/brz/remove-bazaar

To get this branch, use:
bzr branch http://gegoxaren.bato24.eu/bzr/brz/remove-bazaar

« back to all changes in this revision

Viewing changes to breezy/tests/test_gpg.py

  • Committer: Jelmer Vernooij
  • Date: 2018-02-18 21:42:57 UTC
  • mto: This revision was merged to the branch mainline in revision 6859.
  • Revision ID: jelmer@jelmer.uk-20180218214257-jpevutp1wa30tz3v
Update TODO to reference Breezy, not Bazaar.

Show diffs side-by-side

added added

removed removed

Lines of Context:
breezy/tests/test_gpg.py
17
17
 
18
18
"""Tests for signing and verifying blobs of data via gpg."""
19
19
 
20
 
from io import BytesIO
21
 
 
22
20
# import system imports here
23
21
import sys
24
22
 
30
28
    trace,
31
29
    ui,
32
30
    )
 
31
from ..sixish import (
 
32
    BytesIO,
 
33
    )
33
34
from . import (
34
35
    TestCase,
35
36
    features,
40
41
 
41
42
    def __init__(self, content=None):
42
43
        if content is None:
43
 
            content = b'''
 
44
            content = '''
44
45
gpg_signing_key=amy@example.com
45
46
'''
46
47
        super(FakeConfig, self).__init__(content)
195
196
        context.op_import(expired_key)
196
197
 
197
198
    def test_verify_untrusted_but_accepted(self):
198
 
        # untrusted by gpg but listed as acceptable_keys by user
 
199
        #untrusted by gpg but listed as acceptable_keys by user
199
200
        self.requireFeature(features.gpg)
200
201
        self.import_keys()
201
202
 
202
 
        content = b"""-----BEGIN PGP SIGNED MESSAGE-----
 
203
        content = """-----BEGIN PGP SIGNED MESSAGE-----
203
204
Hash: SHA1
204
205
 
205
206
bazaar-ng testament short form 1
217
218
=iwsn
218
219
-----END PGP SIGNATURE-----
219
220
"""
220
 
        plain = b"""bazaar-ng testament short form 1
 
221
        plain = """bazaar-ng testament short form 1
221
222
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
222
223
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
223
224
"""
224
225
        my_gpg = gpg.GPGStrategy(FakeConfig())
225
226
        my_gpg.set_acceptable_keys("bazaar@example.com")
226
 
        self.assertEqual((gpg.SIGNATURE_VALID, None, plain),
227
 
                         my_gpg.verify(content))
 
227
        self.assertEqual((gpg.SIGNATURE_VALID, None), my_gpg.verify(content,
 
228
                            plain))
228
229
 
229
230
    def test_verify_unacceptable_key(self):
230
231
        self.requireFeature(features.gpg)
231
232
        self.import_keys()
232
233
 
233
 
        content = b"""-----BEGIN PGP SIGNED MESSAGE-----
 
234
        content = """-----BEGIN PGP SIGNED MESSAGE-----
234
235
Hash: SHA1
235
236
 
236
237
bazaar-ng testament short form 1
248
249
=iwsn
249
250
-----END PGP SIGNATURE-----
250
251
"""
251
 
        plain = b"""bazaar-ng testament short form 1
 
252
        plain = """bazaar-ng testament short form 1
252
253
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
253
254
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
254
255
"""
255
256
        my_gpg = gpg.GPGStrategy(FakeConfig())
256
257
        my_gpg.set_acceptable_keys("foo@example.com")
257
 
        self.assertEqual((gpg.SIGNATURE_KEY_MISSING, u'E3080E45', plain),
258
 
                         my_gpg.verify(content))
 
258
        self.assertEqual((gpg.SIGNATURE_KEY_MISSING, u'E3080E45'),
 
259
                         my_gpg.verify(content, plain))
259
260
 
260
261
    def test_verify_valid_but_untrusted(self):
261
262
        self.requireFeature(features.gpg)
262
263
        self.import_keys()
263
264
 
264
 
        content = b"""-----BEGIN PGP SIGNED MESSAGE-----
265
 
Hash: SHA1
266
 
 
267
 
bazaar-ng testament short form 1
268
 
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
269
 
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
270
 
-----BEGIN PGP SIGNATURE-----
271
 
Version: GnuPG v1.4.11 (GNU/Linux)
272
 
 
273
 
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
274
 
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
275
 
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
276
 
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
277
 
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
278
 
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
279
 
=iwsn
280
 
-----END PGP SIGNATURE-----
281
 
"""
282
 
        plain = b"""bazaar-ng testament short form 1
283
 
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
284
 
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
285
 
"""
286
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
287
 
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None,
288
 
                          plain), my_gpg.verify(content))
 
265
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
266
Hash: SHA1
 
267
 
 
268
bazaar-ng testament short form 1
 
269
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
270
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
271
-----BEGIN PGP SIGNATURE-----
 
272
Version: GnuPG v1.4.11 (GNU/Linux)
 
273
 
 
274
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
275
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
276
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
277
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
278
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
279
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
280
=iwsn
 
281
-----END PGP SIGNATURE-----
 
282
"""
 
283
        plain = """bazaar-ng testament short form 1
 
284
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
285
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
286
"""
 
287
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
288
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
 
289
                            plain))
 
290
 
 
291
    def test_verify_bad_testament(self):
 
292
        self.requireFeature(features.gpg)
 
293
        self.import_keys()
 
294
 
 
295
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
296
Hash: SHA1
 
297
 
 
298
bazaar-ng testament short form 1
 
299
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
300
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
301
-----BEGIN PGP SIGNATURE-----
 
302
Version: GnuPG v1.4.11 (GNU/Linux)
 
303
 
 
304
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
305
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
306
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
307
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
308
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
309
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
310
=iwsn
 
311
-----END PGP SIGNATURE-----
 
312
"""
 
313
        plain = """bazaar-ng testament short form 1
 
314
revision-id: doctor@example.com-20110527185938-hluafawphszb8dl1
 
315
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
316
"""
 
317
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
318
        my_gpg.set_acceptable_keys("bazaar@example.com")
 
319
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
 
320
                            plain))
 
321
 
289
322
 
290
323
    def test_verify_revoked_signature(self):
291
324
        self.requireFeature(features.gpg)
292
325
        self.import_keys()
293
326
 
294
 
        content = b"""-----BEGIN PGP SIGNED MESSAGE-----
 
327
        content = """-----BEGIN PGP SIGNED MESSAGE-----
295
328
Hash: SHA1
296
329
 
297
330
asdf
305
338
=UuRX
306
339
-----END PGP SIGNATURE-----
307
340
"""
308
 
        plain = b"""asdf\n"""
 
341
        plain = """asdf\n"""
309
342
        my_gpg = gpg.GPGStrategy(FakeConfig())
310
343
        my_gpg.set_acceptable_keys("test@example.com")
311
 
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None, None),
312
 
                         my_gpg.verify(content))
 
344
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
 
345
                            plain))
313
346
 
314
347
    def test_verify_invalid(self):
315
348
        self.requireFeature(features.gpg)
316
349
        self.import_keys()
317
 
        content = b"""-----BEGIN PGP SIGNED MESSAGE-----
 
350
        content = """-----BEGIN PGP SIGNED MESSAGE-----
318
351
Hash: SHA1
319
352
 
320
353
bazaar-ng testament short form 1
328
361
=SOuC
329
362
-----END PGP SIGNATURE-----
330
363
"""
331
 
        plain = b"""bazaar-ng testament short form 1
 
364
        plain = """bazaar-ng testament short form 1
332
365
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
333
366
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
334
367
"""
335
368
        my_gpg = gpg.GPGStrategy(FakeConfig())
336
 
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None, plain),
337
 
                         my_gpg.verify(content))
 
369
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None),
 
370
                            my_gpg.verify(content, plain))
338
371
 
339
372
    def test_verify_expired_but_valid(self):
340
373
        self.requireFeature(features.gpg)
341
374
        self.import_keys()
342
 
        content = b"""-----BEGIN PGP SIGNED MESSAGE-----
 
375
        content = """-----BEGIN PGP SIGNED MESSAGE-----
343
376
Hash: SHA1
344
 
 
 
377
 
345
378
bazaar-ng testament short form 1
346
379
revision-id: test@example.com-20110801100657-f1dr1nompeex723z
347
380
sha1: 59ab434be4c2d5d646dee84f514aa09e1b72feeb
348
381
-----BEGIN PGP SIGNATURE-----
349
382
Version: GnuPG v1.4.10 (GNU/Linux)
350
 
 
 
383
 
351
384
iJwEAQECAAYFAk42esUACgkQHOJve0+NFRPc5wP7BoZkzBU8JaHMLv/LmqLr0sUz
352
385
zuE51ofZZ19L7KVtQWsOi4jFy0fi4A5TFwO8u9SOfoREGvkw292Uty9subSouK5/
353
386
mFmDOYPQ+O83zWgYZsBmMJWYDZ+X9I6XXZSbPtV/7XyTjaxtl5uRnDVJjg+AzKvD
355
388
=uHen
356
389
-----END PGP SIGNATURE-----
357
390
"""
 
391
        plain = """bazaar-ng testament short form 1
 
392
revision-id: test@example.com-20110801100657-f1dr1nompeex723z
 
393
sha1: 59ab434be4c2d5d646dee84f514aa09e1b72feeb
 
394
"""
358
395
        my_gpg = gpg.GPGStrategy(FakeConfig())
359
 
        self.assertEqual((gpg.SIGNATURE_EXPIRED, u'4F8D1513', None),
360
 
                         my_gpg.verify(content))
 
396
        self.assertEqual((gpg.SIGNATURE_EXPIRED, u'4F8D1513'),
 
397
                            my_gpg.verify(content, plain))
361
398
 
362
399
    def test_verify_unknown_key(self):
363
400
        self.requireFeature(features.gpg)
364
401
        self.import_keys()
365
 
        content = b"""-----BEGIN PGP SIGNED MESSAGE-----
 
402
        content = """-----BEGIN PGP SIGNED MESSAGE-----
366
403
Hash: SHA1
367
404
 
368
405
asdf
378
415
=RNR5
379
416
-----END PGP SIGNATURE-----
380
417
"""
 
418
        plain = "asdf\n"
381
419
        my_gpg = gpg.GPGStrategy(FakeConfig())
382
 
        self.assertEqual((gpg.SIGNATURE_KEY_MISSING, u'5D51E56F', None),
383
 
                         my_gpg.verify(content))
 
420
        self.assertEqual((gpg.SIGNATURE_KEY_MISSING, u'5D51E56F'),
 
421
                            my_gpg.verify(content, plain))
384
422
 
385
423
    def test_set_acceptable_keys(self):
386
424
        self.requireFeature(features.gpg)
394
432
        self.requireFeature(features.gpg)
395
433
        self.import_keys()
396
434
        my_gpg = gpg.GPGStrategy(FakeConfig(
397
 
            b'acceptable_keys=bazaar@example.com'))
 
435
                'acceptable_keys=bazaar@example.com'))
398
436
        my_gpg.set_acceptable_keys(None)
399
437
        self.assertEqual(my_gpg.acceptable_keys,
400
438
                         [u'B5DEED5FCB15DAE6ECEF919587681B1EE3080E45'])
403
441
        self.requireFeature(features.gpg)
404
442
        my_gpg = gpg.GPGStrategy(FakeConfig())
405
443
        self.notes = []
406
 
 
407
444
        def note(*args):
408
445
            self.notes.append(args[0] % args[1:])
409
446
        self.overrideAttr(trace, 'note', note)
410
447
        my_gpg.set_acceptable_keys("unknown")
411
448
        self.assertEqual(my_gpg.acceptable_keys, [])
412
449
        self.assertEqual(self.notes,
413
 
                         ['No GnuPG key results for pattern: unknown'])
 
450
            ['No GnuPG key results for pattern: unknown'])
414
451
 
415
452
 
416
453
class TestDisabled(TestCase):
417
454
 
418
455
    def test_sign(self):
419
456
        self.assertRaises(gpg.SigningFailed,
420
 
                          gpg.DisabledGPGStrategy(None).sign, b'content', gpg.MODE_CLEAR)
 
457
                          gpg.DisabledGPGStrategy(None).sign, 'content')
421
458
 
422
459
    def test_verify(self):
423
460
        self.assertRaises(gpg.SignatureVerificationFailed,
424
 
                          gpg.DisabledGPGStrategy(None).verify, b'content')
 
461
                          gpg.DisabledGPGStrategy(None).verify, 'content',
 
462
                          'testament')