gpgme/lang/python/examples/howto/verify-signatures.py

#!/usr/bin/env python3
# -*- coding: utf-8 -*-

from __future__ import absolute_import, division, unicode_literals

# Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE.  See the GNU General Public License and the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU General Public License and the GNU
# Lesser General Public along with this program; if not, see
# <http://www.gnu.org/licenses/>.

import gpg
import sys
import time

"""
Verifies a signed file which has been signed with a detached signature.
"""

if len(sys.argv) > 2:
    filename = sys.argv[1]
    sig_file = sys.argv[2]
elif len(sys.argv) == 2:
    filename = sys.argv[1]
    sig_file = input("Enter the path and filename of the detached signature: ")
else:
    filename = input("Enter the path and filename to verify: ")
    sig_file = input("Enter the path and filename of the detached signature: ")

c = gpg.Context()

try:
    data, result = c.verify(open(filename), open(sig_file))
    verified = True
except gpg.errors.BadSignatures as e:
    verified = False
    print(e)

if verified is True:
    for i in range(len(result.signatures)):
        sign = result.signatures[i]
        print("""Good signature from:
{0}
with key {1}
made at {2}
""".format(c.get_key(sign.fpr).uids[0].uid, sign.fpr,
           time.ctime(sign.timestamp)))
else:
    pass
example: verify signatures * Added example for verifying detached signatures against the files they're the signatures for. 2018-03-21 16:58:58 +00:00			`#!/usr/bin/env python3`
			`# -- coding: utf-8 --`

			`from __future__ import absolute_import, division, unicode_literals`

			`# Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>`
			`#`
			`# This program is free software; you can redistribute it and/or modify it under`
			`# the terms of the GNU General Public License as published by the Free Software`
			`# Foundation; either version 2 of the License, or (at your option) any later`
			`# version.`
			`#`
			`# This program is free software; you can redistribute it and/or modify it under`
			`# the terms of the GNU Lesser General Public License as published by the Free`
			`# Software Foundation; either version 2.1 of the License, or (at your option)`
			`# any later version.`
			`#`
			`# This program is distributed in the hope that it will be useful, but WITHOUT`
			`# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS`
			`# FOR A PARTICULAR PURPOSE. See the GNU General Public License and the GNU`
examples: python bindings and hkp4py updates * Mostly tightening up the details on the hkp4py example script. * Also fixed a typo in the LGPL boiler plate text included in all the other example scripts for the HOWTO. 2018-09-23 01:43:34 +00:00			`# Lesser General Public License for more details.`
example: verify signatures * Added example for verifying detached signatures against the files they're the signatures for. 2018-03-21 16:58:58 +00:00			`#`
			`# You should have received a copy of the GNU General Public License and the GNU`
			`# Lesser General Public along with this program; if not, see`
			`# <http://www.gnu.org/licenses/>.`

			`import gpg`
			`import sys`
			`import time`

			`"""`
			`Verifies a signed file which has been signed with a detached signature.`
			`"""`

			`if len(sys.argv) > 2:`
			`filename = sys.argv[1]`
			`sig_file = sys.argv[2]`
			`elif len(sys.argv) == 2:`
			`filename = sys.argv[1]`
			`sig_file = input("Enter the path and filename of the detached signature: ")`
			`else:`
			`filename = input("Enter the path and filename to verify: ")`
			`sig_file = input("Enter the path and filename of the detached signature: ")`

			`c = gpg.Context()`

			`try:`
			`data, result = c.verify(open(filename), open(sig_file))`
			`verified = True`
			`except gpg.errors.BadSignatures as e:`
			`verified = False`
			`print(e)`

			`if verified is True:`
			`for i in range(len(result.signatures)):`
			`sign = result.signatures[i]`
			`print("""Good signature from:`
			`{0}`
			`with key {1}`
			`made at {2}`
			`""".format(c.get_key(sign.fpr).uids[0].uid, sign.fpr,`
			`time.ctime(sign.timestamp)))`
			`else:`
			`pass`