Unsignedio
/
python-gnupg
mirror of https://github.com/markqvist/python-gnupg.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge remote-tracking branch 'drebs/bug/6025_verify-file-is-inconsistent' into develop

fix/44-verbose-arg
Isis Lovecruft 2014-09-24 19:40:06 +00:00
parent adf27fbdef a26cc9c0f4
commit 042550d151
No known key found for this signature in database
GPG Key ID: 18C16EC5F9F1D673
2 changed files with 14 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
gnupg/gnupg.py
View File

@ -36,13 +36,7 @@ import os
import re
import textwrap
try:
from io import StringIO
except ImportError:
from cStringIO import StringIO
#: see :pep:`328` http://docs.python.org/2.5/whatsnew/pep-328.html
from . import _parsers
from . import _util
from . import _trust
from ._meta import GPGBase
@ -284,15 +278,13 @@ class GPG(GPGBase):
signatures. If using detached signatures, the file containing the
detached signature should be specified as the ``sig_file``.
:param file file: A file descriptor object. Its type will be checked
with :func:`_util._is_file`.
:param file file: A file descriptor object.
:param str sig_file: A file containing the GPG signature data for
``file``. If given, ``file`` is verified via this detached
signature.
signature. Its type will be checked with :func:`_util._is_file`.
"""
fn = None
result = self._result_map['verify'](self)
if sig_file is None:
@ -307,19 +299,15 @@ class GPG(GPGBase):
return result
log.debug('verify_file(): Handling detached verification')
sig_fh = None
data_fh = None
try:
sig_fh = open(sig_file, 'rb')
data_fh = open(file, 'rb')
args = ["--verify %s -" % sig_fh.name]
proc = self._open_subprocess(args)
writer = _util._threaded_copy_data(data_fh, proc.stdin)
writer = _util._threaded_copy_data(file, proc.stdin)
self._collect_output(proc, result, writer, stdin=proc.stdin)
finally:
if sig_fh and not sig_fh.closed:
sig_fh.close()
if data_fh and not data_fh.closed:
data_fh.close()
return result
def import_keys(self, key_data):

20
gnupg/test/test_gnupg.py
View File

@ -33,10 +33,8 @@ from glob import glob
from time import localtime
from time import mktime
import encodings
import doctest
import io
import logging
import os
import shutil
import sys
@ -192,7 +190,9 @@ class GPGTestCase(unittest.TestCase):
print(fixed)
test_file = os.path.join(_files, 'cypherpunk_manifesto')
self.assertTrue(os.path.isfile(test_file))
has_shell = self.gpg.verify_file(test_file, fixed)
datafd = open(test_file, 'rb')
has_shell = self.gpg.verify_file(datafd, sig_file=fixed)
datafd.close()
self.assertFalse(has_shell.valid)
def test_parsers_fix_unsafe_semicolon(self):
@ -664,6 +664,7 @@ class GPGTestCase(unittest.TestCase):
sig = self.gpg.sign(message, default_key=key.fingerprint,
passphrase='johanborst')
self.assertTrue(sig, "Good passphrase should succeed")
try:
file = _util._make_binary_stream(sig.data, self.gpg._encoding)
verified = self.gpg.verify_file(file)
@ -696,7 +697,7 @@ class GPGTestCase(unittest.TestCase):
datafd.seek(0)
sigfd.seek(0)
verified = self.gpg.verify_file(datafn, sigfn)
verified = self.gpg.verify_file(datafd, sig_file=sigfn)
if key.fingerprint != verified.fingerprint:
log.warn("key fingerprint: %r", key.fingerprint)
@ -707,7 +708,7 @@ class GPGTestCase(unittest.TestCase):
os.unlink(sigfn)
def test_signature_verification_detached_binary(self):
"""Test that detached signature verification in binary mode fails."""
"""Test that detached signature verification in binary mode works."""
key = self.generate_key("Adi Shamir", "rsa.com")
datafn = os.path.join(_files, 'cypherpunk_manifesto')
@ -715,7 +716,6 @@ class GPGTestCase(unittest.TestCase):
datafd = open(datafn, 'rb')
data = datafd.read()
datafd.close()
sig = self.gpg.sign(data, default_key=key.fingerprint,
passphrase='adishamir',
@ -734,11 +734,13 @@ class GPGTestCase(unittest.TestCase):
with self.assertRaises(UnicodeDecodeError):
print("SIG=%s" % sig)
verifysig = open(sigfn, 'rb')
verification = self.gpg.verify_file(data, verifysig)
datafd.seek(0)
verification = self.gpg.verify_file(datafd, sig_file=sigfn)
self.assertTrue(isinstance(verification, gnupg._parsers.Verify))
self.assertFalse(verification.valid)
self.assertTrue(verification.valid)
datafd.close()
if os.path.isfile(sigfn):
os.unlink(sigfn)