diff options
Diffstat (limited to 'src/mailman_pgp/utils/tests')
| -rw-r--r-- | src/mailman_pgp/utils/tests/__init__.py | 0 | ||||
| -rw-r--r-- | src/mailman_pgp/utils/tests/test_pgp.py | 86 |
2 files changed, 86 insertions, 0 deletions
diff --git a/src/mailman_pgp/utils/tests/__init__.py b/src/mailman_pgp/utils/tests/__init__.py new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/src/mailman_pgp/utils/tests/__init__.py diff --git a/src/mailman_pgp/utils/tests/test_pgp.py b/src/mailman_pgp/utils/tests/test_pgp.py new file mode 100644 index 0000000..b6433d4 --- /dev/null +++ b/src/mailman_pgp/utils/tests/test_pgp.py @@ -0,0 +1,86 @@ +# Copyright (C) 2017 Jan Jancar +# +# This file is a part of the Mailman PGP plugin. +# +# This program is free software; you can redistribute it and/or modify it under +# the terms of the GNU General Public License as published by the Free +# Software Foundation, either version 3 of the License, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for +# more details. +# +# You should have received a copy of the GNU General Public License along with +# this program. If not, see <http://www.gnu.org/licenses/>. + +"""""" +import datetime +import time +from unittest import TestCase + +from parameterized import parameterized +from pgpy import PGPKey, PGPUID +from pgpy.constants import ( + CompressionAlgorithm, EllipticCurveOID, HashAlgorithm, KeyFlags, + PubKeyAlgorithm, SymmetricKeyAlgorithm) + +from mailman_pgp.testing.layers import PGPLayer +from mailman_pgp.testing.pgp import load_blob, load_key +from mailman_pgp.utils.pgp import key_usable, revoc_from_blob + + +class TestPGPUtils(TestCase): + layer = PGPLayer + + @parameterized.expand([ + (load_blob('revocs', 'rsa_1024.revoc.asc'), + load_key('rsa_1024.pub.asc')), + (load_blob('revocs', 'ecc_secp256k1.revoc.asc'), + load_key('ecc_secp256k1.pub.asc')), + (load_blob('revocs', 'ecc_p256.revoc.asc'), + load_key('ecc_p256.pub.asc')) + ]) + def test_revoc_from_blob_valid(self, blob, key): + revoc = revoc_from_blob(blob) + verifies = key.verify(key, revoc) + self.assertTrue(bool(verifies)) + + @parameterized.expand([ + ('Not an ASCII-Armored blob',), + (load_blob('keys', 'rsa_1024.pub.asc'),), + ]) + def test_revoc_from_blob_invalid(self, blob): + self.assertRaises(ValueError, revoc_from_blob, blob) + + def test_key_usable_expired(self): + key = PGPKey.new(PubKeyAlgorithm.ECDSA, EllipticCurveOID.SECP256K1) + uid = PGPUID.new('Some Name', email='anne@example.org') + key.add_uid(uid, key_expiration=datetime.timedelta(seconds=1), + usage={KeyFlags.Certify, + KeyFlags.Authentication, + KeyFlags.Sign}, + hashes=[HashAlgorithm.SHA256, + HashAlgorithm.SHA512], + ciphers=[SymmetricKeyAlgorithm.AES256], + compression=[CompressionAlgorithm.ZLIB]) + + time.sleep(2) + + self.assertFalse(key_usable(key, set())) + + def test_key_usable_revoked(self): + key = load_key('ecc_p256.priv.asc') + rsig = key.revoke(key) + key |= rsig + + self.assertFalse(key_usable(key, set())) + + def test_key_usable_subkey_revoked(self): + key = load_key('ecc_p256.priv.asc') + sub = next(iter(key.subkeys.values())) + rsig = key.revoke(sub) + sub |= rsig + + self.assertFalse(key_usable(key, {KeyFlags.EncryptCommunications})) |