summaryrefslogtreecommitdiff
path: root/plugins/gpg
diff options
context:
space:
mode:
authorFlorent Le Coz <louiz@louiz.org>2011-11-12 22:24:05 +0100
committerFlorent Le Coz <louiz@louiz.org>2011-11-12 22:24:05 +0100
commitcc4f6c8b4c7b1a02ed11bfe48f03eefedde2ecaa (patch)
treed1f165c9277e7db85cd0c0352a81be80d010293b /plugins/gpg
parent05ef3594894e0bcbe80b98e81c2a2659ea01855f (diff)
downloadpoezio-cc4f6c8b4c7b1a02ed11bfe48f03eefedde2ecaa.tar.gz
poezio-cc4f6c8b4c7b1a02ed11bfe48f03eefedde2ecaa.tar.bz2
poezio-cc4f6c8b4c7b1a02ed11bfe48f03eefedde2ecaa.tar.xz
poezio-cc4f6c8b4c7b1a02ed11bfe48f03eefedde2ecaa.zip
Try to verify signatures with different hashes, and use always_trust.
Diffstat (limited to 'plugins/gpg')
-rw-r--r--plugins/gpg/__init__.py20
1 files changed, 11 insertions, 9 deletions
diff --git a/plugins/gpg/__init__.py b/plugins/gpg/__init__.py
index f1b97575..5662bd4f 100644
--- a/plugins/gpg/__init__.py
+++ b/plugins/gpg/__init__.py
@@ -14,7 +14,7 @@ NS_ENCRYPTED = "jabber:x:encrypted"
SIGNED_ATTACHED_MESSAGE = """-----BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
+Hash: %(hash)s
%(clear)s
-----BEGIN PGP SIGNATURE-----
@@ -98,13 +98,15 @@ class Plugin(BasePlugin):
del self.contacts[bare]
return
if self.config.has_section('keys') and bare in self.config.options('keys'):
- to_verify = SIGNED_ATTACHED_MESSAGE % {'clear': presence['status'],
- 'data': signed.text}
- verify = self.gpg.verify(to_verify)
- if verify:
- self.contacts[full] = 'valid'
- else:
- self.contacts[full] = 'invalid'
+ self.contacts[full] = 'invalid'
+ for hash_ in ('SHA1', 'SHA256'):
+ to_verify = SIGNED_ATTACHED_MESSAGE % {'clear': presence['status'],
+ 'data': signed.text,
+ 'hash': hash_}
+ verify = self.gpg.verify(to_verify)
+ if verify:
+ self.contacts[full] = 'valid'
+ break
else:
self.contacts[full] = 'signed'
@@ -127,7 +129,7 @@ class Plugin(BasePlugin):
# cannot be encrypted.
del message['xhtml_im']
encrypted_element = ET.Element('{%s}x' % (NS_ENCRYPTED,))
- encrypted_element.text = self.remove_gpg_headers(xml.sax.saxutils.escape(str(self.gpg.encrypt(message['body'], self.config.get(to.bare, '', section='keys')))))
+ encrypted_element.text = self.remove_gpg_headers(xml.sax.saxutils.escape(str(self.gpg.encrypt(message['body'], self.config.get(to.bare, '', section='keys'), always_trust=True))))
message.append(encrypted_element)
message['body'] = 'This message has been encrypted.'