From 16da8026fb3e4a4f3b9054b28016a76b8f964254 Mon Sep 17 00:00:00 2001 From: Andrew Engelbrecht Date: Sun, 27 Jul 2014 01:37:05 -0400 Subject: [PATCH] updated signature verification code edward-bot now prints a helpful note about signature validity. i've also added some caveats in comment form regarding the remaining issues with the verification code i've written so far. there are more important considerations that need to be made when verifying signatures. --- edward-bot | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/edward-bot b/edward-bot index d83f70b..1ca0f9b 100755 --- a/edward-bot +++ b/edward-bot @@ -107,16 +107,17 @@ def print_decrypted (message): def print_sig (sig): - if sig.summary != 0: - print("bad sig: " + str(sig.summary)) - #continue - fprint = sig.fpr timestamp = time.localtime(sig.timestamp) g = gpgme.Context() key = g.get_key(fprint) + # right now i'm just choosing the first user id, even if that id isn't + # signed by the user yet another is. if a user id is printed, it should + # at least be one that is signed, and/or correspond to the From: + # field's email address and full name. + name = key.uids[0].name e_addr = key.uids[0].email comment = key.uids[0].comment @@ -124,8 +125,21 @@ def print_sig (sig): date = time.strftime("%a %d %b %Y %I:%M:%S %p %Z", timestamp) fprint_short = re.search("[0-9A-Fa-f]{32}([0-9A-Fa-f]{8})", fprint).groups()[0] - print("Signature Made " + date + " using key " + fprint_short) - print("From " + name + " (" + comment + ") <" \ + # this section needs some work. signature summary, validity, status, + # and wrong_key_usage all complicate the picture. their enum/#define + # values overlap, which makes things more complicated. + + validity = sig.validity + if validity == gpgme.VALIDITY_ULTIMATE \ + or validity == gpgme.VALIDITY_FULL: + status = "Good Signature " + elif validity == gpgme.VALIDITY_MARGINAL: + status = "Marginal Signature " + else: + status = "BAD Signature " + + print("Signature Made " + date + " using key ID " + fprint_short) + print(status + "from " + name + " (" + comment + ") <" \ + e_addr + ">") -- 2.25.1