doc: python bindings howto
* Added 4 signature verification methods and partial text for them.
This commit is contained in:
Ben McGinnes
parent
e5c85fba25
commit
6bc12a0eeb
@ -825,7 +825,7 @@
|
|||||||
|
|
||||||
Though PGP/in-line messages are no longer encouraged in favour of
|
Though PGP/in-line messages are no longer encouraged in favour of
|
||||||
PGP/MIME, there is still sometimes value in utilising in-line
|
PGP/MIME, there is still sometimes value in utilising in-line
|
||||||
signatures. This is where clearsigned messages or text is of
|
signatures. This is where clear-signed messages or text is of
|
||||||
value.
|
value.
|
||||||
|
|
||||||
#+begin_src python
|
#+begin_src python
|
||||||
@ -845,7 +845,7 @@
|
|||||||
afile.close()
|
afile.close()
|
||||||
#+end_src
|
#+end_src
|
||||||
|
|
||||||
In spite of the appearance of a clearsigned message, the data
|
In spite of the appearance of a clear-signed message, the data
|
||||||
handled by GPGME in signing it must still be byte literals.
|
handled by GPGME in signing it must still be byte literals.
|
||||||
|
|
||||||
#+begin_src python
|
#+begin_src python
|
||||||
@ -869,30 +869,127 @@
|
|||||||
:CUSTOM_ID: howto-basic-verification
|
:CUSTOM_ID: howto-basic-verification
|
||||||
:END:
|
:END:
|
||||||
|
|
||||||
Verify a signed file, both detached and not:
|
Essentially there are two principal methods of verification of a
|
||||||
|
signature. The first of these is for use with the normal or
|
||||||
|
default signing method and for clear-signed messages. The second is
|
||||||
|
for use with files and data with detached signatures.
|
||||||
|
|
||||||
|
The following example is intended for use with the default signing
|
||||||
|
method where the file was not ASCII armoured:
|
||||||
|
|
||||||
#+begin_src python
|
#+begin_src python
|
||||||
import gpg
|
import gpg
|
||||||
import sys
|
|
||||||
import time
|
import time
|
||||||
|
|
||||||
|
filename = "statement.txt"
|
||||||
|
gpg_file = "statement.txt.gpg"
|
||||||
|
|
||||||
c = gpg.Context()
|
c = gpg.Context()
|
||||||
|
|
||||||
data, result = c.verify(open(filename),
|
try:
|
||||||
open(detached_sig_filename)
|
verified = c.verify(open(gpg_file))
|
||||||
if detached_sig_filename else None)
|
except gpg.errors.BadSignatures as e:
|
||||||
|
verified = None
|
||||||
|
print(e)
|
||||||
|
|
||||||
for index, sign in enumerate(result.signatures):
|
if verified is not None:
|
||||||
print("signature", index, ":")
|
for i in range(len(verified[1].signatures)):
|
||||||
print(" summary: %#0x" % (sign.summary))
|
sign = verified[1].signatures[i]
|
||||||
print(" status: %#0x" % (sign.status))
|
print("""Good signature from:
|
||||||
print(" timestamp: ", sign.timestamp)
|
{0}
|
||||||
print(" timestamp: ", time.ctime(sign.timestamp))
|
with key {1}
|
||||||
print(" fingerprint:", sign.fpr)
|
made at {2}
|
||||||
print(" uid: ", c.get_key(sign.fpr).uids[0].uid)
|
""".format(c.get_key(sign.fpr).uids[0].uid,
|
||||||
|
sign.fpr, time.ctime(sign.timestamp)))
|
||||||
|
else:
|
||||||
|
pass(e)
|
||||||
|
#+end_src
|
||||||
|
|
||||||
if data:
|
Whereas this next example, which is almost identical would work
|
||||||
sys.stdout.buffer.write(data)
|
with normal ASCII armoured files and with clear-signed files:
|
||||||
|
|
||||||
|
#+begin_src python
|
||||||
|
import gpg
|
||||||
|
import time
|
||||||
|
|
||||||
|
filename = "statement.txt"
|
||||||
|
asc_file = "statement.txt.asc"
|
||||||
|
|
||||||
|
c = gpg.Context()
|
||||||
|
|
||||||
|
try:
|
||||||
|
verified = c.verify(open(asc_file))
|
||||||
|
except gpg.errors.BadSignatures as e:
|
||||||
|
verified = None
|
||||||
|
print(e)
|
||||||
|
|
||||||
|
if verified is not None:
|
||||||
|
for i in range(len(verified[1].signatures)):
|
||||||
|
sign = verified[1].signatures[i]
|
||||||
|
print("""Good signature from:
|
||||||
|
{0}
|
||||||
|
with key {1}
|
||||||
|
made at {2}
|
||||||
|
""".format(c.get_key(sign.fpr).uids[0].uid,
|
||||||
|
sign.fpr, time.ctime(sign.timestamp)))
|
||||||
|
else:
|
||||||
|
pass
|
||||||
|
#+end_src
|
||||||
|
|
||||||
|
#+begin_src python
|
||||||
|
import gpg
|
||||||
|
import time
|
||||||
|
|
||||||
|
filename = "statement.txt"
|
||||||
|
sig_file = "statement.txt.sig"
|
||||||
|
|
||||||
|
c = gpg.Context()
|
||||||
|
|
||||||
|
try:
|
||||||
|
verified = c.verify(open(filename), open(sig_file))
|
||||||
|
except gpg.errors.BadSignatures as e:
|
||||||
|
verified = None
|
||||||
|
print(e)
|
||||||
|
|
||||||
|
if verified is not None:
|
||||||
|
for i in range(len(verified[1].signatures)):
|
||||||
|
sign = verified[1].signatures[i]
|
||||||
|
print("""Good signature from:
|
||||||
|
{0}
|
||||||
|
with key {1}
|
||||||
|
made at {2}
|
||||||
|
""".format(c.get_key(sign.fpr).uids[0].uid,
|
||||||
|
sign.fpr, time.ctime(sign.timestamp)))
|
||||||
|
else:
|
||||||
|
pass
|
||||||
|
#+end_src
|
||||||
|
|
||||||
|
#+begin_src python
|
||||||
|
import gpg
|
||||||
|
import time
|
||||||
|
|
||||||
|
filename = "statement.txt"
|
||||||
|
asc_file = "statement.txt.asc"
|
||||||
|
|
||||||
|
c = gpg.Context()
|
||||||
|
|
||||||
|
try:
|
||||||
|
verified = c.verify(open(filename), open(asc_file))
|
||||||
|
except gpg.errors.BadSignatures as e:
|
||||||
|
verified = None
|
||||||
|
print(e)
|
||||||
|
|
||||||
|
if verified is not None:
|
||||||
|
for i in range(len(verified[1].signatures)):
|
||||||
|
sign = verified[1].signatures[i]
|
||||||
|
print("""Good signature from:
|
||||||
|
{0}
|
||||||
|
with key {1}
|
||||||
|
made at {2}
|
||||||
|
""".format(c.get_key(sign.fpr).uids[0].uid,
|
||||||
|
sign.fpr, time.ctime(sign.timestamp)))
|
||||||
|
else:
|
||||||
|
pass
|
||||||
#+end_src
|
#+end_src
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user