From 55fa0d06014986a3e1bc2975e7f96a7e8e11bc8d Mon Sep 17 00:00:00 2001 From: "Piotr F. Mieszkowski" Date: Fri, 6 May 2022 19:14:52 +0200 Subject: [PATCH] [GnuPG.confirm_key] Convert email to bytes() before comparison --- GnuPG/__init__.py | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/GnuPG/__init__.py b/GnuPG/__init__.py index 19adc19..15a47af 100644 --- a/GnuPG/__init__.py +++ b/GnuPG/__init__.py @@ -71,11 +71,19 @@ def public_keys( keyhome ): email = None return keys -# confirms a key has a given email address +def to_bytes(s) -> bytes: + if isinstance(s, str): + return bytes(s, sys.getdefaultencoding()) + else: + return s + +# Confirms a key has a given email address by importing it into a temporary +# keyring. If this operation succeeds and produces a message mentioning the +# expected email, a key is confirmed. def confirm_key( content, email ): tmpkeyhome = '' - if isinstance(content, str): - content = bytes(content, sys.getdefaultencoding()) + content = to_bytes(content) + expected_email = to_bytes(email.lower()) while True: tmpkeyhome = '/tmp/' + ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(12)) @@ -92,7 +100,7 @@ def confirm_key( content, email ): for line in result.split(b"\n"): if b'imported' in line and b'<' in line and b'>' in line: - if line.split(b'<')[1].split(b'>')[0].lower() == email.lower(): + if line.split(b'<')[1].split(b'>')[0].lower() == expected_email: confirmed = True break else: