diff options
author | Dylan Baker <dylan@pnwbakers.com> | 2017-08-17 10:19:23 -0700 |
---|---|---|
committer | Dylan Baker <dylan@pnwbakers.com> | 2017-08-17 10:59:49 -0700 |
commit | 50a9d4e8ac32c8763b78657ccabd56e01a169ea5 (patch) | |
tree | 9ea79f3669ed6610247c1f2583df613d351872f7 /alot/crypto.py | |
parent | 707843b7da81e794d336eb0b9e69d62b3d6a0e02 (diff) |
alot/crypto: make keys required for detached_signature_for
This function is always passed a key to sign with, and not passing one
leads to the first available signing key in the keyring being selected
otherwise, which is problematic if one has two signing keys.
Diffstat (limited to 'alot/crypto.py')
-rw-r--r-- | alot/crypto.py | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/alot/crypto.py b/alot/crypto.py index 3c748162..cd03d9e7 100644 --- a/alot/crypto.py +++ b/alot/crypto.py @@ -146,7 +146,7 @@ def list_keys(hint=None, private=False): return ctx.keylist(hint, private) -def detached_signature_for(plaintext_str, key=None): +def detached_signature_for(plaintext_str, keys): """ Signs the given plaintext string and returns the detached signature. @@ -154,14 +154,13 @@ def detached_signature_for(plaintext_str, key=None): a signature for the specified plaintext. :param str plaintext_str: text to sign - :param key: key to sign with - :type key: gpg.gpgme._gpgme_key + :param keys: list of one or more key to sign with. + :type keys: list[gpg.gpgme._gpgme_key] :returns: A list of signature and the signed blob of data :rtype: tuple[list[gpg.results.NewSignature], str] """ ctx = gpg.core.Context(armor=True) - if key is not None: - ctx.signers = [key] + ctx.signers = keys (sigblob, sign_result) = ctx.sign(plaintext_str, mode=gpg.constants.SIG_MODE_DETACH) return sign_result.signatures, sigblob |