mirror of
https://github.com/RoboSats/robosats.git
synced 2024-12-14 03:16:24 +00:00
9e442c386a
verify_signed_message was not checking for the validity of the signature. The documentation of python-gnupg is not clear about this, it says that the fiels are set just if the signature is valid. In this case tests/robots/1/signed_message was signed with the correct key but with the wrong digest-algo (SHA256 instead of SHA512) as expressed on the signature. Running gpg --verify tests/robots/1/signed_message returned: gpg: WARNING: signature digest conflict in message gpg: Can't check signature: General error and a non zero error code, but verify_signed_message was not catching this because verified.fingerprint was set even though verified.valid was False. Co-authored-by: jerryfletcher21 <jerryfletcher@cock.email> |
||
|---|---|---|
| .. | ||
| lightning | ||
| management/commands | ||
| migrations | ||
| models | ||
| nick_generator | ||
| tests | ||
| __init__.py | ||
| admin.py | ||
| apps.py | ||
| logics.py | ||
| nostr.py | ||
| notifications.py | ||
| oas_schemas.py | ||
| serializers.py | ||
| tasks.py | ||
| urls.py | ||
| utils.py | ||
| views.py | ||