From 25134df48508444c6a31ca299341bd09dca1ac82 Mon Sep 17 00:00:00 2001
From: J08nY
Date: Thu, 27 Jul 2017 20:52:46 +0200
Subject: Separate multisig handling into MIMEMultiSigWrapper.

---
 src/mailman_pgp/pgp/mime.py                | 60 ++-----------------
 src/mailman_pgp/pgp/mime_multisig.py       | 94 ++++++++++++++++++++++++++++++
 src/mailman_pgp/pgp/tests/mime_multisig.py | 16 -----
 3 files changed, 99 insertions(+), 71 deletions(-)
 create mode 100644 src/mailman_pgp/pgp/mime_multisig.py
 delete mode 100644 src/mailman_pgp/pgp/tests/mime_multisig.py

diff --git a/src/mailman_pgp/pgp/mime.py b/src/mailman_pgp/pgp/mime.py
index a791a1d..3674f85 100644
--- a/src/mailman_pgp/pgp/mime.py
+++ b/src/mailman_pgp/pgp/mime.py
@@ -21,7 +21,6 @@ from email import message_from_string
 from email.encoders import encode_7or8bit
 from email.iterators import walk
 from email.mime.application import MIMEApplication
-from email.mime.multipart import MIMEMultipart
 from email.utils import collapse_rfc2231_value
 
 from mailman.email.message import Message, MultipartDigestMessage
@@ -48,24 +47,15 @@ class MIMEWrapper:
         'This is an OpenPGP/MIME signed message (RFC 4880 and 3156)'
     _encryption_preamble = \
         'This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)'
-    _multiple_signature_preamble = \
-        'This is an OpepPGP/MIME signed message' \
-        '(RFC 4880, 3156 and draft-ietf-openpgp-multsig).\n' \
-        'see https://tools.ietf.org/html/draft-ietf-openpgp-multsig-02' \
-        'for more details.'
 
-    def __init__(self, msg, allow_draft_multisig=True):
+    def __init__(self, msg):
         """
         Wrap the given message.
 
         :param msg: The message to wrap.
         :type msg: mailman.email.message.Message
-        :param allow_draft_multisig: Whether to allow creating multisigs as per
-            https://tools.ietf.org/html/draft-ietf-openpgp-multsig-02.
-        :type allow_draft_multisig: bool
         """
         self.msg = msg
-        self.allow_draft_multisig = allow_draft_multisig
 
     def get_payload(self):
         yield self.msg.as_string()
@@ -266,36 +256,6 @@ class MIMEWrapper:
         copy_headers(msg, out)
         return out
 
-    def _wrap_signed_multiple(self, msg, signature):
-        """
-        As per https://tools.ietf.org/html/draft-ietf-openpgp-multsig-02.
-
-        :param msg:
-        :param signature:
-        :return:
-        """
-        micalg = ', '.join(self._micalg(sig.hash_algorithm)
-                          for sig in signature)
-        out = MultipartDigestMessage('signed', micalg=micalg,
-                                     protocol=MIMEWrapper._signed_type)
-        out.preamble = MIMEWrapper._signature_preambleň
-
-        second_part = MIMEMultipart()
-        for sig in signature:
-            sig_part = MIMEApplication(_data=str(sig),
-                                       _subtype=MIMEWrapper._signature_subtype,
-                                       _encoder=encode_7or8bit,
-                                       name='signature.asc')
-            sig_part.add_header('Content-Description',
-                                'OpenPGP digital signature')
-            sig_part.add_header('Content-Disposition', 'attachment',
-                                filename='signature.asc')
-            second_part.attach(sig_part)
-        out.attach(copy.deepcopy(msg))
-        out.attach(second_part)
-        copy_headers(msg, out)
-        return out
-
     def sign(self, key, hash=None):
         """
         Sign a message with key.
@@ -307,15 +267,9 @@ class MIMEWrapper:
         :return: The signed message.
         :rtype: mailman.email.message.Message
         """
-        if self.is_signed() and self.allow_draft_multisig:
-            payload = next(iter(self.get_signed()))
-            signature = next(iter(self.get_signature()))
-            signature |= key.sign(payload, hash=hash)
-            return self._wrap_signed_multiple(self.msg, signature)
-        else:
-            payload = next(iter(self.get_payload()))
-            signature = key.sign(payload, hash=hash)
-            return self._wrap_signed(self.msg, signature)
+        payload = next(iter(self.get_payload()))
+        signature = key.sign(payload, hash=hash)
+        return self._wrap_signed(self.msg, signature)
 
     def decrypt(self, key):
         """
@@ -335,11 +289,7 @@ class MIMEWrapper:
 
         out = message_from_string(dmsg, _class=Message)
         if decrypted.is_signed:
-            if len(decrypted.signatures) != 1 and self.allow_draft_multisig:
-                out = self._wrap_signed_multiple(out,
-                                                 decrypted.detached_signature)
-            else:
-                out = self._wrap_signed(out, decrypted.signatures.pop())
+            out = self._wrap_signed(out, decrypted.signatures.pop())
         copy_headers(self.msg, out)
         return out
 
diff --git a/src/mailman_pgp/pgp/mime_multisig.py b/src/mailman_pgp/pgp/mime_multisig.py
new file mode 100644
index 0000000..ff9039e
--- /dev/null
+++ b/src/mailman_pgp/pgp/mime_multisig.py
@@ -0,0 +1,94 @@
+# Copyright (C) 2017 Jan Jancar
+#
+# This file is a part of the Mailman PGP plugin.
+#
+# This program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free
+# Software Foundation, either version 3 of the License, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+# more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this program.  If not, see <http://www.gnu.org/licenses/>.
+
+""""""
+import copy
+from email import message_from_string
+from email.encoders import encode_7or8bit
+from email.mime.application import MIMEApplication
+from email.mime.multipart import MIMEMultipart
+
+from mailman.email.message import MultipartDigestMessage, Message
+
+from mailman_pgp.pgp.mime import MIMEWrapper
+from mailman_pgp.utils.email import copy_headers
+
+
+class MIMEMultiSigWrapper(MIMEWrapper):
+    """"""
+    _signature_preamble = \
+        'This is an OpepPGP/MIME signed message' \
+        '(RFC 4880, 3156 and draft-ietf-openpgp-multsig).\n' \
+        'see https://tools.ietf.org/html/draft-ietf-openpgp-multsig-02' \
+        'for more details.'
+
+    def _wrap_signed_multiple(self, msg, signature):
+        """
+        As per https://tools.ietf.org/html/draft-ietf-openpgp-multsig-02.
+
+        :param msg:
+        :param signature:
+        :return:
+        """
+        micalg = ', '.join(self._micalg(sig.hash_algorithm)
+                           for sig in signature)
+        out = MultipartDigestMessage('signed', micalg=micalg,
+                                     protocol=MIMEWrapper._signed_type)
+        out.preamble = MIMEMultiSigWrapper._signature_preamble
+
+        second_part = MIMEMultipart()
+        for sig in signature:
+            sig_part = MIMEApplication(_data=str(sig),
+                                       _subtype=MIMEWrapper._signature_subtype,
+                                       _encoder=encode_7or8bit,
+                                       name='signature.asc')
+            sig_part.add_header('Content-Description',
+                                'OpenPGP digital signature')
+            sig_part.add_header('Content-Disposition', 'attachment',
+                                filename='signature.asc')
+            second_part.attach(sig_part)
+        out.attach(copy.deepcopy(msg))
+        out.attach(second_part)
+        copy_headers(msg, out)
+        return out
+
+    def sign(self, key, hash=None):
+        if self.is_signed():
+            payload = next(iter(self.get_signed()))
+            signature = next(iter(self.get_signature()))
+            signature |= key.sign(payload, hash=hash)
+            return self._wrap_signed_multiple(self.msg, signature)
+        else:
+            super().sign(key, hash)
+
+    def decrypt(self, key):
+        pmsg = next(iter(self.get_encrypted()))
+        decrypted = key.decrypt(pmsg)
+
+        dmsg = decrypted.message
+        if isinstance(dmsg, bytearray):
+            dmsg = dmsg.decode(decrypted.charset or 'utf-8')
+
+        out = message_from_string(dmsg, _class=Message)
+        if decrypted.is_signed:
+            if len(decrypted.signatures) != 1:
+                out = self._wrap_signed_multiple(out,
+                                                 decrypted.detached_signature)
+            else:
+                out = self._wrap_signed(out, decrypted.signatures.pop())
+        copy_headers(self.msg, out)
+        return out
diff --git a/src/mailman_pgp/pgp/tests/mime_multisig.py b/src/mailman_pgp/pgp/tests/mime_multisig.py
deleted file mode 100644
index 56dd01d..0000000
--- a/src/mailman_pgp/pgp/tests/mime_multisig.py
+++ /dev/null
@@ -1,16 +0,0 @@
-# Copyright (C) 2017 Jan Jancar
-#
-# This file is a part of the Mailman PGP plugin.
-#
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free
-# Software Foundation, either version 3 of the License, or (at your option)
-# any later version.
-#
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
-# more details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program.  If not, see <http://www.gnu.org/licenses/>.
\ No newline at end of file
-- 
cgit v1.2.3-70-g09d2