/brz/remove-bazaar

To get this branch, use:
bzr branch http://gegoxaren.bato24.eu/bzr/brz/remove-bazaar

« back to all changes in this revision

Viewing changes to breezy/tests/test_gpg.py

  • Committer: Jelmer Vernooij
  • Date: 2017-06-10 21:59:15 UTC
  • mto: This revision was merged to the branch mainline in revision 6690.
  • Revision ID: jelmer@jelmer.uk-20170610215915-zcpu0in3r1irx3ml
Move serializer to bzr.

Show diffs side-by-side

added added

removed removed

Lines of Context:
breezy/tests/test_gpg.py
1
 
# Copyright (C) 2005 Canonical Ltd
 
1
# Copyright (C) 2005, 2006, 2007, 2009, 2011 Canonical Ltd
2
2
#   Authors: Robert Collins <robert.collins@canonical.com>
3
3
#
4
4
# This program is free software; you can redistribute it and/or modify
18
18
"""Tests for signing and verifying blobs of data via gpg."""
19
19
 
20
20
# import system imports here
21
 
import os
22
21
import sys
23
22
 
24
 
from bzrlib import errors, ui
25
 
import bzrlib.gpg as gpg
26
 
from bzrlib.tests import TestCase, TestCaseInTempDir
27
 
 
28
 
class FakeConfig(object):
29
 
 
30
 
    def gpg_signing_command(self):
31
 
        return "false"
32
 
 
33
 
 
34
 
class TestCommandLine(TestCase):
 
23
from .. import (
 
24
    config,
 
25
    errors,
 
26
    gpg,
 
27
    tests,
 
28
    trace,
 
29
    ui,
 
30
    )
 
31
from ..sixish import (
 
32
    BytesIO,
 
33
    )
 
34
from . import (
 
35
    TestCase,
 
36
    features,
 
37
    )
 
38
 
 
39
 
 
40
class FakeConfig(config.MemoryStack):
 
41
 
 
42
    def __init__(self, content=None):
 
43
        if content is None:
 
44
            content = '''
 
45
gpg_signing_key=amy@example.com
 
46
gpg_signing_command=false'''
 
47
        super(FakeConfig, self).__init__(content)
 
48
 
 
49
 
 
50
class TestCommandLine(tests.TestCase):
 
51
 
 
52
    def setUp(self):
 
53
        super(TestCommandLine, self).setUp()
 
54
        self.my_gpg = gpg.GPGStrategy(FakeConfig())
35
55
 
36
56
    def test_signing_command_line(self):
37
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
38
 
        self.assertEqual(['false',  '--clearsign'],
 
57
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
 
58
                         self.my_gpg._command_line())
 
59
 
 
60
    def test_signing_command_line_from_default(self):
 
61
        # Using 'default' for gpg_signing_key will use the mail part of 'email'
 
62
        my_gpg = gpg.GPGStrategy(FakeConfig('''
 
63
email=Amy <amy@example.com>
 
64
gpg_signing_key=default
 
65
gpg_signing_command=false'''))
 
66
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
 
67
                         my_gpg._command_line())
 
68
 
 
69
    def test_signing_command_line_from_email(self):
 
70
        # Not setting gpg_signing_key will use the mail part of 'email'
 
71
        my_gpg = gpg.GPGStrategy(FakeConfig('''
 
72
email=Amy <amy@example.com>
 
73
gpg_signing_command=false'''))
 
74
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
39
75
                         my_gpg._command_line())
40
76
 
41
77
    def test_checks_return_code(self):
42
78
        # This test needs a unix like platform - one with 'false' to run.
43
79
        # if you have one, please make this work :)
44
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
45
 
        self.assertRaises(errors.SigningFailed, my_gpg.sign, 'content')
 
80
        self.assertRaises(errors.SigningFailed, self.my_gpg.sign, 'content')
46
81
 
47
82
    def assertProduces(self, content):
48
83
        # This needs a 'cat' command or similar to work.
49
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
50
84
        if sys.platform == 'win32':
51
85
            # Windows doesn't come with cat, and we don't require it
52
86
            # so lets try using python instead.
53
87
            # But stupid windows and line-ending conversions.
54
88
            # It is too much work to make sys.stdout be in binary mode.
55
89
            # http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/65443
56
 
            my_gpg._command_line = lambda:[sys.executable, '-c',
 
90
            self.my_gpg._command_line = lambda:[sys.executable, '-c',
57
91
                    'import sys; sys.stdout.write(sys.stdin.read())']
58
92
            new_content = content.replace('\n', '\r\n')
59
93
 
60
 
            self.assertEqual(new_content, my_gpg.sign(content))
 
94
            self.assertEqual(new_content, self.my_gpg.sign(content))
61
95
        else:
62
 
            my_gpg._command_line = lambda:['cat', '-']
63
 
            self.assertEqual(content, my_gpg.sign(content))
 
96
            self.my_gpg._command_line = lambda:['cat', '-']
 
97
            self.assertEqual(content, self.my_gpg.sign(content))
64
98
 
65
99
    def test_returns_output(self):
66
100
        content = "some content\nwith newlines\n"
86
120
                          self.assertProduces, u'foo')
87
121
 
88
122
 
 
123
class TestVerify(TestCase):
 
124
 
 
125
    def import_keys(self):
 
126
        import gpgme
 
127
        context = gpgme.Context()
 
128
 
 
129
        key = BytesIO(b"""-----BEGIN PGP PUBLIC KEY BLOCK-----
 
130
Version: GnuPG v1.4.11 (GNU/Linux)
 
131
 
 
132
mQENBE343IgBCADwzPW7kmKb2bjB+UU+1ER/ABMZspvtoZMPusUw7bk6coXHF/0W
 
133
u1K/hSYeX9xaGOfOQw41r/g13MoR9dsL6L84RLiisf38rRoBZt+d5bCbZA5Xo801
 
134
2PeoBoGo6u5oOYKAFLMvrUitPiiE0IT/oQTfC4YUrLN4A+9W0QZruPGIpIXwmZXr
 
135
L0zsqYfNqIN0ompeJenVpKpvm3loJ/zfK7R3EJ3hsv6nkUmWCFsP1Pw3UV1YuCmw
 
136
Mkdn1U7DaOql1WjXgj9ABQDJrun2TGsqrSRzBODtHKA/uOX0K3VfKBU8VZo3dXUm
 
137
1Q4ZeZC39L9qJGTH8TQYlwBLe1yAOp+vx7QJABEBAAG0JEJhemFhciBUZXN0IEtl
 
138
eSA8YmF6YWFyQGV4YW1wbGUuY29tPokBOAQTAQIAIgUCTfjciAIbAwYLCQgHAwIG
 
139
FQgCCQoLBBYCAwECHgECF4AACgkQh2gbHuMIDkWJUggAwj537fH6WW+GGLA5onys
 
140
2hZmXUq/tU+L92bjQoRY4fmsQpk/FUVPUf+NQ0v1gkxx4BTfyYewaj5G6L8cvqW2
 
141
jj7UiJd8z9gTRxWTnYwfR/w5PGmxfJsBfEUKWsccrPQdOXAhwu0fjYIVk4nqgswa
 
142
IOAZIwe5Vsfs36uSS7p8RQHAZXLXtTOn3KcXHaxu83w6nc4zkWRovGJ9isBN3haO
 
143
2qEa0mYiAfDpz40CGtb8N/TQHF3Xcw8rJcxpg6RF3jMtWQnzbVJFp13it00R3LqW
 
144
o/r3RII3Ii3z2yARlg6D+5hVOrFBV8jFLkff1R2ZnVu+7WOrnbpmt3OiMkSeZrtB
 
145
OrkBDQRN+NyIAQgArRZ2YGzUj5dXOVIWgZ1/QFpyfx/cG/293WjRE4Wt2e4SxMf2
 
146
V0dcVCqWwT0+a79Wbausv4bStD4SkwDmu0Jf3z5ERzrr7oZwP0PMsIlM5zT6XSsr
 
147
6UUneB3UXX7MrEqVogVhRM0ORIaK/oRwMXr7K6xVT+bCBP3/p66kHtY1ZpfEzTEX
 
148
imBsN3GqoewBHYIneJKBtHE7uzdzw3O5p5dXqoj5foxGi9R1J15vAmt5pI68HJeX
 
149
P6ktvXbX2Iu7VDNoCvRXM9+ntyJtsXCjNXg4pTGHS/XO4nm2db4FUZOBcVMb1vCc
 
150
VtFjLTcbCqJqpoJWUtsLcNqDqMHOQDpe6KTNTQARAQABiQEfBBgBAgAJBQJN+NyI
 
151
AhsMAAoJEIdoGx7jCA5FrR8IANnOF3PUj1TbRcwV6RoWmHsFQHrPmM8ogXia1Lsv
 
152
jE1iEWoC+muvKh6Oydf90k6ZslS7rdDnp2qzYY8W/TiDkxP+fvsZ4mMi1Y0F+3ty
 
153
1jzWhcsnB2VrJSiavxEXk0tKPrNv4EUGWG6wHsC9TBj37If+nrMyim94VHvI0eHm
 
154
X8yMlN4O3HfmgD9CbJdUxueP3e31OIYuwh/6F7GII8TNEVHU/8vh/mQcCxppNbc+
 
155
boff+kIsoa/TAMLwtJoSrX1nXm0K3vZePRLnIgmwVzdkOIkaRJUG2tSQFvkfhvtE
 
156
LhnkL5l4MO0wrUds0UWRwa3d7j/P2ExrqXdlLmEzrifWyEQ=
 
157
=hUJn
 
158
-----END PGP PUBLIC KEY BLOCK-----
 
159
""")
 
160
 
 
161
        secret_key = BytesIO(b"""-----BEGIN PGP PRIVATE KEY BLOCK-----
 
162
Version: GnuPG v1.4.11 (GNU/Linux)
 
163
 
 
164
lQOYBE343IgBCADwzPW7kmKb2bjB+UU+1ER/ABMZspvtoZMPusUw7bk6coXHF/0W
 
165
u1K/hSYeX9xaGOfOQw41r/g13MoR9dsL6L84RLiisf38rRoBZt+d5bCbZA5Xo801
 
166
2PeoBoGo6u5oOYKAFLMvrUitPiiE0IT/oQTfC4YUrLN4A+9W0QZruPGIpIXwmZXr
 
167
L0zsqYfNqIN0ompeJenVpKpvm3loJ/zfK7R3EJ3hsv6nkUmWCFsP1Pw3UV1YuCmw
 
168
Mkdn1U7DaOql1WjXgj9ABQDJrun2TGsqrSRzBODtHKA/uOX0K3VfKBU8VZo3dXUm
 
169
1Q4ZeZC39L9qJGTH8TQYlwBLe1yAOp+vx7QJABEBAAEAB/0RJTbV991SOtVfPQVu
 
170
LM+tD0SiOXJwIBIINlngsFHWVIiBSDb6uF8dneMR70IRnuEFHFyAUXA7PZDxvcSu
 
171
phAqIdKCWxQPkAULAS0o4U2K3ZFGh4uOqvfZ8eSnh1rETFv7Yf3u23K89cZiy99n
 
172
EtWgSqzC/2z5PaZ7/alsYCBqhHuyd4Phaud7qv7FTz8mFrCf+CCY+D08wbnZBu4g
 
173
N9tBwoxT/UKRfv3nghIh9v+3qWfBEFGhrYbt92XKFbHOQeATZz8AGIv1eqN/+ZQY
 
174
oYmvVfO3GkrWaRoPeJNLqSDEn/45O1Uh9MJ4mQclXqB0QzMShle8uusHxIeJSQsR
 
175
z//VBAD11WS7qSgCeiHR+4jDzrrlb2snnA2bfDToEomDxd/n8xm7nJWdkNfJ2BCw
 
176
KvnxYVxjFNAwkKJGRajzALBLzRVO+K9NtSLiddv5zv+UNdgsKuE8tD7Jqxd/IbWw
 
177
AimCtL8osnJ+r9dvL+NyjkAT6l/NdEbLXGrBaMeTfSgl2cBOOwQA+sJIh1R5PiCK
 
178
nLIs9pm3PSy3w92Peelq/x/+0aebTZaJUk2ou3oCvB3druDqrUeaopuuCc0drV7C
 
179
Ldoey8x/T2ZGzmT2af9qNaD6ScTimDodXcJdwlpobhZTKpsE4EyywpLXtlWte1x0
 
180
1Mq3llQsIdRdf3GLS+L207hWgKDiDosD/0SyOBO/IBDteeEzeN2hNE3A8oeVbvRS
 
181
XrS/3uj6oKmlWUBORYP8ptUrXPoVPmNz2y4GO+OysFtfct3Yqb+Sb/52SXMOHTox
 
182
2oLW08tkzfkDArU5aauMEPmyutGyJ+hGo7fsuLXzXR8OPw4yZJdzG1tRlP2TTKmq
 
183
Fx8G/Ik6bN4zTYK0JEJhemFhciBUZXN0IEtleSA8YmF6YWFyQGV4YW1wbGUuY29t
 
184
PokBOAQTAQIAIgUCTfjciAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ
 
185
h2gbHuMIDkWJUggAwj537fH6WW+GGLA5onys2hZmXUq/tU+L92bjQoRY4fmsQpk/
 
186
FUVPUf+NQ0v1gkxx4BTfyYewaj5G6L8cvqW2jj7UiJd8z9gTRxWTnYwfR/w5PGmx
 
187
fJsBfEUKWsccrPQdOXAhwu0fjYIVk4nqgswaIOAZIwe5Vsfs36uSS7p8RQHAZXLX
 
188
tTOn3KcXHaxu83w6nc4zkWRovGJ9isBN3haO2qEa0mYiAfDpz40CGtb8N/TQHF3X
 
189
cw8rJcxpg6RF3jMtWQnzbVJFp13it00R3LqWo/r3RII3Ii3z2yARlg6D+5hVOrFB
 
190
V8jFLkff1R2ZnVu+7WOrnbpmt3OiMkSeZrtBOp0DlwRN+NyIAQgArRZ2YGzUj5dX
 
191
OVIWgZ1/QFpyfx/cG/293WjRE4Wt2e4SxMf2V0dcVCqWwT0+a79Wbausv4bStD4S
 
192
kwDmu0Jf3z5ERzrr7oZwP0PMsIlM5zT6XSsr6UUneB3UXX7MrEqVogVhRM0ORIaK
 
193
/oRwMXr7K6xVT+bCBP3/p66kHtY1ZpfEzTEXimBsN3GqoewBHYIneJKBtHE7uzdz
 
194
w3O5p5dXqoj5foxGi9R1J15vAmt5pI68HJeXP6ktvXbX2Iu7VDNoCvRXM9+ntyJt
 
195
sXCjNXg4pTGHS/XO4nm2db4FUZOBcVMb1vCcVtFjLTcbCqJqpoJWUtsLcNqDqMHO
 
196
QDpe6KTNTQARAQABAAf1EfceUlGLvoA/+yDTNTMjuPfzfKwbB/FOVfX44g3Za1eT
 
197
v7RvSuj4rFYIdE9UvZEei/pqPOSc+hhSsKZCulGXD5TUpf3AyG7ipWU/kID46Csp
 
198
0V08DPpFHnuw/N6+qNo5iSnhN9U1XMLjYT5d1HvKur26r2vWbmUTSJ1qIluHL2fT
 
199
R1pKYYLuoff4MIjZ01Hawq72jjor+dLBmMWveHpq4XNp+vQ4x8aFnY9ozufon0nM
 
200
uRSJRlQjDNB274tvUbmDFP+nzNbqF1nBTZ6FTdH/iKVNbytiYF7Hbat8GWVZqY1u
 
201
CZr7BklpIVWlk62ll0psMIPVyANi7YT332LLqYmBBADJKTx2dariG/kWU2W/9VEO
 
202
2VZpqsqazAxOoFEIOpcOlByhhyw5g0IKu0UyzHkhoCje0cWxpdSBFG432b8zL0AT
 
203
Z0RycfUG7Sgp9CpY1h8Cc/HbBa8xo1fSM7zplPQrHBqUzlVVBq6HOkUq+7qsPFWc
 
204
RRie95VsDmIMKQKPJHeYHQQA3EYGit+QHV0dccAInghEsf/mq8Gfnvo6HPYhWcDC
 
205
DTM39NhNlnl1WkTFCd2TWc+TWQ4KlRsh6bMjUpNa2qjrUl90fLekbogcxxMhcwa6
 
206
xgzEANZfwqdY0u3aB/CyZ6odfThwcAoeqoMpw34CfeKEroubpi2n8wKByrN2MQXJ
 
207
4vEEAJbXZOqgAcFAFBUVb5mVT0s2lJMagZFPdhRJz2bttz01s/B8aca6CrDpFRjT
 
208
03zRFUZjwDYqZDWBC181dCE9yla4OkWd5QyRKSS2EE02KEYqRzT0RngQn7s4AW2r
 
209
326up3Jhleln3hgD4Kk3V3KHmyK8zqZA0qWzry4Vl2jjkbnAPB2JAR8EGAECAAkF
 
210
Ak343IgCGwwACgkQh2gbHuMIDkWtHwgA2c4Xc9SPVNtFzBXpGhaYewVAes+YzyiB
 
211
eJrUuy+MTWIRagL6a68qHo7J1/3STpmyVLut0OenarNhjxb9OIOTE/5++xniYyLV
 
212
jQX7e3LWPNaFyycHZWslKJq/EReTS0o+s2/gRQZYbrAewL1MGPfsh/6eszKKb3hU
 
213
e8jR4eZfzIyU3g7cd+aAP0Jsl1TG54/d7fU4hi7CH/oXsYgjxM0RUdT/y+H+ZBwL
 
214
Gmk1tz5uh9/6Qiyhr9MAwvC0mhKtfWdebQre9l49EuciCbBXN2Q4iRpElQba1JAW
 
215
+R+G+0QuGeQvmXgw7TCtR2zRRZHBrd3uP8/YTGupd2UuYTOuJ9bIRA==
 
216
=LXn0
 
217
-----END PGP PRIVATE KEY BLOCK-----
 
218
""")
 
219
 
 
220
        revoked_key = BytesIO(b"""-----BEGIN PGP PUBLIC KEY BLOCK-----
 
221
Version: GnuPG v1.4.11 (GNU/Linux)
 
222
 
 
223
mI0ETjlW5gEEAOb/6P+TVM59E897wRtatxys2BhsHCXM4T7xjIiANfDwejDdifqh
 
224
tluTfSJLLxPembtrrEjux1C0AJgc+f0MIfsc3Pr3eFJzKB2ot/1IVG1/1KnA0zt3
 
225
W2xPT3lRib27WJ9Fag+dMtQaIzgJ7/n2DFxsFZ33FD2kxrEXB2exGg6FABEBAAGI
 
226
pgQgAQIAEAUCTjlXkAkdAHJldm9rZWQACgkQjs6dvEpb0cQPHAP/Wi9rbx0e+1Sf
 
227
ziGgyVdr3m3A6uvze5oXKVgFRbGRUYSH4/I8GW0W9x4TcRg9h+YaQ8NUdADr9kNE
 
228
tKAljLqYA5qdqSfYuaij1M++Xj+KUZ359R74sHuQqwnRy1XXQNfRs/QpXA7vLdds
 
229
rjg+pbWuXO92TZJUdnqtWW+VEyZBsPy0G3Rlc3Qga2V5IDx0ZXN0QGV4YW1wbGUu
 
230
Y29tPoi4BBMBAgAiBQJOOVbmAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAK
 
231
CRCOzp28SlvRxNWzA/42WVmI0b+6mF/imEOlY1TiyvrcpK250rkSDsCtL4lOwy7G
 
232
antZhpgNfnXRd/ySfsS3EB6dpOWgOSxGRvWQhA+vxBT9BYNk49qd3JIrSaSWpR12
 
233
rET8qO1rEQQFWsw03CxTGujxGlmEO+a1yguRXp2UWaY7FngcQmD+8q7BUIVm7riN
 
234
BE45VuYBBADTEH2jHTjNCc5CMOhea6EJTrkx3upcEqB2oyhWeSWJiBGOxlcddsjo
 
235
3J3/EmBB8kK1hM9TidD3SG64x1N287lg8ELJBlKv+pQVyxohGJ1u/THgpTDMMQcL
 
236
luG5rAHQGSfyzKTiOnaTyBYg3M/nzgUOU9dKEFB0EA3tjUXFOT+r3wARAQABiJ8E
 
237
GAECAAkFAk45VuYCGwwACgkQjs6dvEpb0cRSLQP/fzCWX2lXwlwWiVF8BOPF7o9z
 
238
icHErc7/X17RGb4qj1kVf+UkRdUWJrbEVh4h6MncBIuA70WsYogiw+Kz/0LCtQAR
 
239
YUJsPy/EL++OKPH1aFasOdTxwkTka85+RdYqhP1+z/aYLFMWq6mRFI+o6x2k5mGi
 
240
7dMv2kKTJPoXUpiXJbg=
 
241
=hLYO
 
242
-----END PGP PUBLIC KEY BLOCK-----
 
243
""")
 
244
 
 
245
        expired_key = BytesIO(b"""-----BEGIN PGP PUBLIC KEY BLOCK-----
 
246
Version: GnuPG v1.4.11 (GNU/Linux)
 
247
 
 
248
mI0ETjZ6PAEEALkR4GcFQidCCxV7pgQwQd5MZua0YO2l92fVqHX+PhnZ6egCLKdD
 
249
2bWlMUd6MLPF3FlRL7BBAxvW/DazkBOp7ljsnpMpptEzY49Uem1irYLYiVb9zK96
 
250
0sQZzFxFkfEYetQEXC68mIck8tbySOX5NAOw++3jFm3J7dsU1R3XtYzRABEBAAG0
 
251
G3Rlc3Qga2V5IDx0ZXN0QGV4YW1wbGUuY29tPoi+BBMBAgAoBQJONno8AhsDBQkA
 
252
AVGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAc4m97T40VEz+DA/9PBphG
 
253
Yp9cHVaHSfTUKGTGgIbvRe60sFNpDCYZeAGDrygOMuI8MNzbVpwefRBFHVPx7jWd
 
254
rrYMsLkcsNUS9D0baU+0D/qp7JVg7ZSQtG0O6IG4eTZhibteY1fu0+unlXmg9NHx
 
255
5VvhwzBiJDYji00M2p/CZEMiYFUuy76CsxUpN7iNBE42ejwBBACkv2/mX7IPQg0C
 
256
A3KSrJsJv+sdvKm4b4xuI4OwagwTIVz4KlTqV4IBrVjSBfwyMXucXz0bTW85qjgA
 
257
+n67td8vyjYYZUEz1uY9lSquQQDnAN0txL3cLHZXWiWOkmzZVddQtlflK2a/J9o0
 
258
QkHPVUm+hc4l64dIzStrNl2S66fAvQARAQABiKUEGAECAA8FAk42ejwCGwwFCQAB
 
259
UYAACgkQHOJve0+NFROEYQP/epg+o8iBs31hkSERyZjrRR66LpywezWj30Rn/3mX
 
260
Fzi9HkF4xLemWOzdNt9C5PYrOep85PQg8haEjknxVjZFS0ikT1h3OWk/TF1ZrLVm
 
261
WzyX8DaHQEjKpLJJjXcAbTiZBNMk0QaVC9RvIeHpCf3n3DC49DdjsPJRMKOn8KDi
 
262
kRk=
 
263
=p0gt
 
264
-----END PGP PUBLIC KEY BLOCK-----
 
265
""")
 
266
        context.import_(key)
 
267
        context.import_(secret_key)
 
268
        context.import_(revoked_key)
 
269
        context.import_(expired_key)
 
270
 
 
271
    def test_verify_untrusted_but_accepted(self):
 
272
        #untrusted by gpg but listed as acceptable_keys by user
 
273
        self.requireFeature(features.gpgme)
 
274
        self.import_keys()
 
275
 
 
276
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
277
Hash: SHA1
 
278
 
 
279
bazaar-ng testament short form 1
 
280
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
281
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
282
-----BEGIN PGP SIGNATURE-----
 
283
Version: GnuPG v1.4.11 (GNU/Linux)
 
284
 
 
285
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
286
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
287
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
288
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
289
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
290
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
291
=iwsn
 
292
-----END PGP SIGNATURE-----
 
293
"""
 
294
        plain = """bazaar-ng testament short form 1
 
295
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
296
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
297
"""
 
298
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
299
        my_gpg.set_acceptable_keys("bazaar@example.com")
 
300
        self.assertEqual((gpg.SIGNATURE_VALID, None), my_gpg.verify(content,
 
301
                            plain))
 
302
 
 
303
    def test_verify_unacceptable_key(self):
 
304
        self.requireFeature(features.gpgme)
 
305
        self.import_keys()
 
306
 
 
307
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
308
Hash: SHA1
 
309
 
 
310
bazaar-ng testament short form 1
 
311
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
312
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
313
-----BEGIN PGP SIGNATURE-----
 
314
Version: GnuPG v1.4.11 (GNU/Linux)
 
315
 
 
316
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
317
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
318
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
319
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
320
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
321
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
322
=iwsn
 
323
-----END PGP SIGNATURE-----
 
324
"""
 
325
        plain = """bazaar-ng testament short form 1
 
326
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
327
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
328
"""
 
329
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
330
        my_gpg.set_acceptable_keys("foo@example.com")
 
331
        self.assertEqual((gpg.SIGNATURE_KEY_MISSING, u'E3080E45'),
 
332
                         my_gpg.verify(content, plain))
 
333
 
 
334
    def test_verify_valid_but_untrusted(self):
 
335
        self.requireFeature(features.gpgme)
 
336
        self.import_keys()
 
337
 
 
338
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
339
Hash: SHA1
 
340
 
 
341
bazaar-ng testament short form 1
 
342
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
343
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
344
-----BEGIN PGP SIGNATURE-----
 
345
Version: GnuPG v1.4.11 (GNU/Linux)
 
346
 
 
347
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
348
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
349
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
350
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
351
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
352
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
353
=iwsn
 
354
-----END PGP SIGNATURE-----
 
355
"""
 
356
        plain = """bazaar-ng testament short form 1
 
357
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
358
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
359
"""
 
360
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
361
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
 
362
                            plain))
 
363
 
 
364
    def test_verify_bad_testament(self):
 
365
        self.requireFeature(features.gpgme)
 
366
        self.import_keys()
 
367
 
 
368
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
369
Hash: SHA1
 
370
 
 
371
bazaar-ng testament short form 1
 
372
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
373
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
374
-----BEGIN PGP SIGNATURE-----
 
375
Version: GnuPG v1.4.11 (GNU/Linux)
 
376
 
 
377
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
378
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
379
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
380
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
381
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
382
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
383
=iwsn
 
384
-----END PGP SIGNATURE-----
 
385
"""
 
386
        plain = """bazaar-ng testament short form 1
 
387
revision-id: doctor@example.com-20110527185938-hluafawphszb8dl1
 
388
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
389
"""
 
390
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
391
        my_gpg.set_acceptable_keys("bazaar@example.com")
 
392
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
 
393
                            plain))
 
394
 
 
395
 
 
396
    def test_verify_revoked_signature(self):
 
397
        self.requireFeature(features.gpgme)
 
398
        self.import_keys()
 
399
 
 
400
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
401
Hash: SHA1
 
402
 
 
403
asdf
 
404
-----BEGIN PGP SIGNATURE-----
 
405
Version: GnuPG v1.4.11 (GNU/Linux)
 
406
 
 
407
iJwEAQECAAYFAk45V18ACgkQjs6dvEpb0cSIZQP/eOGTXGPlrNwvDkcX2d8O///I
 
408
ecB4sUIUEpv1XAk1MkNu58lsjjK72lRaLusEGqd7HwrFmpxVeVs0oWLg23PNPCFs
 
409
yJBID9ma+VxFVPtkEFnrc1R72sBJLfBcTxMkwVTC8eeznjdtn+cg+aLkxbPdrGnr
 
410
JFA6kUIJU2w9LU/b88Y=
 
411
=UuRX
 
412
-----END PGP SIGNATURE-----
 
413
"""
 
414
        plain = """asdf\n"""
 
415
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
416
        my_gpg.set_acceptable_keys("test@example.com")
 
417
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
 
418
                            plain))
 
419
 
 
420
    def test_verify_invalid(self):
 
421
        self.requireFeature(features.gpgme)
 
422
        self.import_keys()
 
423
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
424
Hash: SHA1
 
425
 
 
426
bazaar-ng testament short form 1
 
427
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
428
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
429
-----BEGIN PGP SIGNATURE-----
 
430
Version: GnuPG v1.4.11 (GNU/Linux)
 
431
 
 
432
iEYEARECAAYFAk33gYsACgkQpQbm1N1NUIhiDACglOuQDlnSF4NxfHSkN/zrmFy8
 
433
nswAoNGXAVuR9ONasAKIGBNUE0b+lols
 
434
=SOuC
 
435
-----END PGP SIGNATURE-----
 
436
"""
 
437
        plain = """bazaar-ng testament short form 1
 
438
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
439
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
440
"""
 
441
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
442
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None),
 
443
                            my_gpg.verify(content, plain))
 
444
 
 
445
    def test_verify_expired_but_valid(self):
 
446
        self.requireFeature(features.gpgme)
 
447
        self.import_keys()
 
448
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
449
Hash: SHA1
 
450
 
 
451
bazaar-ng testament short form 1
 
452
revision-id: test@example.com-20110801100657-f1dr1nompeex723z
 
453
sha1: 59ab434be4c2d5d646dee84f514aa09e1b72feeb
 
454
-----BEGIN PGP SIGNATURE-----
 
455
Version: GnuPG v1.4.10 (GNU/Linux)
 
456
 
 
457
iJwEAQECAAYFAk42esUACgkQHOJve0+NFRPc5wP7BoZkzBU8JaHMLv/LmqLr0sUz
 
458
zuE51ofZZ19L7KVtQWsOi4jFy0fi4A5TFwO8u9SOfoREGvkw292Uty9subSouK5/
 
459
mFmDOYPQ+O83zWgYZsBmMJWYDZ+X9I6XXZSbPtV/7XyTjaxtl5uRnDVJjg+AzKvD
 
460
dTp8VatVVrwuvzOPDVc=
 
461
=uHen
 
462
-----END PGP SIGNATURE-----
 
463
"""
 
464
        plain = """bazaar-ng testament short form 1
 
465
revision-id: test@example.com-20110801100657-f1dr1nompeex723z
 
466
sha1: 59ab434be4c2d5d646dee84f514aa09e1b72feeb
 
467
"""
 
468
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
469
        self.assertEqual((gpg.SIGNATURE_EXPIRED, u'4F8D1513'),
 
470
                            my_gpg.verify(content, plain))
 
471
 
 
472
    def test_verify_unknown_key(self):
 
473
        self.requireFeature(features.gpgme)
 
474
        self.import_keys()
 
475
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
476
Hash: SHA1
 
477
 
 
478
asdf
 
479
-----BEGIN PGP SIGNATURE-----
 
480
Version: GnuPG v1.4.11 (GNU/Linux)
 
481
 
 
482
iQEcBAEBAgAGBQJOORKwAAoJENf6AkFdUeVvJDYH/1Cz+AJn1Jvy5n64o+0fZ5Ow
 
483
Y7UQb4QQTIOV7jI7n4hv/yBzuHrtImFzYvQl/o2Ezzi8B8L5gZtQy+xCUF+Q8iWs
 
484
gytZ5JUtSze7hDZo1NUl4etjoRGYqRfrUcvE2LkVH2dFbDGyyQfVmoeSHa5akuuP
 
485
QZmyg2F983rACVIpGvsqTH6RcBdvE9vx68lugeKQA8ArDn39/74FBFipFzrXSPij
 
486
eKFpl+yZmIb3g6HkPIC8o4j/tMvc37xF1OG5sBu8FT0+FC+VgY7vAblneDftAbyP
 
487
sIODx4WcfJtjLG/qkRYqJ4gDHo0eMpTJSk2CWebajdm4b+JBrM1F9mgKuZFLruE=
 
488
=RNR5
 
489
-----END PGP SIGNATURE-----
 
490
"""
 
491
        plain = "asdf\n"
 
492
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
493
        self.assertEqual((gpg.SIGNATURE_KEY_MISSING, u'5D51E56F'),
 
494
                            my_gpg.verify(content, plain))
 
495
 
 
496
    def test_set_acceptable_keys(self):
 
497
        self.requireFeature(features.gpgme)
 
498
        self.import_keys()
 
499
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
500
        my_gpg.set_acceptable_keys("bazaar@example.com")
 
501
        self.assertEqual(my_gpg.acceptable_keys,
 
502
                         [u'B5DEED5FCB15DAE6ECEF919587681B1EE3080E45'])
 
503
 
 
504
    def test_set_acceptable_keys_from_config(self):
 
505
        self.requireFeature(features.gpgme)
 
506
        self.import_keys()
 
507
        my_gpg = gpg.GPGStrategy(FakeConfig(
 
508
                'acceptable_keys=bazaar@example.com'))
 
509
        my_gpg.set_acceptable_keys(None)
 
510
        self.assertEqual(my_gpg.acceptable_keys,
 
511
                         [u'B5DEED5FCB15DAE6ECEF919587681B1EE3080E45'])
 
512
 
 
513
    def test_set_acceptable_keys_unknown(self):
 
514
        self.requireFeature(features.gpgme)
 
515
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
516
        self.notes = []
 
517
        def note(*args):
 
518
            self.notes.append(args[0] % args[1:])
 
519
        self.overrideAttr(trace, 'note', note)
 
520
        my_gpg.set_acceptable_keys("unknown")
 
521
        self.assertEqual(my_gpg.acceptable_keys, [])
 
522
        self.assertEqual(self.notes,
 
523
            ['No GnuPG key results for pattern: unknown'])
 
524
 
 
525
 
89
526
class TestDisabled(TestCase):
90
527
 
91
528
    def test_sign(self):
92
529
        self.assertRaises(errors.SigningFailed,
93
530
                          gpg.DisabledGPGStrategy(None).sign, 'content')
 
531
 
 
532
    def test_verify(self):
 
533
        self.assertRaises(errors.SignatureVerificationFailed,
 
534
                          gpg.DisabledGPGStrategy(None).verify, 'content',
 
535
                          'testament')