diff options
author | Dylan Baker <dylan@pnwbakers.com> | 2018-02-22 14:21:38 -0800 |
---|---|---|
committer | Dylan Baker <dylan@pnwbakers.com> | 2018-03-01 10:34:56 -0800 |
commit | 6b1a6be9c2ae10ff0278390e4238b22fb906377c (patch) | |
tree | 5db45b9c63fcb6d23c87990e2d2b123bddcf4ef1 /alot/crypto.py | |
parent | 7805f34f55f7143e1ebfca982b0654a3ef42e1d0 (diff) |
crypto: use bytes instead of str
The crypto code shouldn't use unicode strings, it should use byte
strings. The problem with using unicode strings (and doing the
conversion internally), is that the crypto code doesn't know what the
encoding should be. We can guess but it's better to just do bytes in
bytes out, and let the calling code deal with encoding and decoding.
Diffstat (limited to 'alot/crypto.py')
-rw-r--r-- | alot/crypto.py | 28 |
1 files changed, 13 insertions, 15 deletions
diff --git a/alot/crypto.py b/alot/crypto.py index cfb148ac..9d7d89ec 100644 --- a/alot/crypto.py +++ b/alot/crypto.py @@ -1,6 +1,5 @@ -# encoding=utf-8 # Copyright (C) 2011-2012 Patrick Totzke <patricktotzke@gmail.com> -# Copyright © 2017 Dylan Baker <dylan@pnwbakers.com> +# Copyright © 2017-2018 Dylan Baker <dylan@pnwbakers.com> # This file is released under the GNU GPL, version 3 or a later revision. # For further details see the COPYING file from __future__ import absolute_import @@ -8,7 +7,6 @@ from __future__ import absolute_import import gpg from .errors import GPGProblem, GPGCode -from . import helper def RFC3156_micalg_from_algo(hash_algo): @@ -145,7 +143,7 @@ def detached_signature_for(plaintext_str, keys): A detached signature in GPG speak is a separate blob of data containing a signature for the specified plaintext. - :param str plaintext_str: text to sign + :param bytes plaintext_str: bytestring to sign :param keys: list of one or more key to sign with. :type keys: list[gpg.gpgme._gpgme_key] :returns: A list of signature and the signed blob of data @@ -153,15 +151,15 @@ def detached_signature_for(plaintext_str, keys): """ ctx = gpg.core.Context(armor=True) ctx.signers = keys - (sigblob, sign_result) = ctx.sign(plaintext_str.encode('utf-8'), + (sigblob, sign_result) = ctx.sign(plaintext_str, mode=gpg.constants.SIG_MODE_DETACH) - return sign_result.signatures, sigblob.decode('ascii') + return sign_result.signatures, sigblob def encrypt(plaintext_str, keys): """Encrypt data and return the encrypted form. - :param str plaintext_str: the mail to encrypt + :param bytes plaintext_str: the mail to encrypt :param key: optionally, a list of keys to encrypt with :type key: list[gpg.gpgme.gpgme_key_t] or None :returns: encrypted mail @@ -169,9 +167,9 @@ def encrypt(plaintext_str, keys): """ assert keys, 'Must provide at least one key to encrypt with' ctx = gpg.core.Context(armor=True) - out = ctx.encrypt(plaintext_str.encode('utf-8'), recipients=keys, sign=False, + out = ctx.encrypt(plaintext_str, recipients=keys, sign=False, always_trust=True)[0] - return out.decode('ascii') + return out NO_ERROR = None @@ -193,15 +191,15 @@ def bad_signatures_to_str(error): def verify_detached(message, signature): """Verifies whether the message is authentic by checking the signature. - :param str message: The message to be verified, in canonical form. - :param str signature: the OpenPGP signature to verify + :param bytes message: The message to be verified, in canonical form. + :param bytes signature: the OpenPGP signature to verify :returns: a list of signatures :rtype: list[gpg.results.Signature] :raises: :class:`~alot.errors.GPGProblem` if the verification fails """ ctx = gpg.core.Context() try: - verify_results = ctx.verify(message.encode('utf-8'), signature.encode('ascii'))[1] + verify_results = ctx.verify(message, signature)[1] return verify_results.signatures except gpg.errors.BadSignatures as e: raise GPGProblem(bad_signatures_to_str(e), code=GPGCode.BAD_SIGNATURE) @@ -213,7 +211,7 @@ def decrypt_verify(encrypted): """Decrypts the given ciphertext string and returns both the signatures (if any) and the plaintext. - :param str encrypted: the mail to decrypt + :param bytes encrypted: the mail to decrypt :returns: the signatures and decrypted plaintext data :rtype: tuple[list[gpg.resuit.Signature], str] :raises: :class:`~alot.errors.GPGProblem` if the decryption fails @@ -221,12 +219,12 @@ def decrypt_verify(encrypted): ctx = gpg.core.Context() try: (plaintext, _, verify_result) = ctx.decrypt( - encrypted.encode('utf-8'), verify=True) + encrypted, verify=True) except gpg.errors.GPGMEError as e: raise GPGProblem(str(e), code=e.getcode()) # what if the signature is bad? - return verify_result.signatures, helper.try_decode(plaintext) + return verify_result.signatures, plaintext def validate_key(key, sign=False, encrypt=False): |