playing with pygpgme
July 3, 2007
After a bit of pain and suffering trying to find some docs/examples for pygpgme I found the unittests which helped me know what it was I should be passing around to the various methods. Here is a simple verification script I put together to check detached and attached signatures:
import gpgme import sys import StringIO sig = open(sys.argv, 'r') if len(sys.argv) > 2: signed_text = open(sys.argv, 'r') plaintext = None else: signed_text = None plaintext = StringIO.StringIO() ctx = gpgme.Context() try: sigs = ctx.verify(sig, signed_text, plaintext) except gpgme.GpgmeError, e: print 'INVALID SIGNATURE - AWOOOOOOOOOGA' else: thissig = sigs if thissig: print thissig.fpr if thissig.validity in (gpgme.VALIDITY_FULL, gpgme.VALIDITY_MARGINAL, gpgme.VALIDITY_ULTIMATE): print 'trusted signature' else: print 'unsigned signature'
not too bad after a bit. Now to sort out imports and maybe even key handling.