diff options
| author | J08nY | 2017-08-10 14:31:24 +0200 |
|---|---|---|
| committer | J08nY | 2017-08-10 14:31:24 +0200 |
| commit | 7f94d466390a16d3f40ad6f4204248cc927d2a97 (patch) | |
| tree | c23c6fbeb30d72561c17cef70d44c600af5f46f3 /src/mailman_pgp/commands | |
| parent | 590d9f8a59d5b3d231955f7781400a97cfd4c8c8 (diff) | |
| download | mailman-pgp-7f94d466390a16d3f40ad6f4204248cc927d2a97.tar.gz mailman-pgp-7f94d466390a16d3f40ad6f4204248cc927d2a97.tar.zst mailman-pgp-7f94d466390a16d3f40ad6f4204248cc927d2a97.zip | |
Diffstat (limited to 'src/mailman_pgp/commands')
| -rw-r--r-- | src/mailman_pgp/commands/eml_key.py | 11 | ||||
| -rw-r--r-- | src/mailman_pgp/commands/tests/test_key.py | 162 |
2 files changed, 105 insertions, 68 deletions
diff --git a/src/mailman_pgp/commands/eml_key.py b/src/mailman_pgp/commands/eml_key.py index a298ea7..29fa99c 100644 --- a/src/mailman_pgp/commands/eml_key.py +++ b/src/mailman_pgp/commands/eml_key.py @@ -347,6 +347,8 @@ def _cmd_revoke(pgp_list, mlist, msg, msgdata, arguments, results): with transaction(): pgp_address.key = key_copy print('Key succesfully updated.', file=results) + else: + print('Nothing to do.', file=results) return ContinueProcessing.yes @@ -432,9 +434,12 @@ def _cmd_sign(pgp_list, mlist, msg, msgdata, arguments, results): continue # sig is a new signature, not currenctly on uid, ans seems to # be made by the pgp_address.key - verification = pgp_address.key.verify(uid, sig) - if bool(verification): - uid_sigs.setdefault(uid, []).append(sig) + try: + verification = pgp_address.key.verify(uid, sig) + if bool(verification): + uid_sigs.setdefault(uid, []).append(sig) + except PGPError: + pass if len(uid_sigs) == 0: print('No new certifications found.', file=results) diff --git a/src/mailman_pgp/commands/tests/test_key.py b/src/mailman_pgp/commands/tests/test_key.py index 5a6bb12..8dd6fcc 100644 --- a/src/mailman_pgp/commands/tests/test_key.py +++ b/src/mailman_pgp/commands/tests/test_key.py @@ -801,6 +801,103 @@ class TestAfterSubscription(unittest.TestCase): 'Need a key which can be used to encrypt communications.', results_msg.get_payload()) + def test_revoke_resets(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + with transaction() as t: + pgp_address = PGPAddress(bart) + pgp_address.key = self.bart_key.pubkey + pgp_address.key_confirmed = True + t.add(pgp_address) + + revoc = self.bart_key.revoke(self.bart_key) + + message = _create_mixed('bart@example.com', 'test@example.com', + 'key revoke') + wrapped_message = MIMEWrapper(message) + message = wrapped_message.attach_revocs(revoc) + + items = _run_message(message, 2) + if (items[0].msg['Subject'] == + 'The results of your email commands'): # pragma: no cover + results_msg = items[0].msg + else: + results_msg = items[1].msg + + self.assertIsNone(pgp_address.key) + self.assertFalse(pgp_address.key_confirmed) + + self.assertIn('Key needs to be reset.', results_msg.get_payload()) + + def test_revoke_updates(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + + test_key = PGPKey.new(PubKeyAlgorithm.RSAEncryptOrSign, 1024) + uid = PGPUID.new('Some Name', email='anne@example.org') + test_key.add_uid(uid, + usage={KeyFlags.Certify, + KeyFlags.EncryptCommunications, + KeyFlags.Sign}, + hashes=[HashAlgorithm.SHA256, + HashAlgorithm.SHA512], + ciphers=[SymmetricKeyAlgorithm.AES256], + compression=[CompressionAlgorithm.ZLIB]) + sub = PGPKey.new(PubKeyAlgorithm.ECDH, EllipticCurveOID.SECP256K1) + test_key.add_subkey(sub, usage={KeyFlags.EncryptCommunications}) + + with transaction() as t: + pgp_address = PGPAddress(bart) + pgp_address.key = test_key.pubkey + pgp_address.key_confirmed = True + t.add(pgp_address) + + revoc = test_key.revoke(sub.pubkey) + + message = _create_mixed('bart@example.com', 'test@example.com', + 'key revoke') + wrapped_message = MIMEWrapper(message) + message = wrapped_message.attach_revocs(revoc) + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('Key succesfully updated.', results_msg.get_payload()) + sub = next(iter(pgp_address.key.subkeys.values())) + revocs = list(sub.revocation_signatures) + self.assertEqual(len(revocs), 1) + self.assertEqual(revoc.hash2, revocs[0].hash2) + + def test_revoke_encrypted(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + with transaction() as t: + pgp_address = PGPAddress(bart) + pgp_address.key = self.bart_key.pubkey + pgp_address.key_confirmed = True + t.add(pgp_address) + + revoc = self.bart_key.revoke(self.bart_key) + + message = _create_mixed('bart@example.com', 'test@example.com', + 'key revoke') + wrapped_message = MIMEWrapper(message) + message = wrapped_message.attach_revocs(revoc) + wrapped_message = MIMEWrapper(message) + message = wrapped_message.encrypt(self.pgp_list.pubkey) + + items = _run_message(message, 2) + if (items[0].msg['Subject'] == + 'The results of your email commands'): # pragma: no cover + results_msg = items[0].msg + else: + results_msg = items[1].msg + + self.assertIsNone(pgp_address.key) + self.assertFalse(pgp_address.key_confirmed) + + self.assertIn('Key needs to be reset.', results_msg.get_payload()) + def test_revoke_extra_arg(self): message = _create_plain('bart@example.com', 'test@example.com', 'key revoke extra arguments', '') @@ -878,71 +975,6 @@ class TestAfterSubscription(unittest.TestCase): self.assertIn('No key revocations attached? Send a key revocation.', results_msg.get_payload()) - def test_revoke_resets(self): - bart = getUtility(IUserManager).create_address('bart@example.com', - 'Bart Person') - with transaction() as t: - pgp_address = PGPAddress(bart) - pgp_address.key = self.bart_key.pubkey - pgp_address.key_confirmed = True - t.add(pgp_address) - - revoc = self.bart_key.revoke(self.bart_key) - - message = _create_mixed('bart@example.com', 'test@example.com', - 'key revoke') - wrapped_message = MIMEWrapper(message) - message = wrapped_message.attach_revocs(revoc) - - items = _run_message(message, 2) - if (items[0].msg['Subject'] == - 'The results of your email commands'): # pragma: no cover - results_msg = items[0].msg - else: - results_msg = items[1].msg - # TODO: finish test - - self.assertIn('Key needs to be reset.', results_msg.get_payload()) - - def test_revoke_updates(self): - bart = getUtility(IUserManager).create_address('bart@example.com', - 'Bart Person') - - test_key = PGPKey.new(PubKeyAlgorithm.RSAEncryptOrSign, 1024) - uid = PGPUID.new('Some Name', email='anne@example.org') - test_key.add_uid(uid, - usage={KeyFlags.Certify, - KeyFlags.EncryptCommunications, - KeyFlags.Sign}, - hashes=[HashAlgorithm.SHA256, - HashAlgorithm.SHA512], - ciphers=[SymmetricKeyAlgorithm.AES256], - compression=[CompressionAlgorithm.ZLIB]) - sub = PGPKey.new(PubKeyAlgorithm.ECDH, EllipticCurveOID.SECP256K1) - test_key.add_subkey(sub, usage={KeyFlags.EncryptCommunications}) - - with transaction() as t: - pgp_address = PGPAddress(bart) - pgp_address.key = test_key.pubkey - pgp_address.key_confirmed = True - t.add(pgp_address) - - revoc = test_key.revoke(sub.pubkey) - - message = _create_mixed('bart@example.com', 'test@example.com', - 'key revoke') - wrapped_message = MIMEWrapper(message) - message = wrapped_message.attach_revocs(revoc) - - items = _run_message(message, 1) - results_msg = items[0].msg - - self.assertIn('Key succesfully updated.', results_msg.get_payload()) - sub = next(iter(pgp_address.key.subkeys.values())) - revocs = list(sub.revocation_signatures) - self.assertEqual(len(revocs), 1) - self.assertEqual(revoc.hash2, revocs[0].hash2) - def test_sign(self): bart = getUtility(IUserManager).create_address('bart@example.com', 'Bart Person') |