summaryrefslogtreecommitdiff
path: root/src/leap/common/keymanager
diff options
context:
space:
mode:
authorTomás Touceda <chiiph@leap.se>2013-05-28 17:38:30 -0300
committerTomás Touceda <chiiph@leap.se>2013-05-28 17:38:30 -0300
commit205fcd6c6bb8712a115f3dfe738c490f5427e09b (patch)
tree0d824ab1fc1de09fe2136f1419a0a2966225fac4 /src/leap/common/keymanager
parentb7dc270bce885ce5079d86d8e52fd96b8390fc9d (diff)
parent354467c605f07042568c10c3e931f7fc093c0bf4 (diff)
Merge remote-tracking branch 'kali/bug/allow-absolute-paths2' into develop
Diffstat (limited to 'src/leap/common/keymanager')
-rw-r--r--src/leap/common/keymanager/__init__.py92
-rw-r--r--src/leap/common/keymanager/gpg.py222
-rw-r--r--src/leap/common/keymanager/keys.py72
-rw-r--r--src/leap/common/keymanager/openpgp.py160
4 files changed, 273 insertions, 273 deletions
diff --git a/src/leap/common/keymanager/__init__.py b/src/leap/common/keymanager/__init__.py
index 7aaeddf..f5c5f5e 100644
--- a/src/leap/common/keymanager/__init__.py
+++ b/src/leap/common/keymanager/__init__.py
@@ -73,22 +73,22 @@ class KeyManager(object):
Initialize a Key Manager for user's C{address} with provider's
nickserver reachable in C{url}.
- @param address: The address of the user of this Key Manager.
- @type address: str
- @param url: The URL of the nickserver.
- @type url: str
- @param soledad: A Soledad instance for local storage of keys.
- @type soledad: leap.soledad.Soledad
- @param session_id: The session ID for interacting with the webapp API.
- @type session_id: str
- @param ca_cert_path: The path to the CA certificate.
- @type ca_cert_path: str
- @param api_uri: The URI of the webapp API.
- @type api_uri: str
- @param api_version: The version of the webapp API.
- @type api_version: str
- @param uid: The users' UID.
- @type uid: str
+ :param address: The address of the user of this Key Manager.
+ :type address: str
+ :param url: The URL of the nickserver.
+ :type url: str
+ :param soledad: A Soledad instance for local storage of keys.
+ :type soledad: leap.soledad.Soledad
+ :param session_id: The session ID for interacting with the webapp API.
+ :type session_id: str
+ :param ca_cert_path: The path to the CA certificate.
+ :type ca_cert_path: str
+ :param api_uri: The URI of the webapp API.
+ :type api_uri: str
+ :param api_version: The version of the webapp API.
+ :type api_version: str
+ :param uid: The users' UID.
+ :type uid: str
"""
self._address = address
self._nickserver_uri = nickserver_uri
@@ -145,13 +145,13 @@ class KeyManager(object):
"""
Send a GET request to C{uri} containing C{data}.
- @param uri: The URI of the request.
- @type uri: str
- @param data: The body of the request.
- @type data: dict, str or file
+ :param uri: The URI of the request.
+ :type uri: str
+ :param data: The body of the request.
+ :type data: dict, str or file
- @return: The response to the request.
- @rtype: requests.Response
+ :return: The response to the request.
+ :rtype: requests.Response
"""
leap_assert(
self._ca_cert_path is not None,
@@ -172,13 +172,13 @@ class KeyManager(object):
verify the server certificate and the configured session id for
authentication.
- @param uri: The URI of the request.
- @type uri: str
- @param data: The body of the request.
- @type data: dict, str or file
+ :param uri: The URI of the request.
+ :type uri: str
+ :param data: The body of the request.
+ :type data: dict, str or file
- @return: The response to the request.
- @rtype: requests.Response
+ :return: The response to the request.
+ :rtype: requests.Response
"""
leap_assert(
self._ca_cert_path is not None,
@@ -198,8 +198,8 @@ class KeyManager(object):
Fetch keys bound to C{address} from nickserver and insert them in
local database.
- @param address: The address bound to the keys.
- @type address: str
+ :param address: The address bound to the keys.
+ :type address: str
@raise KeyNotFound: If the key was not found on nickserver.
"""
@@ -228,8 +228,8 @@ class KeyManager(object):
will be saved in the server in a way it is publicly retrievable
through the hash string.
- @param ktype: The type of the key.
- @type ktype: KeyType
+ :param ktype: The type of the key.
+ :type ktype: KeyType
@raise KeyNotFound: If the key was not found in local database.
"""
@@ -255,15 +255,15 @@ class KeyManager(object):
First, search for the key in local storage. If it is not available,
then try to fetch from nickserver.
- @param address: The address bound to the key.
- @type address: str
- @param ktype: The type of the key.
- @type ktype: KeyType
- @param private: Look for a private key instead of a public one?
- @type private: bool
+ :param address: The address bound to the key.
+ :type address: str
+ :param ktype: The type of the key.
+ :type ktype: KeyType
+ :param private: Look for a private key instead of a public one?
+ :type private: bool
- @return: A key of type C{ktype} bound to C{address}.
- @rtype: EncryptionKey
+ :return: A key of type C{ktype} bound to C{address}.
+ :rtype: EncryptionKey
@raise KeyNotFound: If the key was not found both locally and in
keyserver.
"""
@@ -285,8 +285,8 @@ class KeyManager(object):
"""
Return all keys stored in local database.
- @return: A list with all keys in local db.
- @rtype: list
+ :return: A list with all keys in local db.
+ :rtype: list
"""
return map(
lambda doc: build_key_from_dict(
@@ -315,11 +315,11 @@ class KeyManager(object):
"""
Generate a key of type C{ktype} bound to the user's address.
- @param ktype: The type of the key.
- @type ktype: KeyType
+ :param ktype: The type of the key.
+ :type ktype: KeyType
- @return: The generated key.
- @rtype: EncryptionKey
+ :return: The generated key.
+ :rtype: EncryptionKey
"""
return self._wrapper_map[ktype].gen_key(self._address)
diff --git a/src/leap/common/keymanager/gpg.py b/src/leap/common/keymanager/gpg.py
index f3e6453..15c1d9f 100644
--- a/src/leap/common/keymanager/gpg.py
+++ b/src/leap/common/keymanager/gpg.py
@@ -43,8 +43,8 @@ class ListPackets():
"""
Initialize the packet listing handling class.
- @param gpg: GPG object instance.
- @type gpg: gnupg.GPG
+ :param gpg: GPG object instance.
+ :type gpg: gnupg.GPG
"""
self.gpg = gpg
self.nodata = None
@@ -57,10 +57,10 @@ class ListPackets():
"""
Handle one line of the --list-packets status message.
- @param key: The status message key.
- @type key: str
- @param value: The status message value.
- @type value: str
+ :param key: The status message key.
+ :type key: str
+ :param value: The status message value.
+ :type value: str
"""
# TODO: write tests for handle_status
if key == 'NODATA':
@@ -91,21 +91,21 @@ class GPGWrapper(gnupg.GPG):
"""
Initialize a GnuPG process wrapper.
- @param gpgbinary: Name for GnuPG binary executable.
- @type gpgbinary: C{str}
- @param gpghome: Full pathname to directory containing the public and
+ :param gpgbinary: Name for GnuPG binary executable.
+ :type gpgbinary: C{str}
+ :param gpghome: Full pathname to directory containing the public and
private keyrings.
- @type gpghome: C{str}
- @param keyring: Name of alternative keyring file to use. If specified,
+ :type gpghome: C{str}
+ :param keyring: Name of alternative keyring file to use. If specified,
the default keyring is not used.
- @param verbose: Should some verbose info be output?
- @type verbose: bool
- @param use_agent: Should pass `--use-agent` to GPG binary?
- @type use_agent: bool
- @param keyring: Path for the keyring to use.
- @type keyring: str
+ :param verbose: Should some verbose info be output?
+ :type verbose: bool
+ :param use_agent: Should pass `--use-agent` to GPG binary?
+ :type use_agent: bool
+ :param keyring: Path for the keyring to use.
+ :type keyring: str
@options: A list of additional options to pass to the GPG binary.
- @type options: list
+ :type options: list
@raise: RuntimeError with explanation message if there is a problem
invoking gpg.
@@ -119,13 +119,13 @@ class GPGWrapper(gnupg.GPG):
"""
Find user's key based on their email.
- @param email: Email address of key being searched for.
- @type email: str
- @param secret: Should we search for a secret key?
- @type secret: bool
+ :param email: Email address of key being searched for.
+ :type email: str
+ :param secret: Should we search for a secret key?
+ :type secret: bool
- @return: The fingerprint of the found key.
- @rtype: str
+ :return: The fingerprint of the found key.
+ :rtype: str
"""
for key in self.list_keys(secret=secret):
for uid in key['uids']:
@@ -137,13 +137,13 @@ class GPGWrapper(gnupg.GPG):
"""
Find user's key based on a subkey fingerprint.
- @param email: Subkey fingerprint of the key being searched for.
- @type email: str
- @param secret: Should we search for a secret key?
- @type secret: bool
+ :param email: Subkey fingerprint of the key being searched for.
+ :type email: str
+ :param secret: Should we search for a secret key?
+ :type secret: bool
- @return: The fingerprint of the found key.
- @rtype: str
+ :return: The fingerprint of the found key.
+ :rtype: str
"""
for key in self.list_keys(secret=secret):
for sub in key['subkeys']:
@@ -156,13 +156,13 @@ class GPGWrapper(gnupg.GPG):
"""
Find user's key based on the key ID.
- @param email: The key ID of the key being searched for.
- @type email: str
- @param secret: Should we search for a secret key?
- @type secret: bool
+ :param email: The key ID of the key being searched for.
+ :type email: str
+ :param secret: Should we search for a secret key?
+ :type secret: bool
- @return: The fingerprint of the found key.
- @rtype: str
+ :return: The fingerprint of the found key.
+ :rtype: str
"""
for key in self.list_keys(secret=secret):
if keyid == key['keyid']:
@@ -174,13 +174,13 @@ class GPGWrapper(gnupg.GPG):
"""
Find user's key based on the key fingerprint.
- @param email: The fingerprint of the key being searched for.
- @type email: str
- @param secret: Should we search for a secret key?
- @type secret: bool
+ :param email: The fingerprint of the key being searched for.
+ :type email: str
+ :param secret: Should we search for a secret key?
+ :type secret: bool
- @return: The fingerprint of the found key.
- @rtype: str
+ :return: The fingerprint of the found key.
+ :rtype: str
"""
for key in self.list_keys(secret=secret):
if fingerprint == key['fingerprint']:
@@ -193,23 +193,23 @@ class GPGWrapper(gnupg.GPG):
"""
Encrypt data using GPG.
- @param data: The data to be encrypted.
- @type data: str
- @param recipient: The address of the public key to be used.
- @type recipient: str
- @param sign: Should the encrypted content be signed?
- @type sign: bool
- @param always_trust: Skip key validation and assume that used keys
+ :param data: The data to be encrypted.
+ :type data: str
+ :param recipient: The address of the public key to be used.
+ :type recipient: str
+ :param sign: Should the encrypted content be signed?
+ :type sign: bool
+ :param always_trust: Skip key validation and assume that used keys
are always fully trusted?
- @type always_trust: bool
- @param passphrase: The passphrase to be used if symmetric encryption
+ :type always_trust: bool
+ :param passphrase: The passphrase to be used if symmetric encryption
is desired.
- @type passphrase: str
- @param symmetric: Should we encrypt to a password?
- @type symmetric: bool
+ :type passphrase: str
+ :param symmetric: Should we encrypt to a password?
+ :type symmetric: bool
- @return: An object with encrypted result in the `data` field.
- @rtype: gnupg.Crypt
+ :return: An object with encrypted result in the `data` field.
+ :rtype: gnupg.Crypt
"""
# TODO: devise a way so we don't need to "always trust".
return gnupg.GPG.encrypt(self, data, recipient, sign=sign,
@@ -222,17 +222,17 @@ class GPGWrapper(gnupg.GPG):
"""
Decrypt data using GPG.
- @param data: The data to be decrypted.
- @type data: str
- @param always_trust: Skip key validation and assume that used keys
+ :param data: The data to be decrypted.
+ :type data: str
+ :param always_trust: Skip key validation and assume that used keys
are always fully trusted?
- @type always_trust: bool
- @param passphrase: The passphrase to be used if symmetric encryption
+ :type always_trust: bool
+ :param passphrase: The passphrase to be used if symmetric encryption
is desired.
- @type passphrase: str
+ :type passphrase: str
- @return: An object with decrypted result in the `data` field.
- @rtype: gnupg.Crypt
+ :return: An object with decrypted result in the `data` field.
+ :rtype: gnupg.Crypt
"""
# TODO: devise a way so we don't need to "always trust".
return gnupg.GPG.decrypt(self, data, always_trust=always_trust,
@@ -242,13 +242,13 @@ class GPGWrapper(gnupg.GPG):
"""
Send keys to a keyserver
- @param keyserver: The keyserver to send the keys to.
- @type keyserver: str
- @param keyids: The key ids to send.
- @type keyids: list
+ :param keyserver: The keyserver to send the keys to.
+ :type keyserver: str
+ :param keyids: The key ids to send.
+ :type keyids: list
- @return: A list of keys sent to server.
- @rtype: gnupg.ListKeys
+ :return: A list of keys sent to server.
+ :rtype: gnupg.ListKeys
"""
# TODO: write tests for this.
# TODO: write a SendKeys class to handle status for this.
@@ -269,29 +269,29 @@ class GPGWrapper(gnupg.GPG):
"""
Encrypt the message read from the file-like object 'file'.
- @param file: The file to be encrypted.
- @type data: file
- @param recipient: The address of the public key to be used.
- @type recipient: str
- @param sign: Should the encrypted content be signed?
- @type sign: bool
- @param always_trust: Skip key validation and assume that used keys
+ :param file: The file to be encrypted.
+ :type data: file
+ :param recipient: The address of the public key to be used.
+ :type recipient: str
+ :param sign: Should the encrypted content be signed?
+ :type sign: bool
+ :param always_trust: Skip key validation and assume that used keys
are always fully trusted?
- @type always_trust: bool
- @param passphrase: The passphrase to be used if symmetric encryption
+ :type always_trust: bool
+ :param passphrase: The passphrase to be used if symmetric encryption
is desired.
- @type passphrase: str
- @param armor: Create ASCII armored output?
- @type armor: bool
- @param output: Path of file to write results in.
- @type output: str
- @param symmetric: Should we encrypt to a password?
- @type symmetric: bool
- @param cipher_algo: Algorithm to use.
- @type cipher_algo: str
-
- @return: An object with encrypted result in the `data` field.
- @rtype: gnupg.Crypt
+ :type passphrase: str
+ :param armor: Create ASCII armored output?
+ :type armor: bool
+ :param output: Path of file to write results in.
+ :type output: str
+ :param symmetric: Should we encrypt to a password?
+ :type symmetric: bool
+ :param cipher_algo: Algorithm to use.
+ :type cipher_algo: str
+
+ :return: An object with encrypted result in the `data` field.
+ :rtype: gnupg.Crypt
"""
args = ['--encrypt']
if symmetric:
@@ -323,11 +323,11 @@ class GPGWrapper(gnupg.GPG):
"""
List the sequence of packets.
- @param data: The data to extract packets from.
- @type data: str
+ :param data: The data to extract packets from.
+ :type data: str
- @return: An object with packet info.
- @rtype ListPackets
+ :return: An object with packet info.
+ :rtype ListPackets
"""
args = ["--list-packets"]
result = self.result_map['list-packets'](self)
@@ -342,11 +342,11 @@ class GPGWrapper(gnupg.GPG):
"""
Return the key to which data is encrypted to.
- @param data: The data to be examined.
- @type data: str
+ :param data: The data to be examined.
+ :type data: str
- @return: The fingerprint of the key to which data is encrypted to.
- @rtype: str
+ :return: The fingerprint of the key to which data is encrypted to.
+ :rtype: str
"""
# TODO: make this support multiple keys.
result = self.list_packets(data)
@@ -362,11 +362,11 @@ class GPGWrapper(gnupg.GPG):
"""
Say whether some chunk of data is encrypted to a symmetric key.
- @param data: The data to be examined.
- @type data: str
+ :param data: The data to be examined.
+ :type data: str
- @return: Whether data is encrypted to a symmetric key.
- @rtype: bool
+ :return: Whether data is encrypted to a symmetric key.
+ :rtype: bool
"""
result = self.list_packets(data)
return bool(result.need_passphrase_sym)
@@ -375,11 +375,11 @@ class GPGWrapper(gnupg.GPG):
"""
Say whether some chunk of data is encrypted to a private key.
- @param data: The data to be examined.
- @type data: str
+ :param data: The data to be examined.
+ :type data: str
- @return: Whether data is encrypted to a private key.
- @rtype: bool
+ :return: Whether data is encrypted to a private key.
+ :rtype: bool
"""
result = self.list_packets(data)
return bool(result.key)
@@ -388,10 +388,10 @@ class GPGWrapper(gnupg.GPG):
"""
Say whether some chunk of data is encrypted to a key.
- @param data: The data to be examined.
- @type data: str
+ :param data: The data to be examined.
+ :type data: str
- @return: Whether data is encrypted to a key.
- @rtype: bool
+ :return: Whether data is encrypted to a key.
+ :rtype: bool
"""
return self.is_encrypted_asym(data) or self.is_encrypted_sym(data)
diff --git a/src/leap/common/keymanager/keys.py b/src/leap/common/keymanager/keys.py
index 1d87858..f2c1beb 100644
--- a/src/leap/common/keymanager/keys.py
+++ b/src/leap/common/keymanager/keys.py
@@ -65,10 +65,10 @@ def is_address(address):
"""
Return whether the given C{address} is in the form user@provider.
- @param address: The address to be tested.
- @type address: str
- @return: Whether C{address} is in the form user@provider.
- @rtype: bool
+ :param address: The address to be tested.
+ :type address: str
+ :return: Whether C{address} is in the form user@provider.
+ :rtype: bool
"""
return bool(re.match('[\w.-]+@[\w.-]+', address))
@@ -77,12 +77,12 @@ def build_key_from_dict(kClass, address, kdict):
"""
Build an C{kClass} key bound to C{address} based on info in C{kdict}.
- @param address: The address bound to the key.
- @type address: str
- @param kdict: Dictionary with key data.
- @type kdict: dict
- @return: An instance of the key.
- @rtype: C{kClass}
+ :param address: The address bound to the key.
+ :type address: str
+ :param kdict: Dictionary with key data.
+ :type kdict: dict
+ :return: An instance of the key.
+ :rtype: C{kClass}
"""
leap_assert(
address == kdict[KEY_ADDRESS_KEY],
@@ -106,15 +106,15 @@ def keymanager_doc_id(ktype, address, private=False):
Return the document id for the document containing a key for
C{address}.
- @param address: The type of the key.
- @type address: KeyType
- @param address: The address bound to the key.
- @type address: str
- @param private: Whether the key is private or not.
- @type private: bool
- @return: The document id for the document that stores a key bound to
+ :param address: The type of the key.
+ :type address: KeyType
+ :param address: The address bound to the key.
+ :type address: str
+ :param private: Whether the key is private or not.
+ :type private: bool
+ :return: The document id for the document that stores a key bound to
C{address}.
- @rtype: str
+ :rtype: str
"""
leap_assert(is_address(address), "Wrong address format: %s" % address)
ktype = str(ktype)
@@ -163,8 +163,8 @@ class EncryptionKey(object):
"""
Return a JSON string describing this key.
- @return: The JSON string describing this key.
- @rtype: str
+ :return: The JSON string describing this key.
+ :rtype: str
"""
return json.dumps({
KEY_ADDRESS_KEY: self.address,
@@ -211,8 +211,8 @@ class EncryptionScheme(object):
"""
Initialize this Encryption Scheme.
- @param soledad: A Soledad instance for local storage of keys.
- @type soledad: leap.soledad.Soledad
+ :param soledad: A Soledad instance for local storage of keys.
+ :type soledad: leap.soledad.Soledad
"""
self._soledad = soledad
@@ -221,13 +221,13 @@ class EncryptionScheme(object):
"""
Get key from local storage.
- @param address: The address bound to the key.
- @type address: str
- @param private: Look for a private key instead of a public one?
- @type private: bool
+ :param address: The address bound to the key.
+ :type address: str
+ :param private: Look for a private key instead of a public one?
+ :type private: bool
- @return: The key bound to C{address}.
- @rtype: EncryptionKey
+ :return: The key bound to C{address}.
+ :rtype: EncryptionKey
@raise KeyNotFound: If the key was not found on local storage.
"""
pass
@@ -237,8 +237,8 @@ class EncryptionScheme(object):
"""
Put a key in local storage.
- @param key: The key to be stored.
- @type key: EncryptionKey
+ :param key: The key to be stored.
+ :type key: EncryptionKey
"""
pass
@@ -247,11 +247,11 @@ class EncryptionScheme(object):
"""
Generate a new key.
- @param address: The address bound to the key.
- @type address: str
+ :param address: The address bound to the key.
+ :type address: str
- @return: The key bound to C{address}.
- @rtype: EncryptionKey
+ :return: The key bound to C{address}.
+ :rtype: EncryptionKey
"""
pass
@@ -260,7 +260,7 @@ class EncryptionScheme(object):
"""
Remove C{key} from storage.
- @param key: The key to be removed.
- @type key: EncryptionKey
+ :param key: The key to be removed.
+ :type key: EncryptionKey
"""
pass
diff --git a/src/leap/common/keymanager/openpgp.py b/src/leap/common/keymanager/openpgp.py
index d53afd6..b08bff6 100644
--- a/src/leap/common/keymanager/openpgp.py
+++ b/src/leap/common/keymanager/openpgp.py
@@ -48,11 +48,11 @@ def temporary_gpgwrapper(keys=None):
Returns a unitary gpg wrapper that implements context manager
protocol.
- @param key_data: ASCII armored key data.
- @type key_data: str
+ :param key_data: ASCII armored key data.
+ :type key_data: str
- @return: a GPGWrapper instance
- @rtype: GPGWrapper
+ :return: a GPGWrapper instance
+ :rtype: GPGWrapper
"""
# TODO do here checks on key_data
return TempGPGWrapper(keys=keys)
@@ -168,8 +168,8 @@ class TempGPGWrapper(object):
"""
def __init__(self, keys=None):
"""
- @param keys: OpenPGP key, or list of.
- @type keys: OpenPGPKey or list of OpenPGPKeys
+ :param keys: OpenPGP key, or list of.
+ :type keys: OpenPGPKey or list of OpenPGPKeys
"""
self._gpg = None
if not keys:
@@ -184,8 +184,8 @@ class TempGPGWrapper(object):
"""
Calls the unitary gpgwrapper initializer
- @return: A GPG wrapper with a unitary keyring.
- @rtype: gnupg.GPG
+ :return: A GPG wrapper with a unitary keyring.
+ :rtype: gnupg.GPG
"""
self._build_keyring()
return self._gpg
@@ -201,11 +201,11 @@ class TempGPGWrapper(object):
"""
Create an empty GPG keyring and import C{keys} into it.
- @param keys: List of keys to add to the keyring.
- @type keys: list of OpenPGPKey
+ :param keys: List of keys to add to the keyring.
+ :type keys: list of OpenPGPKey
- @return: A GPG wrapper with a unitary keyring.
- @rtype: gnupg.GPG
+ :return: A GPG wrapper with a unitary keyring.
+ :rtype: gnupg.GPG
"""
privkeys = [key for key in self._keys if key and key.private is True]
publkeys = [key for key in self._keys if key and key.private is False]
@@ -275,15 +275,15 @@ def encrypt_asym(data, key, passphrase=None, sign=None):
"""
Encrypt C{data} using public @{key} and sign with C{sign} key.
- @param data: The data to be encrypted.
- @type data: str
- @param pubkey: The key used to encrypt.
- @type pubkey: OpenPGPKey
- @param sign: The key used for signing.
- @type sign: OpenPGPKey
+ :param data: The data to be encrypted.
+ :type data: str
+ :param pubkey: The key used to encrypt.
+ :type pubkey: OpenPGPKey
+ :param sign: The key used for signing.
+ :type sign: OpenPGPKey
- @return: The encrypted data.
- @rtype: str
+ :return: The encrypted data.
+ :rtype: str
"""
leap_assert_type(key, OpenPGPKey)
leap_assert(key.private is False, 'Key is not public.')
@@ -307,15 +307,15 @@ def decrypt_asym(data, key, passphrase=None, verify=None):
"""
Decrypt C{data} using private @{key} and verify with C{verify} key.
- @param data: The data to be decrypted.
- @type data: str
- @param privkey: The key used to decrypt.
- @type privkey: OpenPGPKey
- @param verify: The key used to verify a signature.
- @type verify: OpenPGPKey
+ :param data: The data to be decrypted.
+ :type data: str
+ :param privkey: The key used to decrypt.
+ :type privkey: OpenPGPKey
+ :param verify: The key used to verify a signature.
+ :type verify: OpenPGPKey
- @return: The decrypted data.
- @rtype: str
+ :return: The decrypted data.
+ :rtype: str
@raise InvalidSignature: Raised if unable to verify the signature with
C{verify} key.
@@ -334,11 +334,11 @@ def is_encrypted(data):
"""
Return whether C{data} was encrypted using OpenPGP.
- @param data: The data we want to know about.
- @type data: str
+ :param data: The data we want to know about.
+ :type data: str
- @return: Whether C{data} was encrypted using this wrapper.
- @rtype: bool
+ :return: Whether C{data} was encrypted using this wrapper.
+ :rtype: bool
"""
return lambda gpg: gpg.is_encrypted(data)
@@ -348,11 +348,11 @@ def is_encrypted_asym(data):
"""
Return whether C{data} was asymmetrically encrypted using OpenPGP.
- @param data: The data we want to know about.
- @type data: str
+ :param data: The data we want to know about.
+ :type data: str
- @return: Whether C{data} was encrypted using this wrapper.
- @rtype: bool
+ :return: Whether C{data} was encrypted using this wrapper.
+ :rtype: bool
"""
return lambda gpg: gpg.is_encrypted_asym(data)
@@ -362,14 +362,14 @@ def sign(data, privkey):
"""
Sign C{data} with C{privkey}.
- @param data: The data to be signed.
- @type data: str
+ :param data: The data to be signed.
+ :type data: str
- @param privkey: The private key to be used to sign.
- @type privkey: OpenPGPKey
+ :param privkey: The private key to be used to sign.
+ :type privkey: OpenPGPKey
- @return: The ascii-armored signed data.
- @rtype: str
+ :return: The ascii-armored signed data.
+ :rtype: str
"""
leap_assert_type(privkey, OpenPGPKey)
leap_assert(privkey.private is True)
@@ -384,14 +384,14 @@ def verify(data, key):
"""
Verify signed C{data} with C{pubkey}.
- @param data: The data to be verified.
- @type data: str
+ :param data: The data to be verified.
+ :type data: str
- @param pubkey: The public key to be used on verification.
- @type pubkey: OpenPGPKey
+ :param pubkey: The public key to be used on verification.
+ :type pubkey: OpenPGPKey
- @return: The ascii-armored signed data.
- @rtype: str
+ :return: The ascii-armored signed data.
+ :rtype: str
"""
leap_assert_type(key, OpenPGPKey)
leap_assert(key.private is False)
@@ -412,14 +412,14 @@ def _build_key_from_gpg(address, key, key_data):
ASCII armored GPG key data has to be queried independently in this
wrapper, so we receive it in C{key_data}.
- @param address: The address bound to the key.
- @type address: str
- @param key: Key obtained from GPG storage.
- @type key: dict
- @param key_data: Key data obtained from GPG storage.
- @type key_data: str
- @return: An instance of the key.
- @rtype: OpenPGPKey
+ :param address: The address bound to the key.
+ :type address: str
+ :param key: Key obtained from GPG storage.
+ :type key: dict
+ :param key_data: Key data obtained from GPG storage.
+ :type key_data: str
+ :return: An instance of the key.
+ :rtype: OpenPGPKey
"""
return OpenPGPKey(
address,
@@ -452,8 +452,8 @@ class OpenPGPScheme(EncryptionScheme):
"""
Initialize the OpenPGP wrapper.
- @param soledad: A Soledad instance for key storage.
- @type soledad: leap.soledad.Soledad
+ :param soledad: A Soledad instance for key storage.
+ :type soledad: leap.soledad.Soledad
"""
EncryptionScheme.__init__(self, soledad)
@@ -461,10 +461,10 @@ class OpenPGPScheme(EncryptionScheme):
"""
Generate an OpenPGP keypair bound to C{address}.
- @param address: The address bound to the key.
- @type address: str
- @return: The key bound to C{address}.
- @rtype: OpenPGPKey
+ :param address: The address bound to the key.
+ :type address: str
+ :return: The key bound to C{address}.
+ :rtype: OpenPGPKey
@raise KeyAlreadyExists: If key already exists in local database.
"""
# make sure the key does not already exist
@@ -513,13 +513,13 @@ class OpenPGPScheme(EncryptionScheme):
"""
Get key bound to C{address} from local storage.
- @param address: The address bound to the key.
- @type address: str
- @param private: Look for a private key instead of a public one?
- @type private: bool
+ :param address: The address bound to the key.
+ :type address: str
+ :param private: Look for a private key instead of a public one?
+ :type private: bool
- @return: The key bound to C{address}.
- @rtype: OpenPGPKey
+ :return: The key bound to C{address}.
+ :rtype: OpenPGPKey
@raise KeyNotFound: If the key was not found on local storage.
"""
leap_assert(is_address(address), 'Not an user address: %s' % address)
@@ -532,8 +532,8 @@ class OpenPGPScheme(EncryptionScheme):
"""
Put key contained in ascii-armored C{key_data} in local storage.
- @param key_data: The key data to be stored.
- @type key_data: str
+ :param key_data: The key data to be stored.
+ :type key_data: str
"""
leap_assert_type(key_data, str)
# TODO: add more checks for correct key data.
@@ -583,8 +583,8 @@ class OpenPGPScheme(EncryptionScheme):
"""
Put C{key} in local storage.
- @param key: The key to be stored.
- @type key: OpenPGPKey
+ :param key: The key to be stored.
+ :type key: OpenPGPKey
"""
doc = self._get_key_doc(key.address, private=key.private)
if doc is None:
@@ -602,12 +602,12 @@ class OpenPGPScheme(EncryptionScheme):
If C{private} is True, looks for a private key instead of a public.
- @param address: The address bound to the key.
- @type address: str
- @param private: Whether to look for a private key.
- @type private: bool
- @return: The document with the key or None if it does not exist.
- @rtype: leap.soledad.backends.leap_backend.LeapDocument
+ :param address: The address bound to the key.
+ :type address: str
+ :param private: Whether to look for a private key.
+ :type private: bool
+ :return: The document with the key or None if it does not exist.
+ :rtype: leap.soledad.backends.leap_backend.LeapDocument
"""
return self._soledad.get_doc(
keymanager_doc_id(OpenPGPKey, address, private))
@@ -616,8 +616,8 @@ class OpenPGPScheme(EncryptionScheme):
"""
Remove C{key} from storage.
- @param key: The key to be removed.
- @type key: EncryptionKey
+ :param key: The key to be removed.
+ :type key: EncryptionKey
"""
leap_assert(key.__class__ is OpenPGPKey, 'Wrong key type.')
stored_key = self.get_key(key.address, private=key.private)