Unittest #38
Closed
Unittest #38
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 6 commits
July 23, 2024 13:11
WIP solution for M2Crypto substitution by PyCA cryptography. So far only singing works with following keys: tests/smime/cert.pem tests/smime/key.pem
Encryption itself is not yet solved. In case of signing and encrypting message, signature has to be detached, before the message is encrypted and attached after, so this is the status of the app for now.
For single x509 certificate. This feature have to be extended to support multiple certificates and find solution for encryption only without signing.
This commit solves the logic when user wants to encrypt the message without using a x509 certificate or any signature. Logic should be simplified, there is a lot of encoding/decoding back and forth.
Updated expected values in unittests to correct ones. This resulted in passing test_smime_sign. Repaired the case in which we need to sign with passphrase protected cert, which was not loaded correctly due to explicitly setting the password=None in load function. test_smime_key_cert_together_passphrase still fails, but not not because of the error, rather because the expected value. That could be potentionally right, but I was not able to assure that is the case.
Library has build-in method for encryption, this has been added to the if encrypt case. This howerer does not satisfy the tests in previous form, current standard headers don't use `application/x-pkcs7...`, the "x-" part is deprecated. Other test values were updated to check for different lines, but all changes were tested manualy if can be decrypted and/or verified. Which they did.
|
Updated tests to check for values following current standards. All changes were manually tested if the messages can still be decrypted or verified. Value in tests smime_key_cert_together* could most likely also be modified, but I was not able to come up with the command to verify the decryption. |
added 4 commits
August 31, 2024 18:33
Flow is split into 3 cases signed not encrypted signed and encrypted not signed encrypted Generated emails are decrypted/verified using openssl cli, but tests fail. This is work in progress
PyCA cryptography does not have a direct way for decrypting smime envelopes, so tests are done with the use of M2Crypto. This applies to test_multiple_recipients and test_smime_decrypt_attachments. These two test were rewritten to assert the values in decrypted message.
|
All tests are now success. Two tests were rewritten to use M2Crypto for decrypting, since PyCA cryptography does not support decrypting SMIME envelope directly. |
e3rd
requested changes
Oct 4, 2024
| @@ -2,3 +2,4 @@ | |||
| dist | |||
| envelope.egg-info | |||
| __pycache__ | |||
| .vscode | |||
There was a problem hiding this comment.
Please put this into your .git/info/exclude file, I've been told once this is the right way of handling the files that does not relate.
| @@ -1617,4 +1732,4 @@ def smtp_quit(self=None): | |||
| if self is None: | |||
| SMTPHandler.quit_all() | |||
| else: | |||
| self._smtp.quit() | |||
| self._smtp.quit() # | |||
| @@ -94,7 +94,7 @@ def check_lines(self, o, lines: Union[str, Tuple[str, ...]] = (), longer: Union[ | |||
|
|
|||
| cmd = "python3", "-m", "envelope" | |||
|
|
|||
| def bash(self, *cmd, file: Path = None, piped=None, envelope=True, env=None, debug=False, decode=True): | |||
| def bash(self, *cmd, file: Path = None, piped=None, envelope=True, env=None, debug=True, decode=True): | |||
| from M2Crypto import SMIME | ||
| import re |
| # XX verify signature | ||
| e=Envelope.load(path="tests/eml/smime_key_cert_together.eml", key=self.key_cert_together) | ||
| self.assertEqual(MESSAGE, e.message()) | ||
| # def test_smime_key_cert_together(self): |
There was a problem hiding this comment.
why commented? is there an alternative somewhere?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixed an issue with loading password protected cert and updated some expected values in unittests to correct ones. Some minor differences in the signatures could be because of the switch from M2Crypto to PyCA cryptography library and each generate slightly different first line. Signatures were verified with openssl in terminal and every signature was valid.