def status_to_user(signature: PGPSignature, key: PGPKey, trusted_uids,
untrusted_uids) -> None:
sys.stderr.write("git-anon: Signature made {} using {} key {}\n".format(
signature.created, key.key_algorithm.name, key.fingerprint.keyid))
sys.stderr.write("git-anon: Good signature with attributes:\n")
for uid in trusted_uids:
sys.stderr.write("git-anon: [trusted] {}\n".format(uid_as_str(uid)))
for uid in untrusted_uids:
sys.stderr.write("git-anon: [unknown] {}\n".format(uid_as_str(uid)))
def test_uid_as_str(self):
self.assertEqual(
uid_as_str(
PGPUID.new("First Middle b. Last", "Some Comment",
"*****@*****.**")),
"First Middle b. Last (Some Comment) <*****@*****.**>")
self.assertEqual(uid_as_str(PGPUID.new("Just a Name")), "Just a Name")
# noinspection PyTypeChecker
self.assertRaises(TypeError, lambda: uid_as_str(None))
def reveal_identity(self, key_id: str, encrypted: bool) -> List[str]:
key = self.personal_keystore.get_key(key_id)
if key is None:
raise CustomException("No identity with given id could be found.")
revealed_uids = []
for uid in key.userids:
self.shared_keystore.add_userid(key, uid, encrypted)
revealed_uids.append(uid_as_str(uid))
return revealed_uids
def reveal_attribute(self,
key_id: str,
attribute: str,
encrypted: bool = True) -> List[str]:
key = self.personal_keystore.get_key(key_id)
if key is None:
raise CustomException("No identity with given id could be found.")
revealed_uids = []
for uid in key.userids:
if uid_as_str(uid) == attribute:
self.shared_keystore.add_userid(key, uid, encrypted)
revealed_uids.append(uid_as_str(uid))
# This also accepts previously revealed user ids and reveals them again.
# (which should not create a new file)
if len(revealed_uids) == 0:
raise CustomException(
"This attribute has not been added for this identity. "
"Please add it before attempting to reveal it.")
return revealed_uids
def unmask_identity(
self, anonymous_identity: str) -> Tuple[List[str], List[str]]:
keyid, fingerprint = extract_keyid_from_identity(anonymous_identity)
key = self.shared_keystore.get_key(keyid, fingerprint)
if key is None:
raise CustomException("Unknown Identity: Public Key not found.")
uids = key.userids
if len(uids) == 0:
# this would make the identity malformed as it has to have at least a pseudo uid.
raise CustomException("Unknown Identity: Identity has no UserIDs")
unverified_attributes = []
verified_attributes = []
for uid in uids:
if verify_uid(uid, self.trusted_keystore):
verified_attributes.append(uid_as_str(uid))
else:
unverified_attributes.append(uid_as_str(uid))
return verified_attributes, unverified_attributes
def _extract_matching_uid(key: PGPKey, uid: str) -> Optional[PGPKey]:
# pylint: disable=protected-access
for key_uid in key.userids:
# todo filter for uids that have not been certified yet
if uid_as_str(key_uid) == uid:
key = copy(key)
key = key.pubkey
self_sig = key_uid.selfsig
key_uid._signatures = SorteDeque()
key_uid |= self_sig
key._uids = SorteDeque()
key._uids.insort(key_uid)
return key
return None
def create_identity(self) -> str:
pubkey, secret_key = create_identity_internal(
self.git_anon_config.userids[0], self.git_anon_config.userids[1:])
self.shared_keystore.add_key(pubkey)
self.personal_keystore.store_key(secret_key)
self._auto_reveal_uids(pubkey)
certification_requests = [
self._extract_matching_uid(pubkey, uid_as_str(u))
for u in pubkey.userids
]
for certification in self.cert_sign_multiple(certification_requests,
accept_all_uids=True):
self.cert_import_single(certification)
self._auto_reveal_uids(
certification) # reveals the certification if requested
return pubkey.fingerprint.keyid
def reveal_name(self, key_id: str, encrypted: bool) -> str:
"""Reveals the primary name or attribute associated with the identity."""
key = self.personal_keystore.get_key(key_id)
if key is None:
raise CustomException("No identity with given id could be found.")
revealed_uids = []
for uid in key.userids:
if uid.is_primary:
self.shared_keystore.add_userid(key, uid, encrypted)
revealed_uids.append(uid_as_str(uid))
# this also accepts previously revealed user ids and reveals them again
# (which should not create a new file)
count = len(revealed_uids)
if count == 0:
raise CustomException(
"No primary Attribute has been added for this identity. "
"Please add it before attempting to reveal it.")
if count >= 2:
for uid in revealed_uids:
logging.warning("Revealed: %s", uid)
raise RuntimeWarning(
"We just revealed more than one primary identity.")
return revealed_uids[0]
def config_list_userids(self) -> List[str]:
return [uid_as_str(a) for a in self.git_anon_config.userids]