aboutsummaryrefslogtreecommitdiff
path: root/src/mailman_pgp/rules/tests/test_signature.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/mailman_pgp/rules/tests/test_signature.py')
-rw-r--r--src/mailman_pgp/rules/tests/test_signature.py31
1 files changed, 31 insertions, 0 deletions
diff --git a/src/mailman_pgp/rules/tests/test_signature.py b/src/mailman_pgp/rules/tests/test_signature.py
index 72f2c70..ec49a18 100644
--- a/src/mailman_pgp/rules/tests/test_signature.py
+++ b/src/mailman_pgp/rules/tests/test_signature.py
@@ -37,6 +37,7 @@ from mailman_pgp.database import mm_transaction, transaction
from mailman_pgp.model.address import PGPAddress
from mailman_pgp.model.list import PGPMailingList
from mailman_pgp.model.sighash import PGPSigHash
+from mailman_pgp.pgp.inline import InlineWrapper
from mailman_pgp.pgp.mime import MIMEWrapper
from mailman_pgp.pgp.wrapper import PGPWrapper
from mailman_pgp.rules.signature import Signature
@@ -181,6 +182,36 @@ To: test@example.com
self.assertTrue(matches)
self.assertAction(msgdata, Action.hold, ['Signature is expired.'])
+ msgdata = {}
+ wrapped = InlineWrapper(self.msg_clear)
+ msg = wrapped.sign(self.sender_key, expires=timedelta(seconds=1))
+ time.sleep(2)
+ matches = self.rule.check(self.mlist, msg, msgdata)
+
+ self.assertTrue(matches)
+ self.assertAction(msgdata, Action.hold, ['Signature is expired.'])
+
+ def test_revoked_sig_action(self):
+ with transaction():
+ self.pgp_list.unsigned_msg_action = Action.defer
+ self.pgp_list.inline_pgp_action = Action.defer
+ self.pgp_list.expired_sig_action = Action.defer
+ self.pgp_list.revoked_sig_action = Action.hold
+ self.pgp_list.invalid_sig_action = Action.defer
+ self.pgp_list.duplicate_sig_action = Action.defer
+
+ rsig = self.sender_key.revoke(self.pgp_sender.key)
+ self.pgp_sender.key |= rsig
+
+ msgdata = {}
+ wrapped = MIMEWrapper(self.msg_clear)
+ msg = wrapped.sign(self.sender_key)
+ matches = self.rule.check(self.mlist, msg, msgdata)
+
+ self.assertTrue(matches)
+ self.assertAction(msgdata, Action.hold,
+ ['Signature is made by a revoked key.'])
+
def test_invalid_sig_action(self):
with transaction():
self.pgp_list.unsigned_msg_action = Action.defer
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-08 09:51:05 +0000