Reputation: 34942
python-gnupg: retrieve public key of a signed message
I would like to know the public key of the user that generates an encrypted/signed PGP message.
I looked at the python-gnupg API but I just found how to check that the signature is OK
GPG().verify(data)
If the signature can be verified, it means that the public key is in the keyring. How can I found which one it is?
Upvotes: 1
Views: 1889
Answers (2)
Reputation: 21269
You want to have a look at the fingerprint attribute of the gnupg.Verify object returned by the verify method. For example:
>>> gpg = gnupg.GPG()
>>> v = gpg.verify(data)
>>> v.fingerprint
u'3D2822FCA7D73D07F65B1514C9A99684DEDF97D5'
You can then filter list_keys to find the key in question:
>>> [k for k in gpg.list_keys(v.fingerprint)
if k['fingerprint'] == v.fingerprint]
Upvotes: 3
Reputation: 14160
PGP doesn't store public keys inside of signed/encrypted messages, it stores key identifier (8-byte part of the hash of the public-key fields). So you should look for something called 'key id' in the documentation. Here it is:
When a signature is verified, signer information is held in attributes of verified: username, key_id, signature_id, fingerprint, trust_level and trust_text.
Upvotes: 2
Related Questions
- Is it possible to obtain the PGP message given only the public key and the signature?
- Using python gnupg, my private key is being read in as a public key
- How to extract the original data from a non detached binary gnupg signature with python?
- Python API to fetch PGP public key from key server?
- PGP/GPG Signed Python code
- How to verify gnupg signature with Python gnupg module?
- python gnupg sign, and verify
- Getting the email address of a gnupg public key from an encrypted file
- RSA python publickey using pyCrypto
- PGP signatures from Python?