WHEW. test.py working now. still need to test pushing to a keyserver

2017-09-08 04:13:56 -04:00 · 2017-09-08 04:13:56 -04:00 · 6dbc713dc9
commit 6dbc713dc9
parent 20388431aa
3 changed files with 84 additions and 10 deletions
--- a/gpg/kant/.gitignore
+++ b/gpg/kant/.gitignore
@ -0,0 +1 @@
+/gpgme.pdf
--- a/gpg/kant/kant.py
+++ b/gpg/kant/kant.py
@ -30,13 +30,14 @@ import gpg  # non-stdlib; Arch package is "python-gpgme" - see
 #The signatures have been pushed to KEYSERVERS.
 #
 #I have taken the liberty of attaching my public key in the event you've not signed it yet and were unable to find it.
-#Please feel free to push to pgp.mit.edu or hkps.pool.sks-keyservers.net.
+#Please feel free to push to hkps://sks.mirror.square-r00t.net:11371 (you can do this with "gpg --keyserver ...) or any other SKS-pooled keyserver[0].
 #
 #As a reminder, my key ID, Keybase.io username, and verification/proof of identity can all be found at:
 #
-#https://devblog.square-r00t.net/about/my-gpg-public-key-verification-of-identity
+#https://square-r00t.net/gpg-info
 #
 #Thanks again!
+#[0] https://mirror.square-r00t.net/#svcs-sks

 class sigsession(object):
    def __init__(self, args):
--- a/gpg/kant/test.py
+++ b/gpg/kant/test.py
@ -1,17 +1,28 @@
 #!/usr/bin/env python3

-# This is more of a documentation on some python-gpgme (https://pypi.python.org/pypi/gpg) examples.
+# This is less of a test suite and more of an active documentation on some python-gpgme (https://pypi.python.org/pypi/gpg) examples.
 # Because their only documentation for the python bindings is in pydoc, and the C API manual is kind of useless.

 import gpg
 import gpg.constants
 import inspect
+import os
 import pprint
+import re
+import subprocess
+import operator
+from functools import reduce
+
+os.environ['GNUPGHOME'] = '/home/bts/tmpgpg'
+# JUST in case we need to...
+#subprocess.run(['gpgconf', '--reload', 'dirmngr'])

 # my key ID
-mykey = '748231EBCBD808A14F5E85D28C004C2F93481F6B'
+#mykey = '748231EBCBD808A14F5E85D28C004C2F93481F6B'
+mykey = '2805EC3D90E2229795AFB73FF85BC40E6E17F339'
 # a key to test with
-theirkey = '63D1CEA387C27A92E0D50AB8343C305F9109D4DC'
+theirkey = 'CA7D304ABA7A3E24C9414D32FFA0F1361AD82A06'
+testfetch = [theirkey, '748231EBCBD808A14F5E85D28C004C2F93481F6B']

 # Create a context
 # Params:
@ -53,10 +64,71 @@ klmodes = {'local': gpg.constants.KEYLIST_MODE_LOCAL,
 #mode    -- keylist mode (default: list local keys)
 #source  -- read keys from source instead from the keyring
 #            (all other options are ignored in this case)
-ctx.keylist(pattern = 'bts@square-r00t.net',
-            secret = False,
-            mode = klmodes['both'],
-            source = None)
+tkey2 = None

-# Test fetching from a keyserver
+# jrdemasi@gmail.com = 0xEFD9413B17293AFDFE6EA6F1402A088DEDF104CB
+for k in ctx.keylist(pattern = 'jrdemasi', secret = False, mode = klmodes['remote'], source = None):
+    #pprint.pprint(inspect.getmembers(k))
+    tkey2 = k
+    #print(tkey2.fpr)

+# Test fetching from a keyserver - we'll grab the last key from the above iteration
+try:
+    ctx.op_import_keys([tkey2])
+except gpg.errors.GPGMEError:
+    pass  # key isn't on the keyserver, or it isn't accessible, etc.
+
+# Test signing
+ctx.key_tofu_policy(tkey2, gpg.constants.TOFU_POLICY_ASK)
+ctx.signers = [mkey]
+days_valid = 4
+exptime = 4 * 24 * 60 * 60
+ctx.key_sign(tkey2, expires_in = exptime, local = True)
+
+# https://www.apt-browse.org/browse/debian/wheezy/main/amd64/python-pyme/1:0.8.1-2/file/usr/share/doc/python-pyme/examples/t-edit.py
+# https://searchcode.com/codesearch/view/20535820/
+# https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=doc/DETAILS;h=0be55f4d64178a5636cbe9f12f63c6f9853f3aa2;hb=refs/heads/master
+class KeyEditor(object):
+    def __init__(self):
+        self.replied_once = False
+        trust = '3'  # this is the level of trust... in this case, marginal.
+        rcptemail = 'test@test.com'
+        # we exclude 'help'
+        self.kprmpt = ['trust', 'fpr', 'sign', 'tsign', 'lsign', 'nrsign', 'grip', 'list',
+                        'uid', 'key', 'check', 'deluid', 'delkey', 'delsig', 'pref', 'showpref',
+                        'revsig', 'enable', 'disable', 'showphoto', 'clean', 'minimize', 'save',
+                        'quit']
+        self.prmpt = {'edit_ownertrust': {'value': trust,
+                                          'set_ultimate': {'okay': 'yes'}},
+                      'untrusted_key': {'override': 'yes'},
+                      'pklist': {'user_id': {'enter': rcptemail}},
+                      'keyedit': {'prompt': 'trust',  # the mode we initiate.
+                                  'save': {'okay': 'yes'}}}
+
+    def edit_fnc(self, status, args, out):
+        result = None
+        out.seek(0,0)
+        #print(status, args)
+        #print(out.read().decode('utf-8'))
+        #print('{0} ({1})'.format(status, args))
+        def mapDict(m, d):
+            return(reduce(operator.getitem, m, d))
+        if args == 'keyedit.prompt' and self.replied_once:
+            result = 'quit'
+        elif status == 'KEY_CONSIDERED':
+            result = None
+            self.replied_once = False
+        elif status == 'GET_LINE':
+            #print('DEBUG: looking up mapping...')
+            self.replied_once = True
+            _ilist = args.split('.')
+            result = mapDict(_ilist, self.prmpt)
+            if not result:
+                result = None
+        return(result)
+
+# Test setting trust
+out = gpg.Data()
+ctx.interact(tkey2, KeyEditor().edit_fnc, sink = out, fnc_value = out)
+out.seek(0,0)
+#print(out.read(), end = ' ')