python: stop raising BadSignatures from decrypt(verify=True) dkg/fix-T4276
authorDaniel Kahn Gillmor <dkg@fifthhorseman.net>
Fri, 3 May 2019 03:28:11 +0000 (23:28 -0400)
committerDaniel Kahn Gillmor <dkg@fifthhorseman.net>
Fri, 3 May 2019 03:28:11 +0000 (23:28 -0400)
commit4100794e305ba22241ea5a4f7b42bb5189fbd948
treea1b0d92c4cb86b2fa8c24d39e1d339e4185a2236
parentbd2d282e572b5d02669238c9e087259b85638477
python: stop raising BadSignatures from decrypt(verify=True)

* src/core.py (decrypt): filter out signatures with errors from the
returned verify_result, but avoid raising BadSignatures
* tests/t-decrypt-verify.py: ensure that only a single signature is
returned when evaluating cipher-3.asc, since the other signature is
unknown.

--

This change preserves the invariant that decrypt() only ever returns
valid signatures in the verify_result, but it avoids unnecessary
errors in the face of the presence of an additional bad signature.

GnuPG-bug-id: 4276
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
lang/python/src/core.py
lang/python/tests/t-decrypt-verify.py