Skip to content
This repository has been archived by the owner on Dec 25, 2021. It is now read-only.

Bufgix for multi-adress keys #4

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Bufgix for multi-adress keys #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
3fd9b5f
Bugfix:
Jul 16, 2018
44d320a
Bugfix: not adding empty fingerprint to public_keys dict
Jul 16, 2018
f2f50de
Update README.md
Jul 16, 2018
40d58bc
Update __init__.py
Jul 16, 2018
85e7b40
bugfix: checking existance of smime folder before trying to access it
Jan 8, 2021
28784a8
fixed indentation
Nov 14, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 21 additions & 3 deletions GnuPG/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,24 @@ def private_keys( keyhome ):
fingerprint = line.split(':')[4]
keys[fingerprint] = email
return keys


def mails_public_keys ( keyhome ):
cmd = ['/usr/bin/gpg', '--homedir', keyhome, '--list-keys', '--with-colons']
p = subprocess.Popen( cmd, stdin=None, stdout=subprocess.PIPE, stderr=subprocess.PIPE )
p.wait()
last_fingerprint = None
mails = dict()
for line in p.stdout.readlines():
if line[0:3] == 'uid' or line[0:3] == 'pub':
if ('<' not in line or '>' not in line):
continue
email = line.split('<')[1].split('>')[0]
fingerprint = line.split(':')[4]
if fingerprint:
last_fingerprint = fingerprint
mails[email] = last_fingerprint
return mails

def public_keys( keyhome ):
cmd = ['/usr/bin/gpg', '--homedir', keyhome, '--list-keys', '--with-colons']
p = subprocess.Popen( cmd, stdin=None, stdout=subprocess.PIPE, stderr=subprocess.PIPE )
Expand All @@ -49,7 +66,8 @@ def public_keys( keyhome ):
continue
email = line.split('<')[1].split('>')[0]
fingerprint = line.split(':')[4]
keys[fingerprint] = email
if fingerprint:
keys[fingerprint] = email
return keys

# confirms a key has a given email address
Expand Down Expand Up @@ -147,4 +165,4 @@ def decrypt(self):
def _command(self):
cmd = ["/usr/bin/gpg", "--trust-model", "always", "--homedir", self._keyhome, "--batch", "--yes", "--no-secmem-warning", "-a", "-d"]

return cmd
return cmd
5 changes: 3 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,10 +31,11 @@ This is a combined work of many developers and contributors:
* Bruce Markey - [GitHub](https://github.com/TheEd1tor)
* Remko Tronçon - [GitHub](https://github.com/remko/phkp/)
* Kiritan Flux [GitHub](https://github.com/kflux)
* Fabian Krone [GitHub] (https://github.com/fkrone/gpg-mailgate)
* Fabian Krone [GitHub](https://github.com/fkrone/gpg-mailgate)
* Stephan Richter [GitHub](https://github.com/keawe-software/gpg-mailgate)

# To Do

* rename from gpg-mailgate to openpgp-s-mime-mailgate or something.....
* find a better solution for an own user instead of the user `nobody`
* make PGP/INLINE decryption more reliable
* make PGP/INLINE decryption more reliable
21 changes: 16 additions & 5 deletions gpg-mailgate.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -250,7 +250,7 @@ def decrypt_inline_with_attachments( payloads, success, message = None ):
# There was no encrypted payload found, so the original payload is attached
message.attach(payload)

return message, success
return message, success

def decrypt_inline_without_attachments( decrypted_message ):

Expand Down Expand Up @@ -292,10 +292,19 @@ def gpg_encrypt( raw_message, recipients ):
log("No valid entry for gpg keyhome. Encryption aborted.")
return recipients

keys = GnuPG.public_keys( cfg['gpg']['keyhome'] )
# get a mapping from fingerpints to emails
keys = GnuPG.public_keys( cfg['gpg']['keyhome'] )

for fingerprint in keys:
keys[fingerprint] = sanitize_case_sense(keys[fingerprint])


# get a mapping form emails to fingerprins. better, since one fingerprint may belong to several emails
raw_emails = GnuPG.mails_public_keys( cfg['gpg']['keyhome'] )

emails = list()
for email in raw_emails:
emails.append(sanitize_case_sense(email))

gpg_to = list()
ungpg_to = list()

Expand All @@ -312,7 +321,7 @@ def gpg_encrypt( raw_message, recipients ):
log("Key '%s' in encrypt keymap not found in keyring for email address '%s'." % (cfg['enc_keymap'][to], to))

# Check if key in keychain is present
if to in keys.values() and not get_bool_from_cfg('default', 'enc_keymap_only', 'yes'):
if to in emails and not get_bool_from_cfg('default', 'enc_keymap_only', 'yes'):
gpg_to.append( (to, to) )
continue

Expand Down Expand Up @@ -441,7 +450,7 @@ def encrypt_all_payloads_mime( message, gpg_to_cmdline ):
junk_str = junk_msg.as_string() # WTF! Without this, get_boundary() will return 'None'!
boundary = junk_msg.get_boundary()

# This also modifies the boundary in the body of the message, ie it gets parsed.
# This also modifies the boundary in the body of the message, ie it gets parsed.
if message.has_key('Content-Type'):
message.replace_header('Content-Type', "multipart/encrypted; protocol=\"application/pgp-encrypted\";\nboundary=\"%s\"\n" % boundary)
else:
Expand Down Expand Up @@ -540,6 +549,8 @@ def smime_encrypt( raw_message, recipients ):

def get_cert_for_email( to_addr, cert_path ):

if not os.path.isdir(cert_path):
return None
files_in_directory = os.listdir(cert_path)
for filename in files_in_directory:
file_path = os.path.join(cert_path, filename)
Expand Down