|
Server : LiteSpeed System : Linux server51.dnsbootclub.com 4.18.0-553.62.1.lve.el8.x86_64 #1 SMP Mon Jul 21 17:50:35 UTC 2025 x86_64 User : nandedex ( 1060) PHP Version : 8.1.33 Disable Function : NONE Directory : /opt/cppython/lib/python3.8/site-packages/__pycache__/ |
U
����N��gTG���������������������@���s$��d�Z�ddlZddlmZ�ddlmZ�ddlmZ�ddlZddlZddl Z ddl
Z
ddl
m
Z
m
Z
�ddlZddlZdZdZd ZdZejd
kr�zdd
l
mZmZmZ�W�n�ek
r����dZY�nX�z
e�d
ZeZeZ
e
e
fZ W�n&�e k
r����d
Ze
Ze
Z
e
fZ Y�nX�e�!e"�Z#e#j$�s e#�%e�&����d
Z'ej(j"dk�r<dd��Z)ne �*d�Z+dd��Z)e�,��Z-dd��Z.dd��Z/dd��Z0dd��Z1dd
��Z2d
d
��Z3d d ��Z4G�d!d"��d"e5�Z6G�d#d$��d$e6�Z7G�d%d&��d&e6�Z8e �*d'e j9�Z:d(d)d*d+d,d-d.�Z;G�d/d0��d0e6�Z<d1d2��Z=G�d3d4��d4e6e>�Z?G�d5d6��d6e?�Z@G�d7d8��d8e@�ZAG�d9d:��d:e5�ZBd;d<d=d>d?d@dAdBdCdDdEdFdGdHdIdJ�ZCdKdL��ZDG�dMdN��dNe7eB�ZEG�dOdP��dPe6�ZFG�dQdR��dRe6�ZGG�dSdT��dTeF�ZHG�dUdV��dVe6�ZIG�dWdX��dXeI�ZJG�dYdZ��dZe6eB�ZKG�d[d\��d\e6�ZLe �*d]�Md^��ZNe �*d_e j9�ZOe �*d`�ZPG�dadb��dbe5�ZQdS�)ca��� A wrapper for the GnuPG `gpg` command.
Portions of this module are derived from A.M. Kuchling's well-designed
GPG.py, using Richard Jones' updated version 1.3, which can be found
in the pycrypto CVS repository on Sourceforge:
http://pycrypto.cvs.sourceforge.net/viewvc/pycrypto/gpg/GPG.py
This module is *not* forward-compatible with amk's; some of the
old interface has changed. For instance, since I've added decrypt
functionality, I elected to initialize with a 'gnupghome' argument
instead of 'keyring', so that gpg can find both the public and secret
keyrings. I've also altered some of the returned objects in order for
the caller to not have to know as much about the internals of the
result classes.
While the rest of ISconf is released under the GPL, I am releasing
this single file under the same terms that A.M. Kuchling used for
pycrypto.
Steve Traugott, stevegt@terraluna.org
Thu Jun 23 21:27:20 PDT 2005
This version of the module has been modified from Steve Traugott's version
(see http://trac.t7a.org/isconf/browser/trunk/lib/python/isconf/GPG.py) by
Vinay Sajip to make use of the subprocess module (Steve's version uses os.fork()
and so does not work on Windows). Renamed to gnupg.py to avoid confusion with
the previous versions.
Modifications Copyright (C) 2008-2024 Vinay Sajip. All rights reserved.
For the full documentation, see https://docs.red-dove.com/python-gnupg/ or
https://gnupg.readthedocs.io/
�����N)�datetime)� parseaddr)�StringIO)�Popen�PIPEz0.5.4z
Vinay Sajipz$07-Jan-2025 10:13:17$�nt)�
STARTUPINFO�STARTF_USESHOWWINDOW�SW_HIDEFT�ntpathc�����������������C���s���d|��S�)Nz"%s"����sr
���r
����2/opt/cppython/lib/python3.8/site-packages/gnupg.py�
shell_quoteV���s����r���z[^\w%+,./:=@-]c�����������������C���sH���t�|�t�stdt|�����|�s$d}n t�|��s4|�}nd|��dd��}|S�)au��
Quote text so that it is safe for POSIX command shells.
For example, "*.py" would be converted to "'*.py'". If the text is considered safe it is returned unquoted.
Args:
s (str): The value to quote
Returns:
str: A safe version of the input, from the point of view of POSIX
command shells.
z
Expected string type, got %sz''z'%s'�'z'\'')�
isinstance�
string_types� TypeError�type�UNSAFE�search�replace)r����resultr
���r
���r���r���_���s����
c�����������������C���s
���t�st|�t�r|��t�}�|�S�)z7
Legacy function which is a no-op on Python 3.
)�_py3kr���� text_type�encode�
fsencodingr
���r
���r
���r����no_quote����s����
r
���c�����������������C���s��|dks
t��d}ttjd�r&tjj}nd}z|��|�}W�n&�tk
r^���tjddd��Y�q�Y�nX�|sfq�|t |�7�}z|�
|��W�q*�t
k
r����|�
|�
|���Y�q*�tk
r����t�
d��Y�q�Y�q*X�q*z
|����W�n"�tk
r����tjddd��Y�nX�t�d |��d�S�)
Nr����encoding�asciiz Exception occurred while reading����)�exc_infozError sending dataz)Exception occurred while closing: ignoredz
closed output, %d bytes sent)�AssertionError�hasattr�sys�stdinr ����read� Exception�logger�warning�len�write�
UnicodeErrorr
���� exception�close�IOError�debug)�instream� outstream�
buffer_size�sent�enc�datar
���r
���r����
_copy_data����s2����
r8���c�����������������C���sB���|dks
t��tjt|�||fd�}d|_t�d||�|��|����|S�)Nr�����target�argsTzdata copier: %r, %r, %r)r#���� threading�Threadr8����daemonr)���r1����start)r2���r3���r4����wrr
���r
���r����_threaded_copy_data����s
����
rA���c�����������������C���s*���d|�}|��|�}|��|��t�d��d�S�)Nz%s
zWrote passphrase)r
���r,���r)���r1���)�stream�
passphraser ���r
���r
���r����_write_passphrase����s����
rD���c�����������������C���s���t�|�ttttf�S��N)r����list�tuple�set� frozenset)�instancer
���r
���r����
_is_sequence����s����rK���c�����������������C���s:���zddl�m}�||��}W�n
�tk
r4���t|��}Y�nX�|S�)Nr���)�BytesIO)�iorL����
ImportErrorr���)r���rL����rvr
���r
���r����_make_memory_stream����s
����
rP���c�����������������C���s8���t�rt|�t�r0|��|�}�nt|��tk r0|��|�}�t|��S�rE���)r���r����strr
���r���rP���)r���r ���r
���r
���r����_make_binary_stream����s
����
rR���c�������������������@���s$���e�Zd�ZdZdZdd��Zdd��ZdS�)�
StatusHandlerzA
The base class for handling status messages from `gpg`.
Nc�����������������C���s
���||�_�dS�)zq
Initialize an instance.
Args:
gpg (GPG): The :class:`GPG` instance in use.
N)�gpg��selfrT���r
���r
���r����__init__����s����zStatusHandler.__init__c�����������������C���s���t��dS�)a.��
Handle status messages from the `gpg` child process. These are lines of the format
[GNUPG:] <key> <value>
Args:
key (str): Identifies what the status message is.
value (str): Identifies additional data, which differs depending on the key.
N)�NotImplementedError�rV����key�valuer
���r
���r����
handle_status����s����
zStatusHandler.handle_status)�__name__�
__module__�
__qualname__�__doc__�on_data_failurerW���r\���r
���r
���r
���r���rS�������s��� rS���c�������������������@���sp���e�Zd�ZdZdZdZdZdZdZdZ eeeeee d�Z
d d
d
d
d
�Z
ddiZ
dZ
dd��Zdd��ZeZdd��ZdS�)�VerifyzJ
This class handles status messages during signature verificaton.
r���r!�������������������)�
TRUST_EXPIRED�TRUST_UNDEFINED�
TRUST_NEVER�TRUST_MARGINAL�
TRUST_FULLY�TRUST_ULTIMATEzpermission deniedz
file existszfile not foundznot a directory)r!����#����Q����a����
���zincorrect passphraseNc�����������������C���sv���t��|�|��d|�_d��|�_�|�_|�_d��|�_|�_d�|�_d�|�_d�|�_ d�|�_
d�|�_
d�|�_
d�|�_
d�|�_d�|�_i�|�_g�|�_d�S��NF)rS���rW����valid�
fingerprint�
creation_date� timestamp�
signature_id�key_id�username�
key_status�status�pubkey_fingerprint�expire_timestamp�
sig_timestamp�
trust_text�
trust_level�sig_info�problemsrU���r
���r
���r���rW�����s
����
zVerify.__init__c�����������������C���s���|�j�S�rE���)rr����rV���r
���r
���r����
__nonzero__)��s����zVerify.__nonzero__c��������������������s�����fdd�}|��j�krB|��_��j�|���_|��j��jd��d���_�n@|dkr\t�d||���n&|dkr�d��_d��_|�d�d �\��_ ��_
��j
�
��j��j ��j
d
���|��j ��j
��jd
���n�|d
k�r>d��_|���}|d�d
��\��_ }}}��_
t|�dkr�|d���_d��_|��j ��j
��j��jd����j
�
��j��j ��j
��jd����nD|dk�r�d��_d��_|�d�d �\��_ ��_
|��j ��j
��jd
����j
�
��j��j ��j
d
����n�|dk�r�d��_d��_|�d�d �\��_ ��_
|��j ��j
��jd
���n�|dk�rX|���}|d�d��\}} }
}
|| |
|
f\��_��_��_��_t|�dk�r6|d���_d
��_||| |
|
��j��jd
���n*|d
k�r�|���\}
} }
| |
d ���j|
<�|
| |
����_��_��_
�n�|d k�r�d��_|��_ d!��_��j
�
��j��j d"����n�|d#k�rd��_|��_ d$��_��j
�
��j��j d"����n||d%k�rnd��_|���d&���_ |d'k�r6d(��_nd)��_��j��_|��j��j d"����j
�
��j��j d"����n|d*k�r>d��_|d+k�r�d,��_n�d-|�}|�d.d �\}}|����r.t|�d/@�}��jj�r�|��jjk�r�d0|��jj|�f�}nBt|d1@��}|d2@�}|�r��j
}n��j
}||k�r.d0|||�f�}��j�s�|��_nD|d3k�rVd��_d4��_n,|d5k�rbn |d6k�rtd���_nt�
d7||��d�S�)8Nc���������������������s0�����j�}|r ��j|�}|�|���n
t�d|���d�S�)Nz!Ignored due to missing sig iD: %s)rv���r�����updater)���r1���)�kwargs�sig_id�infor����r
���r����update_sig_info0��s
����
z-Verify.handle_status.<locals>.update_sig_info)r���r~�����WARNING�ERROR�potential problem: %s: %sZBADSIGFz
signature badr!���)rz����keyid�user)r����rx���rz���ZERRSIGrf�����������zsignature error)r����ru���rs���rz���)rz���r����ru���rs���ZEXPSIGzsignature expiredZGOODSIGTzsignature goodZVALIDSIGre����
���� ���zsignature valid)rs���rt���ru���Zexpiryr{���rz���ZSIG_ID)rt���ru���Z NO_PUBKEYz
no public key)rz���r����Z NO_SECKEY�
no secret key)� EXPKEYSIGZ REVKEYSIGr���r����zsigning key has expiredzsigning key was revoked)�
UNEXPECTED�FAILUREr����zunexpected dataz
error - %s� i�����%s: %si����i����NODATAz signature expected but not found)ZDECRYPTION_INFOZ PLAINTEXTZPLAINTEXT_LENGTH�
BEGIN_SIGNING�KEY_CONSIDERED)ZNEWSIGzmessage ignored: %r, %r) �
TRUST_LEVELSr~���r���rv���r)���r*���rr���rz����splitrw���rx���r�����appendru���r+���rs���rt���r}���r|���r{���r����ry����rsplit�isdigit�intrT���� error_map�bool�GPG_SYSTEM_ERROR_CODES�GPG_ERROR_CODESr1���)rV���rZ���r[���r�����parts�algo� hash_algo�clsrs���rt���Zsig_tsZ expire_tsr����ru����messageZ operation�codeZ
system_error�mappingr
���r����r���r\���.��s�����
��
�
�
zVerify.handle_status)r]���r^���r_���r`���rg���rh���ri���rj���rk���rl���r����r����r�����
returncoderW���r�����__bool__r\���r
���r
���r
���r���rb�������s6����
���rb���c�������������������@���sb���e�Zd�ZdZd���ZdZdd��Zdd��ZeZ dd d
d
d
d
d�Z
dddddd�Z
dd��Z
dd��Z
dS�)�
ImportResultz?
This class handles status messages during key import.
z�count no_user_id imported imported_rsa unchanged n_uids n_subk n_sigs n_revoc sec_read sec_imported
sec_dups not_importedNc�����������������C���s4���t��|�|��g�|�_g�|�_|�jD�]}t|�|d��q
d�S�)Nr���)rS���rW����results�
fingerprints�counts�setattr)rV���rT���r���r
���r
���r���rW������s
����
zImportResult.__init__c�����������������C���s���t�|�j
�o|�j�S�rE���)r�����
not_importedr����r����r
���r
���r���r�������s����zImportResult.__nonzero__zNot actually changedzEntirely new keyz
New user IDszNew signaturesz
New subkeyszContains private key)�0�1�2�4�8Z16zNo specific reason givenzInvalid CertificatezIssuer Certificate missingzCertificate Chain too longzError storing certificate)r����r����r�����3r����c�����������
������C���s���|dkrt��d||���n�|dkr&�n�|dkrF|�j�d�ddd����n�|dkr�|���\}}g�}t|�j����D�]*\}}t|�t|�B�t|�krl|�|��qld � |�d �}|�j�|||d
���|�j
�|���n|d
k�r z|���\}}W�n
�t
k
�r���|}d
}Y�nX�|�j�|||�j
|�d���n�|d
k�r^|���} t
|�j�D�]
\}
}
t|�|
t| |
�����q<nn|dk�r~|�j�d�ddd���nN|dk�r�|�j�d�ddd���n.|dk�r�|�j�d�ddd���nt��d||��d�S�)Nr����r����)�IMPORTEDr����r����r����zNo valid data found)rs����problem�textZ IMPORT_OK�
)rs����okr����ZIMPORT_PROBLEMz <unknown>Z
IMPORT_RES�
KEYEXPIREDz
Key expired�
SIGEXPIREDzSignature expiredr����z
Other failure�message ignored: %s, %s)r)���r*���r����r����r����rF���� ok_reason�itemsr�����joinr����r(����problem_reason� enumerater����r����r1���)
rV���rZ���r[����reasonrs����reasonsr����r����Z
reasontextZ
import_res�i�countr
���r
���r���r\������sB����
zImportResult.handle_statusc�����������������C���s4���g�}|��d|�j���|�jr*|��d|�j���d�|�S�)zi
Return a summary indicating how many keys were imported and how many were not imported.
z
%d importedz%d not imported�, )r����Zimportedr����r����)rV���r���r
���r
���r����summary��s
����zImportResult.summary)r]���r^���r_���r`���r����r����r����rW���r����r����r����r����r\���r����r
���r
���r
���r���r�������s*����
�%r����z\\x([0-9a-f][0-9a-f])r�����
�
�
���)z\nz\rz\fz\vz\bz\0c�������������������@���s
���e�Zd�ZdZdZdd��ZdS�)�
SendResultz@
This class handles status messages during key sending.
Nc�����������������C���s���t��d||��d�S�)NzSendResult: %s: %s)r)���r1���rY���r
���r
���r���r\��� ��s����zSendResult.handle_status)r]���r^���r_���r`���r����r\���r
���r
���r
���r���r������s���r����c�����������������C���s8���t�|�D�]*\}}|t|�k�r*||�|�|<�qd|�|<�qd�S�)N�
unavailable)r����r+���)r:����
fieldnamesr;���r�����varr
���r
���r����
_set_fields#��s����
r����c�������������������@���sH���e�Zd�ZdZdZd���ZdZdd��Zdd��Z d d
��Z
d
d
��Z
d
d��Z
dS�)�
SearchKeysz?
This class handles status messages during key search.
r!���z#type keyid algo length date expiresNc�����������������C���s"���t��|�|��d�|�_g�|�_g�|�_d�S�rE���)rS���rW����curkeyr�����uidsrU���r
���r
���r���rW���7��s����
zSearchKeys.__init__c�����������������C���s&���i�}t�||�j|��g�|d<�g�|d<�|S�)�Z
Internal method used to update the instance from a `gpg` status message.
r�����sigs)r�����FIELDS)rV���r;���r���r
���r
���r����
get_fields=��s
����zSearchKeys.get_fieldsc�����������������C���s
���|���|��|�_}|��|��dS�)r����N)r����r����r�����rV���r;���r����r
���r
���r����pubG��s����zSearchKeys.pubc�����������������C���sX���||�j��}t�dd��|�}t���D�]\}}|�||�}q"|�jd��|��|�j�|��dS�)r����c�����������������S���s���t�t|��d�d��S�)Nr!�������)�chrr�����group)�mr
���r
���r����<lambda>S�������z SearchKeys.uid.<locals>.<lambda>r����N) � UID_INDEX�ESCAPE_PATTERN�sub�
BASIC_ESCAPESr����r���r����r����r����)rV���r;����uid�k�vr
���r
���r���r����N��s
����
zSearchKeys.uidc�����������������C���s���d�S�rE���r
���rY���r
���r
���r���r\���Y��s����zSearchKeys.handle_status)
r]���r^���r_���r`���r����r����r����r����rW���r����r����r����r\���r
���r
���r
���r���r����+��s���
r����c�����������������������sl���e�Zd�ZdZdZd���Z��fdd�Zdd��Ze�Z Z
dd ��Z
d
d
��Z
d
d
��Z
dd��Zdd��Zdd��Z���ZS�)�ListKeysa���
This class handles status messages during listing keys and signatures.
Handle pub and uid (relating the latter to the former).
We don't care about (info from GnuPG DETAILS file):
crt = X.509 certificate
crs = X.509 certificate and private key available
uat = user attribute (same as user id except for field 10).
sig = signature
rev = revocation signature
pkd = public key data (special field format, see below)
grp = reserved for gpgsm
rvk = revocation key
r����z�type trust length algo keyid date expires dummy ownertrust uid sig cap issuer flag token hash curve compliance updated origin keygripc��������������������s ���t�t|���|��d|�_i�|�_d�S�rq���)�superr����rW���� in_subkey�key_maprU����� __class__r
���r���rW���s��s����zListKeys.__init__c�����������������C���sL���|���|��|�_}|d�r*|d��|d���|d=�g�|d<�|��|��d|�_dS�)r����r����r�����subkeysFN)r����r����r����r����r����r
���r
���r���rZ���x��s����
z
ListKeys.keyc�����������������C���sr���|d�}||�j�kr&|�jjr&td|���|�jsP||�jd<�|�j�|��|�j|�j�|<�n
||�jd�d�d<�|�j|�j�|<�dS�)r����r����z$Unexpected fingerprint collision: %srs���r�������rc���N)r����rT����
check_fingerprint_collisions�
ValueErrorr����r����r����r����)rV���r;����fpr
���r
���r����fpr���s����
z
ListKeys.fprc�����������������C���s0���|d�}|�j�s||�jd<�n||�jd�d�d<�dS�)r����r����Zkeygripr����r����rd���N)r����r����)rV���r;����grpr
���r
���r���r�������s����
z
ListKeys.grpc�����������������C���s.���|��di��}i�}t||�j|��|||d�<�d�S�)NZ
subkey_infore���)�
setdefaultr����r����)rV���r����r;���Zinfo_mapr����r
���r
���r����_collect_subkey_info���s����
z
ListKeys._collect_subkey_infoc�����������������C���s<���|d�|d�ddg}|�j�d��|��|��|�j�|��d|�_dS�)r����re���rp���Nr����T�r����r����r����r�����rV���r;����subkeyr
���r
���r���r�������s����z
ListKeys.subc�����������������C���s8���|d�dddg}|�j�d��|��|��|�j�|��d|�_dS�)r����re���Nr����Tr����r����r
���r
���r����ssb���s����z
ListKeys.ssbc�����������������C���s&���|�j�d��|d�|d�|d�f��dS�)r����r����re���r����r����N)r����r�����rV���r;���r
���r
���r����sig���s����z
ListKeys.sig)r]���r^���r_���r`���r����r����r����rW���rZ���r�����secr����r����r����r����r���r���
__classcell__r
���r
���r����r���r����]��s���
r����c�������������������@���s���e�Zd�ZdZdd��ZdS�)�ScanKeyszB
This class handles status messages during scanning keys.
c�����������������C���s<���|d�|d�ddg}|�j�d��|��|��|�j�|��d|�_dS�)r����re���r����Nr����Tr����r����r
���r
���r���r�������s����z
ScanKeys.subN)r]���r^���r_���r`���r����r
���r
���r
���r���r�����s���r��c�������������������@���s*���e�Zd�Zdd��ZereZn
eZdd��ZdS�)�
TextHandlerc�����������������C���s���|�j��|�jj|�jj�S�rE���)r7����decoderT���r ����
decode_errorsr����r
���r
���r����_as_text���s����zTextHandler._as_textc�����������������C���s���|�j�S�rE���)r7���r����r
���r
���r����__str__���s����zTextHandler.__str__N)r]���r^���r_���r ��r���r
���
__unicode__r
���r
���r
���r���r�����s
���r��zno specific reason givenz not foundzambiguous specificationzwrong key usage�
key revoked�
key expiredz
no crl knownz
crl too oldzpolicy mismatchznot a secret keyzkey not trustedzmissing certificatezmissing issuer certificatez
key disabledz
syntax error in specification)r���r!���rc���rd���re���rf���r����r��������r����r����rp����
����
�������c�����������������C���sx���|�����}t|�dkr&|d�d��\}}n
|d�}d}d|�}zt|�}t�||�}W�n�tk
rj���|}Y�nX�d||f�S�)Nrc���r���z
<no ident>zunexpected return code %rz%s:%s)r����r+���r�����_INVALID_KEY_REASONS�getr����)r���r����r�����identZ
unexpectedrZ���r���r
���r
���r����&_determine_invalid_recipient_or_signer���s����
r��c�������������������@���s,���e�Zd�ZdZdd��Zdd��ZeZdd��ZdS�) �CryptzN
This class handles status messages during encryption and decryption.
c�����������������C���s.���t��|�|��d|�_d|�_d|�_d|�_d�|�_d�S�)N��F)rb���rW���r7���r����rz����
status_detailrw���rU���r
���r
���r���rW��� ��s
����
zCrypt.__init__c�����������������C���s
���t�|�j�S�rE���)r����r����r����r
���r
���r���r������s����zCrypt.__nonzero__c�����������������C���sx��|dkrt��d||���nZ|dkr6|�jdkr2d|�_�n>|dkrT|�dd����|�_�n |d krp|�jd
krld
|�_�n|d
kr�d
|�_n�|dkr�|�jd
kr�d|�_n�|dkr�d|�_n�|dkr�d|�_d|�_n�|dkr�d|�_d|�_n�|dk�r|�js�d|�_n
d|�j�|�_t|�|�_nn|dk�rd|�_n\|d
k�r*d
|�_nJ|d
k�r<d |�_n8|d k�rZ|�dd!�d"�|�_ n|d#k�rfnt
�
|�||��d�S�)$Nr����r����r����)�decryption failedzno data was provided)�NEED_PASSPHRASE�BAD_PASSPHRASE�GOOD_PASSPHRASEZMISSING_PASSPHRASE�KEY_NOT_CREATEDZNEED_PASSPHRASE_PIN�_r�����DECRYPTION_FAILEDr����r��ZNEED_PASSPHRASE_SYMzneed symmetric passphraseZBEGIN_DECRYPTIONzdecryption incompleteZBEGIN_ENCRYPTIONzencryption incompleteZDECRYPTION_OKAYz
decryption okTZEND_ENCRYPTIONz
encryption ok�INV_RECPzinvalid recipientzinvalid recipient: %sr����r
���
SIG_CREATEDz
sig createdr����z
sig expiredZENC_TOr!���r���)�
USERID_HINTZGOODMDCZEND_DECRYPTIONZCARDCTRLZBADMDCZ
SC_OP_FAILUREZ
SC_OP_SUCCESSZPINENTRY_LAUNCHED)
r)���r*���rz���r����lowerr����r��r��r����rw���rb���r\���rY���r
���r
���r���r\�����sN����
zCrypt.handle_statusN)r]���r^���r_���r`���rW���r����r����r\���r
���r
���r
���r���r����s
���r��c�������������������@���s8���e�Zd�ZdZdZdd��Zdd��ZeZdd��Zd d
��Z dS�)
�GenKeyzC
This class handles status messages during key generation.
Nc�����������������C���s"���t��|�|��d�|�_d|�_d�|�_d�S��Nr���rS���rW���r���rs���rz���rU���r
���r
���r���rW���L��s����
zGenKey.__init__c�����������������C���s
���t�|�j�S�rE����r����rs���r����r
���r
���r���r����R��s����zGenKey.__nonzero__c�����������������C���s���|�j�S�rE����rs���r����r
���r
���r���r
��W��s����zGenKey.__str__c�����������������C���s|���|dkrt��d||��n`|dkrD|���}|d�d��\|�_|�_d|�_n4|dkr`|�dd����|�_n|d krjnt��d
||��d�S�)
Nr����r�����
KEY_CREATEDrc���r����r
��r
��r����)ZPROGRESSr
��r����) r)���r*���r����r���rs���rz���r���r#��r1���)rV���rZ���r[���r����r
���r
���r���r\���Z��s����zGenKey.handle_status�
r]���r^���r_���r`���r����rW���r����r����r
��r\���r
���r
���r
���r���r$��E��s���r$��c�������������������@���s8���e�Zd�ZdZdZdd��Zdd��ZeZdd��Zd d
��Z dS�)
� AddSubkeyzD
This class handles status messages during subkey addition.
Nc�����������������C���s"���t��|�|��d�|�_d|�_d�|�_d�S�r%��r&��rU���r
���r
���r���rW���p��s����
zAddSubkey.__init__c�����������������C���s
���t�|�j�S�rE���r'��r����r
���r
���r���r����v��s����zAddSubkey.__nonzero__c�����������������C���s���|�j�S�rE���r(��r����r
���r
���r���r
��{��s����zAddSubkey.__str__c�����������������C���sJ���|dkrt��d||��n.|dkr8|���\|�_|�_d|�_nt��d||��d�S�)Nr����r����r)��r����r����)r)���r*���r����r���rs���rz���r1���rY���r
���r
���r���r\���~��s
����zAddSubkey.handle_statusr*��r
���r
���r
���r���r+��i��s���r+��c�����������������������s ���e�Zd�ZdZ��fdd�Z���ZS�)�
ExportResultz?
This class handles status messages during key export.
c��������������������s ���|dkr
nt�t|���||��d�S�)N)ZEXPORTEDZ
EXPORT_RES)r����r,��r\���rY���r����r
���r���r\������s����zExportResult.handle_status)r]���r^���r_���r`���r\���r��r
���r
���r����r���r,�����s���r,��c�������������������@���sD���e�Zd�ZdZdZdd��Zdd��Zddd d
�Zd
d
��Zd
d��Z e Z
dS�)�
DeleteResultzA
This class handles status messages during key deletion.
Nc�����������������C���s���t��|�|��d|�_d�S��Nr����)rS���rW���rz���rU���r
���r
���r���rW������s����
zDeleteResult.__init__c�����������������C���s���|�j�S�rE����rz���r����r
���r
���r���r
�����s����zDeleteResult.__str__z
No such keyz
Must delete secret key firstzAmbiguous specification)r����r����r����c�����������������C���s0���|dkr
|�j��|d|��|�_nt�d||��d�S�)NZDELETE_PROBLEMzUnknown error: %rr����)r����r��rz���r)���r1���rY���r
���r
���r���r\������s����zDeleteResult.handle_statusc�����������������C���s
���|�j�dkS�r.��r/��r����r
���r
���r���r�������s����zDeleteResult.__nonzero__)
r]���r^���r_���r`���r����rW���r
��r����r\���r����r����r
���r
���r
���r���r-�����s����r-��c�������������������@���s���e�Zd�ZdZdS�)�
TrustResultzF
This class handles status messages during key trust setting.
N)r]���r^���r_���r`���r
���r
���r
���r���r0�����s���r0��c�������������������@���s0���e�Zd�ZdZdZdd��Zdd��ZeZdd��ZdS�) �Signz<
This class handles status messages during signing.
Nc�����������������C���s:���t��|�|��d�|�_d�|�_d�|�_d�|�_d�|�_d�|�_d�|�_d�S�rE���) rS���rW���r���r����rs���rz���r��rw���rx���rU���r
���r
���r���rW������s����
z
Sign.__init__c�����������������C���s
���|�j�d�k S�rE���r(��r����r
���r
���r���r�������s����zSign.__nonzero__c�����������������C���s����|dkrt��d||��n�|dkr(d|�_n�|dkr8d|�_n�|dkrd|���\|�_}|�_}|�_|�_d|�_nt|d kr�|�d
d
�\|�_|�_ nV|d
kr�d
|�_nF|dkr�|�js�d|�_n
d|�j�|�_t
|�|�_
n|dkr�nt��
d||��d�S�)N)r����r����r����r����)r����r����r
��Z
KEYREVOKEDr
��r!��zsignature createdr"��r����r!���r��zbad passphrase)ZINV_SGNRr ��zinvalid signerzinvalid signer: %s)r��r
��r����r����)
r)���r*���rz���r����r���r����ru���rs���rw���rx���r��r��r1���)rV���rZ���r[���r����r����r
���r
���r���r\������s*����
zSign.handle_status) r]���r^���r_���r`���r����rW���r����r����r\���r
���r
���r
���r���r1�����s
���
r1��c�������������������@���s@���e�Zd�ZdZdd��Zdd��Zdd��Zdd ��Zd
d
��Zd
d
��Z dS�)�
AutoLocateKeyz�
This class handles status messages during key auto-locating.
fingerprint: str
key_length: int
created_at: date
email: str
email_real_name: str
c�����������������C���s.���t��|�|��d�|�_d�|�_d�|�_d�|�_d�|�_d�S�rE���)rS���rW���rs���r����
created_at�email�email_real_namerU���r
���r
���r���rW������s
����
zAutoLocateKey.__init__c�����������������C���sJ���|dkr,|����\}}}||�_|dd��|�_n|dkrF|�������d�|�_d�S�)Nr����r!���r����r����r���)r����r4��r5���striprs���)rV���rZ���r[���r
��r4���
display_namer
���r
���r���r\�����s
����zAutoLocateKey.handle_statusc�����������������C���s���dS�)z�
Internal method to handle the 'pub' status message.
`pub` message contains the fingerprint of the public key, its type and its creation date.
Nr
���r��r
���r
���r���r����
��s����zAutoLocateKey.pubc�����������������C���s8���t��t|d���|�_|d�}t|�\}}||�_||�_d�S�)Nrf���r����)r����
fromtimestampr����r3��r���r4��r5��)rV���r;���Zraw_email_contentr4��Z real_namer
���r
���r���r������s
����
zAutoLocateKey.uidc�����������������C���s���t�|d��|�_d�S�)Nrc���)r����Z
key_lengthr��r
���r
���r���r������s����zAutoLocateKey.subc�����������������C���s���|�j�p
|d�|�_�d�S�)Nr����r(��r��r
���r
���r���r������s����zAutoLocateKey.fprN)
r]���r^���r_���r`���rW���r\���r����r����r����r����r
���r
���r
���r���r2�����s��� r2��z^cfg:version:(\d+(\.\d+)*)r ���z
[0-9a-f]+$zgpg: public key is (\w+)c�������������������@���s���e�Zd�ZdZdZdZdZeee e
e
e
e
eeeeeeed�Zd\dd �Zd
d
��Zd]d
d
�Zdd��Zd^dd�Zd_dd�Zdd��Z
dd��Z
d`dd�Z
dd
��Z d
d
��Z d d ��Z!dad"d#�Z"d$d%��Z#dbd&d'�Z$dcd(d)�Z%ddd*d+�Z&d,d-��Z'd.d/��Z(d0d1��Z)ded2d3�Z*dfd4d5�Z+d6d7��Z,d8d9��Z-dgd:d;�Z.d<d=��Z/d>d?��Z0dhdAdB�Z1didCdD�Z2dEdF��Z3dGdH��Z4djdLdM�Z5dkdNdO�Z6dPdQ��Z7dRdS��Z8dldTdU�Z9dVdW��Z:dmdXdY�Z;dZd[��Z<dS�)n�GPGzL
This class provides a high-level programmatic interface for `gpg`.
N�stricti�@��)�crypt�delete�generate� addSubkey�import�sendrF����scanr����sign�trust�verify�export�auto-locate-keyrT���Fc �����������������C���s���||�_�||�_||�_|r.tj�|�s.td|���|rBt|t�rB|g}||�_ |r\t|t�r\|g}||�_
||�_
||�_
t|t
�r~|g}||�_d|�_d|�_|r�tj�|�j�s�t�|�jd��z|��ddg�} W�n0�tk
r����d|�j��}
t�|
��t|
��Y�nX�|�jd�|��}
|�j| |
| jd ��| jd
k�r4td
| j|
jf���t�
|
j
�}
|
�sNd|�_
n,d
� d
�}
t dd��|
�!��d
��"|
�D���|�_
d|�_#dS�)a9��Initialize a GPG process wrapper.
Args:
gpgbinary (str): A pathname for the GPG binary to use.
gnupghome (str): A pathname to where we can find the public and private keyrings. The default is
whatever `gpg` defaults to.
keyring (str|list): The name of alternative keyring file to use, or a list of such keyring files. If
specified, the default keyring is not used.
options (list): A list of additional options to pass to the GPG binary.
secret_keyring (str|list): The name of an alternative secret keyring file to use, or a list of such
keyring files.
env (dict): A dict of environment variables to be used for the GPG subprocess.
z.gnupghome should be a directory (it isn't): %sNzlatin-1i���z
--list-config�
--with-colonsz1Unable to run gpg (%s) - it may not be available.rD���r&���r���zError invoking gpg: %s: %s�.r ���c�����������������S���s���g�|�]
}t�|��qS�r
���)r������.0r���r
���r
���r����
<listcomp>���s�����z GPG.__init__.<locals>.<listcomp>F)$� gpgbinary� gnupghome�env�os�path�isdirr����r���r����keyring�secret_keyring�verbose� use_agentrQ����options�on_datar ����makedirs�_open_subprocess�OSErrorr)���r.����
result_map�_collect_outputr&���r�����stderr�
VERSION_RE�matchr7����versionr
���rG����groupsr����r����)rV���rM��rN��rU��rV��rS��rW��rT��rO���p�msgr���r�����dotr
���r
���r���rW���A��sL����
"z
GPG.__init__c�����������������C���s��|�j�ddddg}dtjkr(|�ddg��|rPt|�d�rP|�jd krPd
d
g|d
d
�<�|�d
ddg��|�jrz|�dt|�j�g��|�jr�|� d��|�jD�]}|�dt|�g��q�|�j
r�|�j
D�]}|�dt|�g��q�|r�|�ddg��|�j
r�|� d��|�j
�r|�|�j
��|�|��|S�)aN��
Make a list of command line elements for GPG. The value of ``args``
will be appended. The ``passphrase`` argument needs to be True if
a passphrase will be sent to `gpg`, else False.
Args:
args (list[str]): A list of arguments.
passphrase (str): The passphrase to use.
z
--status-fdr����z--no-ttyz
--no-verboseZ DEBUG_IPCz--debugZipcra���rc���r!���z--pinentry-modeZloopbackr!����--fixed-list-modez--batchrG��z --homedirz--no-default-keyringz --keyringz--secret-keyringz--passphrase-fdr����z
--use-agent)
rM��rP���environ�extendr$���ra��rN��r
���rS��r����rT��rV��rW��)rV���r;���rC����cmd�fnr
���r
���r���� make_args���s0����
z
GPG.make_argsc�������������� ���C���sv���ddl�m}�|��||�}|�jr*t||���ts4d�}nt��}t|_t|_ t
|dt
t
t
||�j
d�}t
�d|j||���|S�)Nr���)�
list2cmdlineF)�shellr&����stdoutr^���
startupinforO��r����)�
subprocessrm��rl��rU���printr���r ���ZdwFlagsr
���Z
wShowWindowr���r���rO��r)���r1����pid)rV���r;���rC����
debug_printrj���sir���r
���r
���r���rZ�����s����
zGPG._open_subprocessc�����������������C���s����g�}|����}t|�dkrq�|�|��|���}|�jr:t|��t�d|��|dd��dkr|dd���}|�d�d�}|d�}t|�dkr�|d�}nd}|� ||��qd�
|�|_
d�S�)Nr���z%sr����z [GNUPG:] r!���r��)
�readliner+���r�����rstriprU��rr��r)���r1���r����r\���r����r^��)rV���rB���r����lines�line�L�keywordr[���r
���r
���r����_read_response���s$����
zGPG._read_response����c�����������
���
���C���s��|dks
t��g�}d�}|�|�}t|�dkrl|r�z
||��W�q��tk
rh�}�z|d�krX|}W�5�d�}~X�Y�q�X�q�tr�t�d|d�d�����d} |r�z||�}
|
dk } W�n.�tk
r��}�z|d�kr�|}W�5�d�}~X�Y�nX�| r|�|��qtr�t |����
|�|_
n
d�
|�|_
|�r||_
d�S�)Nr���z chunk: %r����TFr��)
r#���r'���r+���r(����log_everythingr)���r1���r����r���r���r����r7���ra���)
rV���rB���r���rX��r4����chunksra���r7����er����Zon_data_resultr
���r
���r����
_read_data���s:����
zGPG._read_datac�����������
������C���s��t��|�j�|j�}tj|�j||fd�}d|_t� d|��|�
���|j
}tj|�j
|||�j
|�jfd�}d|_t� d|��|�
���|����|����|dk r�|�d��|����|j�|_} | dkr�t�d| ��|dk r�z
|����W�n�tk
r����Y�nX�|����|����| S�) a
��
Drain the subprocesses output streams, writing the collected output to the result. If a writer thread (writing
to the subprocess) is given, make sure it's joined before returning. If a stdin stream is given, close it
before returning.
r9���Tzstderr reader: %rzstdout reader: %rN�{�G�z�?r���z&gpg returned a non-zero error code: %d)�codecs� getreaderr ���r^��r<���r=���r|��r>���r)���r1���r?���ro��r���rX��r4���r�����waitr����r*���r/���r0���)
rV����processr����writerr&���r^��Zrrro��Zdr�rcr
���r
���r���r]����s4����
zGPG._collect_outputc�����������������C���s
���t�|d�S�)z�
A simplistic check for a file-like object.
Args:
fileobj (object): The object to test.
Returns:
bool: ``True`` if it's a file-like object, else ``False``.
r'���)r$���)rV����fileobjr
���r
���r����
is_valid_file(��s���� zGPG.is_valid_filec�����������������C���sP���|���|�r|}n<t|t�s(td|���n$tj�|�sBtd|���n
t|d�}|S�)Nz
Not a valid file or path: %szNo such file: %s�rb) r���r����
path_typesr���rP��rQ���existsr�����open)rV����fileobj_or_pathr���r
���r
���r����
_get_fileobj3��s����
zGPG._get_fileobjc�����������
��� ���C���s����|���|�}zj|��||dk �}|s4t�|�j�|j�} n|j} d}|rPt| ||�j��t || |�j
�}|��
|||| ��|W��S�|r�|�d��||k r�|����X�dS�)z;Handle a call to GPG - pass input data, collect output datar���N)
r���r����r/���rZ��r���� getwriterr ���r&���rD���rA���r4���r]��)
rV���r;���r���r���rC����binaryr���r���rc��r&���r
���r
���r����
_handle_io>��s ����
zGPG._handle_ioc�����������������K���s&���t�||�j�}|�j|f|�}|����|S�)a���
Sign a message. This method delegates most of the work to the `sign_file()` method.
Args:
message (str|bytes): The data to sign.
kwargs (dict): Keyword arguments, which are passed to `sign_file()`:
* keyid (str): The key id of the signer.
* passphrase (str): The passphrase for the key.
* clearsign (bool): Whether to use clear signing.
* detach (bool): Whether to produce a detached signature.
* binary (bool): Whether to produce a binary signature.
* output (str): The path to write a detached signature to.
* extra_args (list[str]): Additional arguments to pass to `gpg`.
)rR���r ���� sign_filer/���)rV���r����r�����fr���r
���r
���r���rB��Y��s����
zGPG.signc�����������������C���s.���t�j�|�r|�dg��|�dt|�g��dS�)a:��
If writing to a file which exists, avoid a confirmation message by
updating the *args* value in place to set the output path and avoid
any cpmfirmation prompt.
Args:
args (list[str]): A list of arguments.
output (str): The path to the outpur file.
�--yesz--outputN)rP��rQ��r���ri��r
���)rV���r;����outputr
���r
���r���� set_output_without_confirmationt��s����
z#GPG.set_output_without_confirmationc�����������������C���s���d|kod|kod|kS�)a���
Confirm that the passphrase doesn't contain newline-type characters - it is passed in a pipe to `gpg`,
and so not checking could lead to spoofing attacks by passing arbitrary text after passphrase and newline.
Args:
passphrase (str): The passphrase to test.
Returns:
bool: ``True`` if it's a valid passphrase, else ``False``.
r����r����r����r
���)rV���rC���r
���r
���r����is_valid_passphrase���s����
zGPG.is_valid_passphraseTc �������������� ���C���s:��|r|���|�std��t�d|��|r.dg} ndg} |rD| �d��n|rR| �d��|rh| �dt|�g��|rx|��| |��|r�| �|��|�jd�|��}
|�� |�}
|��
| |d k �}
zRz*|
j
}|r�t|||�j��t|
||�j�}
W�n"�tk
r����t�d
��d }
Y�nX�W�5�|
�r|
�
d
��|
|k �r$|
�
���X�|��|
|
|
|��|
S�)
a]��
Sign data in a file or file-like object.
Args:
fileobj_or_path (str|file): The file or file-like object to sign.
keyid (str): The key id of the signer.
passphrase (str): The passphrase for the key.
clearsign (bool): Whether to use clear signing.
detach (bool): Whether to produce a detached signature.
binary (bool): Whether to produce a binary signature.
output (str): The path to write a detached signature to.
extra_args (list[str]): Additional arguments to pass to `gpg`.
�Invalid passphrasez
sign_file: %sz-sz-saz
--detach-signz
--clearsign�
--default-keyrB��Nr���zerror writing message)r���r����r)���r1���r����ri��r
���r���r\��r���rZ��r����r/���r&���rD���r ���rA���r4���r0����loggingr.���r]��)rV���r���r����rC���Z clearsign�detachr���r����
extra_argsr;���r���r���rc��r���r&���r
���r
���r���r������sB����
z
GPG.sign_filec�����������������K���s&���t�||�j�}|�j|f|�}|����|S�)a���
Verify the signature on the contents of the string *data*. This method delegates most of the work to
`verify_file()`.
Args:
data (str|bytes): The data to verify.
kwargs (dict): Keyword arguments, which are passed to `verify_file()`:
* fileobj_or_path (str|file): A path to a signature, or a file-like object containing one.
* data_filename (str): If the signature is a detached one, the path to the data that was signed.
* close_file (bool): If a file-like object is passed in, whether to close it.
* extra_args (list[str]): Additional arguments to pass to `gpg`.
)rR���r ����
verify_filer/���)rV���r7���r����r���r���r
���r
���r���rD�����s����
z
GPG.verifyc�����������
��� ���C���s����t��d||��|�jd�|��}dg}|r0|�|��|dkrL|�j|||dd��n�t��d��ddl}|jd d
�\}} |���}
|r�|����t��d
|
��t �
||
��t �|��|�
t
| ���|�
t
|���z |��|�}
|�j|
||
jd
��W�5�t �
| ��X�|S�)
a���
Verify a signature.
Args:
fileobj_or_path (str|file): A path to a signature, or a file-like object containing one.
data_filename (str): If the signature is a detached one, the path to the data that was signed.
close_file (bool): If a file-like object is passed in, whether to close it.
extra_args (list[str]): Additional arguments to pass to `gpg`.
zverify_file: %r, %rrD���--verifyNT�r���z
Handling detached verificationr����pygpg-��prefixzWrote to temp file: %rrH��)r)���r1���r\��ri��r����tempfile�mkstempr'���r/���rP��r,���r����r
����removerZ��r]��r&���)
rV���r���Z
data_filenameZ
close_filer���r���r;���r����fdrk��r���rc��r
���r
���r���r������s.����
zGPG.verify_filec�����������������C���sh���t��d||dd����|�jd�|��}dg}|r8|�|��|�t|�dg��t|�}|�j|||dd��|S�) a��
Verify the signature in sig_filename against data in memory
Args:
sig_filename (str): The path to a signature.
data (str|bytes): The data to be verified.
extra_args (list[str]): Additional arguments to pass to `gpg`.
zverify_data: %r, %r ...Nr����rD��r����-Tr���)r)���r1���r\��ri��r
���rP���r���)rV���Z
sig_filenamer7���r���r���r;���rB���r
���r
���r����
verify_data��s����
zGPG.verify_datac�����������������C���sp���|�j�d�|��}t�d|dd����t||�j�}dg}|rB|�|��|�j||||dd��t�d|j��|����|S�) a��
Import the key_data into our keyring.
Args:
key_data (str|bytes): The key data to import.
passphrase (str): The passphrase to use.
extra_args (list[str]): Additional arguments to pass to `gpg`.
r?��zimport_keys: %rNr~���--importT�rC���r���zimport_keys result: %r) r\��r)���r1���rR���r ���ri��r����__dict__r/���)rV����key_datar���rC���r���r7���r;���r
���r
���r����
import_keys-��s����
zGPG.import_keysc��������������
���K���s4���t�|d�� }|�j|���f|�W��5�Q�R���S�Q�R�X�dS�)z�
Import the key data in key_path into our keyring.
Args:
key_path (str): A path to the key data to be imported.
r���N)r���r���r'���)rV���Zkey_pathr����r���r
���r
���r����import_keys_fileC��s����
zGPG.import_keys_filec�����������������O���s����|�j�d�|��}t�d|��td|�j�}dt|�g}d|krH|�|d���|�d��|�dd��|D����|�j|||d d
��t�d
|j ��|�
���|S�)
z�
Import one or more keys from a keyserver.
Args:
keyserver (str): The key server hostname.
keyids (str): A list of key ids to receive.
r?��z
recv_keys: %rr���
--keyserverr���z
--recv-keysc�����������������S���s���g�|�]
}t�|��qS�r
����r
����rK��r����r
���r
���r���rL��]��s�����z!GPG.recv_keys.<locals>.<listcomp>Tr���zrecv_keys result: %r�
r\��r)���r1���rR���r ���r
���ri��r����r���r���r/����rV���� keyserver�keyidsr����r���r7���r;���r
���r
���r���� recv_keysM��s����
z
GPG.recv_keysc�����������������O���s����|�j�d�|��}t�d|��td|�j�}dt|�g}d|krH|�|d���|�d��|�dd��|D����|�j|||d d
��t�d
|j ��|�
���|S�)
z�
Send one or more keys to a keyserver.
Args:
keyserver (str): The key server hostname.
keyids (list[str]): A list of key ids to send.
r@��z
send_keys: %rr��r���r���z
--send-keysc�����������������S���s���g�|�]
}t�|��qS�r
���r���r���r
���r
���r���rL��y��s�����z!GPG.send_keys.<locals>.<listcomp>Tr���zsend_keys result: %rr���r���r
���r
���r���� send_keyse��s����
z
GPG.send_keysc�����������
������C���s��|r|���|�std��d}|r@|�jdkr<|dkr<|r<td��d}t|�rXdd��|D��}n
t|�g}|rtd d��|D��}d
|�g}|r�|�jdkr�|�d
d
��|�|��|�jd
�|��}|r�|�jdk�r�|��|�} |�j | || j
d��n0t
d|�j
�}
z|�j||
||dd��W�5�|
�
���X�|S�)a9��
Delete the indicated keys.
Args:
fingerprints (str|list[str]): The keys to delete.
secret (bool): Whether to delete secret keys.
passphrase (str): The passphrase to use.
expect_passphrase (bool): Whether a passphrase is expected.
exclamation_mode (bool): If specified, a `'!'` is appended to each fingerprint. This deletes only a subkey
or an entire key, depending on what the fingerprint refers to.
.. note:: Passphrases
Since GnuPG 2.1, you can't delete secret keys without providing a passphrase. However, if you're expecting
the passphrase to go to `gpg` via pinentry, you should specify expect_passphrase=False. (It's only checked
for GnuPG >= 2.1).
r���rZ���rf��NzHFor GnuPG >= 2.1, deleting secret keys needs a passphrase to be providedz
secret-keyc�����������������S���s���g�|�]
}t�|��qS�r
���r���rJ��r
���r
���r���rL�����s�����z#GPG.delete_keys.<locals>.<listcomp>c�����������������S���s���g�|�]
}|d���qS�)�!r
���)rK��r���r
���r
���r���rL�����s�����z
--delete-%sr���r���r<��rH��r��Tr���)r���r����ra��rK���r
����insertri��r\��rZ��r]��r&���rR���r ���r/���r���)
rV���r�����secretrC����expect_passphraseZexclamation_mode�whichr;���r���rc��r���r
���r
���r����
delete_keys��s2����
zGPG.delete_keysc�����������
������C���sF��|r|���|�std��d}|r@d}|�jdkr@|dkr@|r@td��t|�rXdd��|D��}n
t|�g}d |�g} |rz| �d
��|r�| �d
d
g��|r�|��| |��| �|��|�jd
�|��}
|r�|�jdk�r�|�� | �}
|�j
|
|
|
j
d��n0t
d|�j
�}
z|�j| |
|
|dd��W�5�|
����X�t�d|
jdd����|
j}
|�rB|
�|�j
|�j�}
|
S�)at��
Export the indicated keys. A 'keyid' is anything `gpg` accepts.
Args:
keyids (str|list[str]): A single keyid or a list of them.
secret (bool): Whether to export secret keys.
armor (bool): Whether to ASCII-armor the output.
minimal (bool): Whether to pass `--export-options export-minimal` to `gpg`.
passphrase (str): The passphrase to use.
expect_passphrase (bool): Whether a passphrase is expected.
output (str): If specified, the path to write the exported key(s) to.
.. note:: Passphrases
Since GnuPG 2.1, you can't export secret keys without providing a passphrase. However, if you're expecting
the passphrase to go to `gpg` via pinentry, you should specify expect_passphrase=False. (It's only checked
for GnuPG >= 2.1).
r���r��z
-secret-keyrf��NzIFor GnuPG >= 2.1, exporting secret keys needs a passphrase to be providedc�����������������S���s���g�|�]
}t�|��qS�r
���r���r���r
���r
���r���rL�����s�����z#GPG.export_keys.<locals>.<listcomp>z
--export%s�--armorz--export-optionszexport-minimalrE��rH��Tr���z
export_keys result[:100]: %r�d���)r���r����ra��rK���r
���r����ri��r���r\��rZ��r]��r&���rR���r ���r/���r���r)���r1���r7���r��r��)
rV���r���r����armorZminimalrC���r���r���r���r;���r���rc��r���r
���r
���r����
export_keys���s>����
zGPG.export_keysc�����������������C���s����|j��|�j|�j����}d���}|D�]\}|�jr4t|��t� d|�
����|sL�q�|�
���d�}|s`q"|d�}||kr"t
||�|��q"|S�)Nz pub uid sec fpr sub ssb sig grp�line: %r�:r���)
r7���r��r ���r���
splitlinesr����rU��rr��r)���r1���rw��r6���getattr)rV���r���rx���valid_keywordsry��rz��r{��r
���r
���r����_decode_result���s
����zGPG._decode_resultc�����������������C���s*���|�j�|�|��}|�j|||jd��|��|�S�)NrH��)r\��r]��r&���r���)rV���rc���kindr���r
���r
���r����_get_list_output��s����zGPG._get_list_outputc�����������������C���sl���|r
d}n
|rdnd}d|�ddg}|�j�dkr8|�d��|rVt|t�rL|g}|�|��|��|�}|��|d�S�) aZ��
List the keys currently in the keyring.
Args:
secret (bool): Whether to list secret keys.
keys (str|list[str]): A list of key ids to match.
sigs (bool): Whether to include signature information.
Returns:
list[dict]: A list of dictionaries with key information.
z
secret-keysr�����keysz --list-%s�
--fingerprintrf��z--with-keygriprF���)ra��r����r���r���ri��rZ��r���)rV���r���r���r����r���r;���rc��r
���r
���r���� list_keys��s����
z
GPG.list_keysc�����������������C���sP���|�j�dkrddddg}nt�d��ddd g}|�t|���|��|�}|��|d
�S�)
a��
List details of an ascii armored or binary key file without first importing it to the local keyring.
Args:
filename (str): The path to the file containing the key(s).
.. warning:: Warning:
Care is needed. The function works on modern GnuPG by running:
$ gpg --dry-run --import-options import-show --import filename
On older versions, it does the *much* riskier:
$ gpg --with-fingerprint --with-colons filename
rf��� --dry-run�--import-options�
import-showr����TTrying to list packets, but if the file is not a keyring, might accidentally decrypt�--with-fingerprintrG��rg��rA��)ra��r)���r*���r����r
���rZ��r���)rV����filenamer;���rc��r
���r
���r���� scan_keys5��s����
z
GPG.scan_keysc�����������������C���s����|�j�d�|��}t�d|dd����t||�j�}|�jdkrFdddd g}nt�d
��d
d
d
g}|�j|||dd��t�d|j��|� ���|��
|�S�)a���
List details of an ascii armored or binary key without first importing it to the local keyring.
Args:
key_data (str|bytes): The key data to import.
.. warning:: Warning:
Care is needed. The function works on modern GnuPG by running:
$ gpg --dry-run --import-options import-show --import filename
On older versions, it does the *much* riskier:
$ gpg --with-fingerprint --with-colons filename
rA��z
scan_keys: %rNr~��rf��r���r���r���r���r���r���rG��rg��Tr���zscan_keys result: %r)
r\��r)���r1���rR���r ���ra��r*���r���r���r/���r���)rV���r���r���r7���r;���r
���r
���r����
scan_keys_memO��s����
zGPG.scan_keys_mem�
pgp.mit.educ�����������
������C���s����|����}t�|�rd|�}ddt|�g}|r6|�|��|�dt|�g��|��|�}|�jd�|��}|�j|||jd��|j �
|�j
|�j
��
��}ddg}|D�]Z} |�jr�t| ��t�d | �����| s�q�| �����d
�}
|
s�q�|
d
�}
|
|kr�t||
�|
��q�|S�)
a
��
search a keyserver by query (using the `--search-keys` option).
Args:
query(str): The query to use.
keyserver (str): The key server hostname.
extra_args (list[str]): Additional arguments to pass to `gpg`.
�0xr���r���z
--search-keysr���rH��r����r����r���r���r���)r6���
HEX_DIGITS_REr`��r
���ri��rZ��r\��r]��r&���r7���r��r ���r��r���rU��rr��r)���r1���rw��r����r���)
rV����queryr���r���r;���rc��r���rx��r���ry��rz��r{��r
���r
���r����
search_keysm��s2����
zGPG.search_keysc�����������������K���st���|pddddddg}dd��|�d |g}|�jd
�|��}d
|krJ|�|d
���|��|�}|�j|||jd
��|��|��|S�)
a���
Auto locate a public key by `email`.
Args:
email (str): The email address to search for.
mechanisms (list[str]): A list of mechanisms to use. Valid mechanisms can be found
here https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html
under "--auto-key-locate". Default: ['wkd', 'ntds', 'ldap', 'cert', 'dane', 'local']
ZwkdZntdsZldap�certZdane�localz--auto-key-locate�,z
--locate-keysrF��r���rH��)r����r\��ri��rZ��r]��r&���r���)rV���r4��Z
mechanismsr����r;���r���r���r
���r
���r����auto_locate_key���s����
zGPG.auto_locate_keyc�����������������C���s>���dg}|�j�d�|��}t||�j�}|�j|||dd��|����|S�)z�
Generate a key; you might use `gen_key_input()` to create the input.
Args:
input (str): The input to the key creation operation.
z --gen-keyr=��Tr���)r\��rR���r ���r���r/���)rV����inputr;���r���r���r
���r
���r����gen_key���s
����
z
GPG.gen_keyc����������� ������K���s��i�}|��dd�}t|����D�],\}}|�dd����}t|����r
|||<�q
|�dd��d|krj|�dd ��|�d
d
��tj �
d
�p�tj �
d
�p�d}t
�
��}|�dd|�dd�|f���d|��d��}t|����D�]\}}|d||f�7�}q�|r�|d7�}|d7�}|S�)z�
Generate `--gen-key` input (see `gpg` documentation in DETAILS).
Args:
kwargs (dict): A list of keyword arguments.
Returns:
str: A string suitable for passing to the `gen_key()` method.
�
no_protectionFr
��r���zKey-TypeZRSAZ key_curvez
Key-Lengthi���z Name-RealzAutogenerated Key�LOGNAME�USERNAME�
unspecifiedz
Name-Emailz%s@%sr����z
Key-Type: %s
z%s: %s
z%no-protection
z%commit
)
�poprF���r����r����titlerQ���r6��r����rP��rh��r���socket�
gethostname) rV���r����Zparmsr���rZ����valZlogname�hostname�outr
���r
���r����
gen_key_input���s(����
zGPG.gen_key_input�rsa�encryptr���c����������� ������C���s|���|�j�d�dk�rtd��|s"td��|r8|��|�s8td��d|||t|�g}|�jd�|��}td|�j�}|�j||||d d
��|S�)
ae��
Add subkeys to a master key,
Args:
master_key (str): The master key.
master_passphrase (str): The passphrase for the master key.
algorithm (str): The key algorithm to use.
usage (str): The desired uses for the subkey.
expire (str): The expiration date of the subkey.
r���rc���zNot available in GnuPG 1.xz#No master key fingerprint specifiedr���z--quick-add-keyr>��r��Tr���) ra��rX���r����r���rQ���r\��rR���r ���r���) rV���Z
master_keyZmaster_passphrase� algorithm�usageZexpirer;���r���r���r
���r
���r����
add_subkey���s����
zGPG.add_subkeyc
�����������
������C���s
��|r|���|�std��dg}
|rBdg}
|dk rx|
�dt|�g��n6|sNtd��t|�s\|f}|D�]}
|
�dt|
�g��q`|r�|
�d��|r�|��|
|��|dkr�|
�d ��n|r�|
�d d
t|�g��|r�|
�d
d
g��| r�|
�| ��|�jd
�|��}
|�j|
||
|dd��t �
d|
j
dd����|
S�)a*��
Encrypt data in a file or file-like object.
Args:
fileobj_or_path (str|file): A path to a file or a file-like object containing the data to be encrypted.
recipients (str|list): A key id of a recipient of the encrypted data, or a list of such key ids.
sign (str): If specified, the key id of a signer to sign the encrypted data.
always_trust (bool): Whether to always trust keys.
passphrase (str): The passphrase to use for a signature.
armor (bool): Whether to ASCII-armor the output.
output (str): A path to write the encrypted output to.
symmetric (bool): Whether to use symmetric encryption,
extra_args (list[str]): A list of additional arguments to pass to `gpg`.
r���z --encryptz
--symmetricTz
--cipher-algoz2No recipients specified with asymmetric encryptionz
--recipientr���z--signr����
--trust-model�alwaysr;��r���zencrypt result[:100]: %rNr���)
r���r����ri��r
���rK���r����r���r\��r���r)���r1���r7���)
rV���r����
recipientsrB���
always_trustrC���r���r���Z symmetricr���r;���Z recipientr���r
���r
���r����
encrypt_file��s:����
zGPG.encrypt_filec�����������������K���s(���t�||�j�}|�j||f|�}|����|S�)a���
Encrypt the message contained in the string *data* for *recipients*. This method delegates most of the work to
`encrypt_file()`.
Args:
data (str|bytes): The data to encrypt.
recipients (str|list[str]): A key id of a recipient of the encrypted data, or a list of such key ids.
kwargs (dict): Keyword arguments, which are passed to `encrypt_file()`:
* sign (str): If specified, the key id of a signer to sign the encrypted data.
* always_trust (bool): Whether to always trust keys.
* passphrase (str): The passphrase to use for a signature.
* armor (bool): Whether to ASCII-armor the output.
* output (str): A path to write the encrypted output to.
* symmetric (bool): Whether to use symmetric encryption,
* extra_args (list[str]): A list of additional arguments to pass to `gpg`.
)rR���r ���r���r/���)rV���r7���r���r����r���r
���r
���r���r���V��s����
z
GPG.encryptc�����������������K���s&���t�||�j�}|�j|f|�}|����|S�)ac��
Decrypt the data in *message*. This method delegates most of the work to
`decrypt_file()`.
Args:
message (str|bytes): The data to decrypt. A default key will be used for decryption.
kwargs (dict): Keyword arguments, which are passed to `decrypt_file()`:
* always_trust: Whether to always trust keys.
* passphrase (str): The passphrase to use.
* output (str): If specified, the path to write the decrypted data to.
* extra_args (list[str]): A list of extra arguments to pass to `gpg`.
)rR���r ����
decrypt_filer/����rV���r����r����r7���r���r
���r
���r����decryptt��s����
z
GPG.decryptc�����������������C���sr���|r|���|�std��dg}|r,|��||��|r>|�ddg��|rL|�|��|�jd�|��}|�j||||dd��|S�)a���
Decrypt data in a file or file-like object.
Args:
fileobj_or_path (str|file): A path to a file or a file-like object containing the data to be decrypted.
always_trust: Whether to always trust keys.
passphrase (str): The passphrase to use.
output (str): If specified, the path to write the decrypted data to.
extra_args (list[str]): A list of extra arguments to pass to `gpg`.
r���� --decryptr���r���r;��Tr���)r���r����r���ri��r\��r���)rV���r���r���rC���r���r���r;���r���r
���r
���r���r������s����
zGPG.decrypt_filec�����������������K���s&���t�||�j�}|�j|f|�}|����|S�)a��� Get the list of recipients for an encrypted message. This method delegates most of the work to
`get_recipients_file()`.
Args:
message (str|bytes): The encrypted message.
kwargs (dict): Keyword arguments, which are passed to `get_recipients_file()`:
* extra_args (list[str]): A list of extra arguments to pass to `gpg`.
)rR���r ����get_recipients_filer/���r���r
���r
���r����get_recipients���s����
zGPG.get_recipientsc�����������������C���sb���dddg}|r|��|��|�jd�|��}|�j|||dd��g�}t�|j�D�]}|�|�d���qH|S�)a0��
Get the list of recipients for an encrypted message in a file or file-like object.
Args:
fileobj_or_path (str|file): A path to a file or file-like object containing the encrypted data.
extra_args (list[str]): A list of extra arguments to pass to `gpg`.
r���z
--list-onlyz-vr;��Tr���r!���)ri��r\��r����
PUBLIC_KEY_RE�finditerr^��r����r����)rV���r���r���r;���r���Zidsr����r
���r
���r���r������s����
zGPG.get_recipients_filec�����������
��� ���C���s��t�j}||kr,d�t|��}td||f���||�d�}ddl}z�|jdd�\}}g�}t |t
�rf|g}|D�]} |�
d| |f���qjtj
�|�tj
�}
t
�d |
��t�||
�|�j���t�|��|�jd
�|��}
|��d
|g�}
|�j|
|
|
jd
��|
jdk�rtd
|
j���W�5�t�|��X�|
S�)aY��
Set the trust level for one or more keys.
Args:
fingerprints (str|list[str]): A key id for which to set the trust level, or a list of such key ids.
trustlevel (str): The trust level. This is one of the following.
* ``'TRUST_EXPIRED'``
* ``'TRUST_UNDEFINED'``
* ``'TRUST_NEVER'``
* ``'TRUST_MARGINAL'``
* ``'TRUST_FULLY'``
* ``'TRUST_ULTIMATE'``
r����z-Invalid trust level: "%s" (must be one of %s)r!���r���Nr���r���z%s:%s:zwriting ownertrust info: %srC��z--import-ownertrustrH��z&gpg returned an error - return code %d)rb���r����r�����sortedr����r���rP��r���r���r���r���r�����linesepr)���r1���r,���r
���r ���r/���r\��rZ��r]��r&���r����)
rV���r����Z
trustlevelZlevelsZpossr���rk��r���rx��r���r���r���rc��r
���r
���r����
trust_keys���s0����
zGPG.trust_keys)rT���NFFNNNN)F)Nr}��)NN)NF)NNTFFNN)NTN)N)NN)FNTF)FTFNTN)FNF)r���N)N)Nr���r���r���)NFNTNFN)FNNN)N)=r]���r^���r_���r`���r����r��r4���r��r-��r$��r+��r����r����r����r��r����r1��r0��rb���r,��r2��r\��rW���rl��rZ��r|��r���r]��r���r���r���rB��r���r���r���rD��r���r���r���r���r���r���r���r���r���r���r���r���r���r���r���r���r���r���r���r���r���r���r���r���r��r
���r
���r
���r���r9��%��s��������������
O#
#
#
��������
G
'
9�������
I
'
5
&��������
D
r9��)Rr`���r���r����
email.utilsr���rM���r���r���rP���rer���rq��r���r���r%���r<����
__version__�
__author__�__date__r����namer ���r
���rN����unicoder����
basestringr���r����bytesrQ���r���� NameError� getLoggerr]���r)����handlers�
addHandler�
NullHandlerr��rQ��r����compiler����getfilesystemencodingr
���r
���r8���rA���rD���rK���rP���rR����objectrS���rb���r�����Ir����r����r����r����rF���r����r����r��r��r��r��r��r$��r+��r,��r-��r0��r1��r2��r
���r_��r���r���r9��r
���r
���r
���r����<module>���s����#
! $
�CW�
2e�A$ 11