trezor-agent/trezor_agent/gpg/decode.py

"""Decoders for GPG v2 data structures."""
import hashlib
import io
import logging
import struct
import subprocess

import ecdsa
import ed25519

from .. import util

log = logging.getLogger(__name__)


def parse_subpackets(s):
    """See https://tools.ietf.org/html/rfc4880#section-5.2.3.1 for details."""
    subpackets = []
    total_size = s.readfmt('>H')
    data = s.read(total_size)
    s = util.Reader(io.BytesIO(data))

    while True:
        try:
            subpacket_len = s.readfmt('B')
        except EOFError:
            break

        subpackets.append(s.read(subpacket_len))

    return subpackets


def parse_mpi(s):
    """See https://tools.ietf.org/html/rfc4880#section-3.2 for details."""
    bits = s.readfmt('>H')
    blob = bytearray(s.read(int((bits + 7) // 8)))
    return sum(v << (8 * i) for i, v in enumerate(reversed(blob)))


def _parse_nist256p1_verifier(mpi):
    prefix, x, y = util.split_bits(mpi, 4, 256, 256)
    assert prefix == 4
    point = ecdsa.ellipticcurve.Point(curve=ecdsa.NIST256p.curve,
                                      x=x, y=y)
    vk = ecdsa.VerifyingKey.from_public_point(
        point=point, curve=ecdsa.curves.NIST256p,
        hashfunc=hashlib.sha256)

    def _nist256p1_verify(signature, digest):
        result = vk.verify_digest(signature=signature,
                                  digest=digest,
                                  sigdecode=lambda rs, order: rs)
        log.debug('nist256p1 ECDSA signature is OK (%s)', result)
    return _nist256p1_verify, vk


def _parse_ed25519_verifier(mpi):
    prefix, value = util.split_bits(mpi, 8, 256)
    assert prefix == 0x40
    vk = ed25519.VerifyingKey(util.num2bytes(value, size=32))

    def _ed25519_verify(signature, digest):
        sig = b''.join(util.num2bytes(val, size=32)
                       for val in signature)
        result = vk.verify(sig, digest)
        log.debug('ed25519 ECDSA signature is OK (%s)', result)
    return _ed25519_verify, vk


SUPPORTED_CURVES = {
    b'\x2A\x86\x48\xCE\x3D\x03\x01\x07': _parse_nist256p1_verifier,
    b'\x2B\x06\x01\x04\x01\xDA\x47\x0F\x01': _parse_ed25519_verifier,
}


def _parse_literal(stream):
    """See https://tools.ietf.org/html/rfc4880#section-5.9 for details."""
    p = {'type': 'literal'}
    p['format'] = stream.readfmt('c')
    filename_len = stream.readfmt('B')
    p['filename'] = stream.read(filename_len)
    p['date'] = stream.readfmt('>L')
    p['content'] = stream.read()
    p['_to_hash'] = p['content']
    return p


def _parse_embedded_signatures(subpackets):
    for packet in subpackets:
        data = bytearray(packet)
        if data[0] == 32:
            # https://tools.ietf.org/html/rfc4880#section-5.2.3.26
            stream = io.BytesIO(data[1:])
            yield _parse_signature(util.Reader(stream))


def _parse_signature(stream):
    """See https://tools.ietf.org/html/rfc4880#section-5.2 for details."""
    p = {'type': 'signature'}

    to_hash = io.BytesIO()
    with stream.capture(to_hash):
        p['version'] = stream.readfmt('B')
        p['sig_type'] = stream.readfmt('B')
        p['pubkey_alg'] = stream.readfmt('B')
        p['hash_alg'] = stream.readfmt('B')
        p['hashed_subpackets'] = parse_subpackets(stream)

    # https://tools.ietf.org/html/rfc4880#section-5.2.4
    tail_to_hash = b'\x04\xff' + struct.pack('>L', to_hash.tell())

    p['_to_hash'] = to_hash.getvalue() + tail_to_hash

    p['unhashed_subpackets'] = parse_subpackets(stream)
    embedded = list(_parse_embedded_signatures(p['unhashed_subpackets']))
    if embedded:
        p['embedded'] = embedded

    p['hash_prefix'] = stream.readfmt('2s')
    p['sig'] = (parse_mpi(stream), parse_mpi(stream))
    assert not stream.read()
    return p


def _parse_pubkey(stream):
    """See https://tools.ietf.org/html/rfc4880#section-5.5 for details."""
    p = {'type': 'pubkey'}
    packet = io.BytesIO()
    with stream.capture(packet):
        p['version'] = stream.readfmt('B')
        p['created'] = stream.readfmt('>L')
        p['algo'] = stream.readfmt('B')

        # https://tools.ietf.org/html/rfc6637#section-11
        oid_size = stream.readfmt('B')
        oid = stream.read(oid_size)
        assert oid in SUPPORTED_CURVES
        parser = SUPPORTED_CURVES[oid]

        mpi = parse_mpi(stream)
        log.debug('mpi: %x (%d bits)', mpi, mpi.bit_length())
        p['verifier'], p['verifying_key'] = parser(mpi)
        assert not stream.read()

    # https://tools.ietf.org/html/rfc4880#section-12.2
    packet_data = packet.getvalue()
    data_to_hash = (b'\x99' + struct.pack('>H', len(packet_data)) +
                    packet_data)
    p['key_id'] = hashlib.sha1(data_to_hash).digest()[-8:]
    p['_to_hash'] = data_to_hash
    log.debug('key ID: %s', util.hexlify(p['key_id']))
    return p


def _parse_subkey(stream):
    """See https://tools.ietf.org/html/rfc4880#section-5.5 for details."""
    p = {'type': 'subkey'}
    packet = io.BytesIO()
    with stream.capture(packet):
        p['version'] = stream.readfmt('B')
        p['created'] = stream.readfmt('>L')
        p['algo'] = stream.readfmt('B')

        # https://tools.ietf.org/html/rfc6637#section-11
        oid_size = stream.readfmt('B')
        oid = stream.read(oid_size)
        assert oid in SUPPORTED_CURVES
        parser = SUPPORTED_CURVES[oid]

        mpi = parse_mpi(stream)
        log.debug('mpi: %x (%d bits)', mpi, mpi.bit_length())
        p['verifier'], p['verifying_key'] = parser(mpi)
        leftover = stream.read()  # TBD: what is this?
        if leftover:
            log.warning('unexpected subkey leftover: %r', leftover)

    # https://tools.ietf.org/html/rfc4880#section-12.2
    packet_data = packet.getvalue()
    data_to_hash = (b'\x99' + struct.pack('>H', len(packet_data)) +
                    packet_data)
    p['key_id'] = hashlib.sha1(data_to_hash).digest()[-8:]
    p['_to_hash'] = data_to_hash
    log.debug('key ID: %s', util.hexlify(p['key_id']))
    return p


def _parse_user_id(stream):
    """See https://tools.ietf.org/html/rfc4880#section-5.11 for details."""
    value = stream.read()
    to_hash = b'\xb4' + util.prefix_len('>L', value)
    return {'type': 'user_id', 'value': value, '_to_hash': to_hash}


PACKET_TYPES = {
    2: _parse_signature,
    6: _parse_pubkey,
    11: _parse_literal,
    13: _parse_user_id,
    14: _parse_subkey,
}


def parse_packets(stream):
    """
    Support iterative parsing of available GPG packets.

    See https://tools.ietf.org/html/rfc4880#section-4.2 for details.
    """
    while True:
        try:
            value = stream.readfmt('B')
        except EOFError:
            return

        log.debug('prefix byte: %s', bin(value))
        assert util.bit(value, 7) == 1
        assert util.bit(value, 6) == 0  # new format not supported yet

        tag = util.low_bits(value, 6)
        length_type = util.low_bits(tag, 2)
        tag = tag >> 2
        fmt = {0: '>B', 1: '>H', 2: '>L'}[length_type]
        packet_size = stream.readfmt(fmt)

        log.debug('packet length: %d', packet_size)
        packet_data = stream.read(packet_size)
        packet_type = PACKET_TYPES.get(tag)

        if packet_type:
            p = packet_type(util.Reader(io.BytesIO(packet_data)))
        else:
            raise ValueError('Unknown packet type: {}'.format(tag))

        p['tag'] = tag
        log.debug('packet "%s": %s', p['type'], p)
        yield p


def digest_packets(packets):
    """Compute digest on specified packets, according to '_to_hash' field."""
    data_to_hash = io.BytesIO()
    for p in packets:
        data_to_hash.write(p['_to_hash'])
    return hashlib.sha256(data_to_hash.getvalue()).digest()


def load_public_key(stream):
    """Parse and validate GPG public key from an input stream."""
    packets = list(parse_packets(util.Reader(stream)))
    pubkey, userid, signature = packets[:3]
    digest = digest_packets([pubkey, userid, signature])
    assert signature['hash_prefix'] == digest[:2]
    log.debug('loaded public key "%s"', userid['value'])
    verify_digest(pubkey=pubkey, digest=digest,
                  signature=signature['sig'], label='GPG public key')
    return pubkey


def load_signature(stream, original_data):
    """Load signature from stream, and compute GPG digest for verification."""
    signature, = list(parse_packets(util.Reader(stream)))
    digest = digest_packets([{'_to_hash': original_data}, signature])
    assert signature['hash_prefix'] == digest[:2]
    return signature, digest


def load_from_gpg(user_id):
    """Load existing GPG public key for `user_id` from local keyring."""
    pubkey_bytes = subprocess.check_output(['gpg2', '--export', user_id])
    if pubkey_bytes:
        return load_public_key(io.BytesIO(pubkey_bytes))
    else:
        log.error('could not find public key %r in local GPG keyring', user_id)
        raise KeyError(user_id)


def verify_digest(pubkey, digest, signature, label):
    """Verify a digest signature from a specified public key."""
    verifier = pubkey['verifier']
    try:
        verifier(signature, digest)
        log.debug('%s is OK', label)
    except ecdsa.keys.BadSignatureError:
        log.error('Bad %s!', label)
        raise
gpg: pydocstyle fixes 2016-04-24 09:22:02 +00:00			`"""Decoders for GPG v2 data structures."""`
split decoding functionality 2016-04-17 19:18:31 +00:00			`import hashlib`
			`import io`
			`import logging`
			`import struct`
gpg: minor renames and code refactoring 2016-04-24 10:04:53 +00:00			`import subprocess`
split decoding functionality 2016-04-17 19:18:31 +00:00
			`import ecdsa`
gpg: support ed25519 decoding 2016-04-22 18:43:54 +00:00			`import ed25519`

gpg: minor renames and code refactoring 2016-04-24 10:04:53 +00:00			`from .. import util`
split decoding functionality 2016-04-17 19:18:31 +00:00
			`log = logging.getLogger(__name__)`


			`def parse_subpackets(s):`
gpg: pydocstyle fixes 2016-04-24 09:22:02 +00:00			`"""See https://tools.ietf.org/html/rfc4880#section-5.2.3.1 for details."""`
split decoding functionality 2016-04-17 19:18:31 +00:00			`subpackets = []`
			`total_size = s.readfmt('>H')`
			`data = s.read(total_size)`
gpg: minor renames and code refactoring 2016-04-24 10:04:53 +00:00			`s = util.Reader(io.BytesIO(data))`
split decoding functionality 2016-04-17 19:18:31 +00:00
			`while True:`
			`try:`
			`subpacket_len = s.readfmt('B')`
			`except EOFError:`
			`break`

			`subpackets.append(s.read(subpacket_len))`

			`return subpackets`


			`def parse_mpi(s):`
gpg: pydocstyle fixes 2016-04-24 09:22:02 +00:00			`"""See https://tools.ietf.org/html/rfc4880#section-3.2 for details."""`
split decoding functionality 2016-04-17 19:18:31 +00:00			`bits = s.readfmt('>H')`
			`blob = bytearray(s.read(int((bits + 7) // 8)))`
			`return sum(v << (8 * i) for i, v in enumerate(reversed(blob)))`


gpg: small fixes before merging to master 2016-04-24 07:33:29 +00:00			`def _parse_nist256p1_verifier(mpi):`
gpg: minor renames and code refactoring 2016-04-24 10:04:53 +00:00			`prefix, x, y = util.split_bits(mpi, 4, 256, 256)`
gpg: small fixes before merging to master 2016-04-24 07:33:29 +00:00			`assert prefix == 4`
			`point = ecdsa.ellipticcurve.Point(curve=ecdsa.NIST256p.curve,`
			`x=x, y=y)`
			`vk = ecdsa.VerifyingKey.from_public_point(`
			`point=point, curve=ecdsa.curves.NIST256p,`
			`hashfunc=hashlib.sha256)`

			`def _nist256p1_verify(signature, digest):`
gpg: debug logging for ECDSA verification 2016-04-26 09:57:27 +00:00			`result = vk.verify_digest(signature=signature,`
			`digest=digest,`
			`sigdecode=lambda rs, order: rs)`
			`log.debug('nist256p1 ECDSA signature is OK (%s)', result)`
gpg: export verifying_key from parsing 2016-04-28 11:44:52 +00:00			`return _nist256p1_verify, vk`
gpg: small fixes before merging to master 2016-04-24 07:33:29 +00:00

			`def _parse_ed25519_verifier(mpi):`
gpg: minor renames and code refactoring 2016-04-24 10:04:53 +00:00			`prefix, value = util.split_bits(mpi, 8, 256)`
gpg: small fixes before merging to master 2016-04-24 07:33:29 +00:00			`assert prefix == 0x40`
gpg: minor renames and code refactoring 2016-04-24 10:04:53 +00:00			`vk = ed25519.VerifyingKey(util.num2bytes(value, size=32))`
gpg: small fixes before merging to master 2016-04-24 07:33:29 +00:00
			`def _ed25519_verify(signature, digest):`
gpg: minor renames and code refactoring 2016-04-24 10:04:53 +00:00			`sig = b''.join(util.num2bytes(val, size=32)`
gpg: small fixes before merging to master 2016-04-24 07:33:29 +00:00			`for val in signature)`
gpg: debug logging for ECDSA verification 2016-04-26 09:57:27 +00:00			`result = vk.verify(sig, digest)`
			`log.debug('ed25519 ECDSA signature is OK (%s)', result)`
gpg: export verifying_key from parsing 2016-04-28 11:44:52 +00:00			`return _ed25519_verify, vk`
gpg: small fixes before merging to master 2016-04-24 07:33:29 +00:00

gpg: support ed25519 decoding 2016-04-22 18:43:54 +00:00			`SUPPORTED_CURVES = {`
gpg: small fixes before merging to master 2016-04-24 07:33:29 +00:00			`b'\x2A\x86\x48\xCE\x3D\x03\x01\x07': _parse_nist256p1_verifier,`
			`b'\x2B\x06\x01\x04\x01\xDA\x47\x0F\x01': _parse_ed25519_verifier,`
gpg: support ed25519 decoding 2016-04-22 18:43:54 +00:00			`}`
split decoding functionality 2016-04-17 19:18:31 +00:00
gpg: support ed25519 public keys and signatures 2016-04-22 20:37:04 +00:00
gpg: refactor decode to functional style 2016-04-26 18:35:05 +00:00			`def _parse_literal(stream):`
			`"""See https://tools.ietf.org/html/rfc4880#section-5.9 for details."""`
			`p = {'type': 'literal'}`
			`p['format'] = stream.readfmt('c')`
			`filename_len = stream.readfmt('B')`
			`p['filename'] = stream.read(filename_len)`
			`p['date'] = stream.readfmt('>L')`
			`p['content'] = stream.read()`
			`p['_to_hash'] = p['content']`
			`return p`


			`def _parse_embedded_signatures(subpackets):`
			`for packet in subpackets:`
			`data = bytearray(packet)`
			`if data[0] == 32:`
			`# https://tools.ietf.org/html/rfc4880#section-5.2.3.26`
			`stream = io.BytesIO(data[1:])`
			`yield _parse_signature(util.Reader(stream))`


			`def _parse_signature(stream):`
			`"""See https://tools.ietf.org/html/rfc4880#section-5.2 for details."""`
			`p = {'type': 'signature'}`

			`to_hash = io.BytesIO()`
			`with stream.capture(to_hash):`
			`p['version'] = stream.readfmt('B')`
			`p['sig_type'] = stream.readfmt('B')`
			`p['pubkey_alg'] = stream.readfmt('B')`
			`p['hash_alg'] = stream.readfmt('B')`
			`p['hashed_subpackets'] = parse_subpackets(stream)`

			`# https://tools.ietf.org/html/rfc4880#section-5.2.4`
			`tail_to_hash = b'\x04\xff' + struct.pack('>L', to_hash.tell())`

			`p['_to_hash'] = to_hash.getvalue() + tail_to_hash`

			`p['unhashed_subpackets'] = parse_subpackets(stream)`
			`embedded = list(_parse_embedded_signatures(p['unhashed_subpackets']))`
			`if embedded:`
			`p['embedded'] = embedded`

			`p['hash_prefix'] = stream.readfmt('2s')`
			`p['sig'] = (parse_mpi(stream), parse_mpi(stream))`
			`assert not stream.read()`
			`return p`


			`def _parse_pubkey(stream):`
			`"""See https://tools.ietf.org/html/rfc4880#section-5.5 for details."""`
			`p = {'type': 'pubkey'}`
			`packet = io.BytesIO()`
			`with stream.capture(packet):`
			`p['version'] = stream.readfmt('B')`
			`p['created'] = stream.readfmt('>L')`
			`p['algo'] = stream.readfmt('B')`

			`# https://tools.ietf.org/html/rfc6637#section-11`
			`oid_size = stream.readfmt('B')`
			`oid = stream.read(oid_size)`
			`assert oid in SUPPORTED_CURVES`
			`parser = SUPPORTED_CURVES[oid]`

			`mpi = parse_mpi(stream)`
			`log.debug('mpi: %x (%d bits)', mpi, mpi.bit_length())`
gpg: export verifying_key from parsing 2016-04-28 11:44:52 +00:00			`p['verifier'], p['verifying_key'] = parser(mpi)`
split decoding functionality 2016-04-17 19:18:31 +00:00			`assert not stream.read()`

gpg: refactor decode to functional style 2016-04-26 18:35:05 +00:00			`# https://tools.ietf.org/html/rfc4880#section-12.2`
			`packet_data = packet.getvalue()`
			`data_to_hash = (b'\x99' + struct.pack('>H', len(packet_data)) +`
			`packet_data)`
			`p['key_id'] = hashlib.sha1(data_to_hash).digest()[-8:]`
			`p['_to_hash'] = data_to_hash`
			`log.debug('key ID: %s', util.hexlify(p['key_id']))`
			`return p`


			`def _parse_subkey(stream):`
			`"""See https://tools.ietf.org/html/rfc4880#section-5.5 for details."""`
			`p = {'type': 'subkey'}`
			`packet = io.BytesIO()`
			`with stream.capture(packet):`
			`p['version'] = stream.readfmt('B')`
			`p['created'] = stream.readfmt('>L')`
			`p['algo'] = stream.readfmt('B')`

			`# https://tools.ietf.org/html/rfc6637#section-11`
			`oid_size = stream.readfmt('B')`
			`oid = stream.read(oid_size)`
			`assert oid in SUPPORTED_CURVES`
			`parser = SUPPORTED_CURVES[oid]`

			`mpi = parse_mpi(stream)`
			`log.debug('mpi: %x (%d bits)', mpi, mpi.bit_length())`
gpg: export verifying_key from parsing 2016-04-28 11:44:52 +00:00			`p['verifier'], p['verifying_key'] = parser(mpi)`
gpg: refactor decode to functional style 2016-04-26 18:35:05 +00:00			`leftover = stream.read() # TBD: what is this?`
			`if leftover:`
			`log.warning('unexpected subkey leftover: %r', leftover)`

			`# https://tools.ietf.org/html/rfc4880#section-12.2`
			`packet_data = packet.getvalue()`
			`data_to_hash = (b'\x99' + struct.pack('>H', len(packet_data)) +`
			`packet_data)`
			`p['key_id'] = hashlib.sha1(data_to_hash).digest()[-8:]`
			`p['_to_hash'] = data_to_hash`
			`log.debug('key ID: %s', util.hexlify(p['key_id']))`
			`return p`


			`def _parse_user_id(stream):`
			`"""See https://tools.ietf.org/html/rfc4880#section-5.11 for details."""`
			`value = stream.read()`
			`to_hash = b'\xb4' + util.prefix_len('>L', value)`
			`return {'type': 'user_id', 'value': value, '_to_hash': to_hash}`


			`PACKET_TYPES = {`
			`2: _parse_signature,`
			`6: _parse_pubkey,`
			`11: _parse_literal,`
			`13: _parse_user_id,`
			`14: _parse_subkey,`
			`}`


			`def parse_packets(stream):`
			`"""`
			`Support iterative parsing of available GPG packets.`

			`See https://tools.ietf.org/html/rfc4880#section-4.2 for details.`
			`"""`
			`while True:`
split decoding functionality 2016-04-17 19:18:31 +00:00			`try:`
gpg: refactor decode to functional style 2016-04-26 18:35:05 +00:00			`value = stream.readfmt('B')`
split decoding functionality 2016-04-17 19:18:31 +00:00			`except EOFError:`
gpg: refactor decode to functional style 2016-04-26 18:35:05 +00:00			`return`
split decoding functionality 2016-04-17 19:18:31 +00:00
gpg: refactor decode to functional style 2016-04-26 18:35:05 +00:00			`log.debug('prefix byte: %s', bin(value))`
gpg: minor renames and code refactoring 2016-04-24 10:04:53 +00:00			`assert util.bit(value, 7) == 1`
			`assert util.bit(value, 6) == 0 # new format not supported yet`
split decoding functionality 2016-04-17 19:18:31 +00:00
gpg: minor renames and code refactoring 2016-04-24 10:04:53 +00:00			`tag = util.low_bits(value, 6)`
			`length_type = util.low_bits(tag, 2)`
split decoding functionality 2016-04-17 19:18:31 +00:00			`tag = tag >> 2`
gpg: minor renames and code refactoring 2016-04-24 10:04:53 +00:00			`fmt = {0: '>B', 1: '>H', 2: '>L'}[length_type]`
gpg: refactor decode to functional style 2016-04-26 18:35:05 +00:00			`packet_size = stream.readfmt(fmt)`

split decoding functionality 2016-04-17 19:18:31 +00:00			`log.debug('packet length: %d', packet_size)`
gpg: refactor decode to functional style 2016-04-26 18:35:05 +00:00			`packet_data = stream.read(packet_size)`
			`packet_type = PACKET_TYPES.get(tag)`

split decoding functionality 2016-04-17 19:18:31 +00:00			`if packet_type:`
gpg: minor renames and code refactoring 2016-04-24 10:04:53 +00:00			`p = packet_type(util.Reader(io.BytesIO(packet_data)))`
split decoding functionality 2016-04-17 19:18:31 +00:00			`else:`
gpg: fixup exception message 2016-04-25 15:19:08 +00:00			`raise ValueError('Unknown packet type: {}'.format(tag))`
gpg: refactor decode to functional style 2016-04-26 18:35:05 +00:00
split decoding functionality 2016-04-17 19:18:31 +00:00			`p['tag'] = tag`
			`log.debug('packet "%s": %s', p['type'], p)`
gpg: refactor decode to functional style 2016-04-26 18:35:05 +00:00			`yield p`
split decoding functionality 2016-04-17 19:18:31 +00:00

decode: refactor digest calculation 2016-04-26 09:34:50 +00:00			`def digest_packets(packets):`
gpg: refactor decode to functional style 2016-04-26 18:35:05 +00:00			`"""Compute digest on specified packets, according to '_to_hash' field."""`
decode: refactor digest calculation 2016-04-26 09:34:50 +00:00			`data_to_hash = io.BytesIO()`
			`for p in packets:`
			`data_to_hash.write(p['_to_hash'])`
			`return hashlib.sha256(data_to_hash.getvalue()).digest()`


signer should export public key or sign a file 2016-04-17 20:03:41 +00:00			`def load_public_key(stream):`
gpg: pydocstyle fixes 2016-04-24 09:22:02 +00:00			`"""Parse and validate GPG public key from an input stream."""`
gpg: refactor decode to functional style 2016-04-26 18:35:05 +00:00			`packets = list(parse_packets(util.Reader(stream)))`
gpg: fix unpacking for subkey-case 2016-04-28 09:55:48 +00:00			`pubkey, userid, signature = packets[:3]`
decode: refactor digest calculation 2016-04-26 09:34:50 +00:00			`digest = digest_packets([pubkey, userid, signature])`
			`assert signature['hash_prefix'] == digest[:2]`
simplify signer usage and make less INFO loggin 2016-04-18 18:55:23 +00:00			`log.debug('loaded public key "%s"', userid['value'])`
decode: refactor digest calculation 2016-04-26 09:34:50 +00:00			`verify_digest(pubkey=pubkey, digest=digest,`
signer should export public key or sign a file 2016-04-17 20:03:41 +00:00			`signature=signature['sig'], label='GPG public key')`
split decoding functionality 2016-04-17 19:18:31 +00:00			`return pubkey`

decode: parse GPG subkeys 2016-04-26 09:53:51 +00:00
decode: refactor digest calculation 2016-04-26 09:34:50 +00:00			`def load_signature(stream, original_data):`
gpg: refactor decode to functional style 2016-04-26 18:35:05 +00:00			`"""Load signature from stream, and compute GPG digest for verification."""`
			`signature, = list(parse_packets(util.Reader(stream)))`
decode: refactor digest calculation 2016-04-26 09:34:50 +00:00			`digest = digest_packets([{'_to_hash': original_data}, signature])`
			`assert signature['hash_prefix'] == digest[:2]`
			`return signature, digest`

split decoding functionality 2016-04-17 19:18:31 +00:00
gpg: minor renames and code refactoring 2016-04-24 10:04:53 +00:00			`def load_from_gpg(user_id):`
			"""Load existing GPG public key for `user_id` from local keyring."""
			`pubkey_bytes = subprocess.check_output(['gpg2', '--export', user_id])`
			`if pubkey_bytes:`
			`return load_public_key(io.BytesIO(pubkey_bytes))`
			`else:`
			`log.error('could not find public key %r in local GPG keyring', user_id)`
			`raise KeyError(user_id)`


split decoding functionality 2016-04-17 19:18:31 +00:00			`def verify_digest(pubkey, digest, signature, label):`
gpg: pydocstyle fixes 2016-04-24 09:22:02 +00:00			`"""Verify a digest signature from a specified public key."""`
gpg: support ed25519 decoding 2016-04-22 18:43:54 +00:00			`verifier = pubkey['verifier']`
split decoding functionality 2016-04-17 19:18:31 +00:00			`try:`
gpg: support ed25519 decoding 2016-04-22 18:43:54 +00:00			`verifier(signature, digest)`
simplify signer usage and make less INFO loggin 2016-04-18 18:55:23 +00:00			`log.debug('%s is OK', label)`
split decoding functionality 2016-04-17 19:18:31 +00:00			`except ecdsa.keys.BadSignatureError:`
signer should export public key or sign a file 2016-04-17 20:03:41 +00:00			`log.error('Bad %s!', label)`
split decoding functionality 2016-04-17 19:18:31 +00:00			`raise`