From 5f7ddea599c31ddd74e3c6cfcb453cce09698e0d Mon Sep 17 00:00:00 2001
From: "W. Trevor King" <wking@tremily.us>
Date: Mon, 23 Dec 2013 15:06:08 -0800
Subject: [PATCH] Split signature packet serialization out in PGPPacket

We need the serialized hashed version for both signing and verifying,
so pull it's generation out of _serialize_signature_packet and put it
in _serialize_hashed_signature_packet and
_signature_packet_signed_data.
---
 gpg-migrate.py | 27 +++++++++++++++++----------
 1 file changed, 17 insertions(+), 10 deletions(-)

diff --git a/gpg-migrate.py b/gpg-migrate.py
index e1f44cd..7516db8 100755
--- a/gpg-migrate.py
+++ b/gpg-migrate.py
@@ -1028,13 +1028,12 @@ class PGPPacket (dict):
                 self._serialize_signature_packet_target(target=x)
                 for x in target)
 
-    def _serialize_signature_packet(self):
+    def _serialize_hashed_signature_packet(self):
         if self['signature-version'] != 4:
             raise NotImplementedError(
                 'signature packet version {}'.format(
                     self['signature-version']))
-        signature_version = bytes([self['signature-version']])
-        chunks = [signature_version]
+        chunks = [bytes([self['signature-version']])]
         chunks.append(bytes([self._reverse(
             self._signature_types, self['signature-type'])]))
         chunks.append(bytes([self._reverse(
@@ -1045,19 +1044,27 @@ class PGPPacket (dict):
             self['hashed-subpackets'])
         chunks.append(_struct.pack('>H', len(hashed_subpackets)))
         chunks.append(hashed_subpackets)
-        hashed_signature_data = b''.join(chunks)
-        unhashed_subpackets = self._serialize_signature_subpackets(
-            self['unhashed-subpackets'])
-        chunks.append(_struct.pack('>H', len(unhashed_subpackets)))
-        chunks.append(unhashed_subpackets)
+        return b''.join(chunks)
+
+    def _signature_packet_signed_data(self, hashed_signature_data):
         target = self._serialize_signature_packet_target(target=self['target'])
-        signed_data = b''.join([
+        return b''.join([
             target,
             hashed_signature_data,
-            signature_version,
+            bytes([self['signature-version']]),
             b'\xff',
             _struct.pack('>I', len(hashed_signature_data)),
             ])
+
+    def _serialize_signature_packet(self):
+        hashed_signature_data = self._serialize_hashed_signature_packet()
+        chunks = [hashed_signature_data]
+        unhashed_subpackets = self._serialize_signature_subpackets(
+            self['unhashed-subpackets'])
+        chunks.append(_struct.pack('>H', len(unhashed_subpackets)))
+        chunks.append(unhashed_subpackets)
+        signed_data = self._signature_packet_signed_data(
+            hashed_signature_data=hashed_signature_data)
         digest, signature = self.key.sign(
             data=signed_data, hash_algorithm=self['hash-algorithm'],
             signature_algorithm=self['public-key-algorithm'])
-- 
2.26.2