diff options
Diffstat (limited to 'docs/_build/html/_modules/gnupg/_parsers.html')
-rw-r--r-- | docs/_build/html/_modules/gnupg/_parsers.html | 1486 |
1 files changed, 1486 insertions, 0 deletions
diff --git a/docs/_build/html/_modules/gnupg/_parsers.html b/docs/_build/html/_modules/gnupg/_parsers.html new file mode 100644 index 0000000..a203f11 --- /dev/null +++ b/docs/_build/html/_modules/gnupg/_parsers.html @@ -0,0 +1,1486 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> + + +<html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> + + <title>gnupg._parsers — gnupg unknown documentation</title> + + <link rel="stylesheet" href="../../_static/agogo.css" type="text/css" /> + <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" /> + + <script type="text/javascript"> + var DOCUMENTATION_OPTIONS = { + URL_ROOT: '../../', + VERSION: 'unknown', + COLLAPSE_INDEX: false, + FILE_SUFFIX: '.html', + HAS_SOURCE: true + }; + </script> + <script type="text/javascript" src="../../_static/jquery.js"></script> + <script type="text/javascript" src="../../_static/underscore.js"></script> + <script type="text/javascript" src="../../_static/doctools.js"></script> + <link rel="top" title="gnupg unknown documentation" href="../../index.html" /> + <link rel="up" title="gnupg" href="../gnupg.html" /> + </head> + <body> + <div class="header-wrapper"> + <div class="header"> + <div class="headertitle"><a + href="../../index.html">gnupg: Python Module Documentation</a></div> + <div class="rel"> + <a href="../../py-modindex.html" title="Python Module Index" + >modules</a> | + <a href="../../genindex.html" title="General Index" + accesskey="I">index</a> + </div> + </div> + </div> + + <div class="content-wrapper"> + <div class="content"> + <div class="document"> + + <div class="documentwrapper"> + <div class="bodywrapper"> + <div class="body"> + + <h1>Source code for gnupg._parsers</h1><div class="highlight"><pre> +<span class="c"># -*- coding: utf-8 -*-</span> +<span class="c">#</span> +<span class="c"># This file is part of python-gnupg, a Python interface to GnuPG.</span> +<span class="c"># Copyright © 2013 Isis Lovecruft, <isis@leap.se> 0xA3ADB67A2CDB8B35</span> +<span class="c"># © 2013 Andrej B.</span> +<span class="c"># © 2013 LEAP Encryption Access Project</span> +<span class="c"># © 2008-2012 Vinay Sajip</span> +<span class="c"># © 2005 Steve Traugott</span> +<span class="c"># © 2004 A.M. Kuchling</span> +<span class="c">#</span> +<span class="c"># This program is free software: you can redistribute it and/or modify it</span> +<span class="c"># under the terms of the GNU General Public License as published by the Free</span> +<span class="c"># Software Foundation, either version 3 of the License, or (at your option)</span> +<span class="c"># any later version.</span> +<span class="c">#</span> +<span class="c"># This program is distributed in the hope that it will be useful, but WITHOUT</span> +<span class="c"># ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</span> +<span class="c"># FITNESS FOR A PARTICULAR PURPOSE. See the included LICENSE file for details.</span> + +<span class="sd">'''Classes for parsing GnuPG status messages and sanitising commandline</span> +<span class="sd">options.</span> +<span class="sd">'''</span> + +<span class="kn">from</span> <span class="nn">__future__</span> <span class="kn">import</span> <span class="n">absolute_import</span> +<span class="kn">from</span> <span class="nn">__future__</span> <span class="kn">import</span> <span class="n">print_function</span> + +<span class="k">try</span><span class="p">:</span> + <span class="kn">from</span> <span class="nn">collections</span> <span class="kn">import</span> <span class="n">OrderedDict</span> +<span class="k">except</span> <span class="ne">ImportError</span><span class="p">:</span> + <span class="kn">from</span> <span class="nn">ordereddict</span> <span class="kn">import</span> <span class="n">OrderedDict</span> + +<span class="kn">import</span> <span class="nn">re</span> + +<span class="kn">from</span> <span class="nn">.</span> <span class="kn">import</span> <span class="n">_util</span> +<span class="kn">from</span> <span class="nn">._util</span> <span class="kn">import</span> <span class="n">log</span> + + +<span class="n">ESCAPE_PATTERN</span> <span class="o">=</span> <span class="n">re</span><span class="o">.</span><span class="n">compile</span><span class="p">(</span><span class="s">r'</span><span class="se">\\</span><span class="s">x([0-9a-f][0-9a-f])'</span><span class="p">,</span> <span class="n">re</span><span class="o">.</span><span class="n">I</span><span class="p">)</span> +<span class="n">HEXIDECIMAL</span> <span class="o">=</span> <span class="n">re</span><span class="o">.</span><span class="n">compile</span><span class="p">(</span><span class="s">'([0-9A-Fa-f]{2})+'</span><span class="p">)</span> + + +<div class="viewcode-block" id="ProtectedOption"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.ProtectedOption">[docs]</a><span class="k">class</span> <span class="nc">ProtectedOption</span><span class="p">(</span><span class="ne">Exception</span><span class="p">):</span> + <span class="sd">"""Raised when the option passed to GPG is disallowed."""</span> +</div> +<div class="viewcode-block" id="UsageError"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.UsageError">[docs]</a><span class="k">class</span> <span class="nc">UsageError</span><span class="p">(</span><span class="ne">Exception</span><span class="p">):</span> + <span class="sd">"""Raised when incorrect usage of the API occurs.."""</span> + +</div> +<div class="viewcode-block" id="_check_keyserver"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers._check_keyserver">[docs]</a><span class="k">def</span> <span class="nf">_check_keyserver</span><span class="p">(</span><span class="n">location</span><span class="p">):</span> + <span class="sd">"""Check that a given keyserver is a known protocol and does not contain</span> +<span class="sd"> shell escape characters.</span> + +<span class="sd"> :param str location: A string containing the default keyserver. This</span> +<span class="sd"> should contain the desired keyserver protocol which</span> +<span class="sd"> is supported by the keyserver, for example, the</span> +<span class="sd"> default is ``'hkp://wwwkeys .pgp.net'``.</span> +<span class="sd"> :rtype: :obj:`str` or :obj:`None`</span> +<span class="sd"> :returns: A string specifying the protocol and keyserver hostname, if the</span> +<span class="sd"> checks passed. If not, returns None.</span> +<span class="sd"> """</span> + <span class="n">protocols</span> <span class="o">=</span> <span class="p">[</span><span class="s">'hkp://'</span><span class="p">,</span> <span class="s">'hkps://'</span><span class="p">,</span> <span class="s">'http://'</span><span class="p">,</span> <span class="s">'https://'</span><span class="p">,</span> <span class="s">'ldap://'</span><span class="p">,</span> + <span class="s">'mailto:'</span><span class="p">]</span> <span class="c">## xxx feels like i´m forgetting one...</span> + <span class="k">for</span> <span class="n">proto</span> <span class="ow">in</span> <span class="n">protocols</span><span class="p">:</span> + <span class="k">if</span> <span class="n">location</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="n">proto</span><span class="p">):</span> + <span class="n">url</span> <span class="o">=</span> <span class="n">location</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="n">proto</span><span class="p">,</span> <span class="nb">str</span><span class="p">())</span> + <span class="n">host</span><span class="p">,</span> <span class="n">slash</span><span class="p">,</span> <span class="n">extra</span> <span class="o">=</span> <span class="n">url</span><span class="o">.</span><span class="n">partition</span><span class="p">(</span><span class="s">'/'</span><span class="p">)</span> + <span class="k">if</span> <span class="n">extra</span><span class="p">:</span> <span class="n">log</span><span class="o">.</span><span class="n">warn</span><span class="p">(</span><span class="s">"URI text for </span><span class="si">%s</span><span class="s">: '</span><span class="si">%s</span><span class="s">'"</span> <span class="o">%</span> <span class="p">(</span><span class="n">host</span><span class="p">,</span> <span class="n">extra</span><span class="p">))</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Got host string for keyserver setting: '</span><span class="si">%s</span><span class="s">'"</span> <span class="o">%</span> <span class="n">host</span><span class="p">)</span> + + <span class="n">host</span> <span class="o">=</span> <span class="n">_fix_unsafe</span><span class="p">(</span><span class="n">host</span><span class="p">)</span> + <span class="k">if</span> <span class="n">host</span><span class="p">:</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Cleaned host string: '</span><span class="si">%s</span><span class="s">'"</span> <span class="o">%</span> <span class="n">host</span><span class="p">)</span> + <span class="n">keyserver</span> <span class="o">=</span> <span class="n">proto</span> <span class="o">+</span> <span class="n">host</span> + <span class="k">return</span> <span class="n">keyserver</span> + <span class="k">return</span> <span class="bp">None</span> +</div> +<div class="viewcode-block" id="_check_preferences"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers._check_preferences">[docs]</a><span class="k">def</span> <span class="nf">_check_preferences</span><span class="p">(</span><span class="n">prefs</span><span class="p">,</span> <span class="n">pref_type</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span> + <span class="sd">"""Check cipher, digest, and compression preference settings.</span> + +<span class="sd"> MD5 is not allowed. This is `not 1994`__. SHA1 is allowed_ grudgingly_.</span> + +<span class="sd"> __ http://www.cs.colorado.edu/~jrblack/papers/md5e-full.pdf</span> +<span class="sd"> .. _allowed: http://eprint.iacr.org/2008/469.pdf</span> +<span class="sd"> .. _grudgingly: https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html</span> +<span class="sd"> """</span> + <span class="k">if</span> <span class="n">prefs</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span> <span class="k">return</span> + + <span class="n">cipher</span> <span class="o">=</span> <span class="nb">frozenset</span><span class="p">([</span><span class="s">'AES256'</span><span class="p">,</span> <span class="s">'AES192'</span><span class="p">,</span> <span class="s">'AES128'</span><span class="p">,</span> + <span class="s">'CAMELLIA256'</span><span class="p">,</span> <span class="s">'CAMELLIA192'</span><span class="p">,</span> + <span class="s">'TWOFISH'</span><span class="p">,</span> <span class="s">'3DES'</span><span class="p">])</span> + <span class="n">digest</span> <span class="o">=</span> <span class="nb">frozenset</span><span class="p">([</span><span class="s">'SHA512'</span><span class="p">,</span> <span class="s">'SHA384'</span><span class="p">,</span> <span class="s">'SHA256'</span><span class="p">,</span> <span class="s">'SHA224'</span><span class="p">,</span> <span class="s">'RMD160'</span><span class="p">,</span> + <span class="s">'SHA1'</span><span class="p">])</span> + <span class="n">compress</span> <span class="o">=</span> <span class="nb">frozenset</span><span class="p">([</span><span class="s">'BZIP2'</span><span class="p">,</span> <span class="s">'ZLIB'</span><span class="p">,</span> <span class="s">'ZIP'</span><span class="p">,</span> <span class="s">'Uncompressed'</span><span class="p">])</span> + <span class="nb">all</span> <span class="o">=</span> <span class="nb">frozenset</span><span class="p">([</span><span class="n">cipher</span><span class="p">,</span> <span class="n">digest</span><span class="p">,</span> <span class="n">compress</span><span class="p">])</span> + + <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">prefs</span><span class="p">,</span> <span class="nb">str</span><span class="p">):</span> + <span class="n">prefs</span> <span class="o">=</span> <span class="nb">set</span><span class="p">(</span><span class="n">prefs</span><span class="o">.</span><span class="n">split</span><span class="p">())</span> + <span class="k">elif</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">prefs</span><span class="p">,</span> <span class="nb">list</span><span class="p">):</span> + <span class="n">prefs</span> <span class="o">=</span> <span class="nb">set</span><span class="p">(</span><span class="n">prefs</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> + <span class="n">msg</span> <span class="o">=</span> <span class="s">"prefs must be list of strings, or space-separated string"</span> + <span class="n">log</span><span class="o">.</span><span class="n">error</span><span class="p">(</span><span class="s">"parsers._check_preferences(): </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="n">message</span><span class="p">)</span> + <span class="k">raise</span> <span class="ne">TypeError</span><span class="p">(</span><span class="n">message</span><span class="p">)</span> + + <span class="k">if</span> <span class="ow">not</span> <span class="n">pref_type</span><span class="p">:</span> + <span class="n">pref_type</span> <span class="o">=</span> <span class="s">'all'</span> + + <span class="n">allowed</span> <span class="o">=</span> <span class="nb">str</span><span class="p">()</span> + + <span class="k">if</span> <span class="n">pref_type</span> <span class="o">==</span> <span class="s">'cipher'</span><span class="p">:</span> + <span class="n">allowed</span> <span class="o">+=</span> <span class="s">' '</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">prefs</span><span class="o">.</span><span class="n">intersection</span><span class="p">(</span><span class="n">cipher</span><span class="p">))</span> + <span class="k">if</span> <span class="n">pref_type</span> <span class="o">==</span> <span class="s">'digest'</span><span class="p">:</span> + <span class="n">allowed</span> <span class="o">+=</span> <span class="s">' '</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">prefs</span><span class="o">.</span><span class="n">intersection</span><span class="p">(</span><span class="n">digest</span><span class="p">))</span> + <span class="k">if</span> <span class="n">pref_type</span> <span class="o">==</span> <span class="s">'compress'</span><span class="p">:</span> + <span class="n">allowed</span> <span class="o">+=</span> <span class="s">' '</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">prefs</span><span class="o">.</span><span class="n">intersection</span><span class="p">(</span><span class="n">compress</span><span class="p">))</span> + <span class="k">if</span> <span class="n">pref_type</span> <span class="o">==</span> <span class="s">'all'</span><span class="p">:</span> + <span class="n">allowed</span> <span class="o">+=</span> <span class="s">' '</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">prefs</span><span class="o">.</span><span class="n">intersection</span><span class="p">(</span><span class="nb">all</span><span class="p">))</span> + + <span class="k">return</span> <span class="n">allowed</span> +</div> +<div class="viewcode-block" id="_fix_unsafe"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers._fix_unsafe">[docs]</a><span class="k">def</span> <span class="nf">_fix_unsafe</span><span class="p">(</span><span class="n">shell_input</span><span class="p">):</span> + <span class="sd">"""Find characters used to escape from a string into a shell, and wrap them in</span> +<span class="sd"> quotes if they exist. Regex pilfered from Python3 :mod:`shlex` module.</span> + +<span class="sd"> :param str shell_input: The input intended for the GnuPG process.</span> +<span class="sd"> """</span> + <span class="n">_unsafe</span> <span class="o">=</span> <span class="n">re</span><span class="o">.</span><span class="n">compile</span><span class="p">(</span><span class="s">r'[^\w@%+=:,./-]'</span><span class="p">,</span> <span class="mi">256</span><span class="p">)</span> + <span class="k">try</span><span class="p">:</span> + <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">_unsafe</span><span class="o">.</span><span class="n">findall</span><span class="p">(</span><span class="n">shell_input</span><span class="p">))</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span> + <span class="k">return</span> <span class="n">shell_input</span><span class="o">.</span><span class="n">strip</span><span class="p">()</span> + <span class="k">else</span><span class="p">:</span> + <span class="n">clean</span> <span class="o">=</span> <span class="s">"'"</span> <span class="o">+</span> <span class="n">shell_input</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s">"'"</span><span class="p">,</span> <span class="s">"'</span><span class="se">\"</span><span class="s">'</span><span class="se">\"</span><span class="s">'"</span><span class="p">)</span> <span class="o">+</span> <span class="s">"'"</span> + <span class="k">return</span> <span class="n">clean</span> + <span class="k">except</span> <span class="ne">TypeError</span><span class="p">:</span> + <span class="k">return</span> <span class="bp">None</span> +</div> +<div class="viewcode-block" id="_hyphenate"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers._hyphenate">[docs]</a><span class="k">def</span> <span class="nf">_hyphenate</span><span class="p">(</span><span class="nb">input</span><span class="p">,</span> <span class="n">add_prefix</span><span class="o">=</span><span class="bp">False</span><span class="p">):</span> + <span class="sd">"""Change underscores to hyphens so that object attributes can be easily</span> +<span class="sd"> tranlated to GPG option names.</span> + +<span class="sd"> :param str input: The attribute to hyphenate.</span> +<span class="sd"> :param bool add_prefix: If True, add leading hyphens to the input.</span> +<span class="sd"> :rtype: str</span> +<span class="sd"> :return: The ``input`` with underscores changed to hyphens.</span> +<span class="sd"> """</span> + <span class="n">ret</span> <span class="o">=</span> <span class="s">'--'</span> <span class="k">if</span> <span class="n">add_prefix</span> <span class="k">else</span> <span class="s">''</span> + <span class="n">ret</span> <span class="o">+=</span> <span class="nb">input</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s">'_'</span><span class="p">,</span> <span class="s">'-'</span><span class="p">)</span> + <span class="k">return</span> <span class="n">ret</span> +</div> +<div class="viewcode-block" id="_is_allowed"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers._is_allowed">[docs]</a><span class="k">def</span> <span class="nf">_is_allowed</span><span class="p">(</span><span class="nb">input</span><span class="p">):</span> + <span class="sd">"""Check that an option or argument given to GPG is in the set of allowed</span> +<span class="sd"> options, the latter being a strict subset of the set of all options known</span> +<span class="sd"> to GPG.</span> + +<span class="sd"> :param str input: An input meant to be parsed as an option or flag to the</span> +<span class="sd"> GnuPG process. Should be formatted the same as an option</span> +<span class="sd"> or flag to the commandline gpg, i.e. "--encrypt-files".</span> + +<span class="sd"> :ivar frozenset gnupg_options: All known GPG options and flags.</span> + +<span class="sd"> :ivar frozenset allowed: All allowed GPG options and flags, e.g. all GPG</span> +<span class="sd"> options and flags which we are willing to</span> +<span class="sd"> acknowledge and parse. If we want to support a</span> +<span class="sd"> new option, it will need to have its own parsing</span> +<span class="sd"> class and its name will need to be added to this</span> +<span class="sd"> set.</span> + +<span class="sd"> :raises: :exc:`UsageError` if **input** is not a subset of the hard-coded</span> +<span class="sd"> set of all GnuPG options in :func:`_get_all_gnupg_options`.</span> + +<span class="sd"> :exc:`ProtectedOption` if **input** is not in the set of allowed</span> +<span class="sd"> options.</span> + +<span class="sd"> :rtype: str</span> +<span class="sd"> :return: The original **input** parameter, unmodified and unsanitized, if</span> +<span class="sd"> no errors occur.</span> +<span class="sd"> """</span> + <span class="n">gnupg_options</span> <span class="o">=</span> <span class="n">_get_all_gnupg_options</span><span class="p">()</span> + <span class="n">allowed</span> <span class="o">=</span> <span class="n">_get_options_group</span><span class="p">(</span><span class="s">"allowed"</span><span class="p">)</span> + + <span class="c">## these are the allowed options we will handle so far, all others should</span> + <span class="c">## be dropped. this dance is so that when new options are added later, we</span> + <span class="c">## merely add the to the _allowed list, and the `` _allowed.issubset``</span> + <span class="c">## assertion will check that GPG will recognise them</span> + <span class="k">try</span><span class="p">:</span> + <span class="c">## check that allowed is a subset of all gnupg_options</span> + <span class="k">assert</span> <span class="n">allowed</span><span class="o">.</span><span class="n">issubset</span><span class="p">(</span><span class="n">gnupg_options</span><span class="p">)</span> + <span class="k">except</span> <span class="ne">AssertionError</span><span class="p">:</span> + <span class="k">raise</span> <span class="n">UsageError</span><span class="p">(</span><span class="s">"'allowed' isn't a subset of known options, diff: </span><span class="si">%s</span><span class="s">"</span> + <span class="o">%</span> <span class="n">allowed</span><span class="o">.</span><span class="n">difference</span><span class="p">(</span><span class="n">gnupg_options</span><span class="p">))</span> + + <span class="c">## if we got a list of args, join them</span> + <span class="c">##</span> + <span class="c">## see TODO file, tag :cleanup:</span> + <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="nb">input</span><span class="p">,</span> <span class="nb">str</span><span class="p">):</span> + <span class="nb">input</span> <span class="o">=</span> <span class="s">' '</span><span class="o">.</span><span class="n">join</span><span class="p">([</span><span class="n">x</span> <span class="k">for</span> <span class="n">x</span> <span class="ow">in</span> <span class="nb">input</span><span class="p">])</span> + + <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="nb">input</span><span class="p">,</span> <span class="nb">str</span><span class="p">):</span> + <span class="k">if</span> <span class="nb">input</span><span class="o">.</span><span class="n">find</span><span class="p">(</span><span class="s">'_'</span><span class="p">)</span> <span class="o">></span> <span class="mi">0</span><span class="p">:</span> + <span class="k">if</span> <span class="ow">not</span> <span class="nb">input</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="s">'--'</span><span class="p">):</span> + <span class="n">hyphenated</span> <span class="o">=</span> <span class="n">_hyphenate</span><span class="p">(</span><span class="nb">input</span><span class="p">,</span> <span class="n">add_prefix</span><span class="o">=</span><span class="bp">True</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> + <span class="n">hyphenated</span> <span class="o">=</span> <span class="n">_hyphenate</span><span class="p">(</span><span class="nb">input</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> + <span class="n">hyphenated</span> <span class="o">=</span> <span class="nb">input</span> + <span class="c">## xxx we probably want to use itertools.dropwhile here</span> + <span class="k">try</span><span class="p">:</span> + <span class="k">assert</span> <span class="n">hyphenated</span> <span class="ow">in</span> <span class="n">allowed</span> + <span class="k">except</span> <span class="ne">AssertionError</span> <span class="k">as</span> <span class="n">ae</span><span class="p">:</span> + <span class="n">dropped</span> <span class="o">=</span> <span class="n">_fix_unsafe</span><span class="p">(</span><span class="n">hyphenated</span><span class="p">)</span> + <span class="n">log</span><span class="o">.</span><span class="n">warn</span><span class="p">(</span><span class="s">"_is_allowed(): Dropping option '</span><span class="si">%s</span><span class="s">'..."</span> <span class="o">%</span> <span class="n">dropped</span><span class="p">)</span> + <span class="k">raise</span> <span class="n">ProtectedOption</span><span class="p">(</span><span class="s">"Option '</span><span class="si">%s</span><span class="s">' not supported."</span> <span class="o">%</span> <span class="n">dropped</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> + <span class="k">return</span> <span class="nb">input</span> + <span class="k">return</span> <span class="bp">None</span> +</div> +<div class="viewcode-block" id="_is_hex"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers._is_hex">[docs]</a><span class="k">def</span> <span class="nf">_is_hex</span><span class="p">(</span><span class="n">string</span><span class="p">):</span> + <span class="sd">"""Check that a string is hexidecimal, with alphabetic characters</span> +<span class="sd"> capitalized and without whitespace.</span> + +<span class="sd"> :param str string: The string to check.</span> +<span class="sd"> """</span> + <span class="n">matched</span> <span class="o">=</span> <span class="n">HEXIDECIMAL</span><span class="o">.</span><span class="n">match</span><span class="p">(</span><span class="n">string</span><span class="p">)</span> + <span class="k">if</span> <span class="n">matched</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span> <span class="ow">and</span> <span class="nb">len</span><span class="p">(</span><span class="n">matched</span><span class="o">.</span><span class="n">group</span><span class="p">())</span> <span class="o">>=</span> <span class="mi">2</span><span class="p">:</span> + <span class="k">return</span> <span class="bp">True</span> + <span class="k">return</span> <span class="bp">False</span> +</div> +<div class="viewcode-block" id="_is_string"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers._is_string">[docs]</a><span class="k">def</span> <span class="nf">_is_string</span><span class="p">(</span><span class="n">thing</span><span class="p">):</span> + <span class="sd">"""Python character arrays are a mess.</span> + +<span class="sd"> If Python2, check if **thing** is an :obj:`unicode` or a :obj:`str`.</span> +<span class="sd"> If Python3, check if **thing** is a :obj:`str`.</span> + +<span class="sd"> :param thing: The thing to check.</span> +<span class="sd"> :returns: ``True`` if **thing** is a string according to whichever version</span> +<span class="sd"> of Python we're running in.</span> +<span class="sd"> """</span> + <span class="k">if</span> <span class="n">_util</span><span class="o">.</span><span class="n">_py3k</span><span class="p">:</span> <span class="k">return</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">thing</span><span class="p">,</span> <span class="nb">str</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> <span class="k">return</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">thing</span><span class="p">,</span> <span class="nb">basestring</span><span class="p">)</span> +</div> +<div class="viewcode-block" id="_sanitise"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers._sanitise">[docs]</a><span class="k">def</span> <span class="nf">_sanitise</span><span class="p">(</span><span class="o">*</span><span class="n">args</span><span class="p">):</span> + <span class="sd">"""Take an arg or the key portion of a kwarg and check that it is in the</span> +<span class="sd"> set of allowed GPG options and flags, and that it has the correct</span> +<span class="sd"> type. Then, attempt to escape any unsafe characters. If an option is not</span> +<span class="sd"> allowed, drop it with a logged warning. Returns a dictionary of all</span> +<span class="sd"> sanitised, allowed options.</span> + +<span class="sd"> Each new option that we support that is not a boolean, but instead has</span> +<span class="sd"> some additional inputs following it, i.e. "--encrypt-file foo.txt", will</span> +<span class="sd"> need some basic safety checks added here.</span> + +<span class="sd"> GnuPG has three-hundred and eighteen commandline flags. Also, not all</span> +<span class="sd"> implementations of OpenPGP parse PGP packets and headers in the same way,</span> +<span class="sd"> so there is added potential there for messing with calls to GPG.</span> + +<span class="sd"> For information on the PGP message format specification, see</span> +<span class="sd"> :rfc:`1991`.</span> + +<span class="sd"> If you're asking, "Is this *really* necessary?": No, not really -- we could</span> +<span class="sd"> just follow the security precautions recommended by `this xkcd`__.</span> + +<span class="sd"> __ https://xkcd.com/1181/</span> + +<span class="sd"> :param str args: (optional) The boolean arguments which will be passed to</span> +<span class="sd"> the GnuPG process.</span> +<span class="sd"> :rtype: str</span> +<span class="sd"> :returns: ``sanitised``</span> +<span class="sd"> """</span> + + <span class="c">## see TODO file, tag :cleanup:sanitise:</span> + + <span class="k">def</span> <span class="nf">_check_option</span><span class="p">(</span><span class="n">arg</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> + <span class="sd">"""Check that a single ``arg`` is an allowed option.</span> + +<span class="sd"> If it is allowed, quote out any escape characters in ``value``, and</span> +<span class="sd"> add the pair to :ivar:`sanitised`. Otherwise, drop them.</span> + +<span class="sd"> :param str arg: The arguments which will be passed to the GnuPG</span> +<span class="sd"> process, and, optionally their corresponding values.</span> +<span class="sd"> The values are any additional arguments following the</span> +<span class="sd"> GnuPG option or flag. For example, if we wanted to</span> +<span class="sd"> pass ``"--encrypt --recipient isis@leap.se"`` to</span> +<span class="sd"> GnuPG, then ``"--encrypt"`` would be an arg without a</span> +<span class="sd"> value, and ``"--recipient"`` would also be an arg,</span> +<span class="sd"> with a value of ``"isis@leap.se"``.</span> + +<span class="sd"> :ivar list checked: The sanitised, allowed options and values.</span> +<span class="sd"> :rtype: str</span> +<span class="sd"> :returns: A string of the items in ``checked``, delimited by spaces.</span> +<span class="sd"> """</span> + <span class="n">checked</span> <span class="o">=</span> <span class="nb">str</span><span class="p">()</span> + <span class="n">none_options</span> <span class="o">=</span> <span class="n">_get_options_group</span><span class="p">(</span><span class="s">"none_options"</span><span class="p">)</span> + <span class="n">hex_options</span> <span class="o">=</span> <span class="n">_get_options_group</span><span class="p">(</span><span class="s">"hex_options"</span><span class="p">)</span> + <span class="n">hex_or_none_options</span> <span class="o">=</span> <span class="n">_get_options_group</span><span class="p">(</span><span class="s">"hex_or_none_options"</span><span class="p">)</span> + + <span class="k">if</span> <span class="ow">not</span> <span class="n">_util</span><span class="o">.</span><span class="n">_py3k</span><span class="p">:</span> + <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">arg</span><span class="p">,</span> <span class="nb">list</span><span class="p">)</span> <span class="ow">and</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">arg</span><span class="p">,</span> <span class="nb">unicode</span><span class="p">):</span> + <span class="n">arg</span> <span class="o">=</span> <span class="nb">str</span><span class="p">(</span><span class="n">arg</span><span class="p">)</span> + + <span class="k">try</span><span class="p">:</span> + <span class="n">flag</span> <span class="o">=</span> <span class="n">_is_allowed</span><span class="p">(</span><span class="n">arg</span><span class="p">)</span> + <span class="k">assert</span> <span class="n">flag</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">,</span> <span class="s">"_check_option(): got None for flag"</span> + <span class="k">except</span> <span class="p">(</span><span class="ne">AssertionError</span><span class="p">,</span> <span class="n">ProtectedOption</span><span class="p">)</span> <span class="k">as</span> <span class="n">error</span><span class="p">:</span> + <span class="n">log</span><span class="o">.</span><span class="n">warn</span><span class="p">(</span><span class="s">"_check_option(): </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="nb">str</span><span class="p">(</span><span class="n">error</span><span class="p">))</span> + <span class="k">else</span><span class="p">:</span> + <span class="n">checked</span> <span class="o">+=</span> <span class="p">(</span><span class="n">flag</span> <span class="o">+</span> <span class="s">' '</span><span class="p">)</span> + + <span class="k">if</span> <span class="n">_is_string</span><span class="p">(</span><span class="n">value</span><span class="p">):</span> + <span class="n">values</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s">' '</span><span class="p">)</span> + <span class="k">for</span> <span class="n">v</span> <span class="ow">in</span> <span class="n">values</span><span class="p">:</span> + <span class="c">## these can be handled separately, without _fix_unsafe(),</span> + <span class="c">## because they are only allowed if they pass the regex</span> + <span class="k">if</span> <span class="p">(</span><span class="n">flag</span> <span class="ow">in</span> <span class="n">none_options</span><span class="p">)</span> <span class="ow">and</span> <span class="p">(</span><span class="n">v</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">):</span> + <span class="k">continue</span> + + <span class="k">if</span> <span class="n">flag</span> <span class="ow">in</span> <span class="n">hex_options</span><span class="p">:</span> + <span class="k">if</span> <span class="n">_is_hex</span><span class="p">(</span><span class="n">v</span><span class="p">):</span> <span class="n">checked</span> <span class="o">+=</span> <span class="p">(</span><span class="n">v</span> <span class="o">+</span> <span class="s">" "</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"'</span><span class="si">%s</span><span class="s"> </span><span class="si">%s</span><span class="s">' not hex."</span> <span class="o">%</span> <span class="p">(</span><span class="n">flag</span><span class="p">,</span> <span class="n">v</span><span class="p">))</span> + <span class="k">if</span> <span class="p">(</span><span class="n">flag</span> <span class="ow">in</span> <span class="n">hex_or_none_options</span><span class="p">)</span> <span class="ow">and</span> <span class="p">(</span><span class="n">v</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">):</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Allowing '</span><span class="si">%s</span><span class="s">' for all keys"</span> <span class="o">%</span> <span class="n">flag</span><span class="p">)</span> + <span class="k">continue</span> + + <span class="k">elif</span> <span class="n">flag</span> <span class="ow">in</span> <span class="p">[</span><span class="s">'--keyserver'</span><span class="p">]:</span> + <span class="n">host</span> <span class="o">=</span> <span class="n">_check_keyserver</span><span class="p">(</span><span class="n">v</span><span class="p">)</span> + <span class="k">if</span> <span class="n">host</span><span class="p">:</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Setting keyserver: </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="n">host</span><span class="p">)</span> + <span class="n">checked</span> <span class="o">+=</span> <span class="p">(</span><span class="n">v</span> <span class="o">+</span> <span class="s">" "</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Dropping keyserver: </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="n">v</span><span class="p">)</span> + <span class="k">continue</span> + + <span class="c">## the rest are strings, filenames, etc, and should be</span> + <span class="c">## shell escaped:</span> + <span class="n">val</span> <span class="o">=</span> <span class="n">_fix_unsafe</span><span class="p">(</span><span class="n">v</span><span class="p">)</span> + <span class="k">try</span><span class="p">:</span> + <span class="k">assert</span> <span class="ow">not</span> <span class="n">val</span> <span class="ow">is</span> <span class="bp">None</span> + <span class="k">assert</span> <span class="ow">not</span> <span class="n">val</span><span class="o">.</span><span class="n">isspace</span><span class="p">()</span> + <span class="k">assert</span> <span class="ow">not</span> <span class="n">v</span> <span class="ow">is</span> <span class="bp">None</span> + <span class="k">assert</span> <span class="ow">not</span> <span class="n">v</span><span class="o">.</span><span class="n">isspace</span><span class="p">()</span> + <span class="k">except</span><span class="p">:</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Dropping </span><span class="si">%s</span><span class="s"> </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="p">(</span><span class="n">flag</span><span class="p">,</span> <span class="n">v</span><span class="p">))</span> + <span class="k">continue</span> + + <span class="k">if</span> <span class="n">flag</span> <span class="ow">in</span> <span class="p">[</span><span class="s">'--encrypt'</span><span class="p">,</span> <span class="s">'--encrypt-files'</span><span class="p">,</span> <span class="s">'--decrypt'</span><span class="p">,</span> + <span class="s">'--decrypt-files'</span><span class="p">,</span> <span class="s">'--import'</span><span class="p">,</span> <span class="s">'--verify'</span><span class="p">]:</span> + <span class="k">if</span> <span class="p">(</span> <span class="p">(</span><span class="n">_util</span><span class="o">.</span><span class="n">_is_file</span><span class="p">(</span><span class="n">val</span><span class="p">))</span> + <span class="ow">or</span> + <span class="p">((</span><span class="n">flag</span> <span class="o">==</span> <span class="s">'--verify'</span><span class="p">)</span> <span class="ow">and</span> <span class="p">(</span><span class="n">val</span> <span class="o">==</span> <span class="s">'-'</span><span class="p">))</span> <span class="p">):</span> + <span class="n">checked</span> <span class="o">+=</span> <span class="p">(</span><span class="n">val</span> <span class="o">+</span> <span class="s">" "</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"</span><span class="si">%s</span><span class="s"> not file: </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="p">(</span><span class="n">flag</span><span class="p">,</span> <span class="n">val</span><span class="p">))</span> + + <span class="k">elif</span> <span class="n">flag</span> <span class="ow">in</span> <span class="p">[</span><span class="s">'--cipher-algo'</span><span class="p">,</span> <span class="s">'--personal-cipher-prefs'</span><span class="p">,</span> + <span class="s">'--personal-cipher-preferences'</span><span class="p">]:</span> + <span class="n">legit_algos</span> <span class="o">=</span> <span class="n">_check_preferences</span><span class="p">(</span><span class="n">val</span><span class="p">,</span> <span class="s">'cipher'</span><span class="p">)</span> + <span class="k">if</span> <span class="n">legit_algos</span><span class="p">:</span> <span class="n">checked</span> <span class="o">+=</span> <span class="p">(</span><span class="n">legit_algos</span> <span class="o">+</span> <span class="s">" "</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"'</span><span class="si">%s</span><span class="s">' is not cipher"</span> <span class="o">%</span> <span class="n">val</span><span class="p">)</span> + + <span class="k">elif</span> <span class="n">flag</span> <span class="ow">in</span> <span class="p">[</span><span class="s">'--compress-algo'</span><span class="p">,</span> <span class="s">'--compression-algo'</span><span class="p">,</span> + <span class="s">'--personal-compress-prefs'</span><span class="p">,</span> + <span class="s">'--personal-compress-preferences'</span><span class="p">]:</span> + <span class="n">legit_algos</span> <span class="o">=</span> <span class="n">_check_preferences</span><span class="p">(</span><span class="n">val</span><span class="p">,</span> <span class="s">'compress'</span><span class="p">)</span> + <span class="k">if</span> <span class="n">legit_algos</span><span class="p">:</span> <span class="n">checked</span> <span class="o">+=</span> <span class="p">(</span><span class="n">legit_algos</span> <span class="o">+</span> <span class="s">" "</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"'</span><span class="si">%s</span><span class="s">' not compress algo"</span> <span class="o">%</span> <span class="n">val</span><span class="p">)</span> + + <span class="k">else</span><span class="p">:</span> + <span class="n">checked</span> <span class="o">+=</span> <span class="p">(</span><span class="n">val</span> <span class="o">+</span> <span class="s">" "</span><span class="p">)</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"_check_option(): No checks for </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="n">val</span><span class="p">)</span> + + <span class="k">return</span> <span class="n">checked</span> + + <span class="n">is_flag</span> <span class="o">=</span> <span class="k">lambda</span> <span class="n">x</span><span class="p">:</span> <span class="n">x</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="s">'--'</span><span class="p">)</span> + + <span class="k">def</span> <span class="nf">_make_filo</span><span class="p">(</span><span class="n">args_string</span><span class="p">):</span> + <span class="n">filo</span> <span class="o">=</span> <span class="n">arg</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s">' '</span><span class="p">)</span> + <span class="n">filo</span><span class="o">.</span><span class="n">reverse</span><span class="p">()</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"_make_filo(): Converted to reverse list: </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="n">filo</span><span class="p">)</span> + <span class="k">return</span> <span class="n">filo</span> + + <span class="k">def</span> <span class="nf">_make_groups</span><span class="p">(</span><span class="n">filo</span><span class="p">):</span> + <span class="n">groups</span> <span class="o">=</span> <span class="p">{}</span> + <span class="k">while</span> <span class="nb">len</span><span class="p">(</span><span class="n">filo</span><span class="p">)</span> <span class="o">>=</span> <span class="mi">1</span><span class="p">:</span> + <span class="n">last</span> <span class="o">=</span> <span class="n">filo</span><span class="o">.</span><span class="n">pop</span><span class="p">()</span> + <span class="k">if</span> <span class="n">is_flag</span><span class="p">(</span><span class="n">last</span><span class="p">):</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Got arg: </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="n">last</span><span class="p">)</span> + <span class="k">if</span> <span class="n">last</span> <span class="o">==</span> <span class="s">'--verify'</span><span class="p">:</span> + <span class="n">groups</span><span class="p">[</span><span class="n">last</span><span class="p">]</span> <span class="o">=</span> <span class="nb">str</span><span class="p">(</span><span class="n">filo</span><span class="o">.</span><span class="n">pop</span><span class="p">())</span> + <span class="c">## accept the read-from-stdin arg:</span> + <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">filo</span><span class="p">)</span> <span class="o">>=</span> <span class="mi">1</span> <span class="ow">and</span> <span class="n">filo</span><span class="p">[</span><span class="nb">len</span><span class="p">(</span><span class="n">filo</span><span class="p">)</span><span class="o">-</span><span class="mi">1</span><span class="p">]</span> <span class="o">==</span> <span class="s">'-'</span><span class="p">:</span> + <span class="n">groups</span><span class="p">[</span><span class="n">last</span><span class="p">]</span> <span class="o">+=</span> <span class="nb">str</span><span class="p">(</span><span class="s">' - '</span><span class="p">)</span> <span class="c">## gross hack</span> + <span class="n">filo</span><span class="o">.</span><span class="n">pop</span><span class="p">()</span> + <span class="k">else</span><span class="p">:</span> + <span class="n">groups</span><span class="p">[</span><span class="n">last</span><span class="p">]</span> <span class="o">=</span> <span class="nb">str</span><span class="p">()</span> + <span class="k">while</span> <span class="nb">len</span><span class="p">(</span><span class="n">filo</span><span class="p">)</span> <span class="o">></span> <span class="mi">1</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">is_flag</span><span class="p">(</span><span class="n">filo</span><span class="p">[</span><span class="nb">len</span><span class="p">(</span><span class="n">filo</span><span class="p">)</span><span class="o">-</span><span class="mi">1</span><span class="p">]):</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Got value: </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="n">filo</span><span class="p">[</span><span class="nb">len</span><span class="p">(</span><span class="n">filo</span><span class="p">)</span><span class="o">-</span><span class="mi">1</span><span class="p">])</span> + <span class="n">groups</span><span class="p">[</span><span class="n">last</span><span class="p">]</span> <span class="o">+=</span> <span class="p">(</span><span class="n">filo</span><span class="o">.</span><span class="n">pop</span><span class="p">()</span> <span class="o">+</span> <span class="s">" "</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> + <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">filo</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">is_flag</span><span class="p">(</span><span class="n">filo</span><span class="p">[</span><span class="mi">0</span><span class="p">]):</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Got value: </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="n">filo</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span> + <span class="n">groups</span><span class="p">[</span><span class="n">last</span><span class="p">]</span> <span class="o">+=</span> <span class="n">filo</span><span class="o">.</span><span class="n">pop</span><span class="p">()</span> + <span class="k">else</span><span class="p">:</span> + <span class="n">log</span><span class="o">.</span><span class="n">warn</span><span class="p">(</span><span class="s">"_make_groups(): Got solitary value: </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="n">last</span><span class="p">)</span> + <span class="n">groups</span><span class="p">[</span><span class="s">"xxx"</span><span class="p">]</span> <span class="o">=</span> <span class="n">last</span> + <span class="k">return</span> <span class="n">groups</span> + + <span class="k">def</span> <span class="nf">_check_groups</span><span class="p">(</span><span class="n">groups</span><span class="p">):</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Got groups: </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="n">groups</span><span class="p">)</span> + <span class="n">checked_groups</span> <span class="o">=</span> <span class="p">[]</span> + <span class="k">for</span> <span class="n">a</span><span class="p">,</span><span class="n">v</span> <span class="ow">in</span> <span class="n">groups</span><span class="o">.</span><span class="n">items</span><span class="p">():</span> + <span class="n">v</span> <span class="o">=</span> <span class="bp">None</span> <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">v</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span> <span class="k">else</span> <span class="n">v</span> + <span class="n">safe</span> <span class="o">=</span> <span class="n">_check_option</span><span class="p">(</span><span class="n">a</span><span class="p">,</span> <span class="n">v</span><span class="p">)</span> + <span class="k">if</span> <span class="n">safe</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">safe</span><span class="o">.</span><span class="n">strip</span><span class="p">()</span> <span class="o">==</span> <span class="s">""</span><span class="p">:</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Appending option: </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="n">safe</span><span class="p">)</span> + <span class="n">checked_groups</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">safe</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> + <span class="n">log</span><span class="o">.</span><span class="n">warn</span><span class="p">(</span><span class="s">"Dropped option: '</span><span class="si">%s</span><span class="s"> </span><span class="si">%s</span><span class="s">'"</span> <span class="o">%</span> <span class="p">(</span><span class="n">a</span><span class="p">,</span><span class="n">v</span><span class="p">))</span> + <span class="k">return</span> <span class="n">checked_groups</span> + + <span class="k">if</span> <span class="n">args</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span> + <span class="n">option_groups</span> <span class="o">=</span> <span class="p">{}</span> + <span class="k">for</span> <span class="n">arg</span> <span class="ow">in</span> <span class="n">args</span><span class="p">:</span> + <span class="c">## if we're given a string with a bunch of options in it split</span> + <span class="c">## them up and deal with them separately</span> + <span class="k">if</span> <span class="p">(</span><span class="ow">not</span> <span class="n">_util</span><span class="o">.</span><span class="n">_py3k</span> <span class="ow">and</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">arg</span><span class="p">,</span> <span class="nb">basestring</span><span class="p">))</span> \ + <span class="ow">or</span> <span class="p">(</span><span class="n">_util</span><span class="o">.</span><span class="n">_py3k</span> <span class="ow">and</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">arg</span><span class="p">,</span> <span class="nb">str</span><span class="p">)):</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Got arg string: </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="n">arg</span><span class="p">)</span> + <span class="k">if</span> <span class="n">arg</span><span class="o">.</span><span class="n">find</span><span class="p">(</span><span class="s">' '</span><span class="p">)</span> <span class="o">></span> <span class="mi">0</span><span class="p">:</span> + <span class="n">filo</span> <span class="o">=</span> <span class="n">_make_filo</span><span class="p">(</span><span class="n">arg</span><span class="p">)</span> + <span class="n">option_groups</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="n">_make_groups</span><span class="p">(</span><span class="n">filo</span><span class="p">))</span> + <span class="k">else</span><span class="p">:</span> + <span class="n">option_groups</span><span class="o">.</span><span class="n">update</span><span class="p">({</span> <span class="n">arg</span><span class="p">:</span> <span class="s">""</span> <span class="p">})</span> + <span class="k">elif</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">arg</span><span class="p">,</span> <span class="nb">list</span><span class="p">):</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Got arg list: </span><span class="si">%s</span><span class="s">"</span> <span class="o">%</span> <span class="n">arg</span><span class="p">)</span> + <span class="n">arg</span><span class="o">.</span><span class="n">reverse</span><span class="p">()</span> + <span class="n">option_groups</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="n">_make_groups</span><span class="p">(</span><span class="n">arg</span><span class="p">))</span> + <span class="k">else</span><span class="p">:</span> + <span class="n">log</span><span class="o">.</span><span class="n">warn</span><span class="p">(</span><span class="s">"Got non-str/list arg: '</span><span class="si">%s</span><span class="s">', type '</span><span class="si">%s</span><span class="s">'"</span> + <span class="o">%</span> <span class="p">(</span><span class="n">arg</span><span class="p">,</span> <span class="nb">type</span><span class="p">(</span><span class="n">arg</span><span class="p">)))</span> + <span class="n">checked</span> <span class="o">=</span> <span class="n">_check_groups</span><span class="p">(</span><span class="n">option_groups</span><span class="p">)</span> + <span class="n">sanitised</span> <span class="o">=</span> <span class="s">' '</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">x</span> <span class="k">for</span> <span class="n">x</span> <span class="ow">in</span> <span class="n">checked</span><span class="p">)</span> + <span class="k">return</span> <span class="n">sanitised</span> + <span class="k">else</span><span class="p">:</span> + <span class="n">log</span><span class="o">.</span><span class="n">debug</span><span class="p">(</span><span class="s">"Got None for args"</span><span class="p">)</span> +</div> +<div class="viewcode-block" id="_sanitise_list"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers._sanitise_list">[docs]</a><span class="k">def</span> <span class="nf">_sanitise_list</span><span class="p">(</span><span class="n">arg_list</span><span class="p">):</span> + <span class="sd">"""A generator for iterating through a list of gpg options and sanitising</span> +<span class="sd"> them.</span> + +<span class="sd"> :param list arg_list: A list of options and flags for GnuPG.</span> +<span class="sd"> :rtype: generator</span> +<span class="sd"> :returns: A generator whose next() method returns each of the items in</span> +<span class="sd"> ``arg_list`` after calling ``_sanitise()`` with that item as a</span> +<span class="sd"> parameter.</span> +<span class="sd"> """</span> + <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">arg_list</span><span class="p">,</span> <span class="nb">list</span><span class="p">):</span> + <span class="k">for</span> <span class="n">arg</span> <span class="ow">in</span> <span class="n">arg_list</span><span class="p">:</span> + <span class="n">safe_arg</span> <span class="o">=</span> <span class="n">_sanitise</span><span class="p">(</span><span class="n">arg</span><span class="p">)</span> + <span class="k">if</span> <span class="n">safe_arg</span> <span class="o">!=</span> <span class="s">""</span><span class="p">:</span> + <span class="k">yield</span> <span class="n">safe_arg</span> +</div> +<div class="viewcode-block" id="_get_options_group"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers._get_options_group">[docs]</a><span class="k">def</span> <span class="nf">_get_options_group</span><span class="p">(</span><span class="n">group</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span> + <span class="sd">"""Get a specific group of options which are allowed."""</span> + + <span class="c">#: These expect a hexidecimal keyid as their argument, and can be parsed</span> + <span class="c">#: with :func:`_is_hex`.</span> + <span class="n">hex_options</span> <span class="o">=</span> <span class="nb">frozenset</span><span class="p">([</span><span class="s">'--check-sigs'</span><span class="p">,</span> + <span class="s">'--default-key'</span><span class="p">,</span> + <span class="s">'--default-recipient'</span><span class="p">,</span> + <span class="s">'--delete-keys'</span><span class="p">,</span> + <span class="s">'--delete-secret-keys'</span><span class="p">,</span> + <span class="s">'--delete-secret-and-public-keys'</span><span class="p">,</span> + <span class="s">'--desig-revoke'</span><span class="p">,</span> + <span class="s">'--export'</span><span class="p">,</span> + <span class="s">'--export-secret-keys'</span><span class="p">,</span> + <span class="s">'--export-secret-subkeys'</span><span class="p">,</span> + <span class="s">'--fingerprint'</span><span class="p">,</span> + <span class="s">'--gen-revoke'</span><span class="p">,</span> + <span class="s">'--list-key'</span><span class="p">,</span> + <span class="s">'--list-keys'</span><span class="p">,</span> + <span class="s">'--list-public-keys'</span><span class="p">,</span> + <span class="s">'--list-secret-keys'</span><span class="p">,</span> + <span class="s">'--list-sigs'</span><span class="p">,</span> + <span class="s">'--recipient'</span><span class="p">,</span> + <span class="s">'--recv-keys'</span><span class="p">,</span> + <span class="s">'--send-keys'</span><span class="p">,</span> + <span class="p">])</span> + <span class="c">#: These options expect value which are left unchecked, though still run</span> + <span class="c">#: through :func:`_fix_unsafe`.</span> + <span class="n">unchecked_options</span> <span class="o">=</span> <span class="nb">frozenset</span><span class="p">([</span><span class="s">'--list-options'</span><span class="p">,</span> + <span class="s">'--passphrase-fd'</span><span class="p">,</span> + <span class="s">'--status-fd'</span><span class="p">,</span> + <span class="s">'--verify-options'</span><span class="p">,</span> + <span class="p">])</span> + <span class="c">#: These have their own parsers and don't really fit into a group</span> + <span class="n">other_options</span> <span class="o">=</span> <span class="nb">frozenset</span><span class="p">([</span><span class="s">'--debug-level'</span><span class="p">,</span> + <span class="s">'--keyserver'</span><span class="p">,</span> + + <span class="p">])</span> + <span class="c">#: These should have a directory for an argument</span> + <span class="n">dir_options</span> <span class="o">=</span> <span class="nb">frozenset</span><span class="p">([</span><span class="s">'--homedir'</span><span class="p">,</span> + <span class="p">])</span> + <span class="c">#: These expect a keyring or keyfile as their argument</span> + <span class="n">keyring_options</span> <span class="o">=</span> <span class="nb">frozenset</span><span class="p">([</span><span class="s">'--keyring'</span><span class="p">,</span> + <span class="s">'--primary-keyring'</span><span class="p">,</span> + <span class="s">'--secret-keyring'</span><span class="p">,</span> + <span class="s">'--trustdb-name'</span><span class="p">,</span> + <span class="p">])</span> + <span class="c">#: These expect a filename (or the contents of a file as a string) or None</span> + <span class="c">#: (meaning that they read from stdin)</span> + <span class="n">file_or_none_options</span> <span class="o">=</span> <span class="nb">frozenset</span><span class="p">([</span><span class="s">'--decrypt'</span><span class="p">,</span> + <span class="s">'--decrypt-files'</span><span class="p">,</span> + <span class="s">'--encrypt'</span><span class="p">,</span> + <span class="s">'--encrypt-files'</span><span class="p">,</span> + <span class="s">'--import'</span><span class="p">,</span> + <span class="s">'--verify'</span><span class="p">,</span> + <span class="s">'--verify-files'</span><span class="p">,</span> + <span class="p">])</span> + <span class="c">#: These options expect a string. see :func:`_check_preferences`.</span> + <span class="n">pref_options</span> <span class="o">=</span> <span class="nb">frozenset</span><span class="p">([</span><span class="s">'--digest-algo'</span><span class="p">,</span> + <span class="s">'--cipher-algo'</span><span class="p">,</span> + <span class="s">'--compress-algo'</span><span class="p">,</span> + <span class="s">'--compression-algo'</span><span class="p">,</span> + <span class="s">'--cert-digest-algo'</span><span class="p">,</span> + <span class="s">'--personal-digest-prefs'</span><span class="p">,</span> + <span class="s">'--personal-digest-preferences'</span><span class="p">,</span> + <span class="s">'--personal-cipher-prefs'</span><span class="p">,</span> + <span class="s">'--personal-cipher-preferences'</span><span class="p">,</span> + <span class="s">'--personal-compress-prefs'</span><span class="p">,</span> + <span class="s">'--personal-compress-preferences'</span><span class="p">,</span> + <span class="s">'--print-md'</span><span class="p">,</span> + <span class="p">])</span> + <span class="c">#: These options expect no arguments</span> + <span class="n">none_options</span> <span class="o">=</span> <span class="nb">frozenset</span><span class="p">([</span><span class="s">'--always-trust'</span><span class="p">,</span> + <span class="s">'--armor'</span><span class="p">,</span> + <span class="s">'--armour'</span><span class="p">,</span> + <span class="s">'--batch'</span><span class="p">,</span> + <span class="s">'--check-sigs'</span><span class="p">,</span> + <span class="s">'--check-trustdb'</span><span class="p">,</span> + <span class="s">'--clearsign'</span><span class="p">,</span> + <span class="s">'--debug-all'</span><span class="p">,</span> + <span class="s">'--default-recipient-self'</span><span class="p">,</span> + <span class="s">'--detach-sign'</span><span class="p">,</span> + <span class="s">'--export'</span><span class="p">,</span> + <span class="s">'--export-ownertrust'</span><span class="p">,</span> + <span class="s">'--export-secret-keys'</span><span class="p">,</span> + <span class="s">'--export-secret-subkeys'</span><span class="p">,</span> + <span class="s">'--fingerprint'</span><span class="p">,</span> + <span class="s">'--fixed-list-mode'</span><span class="p">,</span> + <span class="s">'--gen-key'</span><span class="p">,</span> + <span class="s">'--import-ownertrust'</span><span class="p">,</span> + <span class="s">'--list-config'</span><span class="p">,</span> + <span class="s">'--list-key'</span><span class="p">,</span> + <span class="s">'--list-keys'</span><span class="p">,</span> + <span class="s">'--list-packets'</span><span class="p">,</span> + <span class="s">'--list-public-keys'</span><span class="p">,</span> + <span class="s">'--list-secret-keys'</span><span class="p">,</span> + <span class="s">'--list-sigs'</span><span class="p">,</span> + <span class="s">'--no-default-keyring'</span><span class="p">,</span> + <span class="s">'--no-default-recipient'</span><span class="p">,</span> + <span class="s">'--no-emit-version'</span><span class="p">,</span> + <span class="s">'--no-options'</span><span class="p">,</span> + <span class="s">'--no-tty'</span><span class="p">,</span> + <span class="s">'--no-use-agent'</span><span class="p">,</span> + <span class="s">'--no-verbose'</span><span class="p">,</span> + <span class="s">'--print-mds'</span><span class="p">,</span> + <span class="s">'--quiet'</span><span class="p">,</span> + <span class="s">'--sign'</span><span class="p">,</span> + <span class="s">'--symmetric'</span><span class="p">,</span> + <span class="s">'--use-agent'</span><span class="p">,</span> + <span class="s">'--verbose'</span><span class="p">,</span> + <span class="s">'--version'</span><span class="p">,</span> + <span class="s">'--with-colons'</span><span class="p">,</span> + <span class="s">'--yes'</span><span class="p">,</span> + <span class="p">])</span> + <span class="c">#: These options expect either None or a hex string</span> + <span class="n">hex_or_none_options</span> <span class="o">=</span> <span class="n">hex_options</span><span class="o">.</span><span class="n">intersection</span><span class="p">(</span><span class="n">none_options</span><span class="p">)</span> + <span class="n">allowed</span> <span class="o">=</span> <span class="n">hex_options</span><span class="o">.</span><span class="n">union</span><span class="p">(</span><span class="n">unchecked_options</span><span class="p">,</span> <span class="n">other_options</span><span class="p">,</span> <span class="n">dir_options</span><span class="p">,</span> + <span class="n">keyring_options</span><span class="p">,</span> <span class="n">file_or_none_options</span><span class="p">,</span> + <span class="n">pref_options</span><span class="p">,</span> <span class="n">none_options</span><span class="p">)</span> + + <span class="k">if</span> <span class="n">group</span> <span class="ow">and</span> <span class="n">group</span> <span class="ow">in</span> <span class="nb">locals</span><span class="p">()</span><span class="o">.</span><span class="n">keys</span><span class="p">():</span> + <span class="k">return</span> <span class="nb">locals</span><span class="p">()[</span><span class="n">group</span><span class="p">]</span> +</div> +<div class="viewcode-block" id="_get_all_gnupg_options"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers._get_all_gnupg_options">[docs]</a><span class="k">def</span> <span class="nf">_get_all_gnupg_options</span><span class="p">():</span> + <span class="sd">"""Get all GnuPG options and flags.</span> + +<span class="sd"> This is hardcoded within a local scope to reduce the chance of a tampered</span> +<span class="sd"> GnuPG binary reporting falsified option sets, i.e. because certain options</span> +<span class="sd"> (namedly the ``--no-options`` option, which prevents the usage of gpg.conf</span> +<span class="sd"> files) are necessary and statically specified in</span> +<span class="sd"> :meth:`gnupg._meta.GPGBase._make_args`, if the inputs into Python are</span> +<span class="sd"> already controlled, and we were to summon the GnuPG binary to ask it for</span> +<span class="sd"> its options, it would be possible to receive a falsified options set</span> +<span class="sd"> missing the ``--no-options`` option in response. This seems unlikely, and</span> +<span class="sd"> the method is stupid and ugly, but at least we'll never have to debug</span> +<span class="sd"> whether or not an option *actually* disappeared in a different GnuPG</span> +<span class="sd"> version, or some funny business is happening.</span> + +<span class="sd"> These are the options as of GnuPG 1.4.12; the current stable branch of the</span> +<span class="sd"> 2.1.x tree contains a few more -- if you need them you'll have to add them</span> +<span class="sd"> in here.</span> + +<span class="sd"> :type gnupg_options: frozenset</span> +<span class="sd"> :ivar gnupg_options: All known GPG options and flags.</span> +<span class="sd"> :rtype: frozenset</span> +<span class="sd"> :returns: ``gnupg_options``</span> +<span class="sd"> """</span> + <span class="n">three_hundred_eighteen</span> <span class="o">=</span> <span class="p">(</span><span class="s">"""</span> +<span class="s">--allow-freeform-uid --multifile</span> +<span class="s">--allow-multiple-messages --no</span> +<span class="s">--allow-multisig-verification --no-allow-freeform-uid</span> +<span class="s">--allow-non-selfsigned-uid --no-allow-multiple-messages</span> +<span class="s">--allow-secret-key-import --no-allow-non-selfsigned-uid</span> +<span class="s">--always-trust --no-armor</span> +<span class="s">--armor --no-armour</span> +<span class="s">--armour --no-ask-cert-expire</span> +<span class="s">--ask-cert-expire --no-ask-cert-level</span> +<span class="s">--ask-cert-level --no-ask-sig-expire</span> +<span class="s">--ask-sig-expire --no-auto-check-trustdb</span> +<span class="s">--attribute-fd --no-auto-key-locate</span> +<span class="s">--attribute-file --no-auto-key-retrieve</span> +<span class="s">--auto-check-trustdb --no-batch</span> +<span class="s">--auto-key-locate --no-comments</span> +<span class="s">--auto-key-retrieve --no-default-keyring</span> +<span class="s">--batch --no-default-recipient</span> +<span class="s">--bzip2-compress-level --no-disable-mdc</span> +<span class="s">--bzip2-decompress-lowmem --no-emit-version</span> +<span class="s">--card-edit --no-encrypt-to</span> +<span class="s">--card-status --no-escape-from-lines</span> +<span class="s">--cert-digest-algo --no-expensive-trust-checks</span> +<span class="s">--cert-notation --no-expert</span> +<span class="s">--cert-policy-url --no-force-mdc</span> +<span class="s">--change-pin --no-force-v3-sigs</span> +<span class="s">--charset --no-force-v4-certs</span> +<span class="s">--check-sig --no-for-your-eyes-only</span> +<span class="s">--check-sigs --no-greeting</span> +<span class="s">--check-trustdb --no-groups</span> +<span class="s">--cipher-algo --no-literal</span> +<span class="s">--clearsign --no-mangle-dos-filenames</span> +<span class="s">--command-fd --no-mdc-warning</span> +<span class="s">--command-file --no-options</span> +<span class="s">--comment --no-permission-warning</span> +<span class="s">--completes-needed --no-pgp2</span> +<span class="s">--compress-algo --no-pgp6</span> +<span class="s">--compression-algo --no-pgp7</span> +<span class="s">--compress-keys --no-pgp8</span> +<span class="s">--compress-level --no-random-seed-file</span> +<span class="s">--compress-sigs --no-require-backsigs</span> +<span class="s">--ctapi-driver --no-require-cross-certification</span> +<span class="s">--dearmor --no-require-secmem</span> +<span class="s">--dearmour --no-rfc2440-text</span> +<span class="s">--debug --no-secmem-warning</span> +<span class="s">--debug-all --no-show-notation</span> +<span class="s">--debug-ccid-driver --no-show-photos</span> +<span class="s">--debug-level --no-show-policy-url</span> +<span class="s">--decrypt --no-sig-cache</span> +<span class="s">--decrypt-files --no-sig-create-check</span> +<span class="s">--default-cert-check-level --no-sk-comments</span> +<span class="s">--default-cert-expire --no-strict</span> +<span class="s">--default-cert-level --notation-data</span> +<span class="s">--default-comment --not-dash-escaped</span> +<span class="s">--default-key --no-textmode</span> +<span class="s">--default-keyserver-url --no-throw-keyid</span> +<span class="s">--default-preference-list --no-throw-keyids</span> +<span class="s">--default-recipient --no-tty</span> +<span class="s">--default-recipient-self --no-use-agent</span> +<span class="s">--default-sig-expire --no-use-embedded-filename</span> +<span class="s">--delete-keys --no-utf8-strings</span> +<span class="s">--delete-secret-and-public-keys --no-verbose</span> +<span class="s">--delete-secret-keys --no-version</span> +<span class="s">--desig-revoke --openpgp</span> +<span class="s">--detach-sign --options</span> +<span class="s">--digest-algo --output</span> +<span class="s">--disable-ccid --override-session-key</span> +<span class="s">--disable-cipher-algo --passphrase</span> +<span class="s">--disable-dsa2 --passphrase-fd</span> +<span class="s">--disable-mdc --passphrase-file</span> +<span class="s">--disable-pubkey-algo --passphrase-repeat</span> +<span class="s">--display --pcsc-driver</span> +<span class="s">--display-charset --personal-cipher-preferences</span> +<span class="s">--dry-run --personal-cipher-prefs</span> +<span class="s">--dump-options --personal-compress-preferences</span> +<span class="s">--edit-key --personal-compress-prefs</span> +<span class="s">--emit-version --personal-digest-preferences</span> +<span class="s">--enable-dsa2 --personal-digest-prefs</span> +<span class="s">--enable-progress-filter --pgp2</span> +<span class="s">--enable-special-filenames --pgp6</span> +<span class="s">--enarmor --pgp7</span> +<span class="s">--enarmour --pgp8</span> +<span class="s">--encrypt --photo-viewer</span> +<span class="s">--encrypt-files --pipemode</span> +<span class="s">--encrypt-to --preserve-permissions</span> +<span class="s">--escape-from-lines --primary-keyring</span> +<span class="s">--exec-path --print-md</span> +<span class="s">--exit-on-status-write-error --print-mds</span> +<span class="s">--expert --quick-random</span> +<span class="s">--export --quiet</span> +<span class="s">--export-options --reader-port</span> +<span class="s">--export-ownertrust --rebuild-keydb-caches</span> +<span class="s">--export-secret-keys --recipient</span> +<span class="s">--export-secret-subkeys --recv-keys</span> +<span class="s">--fast-import --refresh-keys</span> +<span class="s">--fast-list-mode --remote-user</span> +<span class="s">--fetch-keys --require-backsigs</span> +<span class="s">--fingerprint --require-cross-certification</span> +<span class="s">--fixed-list-mode --require-secmem</span> +<span class="s">--fix-trustdb --rfc1991</span> +<span class="s">--force-mdc --rfc2440</span> +<span class="s">--force-ownertrust --rfc2440-text</span> +<span class="s">--force-v3-sigs --rfc4880</span> +<span class="s">--force-v4-certs --run-as-shm-coprocess</span> +<span class="s">--for-your-eyes-only --s2k-cipher-algo</span> +<span class="s">--gen-key --s2k-count</span> +<span class="s">--gen-prime --s2k-digest-algo</span> +<span class="s">--gen-random --s2k-mode</span> +<span class="s">--gen-revoke --search-keys</span> +<span class="s">--gnupg --secret-keyring</span> +<span class="s">--gpg-agent-info --send-keys</span> +<span class="s">--gpgconf-list --set-filename</span> +<span class="s">--gpgconf-test --set-filesize</span> +<span class="s">--group --set-notation</span> +<span class="s">--help --set-policy-url</span> +<span class="s">--hidden-encrypt-to --show-keyring</span> +<span class="s">--hidden-recipient --show-notation</span> +<span class="s">--homedir --show-photos</span> +<span class="s">--honor-http-proxy --show-policy-url</span> +<span class="s">--ignore-crc-error --show-session-key</span> +<span class="s">--ignore-mdc-error --sig-keyserver-url</span> +<span class="s">--ignore-time-conflict --sign</span> +<span class="s">--ignore-valid-from --sign-key</span> +<span class="s">--import --sig-notation</span> +<span class="s">--import-options --sign-with</span> +<span class="s">--import-ownertrust --sig-policy-url</span> +<span class="s">--interactive --simple-sk-checksum</span> +<span class="s">--keyid-format --sk-comments</span> +<span class="s">--keyring --skip-verify</span> +<span class="s">--keyserver --status-fd</span> +<span class="s">--keyserver-options --status-file</span> +<span class="s">--lc-ctype --store</span> +<span class="s">--lc-messages --strict</span> +<span class="s">--limit-card-insert-tries --symmetric</span> +<span class="s">--list-config --temp-directory</span> +<span class="s">--list-key --textmode</span> +<span class="s">--list-keys --throw-keyid</span> +<span class="s">--list-only --throw-keyids</span> +<span class="s">--list-options --trustdb-name</span> +<span class="s">--list-ownertrust --trusted-key</span> +<span class="s">--list-packets --trust-model</span> +<span class="s">--list-public-keys --try-all-secrets</span> +<span class="s">--list-secret-keys --ttyname</span> +<span class="s">--list-sig --ttytype</span> +<span class="s">--list-sigs --ungroup</span> +<span class="s">--list-trustdb --update-trustdb</span> +<span class="s">--load-extension --use-agent</span> +<span class="s">--local-user --use-embedded-filename</span> +<span class="s">--lock-multiple --user</span> +<span class="s">--lock-never --utf8-strings</span> +<span class="s">--lock-once --verbose</span> +<span class="s">--logger-fd --verify</span> +<span class="s">--logger-file --verify-files</span> +<span class="s">--lsign-key --verify-options</span> +<span class="s">--mangle-dos-filenames --version</span> +<span class="s">--marginals-needed --warranty</span> +<span class="s">--max-cert-depth --with-colons</span> +<span class="s">--max-output --with-fingerprint</span> +<span class="s">--merge-only --with-key-data</span> +<span class="s">--min-cert-level --yes</span> +<span class="s">"""</span><span class="p">)</span><span class="o">.</span><span class="n">split</span><span class="p">()</span> + + <span class="c"># These are extra options which only exist for GnuPG>=2.0.0</span> + <span class="n">three_hundred_eighteen</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">'--export-ownertrust'</span><span class="p">)</span> + <span class="n">three_hundred_eighteen</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">'--import-ownertrust'</span><span class="p">)</span> + + <span class="n">gnupg_options</span> <span class="o">=</span> <span class="nb">frozenset</span><span class="p">(</span><span class="n">three_hundred_eighteen</span><span class="p">)</span> + <span class="k">return</span> <span class="n">gnupg_options</span> +</div> +<div class="viewcode-block" id="nodata"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.nodata">[docs]</a><span class="k">def</span> <span class="nf">nodata</span><span class="p">(</span><span class="n">status_code</span><span class="p">):</span> + <span class="sd">"""Translate NODATA status codes from GnuPG to messages."""</span> + <span class="n">lookup</span> <span class="o">=</span> <span class="p">{</span> + <span class="s">'1'</span><span class="p">:</span> <span class="s">'No armored data.'</span><span class="p">,</span> + <span class="s">'2'</span><span class="p">:</span> <span class="s">'Expected a packet but did not find one.'</span><span class="p">,</span> + <span class="s">'3'</span><span class="p">:</span> <span class="s">'Invalid packet found, this may indicate a non OpenPGP message.'</span><span class="p">,</span> + <span class="s">'4'</span><span class="p">:</span> <span class="s">'Signature expected but not found.'</span> <span class="p">}</span> + <span class="k">for</span> <span class="n">key</span><span class="p">,</span> <span class="n">value</span> <span class="ow">in</span> <span class="n">lookup</span><span class="o">.</span><span class="n">items</span><span class="p">():</span> + <span class="k">if</span> <span class="nb">str</span><span class="p">(</span><span class="n">status_code</span><span class="p">)</span> <span class="o">==</span> <span class="n">key</span><span class="p">:</span> + <span class="k">return</span> <span class="n">value</span> +</div> +<div class="viewcode-block" id="progress"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.progress">[docs]</a><span class="k">def</span> <span class="nf">progress</span><span class="p">(</span><span class="n">status_code</span><span class="p">):</span> + <span class="sd">"""Translate PROGRESS status codes from GnuPG to messages."""</span> + <span class="n">lookup</span> <span class="o">=</span> <span class="p">{</span> + <span class="s">'pk_dsa'</span><span class="p">:</span> <span class="s">'DSA key generation'</span><span class="p">,</span> + <span class="s">'pk_elg'</span><span class="p">:</span> <span class="s">'Elgamal key generation'</span><span class="p">,</span> + <span class="s">'primegen'</span><span class="p">:</span> <span class="s">'Prime generation'</span><span class="p">,</span> + <span class="s">'need_entropy'</span><span class="p">:</span> <span class="s">'Waiting for new entropy in the RNG'</span><span class="p">,</span> + <span class="s">'tick'</span><span class="p">:</span> <span class="s">'Generic tick without any special meaning - still working.'</span><span class="p">,</span> + <span class="s">'starting_agent'</span><span class="p">:</span> <span class="s">'A gpg-agent was started.'</span><span class="p">,</span> + <span class="s">'learncard'</span><span class="p">:</span> <span class="s">'gpg-agent or gpgsm is learning the smartcard data.'</span><span class="p">,</span> + <span class="s">'card_busy'</span><span class="p">:</span> <span class="s">'A smartcard is still working.'</span> <span class="p">}</span> + <span class="k">for</span> <span class="n">key</span><span class="p">,</span> <span class="n">value</span> <span class="ow">in</span> <span class="n">lookup</span><span class="o">.</span><span class="n">items</span><span class="p">():</span> + <span class="k">if</span> <span class="nb">str</span><span class="p">(</span><span class="n">status_code</span><span class="p">)</span> <span class="o">==</span> <span class="n">key</span><span class="p">:</span> + <span class="k">return</span> <span class="n">value</span> + +</div> +<div class="viewcode-block" id="GenKey"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.GenKey">[docs]</a><span class="k">class</span> <span class="nc">GenKey</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span> + <span class="sd">"""Handle status messages for key generation.</span> + +<span class="sd"> Calling the ``__str__()`` method of this class will return the generated</span> +<span class="sd"> key's fingerprint, or a status string explaining the results.</span> +<span class="sd"> """</span> + <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">gpg</span><span class="p">):</span> + <span class="bp">self</span><span class="o">.</span><span class="n">_gpg</span> <span class="o">=</span> <span class="n">gpg</span> + <span class="c">## this should get changed to something more useful, like 'key_type'</span> + <span class="c">#: 'P':= primary, 'S':= subkey, 'B':= both</span> + <span class="bp">self</span><span class="o">.</span><span class="n">type</span> <span class="o">=</span> <span class="bp">None</span> + <span class="bp">self</span><span class="o">.</span><span class="n">fingerprint</span> <span class="o">=</span> <span class="bp">None</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="bp">None</span> + <span class="bp">self</span><span class="o">.</span><span class="n">subkey_created</span> <span class="o">=</span> <span class="bp">False</span> + <span class="bp">self</span><span class="o">.</span><span class="n">primary_created</span> <span class="o">=</span> <span class="bp">False</span> + <span class="c">#: This will store the key's public keyring filename, if</span> + <span class="c">#: :meth:`~gnupg.GPG.gen_key_input` was called with</span> + <span class="c">#: ``separate_keyring=True``.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">keyring</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: This will store the key's secret keyring filename, if :</span> + <span class="c">#: :meth:`~gnupg.GPG.gen_key_input` was called with</span> + <span class="c">#: ``separate_keyring=True``.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">secring</span> <span class="o">=</span> <span class="bp">None</span> + + <span class="k">def</span> <span class="nf">__nonzero__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> + <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">fingerprint</span><span class="p">:</span> <span class="k">return</span> <span class="bp">True</span> + <span class="k">return</span> <span class="bp">False</span> + <span class="n">__bool__</span> <span class="o">=</span> <span class="n">__nonzero__</span> + + <span class="k">def</span> <span class="nf">__str__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> + <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">fingerprint</span><span class="p">:</span> + <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">fingerprint</span> + <span class="k">else</span><span class="p">:</span> + <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span> + <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">status</span> + <span class="k">else</span><span class="p">:</span> + <span class="k">return</span> <span class="bp">False</span> + +<div class="viewcode-block" id="GenKey._handle_status"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.GenKey._handle_status">[docs]</a> <span class="k">def</span> <span class="nf">_handle_status</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> + <span class="sd">"""Parse a status code from the attached GnuPG process.</span> + +<span class="sd"> :raises: :exc:`~exceptions.ValueError` if the status message is unknown.</span> +<span class="sd"> """</span> + <span class="k">if</span> <span class="n">key</span> <span class="ow">in</span> <span class="p">(</span><span class="s">"GOOD_PASSPHRASE"</span><span class="p">):</span> + <span class="k">pass</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"KEY_NOT_CREATED"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'key not created'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"KEY_CREATED"</span><span class="p">:</span> + <span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">type</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">fingerprint</span><span class="p">)</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">()</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'key created'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"NODATA"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="n">nodata</span><span class="p">(</span><span class="n">value</span><span class="p">)</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"PROGRESS"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="n">progress</span><span class="p">(</span><span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s">' '</span><span class="p">,</span> <span class="mi">1</span><span class="p">)[</span><span class="mi">0</span><span class="p">])</span> + <span class="k">else</span><span class="p">:</span> + <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s">"Unknown status message: </span><span class="si">%r</span><span class="s">"</span> <span class="o">%</span> <span class="n">key</span><span class="p">)</span> + + <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">type</span> <span class="ow">in</span> <span class="p">(</span><span class="s">'B'</span><span class="p">,</span> <span class="s">'P'</span><span class="p">):</span> + <span class="bp">self</span><span class="o">.</span><span class="n">primary_created</span> <span class="o">=</span> <span class="bp">True</span> + <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">type</span> <span class="ow">in</span> <span class="p">(</span><span class="s">'B'</span><span class="p">,</span> <span class="s">'S'</span><span class="p">):</span> + <span class="bp">self</span><span class="o">.</span><span class="n">subkey_created</span> <span class="o">=</span> <span class="bp">True</span> +</div></div> +<div class="viewcode-block" id="DeleteResult"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.DeleteResult">[docs]</a><span class="k">class</span> <span class="nc">DeleteResult</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span> + <span class="sd">"""Handle status messages for --delete-keys and --delete-secret-keys"""</span> + <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">gpg</span><span class="p">):</span> + <span class="bp">self</span><span class="o">.</span><span class="n">_gpg</span> <span class="o">=</span> <span class="n">gpg</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'ok'</span> + + <span class="k">def</span> <span class="nf">__str__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> + <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">status</span> + + <span class="n">problem_reason</span> <span class="o">=</span> <span class="p">{</span> <span class="s">'1'</span><span class="p">:</span> <span class="s">'No such key'</span><span class="p">,</span> + <span class="s">'2'</span><span class="p">:</span> <span class="s">'Must delete secret key first'</span><span class="p">,</span> + <span class="s">'3'</span><span class="p">:</span> <span class="s">'Ambigious specification'</span><span class="p">,</span> <span class="p">}</span> + +<div class="viewcode-block" id="DeleteResult._handle_status"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.DeleteResult._handle_status">[docs]</a> <span class="k">def</span> <span class="nf">_handle_status</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> + <span class="sd">"""Parse a status code from the attached GnuPG process.</span> + +<span class="sd"> :raises: :exc:`~exceptions.ValueError` if the status message is unknown.</span> +<span class="sd"> """</span> + <span class="k">if</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"DELETE_PROBLEM"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">problem_reason</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">value</span><span class="p">,</span> <span class="s">"Unknown error: </span><span class="si">%r</span><span class="s">"</span> + <span class="o">%</span> <span class="n">value</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> + <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s">"Unknown status message: </span><span class="si">%r</span><span class="s">"</span> <span class="o">%</span> <span class="n">key</span><span class="p">)</span> +</div></div> +<div class="viewcode-block" id="Sign"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.Sign">[docs]</a><span class="k">class</span> <span class="nc">Sign</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span> + <span class="sd">"""Parse GnuPG status messages for signing operations.</span> + +<span class="sd"> :param gpg: An instance of :class:`gnupg.GPG`.</span> +<span class="sd"> """</span> + + <span class="c">#: The type of signature created.</span> + <span class="n">sig_type</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The algorithm used to create the signature.</span> + <span class="n">sig_algo</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The hash algorithm used to create the signature.</span> + <span class="n">sig_hash_also</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The fingerprint of the signing keyid.</span> + <span class="n">fingerprint</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The timestamp on the signature.</span> + <span class="n">timestamp</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: xxx fill me in</span> + <span class="n">what</span> <span class="o">=</span> <span class="bp">None</span> + + <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">gpg</span><span class="p">):</span> + <span class="bp">self</span><span class="o">.</span><span class="n">_gpg</span> <span class="o">=</span> <span class="n">gpg</span> + + <span class="k">def</span> <span class="nf">__nonzero__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> + <span class="sd">"""Override the determination for truthfulness evaluation.</span> + +<span class="sd"> :rtype: bool</span> +<span class="sd"> :returns: True if we have a valid signature, False otherwise.</span> +<span class="sd"> """</span> + <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">fingerprint</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span> + <span class="n">__bool__</span> <span class="o">=</span> <span class="n">__nonzero__</span> + + <span class="k">def</span> <span class="nf">__str__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> + <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">data</span><span class="o">.</span><span class="n">decode</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_gpg</span><span class="o">.</span><span class="n">_encoding</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">_gpg</span><span class="o">.</span><span class="n">_decode_errors</span><span class="p">)</span> + +<div class="viewcode-block" id="Sign._handle_status"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.Sign._handle_status">[docs]</a> <span class="k">def</span> <span class="nf">_handle_status</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> + <span class="sd">"""Parse a status code from the attached GnuPG process.</span> + +<span class="sd"> :raises: :exc:`~exceptions.ValueError` if the status message is unknown.</span> +<span class="sd"> """</span> + <span class="k">if</span> <span class="n">key</span> <span class="ow">in</span> <span class="p">(</span><span class="s">"USERID_HINT"</span><span class="p">,</span> <span class="s">"NEED_PASSPHRASE"</span><span class="p">,</span> <span class="s">"BAD_PASSPHRASE"</span><span class="p">,</span> + <span class="s">"GOOD_PASSPHRASE"</span><span class="p">,</span> <span class="s">"BEGIN_SIGNING"</span><span class="p">,</span> <span class="s">"CARDCTRL"</span><span class="p">,</span> + <span class="s">"INV_SGNR"</span><span class="p">,</span> <span class="s">"SIGEXPIRED"</span><span class="p">):</span> + <span class="k">pass</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"SIG_CREATED"</span><span class="p">:</span> + <span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">sig_type</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">sig_algo</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">sig_hash_algo</span><span class="p">,</span> + <span class="bp">self</span><span class="o">.</span><span class="n">what</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">timestamp</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">fingerprint</span><span class="p">)</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">()</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"KEYEXPIRED"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">"skipped signing key, key expired"</span> + <span class="k">if</span> <span class="p">(</span><span class="n">value</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">)</span> <span class="ow">and</span> <span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="n">value</span><span class="p">)</span> <span class="o">></span> <span class="mi">0</span><span class="p">):</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">+=</span> <span class="s">" on {}"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="nb">str</span><span class="p">(</span><span class="n">value</span><span class="p">))</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"KEYREVOKED"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">"skipped signing key, key revoked"</span> + <span class="k">if</span> <span class="p">(</span><span class="n">value</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">)</span> <span class="ow">and</span> <span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="n">value</span><span class="p">)</span> <span class="o">></span> <span class="mi">0</span><span class="p">):</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">+=</span> <span class="s">" on {}"</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="nb">str</span><span class="p">(</span><span class="n">value</span><span class="p">))</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"NODATA"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="n">nodata</span><span class="p">(</span><span class="n">value</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> + <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s">"Unknown status message: </span><span class="si">%r</span><span class="s">"</span> <span class="o">%</span> <span class="n">key</span><span class="p">)</span> +</div></div> +<div class="viewcode-block" id="ListKeys"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.ListKeys">[docs]</a><span class="k">class</span> <span class="nc">ListKeys</span><span class="p">(</span><span class="nb">list</span><span class="p">):</span> + <span class="sd">"""Handle status messages for --list-keys.</span> + +<span class="sd"> Handles pub and uid (relating the latter to the former). Don't care about</span> +<span class="sd"> the following attributes/status messages (from doc/DETAILS):</span> + +<span class="sd"> | crt = X.509 certificate</span> +<span class="sd"> | crs = X.509 certificate and private key available</span> +<span class="sd"> | ssb = secret subkey (secondary key)</span> +<span class="sd"> | uat = user attribute (same as user id except for field 10).</span> +<span class="sd"> | sig = signature</span> +<span class="sd"> | rev = revocation signature</span> +<span class="sd"> | pkd = public key data (special field format, see below)</span> +<span class="sd"> | grp = reserved for gpgsm</span> +<span class="sd"> | rvk = revocation key</span> +<span class="sd"> """</span> + + <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">gpg</span><span class="p">):</span> + <span class="nb">super</span><span class="p">(</span><span class="n">ListKeys</span><span class="p">,</span> <span class="bp">self</span><span class="p">)</span><span class="o">.</span><span class="n">__init__</span><span class="p">()</span> + <span class="bp">self</span><span class="o">.</span><span class="n">_gpg</span> <span class="o">=</span> <span class="n">gpg</span> + <span class="bp">self</span><span class="o">.</span><span class="n">curkey</span> <span class="o">=</span> <span class="bp">None</span> + <span class="bp">self</span><span class="o">.</span><span class="n">fingerprints</span> <span class="o">=</span> <span class="p">[]</span> + <span class="bp">self</span><span class="o">.</span><span class="n">uids</span> <span class="o">=</span> <span class="p">[]</span> + +<div class="viewcode-block" id="ListKeys.key"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.ListKeys.key">[docs]</a> <span class="k">def</span> <span class="nf">key</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">args</span><span class="p">):</span> + <span class="nb">vars</span> <span class="o">=</span> <span class="p">(</span><span class="s">"""</span> +<span class="s"> type trust length algo keyid date expires dummy ownertrust uid</span> +<span class="s"> """</span><span class="p">)</span><span class="o">.</span><span class="n">split</span><span class="p">()</span> + <span class="bp">self</span><span class="o">.</span><span class="n">curkey</span> <span class="o">=</span> <span class="p">{}</span> + <span class="k">for</span> <span class="n">i</span> <span class="ow">in</span> <span class="nb">range</span><span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="nb">vars</span><span class="p">)):</span> + <span class="bp">self</span><span class="o">.</span><span class="n">curkey</span><span class="p">[</span><span class="nb">vars</span><span class="p">[</span><span class="n">i</span><span class="p">]]</span> <span class="o">=</span> <span class="n">args</span><span class="p">[</span><span class="n">i</span><span class="p">]</span> + <span class="bp">self</span><span class="o">.</span><span class="n">curkey</span><span class="p">[</span><span class="s">'uids'</span><span class="p">]</span> <span class="o">=</span> <span class="p">[]</span> + <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">curkey</span><span class="p">[</span><span class="s">'uid'</span><span class="p">]:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">curkey</span><span class="p">[</span><span class="s">'uids'</span><span class="p">]</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">curkey</span><span class="p">[</span><span class="s">'uid'</span><span class="p">])</span> + <span class="k">del</span> <span class="bp">self</span><span class="o">.</span><span class="n">curkey</span><span class="p">[</span><span class="s">'uid'</span><span class="p">]</span> + <span class="bp">self</span><span class="o">.</span><span class="n">curkey</span><span class="p">[</span><span class="s">'subkeys'</span><span class="p">]</span> <span class="o">=</span> <span class="p">[]</span> + <span class="bp">self</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">curkey</span><span class="p">)</span> +</div> + <span class="n">pub</span> <span class="o">=</span> <span class="n">sec</span> <span class="o">=</span> <span class="n">key</span> + +<div class="viewcode-block" id="ListKeys.fpr"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.ListKeys.fpr">[docs]</a> <span class="k">def</span> <span class="nf">fpr</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">args</span><span class="p">):</span> + <span class="bp">self</span><span class="o">.</span><span class="n">curkey</span><span class="p">[</span><span class="s">'fingerprint'</span><span class="p">]</span> <span class="o">=</span> <span class="n">args</span><span class="p">[</span><span class="mi">9</span><span class="p">]</span> + <span class="bp">self</span><span class="o">.</span><span class="n">fingerprints</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">args</span><span class="p">[</span><span class="mi">9</span><span class="p">])</span> +</div> +<div class="viewcode-block" id="ListKeys.uid"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.ListKeys.uid">[docs]</a> <span class="k">def</span> <span class="nf">uid</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">args</span><span class="p">):</span> + <span class="n">uid</span> <span class="o">=</span> <span class="n">args</span><span class="p">[</span><span class="mi">9</span><span class="p">]</span> + <span class="n">uid</span> <span class="o">=</span> <span class="n">ESCAPE_PATTERN</span><span class="o">.</span><span class="n">sub</span><span class="p">(</span><span class="k">lambda</span> <span class="n">m</span><span class="p">:</span> <span class="nb">chr</span><span class="p">(</span><span class="nb">int</span><span class="p">(</span><span class="n">m</span><span class="o">.</span><span class="n">group</span><span class="p">(</span><span class="mi">1</span><span class="p">),</span> <span class="mi">16</span><span class="p">)),</span> <span class="n">uid</span><span class="p">)</span> + <span class="bp">self</span><span class="o">.</span><span class="n">curkey</span><span class="p">[</span><span class="s">'uids'</span><span class="p">]</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">uid</span><span class="p">)</span> + <span class="bp">self</span><span class="o">.</span><span class="n">uids</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">uid</span><span class="p">)</span> +</div> +<div class="viewcode-block" id="ListKeys.sub"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.ListKeys.sub">[docs]</a> <span class="k">def</span> <span class="nf">sub</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">args</span><span class="p">):</span> + <span class="n">subkey</span> <span class="o">=</span> <span class="p">[</span><span class="n">args</span><span class="p">[</span><span class="mi">4</span><span class="p">],</span> <span class="n">args</span><span class="p">[</span><span class="mi">11</span><span class="p">]]</span> + <span class="bp">self</span><span class="o">.</span><span class="n">curkey</span><span class="p">[</span><span class="s">'subkeys'</span><span class="p">]</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">subkey</span><span class="p">)</span> +</div> +<div class="viewcode-block" id="ListKeys._handle_status"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.ListKeys._handle_status">[docs]</a> <span class="k">def</span> <span class="nf">_handle_status</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> + <span class="k">pass</span> + +</div></div> +<div class="viewcode-block" id="ImportResult"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.ImportResult">[docs]</a><span class="k">class</span> <span class="nc">ImportResult</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span> + <span class="sd">"""Parse GnuPG status messages for key import operations.</span> + +<span class="sd"> :type gpg: :class:`gnupg.GPG`</span> +<span class="sd"> :param gpg: An instance of :class:`gnupg.GPG`.</span> +<span class="sd"> """</span> + <span class="n">_ok_reason</span> <span class="o">=</span> <span class="p">{</span><span class="s">'0'</span><span class="p">:</span> <span class="s">'Not actually changed'</span><span class="p">,</span> + <span class="s">'1'</span><span class="p">:</span> <span class="s">'Entirely new key'</span><span class="p">,</span> + <span class="s">'2'</span><span class="p">:</span> <span class="s">'New user IDs'</span><span class="p">,</span> + <span class="s">'4'</span><span class="p">:</span> <span class="s">'New signatures'</span><span class="p">,</span> + <span class="s">'8'</span><span class="p">:</span> <span class="s">'New subkeys'</span><span class="p">,</span> + <span class="s">'16'</span><span class="p">:</span> <span class="s">'Contains private key'</span><span class="p">,</span> + <span class="s">'17'</span><span class="p">:</span> <span class="s">'Contains private key'</span><span class="p">,}</span> + + <span class="n">_problem_reason</span> <span class="o">=</span> <span class="p">{</span> <span class="s">'0'</span><span class="p">:</span> <span class="s">'No specific reason given'</span><span class="p">,</span> + <span class="s">'1'</span><span class="p">:</span> <span class="s">'Invalid Certificate'</span><span class="p">,</span> + <span class="s">'2'</span><span class="p">:</span> <span class="s">'Issuer Certificate missing'</span><span class="p">,</span> + <span class="s">'3'</span><span class="p">:</span> <span class="s">'Certificate Chain too long'</span><span class="p">,</span> + <span class="s">'4'</span><span class="p">:</span> <span class="s">'Error storing certificate'</span><span class="p">,</span> <span class="p">}</span> + + <span class="n">_fields</span> <span class="o">=</span> <span class="s">'''count no_user_id imported imported_rsa unchanged</span> +<span class="s"> n_uids n_subk n_sigs n_revoc sec_read sec_imported sec_dups</span> +<span class="s"> not_imported'''</span><span class="o">.</span><span class="n">split</span><span class="p">()</span> + <span class="n">_counts</span> <span class="o">=</span> <span class="n">OrderedDict</span><span class="p">(</span> + <span class="nb">zip</span><span class="p">(</span><span class="n">_fields</span><span class="p">,</span> <span class="p">[</span><span class="nb">int</span><span class="p">(</span><span class="mi">0</span><span class="p">)</span> <span class="k">for</span> <span class="n">x</span> <span class="ow">in</span> <span class="nb">range</span><span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="n">_fields</span><span class="p">))])</span> <span class="p">)</span> + + <span class="c">#: A list of strings containing the fingerprints of the GnuPG keyIDs</span> + <span class="c">#: imported.</span> + <span class="n">fingerprints</span> <span class="o">=</span> <span class="nb">list</span><span class="p">()</span> + + <span class="c">#: A list containing dictionaries with information gathered on keys</span> + <span class="c">#: imported.</span> + <span class="n">results</span> <span class="o">=</span> <span class="nb">list</span><span class="p">()</span> + + <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">gpg</span><span class="p">):</span> + <span class="bp">self</span><span class="o">.</span><span class="n">_gpg</span> <span class="o">=</span> <span class="n">gpg</span> + <span class="bp">self</span><span class="o">.</span><span class="n">counts</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_counts</span> + + <span class="k">def</span> <span class="nf">__nonzero__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> + <span class="sd">"""Override the determination for truthfulness evaluation.</span> + +<span class="sd"> :rtype: bool</span> +<span class="sd"> :returns: True if we have immport some keys, False otherwise.</span> +<span class="sd"> """</span> + <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">counts</span><span class="o">.</span><span class="n">not_imported</span> <span class="o">></span> <span class="mi">0</span><span class="p">:</span> <span class="k">return</span> <span class="bp">False</span> + <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">fingerprints</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span> <span class="k">return</span> <span class="bp">False</span> + <span class="k">return</span> <span class="bp">True</span> + <span class="n">__bool__</span> <span class="o">=</span> <span class="n">__nonzero__</span> + +<div class="viewcode-block" id="ImportResult._handle_status"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.ImportResult._handle_status">[docs]</a> <span class="k">def</span> <span class="nf">_handle_status</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> + <span class="sd">"""Parse a status code from the attached GnuPG process.</span> + +<span class="sd"> :raises: :exc:`~exceptions.ValueError` if the status message is unknown.</span> +<span class="sd"> """</span> + <span class="k">if</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"IMPORTED"</span><span class="p">:</span> + <span class="c"># this duplicates info we already see in import_ok & import_problem</span> + <span class="k">pass</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"NODATA"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">results</span><span class="o">.</span><span class="n">append</span><span class="p">({</span><span class="s">'fingerprint'</span><span class="p">:</span> <span class="bp">None</span><span class="p">,</span> + <span class="s">'status'</span><span class="p">:</span> <span class="s">'No valid data found'</span><span class="p">})</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"IMPORT_OK"</span><span class="p">:</span> + <span class="n">reason</span><span class="p">,</span> <span class="n">fingerprint</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">()</span> + <span class="n">reasons</span> <span class="o">=</span> <span class="p">[]</span> + <span class="k">for</span> <span class="n">code</span><span class="p">,</span> <span class="n">text</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_ok_reason</span><span class="o">.</span><span class="n">items</span><span class="p">():</span> + <span class="k">if</span> <span class="nb">int</span><span class="p">(</span><span class="n">reason</span><span class="p">)</span> <span class="o">==</span> <span class="nb">int</span><span class="p">(</span><span class="n">code</span><span class="p">):</span> + <span class="n">reasons</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">text</span><span class="p">)</span> + <span class="n">reasontext</span> <span class="o">=</span> <span class="s">'</span><span class="se">\n</span><span class="s">'</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">reasons</span><span class="p">)</span> <span class="o">+</span> <span class="s">"</span><span class="se">\n</span><span class="s">"</span> + <span class="bp">self</span><span class="o">.</span><span class="n">results</span><span class="o">.</span><span class="n">append</span><span class="p">({</span><span class="s">'fingerprint'</span><span class="p">:</span> <span class="n">fingerprint</span><span class="p">,</span> + <span class="s">'status'</span><span class="p">:</span> <span class="n">reasontext</span><span class="p">})</span> + <span class="bp">self</span><span class="o">.</span><span class="n">fingerprints</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">fingerprint</span><span class="p">)</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"IMPORT_PROBLEM"</span><span class="p">:</span> + <span class="k">try</span><span class="p">:</span> + <span class="n">reason</span><span class="p">,</span> <span class="n">fingerprint</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">()</span> + <span class="k">except</span><span class="p">:</span> + <span class="n">reason</span> <span class="o">=</span> <span class="n">value</span> + <span class="n">fingerprint</span> <span class="o">=</span> <span class="s">'<unknown>'</span> + <span class="bp">self</span><span class="o">.</span><span class="n">results</span><span class="o">.</span><span class="n">append</span><span class="p">({</span><span class="s">'fingerprint'</span><span class="p">:</span> <span class="n">fingerprint</span><span class="p">,</span> + <span class="s">'status'</span><span class="p">:</span> <span class="bp">self</span><span class="o">.</span><span class="n">_problem_reason</span><span class="p">[</span><span class="n">reason</span><span class="p">]})</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"IMPORT_RES"</span><span class="p">:</span> + <span class="n">import_res</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">()</span> + <span class="k">for</span> <span class="n">x</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">counts</span><span class="o">.</span><span class="n">keys</span><span class="p">():</span> + <span class="bp">self</span><span class="o">.</span><span class="n">counts</span><span class="p">[</span><span class="n">x</span><span class="p">]</span> <span class="o">=</span> <span class="nb">int</span><span class="p">(</span><span class="n">import_res</span><span class="o">.</span><span class="n">pop</span><span class="p">(</span><span class="mi">0</span><span class="p">))</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"KEYEXPIRED"</span><span class="p">:</span> + <span class="n">res</span> <span class="o">=</span> <span class="p">{</span><span class="s">'fingerprint'</span><span class="p">:</span> <span class="bp">None</span><span class="p">,</span> + <span class="s">'status'</span><span class="p">:</span> <span class="s">'Key expired'</span><span class="p">}</span> + <span class="bp">self</span><span class="o">.</span><span class="n">results</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">res</span><span class="p">)</span> + <span class="c">## Accoring to docs/DETAILS L859, SIGEXPIRED is obsolete:</span> + <span class="c">## "Removed on 2011-02-04. This is deprecated in favor of KEYEXPIRED."</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"SIGEXPIRED"</span><span class="p">:</span> + <span class="n">res</span> <span class="o">=</span> <span class="p">{</span><span class="s">'fingerprint'</span><span class="p">:</span> <span class="bp">None</span><span class="p">,</span> + <span class="s">'status'</span><span class="p">:</span> <span class="s">'Signature expired'</span><span class="p">}</span> + <span class="bp">self</span><span class="o">.</span><span class="n">results</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">res</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> + <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s">"Unknown status message: </span><span class="si">%r</span><span class="s">"</span> <span class="o">%</span> <span class="n">key</span><span class="p">)</span> +</div> +<div class="viewcode-block" id="ImportResult.summary"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.ImportResult.summary">[docs]</a> <span class="k">def</span> <span class="nf">summary</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> + <span class="n">l</span> <span class="o">=</span> <span class="p">[]</span> + <span class="n">l</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">'</span><span class="si">%d</span><span class="s"> imported'</span> <span class="o">%</span> <span class="bp">self</span><span class="o">.</span><span class="n">counts</span><span class="p">[</span><span class="s">'imported'</span><span class="p">])</span> + <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">counts</span><span class="p">[</span><span class="s">'not_imported'</span><span class="p">]:</span> + <span class="n">l</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">'</span><span class="si">%d</span><span class="s"> not imported'</span> <span class="o">%</span> <span class="bp">self</span><span class="o">.</span><span class="n">counts</span><span class="p">[</span><span class="s">'not_imported'</span><span class="p">])</span> + <span class="k">return</span> <span class="s">', '</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">l</span><span class="p">)</span> + +</div></div> +<div class="viewcode-block" id="Verify"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.Verify">[docs]</a><span class="k">class</span> <span class="nc">Verify</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span> + <span class="sd">"""Parser for status messages from GnuPG for certifications and signature</span> +<span class="sd"> verifications.</span> + +<span class="sd"> People often mix these up, or think that they are the same thing. While it</span> +<span class="sd"> is true that certifications and signatures *are* the same cryptographic</span> +<span class="sd"> operation -- and also true that both are the same as the decryption</span> +<span class="sd"> operation -- a distinction is made for important reasons.</span> + +<span class="sd"> A certification:</span> +<span class="sd"> * is made on a key,</span> +<span class="sd"> * can help to validate or invalidate the key owner's identity,</span> +<span class="sd"> * can assign trust levels to the key (or to uids and/or subkeys that</span> +<span class="sd"> the key contains),</span> +<span class="sd"> * and can be used in absense of in-person fingerprint checking to try</span> +<span class="sd"> to build a path (through keys whose fingerprints have been checked)</span> +<span class="sd"> to the key, so that the identity of the key's owner can be more</span> +<span class="sd"> reliable without having to actually physically meet in person.</span> + +<span class="sd"> A signature:</span> +<span class="sd"> * is created for a file or other piece of data,</span> +<span class="sd"> * can help to prove that the data hasn't been altered,</span> +<span class="sd"> * and can help to prove that the data was sent by the person(s) in</span> +<span class="sd"> possession of the private key that created the signature, and for</span> +<span class="sd"> parsing portions of status messages from decryption operations.</span> + +<span class="sd"> There are probably other things unique to each that have been</span> +<span class="sd"> scatterbrainedly omitted due to the programmer sitting still and staring</span> +<span class="sd"> at GnuPG debugging logs for too long without snacks, but that is the gist</span> +<span class="sd"> of it.</span> +<span class="sd"> """</span> + + <span class="n">TRUST_UNDEFINED</span> <span class="o">=</span> <span class="mi">0</span> + <span class="n">TRUST_NEVER</span> <span class="o">=</span> <span class="mi">1</span> + <span class="n">TRUST_MARGINAL</span> <span class="o">=</span> <span class="mi">2</span> + <span class="n">TRUST_FULLY</span> <span class="o">=</span> <span class="mi">3</span> + <span class="n">TRUST_ULTIMATE</span> <span class="o">=</span> <span class="mi">4</span> + + <span class="n">TRUST_LEVELS</span> <span class="o">=</span> <span class="p">{</span><span class="s">"TRUST_UNDEFINED"</span> <span class="p">:</span> <span class="n">TRUST_UNDEFINED</span><span class="p">,</span> + <span class="s">"TRUST_NEVER"</span> <span class="p">:</span> <span class="n">TRUST_NEVER</span><span class="p">,</span> + <span class="s">"TRUST_MARGINAL"</span> <span class="p">:</span> <span class="n">TRUST_MARGINAL</span><span class="p">,</span> + <span class="s">"TRUST_FULLY"</span> <span class="p">:</span> <span class="n">TRUST_FULLY</span><span class="p">,</span> + <span class="s">"TRUST_ULTIMATE"</span> <span class="p">:</span> <span class="n">TRUST_ULTIMATE</span><span class="p">,}</span> + + <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">gpg</span><span class="p">):</span> + <span class="sd">"""Create a parser for verification and certification commands.</span> + +<span class="sd"> :param gpg: An instance of :class:`gnupg.GPG`.</span> +<span class="sd"> """</span> + <span class="bp">self</span><span class="o">.</span><span class="n">_gpg</span> <span class="o">=</span> <span class="n">gpg</span> + <span class="c">#: True if the signature is valid, False otherwise.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">valid</span> <span class="o">=</span> <span class="bp">False</span> + <span class="c">#: A string describing the status of the signature verification.</span> + <span class="c">#: Can be one of ``signature bad``, ``signature good``,</span> + <span class="c">#: ``signature valid``, ``signature error``, ``decryption failed``,</span> + <span class="c">#: ``no public key``, ``key exp``, or ``key rev``.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The fingerprint of the signing keyid.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">fingerprint</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The fingerprint of the corresponding public key, which may be</span> + <span class="c">#: different if the signature was created with a subkey.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">pubkey_fingerprint</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The keyid of the signing key.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">key_id</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The id of the signature itself.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">signature_id</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The creation date of the signing key.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">creation_date</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The timestamp of the purported signature, if we are unable to parse</span> + <span class="c">#: and/or validate it.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">timestamp</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The timestamp for when the valid signature was created.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">sig_timestamp</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The userid of the signing key which was used to create the</span> + <span class="c">#: signature.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">username</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: When the signing key is due to expire.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">expire_timestamp</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: An integer 0-4 describing the trust level of the signature.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">trust_level</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The string corresponding to the ``trust_level`` number.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">trust_text</span> <span class="o">=</span> <span class="bp">None</span> + + <span class="k">def</span> <span class="nf">__nonzero__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> + <span class="sd">"""Override the determination for truthfulness evaluation.</span> + +<span class="sd"> :rtype: bool</span> +<span class="sd"> :returns: True if we have a valid signature, False otherwise.</span> +<span class="sd"> """</span> + <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">valid</span> + <span class="n">__bool__</span> <span class="o">=</span> <span class="n">__nonzero__</span> + +<div class="viewcode-block" id="Verify._handle_status"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.Verify._handle_status">[docs]</a> <span class="k">def</span> <span class="nf">_handle_status</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> + <span class="sd">"""Parse a status code from the attached GnuPG process.</span> + +<span class="sd"> :raises: :exc:`~exceptions.ValueError` if the status message is unknown.</span> +<span class="sd"> """</span> + <span class="k">if</span> <span class="n">key</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">TRUST_LEVELS</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">trust_text</span> <span class="o">=</span> <span class="n">key</span> + <span class="bp">self</span><span class="o">.</span><span class="n">trust_level</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">TRUST_LEVELS</span><span class="p">[</span><span class="n">key</span><span class="p">]</span> + <span class="k">elif</span> <span class="n">key</span> <span class="ow">in</span> <span class="p">(</span><span class="s">"RSA_OR_IDEA"</span><span class="p">,</span> <span class="s">"NODATA"</span><span class="p">,</span> <span class="s">"IMPORT_RES"</span><span class="p">,</span> <span class="s">"PLAINTEXT"</span><span class="p">,</span> + <span class="s">"PLAINTEXT_LENGTH"</span><span class="p">,</span> <span class="s">"POLICY_URL"</span><span class="p">,</span> <span class="s">"DECRYPTION_INFO"</span><span class="p">,</span> + <span class="s">"DECRYPTION_OKAY"</span><span class="p">,</span> <span class="s">"INV_SGNR"</span><span class="p">):</span> + <span class="k">pass</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"BADSIG"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">valid</span> <span class="o">=</span> <span class="bp">False</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'signature bad'</span> + <span class="bp">self</span><span class="o">.</span><span class="n">key_id</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">username</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="bp">None</span><span class="p">,</span> <span class="mi">1</span><span class="p">)</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"GOODSIG"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">valid</span> <span class="o">=</span> <span class="bp">True</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'signature good'</span> + <span class="bp">self</span><span class="o">.</span><span class="n">key_id</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">username</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="bp">None</span><span class="p">,</span> <span class="mi">1</span><span class="p">)</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"VALIDSIG"</span><span class="p">:</span> + <span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">fingerprint</span><span class="p">,</span> + <span class="bp">self</span><span class="o">.</span><span class="n">creation_date</span><span class="p">,</span> + <span class="bp">self</span><span class="o">.</span><span class="n">sig_timestamp</span><span class="p">,</span> + <span class="bp">self</span><span class="o">.</span><span class="n">expire_timestamp</span><span class="p">)</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">()[:</span><span class="mi">4</span><span class="p">]</span> + <span class="c"># may be different if signature is made with a subkey</span> + <span class="bp">self</span><span class="o">.</span><span class="n">pubkey_fingerprint</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">()[</span><span class="o">-</span><span class="mi">1</span><span class="p">]</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'signature valid'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"SIG_ID"</span><span class="p">:</span> + <span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">signature_id</span><span class="p">,</span> + <span class="bp">self</span><span class="o">.</span><span class="n">creation_date</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">timestamp</span><span class="p">)</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">()</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"ERRSIG"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">valid</span> <span class="o">=</span> <span class="bp">False</span> + <span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">key_id</span><span class="p">,</span> + <span class="n">algo</span><span class="p">,</span> <span class="n">hash_algo</span><span class="p">,</span> + <span class="n">cls</span><span class="p">,</span> + <span class="bp">self</span><span class="o">.</span><span class="n">timestamp</span><span class="p">)</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">()[:</span><span class="mi">5</span><span class="p">]</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'signature error'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"DECRYPTION_FAILED"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">valid</span> <span class="o">=</span> <span class="bp">False</span> + <span class="bp">self</span><span class="o">.</span><span class="n">key_id</span> <span class="o">=</span> <span class="n">value</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'decryption failed'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"NO_PUBKEY"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">valid</span> <span class="o">=</span> <span class="bp">False</span> + <span class="bp">self</span><span class="o">.</span><span class="n">key_id</span> <span class="o">=</span> <span class="n">value</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'no public key'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="ow">in</span> <span class="p">(</span><span class="s">"KEYEXPIRED"</span><span class="p">,</span> <span class="s">"SIGEXPIRED"</span><span class="p">):</span> + <span class="c"># these are useless in verify, since they are spit out for any</span> + <span class="c"># pub/subkeys on the key, not just the one doing the signing.</span> + <span class="c"># if we want to check for signatures with expired key,</span> + <span class="c"># the relevant flag is EXPKEYSIG.</span> + <span class="k">pass</span> + <span class="k">elif</span> <span class="n">key</span> <span class="ow">in</span> <span class="p">(</span><span class="s">"EXPKEYSIG"</span><span class="p">,</span> <span class="s">"REVKEYSIG"</span><span class="p">):</span> + <span class="c"># signed with expired or revoked key</span> + <span class="bp">self</span><span class="o">.</span><span class="n">valid</span> <span class="o">=</span> <span class="bp">False</span> + <span class="bp">self</span><span class="o">.</span><span class="n">key_id</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">()[</span><span class="mi">0</span><span class="p">]</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="p">((</span><span class="s">'</span><span class="si">%s</span><span class="s"> </span><span class="si">%s</span><span class="s">'</span><span class="p">)</span> <span class="o">%</span> <span class="p">(</span><span class="n">key</span><span class="p">[:</span><span class="mi">3</span><span class="p">],</span> <span class="n">key</span><span class="p">[</span><span class="mi">3</span><span class="p">:]))</span><span class="o">.</span><span class="n">lower</span><span class="p">()</span> + <span class="k">else</span><span class="p">:</span> + <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s">"Unknown status message: </span><span class="si">%r</span><span class="s">"</span> <span class="o">%</span> <span class="n">key</span><span class="p">)</span> + +</div></div> +<div class="viewcode-block" id="Crypt"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.Crypt">[docs]</a><span class="k">class</span> <span class="nc">Crypt</span><span class="p">(</span><span class="n">Verify</span><span class="p">):</span> + <span class="sd">"""Parser for internal status messages from GnuPG for ``--encrypt``,</span> +<span class="sd"> ``--decrypt``, and ``--decrypt-files``.</span> +<span class="sd"> """</span> + <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">gpg</span><span class="p">):</span> + <span class="n">Verify</span><span class="o">.</span><span class="n">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">gpg</span><span class="p">)</span> + <span class="bp">self</span><span class="o">.</span><span class="n">_gpg</span> <span class="o">=</span> <span class="n">gpg</span> + <span class="c">#: A string containing the encrypted or decrypted data.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">data</span> <span class="o">=</span> <span class="s">''</span> + <span class="c">#: True if the decryption/encryption process turned out okay.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">ok</span> <span class="o">=</span> <span class="bp">False</span> + <span class="c">#: A string describing the current processing status, or error, if one</span> + <span class="c">#: has occurred.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="bp">None</span> + <span class="bp">self</span><span class="o">.</span><span class="n">data_format</span> <span class="o">=</span> <span class="bp">None</span> + <span class="bp">self</span><span class="o">.</span><span class="n">data_timestamp</span> <span class="o">=</span> <span class="bp">None</span> + <span class="bp">self</span><span class="o">.</span><span class="n">data_filename</span> <span class="o">=</span> <span class="bp">None</span> + + <span class="k">def</span> <span class="nf">__nonzero__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> + <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">ok</span><span class="p">:</span> <span class="k">return</span> <span class="bp">True</span> + <span class="k">return</span> <span class="bp">False</span> + <span class="n">__bool__</span> <span class="o">=</span> <span class="n">__nonzero__</span> + + <span class="k">def</span> <span class="nf">__str__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> + <span class="sd">"""The str() method for a :class:`Crypt` object will automatically return the</span> +<span class="sd"> decoded data string, which stores the encryped or decrypted data.</span> + +<span class="sd"> In other words, these two statements are equivalent:</span> + +<span class="sd"> >>> assert decrypted.data == str(decrypted)</span> + +<span class="sd"> """</span> + <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">data</span><span class="o">.</span><span class="n">decode</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_gpg</span><span class="o">.</span><span class="n">_encoding</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">_gpg</span><span class="o">.</span><span class="n">_decode_errors</span><span class="p">)</span> + +<div class="viewcode-block" id="Crypt._handle_status"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.Crypt._handle_status">[docs]</a> <span class="k">def</span> <span class="nf">_handle_status</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> + <span class="sd">"""Parse a status code from the attached GnuPG process.</span> + +<span class="sd"> :raises: :exc:`~exceptions.ValueError` if the status message is unknown.</span> +<span class="sd"> """</span> + <span class="k">if</span> <span class="n">key</span> <span class="ow">in</span> <span class="p">(</span><span class="s">"ENC_TO"</span><span class="p">,</span> <span class="s">"USERID_HINT"</span><span class="p">,</span> <span class="s">"GOODMDC"</span><span class="p">,</span> <span class="s">"END_DECRYPTION"</span><span class="p">,</span> + <span class="s">"BEGIN_SIGNING"</span><span class="p">,</span> <span class="s">"NO_SECKEY"</span><span class="p">,</span> <span class="s">"ERROR"</span><span class="p">,</span> <span class="s">"NODATA"</span><span class="p">,</span> + <span class="s">"CARDCTRL"</span><span class="p">):</span> + <span class="c"># in the case of ERROR, this is because a more specific error</span> + <span class="c"># message will have come first</span> + <span class="k">pass</span> + <span class="k">elif</span> <span class="n">key</span> <span class="ow">in</span> <span class="p">(</span><span class="s">"NEED_PASSPHRASE"</span><span class="p">,</span> <span class="s">"BAD_PASSPHRASE"</span><span class="p">,</span> <span class="s">"GOOD_PASSPHRASE"</span><span class="p">,</span> + <span class="s">"MISSING_PASSPHRASE"</span><span class="p">,</span> <span class="s">"DECRYPTION_FAILED"</span><span class="p">,</span> + <span class="s">"KEY_NOT_CREATED"</span><span class="p">):</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="n">key</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s">"_"</span><span class="p">,</span> <span class="s">" "</span><span class="p">)</span><span class="o">.</span><span class="n">lower</span><span class="p">()</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"NEED_TRUSTDB"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">_gpg</span><span class="o">.</span><span class="n">_create_trustdb</span><span class="p">()</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"NEED_PASSPHRASE_SYM"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'need symmetric passphrase'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"BEGIN_DECRYPTION"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'decryption incomplete'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"BEGIN_ENCRYPTION"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'encryption incomplete'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"DECRYPTION_OKAY"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'decryption ok'</span> + <span class="bp">self</span><span class="o">.</span><span class="n">ok</span> <span class="o">=</span> <span class="bp">True</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"END_ENCRYPTION"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'encryption ok'</span> + <span class="bp">self</span><span class="o">.</span><span class="n">ok</span> <span class="o">=</span> <span class="bp">True</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"INV_RECP"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'invalid recipient'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"KEYEXPIRED"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'key expired'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"KEYREVOKED"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'key revoked'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"SIG_CREATED"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'sig created'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"SIGEXPIRED"</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="s">'sig expired'</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">"PLAINTEXT"</span><span class="p">:</span> + <span class="n">fmt</span><span class="p">,</span> <span class="n">dts</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s">' '</span><span class="p">,</span> <span class="mi">1</span><span class="p">)</span> + <span class="k">if</span> <span class="n">dts</span><span class="o">.</span><span class="n">find</span><span class="p">(</span><span class="s">' '</span><span class="p">)</span> <span class="o">></span> <span class="mi">0</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">data_timestamp</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">data_filename</span> <span class="o">=</span> <span class="n">dts</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s">' '</span><span class="p">,</span> <span class="mi">1</span><span class="p">)</span> + <span class="k">else</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">data_timestamp</span> <span class="o">=</span> <span class="n">dts</span> + <span class="c">## GnuPG gives us a hex byte for an ascii char corresponding to</span> + <span class="c">## the data format of the resulting plaintext,</span> + <span class="c">## i.e. '62'→'b':= binary data</span> + <span class="bp">self</span><span class="o">.</span><span class="n">data_format</span> <span class="o">=</span> <span class="nb">chr</span><span class="p">(</span><span class="nb">int</span><span class="p">(</span><span class="nb">str</span><span class="p">(</span><span class="n">fmt</span><span class="p">),</span> <span class="mi">16</span><span class="p">))</span> + <span class="k">else</span><span class="p">:</span> + <span class="nb">super</span><span class="p">(</span><span class="n">Crypt</span><span class="p">,</span> <span class="bp">self</span><span class="p">)</span><span class="o">.</span><span class="n">_handle_status</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="n">value</span><span class="p">)</span> +</div></div> +<div class="viewcode-block" id="ListPackets"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.ListPackets">[docs]</a><span class="k">class</span> <span class="nc">ListPackets</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span> + <span class="sd">"""Handle status messages for --list-packets."""</span> + + <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">gpg</span><span class="p">):</span> + <span class="bp">self</span><span class="o">.</span><span class="n">_gpg</span> <span class="o">=</span> <span class="n">gpg</span> + <span class="c">#: A string describing the current processing status, or error, if one</span> + <span class="c">#: has occurred.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: True if the passphrase to a public/private keypair is required.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">need_passphrase</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: True if a passphrase for a symmetric key is required.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">need_passphrase_sym</span> <span class="o">=</span> <span class="bp">None</span> + <span class="c">#: The keyid and uid which this data is encrypted to.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">userid_hint</span> <span class="o">=</span> <span class="bp">None</span> + +<div class="viewcode-block" id="ListPackets._handle_status"><a class="viewcode-back" href="../../gnupg.html#gnupg._parsers.ListPackets._handle_status">[docs]</a> <span class="k">def</span> <span class="nf">_handle_status</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> + <span class="sd">"""Parse a status code from the attached GnuPG process.</span> + +<span class="sd"> :raises: :exc:`~exceptions.ValueError` if the status message is unknown.</span> +<span class="sd"> """</span> + <span class="k">if</span> <span class="n">key</span> <span class="o">==</span> <span class="s">'NODATA'</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">status</span> <span class="o">=</span> <span class="n">nodata</span><span class="p">(</span><span class="n">value</span><span class="p">)</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">'ENC_TO'</span><span class="p">:</span> + <span class="c"># This will only capture keys in our keyring. In the future we</span> + <span class="c"># may want to include multiple unknown keys in this list.</span> + <span class="bp">self</span><span class="o">.</span><span class="n">key</span><span class="p">,</span> <span class="n">_</span><span class="p">,</span> <span class="n">_</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">split</span><span class="p">()</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">'NEED_PASSPHRASE'</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">need_passphrase</span> <span class="o">=</span> <span class="bp">True</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">'NEED_PASSPHRASE_SYM'</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">need_passphrase_sym</span> <span class="o">=</span> <span class="bp">True</span> + <span class="k">elif</span> <span class="n">key</span> <span class="o">==</span> <span class="s">'USERID_HINT'</span><span class="p">:</span> + <span class="bp">self</span><span class="o">.</span><span class="n">userid_hint</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="n">strip</span><span class="p">()</span><span class="o">.</span><span class="n">split</span><span class="p">()</span> + <span class="k">elif</span> <span class="n">key</span> <span class="ow">in</span> <span class="p">(</span><span class="s">'NO_SECKEY'</span><span class="p">,</span> <span class="s">'BEGIN_DECRYPTION'</span><span class="p">,</span> <span class="s">'DECRYPTION_FAILED'</span><span class="p">,</span> + <span class="s">'END_DECRYPTION'</span><span class="p">):</span> + <span class="k">pass</span> + <span class="k">else</span><span class="p">:</span> + <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s">"Unknown status message: </span><span class="si">%r</span><span class="s">"</span> <span class="o">%</span> <span class="n">key</span><span class="p">)</span></div></div> +</pre></div> + + </div> + </div> + </div> + </div> + <div class="sidebar"> + <h3>Table Of Contents</h3> + <ul> +<li class="toctree-l1"><a class="reference internal" href="../../gnupg.html">gnupg package</a></li> +</ul> + + <h3 style="margin-top: 1.5em;">Search</h3> + <form class="search" action="../../search.html" method="get"> + <input type="text" name="q" /> + <input type="submit" value="Go" /> + <input type="hidden" name="check_keywords" value="yes" /> + <input type="hidden" name="area" value="default" /> + </form> + <p class="searchtip" style="font-size: 90%"> + Enter search terms or a module, class or function name. + </p> + </div> + <div class="clearer"></div> + </div> + </div> + + <div class="footer-wrapper"> + <div class="footer"> + <div class="left"> + <a href="../../py-modindex.html" title="Python Module Index" + >modules</a> | + <a href="../../genindex.html" title="General Index" + >index</a> + </div> + + <div class="right"> + + <div class="footer"> + © Copyright 2013-2014, Isis Agora Lovecruft. + Last updated on Saturday, 02 August 2014. + Created using <a href="http://sphinx-doc.org/">Sphinx</a> 1.2.2. + </div> + </div> + <div class="clearer"></div> + </div> + </div> + + </body> +</html>
\ No newline at end of file |