← Back to branch summary

~bzr-pqm/bzr/bzr.dev

« back to all changes in this revision

Viewing changes to bzrlib/tests/test_gpg.py

  • Committer: Patch Queue Manager
  • Date: 2016-01-31 13:36:59 UTC
  • mfrom: (6613.1.5 1538480-match-hostname)
  • Revision ID: pqm@pqm.ubuntu.com-20160131133659-ouy92ee2wlv9xz8m
(vila) Use ssl.match_hostname instead of our own. (Vincent Ladeuil)

Show diffs side-by-side

added added

removed removed

Lines of Context:
bzrlib/tests/test_gpg.py
1
 
# Copyright (C) 2005 Canonical Ltd
 
1
# Copyright (C) 2005, 2006, 2007, 2009, 2011 Canonical Ltd
2
2
#   Authors: Robert Collins <robert.collins@canonical.com>
3
3
#
4
4
# This program is free software; you can redistribute it and/or modify
18
18
"""Tests for signing and verifying blobs of data via gpg."""
19
19
 
20
20
# import system imports here
21
 
import os
22
21
import sys
23
22
 
24
 
from bzrlib import errors, ui
25
 
import bzrlib.gpg as gpg
26
 
from bzrlib.tests import TestCase, TestCaseInTempDir
27
 
 
28
 
class FakeConfig(object):
29
 
 
30
 
    def gpg_signing_command(self):
31
 
        return "false"
32
 
 
33
 
 
34
 
class TestCommandLine(TestCase):
 
23
from bzrlib import (
 
24
    config,
 
25
    errors,
 
26
    gpg,
 
27
    tests,
 
28
    trace,
 
29
    ui,
 
30
    )
 
31
from bzrlib.tests import (
 
32
    TestCase,
 
33
    features,
 
34
    )
 
35
 
 
36
 
 
37
class FakeConfig(config.MemoryStack):
 
38
 
 
39
    def __init__(self, content=None):
 
40
        if content is None:
 
41
            content = '''
 
42
gpg_signing_key=amy@example.com
 
43
gpg_signing_command=false'''
 
44
        super(FakeConfig, self).__init__(content)
 
45
 
 
46
 
 
47
class TestCommandLine(tests.TestCase):
 
48
 
 
49
    def setUp(self):
 
50
        super(TestCommandLine, self).setUp()
 
51
        self.my_gpg = gpg.GPGStrategy(FakeConfig())
35
52
 
36
53
    def test_signing_command_line(self):
37
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
38
 
        self.assertEqual(['false',  '--clearsign'],
 
54
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
 
55
                         self.my_gpg._command_line())
 
56
 
 
57
    def test_signing_command_line_from_default(self):
 
58
        # Using 'default' for gpg_signing_key will use the mail part of 'email'
 
59
        my_gpg = gpg.GPGStrategy(FakeConfig('''
 
60
email=Amy <amy@example.com>
 
61
gpg_signing_key=default
 
62
gpg_signing_command=false'''))
 
63
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
 
64
                         my_gpg._command_line())
 
65
 
 
66
    def test_signing_command_line_from_email(self):
 
67
        # Not setting gpg_signing_key will use the mail part of 'email'
 
68
        my_gpg = gpg.GPGStrategy(FakeConfig('''
 
69
email=Amy <amy@example.com>
 
70
gpg_signing_command=false'''))
 
71
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
39
72
                         my_gpg._command_line())
40
73
 
41
74
    def test_checks_return_code(self):
42
75
        # This test needs a unix like platform - one with 'false' to run.
43
76
        # if you have one, please make this work :)
44
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
45
 
        self.assertRaises(errors.SigningFailed, my_gpg.sign, 'content')
 
77
        self.assertRaises(errors.SigningFailed, self.my_gpg.sign, 'content')
46
78
 
47
79
    def assertProduces(self, content):
48
80
        # This needs a 'cat' command or similar to work.
49
 
        my_gpg = gpg.GPGStrategy(FakeConfig())
50
81
        if sys.platform == 'win32':
51
82
            # Windows doesn't come with cat, and we don't require it
52
83
            # so lets try using python instead.
53
84
            # But stupid windows and line-ending conversions.
54
85
            # It is too much work to make sys.stdout be in binary mode.
55
86
            # http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/65443
56
 
            my_gpg._command_line = lambda:[sys.executable, '-c',
 
87
            self.my_gpg._command_line = lambda:[sys.executable, '-c',
57
88
                    'import sys; sys.stdout.write(sys.stdin.read())']
58
89
            new_content = content.replace('\n', '\r\n')
59
90
 
60
 
            self.assertEqual(new_content, my_gpg.sign(content))
 
91
            self.assertEqual(new_content, self.my_gpg.sign(content))
61
92
        else:
62
 
            my_gpg._command_line = lambda:['cat', '-']
63
 
            self.assertEqual(content, my_gpg.sign(content))
 
93
            self.my_gpg._command_line = lambda:['cat', '-']
 
94
            self.assertEqual(content, self.my_gpg.sign(content))
64
95
 
65
96
    def test_returns_output(self):
66
97
        content = "some content\nwith newlines\n"
86
117
                          self.assertProduces, u'foo')
87
118
 
88
119
 
 
120
class TestVerify(TestCase):
 
121
 
 
122
    def import_keys(self):
 
123
        from StringIO import StringIO
 
124
        import gpgme
 
125
        context = gpgme.Context()
 
126
 
 
127
        key = StringIO("""-----BEGIN PGP PUBLIC KEY BLOCK-----
 
128
Version: GnuPG v1.4.11 (GNU/Linux)
 
129
 
 
130
mQENBE343IgBCADwzPW7kmKb2bjB+UU+1ER/ABMZspvtoZMPusUw7bk6coXHF/0W
 
131
u1K/hSYeX9xaGOfOQw41r/g13MoR9dsL6L84RLiisf38rRoBZt+d5bCbZA5Xo801
 
132
2PeoBoGo6u5oOYKAFLMvrUitPiiE0IT/oQTfC4YUrLN4A+9W0QZruPGIpIXwmZXr
 
133
L0zsqYfNqIN0ompeJenVpKpvm3loJ/zfK7R3EJ3hsv6nkUmWCFsP1Pw3UV1YuCmw
 
134
Mkdn1U7DaOql1WjXgj9ABQDJrun2TGsqrSRzBODtHKA/uOX0K3VfKBU8VZo3dXUm
 
135
1Q4ZeZC39L9qJGTH8TQYlwBLe1yAOp+vx7QJABEBAAG0JEJhemFhciBUZXN0IEtl
 
136
eSA8YmF6YWFyQGV4YW1wbGUuY29tPokBOAQTAQIAIgUCTfjciAIbAwYLCQgHAwIG
 
137
FQgCCQoLBBYCAwECHgECF4AACgkQh2gbHuMIDkWJUggAwj537fH6WW+GGLA5onys
 
138
2hZmXUq/tU+L92bjQoRY4fmsQpk/FUVPUf+NQ0v1gkxx4BTfyYewaj5G6L8cvqW2
 
139
jj7UiJd8z9gTRxWTnYwfR/w5PGmxfJsBfEUKWsccrPQdOXAhwu0fjYIVk4nqgswa
 
140
IOAZIwe5Vsfs36uSS7p8RQHAZXLXtTOn3KcXHaxu83w6nc4zkWRovGJ9isBN3haO
 
141
2qEa0mYiAfDpz40CGtb8N/TQHF3Xcw8rJcxpg6RF3jMtWQnzbVJFp13it00R3LqW
 
142
o/r3RII3Ii3z2yARlg6D+5hVOrFBV8jFLkff1R2ZnVu+7WOrnbpmt3OiMkSeZrtB
 
143
OrkBDQRN+NyIAQgArRZ2YGzUj5dXOVIWgZ1/QFpyfx/cG/293WjRE4Wt2e4SxMf2
 
144
V0dcVCqWwT0+a79Wbausv4bStD4SkwDmu0Jf3z5ERzrr7oZwP0PMsIlM5zT6XSsr
 
145
6UUneB3UXX7MrEqVogVhRM0ORIaK/oRwMXr7K6xVT+bCBP3/p66kHtY1ZpfEzTEX
 
146
imBsN3GqoewBHYIneJKBtHE7uzdzw3O5p5dXqoj5foxGi9R1J15vAmt5pI68HJeX
 
147
P6ktvXbX2Iu7VDNoCvRXM9+ntyJtsXCjNXg4pTGHS/XO4nm2db4FUZOBcVMb1vCc
 
148
VtFjLTcbCqJqpoJWUtsLcNqDqMHOQDpe6KTNTQARAQABiQEfBBgBAgAJBQJN+NyI
 
149
AhsMAAoJEIdoGx7jCA5FrR8IANnOF3PUj1TbRcwV6RoWmHsFQHrPmM8ogXia1Lsv
 
150
jE1iEWoC+muvKh6Oydf90k6ZslS7rdDnp2qzYY8W/TiDkxP+fvsZ4mMi1Y0F+3ty
 
151
1jzWhcsnB2VrJSiavxEXk0tKPrNv4EUGWG6wHsC9TBj37If+nrMyim94VHvI0eHm
 
152
X8yMlN4O3HfmgD9CbJdUxueP3e31OIYuwh/6F7GII8TNEVHU/8vh/mQcCxppNbc+
 
153
boff+kIsoa/TAMLwtJoSrX1nXm0K3vZePRLnIgmwVzdkOIkaRJUG2tSQFvkfhvtE
 
154
LhnkL5l4MO0wrUds0UWRwa3d7j/P2ExrqXdlLmEzrifWyEQ=
 
155
=hUJn
 
156
-----END PGP PUBLIC KEY BLOCK-----
 
157
""")
 
158
 
 
159
        secret_key = StringIO("""-----BEGIN PGP PRIVATE KEY BLOCK-----
 
160
Version: GnuPG v1.4.11 (GNU/Linux)
 
161
 
 
162
lQOYBE343IgBCADwzPW7kmKb2bjB+UU+1ER/ABMZspvtoZMPusUw7bk6coXHF/0W
 
163
u1K/hSYeX9xaGOfOQw41r/g13MoR9dsL6L84RLiisf38rRoBZt+d5bCbZA5Xo801
 
164
2PeoBoGo6u5oOYKAFLMvrUitPiiE0IT/oQTfC4YUrLN4A+9W0QZruPGIpIXwmZXr
 
165
L0zsqYfNqIN0ompeJenVpKpvm3loJ/zfK7R3EJ3hsv6nkUmWCFsP1Pw3UV1YuCmw
 
166
Mkdn1U7DaOql1WjXgj9ABQDJrun2TGsqrSRzBODtHKA/uOX0K3VfKBU8VZo3dXUm
 
167
1Q4ZeZC39L9qJGTH8TQYlwBLe1yAOp+vx7QJABEBAAEAB/0RJTbV991SOtVfPQVu
 
168
LM+tD0SiOXJwIBIINlngsFHWVIiBSDb6uF8dneMR70IRnuEFHFyAUXA7PZDxvcSu
 
169
phAqIdKCWxQPkAULAS0o4U2K3ZFGh4uOqvfZ8eSnh1rETFv7Yf3u23K89cZiy99n
 
170
EtWgSqzC/2z5PaZ7/alsYCBqhHuyd4Phaud7qv7FTz8mFrCf+CCY+D08wbnZBu4g
 
171
N9tBwoxT/UKRfv3nghIh9v+3qWfBEFGhrYbt92XKFbHOQeATZz8AGIv1eqN/+ZQY
 
172
oYmvVfO3GkrWaRoPeJNLqSDEn/45O1Uh9MJ4mQclXqB0QzMShle8uusHxIeJSQsR
 
173
z//VBAD11WS7qSgCeiHR+4jDzrrlb2snnA2bfDToEomDxd/n8xm7nJWdkNfJ2BCw
 
174
KvnxYVxjFNAwkKJGRajzALBLzRVO+K9NtSLiddv5zv+UNdgsKuE8tD7Jqxd/IbWw
 
175
AimCtL8osnJ+r9dvL+NyjkAT6l/NdEbLXGrBaMeTfSgl2cBOOwQA+sJIh1R5PiCK
 
176
nLIs9pm3PSy3w92Peelq/x/+0aebTZaJUk2ou3oCvB3druDqrUeaopuuCc0drV7C
 
177
Ldoey8x/T2ZGzmT2af9qNaD6ScTimDodXcJdwlpobhZTKpsE4EyywpLXtlWte1x0
 
178
1Mq3llQsIdRdf3GLS+L207hWgKDiDosD/0SyOBO/IBDteeEzeN2hNE3A8oeVbvRS
 
179
XrS/3uj6oKmlWUBORYP8ptUrXPoVPmNz2y4GO+OysFtfct3Yqb+Sb/52SXMOHTox
 
180
2oLW08tkzfkDArU5aauMEPmyutGyJ+hGo7fsuLXzXR8OPw4yZJdzG1tRlP2TTKmq
 
181
Fx8G/Ik6bN4zTYK0JEJhemFhciBUZXN0IEtleSA8YmF6YWFyQGV4YW1wbGUuY29t
 
182
PokBOAQTAQIAIgUCTfjciAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ
 
183
h2gbHuMIDkWJUggAwj537fH6WW+GGLA5onys2hZmXUq/tU+L92bjQoRY4fmsQpk/
 
184
FUVPUf+NQ0v1gkxx4BTfyYewaj5G6L8cvqW2jj7UiJd8z9gTRxWTnYwfR/w5PGmx
 
185
fJsBfEUKWsccrPQdOXAhwu0fjYIVk4nqgswaIOAZIwe5Vsfs36uSS7p8RQHAZXLX
 
186
tTOn3KcXHaxu83w6nc4zkWRovGJ9isBN3haO2qEa0mYiAfDpz40CGtb8N/TQHF3X
 
187
cw8rJcxpg6RF3jMtWQnzbVJFp13it00R3LqWo/r3RII3Ii3z2yARlg6D+5hVOrFB
 
188
V8jFLkff1R2ZnVu+7WOrnbpmt3OiMkSeZrtBOp0DlwRN+NyIAQgArRZ2YGzUj5dX
 
189
OVIWgZ1/QFpyfx/cG/293WjRE4Wt2e4SxMf2V0dcVCqWwT0+a79Wbausv4bStD4S
 
190
kwDmu0Jf3z5ERzrr7oZwP0PMsIlM5zT6XSsr6UUneB3UXX7MrEqVogVhRM0ORIaK
 
191
/oRwMXr7K6xVT+bCBP3/p66kHtY1ZpfEzTEXimBsN3GqoewBHYIneJKBtHE7uzdz
 
192
w3O5p5dXqoj5foxGi9R1J15vAmt5pI68HJeXP6ktvXbX2Iu7VDNoCvRXM9+ntyJt
 
193
sXCjNXg4pTGHS/XO4nm2db4FUZOBcVMb1vCcVtFjLTcbCqJqpoJWUtsLcNqDqMHO
 
194
QDpe6KTNTQARAQABAAf1EfceUlGLvoA/+yDTNTMjuPfzfKwbB/FOVfX44g3Za1eT
 
195
v7RvSuj4rFYIdE9UvZEei/pqPOSc+hhSsKZCulGXD5TUpf3AyG7ipWU/kID46Csp
 
196
0V08DPpFHnuw/N6+qNo5iSnhN9U1XMLjYT5d1HvKur26r2vWbmUTSJ1qIluHL2fT
 
197
R1pKYYLuoff4MIjZ01Hawq72jjor+dLBmMWveHpq4XNp+vQ4x8aFnY9ozufon0nM
 
198
uRSJRlQjDNB274tvUbmDFP+nzNbqF1nBTZ6FTdH/iKVNbytiYF7Hbat8GWVZqY1u
 
199
CZr7BklpIVWlk62ll0psMIPVyANi7YT332LLqYmBBADJKTx2dariG/kWU2W/9VEO
 
200
2VZpqsqazAxOoFEIOpcOlByhhyw5g0IKu0UyzHkhoCje0cWxpdSBFG432b8zL0AT
 
201
Z0RycfUG7Sgp9CpY1h8Cc/HbBa8xo1fSM7zplPQrHBqUzlVVBq6HOkUq+7qsPFWc
 
202
RRie95VsDmIMKQKPJHeYHQQA3EYGit+QHV0dccAInghEsf/mq8Gfnvo6HPYhWcDC
 
203
DTM39NhNlnl1WkTFCd2TWc+TWQ4KlRsh6bMjUpNa2qjrUl90fLekbogcxxMhcwa6
 
204
xgzEANZfwqdY0u3aB/CyZ6odfThwcAoeqoMpw34CfeKEroubpi2n8wKByrN2MQXJ
 
205
4vEEAJbXZOqgAcFAFBUVb5mVT0s2lJMagZFPdhRJz2bttz01s/B8aca6CrDpFRjT
 
206
03zRFUZjwDYqZDWBC181dCE9yla4OkWd5QyRKSS2EE02KEYqRzT0RngQn7s4AW2r
 
207
326up3Jhleln3hgD4Kk3V3KHmyK8zqZA0qWzry4Vl2jjkbnAPB2JAR8EGAECAAkF
 
208
Ak343IgCGwwACgkQh2gbHuMIDkWtHwgA2c4Xc9SPVNtFzBXpGhaYewVAes+YzyiB
 
209
eJrUuy+MTWIRagL6a68qHo7J1/3STpmyVLut0OenarNhjxb9OIOTE/5++xniYyLV
 
210
jQX7e3LWPNaFyycHZWslKJq/EReTS0o+s2/gRQZYbrAewL1MGPfsh/6eszKKb3hU
 
211
e8jR4eZfzIyU3g7cd+aAP0Jsl1TG54/d7fU4hi7CH/oXsYgjxM0RUdT/y+H+ZBwL
 
212
Gmk1tz5uh9/6Qiyhr9MAwvC0mhKtfWdebQre9l49EuciCbBXN2Q4iRpElQba1JAW
 
213
+R+G+0QuGeQvmXgw7TCtR2zRRZHBrd3uP8/YTGupd2UuYTOuJ9bIRA==
 
214
=LXn0
 
215
-----END PGP PRIVATE KEY BLOCK-----
 
216
""")
 
217
 
 
218
        revoked_key = StringIO("""-----BEGIN PGP PUBLIC KEY BLOCK-----
 
219
Version: GnuPG v1.4.11 (GNU/Linux)
 
220
 
 
221
mI0ETjlW5gEEAOb/6P+TVM59E897wRtatxys2BhsHCXM4T7xjIiANfDwejDdifqh
 
222
tluTfSJLLxPembtrrEjux1C0AJgc+f0MIfsc3Pr3eFJzKB2ot/1IVG1/1KnA0zt3
 
223
W2xPT3lRib27WJ9Fag+dMtQaIzgJ7/n2DFxsFZ33FD2kxrEXB2exGg6FABEBAAGI
 
224
pgQgAQIAEAUCTjlXkAkdAHJldm9rZWQACgkQjs6dvEpb0cQPHAP/Wi9rbx0e+1Sf
 
225
ziGgyVdr3m3A6uvze5oXKVgFRbGRUYSH4/I8GW0W9x4TcRg9h+YaQ8NUdADr9kNE
 
226
tKAljLqYA5qdqSfYuaij1M++Xj+KUZ359R74sHuQqwnRy1XXQNfRs/QpXA7vLdds
 
227
rjg+pbWuXO92TZJUdnqtWW+VEyZBsPy0G3Rlc3Qga2V5IDx0ZXN0QGV4YW1wbGUu
 
228
Y29tPoi4BBMBAgAiBQJOOVbmAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAK
 
229
CRCOzp28SlvRxNWzA/42WVmI0b+6mF/imEOlY1TiyvrcpK250rkSDsCtL4lOwy7G
 
230
antZhpgNfnXRd/ySfsS3EB6dpOWgOSxGRvWQhA+vxBT9BYNk49qd3JIrSaSWpR12
 
231
rET8qO1rEQQFWsw03CxTGujxGlmEO+a1yguRXp2UWaY7FngcQmD+8q7BUIVm7riN
 
232
BE45VuYBBADTEH2jHTjNCc5CMOhea6EJTrkx3upcEqB2oyhWeSWJiBGOxlcddsjo
 
233
3J3/EmBB8kK1hM9TidD3SG64x1N287lg8ELJBlKv+pQVyxohGJ1u/THgpTDMMQcL
 
234
luG5rAHQGSfyzKTiOnaTyBYg3M/nzgUOU9dKEFB0EA3tjUXFOT+r3wARAQABiJ8E
 
235
GAECAAkFAk45VuYCGwwACgkQjs6dvEpb0cRSLQP/fzCWX2lXwlwWiVF8BOPF7o9z
 
236
icHErc7/X17RGb4qj1kVf+UkRdUWJrbEVh4h6MncBIuA70WsYogiw+Kz/0LCtQAR
 
237
YUJsPy/EL++OKPH1aFasOdTxwkTka85+RdYqhP1+z/aYLFMWq6mRFI+o6x2k5mGi
 
238
7dMv2kKTJPoXUpiXJbg=
 
239
=hLYO
 
240
-----END PGP PUBLIC KEY BLOCK-----
 
241
""")
 
242
 
 
243
        expired_key = StringIO("""-----BEGIN PGP PUBLIC KEY BLOCK-----
 
244
Version: GnuPG v1.4.11 (GNU/Linux)
 
245
 
 
246
mI0ETjZ6PAEEALkR4GcFQidCCxV7pgQwQd5MZua0YO2l92fVqHX+PhnZ6egCLKdD
 
247
2bWlMUd6MLPF3FlRL7BBAxvW/DazkBOp7ljsnpMpptEzY49Uem1irYLYiVb9zK96
 
248
0sQZzFxFkfEYetQEXC68mIck8tbySOX5NAOw++3jFm3J7dsU1R3XtYzRABEBAAG0
 
249
G3Rlc3Qga2V5IDx0ZXN0QGV4YW1wbGUuY29tPoi+BBMBAgAoBQJONno8AhsDBQkA
 
250
AVGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAc4m97T40VEz+DA/9PBphG
 
251
Yp9cHVaHSfTUKGTGgIbvRe60sFNpDCYZeAGDrygOMuI8MNzbVpwefRBFHVPx7jWd
 
252
rrYMsLkcsNUS9D0baU+0D/qp7JVg7ZSQtG0O6IG4eTZhibteY1fu0+unlXmg9NHx
 
253
5VvhwzBiJDYji00M2p/CZEMiYFUuy76CsxUpN7iNBE42ejwBBACkv2/mX7IPQg0C
 
254
A3KSrJsJv+sdvKm4b4xuI4OwagwTIVz4KlTqV4IBrVjSBfwyMXucXz0bTW85qjgA
 
255
+n67td8vyjYYZUEz1uY9lSquQQDnAN0txL3cLHZXWiWOkmzZVddQtlflK2a/J9o0
 
256
QkHPVUm+hc4l64dIzStrNl2S66fAvQARAQABiKUEGAECAA8FAk42ejwCGwwFCQAB
 
257
UYAACgkQHOJve0+NFROEYQP/epg+o8iBs31hkSERyZjrRR66LpywezWj30Rn/3mX
 
258
Fzi9HkF4xLemWOzdNt9C5PYrOep85PQg8haEjknxVjZFS0ikT1h3OWk/TF1ZrLVm
 
259
WzyX8DaHQEjKpLJJjXcAbTiZBNMk0QaVC9RvIeHpCf3n3DC49DdjsPJRMKOn8KDi
 
260
kRk=
 
261
=p0gt
 
262
-----END PGP PUBLIC KEY BLOCK-----
 
263
""")
 
264
        context.import_(key)
 
265
        context.import_(secret_key)
 
266
        context.import_(revoked_key)
 
267
        context.import_(expired_key)
 
268
 
 
269
    def test_verify_untrusted_but_accepted(self):
 
270
        #untrusted by gpg but listed as acceptable_keys by user
 
271
        self.requireFeature(features.gpgme)
 
272
        self.import_keys()
 
273
 
 
274
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
275
Hash: SHA1
 
276
 
 
277
bazaar-ng testament short form 1
 
278
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
279
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
280
-----BEGIN PGP SIGNATURE-----
 
281
Version: GnuPG v1.4.11 (GNU/Linux)
 
282
 
 
283
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
284
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
285
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
286
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
287
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
288
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
289
=iwsn
 
290
-----END PGP SIGNATURE-----
 
291
"""
 
292
        plain = """bazaar-ng testament short form 1
 
293
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
294
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
295
"""
 
296
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
297
        my_gpg.set_acceptable_keys("bazaar@example.com")
 
298
        self.assertEqual((gpg.SIGNATURE_VALID, None), my_gpg.verify(content,
 
299
                            plain))
 
300
 
 
301
    def test_verify_unacceptable_key(self):
 
302
        self.requireFeature(features.gpgme)
 
303
        self.import_keys()
 
304
 
 
305
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
306
Hash: SHA1
 
307
 
 
308
bazaar-ng testament short form 1
 
309
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
310
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
311
-----BEGIN PGP SIGNATURE-----
 
312
Version: GnuPG v1.4.11 (GNU/Linux)
 
313
 
 
314
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
315
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
316
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
317
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
318
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
319
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
320
=iwsn
 
321
-----END PGP SIGNATURE-----
 
322
"""
 
323
        plain = """bazaar-ng testament short form 1
 
324
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
325
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
326
"""
 
327
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
328
        my_gpg.set_acceptable_keys("foo@example.com")
 
329
        self.assertEqual((gpg.SIGNATURE_KEY_MISSING, u'E3080E45'),
 
330
                         my_gpg.verify(content, plain))
 
331
 
 
332
    def test_verify_valid_but_untrusted(self):
 
333
        self.requireFeature(features.gpgme)
 
334
        self.import_keys()
 
335
 
 
336
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
337
Hash: SHA1
 
338
 
 
339
bazaar-ng testament short form 1
 
340
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
341
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
342
-----BEGIN PGP SIGNATURE-----
 
343
Version: GnuPG v1.4.11 (GNU/Linux)
 
344
 
 
345
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
346
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
347
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
348
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
349
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
350
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
351
=iwsn
 
352
-----END PGP SIGNATURE-----
 
353
"""
 
354
        plain = """bazaar-ng testament short form 1
 
355
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
356
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
357
"""
 
358
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
359
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
 
360
                            plain))
 
361
 
 
362
    def test_verify_bad_testament(self):
 
363
        self.requireFeature(features.gpgme)
 
364
        self.import_keys()
 
365
 
 
366
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
367
Hash: SHA1
 
368
 
 
369
bazaar-ng testament short form 1
 
370
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
371
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
372
-----BEGIN PGP SIGNATURE-----
 
373
Version: GnuPG v1.4.11 (GNU/Linux)
 
374
 
 
375
iQEcBAEBAgAGBQJN+ekFAAoJEIdoGx7jCA5FGtEH/i+XxJRvqU6wdBtLVrGBMAGk
 
376
FZ5VP+KyXYtymSbgSstj/vM12NeMIeFs3xGnNnYuX1MIcY6We5TKtCH0epY6ym5+
 
377
6g2Q2QpQ5/sT2d0mWzR0K4uVngmxVQaXTdk5PdZ40O7ULeDLW6CxzxMHyUL1rsIx
 
378
7UBUTBh1O/1n3ZfD99hUkm3hVcnsN90uTKH59zV9NWwArU0cug60+5eDKJhSJDbG
 
379
rIwlqbFAjDZ7L/48e+IaYIJwBZFzMBpJKdCxzALLtauMf+KK8hGiL2hrRbWm7ty6
 
380
NgxfkMYOB4rDPdSstT35N+5uBG3n/UzjxHssi0svMfVETYYX40y57dm2eZQXFp8=
 
381
=iwsn
 
382
-----END PGP SIGNATURE-----
 
383
"""
 
384
        plain = """bazaar-ng testament short form 1
 
385
revision-id: doctor@example.com-20110527185938-hluafawphszb8dl1
 
386
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
387
"""
 
388
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
389
        my_gpg.set_acceptable_keys("bazaar@example.com")
 
390
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
 
391
                            plain))
 
392
 
 
393
 
 
394
    def test_verify_revoked_signature(self):
 
395
        self.requireFeature(features.gpgme)
 
396
        self.import_keys()
 
397
 
 
398
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
399
Hash: SHA1
 
400
 
 
401
asdf
 
402
-----BEGIN PGP SIGNATURE-----
 
403
Version: GnuPG v1.4.11 (GNU/Linux)
 
404
 
 
405
iJwEAQECAAYFAk45V18ACgkQjs6dvEpb0cSIZQP/eOGTXGPlrNwvDkcX2d8O///I
 
406
ecB4sUIUEpv1XAk1MkNu58lsjjK72lRaLusEGqd7HwrFmpxVeVs0oWLg23PNPCFs
 
407
yJBID9ma+VxFVPtkEFnrc1R72sBJLfBcTxMkwVTC8eeznjdtn+cg+aLkxbPdrGnr
 
408
JFA6kUIJU2w9LU/b88Y=
 
409
=UuRX
 
410
-----END PGP SIGNATURE-----
 
411
"""
 
412
        plain = """asdf\n"""
 
413
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
414
        my_gpg.set_acceptable_keys("test@example.com")
 
415
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None), my_gpg.verify(content,
 
416
                            plain))
 
417
 
 
418
    def test_verify_invalid(self):
 
419
        self.requireFeature(features.gpgme)
 
420
        self.import_keys()
 
421
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
422
Hash: SHA1
 
423
 
 
424
bazaar-ng testament short form 1
 
425
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
426
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
427
-----BEGIN PGP SIGNATURE-----
 
428
Version: GnuPG v1.4.11 (GNU/Linux)
 
429
 
 
430
iEYEARECAAYFAk33gYsACgkQpQbm1N1NUIhiDACglOuQDlnSF4NxfHSkN/zrmFy8
 
431
nswAoNGXAVuR9ONasAKIGBNUE0b+lols
 
432
=SOuC
 
433
-----END PGP SIGNATURE-----
 
434
"""
 
435
        plain = """bazaar-ng testament short form 1
 
436
revision-id: amy@example.com-20110527185938-hluafawphszb8dl1
 
437
sha1: 6411f9bdf6571200357140c9ce7c0f50106ac9a4
 
438
"""
 
439
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
440
        self.assertEqual((gpg.SIGNATURE_NOT_VALID, None),
 
441
                            my_gpg.verify(content, plain))
 
442
 
 
443
    def test_verify_expired_but_valid(self):
 
444
        self.requireFeature(features.gpgme)
 
445
        self.import_keys()
 
446
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
447
Hash: SHA1
 
448
 
 
449
bazaar-ng testament short form 1
 
450
revision-id: test@example.com-20110801100657-f1dr1nompeex723z
 
451
sha1: 59ab434be4c2d5d646dee84f514aa09e1b72feeb
 
452
-----BEGIN PGP SIGNATURE-----
 
453
Version: GnuPG v1.4.10 (GNU/Linux)
 
454
 
 
455
iJwEAQECAAYFAk42esUACgkQHOJve0+NFRPc5wP7BoZkzBU8JaHMLv/LmqLr0sUz
 
456
zuE51ofZZ19L7KVtQWsOi4jFy0fi4A5TFwO8u9SOfoREGvkw292Uty9subSouK5/
 
457
mFmDOYPQ+O83zWgYZsBmMJWYDZ+X9I6XXZSbPtV/7XyTjaxtl5uRnDVJjg+AzKvD
 
458
dTp8VatVVrwuvzOPDVc=
 
459
=uHen
 
460
-----END PGP SIGNATURE-----
 
461
"""
 
462
        plain = """bazaar-ng testament short form 1
 
463
revision-id: test@example.com-20110801100657-f1dr1nompeex723z
 
464
sha1: 59ab434be4c2d5d646dee84f514aa09e1b72feeb
 
465
"""
 
466
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
467
        self.assertEqual((gpg.SIGNATURE_EXPIRED, u'4F8D1513'),
 
468
                            my_gpg.verify(content, plain))
 
469
 
 
470
    def test_verify_unknown_key(self):
 
471
        self.requireFeature(features.gpgme)
 
472
        self.import_keys()
 
473
        content = """-----BEGIN PGP SIGNED MESSAGE-----
 
474
Hash: SHA1
 
475
 
 
476
asdf
 
477
-----BEGIN PGP SIGNATURE-----
 
478
Version: GnuPG v1.4.11 (GNU/Linux)
 
479
 
 
480
iQEcBAEBAgAGBQJOORKwAAoJENf6AkFdUeVvJDYH/1Cz+AJn1Jvy5n64o+0fZ5Ow
 
481
Y7UQb4QQTIOV7jI7n4hv/yBzuHrtImFzYvQl/o2Ezzi8B8L5gZtQy+xCUF+Q8iWs
 
482
gytZ5JUtSze7hDZo1NUl4etjoRGYqRfrUcvE2LkVH2dFbDGyyQfVmoeSHa5akuuP
 
483
QZmyg2F983rACVIpGvsqTH6RcBdvE9vx68lugeKQA8ArDn39/74FBFipFzrXSPij
 
484
eKFpl+yZmIb3g6HkPIC8o4j/tMvc37xF1OG5sBu8FT0+FC+VgY7vAblneDftAbyP
 
485
sIODx4WcfJtjLG/qkRYqJ4gDHo0eMpTJSk2CWebajdm4b+JBrM1F9mgKuZFLruE=
 
486
=RNR5
 
487
-----END PGP SIGNATURE-----
 
488
"""
 
489
        plain = "asdf\n"
 
490
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
491
        self.assertEqual((gpg.SIGNATURE_KEY_MISSING, u'5D51E56F'),
 
492
                            my_gpg.verify(content, plain))
 
493
 
 
494
    def test_set_acceptable_keys(self):
 
495
        self.requireFeature(features.gpgme)
 
496
        self.import_keys()
 
497
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
498
        my_gpg.set_acceptable_keys("bazaar@example.com")
 
499
        self.assertEqual(my_gpg.acceptable_keys,
 
500
                         [u'B5DEED5FCB15DAE6ECEF919587681B1EE3080E45'])
 
501
 
 
502
    def test_set_acceptable_keys_from_config(self):
 
503
        self.requireFeature(features.gpgme)
 
504
        self.import_keys()
 
505
        my_gpg = gpg.GPGStrategy(FakeConfig(
 
506
                'acceptable_keys=bazaar@example.com'))
 
507
        my_gpg.set_acceptable_keys(None)
 
508
        self.assertEqual(my_gpg.acceptable_keys,
 
509
                         [u'B5DEED5FCB15DAE6ECEF919587681B1EE3080E45'])
 
510
 
 
511
    def test_set_acceptable_keys_unknown(self):
 
512
        self.requireFeature(features.gpgme)
 
513
        my_gpg = gpg.GPGStrategy(FakeConfig())
 
514
        self.notes = []
 
515
        def note(*args):
 
516
            self.notes.append(args[0] % args[1:])
 
517
        self.overrideAttr(trace, 'note', note)
 
518
        my_gpg.set_acceptable_keys("unknown")
 
519
        self.assertEqual(my_gpg.acceptable_keys, [])
 
520
        self.assertEqual(self.notes,
 
521
            ['No GnuPG key results for pattern: unknown'])
 
522
 
 
523
 
89
524
class TestDisabled(TestCase):
90
525
 
91
526
    def test_sign(self):
92
527
        self.assertRaises(errors.SigningFailed,
93
528
                          gpg.DisabledGPGStrategy(None).sign, 'content')
 
529
 
 
530
    def test_verify(self):
 
531
        self.assertRaises(errors.SignatureVerificationFailed,
 
532
                          gpg.DisabledGPGStrategy(None).verify, 'content',
 
533
                          'testament')