Unsignedio
/
python-gnupg
mirror of https://github.com/markqvist/python-gnupg.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Hack around the nasty ctb=%d.02 GnuPG bug that keeps resurfacing. 

* https://bugs.g10code.com/gnupg/issue1179

 * This bug has resurfaced several times in GnuPG's history, and as far as I've
   understood it, it is due to a generation or an attempt at parsing a .gpg
   file (a message/file, or one of the keyrings) which is generated/formatted
   such that the GnuPG data packets comprise a certain number of bytes (562
   bytes precisely) and/or the demarcation signal (two equal signs, '==') of
   the trailing ctb (I assume 'ctb' stands for cipher text bytes; it's
   everywhere in GnuPG's sourcecode) CRC checksum ends up on its own line, like
   so:

        -----BEGIN PGP MESSAGE-----

        hQIMA1DJjYe0ARAPAQ/6A7PWiyfiBIpbJ7+XbaptYPB0muoi3rXF4cuIXU37uDug
        04Cck+8u9hcMjhYd0pN6zJMJLO8CUOdUKJblpxPSYc7yanJDc33n1jsdkr7XNbbz
        Xjh1z3EJZPhhp3YE7lqgnTTXQsGUihnhwiQqsuNgCVZfSwXpVFa+IHC+/AXhAPLl
        /BoY6+YOupD8G4bOUCU/XBvQp8uH9kh9n9101+6SopJ94H354X0PtZJs5BISCW7g
        /tUxAqxLesDaZkHF91HL7AJE8+/pheTc8vHGP+Zu8/Q5Lr+GW2cUrCXXxUV/xRIh
        P7t7WDdU5V1BXyughEBP7Jwr8G3llKr42ZRVgvOyFIe+sMVibq2dEhxJr/sjR0j6
        lYws+tZVWbmuxOnMDCjgIaEverU0nnd1SqQ/tS7yFh8lpBfMay2IdVVh+Bi3zDeT
        Kb/h3tCjG0++h5FuG8UBWv13LRlfcF817ShnwoG80y4cESgCXxZGkd9DRExH8wy8
        VJpIaVKiaZs5jlHLHX4JWy2IVmEvk/6xwZZwrNV4sGYzDGkxHLyTUUQu/NOkCtAb
        2Zs9mGrtsSGSoP6lfKDk9hh8fJtPGxGzIezVR9WXYKeYAfGZOzMI1Ji1jF1fO21G
        KqTaF2WnWfaWmsuICTiBntgNntZRsXwmMNkcBt5LVK8uRpWQqIQmAkN4vl6SgovS
        QAHrC6D9mUmoNvKcS71aH4uZjkfYtNmgp8i5cmTP6UaGouVeqzDCtK/vIy1V/iaX
        89vcdsILlMMVB/10Rtscyus
        ==suET
        -----END PGP MESSAGE-----

    When this happens, GnuPG *stops* parsing entirely before the CRC checksum
    following the '==', and thus the next time it starts parsing again the
    first thing it gets is the end header '-----END PGP MESSAGE-----'.

 * My solution for hacking around this is to export directly to a keyring,
   which can either be one we create for this purpose, or the keyring set as
   self.pubring. I do not know yet if this will affect --list-keys.
feature/documentation-builds-html
Isis Lovecruft 2013-04-10 19:17:33 +00:00
parent dc0d9cf70b
commit 00e94d6b34
No known key found for this signature in database
GPG Key ID: A3ADB67A2CDB8B35
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
gnupg.py
View File

@ -1636,7 +1636,7 @@ class GPG(object):
if str(val).strip(): # skip empty strings
parms[key] = val
parms.setdefault('Key-Type', 'RSA')
parms.setdefault('Key-Length', 2048)
parms.setdefault('Key-Length', 4096)
parms.setdefault('Name-Real', "Autogenerated Key")
parms.setdefault('Name-Comment', "Generated by gnupg.py")
try:
@ -1649,6 +1649,8 @@ class GPG(object):
out = "Key-Type: %s\n" % parms.pop('Key-Type')
for key, val in list(parms.items()):
out += "%s: %s\n" % (key, val)
out += "%%pubring %s.pub\n" % self.pubring
out += "%%secring %s.pub\n" % self.secring
out += "%commit\n"
return out