From d3f7c6df9ddde1e2a6311612fbe37efd9b5ddb56 Mon Sep 17 00:00:00 2001 From: drebs Date: Wed, 27 Aug 2014 12:59:28 -0300 Subject: Fix call to python-gnupg verify_file() method (#6022). --- keymanager/changes/bug_6022_fix-call-to-verify-file | 1 + keymanager/src/leap/keymanager/openpgp.py | 13 ++++--------- 2 files changed, 5 insertions(+), 9 deletions(-) create mode 100644 keymanager/changes/bug_6022_fix-call-to-verify-file diff --git a/keymanager/changes/bug_6022_fix-call-to-verify-file b/keymanager/changes/bug_6022_fix-call-to-verify-file new file mode 100644 index 00000000..121e25a7 --- /dev/null +++ b/keymanager/changes/bug_6022_fix-call-to-verify-file @@ -0,0 +1 @@ + o Fix call to python-gnupg's verify_file() method (#6022). diff --git a/keymanager/src/leap/keymanager/openpgp.py b/keymanager/src/leap/keymanager/openpgp.py index 46ae2aab..ee37a342 100644 --- a/keymanager/src/leap/keymanager/openpgp.py +++ b/keymanager/src/leap/keymanager/openpgp.py @@ -22,12 +22,11 @@ import os import re import shutil import tempfile +import io -from contextlib import closing from gnupg import GPG from gnupg.gnupg import GPGUtilities -from gnupg._util import _make_binary_stream from leap.common.check import leap_assert, leap_assert_type, leap_check from leap.keymanager import errors @@ -649,17 +648,13 @@ class OpenPGPScheme(EncryptionScheme): result = gpg.verify(data) else: # to verify using a detached sig we have to use - # gpg.verify_file(), which receives the name of - # files containing the date and the signature. + # gpg.verify_file(), which receives the data as a binary + # stream and the name of a file containing the signature. sf, sfname = tempfile.mkstemp() with os.fdopen(sf, 'w') as sfd: sfd.write(detached_sig) - df, dfname = tempfile.mkstemp() - with os.fdopen(df, 'w') as sdd: - sdd.write(data) - result = gpg.verify_file(dfname, sig_file=sfname) + result = gpg.verify_file(io.BytesIO(data), sig_file=sfname) os.unlink(sfname) - os.unlink(dfname) gpgpubkey = gpg.list_keys().pop() valid = result.valid rfprint = result.fingerprint -- cgit v1.2.3