diff options
author | Florent Le Coz <louiz@louiz.org> | 2011-11-12 22:24:05 +0100 |
---|---|---|
committer | Florent Le Coz <louiz@louiz.org> | 2011-11-12 22:24:05 +0100 |
commit | cc4f6c8b4c7b1a02ed11bfe48f03eefedde2ecaa (patch) | |
tree | d1f165c9277e7db85cd0c0352a81be80d010293b | |
parent | 05ef3594894e0bcbe80b98e81c2a2659ea01855f (diff) | |
download | poezio-cc4f6c8b4c7b1a02ed11bfe48f03eefedde2ecaa.tar.gz poezio-cc4f6c8b4c7b1a02ed11bfe48f03eefedde2ecaa.tar.bz2 poezio-cc4f6c8b4c7b1a02ed11bfe48f03eefedde2ecaa.tar.xz poezio-cc4f6c8b4c7b1a02ed11bfe48f03eefedde2ecaa.zip |
Try to verify signatures with different hashes, and use always_trust.
-rw-r--r-- | plugins/gpg/__init__.py | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/plugins/gpg/__init__.py b/plugins/gpg/__init__.py index f1b97575..5662bd4f 100644 --- a/plugins/gpg/__init__.py +++ b/plugins/gpg/__init__.py @@ -14,7 +14,7 @@ NS_ENCRYPTED = "jabber:x:encrypted" SIGNED_ATTACHED_MESSAGE = """-----BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 +Hash: %(hash)s %(clear)s -----BEGIN PGP SIGNATURE----- @@ -98,13 +98,15 @@ class Plugin(BasePlugin): del self.contacts[bare] return if self.config.has_section('keys') and bare in self.config.options('keys'): - to_verify = SIGNED_ATTACHED_MESSAGE % {'clear': presence['status'], - 'data': signed.text} - verify = self.gpg.verify(to_verify) - if verify: - self.contacts[full] = 'valid' - else: - self.contacts[full] = 'invalid' + self.contacts[full] = 'invalid' + for hash_ in ('SHA1', 'SHA256'): + to_verify = SIGNED_ATTACHED_MESSAGE % {'clear': presence['status'], + 'data': signed.text, + 'hash': hash_} + verify = self.gpg.verify(to_verify) + if verify: + self.contacts[full] = 'valid' + break else: self.contacts[full] = 'signed' @@ -127,7 +129,7 @@ class Plugin(BasePlugin): # cannot be encrypted. del message['xhtml_im'] encrypted_element = ET.Element('{%s}x' % (NS_ENCRYPTED,)) - encrypted_element.text = self.remove_gpg_headers(xml.sax.saxutils.escape(str(self.gpg.encrypt(message['body'], self.config.get(to.bare, '', section='keys'))))) + encrypted_element.text = self.remove_gpg_headers(xml.sax.saxutils.escape(str(self.gpg.encrypt(message['body'], self.config.get(to.bare, '', section='keys'), always_trust=True)))) message.append(encrypted_element) message['body'] = 'This message has been encrypted.' |