Fix #214: handle multiple signatures when one of them is invalid or u…

…nverified.
vsajip · Dec 1, 2022 · ee94a7e · ee94a7e
1 parent adb31f7
commit ee94a7e
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 2 deletions.
diff --git a/README.rst b/README.rst
@@ -84,6 +84,8 @@ Released: Not yet
 * Add ``scan_keys_mem()`` function to scan keys in a string. Thanks to Sky Moore
   for the patch.
 
+* Fix #214: Handle multiple signatures when one of them is invalid or unverified.
+
 
 0.5.0
 -----

diff --git a/gnupg.py b/gnupg.py
@@ -299,11 +299,17 @@ def update_sig_info(**kwargs):
             if sig_id:
                 info = self.sig_info[sig_id]
                 info.update(kwargs)
+            else:
+                logger.debug('Ignored due to missing sig iD: %s', kwargs)
 
         if key in self.TRUST_LEVELS:
             self.trust_text = key
             self.trust_level = self.TRUST_LEVELS[key]
             update_sig_info(trust_level=self.trust_level, trust_text=self.trust_text)
+            # See Issue #214. Once we see this, we're done with the signature just seen.
+            # Zap the signature ID, because we don't see a SIG_ID unless we have a new
+            # good signature.
+            self.signature_id = None
         elif key in ('WARNING', 'ERROR'):  # pragma: no cover
             logger.warning('potential problem: %s: %s', key, value)
         elif key == 'BADSIG':  # pragma: no cover
@@ -404,8 +410,11 @@ def update_sig_info(**kwargs):
             self.status = 'signature expected but not found'
         elif key in ('DECRYPTION_INFO', 'PLAINTEXT', 'PLAINTEXT_LENGTH', 'BEGIN_SIGNING'):
             pass
+        elif key in ('NEWSIG',):
+            # Only sent in gpg2. Clear any signature ID, to be set by a following SIG_ID
+            self.signature_id = None
         else:  # pragma: no cover
-            logger.debug('message ignored: %s, %s', key, value)
+            logger.debug('message ignored: %r, %r', key, value)
 
 
 class ImportResult(StatusHandler):

diff --git a/test_gnupg.py b/test_gnupg.py
@@ -1519,6 +1519,29 @@ def test_multiple_signatures(self):
         finally:
             os.remove(fn)
 
+    def test_multiple_signatures_one_invalid(self):
+        gpg = self.gpg
+        key1 = self.generate_key('Andrew', 'Able', 'alpha.com')
+        key2 = self.generate_key('Barbara', 'Brown', 'beta.com')
+        data = b'signed data'
+        other_data = b'other signed data'
+        sig1 = gpg.sign(data, keyid=key1.fingerprint, passphrase='aable', detach=True)
+        sig2 = gpg.sign(other_data, keyid=key2.fingerprint, passphrase='bbrown', detach=True)
+        # Combine the signatures, then verify
+        fd, fn = tempfile.mkstemp(prefix='pygpg-test-')
+        os.write(fd, sig1.data)
+        os.write(fd, sig2.data)
+        os.close(fd)
+        try:
+            verified = self.gpg.verify_data(fn, data)
+            sig_info = verified.sig_info
+            self.assertEqual(len(sig_info), 1)
+            actual = set(d['fingerprint'] for d in sig_info.values())
+            expected = set([key1.fingerprint])
+            self.assertEqual(actual, expected)
+        finally:
+            os.remove(fn)
+
 
 TEST_GROUPS = {
     'sign':
@@ -1540,7 +1563,7 @@ def test_multiple_signatures(self):
     'basic':
     set(['test_environment', 'test_list_keys_initial', 'test_nogpg', 'test_make_args', 'test_quote_with_shell']),
     'test':
-    set(['test_scan_keys_mem']),
+    set(['test_multiple_signatures_one_invalid']),
 }