def update_signed_state(self, save=True): if self.exists(): try: self.signature_state = gpg.verify_file(self.open()).status # TODO: give use choice for auto public key fetch? # OR maybe new config option except GPGVerificationError: self.signature_state = None if save: self.save()
def verify_signature(self, document): document_descriptor = document.open(raw=True) detached_signature = None if self.has_detached_signature(document): logger.debug('has detached signature') detached_signature = self.detached_signature(document) args = (document_descriptor, detached_signature) else: args = (document_descriptor,) try: return gpg.verify_file(*args, fetch_key=True) except GPGVerificationError: return None finally: document_descriptor.close() if detached_signature: detached_signature.close()