diff options
-rw-r--r-- | src/leap/bitmask/keymanager/openpgp.py | 34 | ||||
-rw-r--r-- | src/leap/bitmask/keymanager/wrapper.py | 39 |
2 files changed, 62 insertions, 11 deletions
diff --git a/src/leap/bitmask/keymanager/openpgp.py b/src/leap/bitmask/keymanager/openpgp.py index 43c8d93..5c97794 100644 --- a/src/leap/bitmask/keymanager/openpgp.py +++ b/src/leap/bitmask/keymanager/openpgp.py @@ -26,7 +26,6 @@ import io from datetime import datetime from multiprocessing import cpu_count -from gnupg.gnupg import GPGUtilities from twisted.internet import defer from twisted.internet.threads import deferToThread from twisted.logger import Logger @@ -59,6 +58,17 @@ from leap.bitmask.keymanager.documents import ( KEYMANAGER_KEY_TAG, KEYMANAGER_ACTIVE_TAG, ) +try: + from gnupg.gnupg import GPGUtilities + GNUPG_NG = True +except ImportError: + GNUPG_NG = False + class GPGUtilities(object): + def __init__(self, gpg): + self.gpg = gpg + def is_encrypted_asym(self, raw_data): + result = self._gpg.list_packets(raw_data) + return bool(result.key) logger = Logger() @@ -571,12 +581,18 @@ class OpenPGPScheme(object): leap_assert(sign.private is True) keys.append(sign) with TempGPGWrapper(keys, self._gpgbinary) as gpg: - result = yield from_thread( - gpg.encrypt, - data, pubkey.fingerprint, + kw = dict( default_key=sign.fingerprint if sign else None, passphrase=passphrase, symmetric=False, cipher_algo=cipher_algo) + if not GNUPG_NG: + kw.pop('cipher_algo') + kw.pop('default_key') + kw.update(passphrase='') + kw.update(always_trust=True) + result = yield from_thread( + gpg.encrypt, + data, pubkey.fingerprint, **kw) # Here we cannot assert for correctness of sig because the sig is # in the ciphertext. # result.ok - (bool) indicates if the operation succeeded @@ -676,9 +692,13 @@ class OpenPGPScheme(object): # result.fingerprint - contains the fingerprint of the key used to # sign. with TempGPGWrapper(privkey, self._gpgbinary) as gpg: - result = gpg.sign(data, default_key=privkey.fingerprint, - digest_algo=digest_algo, clearsign=clearsign, - detach=detach, binary=binary) + kw = dict(default_key=privkey.fingerprint, + digest_algo=digest_algo, clearsign=clearsign, + detach=detach, binary=binary) + if not GNUPG_NG: + kw.pop('digest_algo') + kw.pop('default_key') + result = gpg.sign(data, **kw) rfprint = privkey.fingerprint privkey = gpg.list_keys(secret=True).pop() kfprint = privkey['fingerprint'] diff --git a/src/leap/bitmask/keymanager/wrapper.py b/src/leap/bitmask/keymanager/wrapper.py index 4f36cec..1fd4429 100644 --- a/src/leap/bitmask/keymanager/wrapper.py +++ b/src/leap/bitmask/keymanager/wrapper.py @@ -18,12 +18,25 @@ GPG wrapper for temporary keyrings """ import os +import platform import shutil import tempfile + from gnupg import GPG +from twisted.logger import Logger + from leap.common.check import leap_assert +try: + from gnupg.gnupg import GPGUtilities + GNUPG_NG = True +except ImportError: + GNUPG_NG = False + + +logger = Logger() + class TempGPGWrapper(object): """ @@ -88,8 +101,16 @@ class TempGPGWrapper(object): listkeys = lambda: self._gpg.list_keys() listsecretkeys = lambda: self._gpg.list_keys(secret=True) - self._gpg = GPG(binary=self._gpgbinary, - homedir=tempfile.mkdtemp()) + try: + self._gpg = GPG(binary=self._gpgbinary, + homedir=tempfile.mkdtemp()) + except TypeError: + # compat-mode with python-gnupg until windows + # support is fixed in gnupg-ng + self._gpg = GPG(gpgbinary=self._gpgbinary, + gnupghome=tempfile.mkdtemp(), + options=[]) + leap_assert(len(listkeys()) is 0, 'Keyring not empty.') # import keys into the keyring: @@ -129,6 +150,16 @@ class TempGPGWrapper(object): raise finally: - leap_assert(self._gpg.homedir != os.path.expanduser('~/.gnupg'), + try: + homedir = self._gpg.homedir + except AttributeError: + homedir = self._gpg.gnupghome + leap_assert(homedir != os.path.expanduser('~/.gnupg'), "watch out! Tried to remove default gnupg home!") - shutil.rmtree(self._gpg.homedir) + # TODO some windows debug .... + homedir = os.path.normpath(homedir).replace("\\", "/") + homedir = str(homedir.replace("c:/", "c://")) + if platform.system() == "Windows": + logger.error("BUG! Not erasing folder in Windows") + return + shutil.rmtree(homedir) |