def add_pgp_key(armored: str) -> tuple:
"""
Adds a key to the database.
:param armored: The armored key data to add to the keyring.
:return: True and the keyid if the import succeeded, or:
False and -1 if it was invalid, False and -2 if it already existed or False and -3 if it's a private key.
"""
if not '-----BEGIN PGP PUBLIC KEY BLOCK-----' in armored:
return False, -3
# Dump the key data.
newkey = keyinfo.KeyInfo.pgp_dump(armored)
# You tried, pgpdump. And that's more than we could ever ask of you.
if not isinstance(newkey, keyinfo.KeyInfo):
return False, -1, None
# Put the data into the database.
# Show me on the doll where redis touched you.
exists = db.Key.query.filter(db.Key.key_fp_id == newkey.shortid).first()
if exists:
if keyinfo.KeyInfo.from_database_object(exists) == newkey:
return False, -2, None
else:
use_id = exists.id
else:
use_id = None
key = db.Key.from_keyinfo(newkey)
if not newkey.armored:
key.armored = armored
if use_id:
key.id = use_id
db.db.session.merge(key)
db.db.session.commit()
if cache.exists(key.key_fp_id + "-armor"):
cache.delete(key.key_fp_id + "-armor")
return True, newkey.shortid, key
def get_pgp_armor_key(keyid: str) -> str:
"""
Lookup a PGP key.
:param keyid: The key ID to lookup.
:return: The armored version of the PGP key, or None if the key does not exist in the DB.
"""
if cache.exists(keyid + "-armor"):
return cache.get(keyid + "-armor").decode()
if keyid.startswith("0x"):
keyid = keyid.replace("0x", "")
if len(keyid) == 40:
key = db.Key.query.filter(db.Key.fingerprint == keyid).first()
elif len(keyid) == 8:
key = db.Key.query.filter(db.Key.key_fp_id == keyid).first()
else:
key = db.Key.query.filter(db.Key.uid.ilike("%{}%".format(keyid))).first()
if key:
if key.armored:
cache.setex(keyid + "-armor", 60*60*24, key.armored)
return key.armored
else:
return ""
else: return None
def _setup_keybase(self, username):
if cache.exists("keybase_" + username):
miss = False
# Load it without autofetching.
k = keybaseapi.User(username, autofetch=False)
# JSON load the data from the cache.
data = json.loads(cache.get("keybase_" + username).decode())
# Load the raw keybase data in.
k.raw_keybase_data = k._translate_into_configkey(data)
# Map the data structure.
k._map_data()
else:
miss = True
# Load it with autofetching.
k = keybaseapi.User(username)
# JSON dump the key structure.
data = json.dumps(k.raw_keybase_data.dump())
# Set it on the cache and set it to expire in a day.
# Note: StrictRedis uses name,time,value. Normal redis uses name,value,time.
cache.setex("keybase_" + username, 60 * 60 * 24, data)
self.api_keybase = k.raw_keybase_data.dump()
# Second cache pass, check if it was verified.
if miss:
try:
k.verify_proofs()
except keybaseapi.VerificationError:
verified = False
else:
verified = True
# Set it on cache.
cache.setex("keybase_" + username + "_ver", 60 * 60 * 24 * 3, "1" if verified else "0")
else:
# Load it from cache.
verified = bool(int(cache.get("keybase_" + username + "_ver")))
self.keybase = (k, verified)