## src/common/gpg.py ## ## Copyright (C) 2003-2010 Yann Leboulanger ## Copyright (C) 2005 Alex Mauer ## Copyright (C) 2005-2006 Nikos Kouremenos ## Copyright (C) 2007 Stephan Erb ## Copyright (C) 2008 Jean-Marie Traissard ## Jonathan Schleifer ## ## This file is part of Gajim. ## ## Gajim is free software; you can redistribute it and/or modify ## it under the terms of the GNU General Public License as published ## by the Free Software Foundation; version 3 only. ## ## Gajim is distributed in the hope that it will be useful, ## but WITHOUT ANY WARRANTY; without even the implied warranty of ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ## GNU General Public License for more details. ## ## You should have received a copy of the GNU General Public License ## along with Gajim. If not, see . ## from gajim import HAVE_GPG import os if HAVE_GPG: import gnupg class GnuPG(gnupg.GPG): def __init__(self, use_agent=False): gnupg.GPG.__init__(self) self.passphrase = None self.use_agent = use_agent self.always_trust = False def _setup_my_options(self): self.options.armor = 1 self.options.meta_interactive = 0 self.options.extra_args.append('--no-secmem-warning') # disable photo viewer when verifying keys self.options.extra_args.append('--verify-options') self.options.extra_args.append('no-show-photo') if self.use_agent: self.options.extra_args.append('--use-agent') def encrypt(self, str_, recipients, always_trust=False): result = super(GnuPG, self).encrypt(str_, recipients, always_trust=always_trust, passphrase=self.passphrase) if result.status == 'invalid recipient': return '', 'NOT_TRUSTED' if result.ok: error = '' else: error = result.status return self._stripHeaderFooter(str(result)), error def decrypt(self, str_, keyID): data = self._addHeaderFooter(str_, 'MESSAGE') result = super(GnuPG, self).decrypt(data, passphrase=self.passphrase) return str(result) def sign(self, str_, keyID): result = super(GnuPG, self).sign(str_, keyid=keyID, detach=True, passphrase=self.passphrase) if result.fingerprint: return self._stripHeaderFooter(str(result)) # if 'KEYEXPIRED' in resp: # return 'KEYEXPIRED' return 'BAD_PASSPHRASE' def verify(self, str_, sign): if str_ is None: return '' data = '-----BEGIN PGP SIGNED MESSAGE-----' + os.linesep data = data + 'Hash: SHA1' + os.linesep + os.linesep data = data + str_ + os.linesep data = data + self._addHeaderFooter(sign, 'SIGNATURE') result = super(GnuPG, self).verify(data) if result.valid: return result.key_id return '' def get_keys(self, secret=False): keys = {} result = super(GnuPG, self).list_keys(secret=secret) for key in result: # Take first not empty uid keys[key['keyid'][8:]] = [uid for uid in key['uids'] if uid][0] return keys def get_secret_keys(self): return self.get_keys(True) def _stripHeaderFooter(self, data): """ Remove header and footer from data """ if not data: return '' lines = data.splitlines() while lines[0] != '': lines.remove(lines[0]) while lines[0] == '': lines.remove(lines[0]) i = 0 for line in lines: if line: if line[0] == '-': break i = i+1 line = '\n'.join(lines[0:i]) return line def _addHeaderFooter(self, data, type_): """ Add header and footer from data """ out = "-----BEGIN PGP %s-----" % type_ + os.linesep out = out + "Version: PGP" + os.linesep out = out + os.linesep out = out + data + os.linesep out = out + "-----END PGP %s-----" % type_ + os.linesep return out