1 files changed, 86 insertions, 0 deletions

diff --git a/src/mailman_pgp/utils/tests/test_pgp.py b/src/mailman_pgp/utils/tests/test_pgp.py
new file mode 100644
index 0000000..493a0ca
--- /dev/null
+++ b/src/mailman_pgp/utils/tests/test_pgp.py
@@ -0,0 +1,86 @@
+# Copyright (C) 2017 Jan Jancar
+#
+# This file is a part of the Mailman PGP plugin.
+#
+# This program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free
+# Software Foundation, either version 3 of the License, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+# more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this program.  If not, see <http://www.gnu.org/licenses/>.
+
+""""""
+import datetime
+import time
+from unittest import TestCase
+
+from parameterized import parameterized
+from pgpy import PGPKey, PGPUID
+from pgpy.constants import (PubKeyAlgorithm, EllipticCurveOID, KeyFlags,
+                            HashAlgorithm, SymmetricKeyAlgorithm,
+                            CompressionAlgorithm)
+
+from mailman_pgp.testing.layers import PGPLayer
+from mailman_pgp.testing.pgp import load_key, load_blob
+from mailman_pgp.utils.pgp import revoc_from_blob, key_usable
+
+
+class TestPGPUtils(TestCase):
+    layer = PGPLayer
+
+    @parameterized.expand([
+        (load_blob('revocs', 'rsa_1024.revoc.asc'),
+         load_key('rsa_1024.pub.asc')),
+        (load_blob('revocs', 'ecc_secp256k1.revoc.asc'),
+         load_key('ecc_secp256k1.pub.asc')),
+        (load_blob('revocs', 'ecc_p256.revoc.asc'),
+         load_key('ecc_p256.pub.asc'))
+    ])
+    def test_revoc_from_blob_valid(self, blob, key):
+        revoc = revoc_from_blob(blob)
+        verifies = key.verify(key, revoc)
+        self.assertTrue(bool(verifies))
+
+    @parameterized.expand([
+        ('Not an ASCII-Armored blob',),
+        (load_blob('keys', 'rsa_1024.pub.asc'),),
+    ])
+    def test_revoc_from_blob_invalid(self, blob):
+        self.assertRaises(ValueError, revoc_from_blob, blob)
+
+    def test_key_usable_expired(self):
+        key = PGPKey.new(PubKeyAlgorithm.ECDSA, EllipticCurveOID.SECP256K1)
+        uid = PGPUID.new('Some Name', email='anne@example.org')
+        key.add_uid(uid, key_expiration=datetime.timedelta(seconds=1),
+                    usage={KeyFlags.Certify,
+                           KeyFlags.Authentication,
+                           KeyFlags.Sign},
+                    hashes=[HashAlgorithm.SHA256,
+                            HashAlgorithm.SHA512],
+                    ciphers=[SymmetricKeyAlgorithm.AES256],
+                    compression=[CompressionAlgorithm.ZLIB])
+
+        time.sleep(2)
+
+        self.assertFalse(key_usable(key, set()))
+
+    def test_key_usable_revoked(self):
+        key = load_key('ecc_p256.priv.asc')
+        rsig = key.revoke(key)
+        key |= rsig
+
+        self.assertFalse(key_usable(key, set()))
+
+    def test_key_usable_subkey_revoked(self):
+        key = load_key('ecc_p256.priv.asc')
+        sub = next(iter(key.subkeys.values()))
+        rsig = key.revoke(sub)
+        sub |= rsig
+
+        self.assertFalse(key_usable(key, {KeyFlags.EncryptCommunications}))