WHEW. test.py working now. still need to test pushing to a keyserver

This commit is contained in:
brent s 2017-09-08 04:13:56 -04:00
parent 20388431aa
commit 6dbc713dc9
3 changed files with 84 additions and 10 deletions

1
gpg/kant/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
/gpgme.pdf

View File

@ -30,13 +30,14 @@ import gpg # non-stdlib; Arch package is "python-gpgme" - see
#The signatures have been pushed to KEYSERVERS. #The signatures have been pushed to KEYSERVERS.
# #
#I have taken the liberty of attaching my public key in the event you've not signed it yet and were unable to find it. #I have taken the liberty of attaching my public key in the event you've not signed it yet and were unable to find it.
#Please feel free to push to pgp.mit.edu or hkps.pool.sks-keyservers.net. #Please feel free to push to hkps://sks.mirror.square-r00t.net:11371 (you can do this with "gpg --keyserver ...) or any other SKS-pooled keyserver[0].
# #
#As a reminder, my key ID, Keybase.io username, and verification/proof of identity can all be found at: #As a reminder, my key ID, Keybase.io username, and verification/proof of identity can all be found at:
# #
#https://devblog.square-r00t.net/about/my-gpg-public-key-verification-of-identity #https://square-r00t.net/gpg-info
# #
#Thanks again! #Thanks again!
#[0] https://mirror.square-r00t.net/#svcs-sks


class sigsession(object): class sigsession(object):
def __init__(self, args): def __init__(self, args):

View File

@ -1,17 +1,28 @@
#!/usr/bin/env python3 #!/usr/bin/env python3


# This is more of a documentation on some python-gpgme (https://pypi.python.org/pypi/gpg) examples. # This is less of a test suite and more of an active documentation on some python-gpgme (https://pypi.python.org/pypi/gpg) examples.
# Because their only documentation for the python bindings is in pydoc, and the C API manual is kind of useless. # Because their only documentation for the python bindings is in pydoc, and the C API manual is kind of useless.


import gpg import gpg
import gpg.constants import gpg.constants
import inspect import inspect
import os
import pprint import pprint
import re
import subprocess
import operator
from functools import reduce

os.environ['GNUPGHOME'] = '/home/bts/tmpgpg'
# JUST in case we need to...
#subprocess.run(['gpgconf', '--reload', 'dirmngr'])


# my key ID # my key ID
mykey = '748231EBCBD808A14F5E85D28C004C2F93481F6B' #mykey = '748231EBCBD808A14F5E85D28C004C2F93481F6B'
mykey = '2805EC3D90E2229795AFB73FF85BC40E6E17F339'
# a key to test with # a key to test with
theirkey = '63D1CEA387C27A92E0D50AB8343C305F9109D4DC' theirkey = 'CA7D304ABA7A3E24C9414D32FFA0F1361AD82A06'
testfetch = [theirkey, '748231EBCBD808A14F5E85D28C004C2F93481F6B']


# Create a context # Create a context
# Params: # Params:
@ -53,10 +64,71 @@ klmodes = {'local': gpg.constants.KEYLIST_MODE_LOCAL,
#mode -- keylist mode (default: list local keys) #mode -- keylist mode (default: list local keys)
#source -- read keys from source instead from the keyring #source -- read keys from source instead from the keyring
# (all other options are ignored in this case) # (all other options are ignored in this case)
ctx.keylist(pattern = 'bts@square-r00t.net', tkey2 = None
secret = False,
mode = klmodes['both'],
source = None)


# Test fetching from a keyserver # jrdemasi@gmail.com = 0xEFD9413B17293AFDFE6EA6F1402A088DEDF104CB
for k in ctx.keylist(pattern = 'jrdemasi', secret = False, mode = klmodes['remote'], source = None):
#pprint.pprint(inspect.getmembers(k))
tkey2 = k
#print(tkey2.fpr)


# Test fetching from a keyserver - we'll grab the last key from the above iteration
try:
ctx.op_import_keys([tkey2])
except gpg.errors.GPGMEError:
pass # key isn't on the keyserver, or it isn't accessible, etc.

# Test signing
ctx.key_tofu_policy(tkey2, gpg.constants.TOFU_POLICY_ASK)
ctx.signers = [mkey]
days_valid = 4
exptime = 4 * 24 * 60 * 60
ctx.key_sign(tkey2, expires_in = exptime, local = True)

# https://www.apt-browse.org/browse/debian/wheezy/main/amd64/python-pyme/1:0.8.1-2/file/usr/share/doc/python-pyme/examples/t-edit.py
# https://searchcode.com/codesearch/view/20535820/
# https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=doc/DETAILS;h=0be55f4d64178a5636cbe9f12f63c6f9853f3aa2;hb=refs/heads/master
class KeyEditor(object):
def __init__(self):
self.replied_once = False
trust = '3' # this is the level of trust... in this case, marginal.
rcptemail = 'test@test.com'
# we exclude 'help'
self.kprmpt = ['trust', 'fpr', 'sign', 'tsign', 'lsign', 'nrsign', 'grip', 'list',
'uid', 'key', 'check', 'deluid', 'delkey', 'delsig', 'pref', 'showpref',
'revsig', 'enable', 'disable', 'showphoto', 'clean', 'minimize', 'save',
'quit']
self.prmpt = {'edit_ownertrust': {'value': trust,
'set_ultimate': {'okay': 'yes'}},
'untrusted_key': {'override': 'yes'},
'pklist': {'user_id': {'enter': rcptemail}},
'keyedit': {'prompt': 'trust', # the mode we initiate.
'save': {'okay': 'yes'}}}

def edit_fnc(self, status, args, out):
result = None
out.seek(0,0)
#print(status, args)
#print(out.read().decode('utf-8'))
#print('{0} ({1})'.format(status, args))
def mapDict(m, d):
return(reduce(operator.getitem, m, d))
if args == 'keyedit.prompt' and self.replied_once:
result = 'quit'
elif status == 'KEY_CONSIDERED':
result = None
self.replied_once = False
elif status == 'GET_LINE':
#print('DEBUG: looking up mapping...')
self.replied_once = True
_ilist = args.split('.')
result = mapDict(_ilist, self.prmpt)
if not result:
result = None
return(result)

# Test setting trust
out = gpg.Data()
ctx.interact(tkey2, KeyEditor().edit_fnc, sink = out, fnc_value = out)
out.seek(0,0)
#print(out.read(), end = ' ')