pgpy has been using TZ-naive datetime objects, despite all OpenPGP
wire-format dates being essentially UTC.
Better to represent the datetime objects explicitly as UTC.
Closes: #401
Key Server Preferences (RFC 4880 §5.2.3.17) is a bitfield, more like
Key Flags (RFC 4880 §5.2.3.21) than Preferred Hash Algorithms (RFC
4880 §5.2.3.8).
The caller should be able to invoke this as a set when calling
PGPKey.certify().
This patch also improves documentation for PGPKey.certify() to
indicate how to pass in these flags.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Some older versions of the python bindings for GPGME produce python
objects that reference the underlying gpg.Context objects.
When a gpg.Context is used in a "with" clause, it is disposed of at
the end, and any resulting objects that reference that context object
are dangling.
This doesn't seem to be a problem with gpgme 1.13.1 (the current
version), but i was seeing segfaults in the PGPy test suite when used
with gpgme 1.12.0 :(
These fixes should make PGPy's test suite more robust against this
kind of failure.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- first pass super basic integration test separation
- BCPG decryption tests now pass so removed XFAIL marker
- remove unused imports
- added some warning filtering to reduce noise
This increases the versioned dependency on the cryptography module to
2.6, since that is the version that provides the necessary ed25519
functionality.
We also add a "pure" 25519 OpenPGP certificate for testing purposes.
Closes#221, #222, #247
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This increases the minimum versioned dependency on the cryptography
module to 2.5, where the necessary features are exposed.
We also add a mixed RSA + ECDH OepnPGP certificate for testing
purposes.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
We were testing the wrong version of the curve string. With this
change on python-cryptography 2.6.1 and openssl 1.1.1c, we drop from
26 xfailed to 14 xfailed tests.
- added missed call to _compute.chksum in ECDSAPriv
- replaced all gpg wrapper fixtures in the unit test suite with gpg package
- moved test suite gnupghome location to tests/gnupghome
- Exposes the revocation signatures of the key(primary or sub).
> OpenPGP users may transfer public keys. The essential elements of a
> transferable public key are as follows:
>
> - One Public-Key packet
>
> - Zero or more revocation signatures
added a memoryview wrapper for python 2 to make this usage more uniform
- started implementing __copy__ methods to make copying PGP* objects less useless
- added an initial set of copy tests
- moved _parent stuff to a new mixin class ParentRef to reduce code duplication
this also wraps _parent references in weakrefs to help reduce cycles
- implemented recovering a public key from a private key [closes#92]
added a test for this as well
- added missing OIDs for EllipticCurveOID enum members
- expanded test of expected key generation failures to test all ECC OIDs that aren't implemented yet
- some minor code cleanups
- Additional code needed to generate ECDH keys also added
- Encrypt/decrypt using ECDH also works
- Added some code to the test harness to start making it work with gpg 2.1
- Fixed key generation tests to test generating keys using all possible algorithms
- Updated documentation sources to reflect these changes
- updated CI configs so that Python 3.2 can actually finish running the test suite without crashing since it is stuck on an older version of Cryptography
- added additional tests to test setup.py on all versions of Python after I noticed that a recent change would have made it break on Python 3.2
- enum34 should no longer be installed needlessly on Python 3.4 or newer
- added --no-cache-dir to tox's call to pip to install dependencies needed for testing
- Added ECDSA signing and verification - closes#111
- ECDSA key generation is also supported
- refactored some of the signing/verification machinery to simplify code in PGPKey._sign and PGPKey.verify
- fixed a bug with Signature subpacket ByteFlags where the byte output was not being properly null-padded to the length of the subpacket when necessary, which led to the potential for key outputs that would fail to parse properly if update_hlen was not called (which is silly)
- fixed string formatting UserID packets when the comment and/or email address are missing - closes#142
- implemented OpaquePubKey and OpaquePrivKey so that keys using unimplemented formats can still be loaded without error, even if they can't be used
- enabled initial key action testing using ecc.1.pub.asc and ecc.1.sec.asc (which also required copying the two signatures from ecc.1.pub.asc to ecc.1.sec.asc)
- improved test output for some tests with auto-ids that were formed in an unfortunate manner
- modified tox.ini so that py32 can continue to be tested even though cryptography no longer supports it
- Key Generation - #147 :
- implemented new API method
- added unit tests for generating keys, adding user ids, and adding new subkeys
- added unit tests to test basic expected exception raising when trying to use incomplete keys
- added a very basic key-completeness test to the @KeyAction decorator
- added __contains__ to SignatureVerification
- renamed PGPSignature.expires to PGPSignature.expires_at for consistency
- added missing property PGPKey.expires_at
- added documentation to PGPUID's class docstring to indicate that it implements __format__ for GnuPG-like formatting of User IDs.
