From 9774f9b185118e77ee1c59cf3e9eecc0e43e6030 Mon Sep 17 00:00:00 2001
From: Ruben Pollan <meskio@sindominio.net>
Date: Thu, 20 Nov 2014 10:56:21 -0600
Subject: Return signing key on signature verification

Don't throw an exception if verification fails
---
 src/leap/keymanager/__init__.py | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

(limited to 'src/leap/keymanager/__init__.py')

diff --git a/src/leap/keymanager/__init__.py b/src/leap/keymanager/__init__.py
index 1704e0b..b2b05f4 100644
--- a/src/leap/keymanager/__init__.py
+++ b/src/leap/keymanager/__init__.py
@@ -452,22 +452,21 @@ class KeyManager(object):
                              to fetch from nickserver
         :type fetch_remote: bool
 
-        :return: The decrypted data.
-        :rtype: str
+        :return: The decrypted data and the signing key if signature verifies
+        :rtype: (unicode, EncryptionKey)
 
         :raise KeyNotFound: If any of the keys was not found both locally and
                             in keyserver.
         :raise DecryptError: Raised if failed decrypting for some reason.
-        :raise InvalidSignature: Raised if unable to verify the signature with
-                                 C{verify} address.
         """
         privkey = self.get_key(address, ktype, private=True)
         pubkey = None
         if verify is not None:
             pubkey = self.get_key(verify, ktype, private=False,
                                   fetch_remote=fetch_remote)
-        return self._wrapper_map[ktype].decrypt(
+        decrypted, signed = self._wrapper_map[ktype].decrypt(
             data, privkey, passphrase, pubkey)
+        return (decrypted, pubkey if signed else None)
 
     def sign(self, data, address, ktype, digest_algo='SHA512', clearsign=False,
              detach=True, binary=False):
@@ -520,18 +519,17 @@ class KeyManager(object):
                              to fetch from nickserver
         :type fetch_remote: bool
 
-        :return: signature matches
-        :rtype: bool
+        :return: The signing key if signature verifies else None
+        :rtype: EncryptionKey
 
         :raise KeyNotFound: If the key was not found both locally and
                             in keyserver.
-        :raise InvalidSignature: Raised if unable to verify the signature with
-                                 C{verify} address.
         """
         pubkey = self.get_key(address, ktype, private=False,
                               fetch_remote=fetch_remote)
-        return self._wrapper_map[ktype].verify(
+        signed = self._wrapper_map[ktype].verify(
             data, pubkey, detached_sig=detached_sig)
+        return pubkey if signed else None
 
     def delete_key(self, key):
         """
-- 
cgit v1.2.3