diff options
Diffstat (limited to 'src/mailman_pgp/pgp/mime_multisig.py')
| -rw-r--r-- | src/mailman_pgp/pgp/mime_multisig.py | 48 |
1 files changed, 29 insertions, 19 deletions
diff --git a/src/mailman_pgp/pgp/mime_multisig.py b/src/mailman_pgp/pgp/mime_multisig.py index c7edf60..1061b64 100644 --- a/src/mailman_pgp/pgp/mime_multisig.py +++ b/src/mailman_pgp/pgp/mime_multisig.py @@ -74,35 +74,39 @@ class MIMEMultiSigWrapper(MIMEWrapper): continue yield sig - def _wrap_signed_multiple(self, msg, payload_msg, signatures, signature): + def _wrap_signed_multiple(self, msg, payload_msg, sig_msgs, signatures, + signature): """ As per draft-ietf-openpgp-multsig-02. :param msg: :param payload_msg: + :param sig_msgs: :param signatures: :param signature: :return: """ micalg = ', '.join(self._micalg(sig.hash_algorithm) - for sig in signature) + for sig in signatures + signature.signatures) out = MultipartDigestMessage('signed', micalg=micalg, protocol='multipart/mixed') out.preamble = MIMEMultiSigWrapper._signature_preamble second_part = MIMEMultipart() - for sig in signatures: - second_part.attach(copy.deepcopy(sig)) + for sig_msg in sig_msgs: + second_part.attach(copy.deepcopy(sig_msg)) + + for sig in signature.signatures: + sig_part = MIMEApplication(_data=str(sig), + _subtype=MIMEWrapper._signature_subtype, + _encoder=encode_7or8bit, + name='signature.asc') + sig_part.add_header('Content-Description', + 'OpenPGP digital signature') + sig_part.add_header('Content-Disposition', 'attachment', + filename='signature.asc') + second_part.attach(sig_part) - sig_part = MIMEApplication(_data=str(signature), - _subtype=MIMEWrapper._signature_subtype, - _encoder=encode_7or8bit, - name='signature.asc') - sig_part.add_header('Content-Description', - 'OpenPGP digital signature') - sig_part.add_header('Content-Disposition', 'attachment', - filename='signature.asc') - second_part.attach(sig_part) out.attach(copy.deepcopy(payload_msg)) out.attach(second_part) copy_headers(msg, out) @@ -122,14 +126,17 @@ class MIMEMultiSigWrapper(MIMEWrapper): if self.is_signed(): payload_msg = self.msg.get_payload(0) - signatures = [part for part in self.msg.get_payload(1)] + sig_msgs = [part for part in self.msg.get_payload(1).get_payload()] else: payload_msg = self.msg - signatures = [] + sig_msgs = [] + # TODO: exception safe this + signatures = [PGPSignature.from_blob(sig_msg.get_payload()) + for sig_msg in sig_msgs] signature = PGPDetachedSignature() signature |= key.sign(payload_msg.as_string(), hash=hash) - return self._wrap_signed_multiple(self.msg, payload_msg, signatures, - signature) + return self._wrap_signed_multiple(self.msg, payload_msg, sig_msgs, + signatures, signature) def verify(self, key): """ @@ -158,6 +165,7 @@ class MIMEMultiSigWrapper(MIMEWrapper): :rtype: mailman.email.message.Message """ pmsg = next(iter(self.get_encrypted())) + # TODO: exception safe this decrypted = key.decrypt(pmsg) dmsg = decrypted.message @@ -166,6 +174,8 @@ class MIMEMultiSigWrapper(MIMEWrapper): out = message_from_string(dmsg, _class=Message) if decrypted.is_signed: - out = self._wrap_signed_multiple(out, decrypted.detached_signature) - copy_headers(self.msg, out) + out = self._wrap_signed_multiple(self.msg, out, [], [], + decrypted.detached_signature) + else: + copy_headers(self.msg, out) return out |