aboutsummaryrefslogtreecommitdiffstats
path: root/lang/python/tests/t-quick-key-creation.py
diff options
context:
space:
mode:
Diffstat (limited to 'lang/python/tests/t-quick-key-creation.py')
-rwxr-xr-xlang/python/tests/t-quick-key-creation.py200
1 files changed, 94 insertions, 106 deletions
diff --git a/lang/python/tests/t-quick-key-creation.py b/lang/python/tests/t-quick-key-creation.py
index ea63dc3f..c642c5b4 100755
--- a/lang/python/tests/t-quick-key-creation.py
+++ b/lang/python/tests/t-quick-key-creation.py
@@ -22,42 +22,33 @@ del absolute_import, print_function, unicode_literals
import gpg
import itertools
-import os
-import shutil
import time
import support
alpha = "Alpha <[email protected]>"
-def copy_configuration(destination):
- home = os.environ['GNUPGHOME']
- shutil.copy(os.path.join(home, "gpg.conf"), destination)
- shutil.copy(os.path.join(home, "gpg-agent.conf"), destination)
+with support.EphemeralContext() as ctx:
+ res = ctx.create_key(alpha)
-with support.TemporaryDirectory() as tmp:
- copy_configuration(tmp)
- with gpg.Context(home_dir=tmp) as ctx:
- res = ctx.create_key(alpha)
+ keys = list(ctx.keylist())
+ assert len(keys) == 1, "Weird number of keys created"
- keys = list(ctx.keylist())
- assert len(keys) == 1, "Weird number of keys created"
+ key = keys[0]
+ assert key.fpr == res.fpr
+ assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
+ assert key.subkeys[0].expires > 0, "Expected primary key to expire"
- key = keys[0]
- assert key.fpr == res.fpr
- assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
- assert key.subkeys[0].expires > 0, "Expected primary key to expire"
-
- # Try to create a key with the same UID
- try:
- ctx.create_key(alpha)
- assert False, "Expected an error but got none"
- except gpg.errors.GpgError as e:
- pass
+ # Try to create a key with the same UID
+ try:
+ ctx.create_key(alpha)
+ assert False, "Expected an error but got none"
+ except gpg.errors.GpgError as e:
+ pass
- # Try to create a key with the same UID, now with force!
- res2 = ctx.create_key(alpha, force=True)
- assert res.fpr != res2.fpr
+ # Try to create a key with the same UID, now with force!
+ res2 = ctx.create_key(alpha, force=True)
+ assert res.fpr != res2.fpr
# From here on, we use one context, and create unique UIDs
@@ -67,85 +58,82 @@ def make_uid():
uid_counter += 1
return "user{0}@invalid.example.org".format(uid_counter)
-with support.TemporaryDirectory() as tmp:
- copy_configuration(tmp)
- with gpg.Context(home_dir=tmp) as ctx:
-
- # Check gpg.constants.create.NOEXPIRE...
- res = ctx.create_key(make_uid(), expires=False)
- key = ctx.get_key(res.fpr, secret=True)
- assert key.fpr == res.fpr
- assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
- assert key.subkeys[0].expires == 0, "Expected primary key not to expire"
-
- t = 2 * 24 * 60 * 60
- slack = 5 * 60
- res = ctx.create_key(make_uid(), expires_in=t)
- key = ctx.get_key(res.fpr, secret=True)
- assert key.fpr == res.fpr
- assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
- assert abs(time.time() + t - key.subkeys[0].expires) < slack, \
- "Primary keys expiration time is off"
-
- # Check capabilities
- for sign, encrypt, certify, authenticate in itertools.product([False, True],
- [False, True],
- [False, True],
- [False, True]):
- # Filter some out
- if not (sign or encrypt or certify or authenticate):
- # This triggers the default capabilities tested before.
- continue
- if (sign or encrypt or authenticate) and not certify:
- # The primary key always certifies.
- continue
-
- res = ctx.create_key(make_uid(), algorithm="rsa",
- sign=sign, encrypt=encrypt, certify=certify,
- authenticate=authenticate)
- key = ctx.get_key(res.fpr, secret=True)
- assert key.fpr == res.fpr
- assert len(key.subkeys) == 1, \
- "Expected no subkey for non-default capabilities"
-
- p = key.subkeys[0]
- assert sign == p.can_sign
- assert encrypt == p.can_encrypt
- assert certify == p.can_certify
- assert authenticate == p.can_authenticate
-
- # Check algorithm
- res = ctx.create_key(make_uid(), algorithm="rsa")
- key = ctx.get_key(res.fpr, secret=True)
- assert key.fpr == res.fpr
- for k in key.subkeys:
- assert k.pubkey_algo == 1
-
- # Check algorithm with size
- res = ctx.create_key(make_uid(), algorithm="rsa1024")
+with support.EphemeralContext() as ctx:
+ # Check gpg.constants.create.NOEXPIRE...
+ res = ctx.create_key(make_uid(), expires=False)
+ key = ctx.get_key(res.fpr, secret=True)
+ assert key.fpr == res.fpr
+ assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
+ assert key.subkeys[0].expires == 0, "Expected primary key not to expire"
+
+ t = 2 * 24 * 60 * 60
+ slack = 5 * 60
+ res = ctx.create_key(make_uid(), expires_in=t)
+ key = ctx.get_key(res.fpr, secret=True)
+ assert key.fpr == res.fpr
+ assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
+ assert abs(time.time() + t - key.subkeys[0].expires) < slack, \
+ "Primary keys expiration time is off"
+
+ # Check capabilities
+ for sign, encrypt, certify, authenticate in itertools.product([False, True],
+ [False, True],
+ [False, True],
+ [False, True]):
+ # Filter some out
+ if not (sign or encrypt or certify or authenticate):
+ # This triggers the default capabilities tested before.
+ continue
+ if (sign or encrypt or authenticate) and not certify:
+ # The primary key always certifies.
+ continue
+
+ res = ctx.create_key(make_uid(), algorithm="rsa",
+ sign=sign, encrypt=encrypt, certify=certify,
+ authenticate=authenticate)
key = ctx.get_key(res.fpr, secret=True)
assert key.fpr == res.fpr
- for k in key.subkeys:
- assert k.pubkey_algo == 1
- assert k.length == 1024
-
- # Check algorithm future-default
- ctx.create_key(make_uid(), algorithm="future-default")
-
- # Check passphrase protection
- recipient = make_uid()
- passphrase = "streng geheim"
- res = ctx.create_key(recipient, passphrase=passphrase)
- ciphertext, _, _ = ctx.encrypt(b"hello there", recipients=[ctx.get_key(res.fpr)])
-
- cb_called = False
- def cb(*args):
- global cb_called
- cb_called = True
- return passphrase
- ctx.pinentry_mode = gpg.constants.PINENTRY_MODE_LOOPBACK
- ctx.set_passphrase_cb(cb)
-
- plaintext, _, _ = ctx.decrypt(ciphertext)
- assert plaintext == b"hello there"
- assert cb_called
+ assert len(key.subkeys) == 1, \
+ "Expected no subkey for non-default capabilities"
+
+ p = key.subkeys[0]
+ assert sign == p.can_sign
+ assert encrypt == p.can_encrypt
+ assert certify == p.can_certify
+ assert authenticate == p.can_authenticate
+
+ # Check algorithm
+ res = ctx.create_key(make_uid(), algorithm="rsa")
+ key = ctx.get_key(res.fpr, secret=True)
+ assert key.fpr == res.fpr
+ for k in key.subkeys:
+ assert k.pubkey_algo == 1
+
+ # Check algorithm with size
+ res = ctx.create_key(make_uid(), algorithm="rsa1024")
+ key = ctx.get_key(res.fpr, secret=True)
+ assert key.fpr == res.fpr
+ for k in key.subkeys:
+ assert k.pubkey_algo == 1
+ assert k.length == 1024
+
+ # Check algorithm future-default
+ ctx.create_key(make_uid(), algorithm="future-default")
+
+ # Check passphrase protection
+ recipient = make_uid()
+ passphrase = "streng geheim"
+ res = ctx.create_key(recipient, passphrase=passphrase)
+ ciphertext, _, _ = ctx.encrypt(b"hello there", recipients=[ctx.get_key(res.fpr)])
+
+ cb_called = False
+ def cb(*args):
+ global cb_called
+ cb_called = True
+ return passphrase
+ ctx.pinentry_mode = gpg.constants.PINENTRY_MODE_LOOPBACK
+ ctx.set_passphrase_cb(cb)
+
+ plaintext, _, _ = ctx.decrypt(ciphertext)
+ assert plaintext == b"hello there"
+ assert cb_called
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-27 16:42:05 +0000