Commit 9b6af475 authored by Yann Leboulanger's avatar Yann Leboulanger

correctly detect that key is not trusted before encrypting. Doc says: "gpg...

correctly detect that key is not trusted before encrypting. Doc says: "gpg just prints a message to the console, but does not provide a specific error indication that the Python wrapper can use." Fixes #8040. See #8041
parent 24d94521
......@@ -1094,7 +1094,7 @@ class GPG(object):
getattr(result, keyword)(L)
return result
def list_keys(self, secret=False):
def list_keys(self, secret=False, keys=None):
""" list the keys currently in the keyring
>>> import shutil
......@@ -1116,6 +1116,9 @@ class GPG(object):
which='secret-keys'
args = ["--list-%s" % which, "--fixed-list-mode", "--fingerprint",
"--with-colons"]
if keys:
for key in keys:
args.append(key)
p = self._open_subprocess(args)
return self._get_list_output(p, 'list')
......
......@@ -54,12 +54,16 @@ if HAVE_GPG:
for key in recipients:
if key not in self.always_trust:
trust = False
if not trust:
# check that we'll be able to encrypt
result = super(GnuPG, self).list_keys(recipients,
keys=recipients)
for key in result:
if key['trust'] not in ('f', 'u'):
return '', 'NOT_TRUSTED'
result = super(GnuPG, self).encrypt(str_, recipients,
always_trust=trust, passphrase=self.passphrase)
if result.status == 'invalid recipient':
return '', 'NOT_TRUSTED'
if result.ok:
error = ''
else:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment