZW+be4l5DEXJauXkGJ/EL4ipLg1TnSMcuMe9dglsnC+yE2kx92xcQLOIq0A +myPXdNtm8yxIQg4PFE6cX2lXuVuAb8EG+P5gG//9Waek02f4sWms+JDFjokk9YdUVp9ZHLrg +a9rtwAMhA6P8udfjcDru8Z52H48hTyVw6NMXQzlIxpH7i3N3vsLwzQqZM8+QfzXKslGcvExe +z1dpOqj/4iGFFn5b7X2G/CUak99fa2t6JiDmrtaYD5VX6UWxBvC6tjS4YPThSr77Rv+IbwjK +xQA+ptoUSGE= +''') + EXPIRED_KEY_SIG = base64.b64decode(b''' iQFMBBMBCgA2AhsDBQsJCg0EAxUKCAIeAQIXgBYhBIHhLBa9jc1gvhgIRRNogOcqexOEBQJZ 8QlkBQkAAf5RAAoJEBNogOcqexOElMkH/2dcbW+AQFcenwmyCRuawABbNxKx2a5EVyvYUjco @@ -53,27 +93,6 @@ qfgbH4Vg3E1oqtoIsMqjr1nroOarPhXZ35YblNzN9SGmEe1PwIY7um3jAPbJMHAp5pgwINbZ DUXiYXhSEIvfp5xD4CXIju87B5hYsWLu4/9sNyhHLPmsLTMt69F6f1FTDA== ''') -SECRET_KEY = base64.b64decode(b''' -lQOYBFnwXJMBCACgaTVz+d10TGL9zR920sb0GBFsitAJ5ZFzO4E0cg3SHhwI+reMJQ6LLKmH -owY/E1dl5FBbnJoRMxXP7/eScQ7HlhYj1gMPN5XiS2pkPwVkmJKBDV42DLwoytC+ot0frRTJ -vSdEPCX81BNMgFiBSpkeZfXqb9XmU03bh6mFnrdd4CsHpTQGcsVXHK8QKhaxuqmHTALdpSzK -Cb/r0N/Z3sQExZhfLcBf/9UUVXj44Nwc6ooqZLRizHydxwQdxNu0aOFGEBn9WTi8Slf7MfR/ -pF0dI8rs9w6zMzVEq0lhDPpKFGDveoGfg/+TpvBNXZ7DWH23GM4kID3pk4LLMc24U1PhABEB -AAEAB/sEgeBMIXW9ClZvvj9HlfWcLz7yF1ZwKMC1BbOENz43LLxp7i2RJQtrErayxnxq8k6u -4ML3SAe2OwK+ZIZG2aFqL0fw+tb8KvotsSPMrE6o/HaFZMxEZYg19zj1WlsvRCxE3OlJDA2f -NJBUQnj6LQ/vYDsQOtM+VRHnfMDhLcwGObZnNPMwtmwkHLKWTgyTwAGnLObSheVutVbdyU6+ -wI3UXwAoilW2e+9pKtwaODjqT7pQ2maVSCY4MPGdLQpbPy61COstdpK/hRdI3liLuwszdlnT -1QhiLsOTHPt4JjYdv2jgDjQobbe/ziKNzFp1eoMHDkbjzAh7oD2FxJcZEYLnBADE5oryW+9G -lyYQe3x74QD5BGTZfvJctvEOgUg8BsoIfXJgBzwnEwOD0XBgJcl5qgt3IBH9Fn3JnYMpw12S -EG2W4N8VCIBxIkDEBABVJfp1Q7HAJ8GSmzENnvt1iaAZPUscaFVpMyuajsCDmyK92NMymGiN -Ab1H5MU4gaFGaEaajwQA0I7gglsehQA2MSyJD0Uj+0b6n9KtiUzjyWEOcITXn4buf4O8Llor -8gU0BWuv3hmIcvNsuJfmgXavVxq2UHtiGaO7T9Vk4Sr8MKS9EYrLNbK41Lyb+tjxk3jYjEyF -qCDNEtWKIZR4ENdRjo5gYKBtuqv1AYYSkflOTeaRlv/kIo8D/jVcyjmO19tNJM8lQE1xCvhp -5maXOoSk1UoUmDprsKA2Em47J83sVivrIwBySB2n9srQynnV+8I47mX7YzYtNQ6uXdL3p/5e -FRW+yfqVCShhSfyQdOmJ978UyQEwY0+0hhK372KatmaL9KEkKSuXgsqshv3XiB9yu3Su1jw5 -y2IQNP0= -''') - OTHER_PUBLIC_KEY = base64.b64decode(b''' mQENBFtYfqUBCAC5OuNuaZOMwyegRtKFzzLlwsJaO+q1L5EN8tVHdzRUwBmwKgC8PDNiM7UG OhyN9Zasbeqvy1oF22nHIUgrDRkiB9m1k6E0FPvD2VzN1O7QiuKCjP8WaYhVRGYOXyCaaSPe diff --git a/tests/test_openpgp.py b/tests/test_openpgp.py index 6cf69a1..b60900c 100644 --- a/tests/test_openpgp.py +++ b/tests/test_openpgp.py @@ -17,9 +17,9 @@ import gemato.openpgp import gemato.recursiveloader from tests.keydata import ( - PUBLIC_KEY, SECRET_KEY, + PUBLIC_KEY, SECRET_KEY, PUBLIC_SUBKEY, UID, EXPIRED_KEY_UID, - PUBLIC_KEY_SIG, EXPIRED_KEY_SIG, REVOCATION_SIG, + PUBLIC_KEY_SIG, PUBLIC_SUBKEY_SIG, EXPIRED_KEY_SIG, REVOCATION_SIG, OTHER_PUBLIC_KEY, OTHER_PUBLIC_KEY_UID, OTHER_PUBLIC_KEY_SIG, ) from tests.testutil import HKPServerTestCase, MockedWKDOpenPGPEnvironment @@ -152,6 +152,31 @@ OTHER_VALID_PUBLIC_KEY = (OTHER_PUBLIC_KEY + OTHER_PUBLIC_KEY_UID + OTHER_PUBLIC_KEY_SIG) OTHER_KEY_FINGERPRINT = '4B8349B90C56EE7F054D52871822F5424EB6DA81' +VALID_KEY_SUBKEY = (PUBLIC_KEY + UID + PUBLIC_KEY_SIG + PUBLIC_SUBKEY + + PUBLIC_SUBKEY_SIG) +SUBKEY_FINGERPRINT = '7E9DDE3CBE47E437418DF74038B9D2F76CC833CC' +SUBKEY_SIG_TIMESTAMP = datetime.datetime(2020, 8, 25, 12, 40, 12) + +SUBKEY_SIGNED_MANIFEST = u''' +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +TIMESTAMP 2017-10-22T18:06:41Z +MANIFEST eclass/Manifest 0 MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 +IGNORE local +DATA myebuild-0.ebuild 0 MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 +MISC metadata.xml 0 MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 +DIST mydistfile.tar.gz 0 MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 +-----BEGIN PGP SIGNATURE----- + +iLMEAQEIAB0WIQR+nd48vkfkN0GN90A4udL3bMgzzAUCX0UGrAAKCRA4udL3bMgz +zH8MA/93/oNkXaA8+ZX7s8umhNMHiovdLJMna7Bl2C/tEdLfOoyp9o3lChhnB49v +g7VRUc//lz5sDUShdUUlTYjCPGLaYf2rBZHqd5POGJOsbzu1Tmtd8uhWFWnl8Kip +n4XmpdPvu+UdAHpQIGzKoNOEDJpZ5CzPLhYa5KgZiJhpYsDXgg== +=lpJi +-----END PGP SIGNATURE----- +''' + def strip_openpgp(text): lines = text.lstrip().splitlines() @@ -1292,3 +1317,31 @@ class OpenPGPWKDReplaceKeyRefreshTest(HKPServerTestCase): keyserver=self.server_addr) except gemato.exceptions.OpenPGPNoImplementation as e: raise unittest.SkipTest(str(e)) + + +class OpenPGPSubKeyTest(unittest.TestCase): + """ + Tests that a signature made using a subkey works. + """ + + def setUp(self): + self.env = gemato.openpgp.OpenPGPEnvironment() + try: + self.env.import_key(io.BytesIO(VALID_KEY_SUBKEY)) + except gemato.exceptions.OpenPGPRuntimeError as e: + self.env.close() + raise unittest.SkipTest(str(e)) + except gemato.exceptions.OpenPGPNoImplementation as e: + self.env.close() + raise unittest.SkipTest(str(e)) + + def tearDown(self): + self.env.close() + + def test_verify_manifest(self): + with io.StringIO(SUBKEY_SIGNED_MANIFEST) as f: + sig = self.env.verify_file(f) + self.assertEqual(sig.fingerprint, SUBKEY_FINGERPRINT) + self.assertEqual(sig.timestamp, SUBKEY_SIG_TIMESTAMP) + self.assertIsNone(sig.expire_timestamp) + self.assertEqual(sig.primary_key_fingerprint, KEY_FINGERPRINT) |