[gnome-keysign: 44/75] Merge pgpy

[Gitlab System User <gitlab src gnome org>]

commit 27bbf0300d392ca4bd05d260556a756192e7b7ec
Merge: 0ccd243 f5fb069
Author: Tobias Mueller <muelli cryptobitch de>
Date:   Sun Jul 23 15:03:46 2017 +0200

    Merge pgpy
    
    We changed to use pgpy for testing monkeysign. Let's use that change for
    the python3 branch.

 keysign/gpgmks.py               | 13 +++++++--
 setup.py                        |  4 +++
 tests/fixtures/seckey-colon.asc | 58 +++++++++++++++++++++++++++++++++++++++++
 tests/test_gpgmeh.py            |  4 +++
 tests/test_gpgmks.py            | 50 +++++++++++++++++++----------------
 5 files changed, 104 insertions(+), 25 deletions(-)
---
diff --cc keysign/gpgmks.py
index e0fe0eb,54e87a4..a632b37
--- a/keysign/gpgmks.py
+++ b/keysign/gpgmks.py
@@@ -51,11 -51,10 +51,11 @@@ def UIDExport(uid, keydata)
      # a stray "gpg: checking the trustdb" which confuses the gnupg library
      tmp.context.set_option('always-trust')
      tmp.import_data(keydata)
 -    log.debug("Looking for %r", uid)
 -    for fpr, key in tmp.get_keys(uid).items():
 +    fpr = fingerprint_from_keydata(keydata)
 +    log.debug("Looking for %r", fpr)
 +    for fpr, key in tmp.get_keys(fpr).items():
          for u in key.uidslist:
-             key_uid = u.uid
+             key_uid = decode_gpg_uid(u.uid)
              if key_uid != uid:
                  log.info('Deleting UID %s from key %s', key_uid, fpr)
                  tmp.del_uid(fingerprint=fpr, pattern=key_uid)
@@@ -418,8 -412,14 +418,17 @@@ def sign_keydata_and_encrypt(keydata, e
          error_cb=error_cb, homedir=homedir):
              if not uid.revoked:
                  encrypted_key = tmpkeyring.encrypt_data(data=signed_key,
 -                    recipient=uid.uid)
 +                    # We use the fingerprint rather than the email address,
 +                    # because we cannot get a reliable representation of the
 +                    # UID, i.e. when it contains non-UTF-8 bytes.
 +                    recipient=fingerprint)
                  yield (UID.from_monkeysign(uid), encrypted_key)
+ 
+ 
+ def decode_gpg_uid(uid):
+     """ Unescape the UID.
+     There is a bug in Monkeysign which consists in returning an encoded UID
+     instead of the actual bytes (i.e. for the colon character).
+     The decode is a guess of how gpg encodes data.
+     """
+     return uid.decode('string-escape')
diff --cc tests/test_gpgmks.py
index c63a57d,f129d2c..46c4a98
--- a/tests/test_gpgmks.py
+++ b/tests/test_gpgmks.py
@@@ -269,36 -281,20 +281,24 @@@ class TestSignAndEncrypt
              kr = Keyring(homedir=self.sender_homedir)
              log.info("encrypted UID: %r", enc_uid)
              decrypted = kr.decrypt_data(signed_uid)
 +            log.info("ctx out: %r", kr.context.stdout)
 +            log.info("ctx err: %r", kr.context.stderr)
 +            assert_true (decrypted, "Error decrypting %r" % signed_uid)
 +
 +            # Now we have the signed UID. We want see if it really carries a signature.
-             from tempfile import mkdtemp
-             current_uid = plain_uid.uid
-             # This is a bit dirty. We should probably rather single out the UID.
-             # Right now we're calling list-sigs on the proper keyring.
-             # The output includes all UIDs and their signatures.
-             # We may get a minimized version from the sign_and_encrypt call.
-             # Or only email addresses but not photo UIDs.
-             # Currently this tests simply checks for the number of signature on a key.
-             # And we expect more after the signing process.
-             # But our test is not reliable because the result of sign_and_encrypt
-             # may be smaller due to, e.g. the photo UIDs mentioned above.
-             kr.context.call_command(b'--list-sigs', current_uid)
-             stdout_before = kr.context.stdout
-             log.debug('Sigs before: %s', stdout_before)
-             after_dir = mkdtemp()
-             kr_after = Keyring(after_dir)
-             import_result = kr_after.import_data(decrypted)
-             assert_true (import_result, "Error importing %r" % decrypted)
-             kr_after.context.call_command('--list-sigs')
-             stdout_after = kr_after.context.stdout
-             log.debug('Sigs after: %s', stdout_after)
- 
-             assert_less(len(stdout_before), len(stdout_after))
+             pgpykeys = pgpy.PGPKey.from_blob(decrypted)
+             log.info("Loaded Signed Keys: %r", pgpykeys)
+             k = pgpykeys[0]
+             # assert_equal(uid_from_signing, k.userids[0])
+             assert_equal(len(k.userids), 1)
+             uid = k.userids[0]
+             uidstr = u"{}".format(uid)
+             assert_in(uidstr, signatures_before)
+             # Now we have the signed UID. We want see if it really carries a signature.
+             signatures_after[uidstr] = uid._signatures
+             assert_less(len(signatures_before[uidstr]), len(signatures_after[uidstr]))
  
  
 -
  class TestLatin1(TestSignAndEncrypt):
      SENDER_KEY = "seckey-latin1.asc"
      RECEIVER_KEY = "seckey-2.asc"