From 2a08c2c263dd259f1239e34f71f1df1e14dbef13 Mon Sep 17 00:00:00 2001
From: vladdd <vladimir.v.diaz@gmail.com>
Date: Mon, 30 Sep 2013 11:44:35 -0400
Subject: [PATCH] Add doctests for PyNaCl and fix verify_signature()

If 'use_pynacl=True' is specified and the signature is invalid, verify_signature() raised 'nacl.signing.CryptoError'.  verify_signature() should instead return 'False', to follow the same bahavior of this function when 'use_pynacl=False'.
---
 tuf/ed25519_key.py | 26 +++++++++++++++++++-------
 1 file changed, 19 insertions(+), 7 deletions(-)

diff --git a/tuf/ed25519_key.py b/tuf/ed25519_key.py
index 185f648f..14fe6095 100755
--- a/tuf/ed25519_key.py
+++ b/tuf/ed25519_key.py
@@ -99,6 +99,13 @@ def generate(use_pynacl=False):
     64
     >>> len(ed25519_key['keyval']['private'])
     64
+    >>> ed25519_key_pynacl = generate(use_pynacl=True)
+    >>> tuf.formats.ED25519KEY_SCHEMA.matches(ed25519_key_pynacl)
+    True
+    >>> len(ed25519_key_pynacl['keyval']['public'])
+    64
+    >>> len(ed25519_key_pynacl['keyval']['private'])
+    64
 
   <Arguments>
     None.
@@ -353,6 +360,11 @@ def create_signature(ed25519_key_dict, data, use_pynacl=False):
     True
     >>> len(signature['sig'])
     128
+    >>> signature_pynacl = create_signature(ed25519_key_dict, data, True)
+    >>> tuf.formats.SIGNATURE_SCHEMA.matches(signature_pynacl)
+    True
+    >>> len(signature_pynacl['sig'])
+    128
 
   <Arguments>
     ed25519_key_dict:
@@ -462,9 +474,11 @@ def verify_signature(ed25519_key_dict, signature, data, use_pynacl=False):
     >>> signature = create_signature(ed25519_key_dict, data)
     >>> verify_signature(ed25519_key_dict, signature, data)
     True
+    >>> verify_signature(ed25519_key_dict, signature, data, True)
+    True
     >>> bad_data = 'The sly brown fox jumps over the lazy dog'
     >>> bad_signature = create_signature(ed25519_key_dict, bad_data) 
-    >>> verify_signature(ed25519_key_dict, bad_signature, data)
+    >>> verify_signature(ed25519_key_dict, bad_signature, data, True)
     False
   
   <Arguments>
@@ -532,12 +546,10 @@ def verify_signature(ed25519_key_dict, signature, data, use_pynacl=False):
       try:
         nacl_verify_key = nacl.signing.VerifyKey(public)
         nacl_message = nacl_verify_key.verify(data, signature) 
-      except BadSignatureError:
-        message = 'Could not verify "ed25519-pynacl" signature.'
-        raise tuf.CryptoError(message)
-    
-      if nacl_message == data:
-        valid_signature = True
+        if nacl_message == data:
+          valid_signature = True
+      except nacl.signing.BadSignatureError:
+        pass 
     
     # Verify signature with 'ed25519-python' (i.e., pure python implementation). 
     else: