source-git / gpgme

Clone
Source Code
GIT

Blame lang/python/tests/t-quick-key-creation.py

c8 c8s master
  1.   30b792887db4655d916439b9b06ad287367ed52c
  2.   lang
  3.   python
  4.   tests
  5.   t-quick-key-creation.py
Blob History Raw
Packit d7e8d0 
#!/usr/bin/env python
Packit d7e8d0
Packit d7e8d0 
# Copyright (C) 2017 g10 Code GmbH
Packit d7e8d0 
#
Packit d7e8d0 
# This file is part of GPGME.
Packit d7e8d0 
#
Packit d7e8d0 
# GPGME is free software; you can redistribute it and/or modify it
Packit d7e8d0 
# under the terms of the GNU General Public License as published by
Packit d7e8d0 
# the Free Software Foundation; either version 2 of the License, or
Packit d7e8d0 
# (at your option) any later version.
Packit d7e8d0 
#
Packit d7e8d0 
# GPGME is distributed in the hope that it will be useful, but WITHOUT
Packit d7e8d0 
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
Packit d7e8d0 
# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General
Packit d7e8d0 
# Public License for more details.
Packit d7e8d0 
#
Packit d7e8d0 
# You should have received a copy of the GNU Lesser General Public
Packit Service 30b792 
# License along with this program; if not, see <https://www.gnu.org/licenses/>.
Packit d7e8d0
Packit d7e8d0 
from __future__ import absolute_import, print_function, unicode_literals
Packit d7e8d0
Packit d7e8d0 
import gpg
Packit d7e8d0 
import itertools
Packit d7e8d0 
import time
Packit d7e8d0
Packit d7e8d0 
import support
Packit d7e8d0 
support.assert_gpg_version((2, 1, 2))
Packit d7e8d0
Packit Service 30b792 
del absolute_import, print_function, unicode_literals
Packit Service 30b792
Packit d7e8d0 
alpha = "Alpha <alpha@invalid.example.net>"
Packit d7e8d0
Packit d7e8d0 
with support.EphemeralContext() as ctx:
Packit d7e8d0 
    res = ctx.create_key(alpha)
Packit d7e8d0
Packit d7e8d0 
    keys = list(ctx.keylist())
Packit d7e8d0 
    assert len(keys) == 1, "Weird number of keys created"
Packit d7e8d0
Packit d7e8d0 
    key = keys[0]
Packit d7e8d0 
    assert key.fpr == res.fpr
Packit d7e8d0 
    assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
Packit d7e8d0 
    assert key.subkeys[0].expires > 0, "Expected primary key to expire"
Packit d7e8d0
Packit d7e8d0 
    # Try to create a key with the same UID
Packit d7e8d0 
    try:
Packit d7e8d0 
        ctx.create_key(alpha)
Packit d7e8d0 
        assert False, "Expected an error but got none"
Packit d7e8d0 
    except gpg.errors.GpgError as e:
Packit d7e8d0 
        pass
Packit d7e8d0
Packit d7e8d0 
    # Try to create a key with the same UID, now with force!
Packit d7e8d0 
    res2 = ctx.create_key(alpha, force=True)
Packit d7e8d0 
    assert res.fpr != res2.fpr
Packit d7e8d0
Packit d7e8d0 
# From here on, we use one context, and create unique UIDs
Packit d7e8d0 
uid_counter = 0
Packit Service 30b792
Packit Service 30b792
Packit d7e8d0 
def make_uid():
Packit d7e8d0 
    global uid_counter
Packit d7e8d0 
    uid_counter += 1
Packit d7e8d0 
    return "user{0}@invalid.example.org".format(uid_counter)
Packit d7e8d0
Packit Service 30b792
Packit d7e8d0 
with support.EphemeralContext() as ctx:
Packit d7e8d0 
    # Check gpg.constants.create.NOEXPIRE...
Packit d7e8d0 
    res = ctx.create_key(make_uid(), expires=False)
Packit d7e8d0 
    key = ctx.get_key(res.fpr, secret=True)
Packit d7e8d0 
    assert key.fpr == res.fpr
Packit d7e8d0 
    assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
Packit d7e8d0 
    assert key.subkeys[0].expires == 0, "Expected primary key not to expire"
Packit d7e8d0
Packit d7e8d0 
    t = 2 * 24 * 60 * 60
Packit d7e8d0 
    slack = 5 * 60
Packit d7e8d0 
    res = ctx.create_key(make_uid(), expires_in=t)
Packit d7e8d0 
    key = ctx.get_key(res.fpr, secret=True)
Packit d7e8d0 
    assert key.fpr == res.fpr
Packit d7e8d0 
    assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
Packit d7e8d0 
    assert abs(time.time() + t - key.subkeys[0].expires) < slack, \
Packit d7e8d0 
        "Primary keys expiration time is off"
Packit d7e8d0
Packit d7e8d0 
    # Check capabilities
Packit Service 30b792 
    for sign, encrypt, certify, authenticate \
Packit Service 30b792 
            in itertools.product([False, True],
Packit Service 30b792 
                                 [False, True],
Packit Service 30b792 
                                 [False, True],
Packit Service 30b792 
                                 [False, True]):
Packit d7e8d0 
        # Filter some out
Packit d7e8d0 
        if not (sign or encrypt or certify or authenticate):
Packit d7e8d0 
            # This triggers the default capabilities tested before.
Packit d7e8d0 
            continue
Packit d7e8d0 
        if (sign or encrypt or authenticate) and not certify:
Packit d7e8d0 
            # The primary key always certifies.
Packit d7e8d0 
            continue
Packit d7e8d0
Packit Service 30b792 
        res = ctx.create_key(
Packit Service 30b792 
            make_uid(),
Packit Service 30b792 
            algorithm="rsa",
Packit Service 30b792 
            sign=sign,
Packit Service 30b792 
            encrypt=encrypt,
Packit Service 30b792 
            certify=certify,
Packit Service 30b792 
            authenticate=authenticate)
Packit d7e8d0 
        key = ctx.get_key(res.fpr, secret=True)
Packit d7e8d0 
        assert key.fpr == res.fpr
Packit d7e8d0 
        assert len(key.subkeys) == 1, \
Packit d7e8d0 
            "Expected no subkey for non-default capabilities"
Packit d7e8d0
Packit d7e8d0 
        p = key.subkeys[0]
Packit d7e8d0 
        assert sign == p.can_sign
Packit d7e8d0 
        assert encrypt == p.can_encrypt
Packit d7e8d0 
        assert certify == p.can_certify
Packit d7e8d0 
        assert authenticate == p.can_authenticate
Packit d7e8d0
Packit d7e8d0 
    # Check algorithm
Packit d7e8d0 
    res = ctx.create_key(make_uid(), algorithm="rsa")
Packit d7e8d0 
    key = ctx.get_key(res.fpr, secret=True)
Packit d7e8d0 
    assert key.fpr == res.fpr
Packit d7e8d0 
    for k in key.subkeys:
Packit d7e8d0 
        assert k.pubkey_algo == 1
Packit d7e8d0
Packit d7e8d0 
    # Check algorithm with size
Packit d7e8d0 
    res = ctx.create_key(make_uid(), algorithm="rsa1024")
Packit d7e8d0 
    key = ctx.get_key(res.fpr, secret=True)
Packit d7e8d0 
    assert key.fpr == res.fpr
Packit d7e8d0 
    for k in key.subkeys:
Packit d7e8d0 
        assert k.pubkey_algo == 1
Packit d7e8d0 
        assert k.length == 1024
Packit d7e8d0
Packit d7e8d0 
    # Check algorithm future-default
Packit d7e8d0 
    ctx.create_key(make_uid(), algorithm="future-default")
Packit d7e8d0
Packit d7e8d0 
    # Check passphrase protection
Packit d7e8d0 
    recipient = make_uid()
Packit d7e8d0 
    passphrase = "streng geheim"
Packit d7e8d0 
    res = ctx.create_key(recipient, passphrase=passphrase)
Packit Service 30b792 
    ciphertext, _, _ = ctx.encrypt(
Packit Service 30b792 
        b"hello there", recipients=[ctx.get_key(res.fpr)])
Packit d7e8d0
Packit d7e8d0 
    cb_called = False
Packit Service 30b792
Packit d7e8d0 
    def cb(*args):
Packit d7e8d0 
        global cb_called
Packit d7e8d0 
        cb_called = True
Packit d7e8d0 
        return passphrase
Packit Service 30b792
Packit d7e8d0 
    ctx.pinentry_mode = gpg.constants.PINENTRY_MODE_LOOPBACK
Packit d7e8d0 
    ctx.set_passphrase_cb(cb)
Packit d7e8d0
Packit d7e8d0 
    plaintext, _, _ = ctx.decrypt(ciphertext)
Packit d7e8d0 
    assert plaintext == b"hello there"
Packit d7e8d0 
    assert cb_called

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation