def _encrypt_message(self, uuid_pubkey, address, message):
"""
Given a UUID, a public key, address and a message, it encrypts
the message to that public key.
The address is needed in order to build the OpenPGPKey object.
@param uuid_pubkey: tuple that holds the uuid and the public
key as it is returned by the previous call in the chain
@type uuid_pubkey: tuple (str, str)
@param address: mail address for this message
@type address: str
@param message: message contents
@type message: str
@return: uuid, doc to sync with Soledad
@rtype: tuple(str, SoledadDocument)
"""
uuid, pubkey = uuid_pubkey
log.msg("Encrypting message to %s's pubkey" % (uuid,))
log.msg("Pubkey: %s" % (pubkey,))
doc = SoledadDocument(doc_id=str(pyuuid.uuid4()))
data = {'incoming': True, 'content': message}
if pubkey is None or len(pubkey) == 0:
doc.content = {
self.INCOMING_KEY: True,
ENC_SCHEME_KEY: EncryptionSchemes.NONE,
ENC_JSON_KEY: json.dumps(data)
}
return uuid, doc
openpgp_key = None
with openpgp.TempGPGWrapper(gpgbinary='/usr/bin/gpg') as gpg:
gpg.import_keys(pubkey)
key = gpg.list_keys().pop()
openpgp_key = openpgp._build_key_from_gpg(address, key, pubkey)
doc.content = {
self.INCOMING_KEY: True,
ENC_SCHEME_KEY: EncryptionSchemes.PUBKEY,
ENC_JSON_KEY: str(gpg.encrypt(
json.dumps(data),
openpgp_key.fingerprint,
symmetric=False))
}
return uuid, doc
def get_enc_json(pubkey, message):
with openpgp.TempGPGWrapper(gpgbinary='/usr/bin/gpg') as gpg:
gpg.import_keys(pubkey)
key = gpg.list_keys().pop()
# We don't care about the actual address, so we use a
# dummy one, we just care about the import of the pubkey
openpgp_key = openpgp._build_key_from_gpg("*****@*****.**",
key, pubkey)
enc_json = str(gpg.encrypt(
json.dumps(
{'incoming': True, 'content': message},
ensure_ascii=False),
openpgp_key.fingerprint,
symmetric=False))
return enc_json
def _encrypt_message(self, pubkey, message):
"""
Given a public key and a message, it encrypts the message to
that public key.
The address is needed in order to build the OpenPGPKey object.
:param pubkey: public key for the owner of the message
:type pubkey: str
:param message: message contents
:type message: email.message.Message
:return: doc to sync with Soledad or None, None if something
went wrong.
:rtype: CouchDocument
"""
if pubkey is None or len(pubkey) == 0:
log.msg("_encrypt_message: Something went wrong, here's all "
"I know: %r" % (pubkey,))
return None
# find message's encoding
message_as_string = message.as_string()
doc = CouchDocument(doc_id=str(pyuuid.uuid4()))
# store plain text if pubkey is not available
data = {'incoming': True, 'content': message_as_string}
if pubkey is None or len(pubkey) == 0:
doc.content = {
self.INCOMING_KEY: True,
ENC_SCHEME_KEY: EncryptionSchemes.NONE,
ENC_JSON_KEY: json.dumps(data,
ensure_ascii=False)
}
return doc
# otherwise, encrypt
with openpgp.TempGPGWrapper(gpgbinary='/usr/bin/gpg') as gpg:
gpg.import_keys(pubkey)
key = gpg.list_keys().pop()
# We don't care about the actual address, so we use a
# dummy one, we just care about the import of the pubkey
openpgp_key = openpgp._build_key_from_gpg("*****@*****.**",
key, pubkey)
# add X-Leap-Provenance header if message is not encrypted
if message.get_content_type() != 'multipart/encrypted' and \
'-----BEGIN PGP MESSAGE-----' not in \
message_as_string:
message.add_header(
'X-Leap-Provenance',
email.utils.formatdate(),
pubkey=openpgp_key.key_id)
data = {'incoming': True, 'content': message.as_string()}
doc.content = {
self.INCOMING_KEY: True,
ENC_SCHEME_KEY: EncryptionSchemes.PUBKEY,
ENC_JSON_KEY: str(gpg.encrypt(
json.dumps(data, ensure_ascii=False),
openpgp_key.fingerprint,
symmetric=False))
}
return doc
