summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/leap/bitmask/keymanager/openpgp.py34
-rw-r--r--src/leap/bitmask/keymanager/wrapper.py39
2 files changed, 62 insertions, 11 deletions
diff --git a/src/leap/bitmask/keymanager/openpgp.py b/src/leap/bitmask/keymanager/openpgp.py
index 43c8d93..5c97794 100644
--- a/src/leap/bitmask/keymanager/openpgp.py
+++ b/src/leap/bitmask/keymanager/openpgp.py
@@ -26,7 +26,6 @@ import io
from datetime import datetime
from multiprocessing import cpu_count
-from gnupg.gnupg import GPGUtilities
from twisted.internet import defer
from twisted.internet.threads import deferToThread
from twisted.logger import Logger
@@ -59,6 +58,17 @@ from leap.bitmask.keymanager.documents import (
KEYMANAGER_KEY_TAG,
KEYMANAGER_ACTIVE_TAG,
)
+try:
+ from gnupg.gnupg import GPGUtilities
+ GNUPG_NG = True
+except ImportError:
+ GNUPG_NG = False
+ class GPGUtilities(object):
+ def __init__(self, gpg):
+ self.gpg = gpg
+ def is_encrypted_asym(self, raw_data):
+ result = self._gpg.list_packets(raw_data)
+ return bool(result.key)
logger = Logger()
@@ -571,12 +581,18 @@ class OpenPGPScheme(object):
leap_assert(sign.private is True)
keys.append(sign)
with TempGPGWrapper(keys, self._gpgbinary) as gpg:
- result = yield from_thread(
- gpg.encrypt,
- data, pubkey.fingerprint,
+ kw = dict(
default_key=sign.fingerprint if sign else None,
passphrase=passphrase, symmetric=False,
cipher_algo=cipher_algo)
+ if not GNUPG_NG:
+ kw.pop('cipher_algo')
+ kw.pop('default_key')
+ kw.update(passphrase='')
+ kw.update(always_trust=True)
+ result = yield from_thread(
+ gpg.encrypt,
+ data, pubkey.fingerprint, **kw)
# Here we cannot assert for correctness of sig because the sig is
# in the ciphertext.
# result.ok - (bool) indicates if the operation succeeded
@@ -676,9 +692,13 @@ class OpenPGPScheme(object):
# result.fingerprint - contains the fingerprint of the key used to
# sign.
with TempGPGWrapper(privkey, self._gpgbinary) as gpg:
- result = gpg.sign(data, default_key=privkey.fingerprint,
- digest_algo=digest_algo, clearsign=clearsign,
- detach=detach, binary=binary)
+ kw = dict(default_key=privkey.fingerprint,
+ digest_algo=digest_algo, clearsign=clearsign,
+ detach=detach, binary=binary)
+ if not GNUPG_NG:
+ kw.pop('digest_algo')
+ kw.pop('default_key')
+ result = gpg.sign(data, **kw)
rfprint = privkey.fingerprint
privkey = gpg.list_keys(secret=True).pop()
kfprint = privkey['fingerprint']
diff --git a/src/leap/bitmask/keymanager/wrapper.py b/src/leap/bitmask/keymanager/wrapper.py
index 4f36cec..1fd4429 100644
--- a/src/leap/bitmask/keymanager/wrapper.py
+++ b/src/leap/bitmask/keymanager/wrapper.py
@@ -18,12 +18,25 @@
GPG wrapper for temporary keyrings
"""
import os
+import platform
import shutil
import tempfile
+
from gnupg import GPG
+from twisted.logger import Logger
+
from leap.common.check import leap_assert
+try:
+ from gnupg.gnupg import GPGUtilities
+ GNUPG_NG = True
+except ImportError:
+ GNUPG_NG = False
+
+
+logger = Logger()
+
class TempGPGWrapper(object):
"""
@@ -88,8 +101,16 @@ class TempGPGWrapper(object):
listkeys = lambda: self._gpg.list_keys()
listsecretkeys = lambda: self._gpg.list_keys(secret=True)
- self._gpg = GPG(binary=self._gpgbinary,
- homedir=tempfile.mkdtemp())
+ try:
+ self._gpg = GPG(binary=self._gpgbinary,
+ homedir=tempfile.mkdtemp())
+ except TypeError:
+ # compat-mode with python-gnupg until windows
+ # support is fixed in gnupg-ng
+ self._gpg = GPG(gpgbinary=self._gpgbinary,
+ gnupghome=tempfile.mkdtemp(),
+ options=[])
+
leap_assert(len(listkeys()) is 0, 'Keyring not empty.')
# import keys into the keyring:
@@ -129,6 +150,16 @@ class TempGPGWrapper(object):
raise
finally:
- leap_assert(self._gpg.homedir != os.path.expanduser('~/.gnupg'),
+ try:
+ homedir = self._gpg.homedir
+ except AttributeError:
+ homedir = self._gpg.gnupghome
+ leap_assert(homedir != os.path.expanduser('~/.gnupg'),
"watch out! Tried to remove default gnupg home!")
- shutil.rmtree(self._gpg.homedir)
+ # TODO some windows debug ....
+ homedir = os.path.normpath(homedir).replace("\\", "/")
+ homedir = str(homedir.replace("c:/", "c://"))
+ if platform.system() == "Windows":
+ logger.error("BUG! Not erasing folder in Windows")
+ return
+ shutil.rmtree(homedir)