summaryrefslogtreecommitdiff
path: root/src/leap/common/keymanager
diff options
context:
space:
mode:
authordrebs <drebs@leap.se>2013-05-09 15:56:04 -0300
committerdrebs <drebs@leap.se>2013-05-09 15:56:04 -0300
commit8fae83a20504851845eeda5c089f2c53f8678eae (patch)
tree9e833cf8dbfb0c2e2db82a5f1083bd0f2284d1ea /src/leap/common/keymanager
parentc72aa2e8c356d57c272ce91e72417ee231edd57d (diff)
Add sign/verify to keymanager's openpgp.
Diffstat (limited to 'src/leap/common/keymanager')
-rw-r--r--src/leap/common/keymanager/openpgp.py47
1 files changed, 45 insertions, 2 deletions
diff --git a/src/leap/common/keymanager/openpgp.py b/src/leap/common/keymanager/openpgp.py
index e2ffe76..0fd314a 100644
--- a/src/leap/common/keymanager/openpgp.py
+++ b/src/leap/common/keymanager/openpgp.py
@@ -25,7 +25,7 @@ import re
import tempfile
import shutil
-from leap.common.check import leap_assert
+from leap.common.check import leap_assert, leap_assert_type
from leap.common.keymanager.errors import (
KeyNotFound,
KeyAlreadyExists,
@@ -42,7 +42,7 @@ from leap.common.keymanager.gpg import GPGWrapper
#
-# Utility functions
+# API functions
#
def encrypt_sym(data, passphrase):
@@ -175,6 +175,49 @@ def is_encrypted_asym(data):
return _safe_call(_is_encrypted_cb)
+def sign(data, key):
+ """
+ Sign C{data} with C{key}.
+
+ @param data: The data to be signed.
+ @type data: str
+ @param key: The key to be used to sign.
+ @type key: OpenPGPKey
+
+ @return: The ascii-armored signed data.
+ @rtype: str
+ """
+ leap_assert_type(key, OpenPGPKey)
+ leap_assert(key.private == True)
+
+ def _sign_cb(gpg):
+ return gpg.sign(data, keyid=key.key_id).data
+
+ return _safe_call(_sign_cb, key.key_data)
+
+def verify(data, key):
+ """
+ Verify signed C{data} with C{key}.
+
+ @param data: The data to be verified.
+ @type data: str
+ @param key: The key to be used on verification.
+ @type key: OpenPGPKey
+
+ @return: The ascii-armored signed data.
+ @rtype: str
+ """
+ leap_assert_type(key, OpenPGPKey)
+ leap_assert(key.private == False)
+
+ def _verify_cb(gpg):
+ return gpg.verify(data).valid
+
+ return _safe_call(_verify_cb, key.key_data)
+
+#
+# Helper functions
+#
def _build_key_from_gpg(address, key, key_data):
"""