diff options
| author | Philipp Hörist <forenjunkie@chello.at> | 2017-06-08 20:33:01 +0300 |
|---|---|---|
| committer | Philipp Hörist <forenjunkie@chello.at> | 2017-06-08 20:33:01 +0300 |
| commit | 1bf66b857a27855a241dbb7cd10958018a1959b2 (patch) | |
| tree | a56bfa31427db6004511251c31dacd16565e2439 /src | |
| parent | 2872993b0cd22ae72b2138e3dd2dcc2a0b882888 (diff) | |
Always pass utf8 encoded strings to python-gnupg
self.encoding which we set in the init is only intended
to decode gpg´s stderr which uses a system specific encoding.
if we dont encode the data we pass to python-gnupg ourself, it will fallback and use self.encoding.
This might be of no concern if self.encoding is set to 'utf8' and when we are on Linux
which has a preferred encoding of 'utf8'.
But if we are on Windows the preferred encoding for stderr
is most of the time not 'utf8'. If python-gnupg tries to decode a stderr stream that is for example
encoded with 'cp1252' with our set encoding of 'utf8' this will fail.
The solution is to pre-encode the data before we pass it to python-gnupg, so it does not have to
use self.encoding as a fallback. And set self.encoding='latin1' because latin1 will not yield exceptions
on decoding errors. Also gpg itself will fallback to latin1 as stderr encoding when it cant determine the
preferred encoding of a system.
self.decode_errors is used for something differently, and has no influence on the situation.
Fixes #8644
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/gpg.py | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/common/gpg.py b/src/common/gpg.py index f57b0ba23..dc7f695cb 100644 --- a/src/common/gpg.py +++ b/src/common/gpg.py @@ -59,7 +59,7 @@ if HAVE_GPG: return '', 'NOT_TRUSTED ' + key['keyid'][-8:] else: trust = True - result = super(GnuPG, self).encrypt(str_, recipients, + result = super(GnuPG, self).encrypt(str_.encode('utf8'), recipients, always_trust=trust, passphrase=self.passphrase) if result.ok: @@ -71,13 +71,13 @@ if HAVE_GPG: def decrypt(self, str_, keyID): data = self._addHeaderFooter(str_, 'MESSAGE') - result = super(GnuPG, self).decrypt(data, + result = super(GnuPG, self).decrypt(data.encode('utf8'), passphrase=self.passphrase) return str(result) def sign(self, str_, keyID): - result = super(GnuPG, self).sign(str_, keyid=keyID, detach=True, + result = super(GnuPG, self).sign(str_.encode('utf8'), keyid=keyID, detach=True, passphrase=self.passphrase) if result.fingerprint: @@ -100,7 +100,7 @@ if HAVE_GPG: str_, self._addHeaderFooter(sign, 'SIGNATURE')] ) - result = super(GnuPG, self).verify(data) + result = super(GnuPG, self).verify(data.encode('utf8')) if result.valid: return result.key_id |