Commit 14b148b7d34038fac863ab882de29c6d35d425f1 - gpgme1.0

python: Allow returning signatures made by unknown keys in `decrypt` -- This functionality got dropped somewhere after 1.12, as part of the cleanup of the `Context.decrypt` call signature. Reintroduce it again, now using an explicit keyword argument `filter_signatures` (which defaults to hiding signatures by unknown keys). GnuPG-bug-id: 5292 Jasper Spaans authored 3 years ago Werner Koch committed 2 years ago

2 changed file(s) with 12 addition(s) and 3 deletion(s). Raw diff Collapse all Expand all

-0

NEWS less more

5	5	* cpp, qt: Add support for trust signatures. [#5421]
6	6
7	7	* qt: Add support for flags in LDAP server options. [#5217]
	8
	9	* python: New optional parameter filter_signatures for decrypt.
	10	[#5292]
8	11
9	12	* Interface changes relative to the 1.15.1 release:
10	13	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-3

lang/python/src/core.py less more

341	341
342	342	return self.__read__(sink, ciphertext), result, sig_result
343	343
344		def decrypt(self, ciphertext, sink=None, passphrase=None, verify=True):
	344	def decrypt(self, ciphertext, sink=None, passphrase=None, verify=True, filter_signatures=True):
345	345	"""Decrypt data
346	346
347	347	Decrypt the given ciphertext and verify any signatures. If

353	353	signatures are required and no MissingSignatures error will be
354	354	raised).
355	355
	356	The filter_signatures argument can be used to force this
	357	function to return signatures that are not fully trusted - for
	358	example because they were made by unknown keys.
	359
356	360	If the ciphertext is symmetrically encrypted using a
357	361	passphrase, that passphrase can be given as parameter, using a
358	362	callback registered at the context, or out-of-band via

363	367	passphrase -- for symmetric decryption
364	368	verify -- check signatures (boolean or iterable of keys,
365	369	see above) (default True)
	370	filter_signatures -- if this function should filter out signatures
	371	that are not completely OK (default True)
366	372
367	373	Returns:
368	374	plaintext -- the decrypted data (or None if sink is given)

436	442	results=results)
437	443
438	444	if do_sig_verification:
439		# filter out all invalid signatures
440		verify_result.signatures = list(filter(lambda s: s.status == errors.NO_ERROR, verify_result.signatures))
	445	if filter_signatures:
	446	verify_result.signatures = list(filter(lambda s: s.status == errors.NO_ERROR, verify_result.signatures))
441	447	if required_keys is not None:
442	448	missing = []
443	449	for key in required_keys: