Merge pull request #264 from lukpueh/fix-gpg-dsa-test

Change DSA test key format + adopt test code

Author: lukpueh

requirements-pinned.txt

@@ -1,6 +1,6 @@
 cffi==1.14.1              # via cryptography, pynacl
 colorama==0.4.3
-cryptography==2.9.2
+cryptography==3.0
 enum34==1.1.6             ; python_version < "3" # via cryptography
 ipaddress==1.0.23         ; python_version < "3" # via cryptography
 pycparser==2.20           # via cffi

tests/gpg_keyrings/dsa/C242A830DAAF1C2BEF604A9EF033A3A3E267B3B1.pem

@@ -0,0 +1,20 @@
+-----BEGIN PUBLIC KEY-----
+MIIDRjCCAjkGByqGSM44BAEwggIsAoIBAQD8oyds14wg48c64jmGdARgOfXZD0Hj
+7em8mflAANFFaTUiZx+6SB0i4KmzHmldGY2l5i9P+0213GQHbQ8tfQPOlT/HhGpt
+ThehC/Hc0XFn96/3YbWfohgOf80spSfAPFDHhmW1U5vytFZIttI/MfN5meantOCH
+bdrX7Hg7jux+H7FHM+dLawsQXL3Fp96OCUZX8hRs5Doxd1gcsCKk4s5meKM2Slbg
+IJBVmm39gdkco7fGr9T8/Gb9iDOdIXBiRi9Rxckdbsz6+zIGW+aOa5Hsg3xZpRuu
+vsoccP04kcm7tn99kg+RU/xNLKA/iKJ7cN8WhHCfma0YcHGJsBVEGyv7AiEAhHee
+6uAjjXqaAwpjm/AaD571F6XZUFmcGaTlT7vyMhkCggEAf3JSrhgkuvK+X8j0MaGX
+hoOjjUoizCvNwBzNH17uR6lkqldjmmGM+xsQcHtNCf8RpEjoO6cBI1c/LUmlmfUx
+OnRGPluzyj1hcqAPArAQZc4xJQHheX97V+YGlHxEvYOf3o1DJp8ft0r2zt9Nt/q/
+CyNX7QnVY4Gsdp71qK8bRFDgyItk7hyrn63rMbe+Yge34XAIozp2E4MfcKEj1ZJ5
+3LwiOPRu6qgJd5W3gF8bg37zuOgHFk4Yb66fo/9RAhMJa/VAQOrFRaaltHyRDmz3
+4wbh9Gcj8UsCzZ4LD/KlbDsmBIaUMasyY9Yb9QaL7jbIgMe/LHRtyuXQ17L/8kTv
+QwOCAQUAAoIBAC3VCyKSRBREWB+aC32Nf4i1c/xFH15yB8MkaUIywi4XG1CPaEKu
+m6vFb+TlhqIghhiLSCe3q6jHv/SkrJqoDINUILGvukq08bHA74lEN5A6n0xW6+8D
+eASpmSXJoVO4oWwVYvKXdVrqog+gKrMqpTZuBStrqpqTQ1bU9fwhh4UBjdErLI5t
+YF0q+zbLBqnM7Z6h9fgnmNY13iZO8OtZWQxKSy/fI2mjb5VhSATHqllmupWXQEui
+0saIGVkRLeUt5LbU8eLIpZ3arbCKWayDNBGPFaoBWT6FECSQXqbYhMOlRa9v3QPI
+0rVNodNecQ73WitHdbt4xQso0eL7SEFtyUE=
+-----END PUBLIC KEY-----

tests/test_gpg.py

@@ -655,31 +655,31 @@ def tearDownClass(self):
   def test_export_pubkey(self):
     """ export a public key and make sure the parameters are the right ones:
 
-      since there's very little we can do to check rsa key parameters are right
-      we pre-exported the public key to an ssh key, which we can load with
-      cryptography for the sake of comparison """
+      since there's very little we can do to check key parameters are right
+      we pre-exported the public key to an x.509 SubjectPublicKeyInfo key,
+      which we can load with cryptography for the sake of comparison """
 
     # export our gpg key, using our functions
     key_data = export_pubkey(self.default_keyid, homedir=self.gnupg_home)
     our_exported_key = dsa_create_pubkey(key_data)
 
-    # load the equivalent ssh key, and make sure that we get the same RSA key
-    # parameters
-    ssh_key_basename = "{}.ssh".format(self.default_keyid)
-    ssh_key_path = os.path.join(self.gnupg_home, ssh_key_basename)
-    with open(ssh_key_path, "rb") as fp:
+    # load same key, pre-exported with 3rd-party tooling
+    pem_key_basename = "{}.pem".format(self.default_keyid)
+    pem_key_path = os.path.join(self.gnupg_home, pem_key_basename)
+    with open(pem_key_path, "rb") as fp:
       keydata = fp.read()
 
-    ssh_key = serialization.load_ssh_public_key(keydata,
+    pem_key = serialization.load_pem_public_key(keydata,
         backends.default_backend())
 
-    self.assertEqual(ssh_key.public_numbers().y,
+    # make sure keys match
+    self.assertEqual(pem_key.public_numbers().y,
         our_exported_key.public_numbers().y)
-    self.assertEqual(ssh_key.public_numbers().parameter_numbers.g,
+    self.assertEqual(pem_key.public_numbers().parameter_numbers.g,
         our_exported_key.public_numbers().parameter_numbers.g)
-    self.assertEqual(ssh_key.public_numbers().parameter_numbers.q,
+    self.assertEqual(pem_key.public_numbers().parameter_numbers.q,
         our_exported_key.public_numbers().parameter_numbers.q)
-    self.assertEqual(ssh_key.public_numbers().parameter_numbers.p,
+    self.assertEqual(pem_key.public_numbers().parameter_numbers.p,
         our_exported_key.public_numbers().parameter_numbers.p)
 
   def test_gpg_sign_and_verify_object_with_default_key(self):