341 | 341 |
|
342 | 342 |
return self.__read__(sink, ciphertext), result, sig_result
|
343 | 343 |
|
344 | |
def decrypt(self, ciphertext, sink=None, passphrase=None, verify=True):
|
|
344 |
def decrypt(self, ciphertext, sink=None, passphrase=None, verify=True, filter_signatures=True):
|
345 | 345 |
"""Decrypt data
|
346 | 346 |
|
347 | 347 |
Decrypt the given ciphertext and verify any signatures. If
|
|
353 | 353 |
signatures are required and no MissingSignatures error will be
|
354 | 354 |
raised).
|
355 | 355 |
|
|
356 |
The filter_signatures argument can be used to force this
|
|
357 |
function to return signatures that are not fully trusted - for
|
|
358 |
example because they were made by unknown keys.
|
|
359 |
|
356 | 360 |
If the ciphertext is symmetrically encrypted using a
|
357 | 361 |
passphrase, that passphrase can be given as parameter, using a
|
358 | 362 |
callback registered at the context, or out-of-band via
|
|
363 | 367 |
passphrase -- for symmetric decryption
|
364 | 368 |
verify -- check signatures (boolean or iterable of keys,
|
365 | 369 |
see above) (default True)
|
|
370 |
filter_signatures -- if this function should filter out signatures
|
|
371 |
that are not completely OK (default True)
|
366 | 372 |
|
367 | 373 |
Returns:
|
368 | 374 |
plaintext -- the decrypted data (or None if sink is given)
|
|
436 | 442 |
results=results)
|
437 | 443 |
|
438 | 444 |
if do_sig_verification:
|
439 | |
# filter out all invalid signatures
|
440 | |
verify_result.signatures = list(filter(lambda s: s.status == errors.NO_ERROR, verify_result.signatures))
|
|
445 |
if filter_signatures:
|
|
446 |
verify_result.signatures = list(filter(lambda s: s.status == errors.NO_ERROR, verify_result.signatures))
|
441 | 447 |
if required_keys is not None:
|
442 | 448 |
missing = []
|
443 | 449 |
for key in required_keys:
|