~bzr-pqm/bzr/bzr.dev

« back to all changes in this revision

Viewing changes to bzrlib/tests/test_gpg.py

Merge bzr.dev into cleanup resolving conflicts

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
# Copyright (C) 2005, 2006, 2007, 2009, 2011 Canonical Ltd
 
1
# Copyright (C) 2005 Canonical Ltd
2
2
#   Authors: Robert Collins <robert.collins@canonical.com>
3
3
#
4
4
# This program is free software; you can redistribute it and/or modify
18
18
"""Tests for signing and verifying blobs of data via gpg."""
19
19
 
20
20
# import system imports here
 
21
import os
21
22
import sys
22
23
 
23
 
from bzrlib import (
24
 
    config,
25
 
    errors,
26
 
    gpg,
27
 
    tests,
28
 
    trace,
29
 
    ui,
30
 
    )
31
 
from bzrlib.tests import (
32
 
    TestCase,
33
 
    features,
34
 
    )
35
 
 
36
 
 
37
 
class FakeConfig(config.MemoryStack):
38
 
 
39
 
    def __init__(self, content=None):
40
 
        if content is None:
41
 
            content = '''
42
 
gpg_signing_key=amy@example.com
43
 
gpg_signing_command=false'''
44
 
        super(FakeConfig, self).__init__(content)
45
 
 
46
 
 
47
 
class TestCommandLine(tests.TestCase):
48
 
 
49
 
    def setUp(self):
50
 
        super(TestCommandLine, self).setUp()
51
 
        self.my_gpg = gpg.GPGStrategy(FakeConfig())
 
24
from bzrlib import errors, ui
 
25
import bzrlib.gpg as gpg
 
26
from bzrlib.tests import TestCase, TestCaseInTempDir
 
27
 
 
28
class FakeConfig(object):
 
29
 
 
30
    def gpg_signing_command(self):
 
31
        return "false"
 
32
 
 
33
 
 
34
class TestCommandLine(TestCase):
52
35
 
53
36
    def test_signing_command_line(self):
54
 
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
55
 
                         self.my_gpg._command_line())
56
 
 
57
 
    def test_signing_command_line_from_default(self):
58
 
        # Using 'default' for gpg_signing_key will use the mail part of 'email'
59
 
        my_gpg = gpg.GPGStrategy(FakeConfig('''
60
 
email=Amy <amy@example.com>
61
 
gpg_signing_key=default
62
 
gpg_signing_command=false'''))
63
 
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
64
 
                         my_gpg._command_line())
65
 
 
66
 
    def test_signing_command_line_from_email(self):
67
 
        # Not setting gpg_signing_key will use the mail part of 'email'
68
 
        my_gpg = gpg.GPGStrategy(FakeConfig('''
69
 
email=Amy <amy@example.com>
70
 
gpg_signing_command=false'''))
71
 
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
 
37
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
38
        self.assertEqual(['false',  '--clearsign'],
72
39
                         my_gpg._command_line())
73
40
 
74
41
    def test_checks_return_code(self):
75
42
        # This test needs a unix like platform - one with 'false' to run.
76
43
        # if you have one, please make this work :)
77
 
        self.assertRaises(errors.SigningFailed, self.my_gpg.sign, 'content')
 
44
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
45
        self.assertRaises(errors.SigningFailed, my_gpg.sign, 'content')
78
46
 
79
47
    def assertProduces(self, content):
80
48
        # This needs a 'cat' command or similar to work.
 
49
        my_gpg = gpg.GPGStrategy(FakeConfig())
81
50
        if sys.platform == 'win32':
82
51
            # Windows doesn't come with cat, and we don't require it
83
52
            # so lets try using python instead.
84
53
            # But stupid windows and line-ending conversions.
85
54
            # It is too much work to make sys.stdout be in binary mode.
86
55
            # http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/65443
87
 
            self.my_gpg._command_line = lambda:[sys.executable, '-c',
 
56
            my_gpg._command_line = lambda:[sys.executable, '-c',
88
57
                    'import sys; sys.stdout.write(sys.stdin.read())']
89
58
            new_content = content.replace('\n', '\r\n')
90
59
 
91
 
            self.assertEqual(new_content, self.my_gpg.sign(content))
 
60
            self.assertEqual(new_content, my_gpg.sign(content))
92
61
        else:
93
 
            self.my_gpg._command_line = lambda:['cat', '-']
94
 
            self.assertEqual(content, self.my_gpg.sign(content))
 
62
            my_gpg._command_line = lambda:['cat', '-']
 
63
            self.assertEqual(content, my_gpg.sign(content))
95
64
 
96
65
    def test_returns_output(self):
97
66
        content = "some content\nwith newlines\n"
117
86
                          self.assertProduces, u'foo')
118
87
 
119
88
 
120
 
class TestVerify(TestCase):
121
 
 
122
 
    def import_keys(self):
123
 
        from StringIO import StringIO
124
 
        import gpgme
125
 
        context = gpgme.Context()
126
 
 
127
 
        key = StringIO("""-----BEGIN PGP PUBLIC KEY BLOCK-----
128
 
Version: GnuPG v1.4.11 (GNU/Linux)
129
 
 
130
 
mQENBE343IgBCADwzPW7kmKb2bjB+UU+1ER/ABMZspvtoZMPusUw7bk6coXHF/0W
131
 
u1K/hSYeX9xaGOfOQw41r/g13MoR9dsL6L84RLiisf38rRoBZt+d5bCbZA5Xo801
132
 
2PeoBoGo6u5oOYKAFLMvrUitPiiE0IT/oQTfC4YUrLN4A+9W0QZruPGIpIXwmZXr
133
 
L0zsqYfNqIN0ompeJenVpKpvm3loJ/zfK7R3EJ3hsv6nkUmWCFsP1Pw3UV1YuCmw
134
 
Mkdn1U7DaOql1WjXgj9ABQDJrun2TGsqrSRzBODtHKA/uOX0K3VfKBU8VZo3dXUm
135
 
1Q4ZeZC39L9qJGTH8TQYlwBLe1yAOp+vx7QJABEBAAG0JEJhemFhciBUZXN0IEtl
136
 
eSA8YmF6YWFyQGV4YW1wbGUuY29tPokBOAQTAQIAIgUCTfjciAIbAwYLCQgHAwIG
137
 
FQgCCQoLBBYCAwECHgECF4AACgkQh2gbHuMIDkWJUggAwj537fH6WW+GGLA5onys
138
 
2hZmXUq/tU+L92bjQoRY4fmsQpk/FUVPUf+NQ0v1gkxx4BTfyYewaj5G6L8cvqW2
139
 
jj7UiJd8z9gTRxWTnYwfR/w5PGmxfJsBfEUKWsccrPQdOXAhwu0fjYIVk4nqgswa
140
 
IOAZIwe5Vsfs36uSS7p8RQHAZXLXtTOn3KcXHaxu83w6nc4zkWRovGJ9isBN3haO
141
 
2qEa0mYiAfDpz40CGtb8N/TQHF3Xcw8rJcxpg6RF3jMtWQnzbVJFp13it00R3LqW
142
 
o/r3RII3Ii3z2yARlg6D+5hVOrFBV8jFLkff1R2ZnVu+7WOrnbpmt3OiMkSeZrtB
143
 
OrkBDQRN+NyIAQgArRZ2YGzUj5dXOVIWgZ1/QFpyfx/cG/293WjRE4Wt2e4SxMf2
144
 
V0dcVCqWwT0+a79Wbausv4bStD4SkwDmu0Jf3z5ERzrr7oZwP0PMsIlM5zT6XSsr
145
 
6UUneB3UXX7MrEqVogVhRM0ORIaK/oRwMXr7K6xVT+bCBP3/p66kHtY1ZpfEzTEX
146
 
imBsN3GqoewBHYIneJKBtHE7uzdzw3O5p5dXqoj5foxGi9R1J15vAmt5pI68HJeX
147
 
P6ktvXbX2Iu7VDNoCvRXM9+ntyJtsXCjNXg4pTGHS/XO4nm2db4FUZOBcVMb1vCc
148
 
VtFjLTcbCqJqpoJWUtsLcNqDqMHOQDpe6KTNTQARAQABiQEfBBgBAgAJBQJN+NyI
149
 
AhsMAAoJEIdoGx7jCA5FrR8IANnOF3PUj1TbRcwV6RoWmHsFQHrPmM8ogXia1Lsv
150
 
jE1iEWoC+muvKh6Oydf90k6ZslS7rdDnp2qzYY8W/TiDkxP+fvsZ4mMi1Y0F+3ty
151
 
1jzWhcsnB2VrJSiavxEXk0tKPrNv4EUGWG6wHsC9TBj37If+nrMyim94VHvI0eHm
152
 
X8yMlN4O3HfmgD9CbJdUxueP3e31OIYuwh/6F7GII8TNEVHU/8vh/mQcCxppNbc+
153
 
boff+kIsoa/TAMLwtJoSrX1nXm0K3vZePRLnIgmwVzdkOIkaRJUG2tSQFvkfhvtE
154
 
LhnkL5l4MO0wrUds0UWRwa3d7j/P2ExrqXdlLmEzrifWyEQ=
155
 
=hUJn
156
 
-----END PGP PUBLIC KEY BLOCK-----
157
 
""")
158
 
 
159
 
        secret_key = StringIO("""-----BEGIN PGP PRIVATE KEY BLOCK-----
160
 
Version: GnuPG v1.4.11 (GNU/Linux)
161
 
 
162
 
lQOYBE343IgBCADwzPW7kmKb2bjB+UU+1ER/ABMZspvtoZMPusUw7bk6coXHF/0W
163
 
u1K/hSYeX9xaGOfOQw41r/g13MoR9dsL6L84RLiisf38rRoBZt+d5bCbZA5Xo801
164
 
2PeoBoGo6u5oOYKAFLMvrUitPiiE0IT/oQTfC4YUrLN4A+9W0QZruPGIpIXwmZXr
165
 
L0zsqYfNqIN0ompeJenVpKpvm3loJ/zfK7R3EJ3hsv6nkUmWCFsP1Pw3UV1YuCmw
166
 
Mkdn1U7DaOql1WjXgj9ABQDJrun2TGsqrSRzBODtHKA/uOX0K3VfKBU8VZo3dXUm
167
 
1Q4ZeZC39L9qJGTH8TQYlwBLe1yAOp+vx7QJABEBAAEAB/0RJTbV991SOtVfPQVu
168
 
LM+tD0SiOXJwIBIINlngsFHWVIiBSDb6uF8dneMR70IRnuEFHFyAUXA7PZDxvcSu
169
 
phAqIdKCWxQPkAULAS0o4U2K3ZFGh4uOqvfZ8eSnh1rETFv7Yf3u23K89cZiy99n
170
 
EtWgSqzC/2z5PaZ7/alsYCBqhHuyd4Phaud7qv7FTz8mFrCf+CCY+D08wbnZBu4g
171
 
N9tBwoxT/UKRfv3nghIh9v+3qWfBEFGhrYbt92XKFbHOQeATZz8AGIv1eqN/+ZQY
172
 
oYmvVfO3GkrWaRoPeJNLqSDEn/45O1Uh9MJ4mQclXqB0QzMShle8uusHxIeJSQsR
173
 
z//VBAD11WS7qSgCeiHR+4jDzrrlb2snnA2bfDToEomDxd/n8xm7nJWdkNfJ2BCw
174
 
KvnxYVxjFNAwkKJGRajzALBLzRVO+K9NtSLiddv5zv+UNdgsKuE8tD7Jqxd/IbWw
175
 
AimCtL8osnJ+r9dvL+NyjkAT6l/NdEbLXGrBaMeTfSgl2cBOOwQA+sJIh1R5PiCK
176
 
nLIs9pm3PSy3w92Peelq/x/+0aebTZaJUk2ou3oCvB3druDqrUeaopuuCc0drV7C
177
 
Ldoey8x/T2ZGzmT2af9qNaD6ScTimDodXcJdwlpobhZTKpsE4EyywpLXtlWte1x0
178
 
1Mq3llQsIdRdf3GLS+L207hWgKDiDosD/0SyOBO/IBDteeEzeN2hNE3A8oeVbvRS
179
 
XrS/3uj6oKmlWUBORYP8ptUrXPoVPmNz2y4GO+OysFtfct3Yqb+Sb/52SXMOHTox
180
 
2oLW08tkzfkDArU5aauMEPmyutGyJ+hGo7fsuLXzXR8OPw4yZJdzG1tRlP2TTKmq
181
 
Fx8G/Ik6bN4zTYK0JEJhemFhciBUZXN0IEtleSA8YmF6YWFyQGV4YW1wbGUuY29t
182
 
PokBOAQTAQIAIgUCTfjciAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ
183
 
h2gbHuMIDkWJUggAwj537fH6WW+GGLA5onys2hZmXUq/tU+L92bjQoRY4fmsQpk/
184
 
FUVPUf+NQ0v1gkxx4BTfyYewaj5G6L8cvqW2jj7UiJd8z9gTRxWTnYwfR/w5PGmx
185
 
fJsBfEUKWsccrPQdOXAhwu0fjYIVk4nqgswaIOAZIwe5Vsfs36uSS7p8RQHAZXLX
186
 
tTOn3KcXHaxu83w6nc4zkWRovGJ9isBN3haO2qEa0mYiAfDpz40CGtb8N/TQHF3X
187
 
cw8rJcxpg6RF3jMtWQnzbVJFp13it00R3LqWo/r3RII3Ii3z2yARlg6D+5hVOrFB
188
 
V8jFLkff1R2ZnVu+7WOrnbpmt3OiMkSeZrtBOp0DlwRN+NyIAQgArRZ2YGzUj5dX
189
 
OVIWgZ1/QFpyfx/cG/293WjRE4Wt2e4SxMf2V0dcVCqWwT0+a79Wbausv4bStD4S
190
 
kwDmu0Jf3z5ERzrr7oZwP0PMsIlM5zT6XSsr6UUneB3UXX7MrEqVogVhRM0ORIaK
191
 
/oRwMXr7K6xVT+bCBP3/p66kHtY1ZpfEzTEXimBsN3GqoewBHYIneJKBtHE7uzdz
192
 
w3O5p5dXqoj5foxGi9R1J15vAmt5pI68HJeXP6ktvXbX2Iu7VDNoCvRXM9+ntyJt
193
 
sXCjNXg4pTGHS/XO4nm2db4FUZOBcVMb1vCcVtFjLTcbCqJqpoJWUtsLcNqDqMHO
194
 
QDpe6KTNTQARAQABAAf1EfceUlGLvoA/+yDTNTMjuPfzfKwbB/FOVfX44g3Za1eT
195
 
v7RvSuj4rFYIdE9UvZEei/pqPOSc+hhSsKZCulGXD5TUpf3AyG7ipWU/kID46Csp
196
 
0V08DPpFHnuw/N6+qNo5iSnhN9U1XMLjYT5d1HvKur26r2vWbmUTSJ1qIluHL2fT
197
 
R1pKYYLuoff4MIjZ01Hawq72jjor+dLBmMWveHpq4XNp+vQ4x8aFnY9ozufon0nM
198
 
uRSJRlQjDNB274tvUbmDFP+nzNbqF1nBTZ6FTdH/iKVNbytiYF7Hbat8GWVZqY1u
199
 
CZr7BklpIVWlk62ll0psMIPVyANi7YT332LLqYmBBADJKTx2dariG/kWU2W/9VEO
200
 
2VZpqsqazAxOoFEIOpcOlByhhyw5g0IKu0UyzHkhoCje0cWxpdSBFG432b8zL0AT
201
 
Z0RycfUG7Sgp9CpY1h8Cc/HbBa8xo1fSM7zplPQrHBqUzlVVBq6HOkUq+7qsPFWc
202
 
RRie95VsDmIMKQKPJHeYHQQA3EYGit+QHV0dccAInghEsf/mq8Gfnvo6HPYhWcDC
203
 
DTM39NhNlnl1WkTFCd2TWc+TWQ4KlRsh6bMjUpNa2qjrUl90fLekbogcxxMhcwa6
204
 
xgzEANZfwqdY0u3aB/CyZ6odfThwcAoeqoMpw34CfeKEroubpi2n8wKByrN2MQXJ
205
 
4vEEAJbXZOqgAcFAFBUVb5mVT0s2lJMagZFPdhRJz2bttz01s/B8aca6CrDpFRjT
206
 
03zRFUZjwDYqZDWBC181dCE9yla4OkWd5QyRKSS2EE02KEYqRzT0RngQn7s4AW2r
207
 
326up3Jhleln3hgD4Kk3V3KHmyK8zqZA0qWzry4Vl2jjkbnAPB2JAR8EGAECAAkF
208
 
Ak343IgCGwwACgkQh2gbHuMIDkWtHwgA2c4Xc9SPVNtFzBXpGhaYewVAes+YzyiB
209
 
eJrUuy+MTWIRagL6a68qHo7J1/3STpmyVLut0OenarNhjxb9OIOTE/5++xniYyLV
210
 
jQX7e3LWPNaFyycHZWslKJq/EReTS0o+s2/gRQZYbrAewL1MGPfsh/6eszKKb3hU
211
 
e8jR4eZfzIyU3g7cd+aAP0Jsl1TG54/d7fU4hi7CH/oXsYgjxM0RUdT/y+H+ZBwL
212
 
Gmk1tz5uh9/6Qiyhr9MAwvC0mhKtfWdebQre9l49EuciCbBXN2Q4iRpElQba1JAW
213
 
+R+G+0QuGeQvmXgw7TCtR2zRRZHBrd3uP8/YTGupd2UuYTOuJ9bIRA==
214
 
=LXn0
215
 
-----END PGP PRIVATE KEY BLOCK-----
216
 
""")
217
 
 
218
 
        revoked_key = StringIO("""-----BEGIN PGP PUBLIC KEY BLOCK-----
219
 
Version: GnuPG v1.4.11 (GNU/Linux)
220
 
 
221
 
mI0ETjlW5gEEAOb/6P+TVM59E897wRtatxys2BhsHCXM4T7xjIiANfDwejDdifqh
222
 
tluTfSJLLxPembtrrEjux1C0AJgc+f0MIfsc3Pr3eFJzKB2ot/1IVG1/1KnA0zt3
223
 
W2xPT3lRib27WJ9Fag+dMtQaIzgJ7/n2DFxsFZ33FD2kxrEXB2exGg6FABEBAAGI
224
 
pgQgAQIAEAUCTjlXkAkdAHJldm9rZWQACgkQjs6dvEpb0cQPHAP/Wi9rbx0e+1Sf
225
 
ziGgyVdr3m3A6uvze5oXKVgFRbGRUYSH4/I8GW0W9x4TcRg9h+YaQ8NUdADr9kNE
226
 
tKAljLqYA5qdqSfYuaij1M++Xj+KUZ359R74sHuQqwnRy1XXQNfRs/QpXA7vLdds
227
 
rjg+pbWuXO92TZJUdnqtWW+VEyZBsPy0G3Rlc3Qga2V5IDx0ZXN0QGV4YW1wbGUu
228
 
Y29tPoi4BBMBAgAiBQJOOVbmAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAK
229
 
CRCOzp28SlvRxNWzA/42WVmI0b+6mF/imEOlY1TiyvrcpK250rkSDsCtL4lOwy7G
230
 
antZhpgNfnXRd/ySfsS3EB6dpOWgOSxGRvWQhA+vxBT9BYNk49qd3JIrSaSWpR12
231
 
rET8qO1rEQQFWsw03CxTGujxGlmEO+a1yguRXp2UWaY7FngcQmD+8q7BUIVm7riN
232
 
BE45VuYBBADTEH2jHTjNCc5CMOhea6EJTrkx3upcEqB2oyhWeSWJiBGOxlcddsjo
233
 
3J3/EmBB8kK1hM9TidD3SG64x1N287lg8ELJBlKv+pQVyxohGJ1u/THgpTDMMQcL
234
 
luG5rAHQGSfyzKTiOnaTyBYg3M/nzgUOU9dKEFB0EA3tjUXFOT+r3wARAQABiJ8E
235
 
GAECAAkFAk45VuYCGwwACgkQjs6dvEpb0cRSLQP/fzCWX2lXwlwWiVF8BOPF7o9z
236
 
icHErc7/X17RGb4qj1kVf+UkRdUWJrbEVh4h6MncBIuA70WsYogiw+Kz/0LCtQAR
237
 
YUJsPy/EL++OKPH1aFasOdTxwkTka85+RdYqhP1+z/aYLFMWq6mRFI+o6x2k5mGi
238
 
7dMv2kKTJPoXUpiXJbg=
239
 
=hLYO
240
 
-----END PGP PUBLIC KEY BLOCK-----
241
 
""")
242
 
 
243
 
        expired_key = StringIO("""-----BEGIN PGP PUBLIC KEY BLOCK-----
244
 
Version: GnuPG v1.4.11 (GNU/Linux)
245
 
 
246
 
mI0ETjZ6PAEEALkR4GcFQidCCxV7pgQwQd5MZua0YO2l92fVqHX+PhnZ6egCLKdD
247
 
2bWlMUd6MLPF3FlRL7BBAxvW/DazkBOp7ljsnpMpptEzY49Uem1irYLYiVb9zK96
248
 
0sQZzFxFkfEYetQEXC68mIck8tbySOX5NAOw++3jFm3J7dsU1R3XtYzRABEBAAG0
249
 
G3Rlc3Qga2V5IDx0ZXN0QGV4YW1wbGUuY29tPoi+BBMBAgAoBQJONno8AhsDBQkA
250
 
AVGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAc4m97T40VEz+DA/9PBphG
251
 
Yp9cHVaHSfTUKGTGgIbvRe60sFNpDCYZeAGDrygOMuI8MNzbVpwefRBFHVPx7jWd
252
 
rrYMsLkcsNUS9D0baU+0D/qp7JVg7ZSQtG0O6IG4eTZhibteY1fu0+unlXmg9NHx
253
 
5VvhwzBiJDYji00M2p/CZEMiYFUuy76CsxUpN7iNBE42ejwBBACkv2/mX7IPQg0C
254
 
A3KSrJsJv+sdvKm4b4xuI4OwagwTIVz4KlTqV4IBrVjSBfwyMXucXz0bTW85qjgA
255
 
+n67td8vyjYYZUEz1uY9lSquQQDnAN0txL3cLHZXWiWOkmzZVddQtlflK2a/J9o0
256
 
QkHPVUm+hc4l64dIzStrNl2S66fAvQARAQABiKUEGAECAA8FAk42ejwCGwwFCQAB
257
 
UYAACgkQHOJve0+NFROEYQP/epg+o8iBs31hkSERyZjrRR66LpywezWj30Rn/3mX
258
 
Fzi9HkF4xLemWOzdNt9C5PYrOep85PQg8haEjknxVjZFS0ikT1h3OWk/TF1ZrLVm
259
 
WzyX8DaHQEjKpLJJjXcAbTiZBNMk0QaVC9RvIeHpCf3n3DC49DdjsPJRMKOn8KDi
260
 
kRk=
261
 
=p0gt
262
 
-----END PGP PUBLIC KEY BLOCK-----
263
 
""")
264
 
        context.import_(key)
265
 
        context.import_(secret_key)
266
 
        context.import_(revoked_key)
267
 
        context.import_(expired_key)
268
 
 
269
 
    def test_verify_untrusted_but_accepted(self):
270
 
        #untrusted by gpg but listed as acceptable_keys by user
271
 
        self.requireFeature(features.gpgme)
272
 
        self.import_keys()
273
 
 
274
 
        content = """-----BEGIN PGP SIGNED MESSAGE-----
275
 
Hash: SHA1
276
 
 
277
 
bazaar-ng testament short form 1
278
 
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
279
 
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
280
 
-----BEGIN PGP SIGNATURE-----
281
 
Version: GnuPG v1.4.11 (GNU/Linux)
282
 
 
283
 
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
284
 
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
285
 
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
286
 
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
287
 
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
288
 
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
289
 
=iwsn
290
 
-----END PGP SIGNATURE-----
291
 
"""
292
 
        plain = """bazaar-ng testament short form 1
293
 
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
294
 
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
295
 
"""
296
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
297
 
        my_gpg.set_acceptable_keys("bazaar@example.com")
298
 
        self.assertEqual((gpg.SIGNATURE_VALID, None), my_gpg.verify(content,
299
 
                            plain))
300
 
 
301
 
    def test_verify_unacceptable_key(self):
302
 
        self.requireFeature(features.gpgme)
303
 
        self.import_keys()
304
 
 
305
 
        content = """-----BEGIN PGP SIGNED MESSAGE-----
306
 
Hash: SHA1
307
 
 
308
 
bazaar-ng testament short form 1
309
 
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
310
 
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
311
 
-----BEGIN PGP SIGNATURE-----
312
 
Version: GnuPG v1.4.11 (GNU/Linux)
313
 
 
314
 
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
315
 
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
316
 
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
317
 
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
318
 
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
319
 
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
320
 
=iwsn
321
 
-----END PGP SIGNATURE-----
322
 
"""
323
 
        plain = """bazaar-ng testament short form 1
324
 
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
325
 
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
326
 
"""
327
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
328
 
        my_gpg.set_acceptable_keys("foo@example.com")
329
 
        self.assertEqual((gpg.SIGNATURE_KEY_MISSING, u'E3080E45'),
330
 
                         my_gpg.verify(content, plain))
331
 
 
332
 
    def test_verify_valid_but_untrusted(self):
333
 
        self.requireFeature(features.gpgme)
334
 
        self.import_keys()
335
 
 
336
 
        content = """-----BEGIN PGP SIGNED MESSAGE-----
337
 
Hash: SHA1
338
 
 
339
 
bazaar-ng testament short form 1
340
 
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
341
 
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
342
 
-----BEGIN PGP SIGNATURE-----
343
 
Version: GnuPG v1.4.11 (GNU/Linux)
344
 
 
345
 
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
346
 
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
347
 
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
348
 
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
349
 
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
350
 
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
351
 
=iwsn
352
 
-----END PGP SIGNATURE-----
353
 
"""
354
 
        plain = """bazaar-ng testament short form 1
355
 
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
356
 
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
357
 
"""
358
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
359
 
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
360
 
                            plain))
361
 
 
362
 
    def test_verify_bad_testament(self):
363
 
        self.requireFeature(features.gpgme)
364
 
        self.import_keys()
365
 
 
366
 
        content = """-----BEGIN PGP SIGNED MESSAGE-----
367
 
Hash: SHA1
368
 
 
369
 
bazaar-ng testament short form 1
370
 
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
371
 
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
372
 
-----BEGIN PGP SIGNATURE-----
373
 
Version: GnuPG v1.4.11 (GNU/Linux)
374
 
 
375
 
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
376
 
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
377
 
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
378
 
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
379
 
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
380
 
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
381
 
=iwsn
382
 
-----END PGP SIGNATURE-----
383
 
"""
384
 
        plain = """bazaar-ng testament short form 1
385
 
revision-id: doctor@example.com-20110527185938-hluafawphszb8dl1
386
 
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
387
 
"""
388
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
389
 
        my_gpg.set_acceptable_keys("bazaar@example.com")
390
 
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
391
 
                            plain))
392
 
 
393
 
 
394
 
    def test_verify_revoked_signature(self):
395
 
        self.requireFeature(features.gpgme)
396
 
        self.import_keys()
397
 
 
398
 
        content = """-----BEGIN PGP SIGNED MESSAGE-----
399
 
Hash: SHA1
400
 
 
401
 
asdf
402
 
-----BEGIN PGP SIGNATURE-----
403
 
Version: GnuPG v1.4.11 (GNU/Linux)
404
 
 
405
 
iJwEAQECAAYFAk45V18ACgkQjs6dvEpb0cSIZQP/eOGTXGPlrNwvDkcX2d8O///I
406
 
ecB4sUIUEpv1XAk1MkNu58lsjjK72lRaLusEGqd7HwrFmpxVeVs0oWLg23PNPCFs
407
 
yJBID9ma+VxFVPtkEFnrc1R72sBJLfBcTxMkwVTC8eeznjdtn+cg+aLkxbPdrGnr
408
 
JFA6kUIJU2w9LU/b88Y=
409
 
=UuRX
410
 
-----END PGP SIGNATURE-----
411
 
"""
412
 
        plain = """asdf\n"""
413
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
414
 
        my_gpg.set_acceptable_keys("test@example.com")
415
 
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
416
 
                            plain))
417
 
 
418
 
    def test_verify_invalid(self):
419
 
        self.requireFeature(features.gpgme)
420
 
        self.import_keys()
421
 
        content = """-----BEGIN PGP SIGNED MESSAGE-----
422
 
Hash: SHA1
423
 
 
424
 
bazaar-ng testament short form 1
425
 
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
426
 
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
427
 
-----BEGIN PGP SIGNATURE-----
428
 
Version: GnuPG v1.4.11 (GNU/Linux)
429
 
 
430
 
iEYEARECAAYFAk33gYsACgkQpQbm1N1NUIhiDACglOuQDlnSF4NxfHSkN/zrmFy8
431
 
nswAoNGXAVuR9ONasAKIGBNUE0b+lols
432
 
=SOuC
433
 
-----END PGP SIGNATURE-----
434
 
"""
435
 
        plain = """bazaar-ng testament short form 1
436
 
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
437
 
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
438
 
"""
439
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
440
 
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None),
441
 
                            my_gpg.verify(content, plain))
442
 
 
443
 
    def test_verify_expired_but_valid(self):
444
 
        self.requireFeature(features.gpgme)
445
 
        self.import_keys()
446
 
        content = """-----BEGIN PGP SIGNED MESSAGE-----
447
 
Hash: SHA1
448
 
 
449
 
bazaar-ng testament short form 1
450
 
revision-id: test@example.com-20110801100657-f1dr1nompeex723z
451
 
sha1: 59ab434be4c2d5d646dee84f514aa09e1b72feeb
452
 
-----BEGIN PGP SIGNATURE-----
453
 
Version: GnuPG v1.4.10 (GNU/Linux)
454
 
 
455
 
iJwEAQECAAYFAk42esUACgkQHOJve0+NFRPc5wP7BoZkzBU8JaHMLv/LmqLr0sUz
456
 
zuE51ofZZ19L7KVtQWsOi4jFy0fi4A5TFwO8u9SOfoREGvkw292Uty9subSouK5/
457
 
mFmDOYPQ+O83zWgYZsBmMJWYDZ+X9I6XXZSbPtV/7XyTjaxtl5uRnDVJjg+AzKvD
458
 
dTp8VatVVrwuvzOPDVc=
459
 
=uHen
460
 
-----END PGP SIGNATURE-----
461
 
"""
462
 
        plain = """bazaar-ng testament short form 1
463
 
revision-id: test@example.com-20110801100657-f1dr1nompeex723z
464
 
sha1: 59ab434be4c2d5d646dee84f514aa09e1b72feeb
465
 
"""
466
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
467
 
        self.assertEqual((gpg.SIGNATURE_EXPIRED, u'4F8D1513'),
468
 
                            my_gpg.verify(content, plain))
469
 
 
470
 
    def test_verify_unknown_key(self):
471
 
        self.requireFeature(features.gpgme)
472
 
        self.import_keys()
473
 
        content = """-----BEGIN PGP SIGNED MESSAGE-----
474
 
Hash: SHA1
475
 
 
476
 
asdf
477
 
-----BEGIN PGP SIGNATURE-----
478
 
Version: GnuPG v1.4.11 (GNU/Linux)
479
 
 
480
 
iQEcBAEBAgAGBQJOORKwAAoJENf6AkFdUeVvJDYH/1Cz+AJn1Jvy5n64o+0fZ5Ow
481
 
Y7UQb4QQTIOV7jI7n4hv/yBzuHrtImFzYvQl/o2Ezzi8B8L5gZtQy+xCUF+Q8iWs
482
 
gytZ5JUtSze7hDZo1NUl4etjoRGYqRfrUcvE2LkVH2dFbDGyyQfVmoeSHa5akuuP
483
 
QZmyg2F983rACVIpGvsqTH6RcBdvE9vx68lugeKQA8ArDn39/74FBFipFzrXSPij
484
 
eKFpl+yZmIb3g6HkPIC8o4j/tMvc37xF1OG5sBu8FT0+FC+VgY7vAblneDftAbyP
485
 
sIODx4WcfJtjLG/qkRYqJ4gDHo0eMpTJSk2CWebajdm4b+JBrM1F9mgKuZFLruE=
486
 
=RNR5
487
 
-----END PGP SIGNATURE-----
488
 
"""
489
 
        plain = "asdf\n"
490
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
491
 
        self.assertEqual((gpg.SIGNATURE_KEY_MISSING, u'5D51E56F'),
492
 
                            my_gpg.verify(content, plain))
493
 
 
494
 
    def test_set_acceptable_keys(self):
495
 
        self.requireFeature(features.gpgme)
496
 
        self.import_keys()
497
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
498
 
        my_gpg.set_acceptable_keys("bazaar@example.com")
499
 
        self.assertEqual(my_gpg.acceptable_keys,
500
 
                         [u'B5DEED5FCB15DAE6ECEF919587681B1EE3080E45'])
501
 
 
502
 
    def test_set_acceptable_keys_from_config(self):
503
 
        self.requireFeature(features.gpgme)
504
 
        self.import_keys()
505
 
        my_gpg = gpg.GPGStrategy(FakeConfig(
506
 
                'acceptable_keys=bazaar@example.com'))
507
 
        my_gpg.set_acceptable_keys(None)
508
 
        self.assertEqual(my_gpg.acceptable_keys,
509
 
                         [u'B5DEED5FCB15DAE6ECEF919587681B1EE3080E45'])
510
 
 
511
 
    def test_set_acceptable_keys_unknown(self):
512
 
        self.requireFeature(features.gpgme)
513
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
514
 
        self.notes = []
515
 
        def note(*args):
516
 
            self.notes.append(args[0] % args[1:])
517
 
        self.overrideAttr(trace, 'note', note)
518
 
        my_gpg.set_acceptable_keys("unknown")
519
 
        self.assertEqual(my_gpg.acceptable_keys, [])
520
 
        self.assertEqual(self.notes,
521
 
            ['No GnuPG key results for pattern: unknown'])
522
 
 
523
 
 
524
89
class TestDisabled(TestCase):
525
90
 
526
91
    def test_sign(self):
527
92
        self.assertRaises(errors.SigningFailed,
528
93
                          gpg.DisabledGPGStrategy(None).sign, 'content')
529
 
 
530
 
    def test_verify(self):
531
 
        self.assertRaises(errors.SignatureVerificationFailed,
532
 
                          gpg.DisabledGPGStrategy(None).verify, 'content',
533
 
                          'testament')