From cc4f6c8b4c7b1a02ed11bfe48f03eefedde2ecaa Mon Sep 17 00:00:00 2001
From: Florent Le Coz <louiz@louiz.org>
Date: Sat, 12 Nov 2011 22:24:05 +0100
Subject: Try to verify signatures with different hashes, and use always_trust.

---
 plugins/gpg/__init__.py | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

(limited to 'plugins/gpg')

diff --git a/plugins/gpg/__init__.py b/plugins/gpg/__init__.py
index f1b97575..5662bd4f 100644
--- a/plugins/gpg/__init__.py
+++ b/plugins/gpg/__init__.py
@@ -14,7 +14,7 @@ NS_ENCRYPTED = "jabber:x:encrypted"
 
 
 SIGNED_ATTACHED_MESSAGE = """-----BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
+Hash: %(hash)s
 
 %(clear)s
 -----BEGIN PGP SIGNATURE-----
@@ -98,13 +98,15 @@ class Plugin(BasePlugin):
                 del self.contacts[bare]
             return
         if self.config.has_section('keys') and bare in self.config.options('keys'):
-            to_verify = SIGNED_ATTACHED_MESSAGE % {'clear': presence['status'],
-                                                                'data': signed.text}
-            verify = self.gpg.verify(to_verify)
-            if verify:
-                self.contacts[full] = 'valid'
-            else:
-                self.contacts[full] = 'invalid'
+            self.contacts[full] = 'invalid'
+            for hash_ in ('SHA1', 'SHA256'):
+                to_verify = SIGNED_ATTACHED_MESSAGE % {'clear': presence['status'],
+                                                       'data': signed.text,
+                                                       'hash': hash_}
+                verify = self.gpg.verify(to_verify)
+                if verify:
+                    self.contacts[full] = 'valid'
+                    break
         else:
             self.contacts[full] = 'signed'
 
@@ -127,7 +129,7 @@ class Plugin(BasePlugin):
             # cannot be encrypted.
             del message['xhtml_im']
             encrypted_element = ET.Element('{%s}x' % (NS_ENCRYPTED,))
-            encrypted_element.text = self.remove_gpg_headers(xml.sax.saxutils.escape(str(self.gpg.encrypt(message['body'], self.config.get(to.bare, '', section='keys')))))
+            encrypted_element.text = self.remove_gpg_headers(xml.sax.saxutils.escape(str(self.gpg.encrypt(message['body'], self.config.get(to.bare, '', section='keys'), always_trust=True))))
             message.append(encrypted_element)
             message['body'] = 'This message has been encrypted.'
 
-- 
cgit v1.2.3