From bd2d282e572b5d02669238c9e087259b85638477 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 2 May 2019 22:16:51 -0400 Subject: python/tests: try to decrypt and verify new test data * lang/python/tests/t-decrypt.py: test decryption of cipher-3.asc and cipher-no-sig.asc * lang/python/tests/t-decrypt-verify.py: test decryption and verification of cipher-3.asc and cipher-no-sig.asc -- note that this introduces a failed test -- decrypt-verify.py misbehaves on cipher-3.asc by throwing a BadSignature even though GnuPG-bug-id: 4276 Signed-off-by: Daniel Kahn Gillmor --- lang/python/tests/t-decrypt-verify.py | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'lang/python/tests/t-decrypt-verify.py') diff --git a/lang/python/tests/t-decrypt-verify.py b/lang/python/tests/t-decrypt-verify.py index a0049a02..6a4fc554 100755 --- a/lang/python/tests/t-decrypt-verify.py +++ b/lang/python/tests/t-decrypt-verify.py @@ -75,3 +75,14 @@ with gpg.Context() as c: assert e.missing[0] == bob else: assert False, "Expected an error, got none" + + plaintext, _, verify_result = c.decrypt(open(support.make_filename("cipher-no-sig.asc"))) + assert len(plaintext) > 0 + assert len(verify_result.signatures) == 0 + assert plaintext.find(b'Viscosity Dispersal Thimble Saturday Flaxseed Deflected') >= 0, \ + 'unsigned Plaintext was not found' + + plaintext, _, verify_result = c.decrypt(open(support.make_filename("cipher-3.asc"))) + assert len(plaintext) > 0 + assert plaintext.find(b'Reenact Studied Thermos Bonehead Unclasp Opposing') >= 0, \ + 'second Plaintext not found' -- cgit v1.2.3 From 4100794e305ba22241ea5a4f7b42bb5189fbd948 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 2 May 2019 23:28:11 -0400 Subject: python: stop raising BadSignatures from decrypt(verify=True) * src/core.py (decrypt): filter out signatures with errors from the returned verify_result, but avoid raising BadSignatures * tests/t-decrypt-verify.py: ensure that only a single signature is returned when evaluating cipher-3.asc, since the other signature is unknown. -- This change preserves the invariant that decrypt() only ever returns valid signatures in the verify_result, but it avoids unnecessary errors in the face of the presence of an additional bad signature. GnuPG-bug-id: 4276 Signed-off-by: Daniel Kahn Gillmor --- lang/python/tests/t-decrypt-verify.py | 1 + 1 file changed, 1 insertion(+) (limited to 'lang/python/tests/t-decrypt-verify.py') diff --git a/lang/python/tests/t-decrypt-verify.py b/lang/python/tests/t-decrypt-verify.py index 6a4fc554..300fc713 100755 --- a/lang/python/tests/t-decrypt-verify.py +++ b/lang/python/tests/t-decrypt-verify.py @@ -84,5 +84,6 @@ with gpg.Context() as c: plaintext, _, verify_result = c.decrypt(open(support.make_filename("cipher-3.asc"))) assert len(plaintext) > 0 + assert len(verify_result.signatures) == 1 assert plaintext.find(b'Reenact Studied Thermos Bonehead Unclasp Opposing') >= 0, \ 'second Plaintext not found' -- cgit v1.2.3