summaryrefslogtreecommitdiff
path: root/keymanager
diff options
context:
space:
mode:
Diffstat (limited to 'keymanager')
-rw-r--r--keymanager/changes/bug_6022_fix-call-to-verify-file1
-rw-r--r--keymanager/src/leap/keymanager/openpgp.py13
2 files changed, 5 insertions, 9 deletions
diff --git a/keymanager/changes/bug_6022_fix-call-to-verify-file b/keymanager/changes/bug_6022_fix-call-to-verify-file
new file mode 100644
index 00000000..121e25a7
--- /dev/null
+++ b/keymanager/changes/bug_6022_fix-call-to-verify-file
@@ -0,0 +1 @@
+ o Fix call to python-gnupg's verify_file() method (#6022).
diff --git a/keymanager/src/leap/keymanager/openpgp.py b/keymanager/src/leap/keymanager/openpgp.py
index 46ae2aab..ee37a342 100644
--- a/keymanager/src/leap/keymanager/openpgp.py
+++ b/keymanager/src/leap/keymanager/openpgp.py
@@ -22,12 +22,11 @@ import os
import re
import shutil
import tempfile
+import io
-from contextlib import closing
from gnupg import GPG
from gnupg.gnupg import GPGUtilities
-from gnupg._util import _make_binary_stream
from leap.common.check import leap_assert, leap_assert_type, leap_check
from leap.keymanager import errors
@@ -649,17 +648,13 @@ class OpenPGPScheme(EncryptionScheme):
result = gpg.verify(data)
else:
# to verify using a detached sig we have to use
- # gpg.verify_file(), which receives the name of
- # files containing the date and the signature.
+ # gpg.verify_file(), which receives the data as a binary
+ # stream and the name of a file containing the signature.
sf, sfname = tempfile.mkstemp()
with os.fdopen(sf, 'w') as sfd:
sfd.write(detached_sig)
- df, dfname = tempfile.mkstemp()
- with os.fdopen(df, 'w') as sdd:
- sdd.write(data)
- result = gpg.verify_file(dfname, sig_file=sfname)
+ result = gpg.verify_file(io.BytesIO(data), sig_file=sfname)
os.unlink(sfname)
- os.unlink(dfname)
gpgpubkey = gpg.list_keys().pop()
valid = result.valid
rfprint = result.fingerprint