Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add gpg support and custom (sub)process module #174

Merged
merged 160 commits into from
Sep 6, 2019
Merged

Add gpg support and custom (sub)process module #174

Show file tree
Hide file tree
Changes from 140 commits
Commits
Show all changes
160 commits
Select commit Hold shift + click to select a range
cc18025
WIP/ENH: add dsa signature verification
SantiagoTorres Nov 16, 2017
cfce9dc
MAIN: gpg: force the use of gpgv2
SantiagoTorres Nov 16, 2017
9cb50de
FIX; gpg: fall back to default gpg , use sha256
SantiagoTorres Nov 16, 2017
bd4c27c
FIX: addresses review comments for the first round
SantiagoTorres Nov 28, 2017
0487fa8
Add format schemas for in_toto.gpg keys
lukpueh Nov 28, 2017
7fb2b59
ENH: gpg: add subpacket parsing routines
SantiagoTorres Nov 28, 2017
aec11ff
Replace dash in gpg signature field other-headers
lukpueh Nov 29, 2017
ab0e6dd
Re-add keyid to gpg signature dictionary
lukpueh Nov 29, 2017
4c2326c
Remove debug print from gpg.common
lukpueh Nov 30, 2017
3600196
Replace gpg with gpg2 command
lukpueh Nov 30, 2017
1f06a12
Add gpg util function to get installed version
lukpueh Dec 1, 2017
0977573
Add function to check if installed gpg2>=2.1.0
lukpueh Dec 1, 2017
2dc7a44
Warn if parse_signature_packet can't derive keyid
lukpueh Dec 1, 2017
71c56ad
Add workaround if gpg signing can't compute keyid
lukpueh Dec 1, 2017
99cbc33
Add keyid schema check to gpg_export_pubkey
lukpueh Dec 1, 2017
9f11f65
Raise exception when trying to parse empty pubkey
lukpueh Dec 1, 2017
ec13412
Exlcude gpg version case handling from coverage
lukpueh Dec 4, 2017
769afd1
Exclude gpg parsing errors from coverage
lukpueh Dec 4, 2017
09a6a52
Move gpg_verify_signature to gpg.functions module
lukpueh Dec 5, 2017
4dad40a
Add docstrings to gpg.functions
lukpueh Dec 5, 2017
b5bf074
Fix docstring and whitespace in gpg subpackage
lukpueh Dec 5, 2017
105fa7b
Add/update docstring in formats modules
lukpueh Dec 8, 2017
0b3542f
Add gpg.exceptions module
lukpueh Dec 8, 2017
090a38a
Replace item with module imports in gpg package
lukpueh Dec 8, 2017
145157d
Replace package path with module name in doc header
lukpueh Dec 8, 2017
88cb1f9
Modify gpg docstrings to indiciate used gpg cmd
lukpueh Dec 8, 2017
be43e2f
Rename junk variable `_` to `junk`
lukpueh Dec 8, 2017
3441dce
Sanitze inputs in gpg.gpg_verify_signature
lukpueh Dec 8, 2017
aeb0c13
Add blanklines, remove ws, refine docs in gpg
lukpueh Dec 18, 2017
ece2351
Add docstrings to gpg dsa/rsa verify functions
lukpueh Dec 18, 2017
e85d6e0
ENH: gpg: update comments for signature type
SantiagoTorres Jan 8, 2018
a563a61
DOC: gpg: constants: describe hash constant values
SantiagoTorres Jan 8, 2018
eac46e8
DOC:gpg:util:describe subpacket length computation
SantiagoTorres Jan 8, 2018
94b1276
DOC:gpg:common: Improve exception message clarity
SantiagoTorres Jan 8, 2018
7700253
DOC:gpg:functions: update exception docstrings
SantiagoTorres Jan 8, 2018
a069098
DOC:gpg: move outdated comment common -> util
SantiagoTorres Jan 8, 2018
b639db0
ENH: gpg: add missing docstrings
SantiagoTorres Jan 8, 2018
8bd6d51
ENH: gpg: comment unused variables.
SantiagoTorres Jan 8, 2018
5028e68
Minor form fixes in GPG subpackage
lukpueh Jan 8, 2018
724d8a9
Disable pylint import checks for distutils
lukpueh Jan 8, 2018
e1eeef0
Replace filter/lambda with for loop in gpg.common
lukpueh Jan 8, 2018
e49d5ba
Py2/3 use subprocess.Popen in textmode
lukpueh Dec 6, 2017
e9428f2
Py2/3 decode gpg keyids using ascii
lukpueh Dec 6, 2017
1849ac6
Add no coverage pragma to gpg version dependent if
lukpueh Jan 18, 2018
e47f585
Refactor log module
lukpueh Jan 31, 2018
6be8e39
Fix test log inundation
lukpueh Jan 31, 2018
c05dbe2
FIX: gpg: s/pgp+SHA1/pgp+SHA2/
SantiagoTorres Feb 15, 2018
5e3d6d4
FIX:gpg: fix docstring
SantiagoTorres Feb 20, 2018
873d5c1
ENH:gpg: add constant for dsa
SantiagoTorres Feb 20, 2018
d9249b2
WIP: gpg: add signing subkey support
SantiagoTorres Feb 23, 2018
13aa42f
Add optional subkeys to gpg rsa/dsa pubkey schema
lukpueh Feb 26, 2018
a5a9092
Add custom KeyNotFoundError error to gpg module
lukpueh Feb 26, 2018
8c411bb
Add subkeys on gpg pubkey export
lukpueh Feb 26, 2018
c24d9d9
Enable gpg subkey trust in signature verification
lukpueh Feb 26, 2018
a6e90b2
Add gpg subkey to test files
lukpueh Feb 26, 2018
5e87d2b
Add better rfc refs to gpg util function
lukpueh Feb 28, 2018
2a1a39b
Add custom gpg packet parsing exceptions
lukpueh Feb 28, 2018
92f4c32
Add gpg parse_pubkey_payload function
lukpueh Feb 28, 2018
e152209
Add gpg parse_pubkey_bundle function
lukpueh Feb 28, 2018
13462a9
Use parse bundle in gpg_export_pubkey
lukpueh Feb 28, 2018
e7c758a
Remove obsolete gpg parse_pubkey_packet
lukpueh Feb 28, 2018
f462506
Fix minor bug in gpg signature subpacket parser
lukpueh Mar 1, 2018
b0d4018
Add optional short_keyid to gpg signature schema
lukpueh Mar 1, 2018
7226e5d
Return short keyid from parse_signature_packet
lukpueh Mar 1, 2018
fd4abd7
Update gpg_sign_object full keyid workaround
lukpueh Mar 1, 2018
0865b23
Replace occurences of gpg main key with master key
lukpueh Mar 9, 2018
b5fb66c
Add RFC4880 references comments to gpg constants
lukpueh Mar 9, 2018
97c2c65
Rephrase comments for self-referential gpg formats
lukpueh Mar 9, 2018
7af35cb
Update gpg.util.parse_packet_header docstring
lukpueh Mar 9, 2018
f3dd862
Allow user-specified GPG executables (using patch from @SantiagoTorres)
trishankatdatadog Sep 13, 2018
507c1c4
Assume and test that gpg2 exists. Otherwise, assume gpg exists.
trishankatdatadog Sep 14, 2018
44b0afd
Minor edit: use double-quoted strings to be consistent.
trishankatdatadog Sep 14, 2018
6a8b64c
remove unused import
trishankatdatadog Sep 14, 2018
71d6a54
ENH: add windows support
RubyLiu206 Sep 19, 2018
d483e1d
FIX: gpg: functions: remove unused var 'errors'
SantiagoTorres Sep 20, 2018
3250c52
use subprocess32 on python2 by default
trishankatdatadog Sep 26, 2018
94d218e
Simpler code as per @ofek suggestion
trishankatdatadog Sep 29, 2018
3fcca3b
test on windows
trishankatdatadog Oct 2, 2018
7ade166
remove unused imports
trishankatdatadog Oct 2, 2018
7667e1e
Add shebang and doc header to process.py
lukpueh Oct 4, 2018
ea86129
Refactor trishank's process.run wrapper
lukpueh Oct 4, 2018
f493bc9
Add environment marker to install dependencies
lukpueh Oct 4, 2018
55544be
Add debug statements to gpg commands
lukpueh Nov 2, 2018
2777ab6
FIX: gpg/rsa: fix #171 signature length bug
SantiagoTorres Nov 19, 2018
3be3157
MAINT: gpg: remove log.debug statements to fix 171
SantiagoTorres Nov 20, 2018
12fea0e
Add subprocess run function that duplicates streams
lukpueh Jan 22, 2019
ba85c6a
Close files used by subprocess in windows
lukpueh Jan 25, 2019
612771e
Update gpg signature subpacket parsing
lukpueh Feb 18, 2019
2bcda67
Fix gpg subpacket header length parsing
lukpueh Feb 18, 2019
2192ea9
Support gpg new format packet length header
lukpueh Feb 18, 2019
ed6bfa0
Exclude rare gpg packet lengths from coverage
lukpueh Feb 19, 2019
1fa299b
Add partial SHA1 and SHA512 gpg signature support
lukpueh Feb 20, 2019
79440e1
Update supported hash algos in signature parsing
lukpueh Feb 20, 2019
242a935
Update supported types in signature parsing
lukpueh Feb 20, 2019
3676387
Enhance gpg error messages and fix comments/docs
lukpueh Feb 20, 2019
c457290
Add optional info to signature
lukpueh Feb 20, 2019
5030a79
Update keyid handling in parse_signature_packet
lukpueh Feb 27, 2019
0a7adee
Remove obsolete else clause in parse_pubkey_payload
lukpueh Feb 27, 2019
5ed65e1
Add gpg self-certificate verification support
lukpueh Feb 27, 2019
f2e5715
Init primary key as empty dict to fix pylint error
lukpueh Feb 28, 2019
fcf734d
Clean up gpg.util.get_hashing_class
lukpueh Mar 15, 2019
7b3f7f4
Raise/catch specific error in parse_pubkey_bundle
lukpueh Mar 15, 2019
fbcc4dc
Use binary notation for bitmasks in gpg.util
lukpueh Mar 15, 2019
57cb471
Remove stray whitespace before colon
lukpueh Mar 15, 2019
49e7c61
Revert hash algo arg in gpg_verify_signature
lukpueh Mar 18, 2019
10d1ea3
Remove unused import in gpg.rsa
lukpueh Mar 18, 2019
c4be714
Remove underscores in numeric binary literals
lukpueh Mar 18, 2019
ed90fb2
Change return values of gpg parse_packet_header
lukpueh Mar 18, 2019
dba1ac6
Mark unreachable code in parse_packet_header
lukpueh Mar 18, 2019
2aaa1cc
Add gpg.util.parse_packet_header tests
lukpueh Mar 18, 2019
d9ff73a
Reactor gpg.util.parse_subpackets
lukpueh Mar 19, 2019
c7621bd
Add gpg.common.parse_pubkey_payload tests
lukpueh Mar 20, 2019
f08c54f
Re-organize gpg pubkey parsing functions
lukpueh Mar 20, 2019
0dc1865
Update gpg raw pubkey bundle data format
lukpueh Mar 21, 2019
a0c3f06
Update error handling in gpg pubkey parse helpers
lukpueh Mar 21, 2019
2b01c6f
Add gpg.common._get_verified_subkeys tests
lukpueh Mar 21, 2019
8043441
Add gpg.common.parse_signature_packet tests
lukpueh Mar 21, 2019
1947cb2
Exclude full gpg keyid related code from coverage
lukpueh Mar 21, 2019
8353b62
Fix blank lines at module head in gpg subpackage
lukpueh Mar 22, 2019
cd9396c
Use set instead of list in `in` condition
lukpueh Mar 22, 2019
74c5c18
Fix typos in gpg subpackage comments
lukpueh Mar 22, 2019
8c1125b
Add TODO comment to commented out gpg block
lukpueh Mar 22, 2019
dca4360
ENH: gpg:common: parse and verify expiration dates
michizhou Nov 21, 2018
2dd544e
Added signature information extraction for public keys
michizhou Mar 20, 2019
445bb5a
Remove trailing whitespace
lukpueh Mar 22, 2019
13ff99a
Remove unused imports in gpg subpackage and test
lukpueh Mar 22, 2019
b6f5370
Remove expiration parsing in parse_pubkey_payload
lukpueh Mar 22, 2019
3821720
Remove obsolete SIGNATURE_TYPE_PARSING constant
lukpueh Mar 22, 2019
d2de5b4
Rename gpg pubkey creation and expiration fields
lukpueh Mar 22, 2019
a1efab1
Remove expiration parsing in get_pubkey_payload
lukpueh Mar 22, 2019
ba85bdb
Remove gpg signature key_expire_time field
lukpueh Mar 22, 2019
9f381cd
Refactor gpg certified key information assignment
lukpueh Mar 22, 2019
18a5651
Replace default-key with local-user in gpg sign
lukpueh Mar 27, 2019
6b1f02d
Raise custom CommandError in gpg_sign_object
lukpueh Mar 28, 2019
5d6094c
Raise custom KeyExpirationError in gpg_verify_signature
lukpueh Mar 28, 2019
d2853bd
Make gpg KeyExpirationError message timezone aware
lukpueh Mar 28, 2019
19f5214
Adopt new gpg errors in caller docstrings
lukpueh Mar 28, 2019
a3eec84
Fix _get_verified subkeys docstring and test
lukpueh Mar 28, 2019
6e365b4
Make gpg signature creation subpacket mandatory
lukpueh Apr 24, 2019
47a9d9a
gpg/common: warn when expiration subpacket is unhashed
kristelfung Jun 11, 2019
a1c2e3d
Refactor in-toto comments in gpg + process modules
lukpueh Aug 9, 2019
b0e0d1d
Refactor in_toto.gpg import paths
lukpueh Aug 9, 2019
5f1c6e9
Add timeout setting and use in process module
lukpueh Aug 9, 2019
8f92e5a
Add basic string schemas and use in process module
lukpueh Aug 9, 2019
b19fce3
Add subprocess32 dependency for process module
lukpueh Aug 9, 2019
9116205
Drop Python 3.4 to support new process module
lukpueh Aug 9, 2019
e272ce0
Add tests for process module
lukpueh Aug 9, 2019
54b0ef1
Update process arg test to run over both functions
lukpueh Aug 9, 2019
1dfa700
Add tests for gpg sub-package
lukpueh Aug 9, 2019
ec96669
Copy and call in-toto's check_usable_gpg function
lukpueh Aug 9, 2019
0639e36
Add rsa and dsa test gpg keyrings from in-toto
lukpueh Aug 9, 2019
8c0e480
Add python-dateutil dependency for gpg sub-package
lukpueh Aug 9, 2019
c3cf0b4
Exclude unrelated python files from coverage
lukpueh Aug 9, 2019
a79667a
Add misc gpg test updates
lukpueh Aug 9, 2019
3d71190
Merge gpg.formats into formats and rename
lukpueh Aug 12, 2019
a4f434e
Use gpg schemas from formats in gpg subpackage
lukpueh Aug 12, 2019
5cb71a6
Add minor renames and format fixes in gpg modules
lukpueh Aug 13, 2019
047f81a
Add gpg documentation
lukpueh Aug 13, 2019
ad996ea
Fix signing code snippets in documentation
lukpueh Aug 13, 2019
9906acd
Clarify gpg subpacket comments
lukpueh Sep 5, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions securesystemslib/gpg/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
"""
<Module Name>
gpg

<Author>
Santiago Torres-Arias <santiago@nyu.edu>

<Started>
Nov 15, 2017

<Copyright>
See LICENSE for licensing information.

<Purpose>
This module was written due to the lack of other python (such as pygpg)
modules that can provide an abstraction to the RFC4480 encoded messages from
GPG. The closest candidate we could find was the python bindings for gpgme,
we oped to use a Popen-based python-only construction given that gpgme is
often shipped separately and other popular tools using gpg (e.g., git) don't
use these bindings either. This is because users willing to use gpg signing
are almost guaranteed to have gpg installed, yet the same assumption can't be
made for the gpgme python bindings.
"""
Loading