diff options
author | Michał Górny <mgorny@gentoo.org> | 2023-01-22 09:15:40 +0100 |
---|---|---|
committer | Michał Górny <mgorny@gentoo.org> | 2023-01-22 09:15:40 +0100 |
commit | d3c62180624d627dae583efe23fd4f0427eaf055 (patch) | |
tree | 947ffe556f167ee773ff88a07488dc81193a69f1 | |
parent | 11f2afd6c15daaf20571c819482147986bd9c464 (diff) | |
download | gemato-d3c62180624d627dae583efe23fd4f0427eaf055.tar.gz |
openpgp: Stop relying on `gpg --verify` exit status
Signed-off-by: Michał Górny <mgorny@gentoo.org>
-rw-r--r-- | gemato/openpgp.py | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/gemato/openpgp.py b/gemato/openpgp.py index 57e84fa..8a0462f 100644 --- a/gemato/openpgp.py +++ b/gemato/openpgp.py @@ -166,8 +166,7 @@ class SystemGPGEnvironment: exitst, out, err = self._spawn_gpg( [GNUPG, '--batch', '--status-fd', '1', '--verify'], - f.read().encode('utf8'), - raise_on_error=OpenPGPVerificationFailure) + f.read().encode('utf8')) # process the output of gpg to find the exact result print(out.decode("iso-8859-1")) @@ -178,6 +177,18 @@ class SystemGPGEnvironment: elif line.startswith(b'[GNUPG:] GOODSIG'): assert sig_list sig_list[-1].good_sig = True + elif line.startswith(b"[GNUPG:] BADSIG"): + assert sig_list + raise OpenPGPVerificationFailure( + err.decode("utf8", errors="backslashreplace")) + elif line.startswith(b"[GNUPG:] EXPSIG"): + assert sig_list + raise OpenPGPVerificationFailure( + err.decode("utf8", errors="backslashreplace")) + elif line.startswith(b"[GNUPG:] ERRSIG"): + assert sig_list + raise OpenPGPVerificationFailure( + err.decode("utf8", errors="backslashreplace")) elif line.startswith(b'[GNUPG:] EXPKEYSIG'): assert sig_list raise OpenPGPExpiredKeyFailure( |