Rev 514: Make sure signed testament matches repository data. in file:///data/jelmer/bzr-gtk/trunk/

[Jelmer Vernooij]

At file:///data/jelmer/bzr-gtk/trunk/

------------------------------------------------------------
revno: 514
revision-id: jelmer at samba.org-20080629191834-ha2ecpv5szt96nge
parent: jelmer at samba.org-20080629190723-l8mzg9x4oec0lhsl
committer: Jelmer Vernooij <jelmer at samba.org>
branch nick: trunk
timestamp: Sun 2008-06-29 21:18:34 +0200
message:
  Make sure signed testament matches repository data.
modified:
  revisionview.py                logview.py-20051024072750-4d5c28cb73611027
=== modified file 'revisionview.py'
--- a/revisionview.py	2008-06-29 19:07:23 +0000
+++ b/revisionview.py	2008-06-29 19:18:34 +0000
@@ -22,9 +22,11 @@
 import gobject
 import webbrowser
 
-from bzrlib.plugins.gtk import icon_path
 from bzrlib.osutils import format_date
 from bzrlib.util.bencode import bdecode
+from bzrlib.testament import Testament
+
+from bzrlib.plugins.gtk import icon_path
 
 try:
     from bzrlib.plugins.gtk import seahorse
@@ -222,6 +224,16 @@
     def show_signature(self, crypttext):
         (cleartext, key) = seahorse.verify(crypttext)
 
+        assert cleartext is not None
+
+        inv = self.repository.get_inventory(self.revision.revision_id)
+        expected_testament = Testament(self.revision, inv).as_short_text()
+        if expected_testament != cleartext:
+            self.signature_image.set_from_file(icon_path("sign-bad.png"))
+            self.signature_label.set_markup("<b>Signature does not match repository data</b>\n" +
+                        "The signature plaintext is different from the expected testament plaintext.")
+            return
+
         if key and key.is_available():
             if key.is_trusted():
                 if key.get_display_name() == self.revision.committer: