[英]python-gnupg: retrieve public key of a signed message
I would like to know the public key of the user that generates an encrypted/signed PGP message. 我想知道生成加密/签名的PGP消息的用户的公共密钥。
I looked at the python-gnupg API but I just found how to check that the signature is OK 我查看了python-gnupg API,但我刚刚发现如何检查签名是否正常
GPG().verify(data)
If the signature can be verified, it means that the public key is in the keyring. 如果签名可以验证,则表示公钥在密钥环中。 How can I found which one it is?
如何找到它是哪一个?
You want to have a look at the fingerprint
attribute of the gnupg.Verify
object returned by the verify
method. 您想看一下
verify
方法返回的gnupg.Verify
对象的fingerprint
属性。 For example: 例如:
>>> gpg = gnupg.GPG()
>>> v = gpg.verify(data)
>>> v.fingerprint
u'3D2822FCA7D73D07F65B1514C9A99684DEDF97D5'
You can then filter list_keys
to find the key in question: 然后,您可以过滤
list_keys
来查找有问题的密钥:
>>> [k for k in gpg.list_keys(v.fingerprint)
if k['fingerprint'] == v.fingerprint]
PGP doesn't store public keys inside of signed/encrypted messages, it stores key identifier (8-byte part of the hash of the public-key fields). PGP不在签名/加密的消息中存储公共密钥,而是存储密钥标识符(公共密钥字段的哈希值的8字节部分)。 So you should look for something called 'key id' in the documentation.
因此,您应该在文档中查找“密钥ID”。 Here it is:
这里是:
When a signature is verified, signer information is held in attributes of verified: username, key_id, signature_id, fingerprint, trust_level and trust_text. 验证签名后,签名者信息将保存在验证的属性中:用户名,key_id,signature_id,指纹,trust_level和trust_text。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.