gpg: add more UTs for decode

2016-05-27 21:52:00 +03:00 · 2016-05-27 21:52:00 +03:00 · 34c614db6e
commit 34c614db6e
parent 2bbd335f7e
2 changed files with 30 additions and 6 deletions
--- a/trezor_agent/gpg/decode.py
+++ b/trezor_agent/gpg/decode.py
@ -252,12 +252,9 @@ def parse_packets(stream):
        log.debug('packet length: %d', packet_size)
        packet_data = stream.read(packet_size)
        packet_type = PACKET_TYPES.get(tag)
+        assert packet_type is not None, tag

-        if packet_type:
-            p = packet_type(util.Reader(io.BytesIO(packet_data)))
-        else:
-            raise ValueError('Unknown packet type: {}'.format(tag))
-
+        p = packet_type(util.Reader(io.BytesIO(packet_data)))
        p['tag'] = tag
        log.debug('packet "%s": %s', p['type'], p)
        yield p
@ -317,7 +314,7 @@ def verify_digest(pubkey, digest, signature, label):
        log.debug('%s is OK', label)
    except ecdsa.keys.BadSignatureError:
        log.error('Bad %s!', label)
-        raise
+        raise ValueError('Invalid ECDSA signature for {}'.format(label))


 def remove_armor(armored_data):
--- a/trezor_agent/gpg/tests/test_decode.py
+++ b/trezor_agent/gpg/tests/test_decode.py
@ -1,5 +1,7 @@
 import io

+import pytest
+
 from .. import decode
 from ... import util

@ -13,6 +15,9 @@ def test_mpi():
    s = io.BytesIO(b'\x00\x09\x01\x23')
    assert decode.parse_mpi(util.Reader(s)) == 0x123

+    s = io.BytesIO(b'\x00\x09\x01\x23\x00\x03\x05')
+    assert decode.parse_mpis(util.Reader(s), n=2) == [0x123, 5]
+

 def assert_subdict(d, s):
    for k, v in s.items():
@ -57,3 +62,25 @@ zpR9luXTKwMEl+mlZmwEFKZXBmir
        'unhashed_subpackets': [b'\x10M\xc0\x9e\x85\xfaD \xf2', b'dTREZOR-GPG'],
        '_to_hash': b'\x04\x13\x13\x08\x00\x12\x05\x02WHH\xd6\x02\x1b\x03\x02\x15\x08\x02\x16\x00\x02\x17\x80\x04\xff\x00\x00\x00\x18'  # nopep8
    })
+
+    digest = decode.digest_packets(packets=[pubkey, user_id, signature])
+    decode.verify_digest(pubkey=pubkey, digest=digest,
+                         signature=signature['sig'],
+                         label='GPG primary public key')
+
+    with pytest.raises(ValueError):
+        bad_digest = b'\x00' * len(digest)
+        decode.verify_digest(pubkey=pubkey, digest=bad_digest,
+                             signature=signature['sig'],
+                             label='GPG primary public key')
+
+    message = b'Hello, World!\n'
+    signature = b'''-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2
+
+iF4EABMIAAYFAldIlfQACgkQTcCehfpEIPKOUgD9FjaeWla4wOuDZ7P6fhkT5nZp
+KDQU0N5KmNwLlt2kwo4A/jQkBII2cI8tTqOVTLNRXXqIOsMf/fG4jKM/VOFc/01c
+=dC+z
+-----END PGP SIGNATURE-----
+'''
+    decode.verify(pubkey=pubkey, signature=signature, original_data=message)