GPG now only send the encrypted data, not the full headers things. And it adds the headers to the encrypted data received, to decrypt it.

author: Florent Le Coz <louiz@louiz.org> 2011-11-12 05:19:06 +0100
committer: Florent Le Coz <louiz@louiz.org> 2011-11-12 05:19:06 +0100
commit: a97e6b548b32836e97e88e83fdb1d0073b15c8c1 (patch)
tree: 023bab113469810294ba4cac3e88e88f4773f40d /plugins/gpg
parent: c2dfee141c7c6a3b082d6e1be69cef67c2704309 (diff)
download: poezio-a97e6b548b32836e97e88e83fdb1d0073b15c8c1.tar.gz
poezio-a97e6b548b32836e97e88e83fdb1d0073b15c8c1.tar.bz2
poezio-a97e6b548b32836e97e88e83fdb1d0073b15c8c1.tar.xz
poezio-a97e6b548b32836e97e88e83fdb1d0073b15c8c1.zip
1 files changed, 43 insertions, 10 deletions
diff --git a/plugins/gpg/__init__.py b/plugins/gpg/__init__.py
index 055014dc..a2742d3c 100644
--- a/plugins/gpg/__init__.py
+++ b/plugins/gpg/__init__.py
@@ -2,14 +2,35 @@ from gpg import gnupg
 from xml.etree import cElementTree as ET
 import xml.sax.saxutils
 
-from plugin import BasePlugin
-
 import logging
 log = logging.getLogger(__name__)
 
+from plugin import BasePlugin
+
+
 NS_SIGNED = "jabber:x:signed"
 NS_ENCRYPTED = "jabber:x:encrypted"
 
+
+SIGNED_ATTACHED_MESSAGE = """-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+%(clear)s
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG
+
+%(data)s
+-----END PGP SIGNATURE-----
+"""
+
+
+ENCRYPTED_MESSAGE = """-----BEGIN PGP MESSAGE-----
+Version: GnuPG
+
+%(data)s
+-----END PGP MESSAGE-----"""
+
+
 class Plugin(BasePlugin):
     def init(self):
         self.contacts = {}
@@ -38,12 +59,13 @@ class Plugin(BasePlugin):
         Sign every normal presence we send
         """
         signed_element = ET.Element('{%s}x' % (NS_SIGNED,))
-        t = self.gpg.sign(presence['status'], keyid=self.keyid, passphrase=self.passphrase)
+        t = self.gpg.sign(presence['status'], keyid=self.keyid, passphrase=self.passphrase, detach=True)
         if not t:
             self.core.information('Could not sign presence. Disabling GPG module', 'Info')
             self.core.plugin_manager.unload('gpg')
             return
-        signed_element.text = xml.sax.saxutils.escape(str(t))
+        text = xml.sax.saxutils.escape(str(t))
+        signed_element.text = self.remove_gpg_headers(text)
         presence.append(signed_element)
 
     def send_unsigned_presence(self):
@@ -64,12 +86,13 @@ class Plugin(BasePlugin):
         bare = presence['from'].bare
         full = presence['from'].full
         if signed is None:
-            log.debug('Not signed')
             if bare in self.contacts.keys():
                 del self.contacts[bare]
             return
         if self.config.has_section('keys') and bare in self.config.options('keys'):
-            verify = self.gpg.verify(signed.text)
+            to_verify = SIGNED_ATTACHED_MESSAGE % {'clear': presence['status'],
+                                                                'data': signed.text}
+            verify = self.gpg.verify(to_verify)
             if verify:
                 self.contacts[full] = 'valid'
             else:
@@ -86,7 +109,6 @@ class Plugin(BasePlugin):
         if not message['body']:
             # there’s nothing to encrypt if this is a chatstate, for example
             return
-        log.debug('\n\n\n on_conversation_say: from: (%s). Contacts: %s' %(to, self.contacts,))
         signed = to.full in self.contacts.keys()
         if signed:
             veryfied = self.contacts[to.full] == 'valid'
@@ -97,7 +119,7 @@ class Plugin(BasePlugin):
             # cannot be encrypted.
             del message['xhtml_im']
             encrypted_element = ET.Element('{%s}x' % (NS_ENCRYPTED,))
-            encrypted_element.text = xml.sax.saxutils.escape(str(self.gpg.encrypt(message['body'], self.config.get(to.bare, '', section='keys'))))
+            encrypted_element.text = self.remove_gpg_headers(xml.sax.saxutils.escape(str(self.gpg.encrypt(message['body'], self.config.get(to.bare, '', section='keys')))))
             message.append(encrypted_element)
             message['body'] = 'This message has been encrypted.'
 
@@ -107,12 +129,23 @@ class Plugin(BasePlugin):
         """
         encrypted = message.find('{%s}x' % (NS_ENCRYPTED,))
         fro = message['from']
-        log.debug('\n\n\n--------- for message %s. ENCRYPTED: %s' % (message, encrypted,))
         if encrypted is not None:
             if self.config.has_section('keys') and fro.bare in self.config.options('keys'):
                 keyid = self.config.get(fro.bare, '', 'keys')
-                decrypted = self.gpg.decrypt(encrypted.text, passphrase=self.passphrase)
+                decrypted = self.gpg.decrypt(ENCRYPTED_MESSAGE % {'data': str(encrypted.text)}, passphrase=self.passphrase)
                 if not decrypted:
                     self.core.information('Could not decrypt message from %s' % (fro.full),)
                     return
                 message['body'] = str(decrypted)
+
+    def remove_gpg_headers(self, text):
+        lines = text.splitlines()
+        while lines[0].strip() != '':
+            lines.pop(0)
+        while lines[0].strip() == '':
+            lines.pop(0)
+        res = []
+        for line in lines:
+            if not line.startswith('---'):
+                res.append(line)
+        return '\n'.join(res)
author	Florent Le Coz <louiz@louiz.org>	2011-11-12 05:19:06 +0100
committer	Florent Le Coz <louiz@louiz.org>	2011-11-12 05:19:06 +0100
commit	a97e6b548b32836e97e88e83fdb1d0073b15c8c1 (patch)
tree	023bab113469810294ba4cac3e88e88f4773f40d /plugins/gpg
parent	c2dfee141c7c6a3b082d6e1be69cef67c2704309 (diff)
download	poezio-a97e6b548b32836e97e88e83fdb1d0073b15c8c1.tar.gz poezio-a97e6b548b32836e97e88e83fdb1d0073b15c8c1.tar.bz2 poezio-a97e6b548b32836e97e88e83fdb1d0073b15c8c1.tar.xz poezio-a97e6b548b32836e97e88e83fdb1d0073b15c8c1.zip