From 3a753fd024a78186d1d1464a56151d639549031b Mon Sep 17 00:00:00 2001
From: Andrew Engelbrecht <sudoman@ninthfloor.org>
Date: Thu, 23 Jul 2015 12:47:08 -0400
Subject: [PATCH] check unencrypted message blocks for signatures

some message blocks aren't encrypted.
---
 edward | 35 +++++++++++++++++++++++++++++++++--
 1 file changed, 33 insertions(+), 2 deletions(-)

diff --git a/edward b/edward
index 59d6482..aeead6a 100755
--- a/edward
+++ b/edward
@@ -290,6 +290,17 @@ def gpg_on_payloads (eddymsg_obj, gpgme_ctx, prev_parts=[]):
                 piece.gpg_data.sigs = sigs
                 # recurse!
                 piece.gpg_data.plainobj = parse_pgp_mime(plaintext, gpgme_ctx)
+                continue
+
+            # if not encrypted, check to see if this is an armored signature.
+            (plaintext, sigs) = verify_sig_message(piece.string, gpgme_ctx)
+
+            if plaintext:
+                piece.piece_type = "signature"
+                piece.gpg_data = GPGData()
+                piece.gpg_data.sigs = sigs
+                # recurse!
+                piece.gpg_data.plainobj = parse_pgp_mime(plaintext, gpgme_ctx)
 
         elif piece.piece_type == "pubkey":
             key_fps = add_gpg_key(piece.string, gpgme_ctx)
@@ -339,7 +350,8 @@ def prepare_for_reply_pieces (eddymsg_obj, replyinfo_obj):
             prepare_for_reply_pubkey(piece, replyinfo_obj)
 
         elif (piece.piece_type == "clearsign") \
-            or (piece.piece_type == "detachedsig"):
+            or (piece.piece_type == "detachedsig") \
+            or (piece.piece_type == "signature"):
                     prepare_for_reply_sig(piece, replyinfo_obj)
 
 
@@ -421,7 +433,8 @@ def flatten_decrypted_payloads (eddymsg_obj, get_signed_part):
                         flat_string += flatten_decrypted_payloads(piece.gpg_data.plainobj, get_signed_part)
 
             elif ((piece.piece_type == "clearsign") \
-                    or (piece.piece_type == "detachedsig")) \
+                    or (piece.piece_type == "detachedsig") \
+                    or (piece.piece_type == "signature")) \
                     and (piece.gpg_data != None):
                         # FIXME: the key used to sign this message needs to be the one that is used for the encrypted reply.
                         flat_string += flatten_decrypted_payloads (piece.gpg_data.plainobj, get_signed_part)
@@ -510,6 +523,24 @@ def add_gpg_key (key_block, gpgme_ctx):
     return key_fingerprints
 
 
+def verify_sig_message (msg_block, gpgme_ctx):
+
+    block_b = io.BytesIO(msg_block.encode('ascii'))
+    plain_b = io.BytesIO()
+
+    try:
+        sigs = gpgme_ctx.verify(block_b, None, plain_b)
+    except:
+        return ("",[])
+
+    plaintext = plain_b.getvalue().decode('utf-8')
+
+    fingerprints = []
+    for sig in sigs:
+        fingerprints += [sig.fpr]
+    return (plaintext, fingerprints)
+
+
 def verify_clear_signature (sig_block, gpgme_ctx):
 
     # FIXME: this might require the un-decoded bytes
-- 
2.25.1