Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
k.add_uid(u, usage={KeyFlags.Certify, KeyFlags.Sign}, hashes=[HashAlgorithm.SHA1])
sk = PGPKey.new(PubKeyAlgorithm.RSAEncryptOrSign, 512)
k.add_subkey(sk, usage={KeyFlags.EncryptCommunications})
return k
key_algs = [ pka for pka in PubKeyAlgorithm if pka.can_gen and not pka.deprecated ]
key_algs_unim = [ pka for pka in PubKeyAlgorithm if not pka.can_gen and not pka.deprecated ]
key_algs_rsa_depr = [ pka for pka in PubKeyAlgorithm if pka.deprecated and pka is not PubKeyAlgorithm.FormerlyElGamalEncryptOrSign ]
key_algs_badsizes = {
PubKeyAlgorithm.RSAEncryptOrSign: [256],
PubKeyAlgorithm.DSA: [512],
PubKeyAlgorithm.ECDSA: [curve for curve in EllipticCurveOID if not curve.can_gen],
PubKeyAlgorithm.ECDH: [curve for curve in EllipticCurveOID if not curve.can_gen],
}
badkeyspec = [ (alg, size) for alg in key_algs_badsizes.keys() for size in key_algs_badsizes[alg] ]
class TestArmorable(object):
# some basic test cases specific to the Armorable mixin class
def test_malformed_base64(self):
# 'asdf' base64-encoded becomes 'YXNkZg=='
# remove one of the pad characters and we should get a PGPError
data = '-----BEGIN PGP SOMETHING-----\n' \
'\n' \
'YXNkZg=\n' \
'=ZEO6\n' \
'-----END PGP SOMETHING-----\n'
with pytest.raises(PGPError):
return PGPKey.new(PubKeyAlgorithm.RSAEncryptOrSign, 512)
@pytest.fixture(scope='module')
def temp_key():
u = PGPUID.new('User')
k = PGPKey.new(PubKeyAlgorithm.RSAEncryptOrSign, 512)
k.add_uid(u, usage={KeyFlags.Certify, KeyFlags.Sign}, hashes=[HashAlgorithm.SHA1])
sk = PGPKey.new(PubKeyAlgorithm.RSAEncryptOrSign, 512)
k.add_subkey(sk, usage={KeyFlags.EncryptCommunications})
return k
key_algs = [ pka for pka in PubKeyAlgorithm if pka.can_gen and not pka.deprecated ]
key_algs_unim = [ pka for pka in PubKeyAlgorithm if not pka.can_gen and not pka.deprecated ]
key_algs_rsa_depr = [ pka for pka in PubKeyAlgorithm if pka.deprecated and pka is not PubKeyAlgorithm.FormerlyElGamalEncryptOrSign ]
key_algs_badsizes = {
PubKeyAlgorithm.RSAEncryptOrSign: [256],
PubKeyAlgorithm.DSA: [512],
PubKeyAlgorithm.ECDSA: [curve for curve in EllipticCurveOID if not curve.can_gen],
PubKeyAlgorithm.ECDH: [curve for curve in EllipticCurveOID if not curve.can_gen],
}
badkeyspec = [ (alg, size) for alg in key_algs_badsizes.keys() for size in key_algs_badsizes[alg] ]
class TestArmorable(object):
# some basic test cases specific to the Armorable mixin class
def test_malformed_base64(self):
# 'asdf' base64-encoded becomes 'YXNkZg=='
('is_unlocked', True),
('key_algorithm', PubKeyAlgorithm.ECDSA),
('magic', "PUBLIC KEY BLOCK"),
('parent', None),
('signers', set()),],
'tests/testdata/blocks/eccseckey.asc':
[('created', datetime(2010, 9, 17, 20, 33, 49)),
('expires_at', None),
('fingerprint', "502D 1A53 65D1 C0CA A699 4539 0BA5 2DF0 BAA5 9D9C"),
('is_expired', False),
('is_primary', True),
('is_protected', True),
('is_public', False),
('is_unlocked', False),
('key_algorithm', PubKeyAlgorithm.ECDSA),
('magic', "PRIVATE KEY BLOCK"),
('parent', None),
('signers', set()),],
'tests/testdata/blocks/dsaseckey.asc':
[('created', datetime(2017, 2, 21, 19, 21, 41)),
('expires_at', None),
('fingerprint', "2B5B BB14 3BA0 B290 DCEE 6668 B798 AE89 9087 7201"),
('is_expired', False),
('is_primary', True),
('is_protected', True),
('is_public', False),
('is_unlocked', False),
('key_algorithm', PubKeyAlgorithm.DSA),],
'tests/testdata/blocks/dsapubkey.asc':
sk = PGPKey.new(PubKeyAlgorithm.RSAEncryptOrSign, 512)
k.add_subkey(sk, usage={KeyFlags.EncryptCommunications})
return k
key_algs = [ pka for pka in PubKeyAlgorithm if pka.can_gen and not pka.deprecated ]
key_algs_unim = [ pka for pka in PubKeyAlgorithm if not pka.can_gen and not pka.deprecated ]
key_algs_rsa_depr = [ pka for pka in PubKeyAlgorithm if pka.deprecated and pka is not PubKeyAlgorithm.FormerlyElGamalEncryptOrSign ]
key_algs_badsizes = {
PubKeyAlgorithm.RSAEncryptOrSign: [256],
PubKeyAlgorithm.DSA: [512],
PubKeyAlgorithm.ECDSA: [curve for curve in EllipticCurveOID if not curve.can_gen],
PubKeyAlgorithm.ECDH: [curve for curve in EllipticCurveOID if not curve.can_gen],
}
badkeyspec = [ (alg, size) for alg in key_algs_badsizes.keys() for size in key_algs_badsizes[alg] ]
class TestArmorable(object):
# some basic test cases specific to the Armorable mixin class
def test_malformed_base64(self):
# 'asdf' base64-encoded becomes 'YXNkZg=='
# remove one of the pad characters and we should get a PGPError
data = '-----BEGIN PGP SOMETHING-----\n' \
'\n' \
'YXNkZg=\n' \
'=ZEO6\n' \
'-----END PGP SOMETHING-----\n'
with pytest.raises(PGPError):
Armorable.ascii_unarmor(data)
def pubalg_int(self, val):
self._pubalg = PubKeyAlgorithm(val)
if self._pubalg in [PubKeyAlgorithm.RSAEncryptOrSign, PubKeyAlgorithm.RSAEncrypt, PubKeyAlgorithm.RSASign]:
self.signature = RSASignature()
elif self._pubalg == PubKeyAlgorithm.DSA:
self.signature = DSASignature()
@algorithm.register(PubKeyAlgorithm)
def algorithm_int(self, val):
self._algorithm = PubKeyAlgorithm(val)
# generate ephemeral key pair and keep public key in ct
# use private key to compute the shared point "s"
if km.oid == EllipticCurveOID.Curve25519:
v = x25519.X25519PrivateKey.generate()
x = v.public_key().public_bytes(encoding=serialization.Encoding.Raw, format=serialization.PublicFormat.Raw)
ct.p = ECPoint.from_values(km.oid.key_size, ECPointFormat.Native, x)
s = v.exchange(km.__pubkey__())
else:
v = ec.generate_private_key(km.oid.curve(), default_backend())
x = MPI(v.public_key().public_numbers().x)
y = MPI(v.public_key().public_numbers().y)
ct.p = ECPoint.from_values(km.oid.key_size, ECPointFormat.Standard, x, y)
s = v.exchange(ec.ECDH(), km.__pubkey__())
# derive the wrapping key
z = km.kdf.derive_key(s, km.oid, PubKeyAlgorithm.ECDH, pk.fingerprint)
# compute C
ct.c = aes_key_wrap(z, m, default_backend())
return ct
def pkalg_int(self, val):
self._pkalg = PubKeyAlgorithm(val)
_c = {PubKeyAlgorithm.RSAEncryptOrSign: RSACipherText,
PubKeyAlgorithm.RSAEncrypt: RSACipherText,
PubKeyAlgorithm.ElGamal: ElGCipherText,
PubKeyAlgorithm.FormerlyElGamalEncryptOrSign: ElGCipherText,
PubKeyAlgorithm.ECDH: ECDHCipherText}
ct = _c.get(self._pkalg, None)
self.ct = ct() if ct is not None else ct