/breezy/trunk

To get this branch, use:
bzr branch https://code.breezy-vcs.org/breezy/trunk

« back to all changes in this revision

Viewing changes to breezy/tests/test_gpg.py

  • Committer: Jelmer Vernooij
  • Date: 2017-07-23 22:06:41 UTC
  • mfrom: (6738 trunk)
  • mto: This revision was merged to the branch mainline in revision 6739.
  • Revision ID: jelmer@jelmer.uk-20170723220641-69eczax9bmv8d6kk
Merge trunk, address review comments.

Show diffs side-by-side

added added

removed removed

Lines of Context:
43
43
        if content is None:
44
44
            content = '''
45
45
gpg_signing_key=amy@example.com
46
 
gpg_signing_command=false'''
 
46
'''
47
47
        super(FakeConfig, self).__init__(content)
48
48
 
49
49
 
50
 
class TestCommandLine(tests.TestCase):
51
 
 
52
 
    def setUp(self):
53
 
        super(TestCommandLine, self).setUp()
54
 
        self.my_gpg = gpg.GPGStrategy(FakeConfig())
55
 
 
56
 
    def test_signing_command_line(self):
57
 
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
58
 
                         self.my_gpg._command_line())
59
 
 
60
 
    def test_signing_command_line_from_default(self):
61
 
        # Using 'default' for gpg_signing_key will use the mail part of 'email'
62
 
        my_gpg = gpg.GPGStrategy(FakeConfig('''
63
 
email=Amy <amy@example.com>
64
 
gpg_signing_key=default
65
 
gpg_signing_command=false'''))
66
 
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
67
 
                         my_gpg._command_line())
68
 
 
69
 
    def test_signing_command_line_from_email(self):
70
 
        # Not setting gpg_signing_key will use the mail part of 'email'
71
 
        my_gpg = gpg.GPGStrategy(FakeConfig('''
72
 
email=Amy <amy@example.com>
73
 
gpg_signing_command=false'''))
74
 
        self.assertEqual(['false',  '--clearsign', '-u', 'amy@example.com'],
75
 
                         my_gpg._command_line())
76
 
 
77
 
    def test_checks_return_code(self):
78
 
        # This test needs a unix like platform - one with 'false' to run.
79
 
        # if you have one, please make this work :)
80
 
        self.assertRaises(errors.SigningFailed, self.my_gpg.sign, 'content')
81
 
 
82
 
    def assertProduces(self, content):
83
 
        # This needs a 'cat' command or similar to work.
84
 
        if sys.platform == 'win32':
85
 
            # Windows doesn't come with cat, and we don't require it
86
 
            # so lets try using python instead.
87
 
            # But stupid windows and line-ending conversions.
88
 
            # It is too much work to make sys.stdout be in binary mode.
89
 
            # http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/65443
90
 
            self.my_gpg._command_line = lambda:[sys.executable, '-c',
91
 
                    'import sys; sys.stdout.write(sys.stdin.read())']
92
 
            new_content = content.replace('\n', '\r\n')
93
 
 
94
 
            self.assertEqual(new_content, self.my_gpg.sign(content))
95
 
        else:
96
 
            self.my_gpg._command_line = lambda:['cat', '-']
97
 
            self.assertEqual(content, self.my_gpg.sign(content))
98
 
 
99
 
    def test_returns_output(self):
100
 
        content = "some content\nwith newlines\n"
101
 
        self.assertProduces(content)
102
 
 
103
 
    def test_clears_progress(self):
104
 
        content = "some content\nwith newlines\n"
105
 
        old_clear_term = ui.ui_factory.clear_term
106
 
        clear_term_called = []
107
 
        def clear_term():
108
 
            old_clear_term()
109
 
            clear_term_called.append(True)
110
 
        ui.ui_factory.clear_term = clear_term
111
 
        try:
112
 
            self.assertProduces(content)
113
 
        finally:
114
 
            ui.ui_factory.clear_term = old_clear_term
115
 
        self.assertEqual([True], clear_term_called)
116
 
 
117
 
    def test_aborts_on_unicode(self):
118
 
        """You can't sign Unicode text; it must be encoded first."""
119
 
        self.assertRaises(errors.BzrBadParameterUnicode,
120
 
                          self.assertProduces, u'foo')
121
 
 
122
 
 
123
50
class TestVerify(TestCase):
124
51
 
125
52
    def import_keys(self):
126
 
        import gpgme
127
 
        context = gpgme.Context()
 
53
        import gpg
 
54
        context = gpg.Context()
128
55
 
129
 
        key = BytesIO(b"""-----BEGIN PGP PUBLIC KEY BLOCK-----
 
56
        key = gpg.Data(b"""-----BEGIN PGP PUBLIC KEY BLOCK-----
130
57
Version: GnuPG v1.4.11 (GNU/Linux)
131
58
 
132
59
mQENBE343IgBCADwzPW7kmKb2bjB+UU+1ER/ABMZspvtoZMPusUw7bk6coXHF/0W
158
85
-----END PGP PUBLIC KEY BLOCK-----
159
86
""")
160
87
 
161
 
        secret_key = BytesIO(b"""-----BEGIN PGP PRIVATE KEY BLOCK-----
 
88
        secret_key = gpg.Data(b"""-----BEGIN PGP PRIVATE KEY BLOCK-----
162
89
Version: GnuPG v1.4.11 (GNU/Linux)
163
90
 
164
91
lQOYBE343IgBCADwzPW7kmKb2bjB+UU+1ER/ABMZspvtoZMPusUw7bk6coXHF/0W
217
144
-----END PGP PRIVATE KEY BLOCK-----
218
145
""")
219
146
 
220
 
        revoked_key = BytesIO(b"""-----BEGIN PGP PUBLIC KEY BLOCK-----
 
147
        revoked_key = gpg.Data(b"""-----BEGIN PGP PUBLIC KEY BLOCK-----
221
148
Version: GnuPG v1.4.11 (GNU/Linux)
222
149
 
223
150
mI0ETjlW5gEEAOb/6P+TVM59E897wRtatxys2BhsHCXM4T7xjIiANfDwejDdifqh
242
169
-----END PGP PUBLIC KEY BLOCK-----
243
170
""")
244
171
 
245
 
        expired_key = BytesIO(b"""-----BEGIN PGP PUBLIC KEY BLOCK-----
 
172
        expired_key = gpg.Data(b"""-----BEGIN PGP PUBLIC KEY BLOCK-----
246
173
Version: GnuPG v1.4.11 (GNU/Linux)
247
174
 
248
175
mI0ETjZ6PAEEALkR4GcFQidCCxV7pgQwQd5MZua0YO2l92fVqHX+PhnZ6egCLKdD
263
190
=p0gt
264
191
-----END PGP PUBLIC KEY BLOCK-----
265
192
""")
266
 
        context.import_(key)
267
 
        context.import_(secret_key)
268
 
        context.import_(revoked_key)
269
 
        context.import_(expired_key)
 
193
        context.op_import(key)
 
194
        context.op_import(secret_key)
 
195
        context.op_import(revoked_key)
 
196
        context.op_import(expired_key)
270
197
 
271
198
    def test_verify_untrusted_but_accepted(self):
272
199
        #untrusted by gpg but listed as acceptable_keys by user
273
 
        self.requireFeature(features.gpgme)
 
200
        self.requireFeature(features.gpg)
274
201
        self.import_keys()
275
202
 
276
203
        content = """-----BEGIN PGP SIGNED MESSAGE-----
301
228
                            plain))
302
229
 
303
230
    def test_verify_unacceptable_key(self):
304
 
        self.requireFeature(features.gpgme)
 
231
        self.requireFeature(features.gpg)
305
232
        self.import_keys()
306
233
 
307
234
        content = """-----BEGIN PGP SIGNED MESSAGE-----
332
259
                         my_gpg.verify(content, plain))
333
260
 
334
261
    def test_verify_valid_but_untrusted(self):
335
 
        self.requireFeature(features.gpgme)
 
262
        self.requireFeature(features.gpg)
336
263
        self.import_keys()
337
264
 
338
265
        content = """-----BEGIN PGP SIGNED MESSAGE-----
362
289
                            plain))
363
290
 
364
291
    def test_verify_bad_testament(self):
365
 
        self.requireFeature(features.gpgme)
 
292
        self.requireFeature(features.gpg)
366
293
        self.import_keys()
367
294
 
368
295
        content = """-----BEGIN PGP SIGNED MESSAGE-----
394
321
 
395
322
 
396
323
    def test_verify_revoked_signature(self):
397
 
        self.requireFeature(features.gpgme)
 
324
        self.requireFeature(features.gpg)
398
325
        self.import_keys()
399
326
 
400
327
        content = """-----BEGIN PGP SIGNED MESSAGE-----
418
345
                            plain))
419
346
 
420
347
    def test_verify_invalid(self):
421
 
        self.requireFeature(features.gpgme)
 
348
        self.requireFeature(features.gpg)
422
349
        self.import_keys()
423
350
        content = """-----BEGIN PGP SIGNED MESSAGE-----
424
351
Hash: SHA1
443
370
                            my_gpg.verify(content, plain))
444
371
 
445
372
    def test_verify_expired_but_valid(self):
446
 
        self.requireFeature(features.gpgme)
 
373
        self.requireFeature(features.gpg)
447
374
        self.import_keys()
448
375
        content = """-----BEGIN PGP SIGNED MESSAGE-----
449
376
Hash: SHA1
470
397
                            my_gpg.verify(content, plain))
471
398
 
472
399
    def test_verify_unknown_key(self):
473
 
        self.requireFeature(features.gpgme)
 
400
        self.requireFeature(features.gpg)
474
401
        self.import_keys()
475
402
        content = """-----BEGIN PGP SIGNED MESSAGE-----
476
403
Hash: SHA1
494
421
                            my_gpg.verify(content, plain))
495
422
 
496
423
    def test_set_acceptable_keys(self):
497
 
        self.requireFeature(features.gpgme)
 
424
        self.requireFeature(features.gpg)
498
425
        self.import_keys()
499
426
        my_gpg = gpg.GPGStrategy(FakeConfig())
500
427
        my_gpg.set_acceptable_keys("bazaar@example.com")
502
429
                         [u'B5DEED5FCB15DAE6ECEF919587681B1EE3080E45'])
503
430
 
504
431
    def test_set_acceptable_keys_from_config(self):
505
 
        self.requireFeature(features.gpgme)
 
432
        self.requireFeature(features.gpg)
506
433
        self.import_keys()
507
434
        my_gpg = gpg.GPGStrategy(FakeConfig(
508
435
                'acceptable_keys=bazaar@example.com'))
511
438
                         [u'B5DEED5FCB15DAE6ECEF919587681B1EE3080E45'])
512
439
 
513
440
    def test_set_acceptable_keys_unknown(self):
514
 
        self.requireFeature(features.gpgme)
 
441
        self.requireFeature(features.gpg)
515
442
        my_gpg = gpg.GPGStrategy(FakeConfig())
516
443
        self.notes = []
517
444
        def note(*args):
526
453
class TestDisabled(TestCase):
527
454
 
528
455
    def test_sign(self):
529
 
        self.assertRaises(errors.SigningFailed,
 
456
        self.assertRaises(gpg.SigningFailed,
530
457
                          gpg.DisabledGPGStrategy(None).sign, 'content')
531
458
 
532
459
    def test_verify(self):
533
 
        self.assertRaises(errors.SignatureVerificationFailed,
 
460
        self.assertRaises(gpg.SignatureVerificationFailed,
534
461
                          gpg.DisabledGPGStrategy(None).verify, 'content',
535
462
                          'testament')