[tor-commits] [bridgedb/develop] Add integration tests for bridgedb.crypto.initializeGnuPG().
isis at torproject.org
isis at torproject.org
Tue Feb 24 07:03:14 UTC 2015
commit 9ed91fb1403b44dbf0f6b6e08e9a0173862c9c3c
Author: Isis Lovecruft <isis at torproject.org>
Date: Sun Feb 22 10:20:36 2015 +0000
Add integration tests for bridgedb.crypto.initializeGnuPG().
---
lib/bridgedb/test/test_crypto.py | 139 ++++++++++++++++++++++++++++++++++++++
1 file changed, 139 insertions(+)
diff --git a/lib/bridgedb/test/test_crypto.py b/lib/bridgedb/test/test_crypto.py
index 2187475..801a369 100644
--- a/lib/bridgedb/test/test_crypto.py
+++ b/lib/bridgedb/test/test_crypto.py
@@ -24,6 +24,7 @@ import shutil
import OpenSSL
+
from twisted.internet import defer
from twisted.trial import unittest
from twisted.test.proto_helpers import StringTransport
@@ -33,6 +34,7 @@ from bridgedb import crypto
from bridgedb import txrecaptcha
from bridgedb.persistent import Conf
from bridgedb.test.util import fileCheckDecorator
+from bridgedb.test.email_helpers import _createConfig
logging.disable(50)
@@ -87,6 +89,143 @@ class GetKeyTests(unittest.TestCase):
% (key.encode('hex'), SEKRIT_KEY.encode('hex')))
+class InitializeGnuPGTests(unittest.TestCase):
+ """Unittests for :func:`bridgedb.crypto.initializeGnupG`."""
+
+ def _moveGnuPGHomedir(self):
+ """Move the .gnupg/ directory from the top-level of this repo to the
+ current working directory.
+
+ :rtype: str
+ :returns: The full path to the new gnupg home directory.
+ """
+ here = os.getcwd()
+ topDir = here.rstrip('_trial_temp')
+ gnupghome = os.path.join(topDir, '.gnupg')
+ gnupghomeNew = os.path.join(here, '.gnupg')
+
+ if os.path.isdir(gnupghomeNew):
+ shutil.rmtree(gnupghomeNew)
+
+ shutil.copytree(gnupghome, gnupghomeNew)
+
+ return gnupghomeNew
+
+ def _writePassphraseToFile(self, passphrase, filename):
+ """Write **passphrase** to the file at **filename**.
+
+ :param str passphrase: The GnuPG passphase.
+ :param str filename: The file to write the passphrase to.
+ """
+ fh = open(filename, 'w')
+ fh.write(passphrase)
+ fh.flush()
+ fh.close()
+
+ def setUp(self):
+ """Create a config object and setup our gnupg home directory."""
+ self.config = _createConfig()
+ self.gnupghome = self._moveGnuPGHomedir()
+ self.config.EMAIL_GPG_HOMEDIR = self.gnupghome
+
+ self.passphraseFile = 'gpg-passphrase-file'
+ self._writePassphraseToFile('sekrit', self.passphraseFile)
+
+ def test_crypto_initializeGnuPG(self):
+ """crypto.initializeGnuPG() should return a 2-tuple with a gpg object
+ and a signing function.
+ """
+ gpg, signfunc = crypto.initializeGnuPG(self.config)
+ self.assertIsNotNone(gpg)
+ self.assertIsNotNone(signfunc)
+
+ def test_crypto_initializeGnuPG_disabled(self):
+ """When EMAIL_GPG_SIGNING_ENABLED=False, crypto.initializeGnuPG()
+ should return a 2-tuple of None.
+ """
+ self.config.EMAIL_GPG_SIGNING_ENABLED = False
+ gpg, signfunc = crypto.initializeGnuPG(self.config)
+
+ self.assertIsNone(gpg)
+ self.assertIsNone(signfunc)
+
+ def test_crypto_initializeGnuPG_no_secrets(self):
+ """When the secring.gpg is missing, crypto.initializeGnuPG() should
+ return a 2-tuple of None.
+ """
+ secring = os.path.join(self.gnupghome, 'secring.gpg')
+ if os.path.isfile(secring):
+ os.remove(secring)
+
+ gpg, signfunc = crypto.initializeGnuPG(self.config)
+ self.assertIsNone(gpg)
+ self.assertIsNone(signfunc)
+
+ def test_crypto_initializeGnuPG_no_publics(self):
+ """When the pubring.gpg is missing, crypto.initializeGnuPG() should
+ return a 2-tuple of None.
+ """
+ pubring = os.path.join(self.gnupghome, 'pubring.gpg')
+ if os.path.isfile(pubring):
+ os.remove(pubring)
+
+ gpg, signfunc = crypto.initializeGnuPG(self.config)
+ self.assertIsNone(gpg)
+ self.assertIsNone(signfunc)
+
+ def test_crypto_initializeGnuPG_with_passphrase(self):
+ """crypto.initializeGnuPG() should initialize correctly when a
+ passphrase is given but no passphrase is needed.
+ """
+ self.config.EMAIL_GPG_PASSPHRASE = 'password'
+ gpg, signfunc = crypto.initializeGnuPG(self.config)
+ self.assertIsNotNone(gpg)
+ self.assertIsNotNone(signfunc)
+
+ def test_crypto_initializeGnuPG_with_passphrase_file(self):
+ """crypto.initializeGnuPG() should initialize correctly when a
+ passphrase file is given but no passphrase is needed.
+ """
+ self.config.EMAIL_GPG_PASSPHRASE_FILE = self.passphraseFile
+ gpg, signfunc = crypto.initializeGnuPG(self.config)
+ self.assertIsNotNone(gpg)
+ self.assertIsNotNone(signfunc)
+
+ def test_crypto_initializeGnuPG_missing_passphrase_file(self):
+ """crypto.initializeGnuPG() should initialize correctly if a passphrase
+ file is given but that file is missing (when no passphrase is actually
+ necessary).
+ """
+ self.config.EMAIL_GPG_PASSPHRASE_FILE = self.passphraseFile
+ os.remove(self.passphraseFile)
+ gpg, signfunc = crypto.initializeGnuPG(self.config)
+ self.assertIsNotNone(gpg)
+ self.assertIsNotNone(signfunc)
+
+ def test_crypto_initializeGnuPG_signingFunc(self):
+ """crypto.initializeGnuPG() should return a signing function which
+ produces OpenPGP signatures.
+ """
+ gpg, signfunc = crypto.initializeGnuPG(self.config)
+ self.assertIsNotNone(gpg)
+ self.assertIsNotNone(signfunc)
+
+ sig = signfunc("This is a test of the public broadcasting system.")
+ print(sig)
+ self.assertIsNotNone(sig)
+ self.assertTrue(sig.startswith('-----BEGIN PGP SIGNED MESSAGE-----'))
+
+ def test_crypto_initializeGnuPG_nonexistent_default_key(self):
+ """When the key specified by EMAIL_GPG_PRIMARY_KEY_FINGERPRINT doesn't
+ exist in the keyrings, crypto.initializeGnuPG() should return a 2-tuple
+ of None.
+ """
+ self.config.EMAIL_GPG_PRIMARY_KEY_FINGERPRINT = 'A' * 40
+ gpg, signfunc = crypto.initializeGnuPG(self.config)
+ self.assertIsNone(gpg)
+ self.assertIsNone(signfunc)
+
+
class RemovePKCS1PaddingTests(unittest.TestCase):
"""Unittests for :func:`bridgedb.crypto.removePKCS1Padding`."""
More information about the tor-commits
mailing list