summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTails developers <amnesia@boum.org>2012-08-19 15:24:21 +0200
committerTails developers <amnesia@boum.org>2012-08-19 21:55:16 +0200
commit2aefbcf7a3a1bee5b1b17e385b31bc4de2c19467 (patch)
treeeb1dc54e7d60d51d62f28d0c0fc44b868544084c
parent8274d95ffc6e040547031ca597810fa56f493290 (diff)
Encryption: use GnuPGInterface instead of pyme
It has more options, and especially it is able to use an external keyring.
-rw-r--r--debian/control2
-rwxr-xr-xsetup.py2
-rw-r--r--whisperBack/encryption.py114
-rw-r--r--whisperBack/exceptions.py7
-rw-r--r--whisperBack/gui.py3
5 files changed, 31 insertions, 97 deletions
diff --git a/debian/control b/debian/control
index 442f865..494fb2d 100644
--- a/debian/control
+++ b/debian/control
@@ -10,7 +10,7 @@ Standards-Version: 3.9.1.0
Package: whisperback
Architecture: all
-Depends: ${misc:Depends}, ${python:Depends}, python-pyme, python-gnutls, python-gtk2, python-webkit
+Depends: ${misc:Depends}, ${python:Depends}, python-gnupginterface, python-gnutls, python-gtk2, python-webkit
Description: send feedback using encrypted email
WhisperBack is designed to allow Live system users to be able to report bugs
or issues in a simple yet secure manner.
diff --git a/setup.py b/setup.py
index 31ae1ae..6e57104 100755
--- a/setup.py
+++ b/setup.py
@@ -71,7 +71,7 @@ setup(name='whisperback',
('share/doc/whisperback', ['doc/config.py.sample',
'README']),
('share/man/man1', ['doc/whisperback.1'])],
- requires=['gtk', 'pyme', 'gnutls'],
+ requires=['gtk', 'GunPGInterface', 'gnutls'],
cmdclass = { "build" : build_extra.build_extra,
"build_gtkbuilderi18n" : build_gtkbuilderi18n,
"build_man" : build_man,
diff --git a/whisperBack/encryption.py b/whisperBack/encryption.py
index b16d77b..94ba484 100644
--- a/whisperBack/encryption.py
+++ b/whisperBack/encryption.py
@@ -26,93 +26,25 @@
"""
import os.path
-import pyme.core
-import pyme.errors
+import GnuPGInterface
import whisperBack.exceptions
-class Encryption (object):
+class Encryption (GnuPGInterface.GnuPG):
"""Some tools for encryption"""
def __init__ (self, gnupg_homedir=None):
"""Initialize the encryption mechanism"""
- if gnupg_homedir and os.path.exists(gnupg_homedir):
- os.environ["GNUPGHOME"] = gnupg_homedir
- self.context = pyme.core.Context()
-
- def __fingerprints_to_keys (self, fingerprints):
- """Convert fingerprints into pyme keys
-
- @param fingerprints A list of fingerprints
- @return A list of pygme keys
- """
+ GnuPGInterface.GnuPG.__init__(self)
- to_keys = []
- for fingerprint in fingerprints:
- try:
- # The function gpgme_op_keylist_start initiates a key listing
- # operation inside the context ctx. It sets everything up so
- # that subsequent invocations of gpgme_op_keylist_next return
- # the keys in the list.
- to_key = self.context.get_key(fingerprint, secret=False)
- to_keys.append (to_key)
- except pyme.errors.GPGMEError, e:
- raise whisperBack.exceptions.KeyNotFoundException (e.getstring)
- return to_keys
-
- def __encrypt_from_keys (self, data, to_keys):
- """Encrypt data to a list of keys
-
- @param to_keys A list of pyme keys, as returned by
- __fingerprint_to_keys
- @param data The data to be encrypted
- @return The encrypted data
- """
-
- # THE CONTEXT
- # Initialize our context
- context = self.context
- # Define which protocol we want to use
- #context.set_protocol(PROTOCOL)
- # Define that we want an ASCII-armored output
- context.set_armor(True)
-
- # THE BUFFERS
- # Set up our input buffer and initialize it whit our message
- plain = pyme.core.Data(data)
- # Set up our output buffer
- cipher = pyme.core.Data()
-
- # THE ACTUAL ENCRYPTION
- # Do the actual encryption.
- try:
- # Do the actual encryption
- #
- # The function gpgme_op_encrypt encrypts the plaintext in the data
- # object plain for the recipients recp and stores the ciphertext
- # in the data object cipher. The type of the ciphertext created is
- # determined by the ASCII armor and text mode attributes set for
- # the context.
- #
- # Key must be a NULL-terminated array of keys. The user must keep
- # references for all keys during the whole duration of the call
- # (but see gpgme_op_encrypt_start for the requirements with the
- # asynchronous variant).
- #
- # flags := {GPGME_ENCRYPT_ALWAYS_TRUST : 1,
- # GPGME_ENCRYPT_NO_ENCRYPT_TO : 2}
- #
- # context.op_encrypt (keys[], flags, plain, cipher)
- context.op_encrypt(to_keys, 1, plain, cipher)
- del plain
- # Go to the beginning of the buffer
- cipher.seek(0, 0)
- # Reads the cipher (= encrypted text)
- return cipher.read()
- except pyme.errors.GPGMEError, e:
- raise whisperBack.exceptions.EncryptionException (e.getstring())
+ self.options.armor = True
+ self.options.meta_interactive = False
+ self.options.always_trust = True
+ if gnupg_homedir and os.path.exists(gnupg_homedir):
+ self.options.homedir = gnupg_homedir
+
def encrypt (self, data, to_fingerprints):
"""Encrypts data for a list of recepients
@@ -120,12 +52,22 @@ class Encryption (object):
@param data Data to be encrypted
@return The encrypted data
"""
-
- # Convert the fingerprint into pgpme keys
- to_keys = self.__fingerprints_to_keys (to_fingerprints)
- # Process only if some keys were found
- if len(to_keys) == 0:
- raise whisperBack.exceptions.KeyNotFoundException (
- _("No keys found.") )
- # Encrypt the data
- return self.__encrypt_from_keys (data, to_keys)
+ try:
+ self.options.recipients = to_fingerprints
+ proc = self.run(['--encrypt'], create_fhs=['stdin', 'stdout', 'stderr'])
+
+ proc.handles['stdin'].write(data)
+ proc.handles['stdin'].close()
+
+ output = proc.handles['stdout'].read()
+ proc.handles['stdout'].close()
+
+ error = proc.handles['stderr'].read()
+ proc.handles['stderr'].close()
+
+ proc.wait()
+ return output
+
+ except IOError, e:
+ # XXX: raise a specific exception if the key wasn't found
+ raise whisperBack.exceptions.EncryptionException(error)
diff --git a/whisperBack/exceptions.py b/whisperBack/exceptions.py
index 8c9b49f..4d594c0 100644
--- a/whisperBack/exceptions.py
+++ b/whisperBack/exceptions.py
@@ -45,10 +45,5 @@ class MisconfigurationException(WhisperbackException):
# Used in encryption.py
class EncryptionException (WhisperbackException):
- """This exception is raised when GPGME fails to encrypt the data"""
- pass
-
-class KeyNotFoundException (EncryptionException):
- """This exception is raised when GPGME can't find the key it searches
- in the keyring"""
+ """This exception is raised when GnuPG fails to encrypt the data"""
pass
diff --git a/whisperBack/gui.py b/whisperBack/gui.py
index d13e719..aaf3e8f 100644
--- a/whisperBack/gui.py
+++ b/whisperBack/gui.py
@@ -273,9 +273,6 @@ If it does not work, you will be offered to save the bug report."), e)
try:
self.backend.send(cb_update_progress, cb_finished_progress)
- except whisperBack.exceptions.KeyNotFoundException, e:
- self.show_exception_dialog(_("Unable to find encryption key."), e)
- self.progression_dialog.hide()
except whisperBack.exceptions.EncryptionException, e:
self.show_exception_dialog(
_("An error occured during encryption."), e)