Python gnupg verification with detached signature and whitespace in filename

Issue #18 resolved
Anonymous created an issue

I have trouble with gnupg when verifying files with whitespace in the filename using detached signatures.

Example: I have two identical files "Hello_World.txt" and "Hello World.txt" along with two externally generated signature files "Hello_World.txt.sig" and "Hello World.txt.sig" (see attachments).

When verifying on the command line everything goes well:

mn@Fuddel:~/tmp$ gpg --verify Hello\ World.txt.sig gpg: Signature made Sun 05 Oct 2014 04:57:25 PM CEST using DSA key ID AE2EB31C gpg: Good signature from "xxx" mn@Fuddel:~/tmp$ gpg --verify Hello_World.txt.sig gpg: Signature made Sun 05 Oct 2014 04:57:13 PM CEST using DSA key ID AE2EB31C gpg: Good signature from "xxx"


However, when using Python, the first file fails:

import os, gnupg hp = os.path.expanduser("~")+"/.gnupg" gpg = gnupg.GPG(gnupghome=hp) with open("Hello World.txt.sig", "rb") as sigfile: ... verified = gpg.verify_file(sigfile, "Hello World.txt") ... verified.valid False

with open("Hello_World.txt.sig", "rb") as sigfile: ... verified = gpg.verify_file(sigfile, "Hello_World.txt") ... verified.valid True


Should I use gnupg verification in a different way? Should I file a bug report?

My system: Debian unstable 32 bit Python 2.7.8 gnupg 0.3.6

Comments (4)

  1. Vinay Sajip repo owner

    Can you please attach a short script which has logging enabled and which demonstrates the problem, and also attach the log you get when you run it? Thanks.

  2. Log in to comment