summaryrefslogtreecommitdiff
path: root/keymanager/tests
diff options
context:
space:
mode:
Diffstat (limited to 'keymanager/tests')
-rw-r--r--keymanager/tests/common.py326
-rw-r--r--keymanager/tests/fixtures/private_key.binbin2202 -> 0 bytes
-rw-r--r--keymanager/tests/fixtures/public_key.binbin2202 -> 0 bytes
-rw-r--r--keymanager/tests/test_keymanager.py609
-rw-r--r--keymanager/tests/test_migrator.py176
-rw-r--r--keymanager/tests/test_openpgp.py365
-rw-r--r--keymanager/tests/test_validation.py502
7 files changed, 0 insertions, 1978 deletions
diff --git a/keymanager/tests/common.py b/keymanager/tests/common.py
deleted file mode 100644
index 8eb5d4e3..00000000
--- a/keymanager/tests/common.py
+++ /dev/null
@@ -1,326 +0,0 @@
-# -*- coding: utf-8 -*-
-# test_keymanager.py
-# Copyright (C) 2013 LEAP
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-"""
-Base classes for the Key Manager tests.
-"""
-
-import distutils.spawn
-import os.path
-
-from twisted.internet.defer import gatherResults
-from twisted.trial import unittest
-
-from leap.common.testing.basetest import BaseLeapTest
-from leap.soledad.client import Soledad
-from leap.keymanager import KeyManager
-
-PATH = os.path.dirname(os.path.realpath(__file__))
-
-ADDRESS = 'leap@leap.se'
-ADDRESS_2 = 'anotheruser@leap.se'
-
-
-class KeyManagerWithSoledadTestCase(unittest.TestCase, BaseLeapTest):
-
- def setUp(self):
- self.gpg_binary_path = self._find_gpg()
-
- self._soledad = Soledad(
- u"leap@leap.se",
- u"123456",
- secrets_path=self.tempdir + "/secret.gpg",
- local_db_path=self.tempdir + "/soledad.u1db",
- server_url='',
- cert_file=None,
- auth_token=None,
- syncable=False
- )
-
- def tearDown(self):
- km = self._key_manager()
-
- # wait for the indexes to be ready for the tear down
- d = km._openpgp.deferred_init
- d.addCallback(lambda _: self.delete_all_keys(km))
- d.addCallback(lambda _: self._soledad.close())
- return d
-
- def delete_all_keys(self, km):
- def delete_keys(keys):
- deferreds = []
- for key in keys:
- d = km._openpgp.delete_key(key)
- deferreds.append(d)
- return gatherResults(deferreds)
-
- def check_deleted(_, private):
- d = km.get_all_keys(private=private)
- d.addCallback(lambda keys: self.assertEqual(keys, []))
- return d
-
- deferreds = []
- for private in [True, False]:
- d = km.get_all_keys(private=private)
- d.addCallback(delete_keys)
- d.addCallback(check_deleted, private)
- deferreds.append(d)
- return gatherResults(deferreds)
-
- def _key_manager(self, user=ADDRESS, url='', token=None,
- ca_cert_path=None):
- return KeyManager(user, url, self._soledad, token=token,
- gpgbinary=self.gpg_binary_path,
- ca_cert_path=ca_cert_path)
-
- def _find_gpg(self):
- gpg_path = distutils.spawn.find_executable('gpg')
- if gpg_path is not None:
- return os.path.realpath(gpg_path)
- else:
- return "/usr/bin/gpg"
-
- def get_public_binary_key(self):
- with open(PATH + '/fixtures/public_key.bin', 'r') as binary_public_key:
- return binary_public_key.read()
-
- def get_private_binary_key(self):
- with open(
- PATH + '/fixtures/private_key.bin', 'r') as binary_private_key:
- return binary_private_key.read()
-
-
-# key 24D18DDF: public key "Leap Test Key <leap@leap.se>"
-KEY_FINGERPRINT = "E36E738D69173C13D709E44F2F455E2824D18DDF"
-PUBLIC_KEY = """
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.10 (GNU/Linux)
-
-mQINBFC9+dkBEADNRfwV23TWEoGc/x0wWH1P7PlXt8MnC2Z1kKaKKmfnglVrpOiz
-iLWoiU58sfZ0L5vHkzXHXCBf6Eiy/EtUIvdiWAn+yASJ1mk5jZTBKO/WMAHD8wTO
-zpMsFmWyg3xc4DkmFa9KQ5EVU0o/nqPeyQxNMQN7px5pPwrJtJFmPxnxm+aDkPYx
-irDmz/4DeDNqXliazGJKw7efqBdlwTHkl9Akw2gwy178pmsKwHHEMOBOFFvX61AT
-huKqHYmlCGSliwbrJppTG7jc1/ls3itrK+CWTg4txREkSpEVmfcASvw/ZqLbjgfs
-d/INMwXnR9U81O8+7LT6yw/ca4ppcFoJD7/XJbkRiML6+bJ4Dakiy6i727BzV17g
-wI1zqNvm5rAhtALKfACha6YO43aJzairO4II1wxVHvRDHZn2IuKDDephQ3Ii7/vb
-hUOf6XCSmchkAcpKXUOvbxm1yfB1LRa64mMc2RcZxf4mW7KQkulBsdV5QG2276lv
-U2UUy2IutXcGP5nXC+f6sJJGJeEToKJ57yiO/VWJFjKN8SvP+7AYsQSqINUuEf6H
-T5gCPCraGMkTUTPXrREvu7NOohU78q6zZNaL3GW8ai7eSeANSuQ8Vzffx7Wd8Y7i
-Pw9sYj0SMFs1UgjbuL6pO5ueHh+qyumbtAq2K0Bci0kqOcU4E9fNtdiovQARAQAB
-tBxMZWFwIFRlc3QgS2V5IDxsZWFwQGxlYXAuc2U+iQI3BBMBCAAhBQJQvfnZAhsD
-BQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEC9FXigk0Y3fT7EQAKH3IuRniOpb
-T/DDIgwwjz3oxB/W0DDMyPXowlhSOuM0rgGfntBpBb3boezEXwL86NPQxNGGruF5
-hkmecSiuPSvOmQlqlS95NGQp6hNG0YaKColh+Q5NTspFXCAkFch9oqUje0LdxfSP
-QfV9UpeEvGyPmk1I9EJV/YDmZ4+Djge1d7qhVZInz4Rx1NrSyF/Tc2EC0VpjQFsU
-Y9Kb2YBBR7ivG6DBc8ty0jJXi7B4WjkFcUEJviQpMF2dCLdonCehYs1PqsN1N7j+
-eFjQd+hqVMJgYuSGKjvuAEfClM6MQw7+FmFwMyLgK/Ew/DttHEDCri77SPSkOGSI
-txCzhTg6798f6mJr7WcXmHX1w1Vcib5FfZ8vTDFVhz/XgAgArdhPo9V6/1dgSSiB
-KPQ/spsco6u5imdOhckERE0lnAYvVT6KE81TKuhF/b23u7x+Wdew6kK0EQhYA7wy
-7LmlaNXc7rMBQJ9Z60CJ4JDtatBWZ0kNrt2VfdDHVdqBTOpl0CraNUjWE5YMDasr
-K2dF5IX8D3uuYtpZnxqg0KzyLg0tzL0tvOL1C2iudgZUISZNPKbS0z0v+afuAAnx
-2pTC3uezbh2Jt8SWTLhll4i0P4Ps5kZ6HQUO56O+/Z1cWovX+mQekYFmERySDR9n
-3k1uAwLilJmRmepGmvYbB8HloV8HqwgguQINBFC9+dkBEAC0I/xn1uborMgDvBtf
-H0sEhwnXBC849/32zic6udB6/3Efk9nzbSpL3FSOuXITZsZgCHPkKarnoQ2ztMcS
-sh1ke1C5gQGms75UVmM/nS+2YI4vY8OX/GC/on2vUyncqdH+bR6xH5hx4NbWpfTs
-iQHmz5C6zzS/kuabGdZyKRaZHt23WQ7JX/4zpjqbC99DjHcP9BSk7tJ8wI4bkMYD
-uFVQdT9O6HwyKGYwUU4sAQRAj7XCTGvVbT0dpgJwH4RmrEtJoHAx4Whg8mJ710E0
-GCmzf2jqkNuOw76ivgk27Kge+Hw00jmJjQhHY0yVbiaoJwcRrPKzaSjEVNgrpgP3
-lXPRGQArgESsIOTeVVHQ8fhK2YtTeCY9rIiO+L0OX2xo9HK7hfHZZWL6rqymXdyS
-fhzh/f6IPyHFWnvj7Brl7DR8heMikygcJqv+ed2yx7iLyCUJ10g12I48+aEj1aLe
-dP7lna32iY8/Z0SHQLNH6PXO9SlPcq2aFUgKqE75A/0FMk7CunzU1OWr2ZtTLNO1
-WT/13LfOhhuEq9jTyTosn0WxBjJKq18lnhzCXlaw6EAtbA7CUwsD3CTPR56aAXFK
-3I7KXOVAqggrvMe5Tpdg5drfYpI8hZovL5aAgb+7Y5ta10TcJdUhS5K3kFAWe/td
-U0cmWUMDP1UMSQ5Jg6JIQVWhSwARAQABiQIfBBgBCAAJBQJQvfnZAhsMAAoJEC9F
-Xigk0Y3fRwsP/i0ElYCyxeLpWJTwo1iCLkMKz2yX1lFVa9nT1BVTPOQwr/IAc5OX
-NdtbJ14fUsKL5pWgW8OmrXtwZm1y4euI1RPWWubG01ouzwnGzv26UcuHeqC5orZj
-cOnKtL40y8VGMm8LoicVkRJH8blPORCnaLjdOtmA3rx/v2EXrJpSa3AhOy0ZSRXk
-ZSrK68AVNwamHRoBSYyo0AtaXnkPX4+tmO8X8BPfj125IljubvwZPIW9VWR9UqCE
-VPfDR1XKegVb6VStIywF7kmrknM1C5qUY28rdZYWgKorw01hBGV4jTW0cqde3N51
-XT1jnIAa+NoXUM9uQoGYMiwrL7vNsLlyyiW5ayDyV92H/rIuiqhFgbJsHTlsm7I8
-oGheR784BagAA1NIKD1qEO9T6Kz9lzlDaeWS5AUKeXrb7ZJLI1TTCIZx5/DxjLqM
-Tt/RFBpVo9geZQrvLUqLAMwdaUvDXC2c6DaCPXTh65oCZj/hqzlJHH+RoTWWzKI+
-BjXxgUWF9EmZUBrg68DSmI+9wuDFsjZ51BcqvJwxyfxtTaWhdoYqH/UQS+D1FP3/
-diZHHlzwVwPICzM9ooNTgbrcDzyxRkIVqsVwBq7EtzcvgYUyX53yG25Giy6YQaQ2
-ZtQ/VymwFL3XdUWV6B/hU4PVAFvO3qlOtdJ6TpE+nEWgcWjCv5g7RjXX
-=MuOY
------END PGP PUBLIC KEY BLOCK-----
-"""
-PRIVATE_KEY = """
------BEGIN PGP PRIVATE KEY BLOCK-----
-Version: GnuPG v1.4.10 (GNU/Linux)
-
-lQcYBFC9+dkBEADNRfwV23TWEoGc/x0wWH1P7PlXt8MnC2Z1kKaKKmfnglVrpOiz
-iLWoiU58sfZ0L5vHkzXHXCBf6Eiy/EtUIvdiWAn+yASJ1mk5jZTBKO/WMAHD8wTO
-zpMsFmWyg3xc4DkmFa9KQ5EVU0o/nqPeyQxNMQN7px5pPwrJtJFmPxnxm+aDkPYx
-irDmz/4DeDNqXliazGJKw7efqBdlwTHkl9Akw2gwy178pmsKwHHEMOBOFFvX61AT
-huKqHYmlCGSliwbrJppTG7jc1/ls3itrK+CWTg4txREkSpEVmfcASvw/ZqLbjgfs
-d/INMwXnR9U81O8+7LT6yw/ca4ppcFoJD7/XJbkRiML6+bJ4Dakiy6i727BzV17g
-wI1zqNvm5rAhtALKfACha6YO43aJzairO4II1wxVHvRDHZn2IuKDDephQ3Ii7/vb
-hUOf6XCSmchkAcpKXUOvbxm1yfB1LRa64mMc2RcZxf4mW7KQkulBsdV5QG2276lv
-U2UUy2IutXcGP5nXC+f6sJJGJeEToKJ57yiO/VWJFjKN8SvP+7AYsQSqINUuEf6H
-T5gCPCraGMkTUTPXrREvu7NOohU78q6zZNaL3GW8ai7eSeANSuQ8Vzffx7Wd8Y7i
-Pw9sYj0SMFs1UgjbuL6pO5ueHh+qyumbtAq2K0Bci0kqOcU4E9fNtdiovQARAQAB
-AA/+JHtlL39G1wsH9R6UEfUQJGXR9MiIiwZoKcnRB2o8+DS+OLjg0JOh8XehtuCs
-E/8oGQKtQqa5bEIstX7IZoYmYFiUQi9LOzIblmp2vxOm+HKkxa4JszWci2/ZmC3t
-KtaA4adl9XVnshoQ7pijuCMUKB3naBEOAxd8s9d/JeReGIYkJErdrnVfNk5N71Ds
-FmH5Ll3XtEDvgBUQP3nkA6QFjpsaB94FHjL3gDwum/cxzj6pCglcvHOzEhfY0Ddb
-J967FozQTaf2JW3O+w3LOqtcKWpq87B7+O61tVidQPSSuzPjCtFF0D2LC9R/Hpky
-KTMQ6CaKja4MPhjwywd4QPcHGYSqjMpflvJqi+kYIt8psUK/YswWjnr3r4fbuqVY
-VhtiHvnBHQjz135lUqWvEz4hM3Xpnxydx7aRlv5NlevK8+YIO5oFbWbGNTWsPZI5
-jpoFBpSsnR1Q5tnvtNHauvoWV+XN2qAOBTG+/nEbDYH6Ak3aaE9jrpTdYh0CotYF
-q7csANsDy3JvkAzeU6WnYpsHHaAjqOGyiZGsLej1UcXPFMosE/aUo4WQhiS8Zx2c
-zOVKOi/X5vQ2GdNT9Qolz8AriwzsvFR+bxPzyd8V6ALwDsoXvwEYinYBKK8j0OPv
-OOihSR6HVsuP9NUZNU9ewiGzte/+/r6pNXHvR7wTQ8EWLcEIAN6Zyrb0bHZTIlxt
-VWur/Ht2mIZrBaO50qmM5RD3T5oXzWXi/pjLrIpBMfeZR9DWfwQwjYzwqi7pxtYx
-nJvbMuY505rfnMoYxb4J+cpRXV8MS7Dr1vjjLVUC9KiwSbM3gg6emfd2yuA93ihv
-Pe3mffzLIiQa4mRE3wtGcioC43nWuV2K2e1KjxeFg07JhrezA/1Cak505ab/tmvP
-4YmjR5c44+yL/YcQ3HdFgs4mV+nVbptRXvRcPpolJsgxPccGNdvHhsoR4gwXMS3F
-RRPD2z6x8xeN73Q4KH3bm01swQdwFBZbWVfmUGLxvN7leCdfs9+iFJyqHiCIB6Iv
-mQfp8F0IAOwSo8JhWN+V1dwML4EkIrM8wUb4yecNLkyR6TpPH/qXx4PxVMC+vy6x
-sCtjeHIwKE+9vqnlhd5zOYh7qYXEJtYwdeDDmDbL8oks1LFfd+FyAuZXY33DLwn0
-cRYsr2OEZmaajqUB3NVmj3H4uJBN9+paFHyFSXrH68K1Fk2o3n+RSf2EiX+eICwI
-L6rqoF5sSVUghBWdNegV7qfy4anwTQwrIMGjgU5S6PKW0Dr/3iO5z3qQpGPAj5OW
-ATqPWkDICLbObPxD5cJlyyNE2wCA9VVc6/1d6w4EVwSq9h3/WTpATEreXXxTGptd
-LNiTA1nmakBYNO2Iyo3djhaqBdWjk+EIAKtVEnJH9FAVwWOvaj1RoZMA5DnDMo7e
-SnhrCXl8AL7Z1WInEaybasTJXn1uQ8xY52Ua4b8cbuEKRKzw/70NesFRoMLYoHTO
-dyeszvhoDHberpGRTciVmpMu7Hyi33rM31K9epA4ib6QbbCHnxkWOZB+Bhgj1hJ8
-xb4RBYWiWpAYcg0+DAC3w9gfxQhtUlZPIbmbrBmrVkO2GVGUj8kH6k4UV6kUHEGY
-HQWQR0HcbKcXW81ZXCCD0l7ROuEWQtTe5Jw7dJ4/QFuqZnPutXVRNOZqpl6eRShw
-7X2/a29VXBpmHA95a88rSQsL+qm7Fb3prqRmuMCtrUZgFz7HLSTuUMR867QcTGVh
-cCBUZXN0IEtleSA8bGVhcEBsZWFwLnNlPokCNwQTAQgAIQUCUL352QIbAwULCQgH
-AwUVCgkICwUWAgMBAAIeAQIXgAAKCRAvRV4oJNGN30+xEACh9yLkZ4jqW0/wwyIM
-MI896MQf1tAwzMj16MJYUjrjNK4Bn57QaQW926HsxF8C/OjT0MTRhq7heYZJnnEo
-rj0rzpkJapUveTRkKeoTRtGGigqJYfkOTU7KRVwgJBXIfaKlI3tC3cX0j0H1fVKX
-hLxsj5pNSPRCVf2A5mePg44HtXe6oVWSJ8+EcdTa0shf03NhAtFaY0BbFGPSm9mA
-QUe4rxugwXPLctIyV4uweFo5BXFBCb4kKTBdnQi3aJwnoWLNT6rDdTe4/nhY0Hfo
-alTCYGLkhio77gBHwpTOjEMO/hZhcDMi4CvxMPw7bRxAwq4u+0j0pDhkiLcQs4U4
-Ou/fH+pia+1nF5h19cNVXIm+RX2fL0wxVYc/14AIAK3YT6PVev9XYEkogSj0P7Kb
-HKOruYpnToXJBERNJZwGL1U+ihPNUyroRf29t7u8flnXsOpCtBEIWAO8Muy5pWjV
-3O6zAUCfWetAieCQ7WrQVmdJDa7dlX3Qx1XagUzqZdAq2jVI1hOWDA2rKytnReSF
-/A97rmLaWZ8aoNCs8i4NLcy9Lbzi9QtornYGVCEmTTym0tM9L/mn7gAJ8dqUwt7n
-s24dibfElky4ZZeItD+D7OZGeh0FDuejvv2dXFqL1/pkHpGBZhEckg0fZ95NbgMC
-4pSZkZnqRpr2GwfB5aFfB6sIIJ0HGARQvfnZARAAtCP8Z9bm6KzIA7wbXx9LBIcJ
-1wQvOPf99s4nOrnQev9xH5PZ820qS9xUjrlyE2bGYAhz5Cmq56ENs7THErIdZHtQ
-uYEBprO+VFZjP50vtmCOL2PDl/xgv6J9r1Mp3KnR/m0esR+YceDW1qX07IkB5s+Q
-us80v5LmmxnWcikWmR7dt1kOyV/+M6Y6mwvfQ4x3D/QUpO7SfMCOG5DGA7hVUHU/
-Tuh8MihmMFFOLAEEQI+1wkxr1W09HaYCcB+EZqxLSaBwMeFoYPJie9dBNBgps39o
-6pDbjsO+or4JNuyoHvh8NNI5iY0IR2NMlW4mqCcHEazys2koxFTYK6YD95Vz0RkA
-K4BErCDk3lVR0PH4StmLU3gmPayIjvi9Dl9saPRyu4Xx2WVi+q6spl3ckn4c4f3+
-iD8hxVp74+wa5ew0fIXjIpMoHCar/nndsse4i8glCddINdiOPPmhI9Wi3nT+5Z2t
-9omPP2dEh0CzR+j1zvUpT3KtmhVICqhO+QP9BTJOwrp81NTlq9mbUyzTtVk/9dy3
-zoYbhKvY08k6LJ9FsQYySqtfJZ4cwl5WsOhALWwOwlMLA9wkz0eemgFxStyOylzl
-QKoIK7zHuU6XYOXa32KSPIWaLy+WgIG/u2ObWtdE3CXVIUuSt5BQFnv7XVNHJllD
-Az9VDEkOSYOiSEFVoUsAEQEAAQAP/1AagnZQZyzHDEgw4QELAspYHCWLXE5aZInX
-wTUJhK31IgIXNn9bJ0hFiSpQR2xeMs9oYtRuPOu0P8oOFMn4/z374fkjZy8QVY3e
-PlL+3EUeqYtkMwlGNmVw5a/NbNuNfm5Darb7pEfbYd1gPcni4MAYw7R2SG/57GbC
-9gucvspHIfOSfBNLBthDzmK8xEKe1yD2eimfc2T7IRYb6hmkYfeds5GsqvGI6mwI
-85h4uUHWRc5JOlhVM6yX8hSWx0L60Z3DZLChmc8maWnFXd7C8eQ6P1azJJbW71Ih
-7CoK0XW4LE82vlQurSRFgTwfl7wFYszW2bOzCuhHDDtYnwH86Nsu0DC78ZVRnvxn
-E8Ke/AJgrdhIOo4UAyR+aZD2+2mKd7/waOUTUrUtTzc7i8N3YXGi/EIaNReBXaq+
-ZNOp24BlFzRp+FCF/pptDW9HjPdiV09x0DgICmeZS4Gq/4vFFIahWctg52NGebT0
-Idxngjj+xDtLaZlLQoOz0n5ByjO/Wi0ANmMv1sMKCHhGvdaSws2/PbMR2r4caj8m
-KXpIgdinM/wUzHJ5pZyF2U/qejsRj8Kw8KH/tfX4JCLhiaP/mgeTuWGDHeZQERAT
-xPmRFHaLP9/ZhvGNh6okIYtrKjWTLGoXvKLHcrKNisBLSq+P2WeFrlme1vjvJMo/
-jPwLT5o9CADQmcbKZ+QQ1ZM9v99iDZol7SAMZX43JC019sx6GK0u6xouJBcLfeB4
-OXacTgmSYdTa9RM9fbfVpti01tJ84LV2SyL/VJq/enJF4XQPSynT/tFTn1PAor6o
-tEAAd8fjKdJ6LnD5wb92SPHfQfXqI84rFEO8rUNIE/1ErT6DYifDzVCbfD2KZdoF
-cOSp7TpD77sY1bs74ocBX5ejKtd+aH99D78bJSMM4pSDZsIEwnomkBHTziubPwJb
-OwnATy0LmSMAWOw5rKbsh5nfwCiUTM20xp0t5JeXd+wPVWbpWqI2EnkCEN+RJr9i
-7dp/ymDQ+Yt5wrsN3NwoyiexPOG91WQVCADdErHsnglVZZq9Z8Wx7KwecGCUurJ2
-H6lKudv5YOxPnAzqZS5HbpZd/nRTMZh2rdXCr5m2YOuewyYjvM757AkmUpM09zJX
-MQ1S67/UX2y8/74TcRF97Ncx9HeELs92innBRXoFitnNguvcO6Esx4BTe1OdU6qR
-ER3zAmVf22Le9ciXbu24DN4mleOH+OmBx7X2PqJSYW9GAMTsRB081R6EWKH7romQ
-waxFrZ4DJzZ9ltyosEJn5F32StyLrFxpcrdLUoEaclZCv2qka7sZvi0EvovDVEBU
-e10jOx9AOwf8Gj2ufhquQ6qgVYCzbP+YrodtkFrXRS3IsljIchj1M2ffB/0bfoUs
-rtER9pLvYzCjBPg8IfGLw0o754Qbhh/ReplCRTusP/fQMybvCvfxreS3oyEriu/G
-GufRomjewZ8EMHDIgUsLcYo2UHZsfF7tcazgxMGmMvazp4r8vpgrvW/8fIN/6Adu
-tF+WjWDTvJLFJCe6O+BFJOWrssNrrra1zGtLC1s8s+Wfpe+bGPL5zpHeebGTwH1U
-22eqgJArlEKxrfarz7W5+uHZJHSjF/K9ZvunLGD0n9GOPMpji3UO3zeM8IYoWn7E
-/EWK1XbjnssNemeeTZ+sDh+qrD7BOi+vCX1IyBxbfqnQfJZvmcPWpruy1UsO+aIC
-0GY8Jr3OL69dDQ21jueJAh8EGAEIAAkFAlC9+dkCGwwACgkQL0VeKCTRjd9HCw/+
-LQSVgLLF4ulYlPCjWIIuQwrPbJfWUVVr2dPUFVM85DCv8gBzk5c121snXh9Swovm
-laBbw6ate3BmbXLh64jVE9Za5sbTWi7PCcbO/bpRy4d6oLmitmNw6cq0vjTLxUYy
-bwuiJxWREkfxuU85EKdouN062YDevH+/YResmlJrcCE7LRlJFeRlKsrrwBU3BqYd
-GgFJjKjQC1peeQ9fj62Y7xfwE9+PXbkiWO5u/Bk8hb1VZH1SoIRU98NHVcp6BVvp
-VK0jLAXuSauSczULmpRjbyt1lhaAqivDTWEEZXiNNbRyp17c3nVdPWOcgBr42hdQ
-z25CgZgyLCsvu82wuXLKJblrIPJX3Yf+si6KqEWBsmwdOWybsjygaF5HvzgFqAAD
-U0goPWoQ71PorP2XOUNp5ZLkBQp5etvtkksjVNMIhnHn8PGMuoxO39EUGlWj2B5l
-Cu8tSosAzB1pS8NcLZzoNoI9dOHrmgJmP+GrOUkcf5GhNZbMoj4GNfGBRYX0SZlQ
-GuDrwNKYj73C4MWyNnnUFyq8nDHJ/G1NpaF2hiof9RBL4PUU/f92JkceXPBXA8gL
-Mz2ig1OButwPPLFGQhWqxXAGrsS3Ny+BhTJfnfIbbkaLLphBpDZm1D9XKbAUvdd1
-RZXoH+FTg9UAW87eqU610npOkT6cRaBxaMK/mDtGNdc=
-=JTFu
------END PGP PRIVATE KEY BLOCK-----
-"""
-
-# key 7FEE575A: public key "anotheruser <anotheruser@leap.se>"
-PUBLIC_KEY_2 = """
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.10 (GNU/Linux)
-
-mI0EUYwJXgEEAMbTKHuPJ5/Gk34l9Z06f+0WCXTDXdte1UBoDtZ1erAbudgC4MOR
-gquKqoj3Hhw0/ILqJ88GcOJmKK/bEoIAuKaqlzDF7UAYpOsPZZYmtRfPC2pTCnXq
-Z1vdeqLwTbUspqXflkCkFtfhGKMq5rH8GV5a3tXZkRWZhdNwhVXZagC3ABEBAAG0
-IWFub3RoZXJ1c2VyIDxhbm90aGVydXNlckBsZWFwLnNlPoi4BBMBAgAiBQJRjAle
-AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRB/nfpof+5XWotuA/4tLN4E
-gUr7IfLy2HkHAxzw7A4rqfMN92DIM9mZrDGaWRrOn3aVF7VU1UG7MDkHfPvp/cFw
-ezoCw4s4IoHVc/pVlOkcHSyt4/Rfh248tYEJmFCJXGHpkK83VIKYJAithNccJ6Q4
-JE/o06Mtf4uh/cA1HUL4a4ceqUhtpLJULLeKo7iNBFGMCV4BBADsyQI7GR0wSAxz
-VayLjuPzgT+bjbFeymIhjuxKIEwnIKwYkovztW+4bbOcQs785k3Lp6RzvigTpQQt
-Z/hwcLOqZbZw8t/24+D+Pq9mMP2uUvCFFqLlVvA6D3vKSQ/XNN+YB919WQ04jh63
-yuRe94WenT1RJd6xU1aaUff4rKizuQARAQABiJ8EGAECAAkFAlGMCV4CGwwACgkQ
-f536aH/uV1rPZQQAqCzRysOlu8ez7PuiBD4SebgRqWlxa1TF1ujzfLmuPivROZ2X
-Kw5aQstxgGSjoB7tac49s0huh4X8XK+BtJBfU84JS8Jc2satlfwoyZ35LH6sDZck
-I+RS/3we6zpMfHs3vvp9xgca6ZupQxivGtxlJs294TpJorx+mFFqbV17AzQ=
-=Thdu
------END PGP PUBLIC KEY BLOCK-----
-"""
-
-PRIVATE_KEY_2 = """
------BEGIN PGP PRIVATE KEY BLOCK-----
-Version: GnuPG v1.4.10 (GNU/Linux)
-
-lQHYBFGMCV4BBADG0yh7jyefxpN+JfWdOn/tFgl0w13bXtVAaA7WdXqwG7nYAuDD
-kYKriqqI9x4cNPyC6ifPBnDiZiiv2xKCALimqpcwxe1AGKTrD2WWJrUXzwtqUwp1
-6mdb3Xqi8E21LKal35ZApBbX4RijKuax/BleWt7V2ZEVmYXTcIVV2WoAtwARAQAB
-AAP7BLuSAx7tOohnimEs74ks8l/L6dOcsFQZj2bqs4AoY3jFe7bV0tHr4llypb/8
-H3/DYvpf6DWnCjyUS1tTnXSW8JXtx01BUKaAufSmMNg9blKV6GGHlT/Whe9uVyks
-7XHk/+9mebVMNJ/kNlqq2k+uWqJohzC8WWLRK+d1tBeqDsECANZmzltPaqUsGV5X
-C3zszE3tUBgptV/mKnBtopKi+VH+t7K6fudGcG+bAcZDUoH/QVde52mIIjjIdLje
-uajJuHUCAO1mqh+vPoGv4eBLV7iBo3XrunyGXiys4a39eomhxTy3YktQanjjx+ty
-GltAGCs5PbWGO6/IRjjvd46wh53kzvsCAO0J97gsWhzLuFnkxFAJSPk7RRlyl7lI
-1XS/x0Og6j9XHCyY1OYkfBm0to3UlCfkgirzCYlTYObCofzdKFIPDmSqHbQhYW5v
-dGhlcnVzZXIgPGFub3RoZXJ1c2VyQGxlYXAuc2U+iLgEEwECACIFAlGMCV4CGwMG
-CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEH+d+mh/7ldai24D/i0s3gSBSvsh
-8vLYeQcDHPDsDiup8w33YMgz2ZmsMZpZGs6fdpUXtVTVQbswOQd8++n9wXB7OgLD
-izgigdVz+lWU6RwdLK3j9F+Hbjy1gQmYUIlcYemQrzdUgpgkCK2E1xwnpDgkT+jT
-oy1/i6H9wDUdQvhrhx6pSG2kslQst4qjnQHYBFGMCV4BBADsyQI7GR0wSAxzVayL
-juPzgT+bjbFeymIhjuxKIEwnIKwYkovztW+4bbOcQs785k3Lp6RzvigTpQQtZ/hw
-cLOqZbZw8t/24+D+Pq9mMP2uUvCFFqLlVvA6D3vKSQ/XNN+YB919WQ04jh63yuRe
-94WenT1RJd6xU1aaUff4rKizuQARAQABAAP9EyElqJ3dq3EErXwwT4mMnbd1SrVC
-rUJrNWQZL59mm5oigS00uIyR0SvusOr+UzTtd8ysRuwHy5d/LAZsbjQStaOMBILx
-77TJveOel0a1QK0YSMF2ywZMCKvquvjli4hAtWYz/EwfuzQN3t23jc5ny+GqmqD2
-3FUxLJosFUfLNmECAO9KhVmJi+L9dswIs+2Dkjd1eiRQzNOEVffvYkGYZyKxNiXF
-UA5kvyZcB4iAN9sWCybE4WHZ9jd4myGB0MPDGxkCAP1RsXJbbuD6zS7BXe5gwunO
-2q4q7ptdSl/sJYQuTe1KNP5d/uGsvlcFfsYjpsopasPjFBIncc/2QThMKlhoEaEB
-/0mVAxpT6SrEvUbJ18z7kna24SgMPr3OnPMxPGfvNLJY/Xv/A17YfoqjmByCvsKE
-JCDjopXtmbcrZyoEZbEht9mko4ifBBgBAgAJBQJRjAleAhsMAAoJEH+d+mh/7lda
-z2UEAKgs0crDpbvHs+z7ogQ+Enm4EalpcWtUxdbo83y5rj4r0TmdlysOWkLLcYBk
-o6Ae7WnOPbNIboeF/FyvgbSQX1POCUvCXNrGrZX8KMmd+Sx+rA2XJCPkUv98Hus6
-THx7N776fcYHGumbqUMYrxrcZSbNveE6SaK8fphRam1dewM0
-=a5gs
------END PGP PRIVATE KEY BLOCK-----
-"""
diff --git a/keymanager/tests/fixtures/private_key.bin b/keymanager/tests/fixtures/private_key.bin
deleted file mode 100644
index ab174317..00000000
--- a/keymanager/tests/fixtures/private_key.bin
+++ /dev/null
Binary files differ
diff --git a/keymanager/tests/fixtures/public_key.bin b/keymanager/tests/fixtures/public_key.bin
deleted file mode 100644
index ab174317..00000000
--- a/keymanager/tests/fixtures/public_key.bin
+++ /dev/null
Binary files differ
diff --git a/keymanager/tests/test_keymanager.py b/keymanager/tests/test_keymanager.py
deleted file mode 100644
index b4ab805c..00000000
--- a/keymanager/tests/test_keymanager.py
+++ /dev/null
@@ -1,609 +0,0 @@
-# -*- coding: utf-8 -*-
-# test_keymanager.py
-# Copyright (C) 2013 LEAP
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-
-"""
-Tests for the Key Manager.
-"""
-
-from os import path
-import json
-import urllib
-from datetime import datetime
-import tempfile
-import pkg_resources
-from leap.common import ca_bundle
-from mock import Mock, MagicMock, patch
-from twisted.internet import defer
-from twisted.trial import unittest
-from twisted.web._responses import NOT_FOUND
-
-from leap.keymanager import client
-
-from leap.keymanager import errors
-from leap.keymanager.keys import (
- OpenPGPKey,
- is_address,
- build_key_from_dict,
-)
-from leap.keymanager.validation import ValidationLevels
-
-from common import (
- KeyManagerWithSoledadTestCase,
- ADDRESS,
- ADDRESS_2,
- KEY_FINGERPRINT,
- PUBLIC_KEY,
- PUBLIC_KEY_2,
- PRIVATE_KEY,
- PRIVATE_KEY_2,
-)
-
-
-NICKSERVER_URI = "http://leap.se/"
-REMOTE_KEY_URL = "http://site.domain/key"
-INVALID_MAIL_ADDRESS = "notexistingemail@example.org"
-
-
-class KeyManagerUtilTestCase(unittest.TestCase):
-
- def test_is_address(self):
- self.assertTrue(
- is_address('user@leap.se'),
- 'Incorrect address detection.')
- self.assertFalse(
- is_address('userleap.se'),
- 'Incorrect address detection.')
- self.assertFalse(
- is_address('user@'),
- 'Incorrect address detection.')
- self.assertFalse(
- is_address('@leap.se'),
- 'Incorrect address detection.')
-
- def test_build_key_from_dict(self):
- kdict = {
- 'uids': [ADDRESS],
- 'fingerprint': KEY_FINGERPRINT,
- 'key_data': PUBLIC_KEY,
- 'private': False,
- 'length': 4096,
- 'expiry_date': 0,
- 'refreshed_at': 1311239602,
- }
- adict = {
- 'address': ADDRESS,
- 'private': False,
- 'last_audited_at': 0,
- 'validation': str(ValidationLevels.Weak_Chain),
- 'encr_used': False,
- 'sign_used': True,
- }
- key = build_key_from_dict(kdict, adict)
- self.assertEqual(
- kdict['uids'], key.uids,
- 'Wrong data in key.')
- self.assertEqual(
- kdict['fingerprint'], key.fingerprint,
- 'Wrong data in key.')
- self.assertEqual(
- kdict['key_data'], key.key_data,
- 'Wrong data in key.')
- self.assertEqual(
- kdict['private'], key.private,
- 'Wrong data in key.')
- self.assertEqual(
- kdict['length'], key.length,
- 'Wrong data in key.')
- self.assertEqual(
- None, key.expiry_date,
- 'Wrong data in key.')
- self.assertEqual(
- None, key.last_audited_at,
- 'Wrong data in key.')
- self.assertEqual(
- datetime.fromtimestamp(kdict['refreshed_at']), key.refreshed_at,
- 'Wrong data in key.')
- self.assertEqual(
- adict['address'], key.address,
- 'Wrong data in key.')
- self.assertEqual(
- ValidationLevels.get(adict['validation']), key.validation,
- 'Wrong data in key.')
- self.assertEqual(
- adict['encr_used'], key.encr_used,
- 'Wrong data in key.')
- self.assertEqual(
- adict['sign_used'], key.sign_used,
- 'Wrong data in key.')
-
-
-class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
-
- @defer.inlineCallbacks
- def _test_gen_key(self):
- km = self._key_manager()
- key = yield km.gen_key()
- self.assertIsInstance(key, OpenPGPKey)
- self.assertEqual(
- 'leap@leap.se', key.address, 'Wrong address bound to key.')
- self.assertEqual(
- 4096, key.length, 'Wrong key length.')
-
- @defer.inlineCallbacks
- def test_get_all_keys_in_db(self):
- km = self._key_manager()
- yield km._openpgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- # get public keys
- keys = yield km.get_all_keys(False)
- self.assertEqual(len(keys), 1, 'Wrong number of keys')
- self.assertTrue(ADDRESS in keys[0].uids)
- self.assertFalse(keys[0].private)
- # get private keys
- keys = yield km.get_all_keys(True)
- self.assertEqual(len(keys), 1, 'Wrong number of keys')
- self.assertTrue(ADDRESS in keys[0].uids)
- self.assertTrue(keys[0].private)
-
- @defer.inlineCallbacks
- def test_get_public_key(self):
- km = self._key_manager()
- yield km._openpgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- # get the key
- key = yield km.get_key(ADDRESS, private=False, fetch_remote=False)
- self.assertTrue(key is not None)
- self.assertTrue(ADDRESS in key.uids)
- self.assertEqual(
- key.fingerprint.lower(), KEY_FINGERPRINT.lower())
- self.assertFalse(key.private)
-
- @defer.inlineCallbacks
- def test_get_public_key_with_binary_private_key(self):
- km = self._key_manager()
- yield km._openpgp.put_raw_key(self.get_private_binary_key(), ADDRESS)
- # get the key
- key = yield km.get_key(ADDRESS, private=False, fetch_remote=False)
- self.assertTrue(key is not None)
- self.assertTrue(ADDRESS in key.uids)
- self.assertEqual(
- key.fingerprint.lower(), KEY_FINGERPRINT.lower())
- self.assertFalse(key.private)
-
- @defer.inlineCallbacks
- def test_get_private_key(self):
- km = self._key_manager()
- yield km._openpgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- # get the key
- key = yield km.get_key(ADDRESS, private=True, fetch_remote=False)
- self.assertTrue(key is not None)
- self.assertTrue(ADDRESS in key.uids)
- self.assertEqual(
- key.fingerprint.lower(), KEY_FINGERPRINT.lower())
- self.assertTrue(key.private)
-
- def test_send_key_raises_key_not_found(self):
- km = self._key_manager()
- d = km.send_key()
- return self.assertFailure(d, errors.KeyNotFound)
-
- @defer.inlineCallbacks
- def test_send_key(self):
- """
- Test that request is well formed when sending keys to server.
- """
- token = "mytoken"
- km = self._key_manager(token=token)
- yield km._openpgp.put_raw_key(PUBLIC_KEY, ADDRESS)
- km._async_client_pinned.request = Mock(return_value=defer.succeed(''))
- # the following data will be used on the send
- km.ca_cert_path = 'capath'
- km.session_id = 'sessionid'
- km.uid = 'myuid'
- km.api_uri = 'apiuri'
- km.api_version = 'apiver'
- yield km.send_key()
- # setup expected args
- pubkey = yield km.get_key(km._address)
- data = urllib.urlencode({
- km.PUBKEY_KEY: pubkey.key_data,
- })
- headers = {'Authorization': [str('Token token=%s' % token)]}
- headers['Content-Type'] = ['application/x-www-form-urlencoded']
- url = '%s/%s/users/%s.json' % ('apiuri', 'apiver', 'myuid')
- km._async_client_pinned.request.assert_called_once_with(
- str(url), 'PUT', body=str(data),
- headers=headers
- )
-
- def test_fetch_keys_from_server(self):
- """
- Test that the request is well formed when fetching keys from server.
- """
- km = self._key_manager(url=NICKSERVER_URI)
- expected_url = NICKSERVER_URI + '?address=' + ADDRESS_2
-
- def verify_the_call(_):
- used_kwargs = km._async_client_pinned.request.call_args[1]
- km._async_client_pinned.request.assert_called_once_with(
- expected_url, 'GET', **used_kwargs)
-
- d = self._fetch_key(km, ADDRESS_2, PUBLIC_KEY_2)
- d.addCallback(verify_the_call)
- return d
-
- def test_key_not_found_is_raised_if_key_search_responds_404(self):
- """
- Test if key search request comes back with a 404 response then
- KeyNotFound is raised, with corresponding error message.
- """
- km = self._key_manager(url=NICKSERVER_URI)
- client.readBody = Mock(return_value=defer.succeed(None))
- km._async_client_pinned.request = Mock(
- return_value=defer.succeed(None))
- url = NICKSERVER_URI + '?address=' + INVALID_MAIL_ADDRESS
-
- d = km._fetch_and_handle_404_from_nicknym(url, INVALID_MAIL_ADDRESS)
-
- def check_key_not_found_is_raised_if_404(_):
- used_kwargs = km._async_client_pinned.request.call_args[1]
- check_404_callback = used_kwargs['callback']
- fake_response = Mock()
- fake_response.code = NOT_FOUND
- with self.assertRaisesRegexp(
- errors.KeyNotFound,
- '404: %s key not found.' % INVALID_MAIL_ADDRESS):
- check_404_callback(fake_response)
-
- d.addCallback(check_key_not_found_is_raised_if_404)
- return d
-
- def test_non_existing_key_from_nicknym_is_relayed(self):
- """
- Test if key search requests throws KeyNotFound, the same error is
- raised.
- """
- km = self._key_manager(url=NICKSERVER_URI)
- key_not_found_exception = errors.KeyNotFound('some message')
- km._async_client_pinned.request = Mock(
- side_effect=key_not_found_exception)
-
- def assert_key_not_found_raised(error):
- self.assertEqual(error.value, key_not_found_exception)
-
- d = km._get_key_from_nicknym(INVALID_MAIL_ADDRESS)
- d.addErrback(assert_key_not_found_raised)
-
- @defer.inlineCallbacks
- def test_get_key_fetches_from_server(self):
- """
- Test that getting a key successfuly fetches from server.
- """
- km = self._key_manager(url=NICKSERVER_URI)
-
- key = yield self._fetch_key(km, ADDRESS, PUBLIC_KEY)
- self.assertIsInstance(key, OpenPGPKey)
- self.assertTrue(ADDRESS in key.uids)
- self.assertEqual(key.validation, ValidationLevels.Provider_Trust)
-
- @defer.inlineCallbacks
- def test_get_key_fetches_other_domain(self):
- """
- Test that getting a key successfuly fetches from server.
- """
- km = self._key_manager(url=NICKSERVER_URI)
-
- key = yield self._fetch_key(km, ADDRESS_OTHER, PUBLIC_KEY_OTHER)
- self.assertIsInstance(key, OpenPGPKey)
- self.assertTrue(ADDRESS_OTHER in key.uids)
- self.assertEqual(key.validation, ValidationLevels.Weak_Chain)
-
- def _fetch_key(self, km, address, key):
- """
- :returns: a Deferred that will fire with the OpenPGPKey
- """
- data = json.dumps({'address': address, 'openpgp': key})
-
- client.readBody = Mock(return_value=defer.succeed(data))
-
- # mock the fetcher so it returns the key for ADDRESS_2
- km._async_client_pinned.request = Mock(
- return_value=defer.succeed(None))
- km.ca_cert_path = 'cacertpath'
- # try to key get without fetching from server
- d_fail = km.get_key(address, fetch_remote=False)
- d = self.assertFailure(d_fail, errors.KeyNotFound)
- # try to get key fetching from server.
- d.addCallback(lambda _: km.get_key(address))
- return d
-
- @defer.inlineCallbacks
- def test_put_key_ascii(self):
- """
- Test that putting ascii key works
- """
- km = self._key_manager(url=NICKSERVER_URI)
-
- yield km.put_raw_key(PUBLIC_KEY, ADDRESS)
- key = yield km.get_key(ADDRESS)
- self.assertIsInstance(key, OpenPGPKey)
- self.assertTrue(ADDRESS in key.uids)
-
- @defer.inlineCallbacks
- def test_put_key_binary(self):
- """
- Test that putting binary key works
- """
- km = self._key_manager(url=NICKSERVER_URI)
-
- yield km.put_raw_key(self.get_public_binary_key(), ADDRESS)
- key = yield km.get_key(ADDRESS)
-
- self.assertIsInstance(key, OpenPGPKey)
- self.assertTrue(ADDRESS in key.uids)
-
- @defer.inlineCallbacks
- def test_fetch_uri_ascii_key(self):
- """
- Test that fetch key downloads the ascii key and gets included in
- the local storage
- """
- km = self._key_manager()
-
- km._async_client.request = Mock(return_value=defer.succeed(PUBLIC_KEY))
-
- yield km.fetch_key(ADDRESS, "http://site.domain/key")
- key = yield km.get_key(ADDRESS)
- self.assertEqual(KEY_FINGERPRINT, key.fingerprint)
-
- @defer.inlineCallbacks
- def test_fetch_uri_binary_key(self):
- """
- Test that fetch key downloads the binary key and gets included in
- the local storage
- """
- km = self._key_manager()
-
- km._async_client.request = Mock(
- return_value=defer.succeed(self.get_public_binary_key()))
-
- yield km.fetch_key(ADDRESS, "http://site.domain/key")
- key = yield km.get_key(ADDRESS)
- self.assertEqual(KEY_FINGERPRINT, key.fingerprint)
-
- def test_fetch_uri_empty_key(self):
- """
- Test that fetch key raises KeyNotFound if no key in the url
- """
- km = self._key_manager()
-
- km._async_client.request = Mock(return_value=defer.succeed(""))
- d = km.fetch_key(ADDRESS, "http://site.domain/key")
- return self.assertFailure(d, errors.KeyNotFound)
-
- def test_fetch_uri_address_differ(self):
- """
- Test that fetch key raises KeyAttributesDiffer if the address
- don't match
- """
- km = self._key_manager()
-
- km._async_client.request = Mock(return_value=defer.succeed(PUBLIC_KEY))
- d = km.fetch_key(ADDRESS_2, "http://site.domain/key")
- return self.assertFailure(d, errors.KeyAddressMismatch)
-
- def _mock_get_response(self, km, body):
- km._async_client.request = MagicMock(return_value=defer.succeed(body))
-
- return km._async_client.request
-
- @defer.inlineCallbacks
- def test_fetch_key_uses_ca_bundle_if_none_specified(self):
- ca_cert_path = None
- km = self._key_manager(ca_cert_path=ca_cert_path)
- get_mock = self._mock_get_response(km, PUBLIC_KEY_OTHER)
-
- yield km.fetch_key(ADDRESS_OTHER, REMOTE_KEY_URL)
-
- get_mock.assert_called_once_with(REMOTE_KEY_URL, 'GET')
-
- @defer.inlineCallbacks
- def test_fetch_key_uses_ca_bundle_if_empty_string_specified(self):
- ca_cert_path = ''
- km = self._key_manager(ca_cert_path=ca_cert_path)
- get_mock = self._mock_get_response(km, PUBLIC_KEY_OTHER)
-
- yield km.fetch_key(ADDRESS_OTHER, REMOTE_KEY_URL)
-
- get_mock.assert_called_once_with(REMOTE_KEY_URL, 'GET')
-
- @defer.inlineCallbacks
- def test_fetch_key_use_default_ca_bundle_if_set_as_ca_cert_path(self):
- ca_cert_path = ca_bundle.where()
- km = self._key_manager(ca_cert_path=ca_cert_path)
- get_mock = self._mock_get_response(km, PUBLIC_KEY_OTHER)
-
- yield km.fetch_key(ADDRESS_OTHER, REMOTE_KEY_URL)
-
- get_mock.assert_called_once_with(REMOTE_KEY_URL, 'GET')
-
- @defer.inlineCallbacks
- def test_fetch_uses_combined_ca_bundle_otherwise(self):
- with tempfile.NamedTemporaryFile() as tmp_input, \
- tempfile.NamedTemporaryFile(delete=False) as tmp_output:
- ca_content = pkg_resources.resource_string('leap.common.testing',
- 'cacert.pem')
- ca_cert_path = tmp_input.name
- self._dump_to_file(ca_cert_path, ca_content)
-
- with patch('leap.keymanager.tempfile.NamedTemporaryFile') as mock:
- mock.return_value = tmp_output
- km = self._key_manager(ca_cert_path=ca_cert_path)
- get_mock = self._mock_get_response(km, PUBLIC_KEY_OTHER)
-
- yield km.fetch_key(ADDRESS_OTHER, REMOTE_KEY_URL)
-
- # assert that combined bundle file is passed to get call
- get_mock.assert_called_once_with(REMOTE_KEY_URL, 'GET')
-
- # assert that files got appended
- expected = self._slurp_file(ca_bundle.where()) + ca_content
- self.assertEqual(expected, self._slurp_file(tmp_output.name))
-
- del km # force km out of scope
- self.assertFalse(path.exists(tmp_output.name))
-
- def _dump_to_file(self, filename, content):
- with open(filename, 'w') as out:
- out.write(content)
-
- def _slurp_file(self, filename):
- with open(filename) as f:
- content = f.read()
- return content
-
- @defer.inlineCallbacks
- def test_decrypt_updates_sign_used_for_signer(self):
- # given
- km = self._key_manager()
- yield km._openpgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- yield km._openpgp.put_raw_key(PRIVATE_KEY_2, ADDRESS_2)
- encdata = yield km.encrypt('data', ADDRESS, sign=ADDRESS_2,
- fetch_remote=False)
- yield km.decrypt(
- encdata, ADDRESS, verify=ADDRESS_2, fetch_remote=False)
-
- # when
- key = yield km.get_key(ADDRESS_2, fetch_remote=False)
-
- # then
- self.assertEqual(True, key.sign_used)
-
- @defer.inlineCallbacks
- def test_decrypt_does_not_update_sign_used_for_recipient(self):
- # given
- km = self._key_manager()
- yield km._openpgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- yield km._openpgp.put_raw_key(PRIVATE_KEY_2, ADDRESS_2)
- encdata = yield km.encrypt('data', ADDRESS, sign=ADDRESS_2,
- fetch_remote=False)
- yield km.decrypt(
- encdata, ADDRESS, verify=ADDRESS_2, fetch_remote=False)
-
- # when
- key = yield km.get_key(
- ADDRESS, private=False, fetch_remote=False)
-
- # then
- self.assertEqual(False, key.sign_used)
-
-
-class KeyManagerCryptoTestCase(KeyManagerWithSoledadTestCase):
-
- RAW_DATA = 'data'
-
- @defer.inlineCallbacks
- def test_keymanager_openpgp_encrypt_decrypt(self):
- km = self._key_manager()
- # put raw private key
- yield km._openpgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- yield km._openpgp.put_raw_key(PRIVATE_KEY_2, ADDRESS_2)
- # encrypt
- encdata = yield km.encrypt(self.RAW_DATA, ADDRESS, sign=ADDRESS_2,
- fetch_remote=False)
- self.assertNotEqual(self.RAW_DATA, encdata)
- # decrypt
- rawdata, signingkey = yield km.decrypt(
- encdata, ADDRESS, verify=ADDRESS_2, fetch_remote=False)
- self.assertEqual(self.RAW_DATA, rawdata)
- key = yield km.get_key(ADDRESS_2, private=False, fetch_remote=False)
- self.assertEqual(signingkey.fingerprint, key.fingerprint)
-
- @defer.inlineCallbacks
- def test_keymanager_openpgp_encrypt_decrypt_wrong_sign(self):
- km = self._key_manager()
- # put raw keys
- yield km._openpgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- yield km._openpgp.put_raw_key(PRIVATE_KEY_2, ADDRESS_2)
- # encrypt
- encdata = yield km.encrypt(self.RAW_DATA, ADDRESS, sign=ADDRESS_2,
- fetch_remote=False)
- self.assertNotEqual(self.RAW_DATA, encdata)
- # verify
- rawdata, signingkey = yield km.decrypt(
- encdata, ADDRESS, verify=ADDRESS, fetch_remote=False)
- self.assertEqual(self.RAW_DATA, rawdata)
- self.assertTrue(isinstance(signingkey, errors.InvalidSignature))
-
- @defer.inlineCallbacks
- def test_keymanager_openpgp_sign_verify(self):
- km = self._key_manager()
- # put raw private keys
- yield km._openpgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- signdata = yield km.sign(self.RAW_DATA, ADDRESS, detach=False)
- self.assertNotEqual(self.RAW_DATA, signdata)
- # verify
- signingkey = yield km.verify(signdata, ADDRESS, fetch_remote=False)
- key = yield km.get_key(ADDRESS, private=False, fetch_remote=False)
- self.assertEqual(signingkey.fingerprint, key.fingerprint)
-
- def test_keymanager_encrypt_key_not_found(self):
- km = self._key_manager()
- d = km._openpgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- d.addCallback(
- lambda _: km.encrypt(self.RAW_DATA, ADDRESS_2, sign=ADDRESS,
- fetch_remote=False))
- return self.assertFailure(d, errors.KeyNotFound)
-
-if __name__ == "__main__":
- import unittest
- unittest.main()
-
-# key 0F91B402: someone@somedomain.org
-# 9420 EC7B 6DCB 867F 5592 E6D1 7504 C974 0F91 B402
-ADDRESS_OTHER = "someone@somedomain.org"
-PUBLIC_KEY_OTHER = """
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1
-
-mQENBFUZFLwBCADRzTstykRAV3aWysLAV4O3DXdpXhV3Cww8Pfc6m1bVxAT2ifcL
-kLWEaIkOB48SYIHbYzqOi1/h5abJf+5n4uhaIks+FsjsXYo1XOiYpVCNf7+xLnUM
-jkmglKT5sASr61QDcFMqWfGTJ8iUTNVCJZ2k14QJ4Vss/ntnV9uB7Ef7wU7RZvxr
-wINH/0LfKPsGE9l2qNpKUAAmg2bHn9YdsHj1sqlW7eZpwvefYrQej4KBaL2oq3vt
-QQOdXGFqWYMe3cX+bQ1DAMG3ttTF6EGkY97BK7A18I/RJiLujWCEAkMzFr5SK9KU
-AOMj6MpjfTOE+GfUKsu7/gGt42eMBFsIOvsZABEBAAG0IFNvbWVvbmUgPHNvbWVv
-bmVAc29tZWRvbWFpbi5vcmc+iQE4BBMBAgAiBQJVGRS8AhsDBgsJCAcDAgYVCAIJ
-CgsEFgIDAQIeAQIXgAAKCRB1BMl0D5G0AlFsCAC33LhxBRwO64T6DgTb4/39aLpi
-9T3yAmXBAHC7Q+4f37IBX5fJBRKu4Lvfp6KherOl/I/Jj34yv8pm0j+kXeWktfxZ
-cW+mv2vjBHQVopiUSyMVh7caFSq9sKm+oQdo6oIl9DHSARegbkCn2+0b4VxgJpyj
-TZBMyUMD2AayivQU4QHOM3KCozhLNNDbpKy7LH0MSAUDmRaJsPk1zK15lQocK/7R
-Z5yF4rdrdzDWrVucZJc09yntSqTGECue3W2GBCaBlb/O1c9xei4MTb4nSHS5Gp/7
-hcjrvIrgPpehndk8ZRREN/Y8uk1W5fbWzx+5z8g31RCGWBQw4NAnG10NZ3oEuQEN
-BFUZFLwBCADocYZmLu1iXIE6gKqniR6Z8UDC5XnqgK+BEJwi1abe9zWhjgKeW9Vv
-u1i194wuCUiNkP/bMvwMBZLTslDzqxl32ETk9FvB3kWy80S8MDjQJ15IN4I622fq
-MEWwtQ0WrRay9VV6M8H2mIf71/1d5T9ysWK4XRyv+N7eRhfg7T2uhrpNyKdCZzjq
-2wlgpVkMY7gtxTqJseM+qS5UNiReGxtoOXFLzzmagFgbqK88eMeZJZt8yKf81xhP
-SWLTxaVaeBEAlajvEkxZJrrDQuc+maTwtMxmNUe815wJnpcRF8VD91GUpSLAN6EC
-1QuJUl6Lc2o2tcHeo6CGsDZ96o0J8pFhABEBAAGJAR8EGAECAAkFAlUZFLwCGwwA
-CgkQdQTJdA+RtAKcdwgApzHPhwwaZ9TBjgOytke/hPE0ht/EJ5nRiIda2PucoPh6
-DwnaI8nvmGXUfC4qFy6LM8/fJHof1BqLnMbx8MCLurnm5z30q8RhLE3YWM11zuMy
-6wkHGmi/6S1G4okC+Uu8AA4K//HBo8bLcqGVWRnFAmCqy6VMAofsQvmM7vHbRj56
-U919Bki/7I6kcxPEzO73Umh3o82VP/Hz3JMigRNBRfG3jPrX04RLJj3Ib5lhQIDw
-XrO8VHz9foOpY+rJnWj+6QAozxorzZYShu6H0GR1nIuqWMwli1nrx6BeIJAVz5cg
-QzEd9yAN+81fkIBaa6Y8LCBxV03JCc2J4eCUKXd1gg==
-=gDzy
------END PGP PUBLIC KEY BLOCK-----
-"""
diff --git a/keymanager/tests/test_migrator.py b/keymanager/tests/test_migrator.py
deleted file mode 100644
index 64cd8e10..00000000
--- a/keymanager/tests/test_migrator.py
+++ /dev/null
@@ -1,176 +0,0 @@
-# -*- coding: utf-8 -*-
-# test_migrator.py
-# Copyright (C) 2015 LEAP
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-
-"""
-Tests for the migrator.
-"""
-
-
-from collections import namedtuple
-from mock import Mock
-from twisted.internet.defer import succeed, inlineCallbacks
-
-from leap.keymanager.migrator import KeyDocumentsMigrator, KEY_ID_KEY
-from leap.keymanager.documents import (
- TAGS_PRIVATE_INDEX,
- KEYMANAGER_ACTIVE_TAG,
- KEYMANAGER_KEY_TAG,
- KEYMANAGER_DOC_VERSION,
-
- KEY_ADDRESS_KEY,
- KEY_UIDS_KEY,
- KEY_VERSION_KEY,
- KEY_FINGERPRINT_KEY,
- KEY_VALIDATION_KEY,
- KEY_LAST_AUDITED_AT_KEY,
- KEY_ENCR_USED_KEY,
- KEY_SIGN_USED_KEY,
-)
-from leap.keymanager.validation import ValidationLevels
-
-from common import (
- KeyManagerWithSoledadTestCase,
- ADDRESS,
- ADDRESS_2,
- KEY_FINGERPRINT,
-)
-
-
-class OpenPGPCryptoTestCase(KeyManagerWithSoledadTestCase):
- @inlineCallbacks
- def test_simple_migration(self):
- get_from_index = self._soledad.get_from_index
- delete_doc = self._soledad.delete_doc
- put_doc = self._soledad.put_doc
-
- def my_get_from_index(*args):
- docs = []
- if (args[0] == TAGS_PRIVATE_INDEX and
- args[2] == '0'):
- SoledadDocument = namedtuple("SoledadDocument", ["content"])
- if args[1] == KEYMANAGER_KEY_TAG:
- docs = [SoledadDocument({
- KEY_ADDRESS_KEY: [ADDRESS],
- KEY_ID_KEY: KEY_FINGERPRINT[-16:],
- KEY_FINGERPRINT_KEY: KEY_FINGERPRINT,
- KEY_VALIDATION_KEY: str(ValidationLevels.Weak_Chain),
- KEY_LAST_AUDITED_AT_KEY: 0,
- KEY_ENCR_USED_KEY: True,
- KEY_SIGN_USED_KEY: False,
- })]
- if args[1] == KEYMANAGER_ACTIVE_TAG:
- docs = [SoledadDocument({
- KEY_ID_KEY: KEY_FINGERPRINT[-16:],
- })]
- return succeed(docs)
-
- self._soledad.get_from_index = my_get_from_index
- self._soledad.delete_doc = Mock(return_value=succeed(None))
- self._soledad.put_doc = Mock(return_value=succeed(None))
-
- try:
- migrator = KeyDocumentsMigrator(self._soledad)
- yield migrator.migrate()
- call_list = self._soledad.put_doc.call_args_list
- finally:
- self._soledad.get_from_index = get_from_index
- self._soledad.delete_doc = delete_doc
- self._soledad.put_doc = put_doc
-
- self.assertEqual(len(call_list), 2)
- active = call_list[0][0][0]
- key = call_list[1][0][0]
-
- self.assertTrue(KEY_ID_KEY not in active.content)
- self.assertEqual(active.content[KEY_VERSION_KEY],
- KEYMANAGER_DOC_VERSION)
- self.assertEqual(active.content[KEY_FINGERPRINT_KEY], KEY_FINGERPRINT)
- self.assertEqual(active.content[KEY_VALIDATION_KEY],
- str(ValidationLevels.Weak_Chain))
- self.assertEqual(active.content[KEY_LAST_AUDITED_AT_KEY], 0)
- self.assertEqual(active.content[KEY_ENCR_USED_KEY], True)
- self.assertEqual(active.content[KEY_SIGN_USED_KEY], False)
-
- self.assertTrue(KEY_ID_KEY not in key.content)
- self.assertTrue(KEY_ADDRESS_KEY not in key.content)
- self.assertTrue(KEY_VALIDATION_KEY not in key.content)
- self.assertTrue(KEY_LAST_AUDITED_AT_KEY not in key.content)
- self.assertTrue(KEY_ENCR_USED_KEY not in key.content)
- self.assertTrue(KEY_SIGN_USED_KEY not in key.content)
- self.assertEqual(key.content[KEY_UIDS_KEY], [ADDRESS])
-
- @inlineCallbacks
- def test_two_active_docs(self):
- get_from_index = self._soledad.get_from_index
- delete_doc = self._soledad.delete_doc
- put_doc = self._soledad.put_doc
-
- def my_get_from_index(*args):
- docs = []
- if (args[0] == TAGS_PRIVATE_INDEX and
- args[2] == '0'):
- SoledadDocument = namedtuple("SoledadDocument", ["content"])
- if args[1] == KEYMANAGER_KEY_TAG:
- validation = str(ValidationLevels.Provider_Trust)
- docs = [SoledadDocument({
- KEY_ADDRESS_KEY: [ADDRESS, ADDRESS_2],
- KEY_ID_KEY: KEY_FINGERPRINT[-16:],
- KEY_FINGERPRINT_KEY: KEY_FINGERPRINT,
- KEY_VALIDATION_KEY: validation,
- KEY_LAST_AUDITED_AT_KEY: 1984,
- KEY_ENCR_USED_KEY: True,
- KEY_SIGN_USED_KEY: False,
- })]
- if args[1] == KEYMANAGER_ACTIVE_TAG:
- docs = [
- SoledadDocument({
- KEY_ADDRESS_KEY: ADDRESS,
- KEY_ID_KEY: KEY_FINGERPRINT[-16:],
- }),
- SoledadDocument({
- KEY_ADDRESS_KEY: ADDRESS_2,
- KEY_ID_KEY: KEY_FINGERPRINT[-16:],
- }),
- ]
- return succeed(docs)
-
- self._soledad.get_from_index = my_get_from_index
- self._soledad.delete_doc = Mock(return_value=succeed(None))
- self._soledad.put_doc = Mock(return_value=succeed(None))
-
- try:
- migrator = KeyDocumentsMigrator(self._soledad)
- yield migrator.migrate()
- call_list = self._soledad.put_doc.call_args_list
- finally:
- self._soledad.get_from_index = get_from_index
- self._soledad.delete_doc = delete_doc
- self._soledad.put_doc = put_doc
-
- self.assertEqual(len(call_list), 3)
- for active in [call[0][0] for call in call_list][:2]:
- self.assertTrue(KEY_ID_KEY not in active.content)
- self.assertEqual(active.content[KEY_VERSION_KEY],
- KEYMANAGER_DOC_VERSION)
- self.assertEqual(active.content[KEY_FINGERPRINT_KEY],
- KEY_FINGERPRINT)
- self.assertEqual(active.content[KEY_VALIDATION_KEY],
- str(ValidationLevels.Weak_Chain))
- self.assertEqual(active.content[KEY_LAST_AUDITED_AT_KEY], 0)
- self.assertEqual(active.content[KEY_ENCR_USED_KEY], False)
- self.assertEqual(active.content[KEY_SIGN_USED_KEY], False)
diff --git a/keymanager/tests/test_openpgp.py b/keymanager/tests/test_openpgp.py
deleted file mode 100644
index 1f78ad41..00000000
--- a/keymanager/tests/test_openpgp.py
+++ /dev/null
@@ -1,365 +0,0 @@
-# -*- coding: utf-8 -*-
-# test_keymanager.py
-# Copyright (C) 2014 LEAP
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-
-"""
-Tests for the OpenPGP support on Key Manager.
-"""
-
-
-from datetime import datetime
-from mock import Mock
-from twisted.internet.defer import inlineCallbacks, gatherResults, succeed
-
-from leap.keymanager import (
- KeyNotFound,
- openpgp,
-)
-from leap.keymanager.documents import (
- TYPE_FINGERPRINT_PRIVATE_INDEX,
- TYPE_ADDRESS_PRIVATE_INDEX,
-)
-from leap.keymanager.keys import OpenPGPKey
-
-from common import (
- KeyManagerWithSoledadTestCase,
- ADDRESS,
- ADDRESS_2,
- KEY_FINGERPRINT,
- PUBLIC_KEY,
- PUBLIC_KEY_2,
- PRIVATE_KEY,
- PRIVATE_KEY_2,
-)
-
-
-class OpenPGPCryptoTestCase(KeyManagerWithSoledadTestCase):
-
- # set the trial timeout to 20min, needed by the key generation test
- timeout = 1200
-
- @inlineCallbacks
- def _test_openpgp_gen_key(self):
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield self._assert_key_not_found(pgp, 'user@leap.se')
- key = yield pgp.gen_key('user@leap.se')
- self.assertIsInstance(key, OpenPGPKey)
- self.assertEqual(
- 'user@leap.se', key.address, 'Wrong address bound to key.')
- self.assertEqual(
- 4096, key.length, 'Wrong key length.')
-
- @inlineCallbacks
- def test_openpgp_put_delete_key(self):
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield self._assert_key_not_found(pgp, ADDRESS)
- yield pgp.put_raw_key(PUBLIC_KEY, ADDRESS)
- key = yield pgp.get_key(ADDRESS, private=False)
- yield pgp.delete_key(key)
- yield self._assert_key_not_found(pgp, ADDRESS)
-
- @inlineCallbacks
- def test_openpgp_put_ascii_key(self):
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield self._assert_key_not_found(pgp, ADDRESS)
- yield pgp.put_raw_key(PUBLIC_KEY, ADDRESS)
- key = yield pgp.get_key(ADDRESS, private=False)
- self.assertIsInstance(key, OpenPGPKey)
- self.assertTrue(
- ADDRESS in key.address, 'Wrong address bound to key.')
- self.assertEqual(
- 4096, key.length, 'Wrong key length.')
- yield pgp.delete_key(key)
- yield self._assert_key_not_found(pgp, ADDRESS)
-
- @inlineCallbacks
- def test_get_public_key(self):
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield self._assert_key_not_found(pgp, ADDRESS)
- yield pgp.put_raw_key(PUBLIC_KEY, ADDRESS)
- yield self._assert_key_not_found(pgp, ADDRESS, private=True)
- key = yield pgp.get_key(ADDRESS, private=False)
- self.assertTrue(ADDRESS in key.address)
- self.assertFalse(key.private)
- self.assertEqual(KEY_FINGERPRINT, key.fingerprint)
- yield pgp.delete_key(key)
- yield self._assert_key_not_found(pgp, ADDRESS)
-
- @inlineCallbacks
- def test_openpgp_encrypt_decrypt(self):
- data = 'data'
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
-
- # encrypt
- yield pgp.put_raw_key(PUBLIC_KEY, ADDRESS)
- pubkey = yield pgp.get_key(ADDRESS, private=False)
- cyphertext = yield pgp.encrypt(data, pubkey)
-
- self.assertTrue(cyphertext is not None)
- self.assertTrue(cyphertext != '')
- self.assertTrue(cyphertext != data)
- self.assertTrue(pgp.is_encrypted(cyphertext))
- self.assertTrue(pgp.is_encrypted(cyphertext))
-
- # decrypt
- yield self._assert_key_not_found(pgp, ADDRESS, private=True)
- yield pgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- privkey = yield pgp.get_key(ADDRESS, private=True)
- decrypted, _ = yield pgp.decrypt(cyphertext, privkey)
- self.assertEqual(decrypted, data)
-
- yield pgp.delete_key(pubkey)
- yield pgp.delete_key(privkey)
- yield self._assert_key_not_found(pgp, ADDRESS, private=False)
- yield self._assert_key_not_found(pgp, ADDRESS, private=True)
-
- @inlineCallbacks
- def test_verify_with_private_raises(self):
- data = 'data'
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield pgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- privkey = yield pgp.get_key(ADDRESS, private=True)
- signed = pgp.sign(data, privkey)
- self.assertRaises(
- AssertionError,
- pgp.verify, signed, privkey)
-
- @inlineCallbacks
- def test_sign_with_public_raises(self):
- data = 'data'
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield pgp.put_raw_key(PUBLIC_KEY, ADDRESS)
- self.assertRaises(
- AssertionError,
- pgp.sign, data, ADDRESS, OpenPGPKey)
-
- @inlineCallbacks
- def test_verify_with_wrong_key_raises(self):
- data = 'data'
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield pgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- privkey = yield pgp.get_key(ADDRESS, private=True)
- signed = pgp.sign(data, privkey)
- yield pgp.put_raw_key(PUBLIC_KEY_2, ADDRESS_2)
- wrongkey = yield pgp.get_key(ADDRESS_2)
- self.assertFalse(pgp.verify(signed, wrongkey))
-
- @inlineCallbacks
- def test_encrypt_sign_with_public_raises(self):
- data = 'data'
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield pgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- privkey = yield pgp.get_key(ADDRESS, private=True)
- pubkey = yield pgp.get_key(ADDRESS, private=False)
- self.failureResultOf(
- pgp.encrypt(data, privkey, sign=pubkey),
- AssertionError)
-
- @inlineCallbacks
- def test_decrypt_verify_with_private_raises(self):
- data = 'data'
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield pgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- privkey = yield pgp.get_key(ADDRESS, private=True)
- pubkey = yield pgp.get_key(ADDRESS, private=False)
- encrypted_and_signed = yield pgp.encrypt(
- data, pubkey, sign=privkey)
- self.failureResultOf(
- pgp.decrypt(encrypted_and_signed, privkey, verify=privkey),
- AssertionError)
-
- @inlineCallbacks
- def test_decrypt_verify_with_wrong_key(self):
- data = 'data'
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield pgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- privkey = yield pgp.get_key(ADDRESS, private=True)
- pubkey = yield pgp.get_key(ADDRESS, private=False)
- encrypted_and_signed = yield pgp.encrypt(data, pubkey, sign=privkey)
- yield pgp.put_raw_key(PUBLIC_KEY_2, ADDRESS_2)
- wrongkey = yield pgp.get_key(ADDRESS_2)
- decrypted, validsign = yield pgp.decrypt(encrypted_and_signed,
- privkey,
- verify=wrongkey)
- self.assertEqual(decrypted, data)
- self.assertFalse(validsign)
-
- @inlineCallbacks
- def test_sign_verify(self):
- data = 'data'
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield pgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- privkey = yield pgp.get_key(ADDRESS, private=True)
- signed = pgp.sign(data, privkey, detach=False)
- pubkey = yield pgp.get_key(ADDRESS, private=False)
- validsign = pgp.verify(signed, pubkey)
- self.assertTrue(validsign)
-
- @inlineCallbacks
- def test_encrypt_sign_decrypt_verify(self):
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
-
- yield pgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- pubkey = yield pgp.get_key(ADDRESS, private=False)
- privkey = yield pgp.get_key(ADDRESS, private=True)
-
- yield pgp.put_raw_key(PRIVATE_KEY_2, ADDRESS_2)
- pubkey2 = yield pgp.get_key(ADDRESS_2, private=False)
- privkey2 = yield pgp.get_key(ADDRESS_2, private=True)
-
- data = 'data'
- encrypted_and_signed = yield pgp.encrypt(
- data, pubkey2, sign=privkey)
- res, validsign = yield pgp.decrypt(
- encrypted_and_signed, privkey2, verify=pubkey)
- self.assertEqual(data, res)
- self.assertTrue(validsign)
-
- @inlineCallbacks
- def test_sign_verify_detached_sig(self):
- data = 'data'
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield pgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- privkey = yield pgp.get_key(ADDRESS, private=True)
- signature = yield pgp.sign(data, privkey, detach=True)
- pubkey = yield pgp.get_key(ADDRESS, private=False)
- validsign = pgp.verify(data, pubkey, detached_sig=signature)
- self.assertTrue(validsign)
-
- @inlineCallbacks
- def test_self_repair_three_keys(self):
- refreshed_keep = datetime(2007, 1, 1)
- self._insert_key_docs([datetime(2005, 1, 1),
- refreshed_keep,
- datetime(2001, 1, 1)])
- delete_doc = self._mock_delete_doc()
-
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- key = yield pgp.get_key(ADDRESS, private=False)
- self.assertEqual(key.refreshed_at, refreshed_keep)
- self.assertEqual(self.count, 2)
- self._soledad.delete_doc = delete_doc
-
- @inlineCallbacks
- def test_self_repair_no_keys(self):
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield pgp.put_raw_key(PUBLIC_KEY, ADDRESS)
-
- get_from_index = self._soledad.get_from_index
- delete_doc = self._soledad.delete_doc
-
- def my_get_from_index(*args):
- if (args[0] == TYPE_FINGERPRINT_PRIVATE_INDEX and
- args[2] == KEY_FINGERPRINT):
- return succeed([])
- return get_from_index(*args)
-
- self._soledad.get_from_index = my_get_from_index
- self._soledad.delete_doc = Mock(return_value=succeed(None))
-
- try:
- yield self.assertFailure(pgp.get_key(ADDRESS, private=False),
- KeyNotFound)
- # it should have deleted the index
- self.assertEqual(self._soledad.delete_doc.call_count, 1)
- finally:
- self._soledad.get_from_index = get_from_index
- self._soledad.delete_doc = delete_doc
-
- @inlineCallbacks
- def test_self_repair_put_keys(self):
- self._insert_key_docs([datetime(2005, 1, 1),
- datetime(2007, 1, 1),
- datetime(2001, 1, 1)])
- delete_doc = self._mock_delete_doc()
-
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
- yield pgp.put_raw_key(PUBLIC_KEY, ADDRESS)
- self._soledad.delete_doc = delete_doc
- self.assertEqual(self.count, 2)
-
- @inlineCallbacks
- def test_self_repair_six_active_docs(self):
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
-
- k1 = OpenPGPKey(ADDRESS, fingerprint="1",
- refreshed_at=datetime(2005, 1, 1))
- k2 = OpenPGPKey(ADDRESS, fingerprint="2",
- refreshed_at=datetime(2007, 1, 1))
- k3 = OpenPGPKey(ADDRESS, fingerprint="3",
- refreshed_at=datetime(2007, 1, 1),
- encr_used=True, sign_used=True)
- k4 = OpenPGPKey(ADDRESS, fingerprint="4",
- refreshed_at=datetime(2007, 1, 1),
- sign_used=True)
- k5 = OpenPGPKey(ADDRESS, fingerprint="5",
- refreshed_at=datetime(2007, 1, 1),
- encr_used=True)
- k6 = OpenPGPKey(ADDRESS, fingerprint="6",
- refreshed_at=datetime(2006, 1, 1),
- encr_used=True, sign_used=True)
- keys = (k1, k2, k3, k4, k5, k6)
- for key in keys:
- yield self._soledad.create_doc_from_json(key.get_json())
- yield self._soledad.create_doc_from_json(key.get_active_json())
-
- delete_doc = self._mock_delete_doc()
-
- key = yield pgp.get_key(ADDRESS, private=False)
- self._soledad.delete_doc = delete_doc
- self.assertEqual(self.count, 5)
- self.assertEqual(key.fingerprint, "3")
-
- def _assert_key_not_found(self, pgp, address, private=False):
- d = pgp.get_key(address, private=private)
- return self.assertFailure(d, KeyNotFound)
-
- @inlineCallbacks
- def _insert_key_docs(self, refreshed_at):
- for date in refreshed_at:
- key = OpenPGPKey(ADDRESS, fingerprint=KEY_FINGERPRINT,
- refreshed_at=date)
- yield self._soledad.create_doc_from_json(key.get_json())
- yield self._soledad.create_doc_from_json(key.get_active_json())
-
- def _mock_delete_doc(self):
- delete_doc = self._soledad.delete_doc
- self.count = 0
-
- def my_delete_doc(*args):
- self.count += 1
- return delete_doc(*args)
- self._soledad.delete_doc = my_delete_doc
- return delete_doc
diff --git a/keymanager/tests/test_validation.py b/keymanager/tests/test_validation.py
deleted file mode 100644
index 4aa0795d..00000000
--- a/keymanager/tests/test_validation.py
+++ /dev/null
@@ -1,502 +0,0 @@
-# -*- coding: utf-8 -*-
-# __init__.py
-# Copyright (C) 2014 LEAP
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-"""
-Tests for the Validation Levels
-"""
-
-import unittest
-from datetime import datetime
-from twisted.internet.defer import inlineCallbacks
-
-from leap.keymanager.errors import KeyNotValidUpgrade
-from leap.keymanager.validation import ValidationLevels
-
-from common import (
- KeyManagerWithSoledadTestCase,
- ADDRESS,
- PUBLIC_KEY,
- ADDRESS_2,
- PUBLIC_KEY_2,
- PRIVATE_KEY_2,
- KEY_FINGERPRINT
-)
-
-
-class ValidationLevelsTestCase(KeyManagerWithSoledadTestCase):
-
- @inlineCallbacks
- def test_none_old_key(self):
- km = self._key_manager()
- yield km.put_raw_key(PUBLIC_KEY, ADDRESS)
- key = yield km.get_key(ADDRESS, fetch_remote=False)
- self.assertEqual(key.fingerprint, KEY_FINGERPRINT)
-
- @inlineCallbacks
- def test_cant_upgrade(self):
- km = self._key_manager()
- yield km.put_raw_key(PUBLIC_KEY, ADDRESS,
- validation=ValidationLevels.Provider_Trust)
- d = km.put_raw_key(UNRELATED_KEY, ADDRESS)
- yield self.assertFailure(d, KeyNotValidUpgrade)
-
- @inlineCallbacks
- def test_fingerprint_level(self):
- km = self._key_manager()
- yield km.put_raw_key(PUBLIC_KEY, ADDRESS)
- yield km.put_raw_key(UNRELATED_KEY, ADDRESS,
- validation=ValidationLevels.Fingerprint)
- key = yield km.get_key(ADDRESS, fetch_remote=False)
- self.assertEqual(key.fingerprint, UNRELATED_FINGERPRINT)
-
- @inlineCallbacks
- def test_expired_key(self):
- km = self._key_manager()
- yield km.put_raw_key(EXPIRED_KEY, ADDRESS)
- yield km.put_raw_key(UNRELATED_KEY, ADDRESS)
- key = yield km.get_key(ADDRESS, fetch_remote=False)
- self.assertEqual(key.fingerprint, UNRELATED_FINGERPRINT)
-
- @inlineCallbacks
- def test_expired_fail_lower_level(self):
- km = self._key_manager()
- yield km.put_raw_key(
- EXPIRED_KEY, ADDRESS,
- validation=ValidationLevels.Third_Party_Endorsement)
- d = km.put_raw_key(
- UNRELATED_KEY, ADDRESS,
- validation=ValidationLevels.Provider_Trust)
- yield self.assertFailure(d, KeyNotValidUpgrade)
-
- @inlineCallbacks
- def test_roll_back(self):
- km = self._key_manager()
- yield km.put_raw_key(EXPIRED_KEY_UPDATED, ADDRESS)
- yield km.put_raw_key(EXPIRED_KEY, ADDRESS)
- key = yield km.get_key(ADDRESS, fetch_remote=False)
- self.assertEqual(key.expiry_date, EXPIRED_KEY_NEW_EXPIRY_DATE)
-
- @inlineCallbacks
- def test_not_used(self):
- km = self._key_manager()
- yield km.put_raw_key(UNEXPIRED_KEY, ADDRESS,
- validation=ValidationLevels.Provider_Trust)
- yield km.put_raw_key(UNRELATED_KEY, ADDRESS,
- validation=ValidationLevels.Provider_Endorsement)
- key = yield km.get_key(ADDRESS, fetch_remote=False)
- self.assertEqual(key.fingerprint, UNRELATED_FINGERPRINT)
-
- @inlineCallbacks
- def test_used_with_verify(self):
- TEXT = "some text"
-
- km = self._key_manager()
- yield km.put_raw_key(UNEXPIRED_PRIVATE, ADDRESS)
- signature = yield km.sign(TEXT, ADDRESS)
- yield self.delete_all_keys(km)
-
- yield km.put_raw_key(UNEXPIRED_KEY, ADDRESS)
- yield km.encrypt(TEXT, ADDRESS)
- yield km.verify(TEXT, ADDRESS, detached_sig=signature)
-
- d = km.put_raw_key(
- UNRELATED_KEY, ADDRESS,
- validation=ValidationLevels.Provider_Endorsement)
- yield self.assertFailure(d, KeyNotValidUpgrade)
-
- @inlineCallbacks
- def test_used_with_decrypt(self):
- TEXT = "some text"
-
- km = self._key_manager()
- yield km.put_raw_key(UNEXPIRED_PRIVATE, ADDRESS)
- yield km.put_raw_key(PUBLIC_KEY_2, ADDRESS_2)
- encrypted = yield km.encrypt(TEXT, ADDRESS_2, sign=ADDRESS)
- yield self.delete_all_keys(km)
-
- yield km.put_raw_key(UNEXPIRED_KEY, ADDRESS)
- yield km.put_raw_key(PRIVATE_KEY_2, ADDRESS_2)
- yield km.encrypt(TEXT, ADDRESS)
- yield km.decrypt(encrypted, ADDRESS_2, verify=ADDRESS)
-
- d = km.put_raw_key(
- UNRELATED_KEY, ADDRESS,
- validation=ValidationLevels.Provider_Endorsement)
- yield self.assertFailure(d, KeyNotValidUpgrade)
-
- @inlineCallbacks
- def test_signed_key(self):
- km = self._key_manager()
- yield km.put_raw_key(PUBLIC_KEY, ADDRESS)
- yield km.put_raw_key(SIGNED_KEY, ADDRESS)
- key = yield km.get_key(ADDRESS, fetch_remote=False)
- self.assertEqual(key.fingerprint, SIGNED_FINGERPRINT)
-
- @inlineCallbacks
- def test_two_uuids(self):
- TEXT = "some text"
-
- km = self._key_manager()
- yield km.put_raw_key(UUIDS_PRIVATE, ADDRESS_2)
- signature = yield km.sign(TEXT, ADDRESS_2)
- yield self.delete_all_keys(km)
-
- yield km.put_raw_key(UUIDS_KEY, ADDRESS_2)
- yield km.put_raw_key(UUIDS_KEY, ADDRESS)
- yield km.encrypt(TEXT, ADDRESS_2)
- yield km.verify(TEXT, ADDRESS_2, detached_sig=signature)
-
- d = km.put_raw_key(
- PUBLIC_KEY_2, ADDRESS_2,
- validation=ValidationLevels.Provider_Endorsement)
- yield self.assertFailure(d, KeyNotValidUpgrade)
- key = yield km.get_key(ADDRESS_2, fetch_remote=False)
- self.assertEqual(key.fingerprint, UUIDS_FINGERPRINT)
-
- yield km.put_raw_key(
- PUBLIC_KEY, ADDRESS,
- validation=ValidationLevels.Provider_Endorsement)
- key = yield km.get_key(ADDRESS, fetch_remote=False)
- self.assertEqual(key.fingerprint, KEY_FINGERPRINT)
-
-
-# Key material for testing
-
-# key 901FBCA5: public key "Leap Test Key <leap@leap.se>"
-UNRELATED_FINGERPRINT = "ABCCD9C8270B6A8D5633FAC9D04DB2E4901FBCA5"
-UNRELATED_KEY = """
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1
-
-mQENBFQ9VDoBCACbKflcEhUXZULOT4Fwc2ifRUllJpusd2uX5oeDlZdZ15uLY2eF
-LcxnAdIWkI/PsXimh0ev/Pf4oCynfmt02I3c2d9F0N6JXWnRiP+p098oPOcqeEqL
-N3CrkH1RVnEXNeJ/Fu7tkD61SBXl1MytMfcHyhN5arg8OcVAjcmghX53+92jFhC9
-8ss87H/qEe5vEX/ahP3tiL5ULvaS4GIX+XB0O3yCVdRoRG9lqMIBP/ZqCkKrNll8
-dT12a6ByG/rWharZUeUETiM4Y+JjDUUaEC2YhNF9k52JNGanLH9LTTtlKy5WTT+E
-C6T6VMAtkwcBDpkXr5sBB/N+Y1z0Fp359lIXABEBAAG0HExlYXAgVGVzdCBLZXkg
-PGxlYXBAbGVhcC5zZT6JATgEEwECACIFAlQ9VDoCGwMGCwkIBwMCBhUIAgkKCwQW
-AgMBAh4BAheAAAoJENBNsuSQH7ylsSUIAIxUFbkeTdHbCF/LVA2U+ktnR1iVikAY
-vFK+U+Bto11/AO4Kew2eWniDch/sqLQOoSydtP42z2z3/Al3u7LhQ8bElQHPDY78
-t49qweyJi00V3vCKCdWwPJnPM5eJOIrZHCbwIgeXCsXxVNJVyziVqMuum+px1h2d
-1YJZXYejT8rzwa3yBPAsGWRAWETeTvUuyjPMFa59scbnaDuY+bwQ2r/qG9m7UyHU
-h2kAHC5sf1rixVOY6rLhw75gQHE/L2BZJRfVsDQqIpEMh2OgMfNbL928jncjwQvc
-/IXXwSUx7y50ll+uNh+TVLf0MlUjKdHmHqnGBMlIIWojWJuKxYmOOoO5AQ0EVD1U
-OgEIAM/TlhWVSI+tl5XBUAcf60RxjpHQkmdfq1i1jgwUgu/638EKzBfLcnRYX8Rn
-DO9CWnHcql/4hp226fIWZN/SyReE81n7UkLDMAglhHgiezHMSH1GYVu4IlfpLVXn
-brLVo83KioH5MPFWmZv5tigpU/G8dTx9yVGv1//YW2qqRYYqeIKJfapBaY/bNqyD
-vYRfZo1K2brtHx4bToY6mALRF4ruV5SVZGS69e4Sh692C2pXSVbCpRhQ/2WnvkZH
-leFIdmNmQN61MC1k26A620Rm+pAsXX71dln0u96xbrCgEVbi6ccfXzbFKtVmThVB
-w11CLvVTviOm99TmcgpmDS4cf08AEQEAAYkBHwQYAQIACQUCVD1UOgIbDAAKCRDQ
-TbLkkB+8pR+fB/0SeTcRr1duN7VYWdtng1+jO0ornIBtUraglN01dEEmiwN83DTi
-J37i+nll+4is7BtiXqhumRptKh1v8UUMyFX/rjjoojCJBg5NExsiOYl3O4le68oF
-3+XC+n7yrlyNmI15+3dcQmC9F6HN8EBZgrn5YPKGIOMHTGatB5PryMKg2IKiN5GZ
-E0hmrOQgmcGrkeqysKACQYUHTasSk2IY1l1G5YQglqCaBh4+UC82Dmg5fTBbHjxP
-YhhojkP4aD/0YW7dgql3nzYqvPCAjBH1Cf6rA9HvAJwUP9Ig/okcrrPEKm638+mG
-+vNIuLqIkA4oFLBAAIrgMiQZ+NZz9uD6DJE7
-=FO7G
------END PGP PUBLIC KEY BLOCK-----
-"""
-
-# key A1885A7C: public key "Leap Test Key <leap@leap.se>"
-EXPIRED_FINGERPRINT = "7C1F68B0E14157B09B5F4ADE6F15F004A1885A7C"
-EXPIRED_KEY = """
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.12 (GNU/Linux)
-
-mQENBBvrfd0BCADGNpspaNhsbhSjKioCWrE2MTTYC+Sdpes22RabdhQyOCWvlSbj
-b8p0y3kmnMOtVBT+c22/w7eu2YBfIpS4RswgE5ypr/1kZLFQueVe/cp29GjPvLwJ
-82A3EOHcmXs8rSJ76h2bnkySvbJawz9rwCcaXhpdAwC+sjWvbqiwZYEL+90I4Xp3
-acDh9vNtPxDCg5RdI0bfdIEBGgHTfsda3kWGvo1wH5SgrTRq0+EcTI7aJgkMmM/A
-IhnpACE52NvGdG9eB3x7xyQFsQqK8F0XvEev2UJH4SR7vb+Z7FNTJKCy6likYbSV
-wGGFuowFSESnzXuUI6PcjyuO6FUbMgeM5euFABEBAAG0HExlYXAgVGVzdCBLZXkg
-PGxlYXBAbGVhcC5zZT6JAT4EEwECACgFAhvrfd0CGwMFCQABUYAGCwkIBwMCBhUI
-AgkKCwQWAgMBAh4BAheAAAoJEG8V8AShiFp8VNkH/iCQcXkTfMOVlL2rQRyZtJEO
-Lr5uTyyY8O6ubeNCHqZzlIopiPAsv4hIYjjMDvOfZ9R53YgmbacUm0rvh1B4MSUf
-k+sa9/tequ3y44LUKp7AB6NyyLgVOU5ngl2w+bi7CgXAep3oP4joYKcU0mmSAc2S
-2Gj85DVqP0kdzNs47esvyj7g1TOfdBwmLsTx/219H+w3dNBeyCQWkYCYNh7MX/Ba
-SZ+P0xr4FetcOVPM3wAzUtDG7hKsgccoIXt0FWhG/nn8cETfGH+o3W/ky7Jktatx
-DGDHoZJvAaG2B2ey1pAQlezr8p/O+ZVABiigHk1S+myBHyhlXzUcjhQnEG7aHZ65
-AQ0EG+t93QEIAKqRq/2sBDW4g3FU+11LhixT+GosrfVvnitz3S9k2tBXok/wYpI1
-XeA+kTHiF0LaqoaciDRvkA9DvhDbSrNM1yeuYRyZiHlTmoPZ/Fkl60oA2cyLd1L5
-sXbuipY3TEiakugdSU4rzgi0hFycm6Go6yq2G6eC6UALvD9CTMdZHw40TadG9xpm
-4thYPuJ1kPH8/bkbTi9sLHoApYgL+7ssje8w4epr0qD4IGxeKwJPf/tbTRpnd8w3
-leldixHHKAutNt49p0pkXlORAHRpUmp+KMZhFvCvIPwe9o5mYtMR7sDRxjY61ZEQ
-KLyKoh5wsJsaPXBjdG7cf6G/cBcwvnQVUHcAEQEAAYkBJQQYAQIADwUCG+t93QIb
-DAUJAAFRgAAKCRBvFfAEoYhafOPgB/9z4YCyT/N0262HtegHykhsyykuqEeNb1LV
-D9INcP+RbCX/0IjFgP4DTMPP7qqF1OBwR276maALT321Gqxc5HN5YrwxGdmoyBLm
-unaQJJlD+7B1C+jnO6r4m44obvJ/NMERxVyzkXap3J2VgRIO1wNLI9I0sH6Kj5/j
-Mgy06OwXDcqIc+jB4sIJ3Tnm8LZ3phJzNEm9mI8Ak0oJ7IEcMndR6DzmRt1rJQcq
-K/D7hOG02zvyRhxF27U1qR1MxeU/gNnOx8q4dnVyWB+EiV1sFl4iTOyYHEsoyd7W
-Osuse7+NkyUHgMXMVW7cz+nU7iO+ht2rkBtv+Z5LGlzgHTeFjKci
-=WhX+
------END PGP PUBLIC KEY BLOCK-----
-"""
-# updated expiration date
-EXPIRED_KEY_NEW_EXPIRY_DATE = datetime.fromtimestamp(2049717872)
-EXPIRED_KEY_UPDATED = """
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.12 (GNU/Linux)
-
-mQENBBvrfd0BCADGNpspaNhsbhSjKioCWrE2MTTYC+Sdpes22RabdhQyOCWvlSbj
-b8p0y3kmnMOtVBT+c22/w7eu2YBfIpS4RswgE5ypr/1kZLFQueVe/cp29GjPvLwJ
-82A3EOHcmXs8rSJ76h2bnkySvbJawz9rwCcaXhpdAwC+sjWvbqiwZYEL+90I4Xp3
-acDh9vNtPxDCg5RdI0bfdIEBGgHTfsda3kWGvo1wH5SgrTRq0+EcTI7aJgkMmM/A
-IhnpACE52NvGdG9eB3x7xyQFsQqK8F0XvEev2UJH4SR7vb+Z7FNTJKCy6likYbSV
-wGGFuowFSESnzXuUI6PcjyuO6FUbMgeM5euFABEBAAG0HExlYXAgVGVzdCBLZXkg
-PGxlYXBAbGVhcC5zZT6JAT4EEwECACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4B
-AheABQJUlDCSBQleQLiTAAoJEG8V8AShiFp8t3QH/1eqkVIScXmqaCVeno3VSKiH
-HqnxiHcEgtpNRfUlP6tLD4H6QPEpvoUI9S/8HSYi3nbDGXEX8ycKlnwxjdIqWSOW
-xj91/7uQAo+dP9QaVJ6xgaAiqzN1x3JzX3Js1wTodmNV0TfmGjxwnC5up/xK7/pd
-KuDP3woDsRlwy8Lgj67mkn49xfAFHo6hI6SD36UBDAC/ELq6kZaba4Kk0fEVHCEz
-HX0B09ZIY9fmf305cEB3dNh6SMQgKtH0wKozaqI2UM2B+cs3z08bC+YuUUh7UJTH
-yr+hI7vF4/WEeJB3fuhP3xsumLhV8P47DaJ7oivmtsDEbAJFKqvigEqNES73Xpy5
-AQ0EG+t93QEIAKqRq/2sBDW4g3FU+11LhixT+GosrfVvnitz3S9k2tBXok/wYpI1
-XeA+kTHiF0LaqoaciDRvkA9DvhDbSrNM1yeuYRyZiHlTmoPZ/Fkl60oA2cyLd1L5
-sXbuipY3TEiakugdSU4rzgi0hFycm6Go6yq2G6eC6UALvD9CTMdZHw40TadG9xpm
-4thYPuJ1kPH8/bkbTi9sLHoApYgL+7ssje8w4epr0qD4IGxeKwJPf/tbTRpnd8w3
-leldixHHKAutNt49p0pkXlORAHRpUmp+KMZhFvCvIPwe9o5mYtMR7sDRxjY61ZEQ
-KLyKoh5wsJsaPXBjdG7cf6G/cBcwvnQVUHcAEQEAAYkBJQQYAQIADwIbDAUCVJQw
-3QUJXkC4/QAKCRBvFfAEoYhafEtiB/9hMfSFNMxtlIJDJArG4JwR7sBOatYUT858
-qZnTgGETZN8wXpeEpXWKdDdmCX9aeE9jsDNgSQ5WWpqU21bGMXh1IGjAzmqTqq3/
-ik1vALuaVfr6OqjTzrJVQujT61CGed26xpP3Zh8hLKyKa+dXnX/VpgZS42wZLPx2
-wcODfANmTfE2AhMap/RyDy21q4nau+z2hMEOKdtF8dpP+pEvzoN5ZexYP1hfT+Av
-oFPyVB5YtEMfxTEshDKRPjbdgNmw4faKXd5Cbelo4YxxpO16FHb6gzIdjOX15vQ+
-KwcVXzg9xk4D3cr1mnTCops/iv6TXvcw4Wbo70rrKXwkjl8LKjOP
-=sHoe
------END PGP PUBLIC KEY BLOCK-----
-"""
-UNEXPIRED_KEY = EXPIRED_KEY_UPDATED
-UNEXPIRED_PRIVATE = """
------BEGIN PGP PRIVATE KEY BLOCK-----
-Version: GnuPG v1.4.12 (GNU/Linux)
-
-lQOYBBvrfd0BCADGNpspaNhsbhSjKioCWrE2MTTYC+Sdpes22RabdhQyOCWvlSbj
-b8p0y3kmnMOtVBT+c22/w7eu2YBfIpS4RswgE5ypr/1kZLFQueVe/cp29GjPvLwJ
-82A3EOHcmXs8rSJ76h2bnkySvbJawz9rwCcaXhpdAwC+sjWvbqiwZYEL+90I4Xp3
-acDh9vNtPxDCg5RdI0bfdIEBGgHTfsda3kWGvo1wH5SgrTRq0+EcTI7aJgkMmM/A
-IhnpACE52NvGdG9eB3x7xyQFsQqK8F0XvEev2UJH4SR7vb+Z7FNTJKCy6likYbSV
-wGGFuowFSESnzXuUI6PcjyuO6FUbMgeM5euFABEBAAEAB/0cwelrGEdmG+Z/RxZx
-4anvpzNNMRSJ0Xu508SVk4vElCQrlaPfFZC1t0ZW1XcHsQ5Gsy/gxaA4YbK1RXV2
-8uvvWh5oTsdLByzj/cSLLp5u+cYxyuaBOb/jiAiCPVEFnEec23pQ4fumwpebgX5f
-FLGCVYAqWc2EMqOFVgnAEJ9TbIWRnCkN04r1WSc7eLcUlH+vTp4HUPd6PQj56zSr
-J5beeviHgYB76M6mcM/BRzLmcl4M7bgx5olp8A0Wz7ub+hXICmNQyqpE8qZeyGjq
-v4T/6BSpsp5yEGDMkahFyO7OwB7UI6SZGkdnWKGeXOWG48so6cFdZ8dxRGx49gFL
-1rP1BADfYjQDfmBpB6tC1MyATb1MUK/1CN7wC5w7fXCtPbYNiqc9s27W9NXQReHD
-GOU04weU+ZJsV6Fwlt3oRD2j05vNdhbqKseLdsm27/kg2GWZvjamriHqZ94sw6yk
-fg3MqPb4JdFzBZVHqD50AHASx2rMshBeMVo27LhcADCWM9P8bwQA4yeRonbIAUls
-yAwWIRCMel2JY1u/zmJrg8FFAG2LYx+pYaxkRxjSJNlQQV7o6aYiU3Yw+nXvj5Pz
-IdOdimWfFb8eZ3U6tbognJxjwU8vV3ili40O7SENgloeM/nzg+nQjIaS9utfE8Et
-juV7f9OWi8Fo+xzSOvUGwoL/zW5t+UsD/0bm+5ch53Sm1ITCn7yfMrp0YaT+YC3Y
-mNNfrfbFpEd20ky4K9COIFDFCJmMyKLx/jSajcf4JqrxB/mOmHHAF9CeL7LUy/XV
-O8Ec5lkovicDIDT1b+pQYEYvh5UBJmoq1R5nbNLo70gFtGP6b4+t27Gxks5VLhF/
-BVvxK7xjmkBETnq0HExlYXAgVGVzdCBLZXkgPGxlYXBAbGVhcC5zZT6JAT4EEwEC
-ACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJUURIXBQld/ZovAAoJEG8V
-8AShiFp8xUcIALcAHZbaxvyhHRGOrwDddbH0fFDK0AqKTsIT7y4D/HLFCP5zG3Ck
-7qGPZdkHXZfzq8rIb+zUjW3oJIVI1IucHxG2T5kppa8RFCBAFlRWYf6R3isX3YL0
-d3QSragjoxRNPcHNU8ALHcvfSonFHBoi4fH44rvgksAiT68SsdPaoXDlabx5T15e
-vu/7T5e/DGMQVPMxiaSuSQhbOKuMk2wcFdmLtBYHLZPa54hHPNhEDyxLgtKKph0g
-Obk9ojKfH9kPvLveIcpS5CqTJfN/kqBz7CJWwEeAi2iG3H1OEB25aCUdTxXSRNlG
-qEgcWPaWxtc1RzlARu7LB64OUZuRy4puiAGdA5gEG+t93QEIAKqRq/2sBDW4g3FU
-+11LhixT+GosrfVvnitz3S9k2tBXok/wYpI1XeA+kTHiF0LaqoaciDRvkA9DvhDb
-SrNM1yeuYRyZiHlTmoPZ/Fkl60oA2cyLd1L5sXbuipY3TEiakugdSU4rzgi0hFyc
-m6Go6yq2G6eC6UALvD9CTMdZHw40TadG9xpm4thYPuJ1kPH8/bkbTi9sLHoApYgL
-+7ssje8w4epr0qD4IGxeKwJPf/tbTRpnd8w3leldixHHKAutNt49p0pkXlORAHRp
-Ump+KMZhFvCvIPwe9o5mYtMR7sDRxjY61ZEQKLyKoh5wsJsaPXBjdG7cf6G/cBcw
-vnQVUHcAEQEAAQAH/A0TCHNz3Yi+oXis8m2WzeyU7Sw6S4VOLnoXMgOhf/JLXVoy
-S2P4qj73nMqNkYni2AJkej5GtOyunSGOpZ2zzKQyhigajq76HRRxP5oXwX7VLNy0
-bguSrys2IrJb/8Fq88rN/+H5kpvxNlog+P79wzTta5Y9/yIVJDNXIip/ptVARhA7
-CrdDyE4EaPjcWCS3/9a4R8JDZl19PlTE23DD5ffZv5wNEX38oZkDCK4Si+kqhvm7
-g0Upr49hnvqRPXoi46OBAoUh9yVTKaNDMsRWblvno7k3+MF0CCnix5p5JR74bGnZ
-8kS14qXXkAa58uMaAIcv86+mHNovXhaxcog+8k0EAM8wWyWPjdO2xbwwB0hS2E9i
-IO/X26uhLY3/tozbOekvqXKvwIy/xdWNVHr7eukAS+oIY10iczgKkMgquoqvzR4q
-UY5WI0iC0iMLUGV7xdxusPl+aCbGKomtN/H3JR2Wecgje7K/3o5BtUDM6Fr2KPFb
-+uf/gqVkoMmp3O/DjhDlBADSwMHuhfStF+eDXwSQ4WJ3uXP8n4M4t9J2zXO366BB
-CAJg8enzwQi62YB+AOhP9NiY5ZrEySk0xGsnVgex2e7V5ilm1wd1z2el3g9ecfVj
-yu9mwqHKT811xsLjqQC84JN+qHM/7t7TSgczY2vD8ho2O8bBZzuoiX+QIPYUXkDy
-KwP8DTeHjnI6vAP2uVRnaY+bO53llyO5DDp4pnpr45yL47geciElq3m3jXFjHwos
-mmkOlYAL07JXeZK+LwbhxmbrwLxXNJB//P7l8ByRsmIrWvPuPzzcKig1KnFqvFO1
-5wGU0Pso2qWZU+idrhCdG+D8LRSQ0uibOFCcjFdM0JOJ7e1RdIkBJQQYAQIADwUC
-G+t93QIbDAUJAAFRgAAKCRBvFfAEoYhafOPgB/9z4YCyT/N0262HtegHykhsyyku
-qEeNb1LVD9INcP+RbCX/0IjFgP4DTMPP7qqF1OBwR276maALT321Gqxc5HN5Yrwx
-GdmoyBLmunaQJJlD+7B1C+jnO6r4m44obvJ/NMERxVyzkXap3J2VgRIO1wNLI9I0
-sH6Kj5/jMgy06OwXDcqIc+jB4sIJ3Tnm8LZ3phJzNEm9mI8Ak0oJ7IEcMndR6Dzm
-Rt1rJQcqK/D7hOG02zvyRhxF27U1qR1MxeU/gNnOx8q4dnVyWB+EiV1sFl4iTOyY
-HEsoyd7WOsuse7+NkyUHgMXMVW7cz+nU7iO+ht2rkBtv+Z5LGlzgHTeFjKci
-=dZE8
------END PGP PRIVATE KEY BLOCK-----
-"""
-
-# key CA1AD31E: public key "Leap Test Key <leap@leap.se>"
-# signed by E36E738D69173C13D709E44F2F455E2824D18DDF
-SIGNED_FINGERPRINT = "6704CF3362087DA23E3D2DF8ED81DFD1CA1AD31E"
-SIGNED_KEY = """
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.12 (GNU/Linux)
-
-mQENBFQ9DHMBCADJXyNVzTQ+NnmSDbR6q8jjDsnqk/IgKrMBkpjNxUa/0HQ4o0Yh
-pklzR1hIc/jsdgq42A0++pqdfQFeRc2NVw/NnE/9uzW73YuaWg5XnWGjuAP3UeRI
-3xjL/cscEFmGfGkuGvFpIVa7GBPqz1SMBXWULJbkCE1pnHfgqh0R7oc5u0omnsln
-0zIrmLX1ufpDRSUedjSgIfd6VqbkPm3NJuZE4NVn6spHG3zTxqcaPCG0xLfHw7eS
-qgUdz0BFaxqtQiXffBpA3KvGJW0792VjDh4M6kDvpeYpKRmB9oEYlT3n3KvQrdPE
-B3N5KrzJj1QIL990q4NQdqjg+jUE5zCJsTdzABEBAAG0HExlYXAgVGVzdCBLZXkg
-PGxlYXBAbGVhcC5zZT6JATgEEwECACIFAlQ9DHMCGwMGCwkIBwMCBhUIAgkKCwQW
-AgMBAh4BAheAAAoJEO2B39HKGtMeI/4H/0/OG1OqtQEoYscvJ+BZ3ZrM2pEk7KDd
-7AEEf6QIGSd38GFyn/pve24cpRLv7phKNy9dX9VJhTDobpKvK0ZT/yQO3FVlySAN
-NVpu93/jrLnrW51J3p/GP952NtUAEP5l1uyYIKZ1W3RLWws72Lh34HTaHAWC94oF
-vnS42IYdTn4y6lfizL+wYD6CnfrIpHm8v3NABEQZ8e/jllrRK0pnOxAdFv/TpWEl
-8AnTZXcejSBgCG6UmDtrRKfgoQlGJEIH61QSqHpRIwkepQVYexUwgcLFAZPI9Hvw
-N5pZQ5Z+XcsYTGtLNEpF7YW6ykLDRTAv6LiBQPkBX8TDKhkh95Cs3sKJAhwEEAEC
-AAYFAlQ9DgIACgkQL0VeKCTRjd/pABAAsNPbiGwuZ469NxwTgf3+EMoWZNHf5ZRa
-ZbzKKesLFEElMdX3Q/MkVc1T8Rsy9Fdn1tf/H6glwuKyqWeXNkxa86VT6gck9WV6
-bslFIl/vJpb3dcmiCCM1tSCYpX0yE0fqebMihcfvNqDw3GdZBUo7R0pWN6BEh4iM
-YYWTAtuPCrbsv+2bSid1ZLIO6FIF5kskg60h/IbSr+A+DSBgyyjf9fbUv6MoyMw8
-08GtCAx6VGJhTTC/RkWIA+N3n83W5XQFszOOg/PAAg0JMUXUBGvjfYJ5fcB8cfuw
-1XZe9uWsDmYpwfVEtDajrLbatkXAu22pjIJnB4cVqiD+4hHbBCFkeZIfdRsPEINO
-UacsjVZV5/EPDN9OpkvZbkrLJ6eaQnmQZnFclquNHUCqFI0QYUml0BXXaZq+aEJ9
-N9x00kdYV1xW6zkL+MGgxdViC5n6dwJcU3MANrykV8Cc5/x+wmwY8AXbHzU7MxvY
-nGlAYsAZHhf4ZlEdAO6C329VotMxBLFd5DJZZoN+ysaOpsUNRl0JO41+6bbI141l
-DCmzWUG4iTI70zxsgzZGgEt0HlMDoIxElPcy/jDKi1IfEDmveK+QR9WphM40Ayvx
-VTeA6g9WagmoHopQs/D/Kbi3Q8izFDfXTwA52DUxTjyUEFn0jEOiG9BFmnIkQ6LE
-3WkIJFd3D0+5AQ0EVD0McwEIALRXukBsOrcA/rNJ4SV4I64cGdN8q9Gl5RpLl8cS
-L5+SGHp6KoCL4daBqpbxdhE/Ylb3QmPt2SBZbTkwJ2yuczELOyhH6R13OWRWCgkd
-dYLZsm/sEzu7dVoFQ4peKTGDzI8mQ/s157wRkz/8iSUYjJjeM3g0NI55FVcefibN
-pOOFRaYGUh8itofRFOu7ipZ9F8zRJdBwqISe1gemNBR+O3G3Srm34PYu6sZRsdLU
-Nf+81+/ynQWQseVpbz8X93sx/onIYIY0w+kxIE0oR/gBBjdsMOp7EfcvtbGTgplQ
-+Zxln/pV2bVFkGkjKniFEEfi4eCPknCj0+67qKRt/Fc9n98AEQEAAYkBHwQYAQIA
-CQUCVD0McwIbDAAKCRDtgd/RyhrTHmmcCACpTbjOYjvvr8/rD60bDyhnfcKvpavO
-1/gZtMeEmw5gysp10mOXwhc2XuC3R1A6wVbVgGuOp5RxlxI4w8xwwxMFSp6u2rS5
-jm5slXBKB2i3KE6Sao9uZKP2K4nS8Qc+DhathfgafI39vPtBmsb1SJd5W1njNnYY
-hARRpViUcVdfvW3VRpDACZ79PBs4ZQQ022NsNAPwm/AJvAw2S42Y9tjTnaLVRLfH
-lzdErcGTBnfEIi0mQF/11k/THBJxx7vaFt8YXiDlWLUkg5XW3xK9mkETbaTv+/tB
-X2+l7IOSt+31KQCBFN/VmhTySJOVQC1d2A56lSH2c/DWVClji+x3suzn
-=xprj
------END PGP PUBLIC KEY BLOCK-----
-"""
-
-# key 0x1DDBAEB928D982F7: public key two uuids
-# uid anotheruser <anotheruser@leap.se>
-# uid Leap Test Key <leap@leap.se>
-UUIDS_FINGERPRINT = "21690ED054C1B2F3ACE963D38FCC7DEFB4EE5A9B"
-UUIDS_KEY = """
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1
-
-mQENBFZwjz0BCADHpVg7js8PK9gQXx3Z+Jtj6gswYZpeXRdIUfZBSebWNGKwXxC9
-ZZDjnQc3l6Kezh7ra/hB6xulDbj3vXi66V279QSOuFAKMIudlJehb86bUiVk9Ppy
-kdrn44P40ZdVmw2m61WrKnvBelKW7pIF/EB/dY1uUonSfR56f/BxL5a5jGi2uI2y
-2hTPnZEksoKQsjsp1FckPFwVGzRKVzYl3lsorL5oiHd450G2B3VRw8AZ8Eqq6bzf
-jNrrA3TOMmEIYdADPqqnBj+xbnOCGBsvx+iAhGRxUckVJqW92SXlNNds8kEyoE0t
-9B6eqe0MrrlcK3SLe03j85T9f1o3An53rV/3ABEBAAG0HExlYXAgVGVzdCBLZXkg
-PGxlYXBAbGVhcC5zZT6JAT0EEwEIACcFAlZwjz0CGwMFCRLMAwAFCwkIBwMFFQoJ
-CAsFFgMCAQACHgECF4AACgkQj8x977TuWpu4ZggAgk6rVtOCqYwM720Bs3k+wsWu
-IVPUqnlPbSWph/PKBKWYE/5HoIGdvfN9jJxwpCM5x/ivPe1zeJ0qa9SnO66kolHU
-7qC8HRWC67R4znO4Zrs2I+SgwRHAPPbqMVPsNs5rS0D6DCcr+LXtJF+LLAsIwDfw
-mXEsKbX5H5aBmmDnfq0pGx05E3tKs5l09VVESvVZYOCM9b4FtdLVvgbKAD+KYDW1
-5A/PzOvyYjZu2FGtPKmNmqHD3KW8cmrcI/7mRR08FnNGbbpgXPZ2GPKgkUllY9N7
-E9lg4eaYH2fIWun293kbqp8ueELZvoU1jUQrP5B+eqBWTvIucqdQqJaiWn9pELQh
-YW5vdGhlcnVzZXIgPGFub3RoZXJ1c2VyQGxlYXAuc2U+iQE9BBMBCAAnBQJWcI9a
-AhsDBQkSzAMABQsJCAcDBRUKCQgLBRYDAgEAAh4BAheAAAoJEI/Mfe+07lqblRMH
-/17vK2WOd0F7EegA5ELOrM+QJPKpLK4e6WdROUpS1hvRQcAOqadCCpYPSTTG/HnO
-d9/Q9Q/G3xHHlk6nl1qHRkVlp0iVWyBZFn1s8lgGz/FFUEXXRj7I5RGmKSNgDlqA
-un2OrwB2m+DH6pMjizu/RUfIJM2bSgViuvjCQoaLYLcFiULJlWHb/2WgpvesFyAc
-0oc9AkXuaCEo50XQlrt8Bh++6rfbAMAS7ZrHluFPIY+y4eVl+MU/QkoGYAVgiLLV
-5tnvbDZWNs8ixw4ubqKXYj5mK55sapokhOqObEfY6D3p7YpdQO/IhBneCw9gKOxa
-wYAPhCOrJC8JmE69I1Nk8Bu5AQ0EVnCPPQEIANUivsrR2jwb8C9wPONn0HS3YYCI
-/IVlLdw/Ia23ogBF1Uh8ORNg1G/t0/6S7IKDZ2gGgWw25u9TjWRRWsxO9tjOPi2d
-YuhwlQRnq5Or+LzIEKRs9GnJMLFT0kR9Nrhw4UyaN6tWkR9p1Py7ux8RLmDEMAs3
-fBfVMLMmQRerJ5SyCUiq/lm9aYTLCC+vkjE01C+2oI0gcWGfLDjiJbaD4AazzibP
-fBe41BIk7WaCJyEcBqfrgW/Seof43FhSKRGgc5nx3HH1DMz9AtYfKnVS5DgoBGpO
-hxgzIJN3/hFHPicRlYoHxLUE48GcFfQFEJ78RXeBuieXAkDxNczHnLkEPx8AEQEA
-AYkBJQQYAQgADwUCVnCPPQIbDAUJEswDAAAKCRCPzH3vtO5amyRIB/9IsWUWrvbH
-njw2ZCiIV++lHgIntAcuQIbZIjyMXoM+imHsPrsDOUT65yi9Xp1pUyZEKtGkZvP4
-p7HRzJL+RWiWEN7sgQfNqqev8BF2/xmxkmiSuXHJ0PSaC5DmLfFDyvvSU6H5VPud
-NszKIHtyoS6ph6TH8GXzFmNiHaTOZKdmVxlyLj1/DN+d63M+ARZIe7gB6jmP/gg4
-o52icfTcqLkkppYn8g1A9bdJ3k8qqExNPTf2llDscuD9VzpebFbPqfcYqR71GfG7
-Kmg7qGnZtNac1ERvknI/fmmCQydGk5pOh0KUTgeLG2qB07cqCUBbOXaweNWbiM9E
-vtQLNMD9Gn7D
-=MCXv
------END PGP PUBLIC KEY BLOCK-----
-"""
-UUIDS_PRIVATE = """
------BEGIN PGP PRIVATE KEY BLOCK-----
-Version: GnuPG v1
-
-lQOYBFZwjz0BCADHpVg7js8PK9gQXx3Z+Jtj6gswYZpeXRdIUfZBSebWNGKwXxC9
-ZZDjnQc3l6Kezh7ra/hB6xulDbj3vXi66V279QSOuFAKMIudlJehb86bUiVk9Ppy
-kdrn44P40ZdVmw2m61WrKnvBelKW7pIF/EB/dY1uUonSfR56f/BxL5a5jGi2uI2y
-2hTPnZEksoKQsjsp1FckPFwVGzRKVzYl3lsorL5oiHd450G2B3VRw8AZ8Eqq6bzf
-jNrrA3TOMmEIYdADPqqnBj+xbnOCGBsvx+iAhGRxUckVJqW92SXlNNds8kEyoE0t
-9B6eqe0MrrlcK3SLe03j85T9f1o3An53rV/3ABEBAAEAB/9Lzeg2lP7hz8/2R2da
-QB8gTNl6wVSPx+DzQMuz9o+DfdiLB02f3FSrWBBJd3XzvmfXE+Prg423mgJFbtfM
-gJdqqpnUZv9dHxmj96urTHyyVPqF3s7JecAYlDaj31EK3BjO7ERW/YaH7B432NXx
-F9qVitjsrsJN/dv4v2NYVq1wPcdDB05ge9WP+KRec7xvdTudH4Kov0iMZ+1Nksfn
-lrowGuMYBGWDlTNoBoEYxDD2lqVaiOjyjx5Ss8btS59IlXxApOFZTezekl7hUI2B
-1fDQ1GELL6BKVKxApGSD5XAgVlqkek4RhoHmg4gKSymfbFV5oRp1v1kC0JIGvnB1
-W5/BBADKzagL4JRnhWGubLec917B3se/3y1aHrEmO3T0IzxnUMD5yvg81uJWi5Co
-M05Nu/Ny/Fw1VgoF8MjiGnumB2KKytylu8LKLarDxPpLxabOBCQLHrLQOMsmesjR
-Cg3iYl/EeM/ooAufaN4IObcu6Pa8//rwNE7Fz1ZsIyJefN4fnwQA/AOpqA2BvHoH
-VRYh4NVuMLhF1YdKqcd/T/dtSqszcadkmG4+vAL76r3jYxScRoNGQaIkpBnzP0ry
-Adb0NDuBgSe/Cn44kqT7JJxTMfJNrw2rBMMUYZHdQrck2pf5R4fZ74yJyvCKg5pQ
-QAl1gTSi6PJvPwpc7m7Kr4kHBVDlgKkEAJKkVrtq/v2+jSA+/osa4YC5brsDQ08X
-pvZf0MBkc5/GDfusHyE8HGFnVY5ycrS85TBCrhc7suFu59pF4wEeXsqxqNf02gRe
-B+btPwR7yki73iyXs4cbuszHMD03UnbvItFAybD5CC+oR9kG5noI0TzJNUNX9Vkq
-xATf819dhwtgTha0HExlYXAgVGVzdCBLZXkgPGxlYXBAbGVhcC5zZT6JAT0EEwEI
-ACcFAlZwjz0CGwMFCRLMAwAFCwkIBwMFFQoJCAsFFgMCAQACHgECF4AACgkQj8x9
-77TuWpu4ZggAgk6rVtOCqYwM720Bs3k+wsWuIVPUqnlPbSWph/PKBKWYE/5HoIGd
-vfN9jJxwpCM5x/ivPe1zeJ0qa9SnO66kolHU7qC8HRWC67R4znO4Zrs2I+SgwRHA
-PPbqMVPsNs5rS0D6DCcr+LXtJF+LLAsIwDfwmXEsKbX5H5aBmmDnfq0pGx05E3tK
-s5l09VVESvVZYOCM9b4FtdLVvgbKAD+KYDW15A/PzOvyYjZu2FGtPKmNmqHD3KW8
-cmrcI/7mRR08FnNGbbpgXPZ2GPKgkUllY9N7E9lg4eaYH2fIWun293kbqp8ueELZ
-voU1jUQrP5B+eqBWTvIucqdQqJaiWn9pELQhYW5vdGhlcnVzZXIgPGFub3RoZXJ1
-c2VyQGxlYXAuc2U+iQE9BBMBCAAnBQJWcI9aAhsDBQkSzAMABQsJCAcDBRUKCQgL
-BRYDAgEAAh4BAheAAAoJEI/Mfe+07lqblRMH/17vK2WOd0F7EegA5ELOrM+QJPKp
-LK4e6WdROUpS1hvRQcAOqadCCpYPSTTG/HnOd9/Q9Q/G3xHHlk6nl1qHRkVlp0iV
-WyBZFn1s8lgGz/FFUEXXRj7I5RGmKSNgDlqAun2OrwB2m+DH6pMjizu/RUfIJM2b
-SgViuvjCQoaLYLcFiULJlWHb/2WgpvesFyAc0oc9AkXuaCEo50XQlrt8Bh++6rfb
-AMAS7ZrHluFPIY+y4eVl+MU/QkoGYAVgiLLV5tnvbDZWNs8ixw4ubqKXYj5mK55s
-apokhOqObEfY6D3p7YpdQO/IhBneCw9gKOxawYAPhCOrJC8JmE69I1Nk8BudA5gE
-VnCPPQEIANUivsrR2jwb8C9wPONn0HS3YYCI/IVlLdw/Ia23ogBF1Uh8ORNg1G/t
-0/6S7IKDZ2gGgWw25u9TjWRRWsxO9tjOPi2dYuhwlQRnq5Or+LzIEKRs9GnJMLFT
-0kR9Nrhw4UyaN6tWkR9p1Py7ux8RLmDEMAs3fBfVMLMmQRerJ5SyCUiq/lm9aYTL
-CC+vkjE01C+2oI0gcWGfLDjiJbaD4AazzibPfBe41BIk7WaCJyEcBqfrgW/Seof4
-3FhSKRGgc5nx3HH1DMz9AtYfKnVS5DgoBGpOhxgzIJN3/hFHPicRlYoHxLUE48Gc
-FfQFEJ78RXeBuieXAkDxNczHnLkEPx8AEQEAAQAH+wRSCn0RCPP7+v/zLgDMG3Eq
-QHs7C6dmmCnlS7j6Rnnr8HliL0QBy/yi3Q/Fia7RnBiDPT9k04SZdH3KmmUW2rEl
-aSRCkv00PwkSUuuQ6l9lTNUQclnsnqSRlusVgLT3cNG9NJCwFgwFeLBQ2+ey0PZc
-M78edlEDXNPc3CfvK8O7WK74YiNJqIQCs7aDJSv0s7O/asRQyMCsl/UYtMV6W03d
-eauS3bM41ll7GVfHMgkChFUQHb+19JHzSq4yeqQ/vS30ASugFxB3Omomp95sRL/w
-60y51faLyTKD4AN3FhDfeIEfh1ggN2UT70qzC3+F8TvxQQHEBhNQKlhWVbWTp+0E
-ANkcyokvn+09OIO/YDxF3aB37gA3J37d6NXos6pdvqUPOVSHvmF/hiM0FO2To6vu
-ex/WcDQafPm4eiW6oNllwtZhWU2tr34bZD4PIuktSX2Ax2v5QtZ4d1CVdDEwbYn/
-fmR+nif1fTKTljZragaI9Rt6NWhfh7UGt62iIKh0lbhLBAD7T5wHY8V1yqlnyByG
-K7nt+IHnND2I7Hk58yxKjv2KUNYxWZeOAQTQmfQXjJ+BOmw6oHMmDmGvdjSxIE+9
-j9nezEONxzVVjEDTKBeEnUeDY1QGDyDyW1/AhLJ52yWGTNrmKcGV4KmaYnhDzq7Z
-aqJVRcFMF9TAfhrEGGhRdD83/QQA6xAqjWiu6tbaDurVuce64mA1R3T7HJ81gEaX
-I+eJNDJb7PK3dhFETgyc3mcepWFNJkoXqx2ADhG8jLqK4o/N/QlV5PQgeHmhz09V
-Z7MNhivGxDKZoxX6Bouh+qs5OkatcGFhTz//+FHSfusV2emxNiwd4QIsizxaltqh
-W1ke0bA7eYkBJQQYAQgADwUCVnCPPQIbDAUJEswDAAAKCRCPzH3vtO5amyRIB/9I
-sWUWrvbHnjw2ZCiIV++lHgIntAcuQIbZIjyMXoM+imHsPrsDOUT65yi9Xp1pUyZE
-KtGkZvP4p7HRzJL+RWiWEN7sgQfNqqev8BF2/xmxkmiSuXHJ0PSaC5DmLfFDyvvS
-U6H5VPudNszKIHtyoS6ph6TH8GXzFmNiHaTOZKdmVxlyLj1/DN+d63M+ARZIe7gB
-6jmP/gg4o52icfTcqLkkppYn8g1A9bdJ3k8qqExNPTf2llDscuD9VzpebFbPqfcY
-qR71GfG7Kmg7qGnZtNac1ERvknI/fmmCQydGk5pOh0KUTgeLG2qB07cqCUBbOXaw
-eNWbiM9EvtQLNMD9Gn7D
-=/3u/
------END PGP PRIVATE KEY BLOCK-----
-"""
-
-if __name__ == "__main__":
- unittest.main()