Thread: [Pyme-help] Re: PyME: Segmentation Faults
Status: Beta
Brought to you by:
belyi
Menu
▾
▴
pyme-help
|
From: Igor B. <be...@us...> - 2005-04-20 20:16:30
|
Stefan,
I've tried to use your functions and they seem to work perfectly:
signature = sign("fr...@mi...", "Hello")
print verify("Hello", signature)
yields (if "print result.signatures.fpr" is uncommented):
024E0908E5E7CD865B7D87BDCAB3D9DD2A51DAAC
valid, but more Information
There's a chance that Frodo cannot sign - what value is shown for
key.can_sign?
Another problem can be related to how PyMe is compiled - do you use
precompiled package or compiled pyme yourself?
If you compiled it yourself - what version of PyMe, GPGME, and Swing did
you use? Any warning?
If you use precompiled version - what version of PyMe and GnuPG do you use?
Cheers,
Igor
P.S.
I've Cc: this message to the newly created pyme-help mailing list.
You will need to subscribe to it before you can post messages there.
You can subscribe at the following location:
https://lists.sourceforge.net/lists/listinfo/pyme-help
Stefan Neumann wrote:
>Hi Igor.
>So, with some help, I finally finished the signing and verifying. But
>there are still some errors:
>
>First of all, I can't get any information about the summary.
>
> text = c.op_verify(sig,signed_text,None)
> result = c.op_verify_result()
> summary = result.signatures.summary
>
>In the beginning, the value was always 4 (sigsum.RED). Since I fixed the
>bugs, I only get a zero (The same with result.signatures.status)
>
>That is the first thing, the other is the problem of segmentation faults:
>
>I have them with:
>
>result.signatures.next
>result.signatures.exp_timestamp
>result.signatures.validity_reason
>result.signatures.validity
>
>So, I will give you my functions:
>
>=================
>
>def sign(sender,msg,clear=False):
>
> if(clear):
> _mode=mode.CLEAR
> else:
> _mode=mode.DETACH
>
> message = core.Data(msg)
> sig = core.Data()
> ctx = core.Context()
> ctx.set_armor(1)
>
> ctx.op_keylist_start(sender, 0)
> key=ctx.op_keylist_next()
>
> ctx.signers_clear()
> ctx.signers_add(key)
>
> ctx.set_passphrase_cb(getpassphrase,"")
> ctx.op_sign(message,sig,mode.DETACH)
> sig.seek(0,0)
> return sig.read()
>
>=================
>
>def verify(message,sig):
>
> signed_text=core.Data(message)
> sig = core.Data(sig)
> c=core.Context()
>
> text = c.op_verify(sig,signed_text,None)
> result = c.op_verify_result()
># return result
> summary = result.signatures.summary
># print summary
> msg=""
>
> if (summary&sigsum.VALID|summary==0):
> msg="Totally valid"
> else:
> if (summary&sigsum.GREEN):
> msg += "valid, but more Information"
> if (summary&sigsum.RED):
> msg+="not valid"
> if (summary&sigsum.KEY_REVOKED):
> msg+="The key or at least one certificate has been revoked."
> if (summary&sigsum.KEY_EXPIRED):
> msg+="The key or one of the certificates has expired."
> if (summary&sigsum.SIG_EXPIRED):
> msg+="The signature has expired."
> if (summary&sigsum.KEY_MISSING):
> msg+="Can\'t verify due to a missing key or certificate."
> if (summary&sigsum.CRL_MISSING):
> msg+=" The CRL (or an equivalent mechanism) is not available."
> if (summary&sigsum.CRL_TOO_OLD):
> msg+="Available CRL is too old."
> if (summary&sigsum.BAD_POLICY):
> msg+="A policy requirement was not met."
> if (summary&sigsum.SYS_ERROR):
> msg+="A system error occured."
> status = result.signatures.status
># print status
># print result.signatures.fpr
> return msg
>
>=====================
>
>So, if you want to check the result, just uncomment the return result
>line. In my checking of summary, i use summary==0 just in case, that it
>is totally valid, but i am not sure about it.
>
>Best regards,
>Stefan
>
>
>
|
|
From: Igor B. <be...@us...> - 2005-04-21 13:10:12
|
Stefan Neumann wrote: >OK, the fingerprint, i get as well. >Like I wrote you I have Segmentation Faults with: > >result.signatures.next >result.signatures.exp_timestamp >result.signatures.validity_reason >result.signatures.validity > > I've printed these fields as well without any segmentation faults. >Precompiled debian package 0.6.2 >[..] > > >>If you use precompiled version - what version of PyMe and GnuPG do you use? >> >> >Python 2.3 >Pyme 0.6.2 >GnuPG: self build debian Package 1.4.1 with a small patch (doesn't >change the working behaviour, just debug) > > My guess is that you either run into incompatibility between the version of GPGME PyMe was compiled with and the GPGME you are using at run-time or between GPGME and different version of GnuPG. PyMe 0.6.2 was compiled with GPGME 1.0.2 which comes from GnuPG 1.4.0 but is supposed to be compatible upwards. I've run my tests so far only with libgpgme11 and gnupg as come prepackaged in unstable distribution of Debian. >So, thanks for your help, I will test it on a diffrent machine. > > Does this different machine has prepackaged GnuPG 1.4.0? :o) Cheers, Igor |
|
From: Robin B. <Ro...@fr...> - 2005-04-28 12:13:17
|
Hello! On Do, 2005-04-21 at 09:09 -0400, Igor Belyi wrote: > My guess is that you either run into incompatibility between the versio= n=20 > of GPGME PyMe was compiled with and the GPGME you are using at run-time= =20 > or between GPGME and different version of GnuPG. >=20 > PyMe 0.6.2 was compiled with GPGME 1.0.2 which comes from GnuPG 1.4.0=20 > but is supposed to be compatible upwards. I've run my tests so far only= =20 > with libgpgme11 and gnupg as come prepackaged in unstable distribution=20 > of Debian. >=20 We tried several other setups during the last days and got the following results. We used the "signverify.py" example from the pyme-0.6.2-tarball as a reference. We didn't change anything but the "user" variable at the top of the script to an existing user in the keyring. #1: ibook g4, ubuntu 5.04 stable. I tried the prepackaged gpg, libgpgme, swig packages and built a pyme package from the tarball. Everything works as expected. Especially "result.signatures.summary" is !=3D zero for a valid signature. #2: p4 laptop, debian unstable: Everything from the distribution, pyme debian package from the sourceforge-website. "result.signatures.summary" is always 0, even for a valid signature. #3: p3, debian testing: see #2. We tried to rebuild everything from source (gpg 1.4.1, gpgme 1.0.2, pyme 0.6.2 and from cvs) on systems #1 and #2 but it didn't change a thing. System #1 was always giving the right answers, the others didn't. We even tried different swig-version but it still didn't improve the situation. Do you have an idea what to try next? What kind of system do you use? Best regards, Robin --=20 Robin Brandt freiheit.com technologies gmbh Stra=C3=9Fenbahnring 22 / 20251 Hamburg, Germany fon +49 (0)40 / 890584-0 fax +49 (0)40 / 890584-20 7150 C3F9 F126 9BDE 5526 95D2 3C6D 40C9 BE2F 0AF6 B=C3=BCcher kaufen und Freie Software f=C3=B6rdern | http://bookzilla.de/ |
|
From: Igor B. <be...@us...> - 2005-04-29 12:37:54
|
Robin Brandt wrote: > We tried several other setups during the last days and got the following > results. We used the "signverify.py" example from the pyme-0.6.2-tarball > as a reference. We didn"t change anything but the "user" variable at the > top of the script to an existing user in the keyring. You could also temporary create another key with genkey.py to avoid possibility that there's something wrong with the key itself. > #1: ibook g4, ubuntu 5.04 stable. > I tried the prepackaged gpg, libgpgme, swig packages and built a pyme > package from the tarball. Everything works as expected. Especially > "result.signatures.summary" is != zero for a valid signature. > #2: p4 laptop, debian unstable: > Everything from the distribution, pyme debian package from the > sourceforge-website. "result.signatures.summary" is always 0, even for a > valid signature. > #3: p3, debian testing: > see #2. > > We tried to rebuild everything from source (gpg 1.4.1, gpgme 1.0.2, pyme > 0.6.2 and from cvs) on systems #1 and #2 but it didn"t change a thing. > System #1 was always giving the right answers, the others didn"t. We > even tried different swig-version but it still didn"t improve the > situation. Do you have an idea what to try next? What kind of system do > you use? I have XP 1900+, debian unstable: ii libgpgme11 1.0.2-1 GPGME - GnuPG Made Easy ii gnupg 1.4.0-3 GNU privacy guard - a free PGP replacement Do you have the same keyring on all those systems? If they are different and you update 'user' in signverify.py for each of them I would recommend to generate a new temporary key in each of them with genkey.py example. This way you will be sure that key itself which also influences the summary does not cause the difference. BTW, you probably changed something else in signverify.py since in the original form it does not print 'signatures.summary' :o) I've added its printing on my system and it gives me back 3. Next step I would do is to try eliminating pyme out of the picture by either writing signverify in C using libgpgme11-dev directly or using t-verify.c from the tests/gpg directory of the libgpgme11 source. Cheers, Igor |
|
From: Stefan N. <ste...@fr...> - 2005-04-21 07:57:54
|
Igor Belyi schrieb:
> Stefan,
>
> I've tried to use your functions and they seem to work perfectly:
Nice to hear, but why doesn't it work correctly with me?
> signature = sign("fr...@mi...", "Hello")
> print verify("Hello", signature)
Yes, thats, the way I test it as well.
> yields (if "print result.signatures.fpr" is uncommented):
>
> 024E0908E5E7CD865B7D87BDCAB3D9DD2A51DAAC
OK, the fingerprint, i get as well.
Like I wrote you I have Segmentation Faults with:
result.signatures.next
result.signatures.exp_timestamp
result.signatures.validity_reason
result.signatures.validity
> valid, but more Information
This is great. It shows that the Signature bit sigsum.GREEN is set!
> There's a chance that Frodo cannot sign - what value is shown for
> key.can_sign?
It has a 1, so it is possible to sign!
> Another problem can be related to how PyMe is compiled - do you use
> precompiled package or compiled pyme yourself?
Precompiled debian package 0.6.2
[..]
> If you use precompiled version - what version of PyMe and GnuPG do you use?
Python 2.3
Pyme 0.6.2
GnuPG: self build debian Package 1.4.1 with a small patch (doesn't
change the working behaviour, just debug)
> P.S.
> I've Cc: this message to the newly created pyme-help mailing list.
> You will need to subscribe to it before you can post messages there.
> You can subscribe at the following location:
> https://lists.sourceforge.net/lists/listinfo/pyme-help
Great! This is IMHO the best way!
So, thanks for your help, I will test it on a diffrent machine.
Best regards,
Stefan
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X