[git] GPGME - branch, ben/docs/2018-03, updated. gpgme-1.10.0-89-g6bc12a0
by Ben McGinnes
cvs at cvs.gnupg.org
Wed Mar 14 21:22:08 CET 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 6bc12a0eeb20409770cb8b923d08c18c2b730cb8 (commit)
via e5c85fba25de1187949697e2dae0e89345b71e89 (commit)
from ada059b07178147821b1598c935aa70ae45e3e6c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6bc12a0eeb20409770cb8b923d08c18c2b730cb8
Author: Ben McGinnes <ben at adversary.org>
Date: Thu Mar 15 07:20:31 2018 +1100
doc: python bindings howto
* Added 4 signature verification methods and partial text for them.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index b3f787a..7e7265f 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -825,7 +825,7 @@
Though PGP/in-line messages are no longer encouraged in favour of
PGP/MIME, there is still sometimes value in utilising in-line
- signatures. This is where clearsigned messages or text is of
+ signatures. This is where clear-signed messages or text is of
value.
#+begin_src python
@@ -845,7 +845,7 @@
afile.close()
#+end_src
- In spite of the appearance of a clearsigned message, the data
+ In spite of the appearance of a clear-signed message, the data
handled by GPGME in signing it must still be byte literals.
#+begin_src python
@@ -869,30 +869,127 @@
:CUSTOM_ID: howto-basic-verification
:END:
- Verify a signed file, both detached and not:
+ Essentially there are two principal methods of verification of a
+ signature. The first of these is for use with the normal or
+ default signing method and for clear-signed messages. The second is
+ for use with files and data with detached signatures.
+
+ The following example is intended for use with the default signing
+ method where the file was not ASCII armoured:
#+begin_src python
import gpg
- import sys
import time
+ filename = "statement.txt"
+ gpg_file = "statement.txt.gpg"
+
c = gpg.Context()
- data, result = c.verify(open(filename),
- open(detached_sig_filename)
- if detached_sig_filename else None)
-
- for index, sign in enumerate(result.signatures):
- print("signature", index, ":")
- print(" summary: %#0x" % (sign.summary))
- print(" status: %#0x" % (sign.status))
- print(" timestamp: ", sign.timestamp)
- print(" timestamp: ", time.ctime(sign.timestamp))
- print(" fingerprint:", sign.fpr)
- print(" uid: ", c.get_key(sign.fpr).uids[0].uid)
-
- if data:
- sys.stdout.buffer.write(data)
+ try:
+ verified = c.verify(open(gpg_file))
+ except gpg.errors.BadSignatures as e:
+ verified = None
+ print(e)
+
+ if verified is not None:
+ for i in range(len(verified[1].signatures)):
+ sign = verified[1].signatures[i]
+ print("""Good signature from:
+ {0}
+ with key {1}
+ made at {2}
+ """.format(c.get_key(sign.fpr).uids[0].uid,
+ sign.fpr, time.ctime(sign.timestamp)))
+ else:
+ pass(e)
+ #+end_src
+
+ Whereas this next example, which is almost identical would work
+ with normal ASCII armoured files and with clear-signed files:
+
+ #+begin_src python
+ import gpg
+ import time
+
+ filename = "statement.txt"
+ asc_file = "statement.txt.asc"
+
+ c = gpg.Context()
+
+ try:
+ verified = c.verify(open(asc_file))
+ except gpg.errors.BadSignatures as e:
+ verified = None
+ print(e)
+
+ if verified is not None:
+ for i in range(len(verified[1].signatures)):
+ sign = verified[1].signatures[i]
+ print("""Good signature from:
+ {0}
+ with key {1}
+ made at {2}
+ """.format(c.get_key(sign.fpr).uids[0].uid,
+ sign.fpr, time.ctime(sign.timestamp)))
+ else:
+ pass
+ #+end_src
+
+ #+begin_src python
+ import gpg
+ import time
+
+ filename = "statement.txt"
+ sig_file = "statement.txt.sig"
+
+ c = gpg.Context()
+
+ try:
+ verified = c.verify(open(filename), open(sig_file))
+ except gpg.errors.BadSignatures as e:
+ verified = None
+ print(e)
+
+ if verified is not None:
+ for i in range(len(verified[1].signatures)):
+ sign = verified[1].signatures[i]
+ print("""Good signature from:
+ {0}
+ with key {1}
+ made at {2}
+ """.format(c.get_key(sign.fpr).uids[0].uid,
+ sign.fpr, time.ctime(sign.timestamp)))
+ else:
+ pass
+ #+end_src
+
+ #+begin_src python
+ import gpg
+ import time
+
+ filename = "statement.txt"
+ asc_file = "statement.txt.asc"
+
+ c = gpg.Context()
+
+ try:
+ verified = c.verify(open(filename), open(asc_file))
+ except gpg.errors.BadSignatures as e:
+ verified = None
+ print(e)
+
+ if verified is not None:
+ for i in range(len(verified[1].signatures)):
+ sign = verified[1].signatures[i]
+ print("""Good signature from:
+ {0}
+ with key {1}
+ made at {2}
+ """.format(c.get_key(sign.fpr).uids[0].uid,
+ sign.fpr, time.ctime(sign.timestamp)))
+ else:
+ pass
#+end_src
commit e5c85fba25de1187949697e2dae0e89345b71e89
Author: Ben McGinnes <ben at adversary.org>
Date: Thu Mar 15 04:07:57 2018 +1100
doc: python bindings howto
* Added description for detached signatures.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 71ddbcf..b3f787a 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -823,21 +823,45 @@
:CUSTOM_ID: howto-basic-signing-clear
:END:
- #+begin_src python
- import gpg
+ Though PGP/in-line messages are no longer encouraged in favour of
+ PGP/MIME, there is still sometimes value in utilising in-line
+ signatures. This is where clearsigned messages or text is of
+ value.
- text = """Declaration of ... something.
+ #+begin_src python
+ import gpg
- """
+ text0 = """Declaration of ... something.
- c = gpg.Context()
- signed = c.sign(text, mode=2)
+ """
+ text = text0.encode("utf-8")
- afile = open("/path/to/statement.txt.asc", "w")
- for i in range(len(signed[0].splitlines())):
- afile.write("{0}\n".format(signed[0].splitlines()[i].decode('utf-8')))
- afile.close()
- #+end_src
+ c = gpg.Context()
+ signed = c.sign(text, mode=2)
+
+ afile = open("/path/to/statement.txt.asc", "w")
+ for line in signed[0].splitlines():
+ afile.write("{0}\n".format(line.decode("utf-8")))
+ afile.close()
+ #+end_src
+
+ In spite of the appearance of a clearsigned message, the data
+ handled by GPGME in signing it must still be byte literals.
+
+ #+begin_src python
+ import gpg
+
+ tfile = open("/path/to/statement.txt", "rb")
+ text = tfile.read()
+ tfile.close()
+
+ c = gpg.Context()
+ signed = c.sign(text, mode=2)
+
+ afile = open("/path/to/statement.txt.asc", "wb")
+ afile.write(signed[0])
+ afile.close()
+ #+end_src
** Signature verification
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 177 +++++++++++++++++++++++++++-----
1 file changed, 149 insertions(+), 28 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
More information about the Gnupg-commits
mailing list