← Back to branch summary

~bzr-pqm/bzr/bzr.dev

« back to all changes in this revision

Viewing changes to bzrlib/tests/test_gpg.py

  • Committer: Patch Queue Manager
  • Date: 2011-12-19 00:49:48 UTC
  • mfrom: (6379.2.1 lazy-eol-filters)
  • Revision ID: pqm@pqm.ubuntu.com-20111219004948-irl4u0gumo2a4sni
(jelmer) Lazily load bzrlib.filters.eol. (Jelmer Vernooij)

Show diffs side-by-side

added added

removed removed

Lines of Context:
bzrlib/tests/test_gpg.py
1
 
# Copyright (C) 2005 Canonical Ltd
 
1
# Copyright (C) 2005, 2006, 2007, 2009, 2011 Canonical Ltd
2
2
#   Authors: Robert Collins <robert.collins@canonical.com>
3
3
#
4
4
# This program is free software; you can redistribute it and/or modify
18
18
"""Tests for signing and verifying blobs of data via gpg."""
19
19
 
20
20
# import system imports here
21
 
import os
22
21
import sys
23
22
 
24
 
from bzrlib import errors, ui
25
 
import bzrlib.gpg as gpg
26
 
from bzrlib.tests import TestCase, TestCaseInTempDir
27
 
 
28
 
class FakeConfig(object):
29
 
 
30
 
    def gpg_signing_command(self):
31
 
        return "false"
32
 
 
33
 
 
34
 
class TestCommandLine(TestCase):
 
23
from bzrlib import (
 
24
    config,
 
25
    errors,
 
26
    gpg,
 
27
    tests,
 
28
    trace,
 
29
    ui,
 
30
    )
 
31
from bzrlib.tests import (
 
32
    TestCase,
 
33
    features,
 
34
    )
 
35
 
 
36
 
 
37
class FakeConfig(config.Stack):
 
38
 
 
39
    def __init__(self, content=None):
 
40
        store = config.IniFileStore()
 
41
        if content is None:
 
42
            content = '''
 
43
gpg_signing_key=amy@example.com
 
44
gpg_signing_command=false'''
 
45
        store._load_from_string(content)
 
46
        super(FakeConfig, self).__init__([store.get_sections])
 
47
 
 
48
 
 
49
class TestCommandLine(tests.TestCase):
 
50
 
 
51
    def setUp(self):
 
52
        super(TestCommandLine, self).setUp()
 
53
        self.my_gpg = gpg.GPGStrategy(FakeConfig())
35
54
 
36
55
    def test_signing_command_line(self):
37
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
38
 
        self.assertEqual(['false',  '--clearsign'],
 
56
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
 
57
                         self.my_gpg._command_line())
 
58
 
 
59
    def test_signing_command_line_from_default(self):
 
60
        # Using 'default' for gpg_signing_key will use the mail part of 'email'
 
61
        my_gpg = gpg.GPGStrategy(FakeConfig('''
 
62
email=Amy <amy@example.com>
 
63
gpg_signing_key=default
 
64
gpg_signing_command=false'''))
 
65
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
 
66
                         my_gpg._command_line())
 
67
 
 
68
    def test_signing_command_line_from_email(self):
 
69
        # Not setting gpg_signing_key will use the mail part of 'email'
 
70
        my_gpg = gpg.GPGStrategy(FakeConfig('''
 
71
email=Amy <amy@example.com>
 
72
gpg_signing_command=false'''))
 
73
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
39
74
                         my_gpg._command_line())
40
75
 
41
76
    def test_checks_return_code(self):
42
77
        # This test needs a unix like platform - one with 'false' to run.
43
78
        # if you have one, please make this work :)
44
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
45
 
        self.assertRaises(errors.SigningFailed, my_gpg.sign, 'content')
 
79
        self.assertRaises(errors.SigningFailed, self.my_gpg.sign, 'content')
46
80
 
47
81
    def assertProduces(self, content):
48
82
        # This needs a 'cat' command or similar to work.
49
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
50
83
        if sys.platform == 'win32':
51
84
            # Windows doesn't come with cat, and we don't require it
52
85
            # so lets try using python instead.
53
86
            # But stupid windows and line-ending conversions.
54
87
            # It is too much work to make sys.stdout be in binary mode.
55
88
            # http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/65443
56
 
            my_gpg._command_line = lambda:[sys.executable, '-c',
 
89
            self.my_gpg._command_line = lambda:[sys.executable, '-c',
57
90
                    'import sys; sys.stdout.write(sys.stdin.read())']
58
91
            new_content = content.replace('\n', '\r\n')
59
92
 
60
 
            self.assertEqual(new_content, my_gpg.sign(content))
 
93
            self.assertEqual(new_content, self.my_gpg.sign(content))
61
94
        else:
62
 
            my_gpg._command_line = lambda:['cat', '-']
63
 
            self.assertEqual(content, my_gpg.sign(content))
 
95
            self.my_gpg._command_line = lambda:['cat', '-']
 
96
            self.assertEqual(content, self.my_gpg.sign(content))
64
97
 
65
98
    def test_returns_output(self):
66
99
        content = "some content\nwith newlines\n"
85
118
        self.assertRaises(errors.BzrBadParameterUnicode,
86
119
                          self.assertProduces, u'foo')
87
120
 
 
121
class TestVerify(TestCase):
 
122
 
 
123
    def import_keys(self):
 
124
        from StringIO import StringIO
 
125
        import gpgme
 
126
        context = gpgme.Context()
 
127
 
 
128
        key = StringIO("""-----BEGIN PGP PUBLIC KEY BLOCK-----
 
129
Version: GnuPG v1.4.11 (GNU/Linux)
 
130
 
 
131
mQENBE343IgBCADwzPW7kmKb2bjB+UU+1ER/ABMZspvtoZMPusUw7bk6coXHF/0W
 
132
u1K/hSYeX9xaGOfOQw41r/g13MoR9dsL6L84RLiisf38rRoBZt+d5bCbZA5Xo801
 
133
2PeoBoGo6u5oOYKAFLMvrUitPiiE0IT/oQTfC4YUrLN4A+9W0QZruPGIpIXwmZXr
 
134
L0zsqYfNqIN0ompeJenVpKpvm3loJ/zfK7R3EJ3hsv6nkUmWCFsP1Pw3UV1YuCmw
 
135
Mkdn1U7DaOql1WjXgj9ABQDJrun2TGsqrSRzBODtHKA/uOX0K3VfKBU8VZo3dXUm
 
136
1Q4ZeZC39L9qJGTH8TQYlwBLe1yAOp+vx7QJABEBAAG0JEJhemFhciBUZXN0IEtl
 
137
eSA8YmF6YWFyQGV4YW1wbGUuY29tPokBOAQTAQIAIgUCTfjciAIbAwYLCQgHAwIG
 
138
FQgCCQoLBBYCAwECHgECF4AACgkQh2gbHuMIDkWJUggAwj537fH6WW+GGLA5onys
 
139
2hZmXUq/tU+L92bjQoRY4fmsQpk/FUVPUf+NQ0v1gkxx4BTfyYewaj5G6L8cvqW2
 
140
jj7UiJd8z9gTRxWTnYwfR/w5PGmxfJsBfEUKWsccrPQdOXAhwu0fjYIVk4nqgswa
 
141
IOAZIwe5Vsfs36uSS7p8RQHAZXLXtTOn3KcXHaxu83w6nc4zkWRovGJ9isBN3haO
 
142
2qEa0mYiAfDpz40CGtb8N/TQHF3Xcw8rJcxpg6RF3jMtWQnzbVJFp13it00R3LqW
 
143
o/r3RII3Ii3z2yARlg6D+5hVOrFBV8jFLkff1R2ZnVu+7WOrnbpmt3OiMkSeZrtB
 
144
OrkBDQRN+NyIAQgArRZ2YGzUj5dXOVIWgZ1/QFpyfx/cG/293WjRE4Wt2e4SxMf2
 
145
V0dcVCqWwT0+a79Wbausv4bStD4SkwDmu0Jf3z5ERzrr7oZwP0PMsIlM5zT6XSsr
 
146
6UUneB3UXX7MrEqVogVhRM0ORIaK/oRwMXr7K6xVT+bCBP3/p66kHtY1ZpfEzTEX
 
147
imBsN3GqoewBHYIneJKBtHE7uzdzw3O5p5dXqoj5foxGi9R1J15vAmt5pI68HJeX
 
148
P6ktvXbX2Iu7VDNoCvRXM9+ntyJtsXCjNXg4pTGHS/XO4nm2db4FUZOBcVMb1vCc
 
149
VtFjLTcbCqJqpoJWUtsLcNqDqMHOQDpe6KTNTQARAQABiQEfBBgBAgAJBQJN+NyI
 
150
AhsMAAoJEIdoGx7jCA5FrR8IANnOF3PUj1TbRcwV6RoWmHsFQHrPmM8ogXia1Lsv
 
151
jE1iEWoC+muvKh6Oydf90k6ZslS7rdDnp2qzYY8W/TiDkxP+fvsZ4mMi1Y0F+3ty
 
152
1jzWhcsnB2VrJSiavxEXk0tKPrNv4EUGWG6wHsC9TBj37If+nrMyim94VHvI0eHm
 
153
X8yMlN4O3HfmgD9CbJdUxueP3e31OIYuwh/6F7GII8TNEVHU/8vh/mQcCxppNbc+
 
154
boff+kIsoa/TAMLwtJoSrX1nXm0K3vZePRLnIgmwVzdkOIkaRJUG2tSQFvkfhvtE
 
155
LhnkL5l4MO0wrUds0UWRwa3d7j/P2ExrqXdlLmEzrifWyEQ=
 
156
=hUJn
 
157
-----END PGP PUBLIC KEY BLOCK-----
 
158
""")
 
159
 
 
160
        secret_key = StringIO("""-----BEGIN PGP PRIVATE KEY BLOCK-----
 
161
Version: GnuPG v1.4.11 (GNU/Linux)
 
162
 
 
163
lQOYBE343IgBCADwzPW7kmKb2bjB+UU+1ER/ABMZspvtoZMPusUw7bk6coXHF/0W
 
164
u1K/hSYeX9xaGOfOQw41r/g13MoR9dsL6L84RLiisf38rRoBZt+d5bCbZA5Xo801
 
165
2PeoBoGo6u5oOYKAFLMvrUitPiiE0IT/oQTfC4YUrLN4A+9W0QZruPGIpIXwmZXr
 
166
L0zsqYfNqIN0ompeJenVpKpvm3loJ/zfK7R3EJ3hsv6nkUmWCFsP1Pw3UV1YuCmw
 
167
Mkdn1U7DaOql1WjXgj9ABQDJrun2TGsqrSRzBODtHKA/uOX0K3VfKBU8VZo3dXUm
 
168
1Q4ZeZC39L9qJGTH8TQYlwBLe1yAOp+vx7QJABEBAAEAB/0RJTbV991SOtVfPQVu
 
169
LM+tD0SiOXJwIBIINlngsFHWVIiBSDb6uF8dneMR70IRnuEFHFyAUXA7PZDxvcSu
 
170
phAqIdKCWxQPkAULAS0o4U2K3ZFGh4uOqvfZ8eSnh1rETFv7Yf3u23K89cZiy99n
 
171
EtWgSqzC/2z5PaZ7/alsYCBqhHuyd4Phaud7qv7FTz8mFrCf+CCY+D08wbnZBu4g
 
172
N9tBwoxT/UKRfv3nghIh9v+3qWfBEFGhrYbt92XKFbHOQeATZz8AGIv1eqN/+ZQY
 
173
oYmvVfO3GkrWaRoPeJNLqSDEn/45O1Uh9MJ4mQclXqB0QzMShle8uusHxIeJSQsR
 
174
z//VBAD11WS7qSgCeiHR+4jDzrrlb2snnA2bfDToEomDxd/n8xm7nJWdkNfJ2BCw
 
175
KvnxYVxjFNAwkKJGRajzALBLzRVO+K9NtSLiddv5zv+UNdgsKuE8tD7Jqxd/IbWw
 
176
AimCtL8osnJ+r9dvL+NyjkAT6l/NdEbLXGrBaMeTfSgl2cBOOwQA+sJIh1R5PiCK
 
177
nLIs9pm3PSy3w92Peelq/x/+0aebTZaJUk2ou3oCvB3druDqrUeaopuuCc0drV7C
 
178
Ldoey8x/T2ZGzmT2af9qNaD6ScTimDodXcJdwlpobhZTKpsE4EyywpLXtlWte1x0
 
179
1Mq3llQsIdRdf3GLS+L207hWgKDiDosD/0SyOBO/IBDteeEzeN2hNE3A8oeVbvRS
 
180
XrS/3uj6oKmlWUBORYP8ptUrXPoVPmNz2y4GO+OysFtfct3Yqb+Sb/52SXMOHTox
 
181
2oLW08tkzfkDArU5aauMEPmyutGyJ+hGo7fsuLXzXR8OPw4yZJdzG1tRlP2TTKmq
 
182
Fx8G/Ik6bN4zTYK0JEJhemFhciBUZXN0IEtleSA8YmF6YWFyQGV4YW1wbGUuY29t
 
183
PokBOAQTAQIAIgUCTfjciAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ
 
184
h2gbHuMIDkWJUggAwj537fH6WW+GGLA5onys2hZmXUq/tU+L92bjQoRY4fmsQpk/
 
185
FUVPUf+NQ0v1gkxx4BTfyYewaj5G6L8cvqW2jj7UiJd8z9gTRxWTnYwfR/w5PGmx
 
186
fJsBfEUKWsccrPQdOXAhwu0fjYIVk4nqgswaIOAZIwe5Vsfs36uSS7p8RQHAZXLX
 
187
tTOn3KcXHaxu83w6nc4zkWRovGJ9isBN3haO2qEa0mYiAfDpz40CGtb8N/TQHF3X
 
188
cw8rJcxpg6RF3jMtWQnzbVJFp13it00R3LqWo/r3RII3Ii3z2yARlg6D+5hVOrFB
 
189
V8jFLkff1R2ZnVu+7WOrnbpmt3OiMkSeZrtBOp0DlwRN+NyIAQgArRZ2YGzUj5dX
 
190
OVIWgZ1/QFpyfx/cG/293WjRE4Wt2e4SxMf2V0dcVCqWwT0+a79Wbausv4bStD4S
 
191
kwDmu0Jf3z5ERzrr7oZwP0PMsIlM5zT6XSsr6UUneB3UXX7MrEqVogVhRM0ORIaK
 
192
/oRwMXr7K6xVT+bCBP3/p66kHtY1ZpfEzTEXimBsN3GqoewBHYIneJKBtHE7uzdz
 
193
w3O5p5dXqoj5foxGi9R1J15vAmt5pI68HJeXP6ktvXbX2Iu7VDNoCvRXM9+ntyJt
 
194
sXCjNXg4pTGHS/XO4nm2db4FUZOBcVMb1vCcVtFjLTcbCqJqpoJWUtsLcNqDqMHO
 
195
QDpe6KTNTQARAQABAAf1EfceUlGLvoA/+yDTNTMjuPfzfKwbB/FOVfX44g3Za1eT
 
196
v7RvSuj4rFYIdE9UvZEei/pqPOSc+hhSsKZCulGXD5TUpf3AyG7ipWU/kID46Csp
 
197
0V08DPpFHnuw/N6+qNo5iSnhN9U1XMLjYT5d1HvKur26r2vWbmUTSJ1qIluHL2fT
 
198
R1pKYYLuoff4MIjZ01Hawq72jjor+dLBmMWveHpq4XNp+vQ4x8aFnY9ozufon0nM
 
199
uRSJRlQjDNB274tvUbmDFP+nzNbqF1nBTZ6FTdH/iKVNbytiYF7Hbat8GWVZqY1u
 
200
CZr7BklpIVWlk62ll0psMIPVyANi7YT332LLqYmBBADJKTx2dariG/kWU2W/9VEO
 
201
2VZpqsqazAxOoFEIOpcOlByhhyw5g0IKu0UyzHkhoCje0cWxpdSBFG432b8zL0AT
 
202
Z0RycfUG7Sgp9CpY1h8Cc/HbBa8xo1fSM7zplPQrHBqUzlVVBq6HOkUq+7qsPFWc
 
203
RRie95VsDmIMKQKPJHeYHQQA3EYGit+QHV0dccAInghEsf/mq8Gfnvo6HPYhWcDC
 
204
DTM39NhNlnl1WkTFCd2TWc+TWQ4KlRsh6bMjUpNa2qjrUl90fLekbogcxxMhcwa6
 
205
xgzEANZfwqdY0u3aB/CyZ6odfThwcAoeqoMpw34CfeKEroubpi2n8wKByrN2MQXJ
 
206
4vEEAJbXZOqgAcFAFBUVb5mVT0s2lJMagZFPdhRJz2bttz01s/B8aca6CrDpFRjT
 
207
03zRFUZjwDYqZDWBC181dCE9yla4OkWd5QyRKSS2EE02KEYqRzT0RngQn7s4AW2r
 
208
326up3Jhleln3hgD4Kk3V3KHmyK8zqZA0qWzry4Vl2jjkbnAPB2JAR8EGAECAAkF
 
209
Ak343IgCGwwACgkQh2gbHuMIDkWtHwgA2c4Xc9SPVNtFzBXpGhaYewVAes+YzyiB
 
210
eJrUuy+MTWIRagL6a68qHo7J1/3STpmyVLut0OenarNhjxb9OIOTE/5++xniYyLV
 
211
jQX7e3LWPNaFyycHZWslKJq/EReTS0o+s2/gRQZYbrAewL1MGPfsh/6eszKKb3hU
 
212
e8jR4eZfzIyU3g7cd+aAP0Jsl1TG54/d7fU4hi7CH/oXsYgjxM0RUdT/y+H+ZBwL
 
213
Gmk1tz5uh9/6Qiyhr9MAwvC0mhKtfWdebQre9l49EuciCbBXN2Q4iRpElQba1JAW
 
214
+R+G+0QuGeQvmXgw7TCtR2zRRZHBrd3uP8/YTGupd2UuYTOuJ9bIRA==
 
215
=LXn0
 
216
-----END PGP PRIVATE KEY BLOCK-----
 
217
""")
 
218
 
 
219
        revoked_key = StringIO("""-----BEGIN PGP PUBLIC KEY BLOCK-----
 
220
Version: GnuPG v1.4.11 (GNU/Linux)
 
221
 
 
222
mI0ETjlW5gEEAOb/6P+TVM59E897wRtatxys2BhsHCXM4T7xjIiANfDwejDdifqh
 
223
tluTfSJLLxPembtrrEjux1C0AJgc+f0MIfsc3Pr3eFJzKB2ot/1IVG1/1KnA0zt3
 
224
W2xPT3lRib27WJ9Fag+dMtQaIzgJ7/n2DFxsFZ33FD2kxrEXB2exGg6FABEBAAGI
 
225
pgQgAQIAEAUCTjlXkAkdAHJldm9rZWQACgkQjs6dvEpb0cQPHAP/Wi9rbx0e+1Sf
 
226
ziGgyVdr3m3A6uvze5oXKVgFRbGRUYSH4/I8GW0W9x4TcRg9h+YaQ8NUdADr9kNE
 
227
tKAljLqYA5qdqSfYuaij1M++Xj+KUZ359R74sHuQqwnRy1XXQNfRs/QpXA7vLdds
 
228
rjg+pbWuXO92TZJUdnqtWW+VEyZBsPy0G3Rlc3Qga2V5IDx0ZXN0QGV4YW1wbGUu
 
229
Y29tPoi4BBMBAgAiBQJOOVbmAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAK
 
230
CRCOzp28SlvRxNWzA/42WVmI0b+6mF/imEOlY1TiyvrcpK250rkSDsCtL4lOwy7G
 
231
antZhpgNfnXRd/ySfsS3EB6dpOWgOSxGRvWQhA+vxBT9BYNk49qd3JIrSaSWpR12
 
232
rET8qO1rEQQFWsw03CxTGujxGlmEO+a1yguRXp2UWaY7FngcQmD+8q7BUIVm7riN
 
233
BE45VuYBBADTEH2jHTjNCc5CMOhea6EJTrkx3upcEqB2oyhWeSWJiBGOxlcddsjo
 
234
3J3/EmBB8kK1hM9TidD3SG64x1N287lg8ELJBlKv+pQVyxohGJ1u/THgpTDMMQcL
 
235
luG5rAHQGSfyzKTiOnaTyBYg3M/nzgUOU9dKEFB0EA3tjUXFOT+r3wARAQABiJ8E
 
236
GAECAAkFAk45VuYCGwwACgkQjs6dvEpb0cRSLQP/fzCWX2lXwlwWiVF8BOPF7o9z
 
237
icHErc7/X17RGb4qj1kVf+UkRdUWJrbEVh4h6MncBIuA70WsYogiw+Kz/0LCtQAR
 
238
YUJsPy/EL++OKPH1aFasOdTxwkTka85+RdYqhP1+z/aYLFMWq6mRFI+o6x2k5mGi
 
239
7dMv2kKTJPoXUpiXJbg=
 
240
=hLYO
 
241
-----END PGP PUBLIC KEY BLOCK-----
 
242
""")
 
243
 
 
244
        expired_key = StringIO("""-----BEGIN PGP PUBLIC KEY BLOCK-----
 
245
Version: GnuPG v1.4.11 (GNU/Linux)
 
246
 
 
247
mI0ETjZ6PAEEALkR4GcFQidCCxV7pgQwQd5MZua0YO2l92fVqHX+PhnZ6egCLKdD
 
248
2bWlMUd6MLPF3FlRL7BBAxvW/DazkBOp7ljsnpMpptEzY49Uem1irYLYiVb9zK96
 
249
0sQZzFxFkfEYetQEXC68mIck8tbySOX5NAOw++3jFm3J7dsU1R3XtYzRABEBAAG0
 
250
G3Rlc3Qga2V5IDx0ZXN0QGV4YW1wbGUuY29tPoi+BBMBAgAoBQJONno8AhsDBQkA
 
251
AVGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAc4m97T40VEz+DA/9PBphG
 
252
Yp9cHVaHSfTUKGTGgIbvRe60sFNpDCYZeAGDrygOMuI8MNzbVpwefRBFHVPx7jWd
 
253
rrYMsLkcsNUS9D0baU+0D/qp7JVg7ZSQtG0O6IG4eTZhibteY1fu0+unlXmg9NHx
 
254
5VvhwzBiJDYji00M2p/CZEMiYFUuy76CsxUpN7iNBE42ejwBBACkv2/mX7IPQg0C
 
255
A3KSrJsJv+sdvKm4b4xuI4OwagwTIVz4KlTqV4IBrVjSBfwyMXucXz0bTW85qjgA
 
256
+n67td8vyjYYZUEz1uY9lSquQQDnAN0txL3cLHZXWiWOkmzZVddQtlflK2a/J9o0
 
257
QkHPVUm+hc4l64dIzStrNl2S66fAvQARAQABiKUEGAECAA8FAk42ejwCGwwFCQAB
 
258
UYAACgkQHOJve0+NFROEYQP/epg+o8iBs31hkSERyZjrRR66LpywezWj30Rn/3mX
 
259
Fzi9HkF4xLemWOzdNt9C5PYrOep85PQg8haEjknxVjZFS0ikT1h3OWk/TF1ZrLVm
 
260
WzyX8DaHQEjKpLJJjXcAbTiZBNMk0QaVC9RvIeHpCf3n3DC49DdjsPJRMKOn8KDi
 
261
kRk=
 
262
=p0gt
 
263
-----END PGP PUBLIC KEY BLOCK-----
 
264
""")
 
265
        context.import_(key)
 
266
        context.import_(secret_key)
 
267
        context.import_(revoked_key)
 
268
        context.import_(expired_key)
 
269
 
 
270
    def test_verify_untrusted_but_accepted(self):
 
271
        #untrusted by gpg but listed as acceptable_keys by user
 
272
        self.requireFeature(features.gpgme)
 
273
        self.import_keys()
 
274
 
 
275
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
276
Hash: SHA1
 
277
 
 
278
bazaar-ng testament short form 1
 
279
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
280
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
281
-----BEGIN PGP SIGNATURE-----
 
282
Version: GnuPG v1.4.11 (GNU/Linux)
 
283
 
 
284
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
285
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
286
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
287
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
288
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
289
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
290
=iwsn
 
291
-----END PGP SIGNATURE-----
 
292
"""
 
293
        plain = """bazaar-ng testament short form 1
 
294
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
295
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
296
"""
 
297
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
298
        my_gpg.set_acceptable_keys("bazaar@example.com")
 
299
        self.assertEqual((gpg.SIGNATURE_VALID, None), my_gpg.verify(content,
 
300
                            plain))
 
301
 
 
302
    def test_verify_unacceptable_key(self):
 
303
        self.requireFeature(features.gpgme)
 
304
        self.import_keys()
 
305
 
 
306
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
307
Hash: SHA1
 
308
 
 
309
bazaar-ng testament short form 1
 
310
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
311
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
312
-----BEGIN PGP SIGNATURE-----
 
313
Version: GnuPG v1.4.11 (GNU/Linux)
 
314
 
 
315
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
316
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
317
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
318
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
319
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
320
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
321
=iwsn
 
322
-----END PGP SIGNATURE-----
 
323
"""
 
324
        plain = """bazaar-ng testament short form 1
 
325
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
326
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
327
"""
 
328
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
329
        my_gpg.set_acceptable_keys("foo@example.com")
 
330
        self.assertEqual((gpg.SIGNATURE_KEY_MISSING, u'E3080E45'),
 
331
                         my_gpg.verify(content, plain))
 
332
 
 
333
    def test_verify_valid_but_untrusted(self):
 
334
        self.requireFeature(features.gpgme)
 
335
        self.import_keys()
 
336
 
 
337
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
338
Hash: SHA1
 
339
 
 
340
bazaar-ng testament short form 1
 
341
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
342
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
343
-----BEGIN PGP SIGNATURE-----
 
344
Version: GnuPG v1.4.11 (GNU/Linux)
 
345
 
 
346
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
347
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
348
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
349
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
350
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
351
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
352
=iwsn
 
353
-----END PGP SIGNATURE-----
 
354
"""
 
355
        plain = """bazaar-ng testament short form 1
 
356
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
357
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
358
"""
 
359
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
360
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
 
361
                            plain))
 
362
 
 
363
    def test_verify_bad_testament(self):
 
364
        self.requireFeature(features.gpgme)
 
365
        self.import_keys()
 
366
 
 
367
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
368
Hash: SHA1
 
369
 
 
370
bazaar-ng testament short form 1
 
371
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
372
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
373
-----BEGIN PGP SIGNATURE-----
 
374
Version: GnuPG v1.4.11 (GNU/Linux)
 
375
 
 
376
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
377
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
378
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
379
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
380
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
381
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
382
=iwsn
 
383
-----END PGP SIGNATURE-----
 
384
"""
 
385
        plain = """bazaar-ng testament short form 1
 
386
revision-id: doctor@example.com-20110527185938-hluafawphszb8dl1
 
387
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
388
"""
 
389
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
390
        my_gpg.set_acceptable_keys("bazaar@example.com")
 
391
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
 
392
                            plain))
 
393
 
 
394
 
 
395
    def test_verify_revoked_signature(self):
 
396
        self.requireFeature(features.gpgme)
 
397
        self.import_keys()
 
398
 
 
399
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
400
Hash: SHA1
 
401
 
 
402
asdf
 
403
-----BEGIN PGP SIGNATURE-----
 
404
Version: GnuPG v1.4.11 (GNU/Linux)
 
405
 
 
406
iJwEAQECAAYFAk45V18ACgkQjs6dvEpb0cSIZQP/eOGTXGPlrNwvDkcX2d8O///I
 
407
ecB4sUIUEpv1XAk1MkNu58lsjjK72lRaLusEGqd7HwrFmpxVeVs0oWLg23PNPCFs
 
408
yJBID9ma+VxFVPtkEFnrc1R72sBJLfBcTxMkwVTC8eeznjdtn+cg+aLkxbPdrGnr
 
409
JFA6kUIJU2w9LU/b88Y=
 
410
=UuRX
 
411
-----END PGP SIGNATURE-----
 
412
"""
 
413
        plain = """asdf\n"""
 
414
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
415
        my_gpg.set_acceptable_keys("test@example.com")
 
416
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
 
417
                            plain))
 
418
 
 
419
    def test_verify_invalid(self):
 
420
        self.requireFeature(features.gpgme)
 
421
        self.import_keys()
 
422
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
423
Hash: SHA1
 
424
 
 
425
bazaar-ng testament short form 1
 
426
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
427
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
428
-----BEGIN PGP SIGNATURE-----
 
429
Version: GnuPG v1.4.11 (GNU/Linux)
 
430
 
 
431
iEYEARECAAYFAk33gYsACgkQpQbm1N1NUIhiDACglOuQDlnSF4NxfHSkN/zrmFy8
 
432
nswAoNGXAVuR9ONasAKIGBNUE0b+lols
 
433
=SOuC
 
434
-----END PGP SIGNATURE-----
 
435
"""
 
436
        plain = """bazaar-ng testament short form 1
 
437
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
438
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
439
"""
 
440
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
441
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None),
 
442
                            my_gpg.verify(content, plain))
 
443
 
 
444
    def test_verify_expired_but_valid(self):
 
445
        self.requireFeature(features.gpgme)
 
446
        self.import_keys()
 
447
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
448
Hash: SHA1
 
449
 
 
450
bazaar-ng testament short form 1
 
451
revision-id: test@example.com-20110801100657-f1dr1nompeex723z
 
452
sha1: 59ab434be4c2d5d646dee84f514aa09e1b72feeb
 
453
-----BEGIN PGP SIGNATURE-----
 
454
Version: GnuPG v1.4.10 (GNU/Linux)
 
455
 
 
456
iJwEAQECAAYFAk42esUACgkQHOJve0+NFRPc5wP7BoZkzBU8JaHMLv/LmqLr0sUz
 
457
zuE51ofZZ19L7KVtQWsOi4jFy0fi4A5TFwO8u9SOfoREGvkw292Uty9subSouK5/
 
458
mFmDOYPQ+O83zWgYZsBmMJWYDZ+X9I6XXZSbPtV/7XyTjaxtl5uRnDVJjg+AzKvD
 
459
dTp8VatVVrwuvzOPDVc=
 
460
=uHen
 
461
-----END PGP SIGNATURE-----
 
462
"""
 
463
        plain = """bazaar-ng testament short form 1
 
464
revision-id: test@example.com-20110801100657-f1dr1nompeex723z
 
465
sha1: 59ab434be4c2d5d646dee84f514aa09e1b72feeb
 
466
"""
 
467
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
468
        self.assertEqual((gpg.SIGNATURE_EXPIRED, u'4F8D1513'),
 
469
                            my_gpg.verify(content, plain))
 
470
 
 
471
    def test_verify_unknown_key(self):
 
472
        self.requireFeature(features.gpgme)
 
473
        self.import_keys()
 
474
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
475
Hash: SHA1
 
476
 
 
477
asdf
 
478
-----BEGIN PGP SIGNATURE-----
 
479
Version: GnuPG v1.4.11 (GNU/Linux)
 
480
 
 
481
iQEcBAEBAgAGBQJOORKwAAoJENf6AkFdUeVvJDYH/1Cz+AJn1Jvy5n64o+0fZ5Ow
 
482
Y7UQb4QQTIOV7jI7n4hv/yBzuHrtImFzYvQl/o2Ezzi8B8L5gZtQy+xCUF+Q8iWs
 
483
gytZ5JUtSze7hDZo1NUl4etjoRGYqRfrUcvE2LkVH2dFbDGyyQfVmoeSHa5akuuP
 
484
QZmyg2F983rACVIpGvsqTH6RcBdvE9vx68lugeKQA8ArDn39/74FBFipFzrXSPij
 
485
eKFpl+yZmIb3g6HkPIC8o4j/tMvc37xF1OG5sBu8FT0+FC+VgY7vAblneDftAbyP
 
486
sIODx4WcfJtjLG/qkRYqJ4gDHo0eMpTJSk2CWebajdm4b+JBrM1F9mgKuZFLruE=
 
487
=RNR5
 
488
-----END PGP SIGNATURE-----
 
489
"""
 
490
        plain = "asdf\n"
 
491
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
492
        self.assertEqual((gpg.SIGNATURE_KEY_MISSING, u'5D51E56F'),
 
493
                            my_gpg.verify(content, plain))
 
494
 
 
495
    def test_set_acceptable_keys(self):
 
496
        self.requireFeature(features.gpgme)
 
497
        self.import_keys()
 
498
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
499
        my_gpg.set_acceptable_keys("bazaar@example.com")
 
500
        self.assertEqual(my_gpg.acceptable_keys,
 
501
                         [u'B5DEED5FCB15DAE6ECEF919587681B1EE3080E45'])
 
502
 
 
503
    def test_set_acceptable_keys_unknown(self):
 
504
        self.requireFeature(features.gpgme)
 
505
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
506
        self.notes = []
 
507
        def note(*args):
 
508
            self.notes.append(args[0] % args[1:])
 
509
        self.overrideAttr(trace, 'note', note)
 
510
        my_gpg.set_acceptable_keys("unknown")
 
511
        self.assertEqual(my_gpg.acceptable_keys, [])
 
512
        self.assertEqual(self.notes,
 
513
            ['No GnuPG key results for pattern: unknown'])
 
514
 
88
515
 
89
516
class TestDisabled(TestCase):
90
517
 
91
518
    def test_sign(self):
92
519
        self.assertRaises(errors.SigningFailed,
93
520
                          gpg.DisabledGPGStrategy(None).sign, 'content')
 
521
 
 
522
    def test_verify(self):
 
523
        self.assertRaises(errors.SignatureVerificationFailed,
 
524
                          gpg.DisabledGPGStrategy(None).verify, 'content',
 
525
                          'testament')