def check_proof(s, kblock):
data = AsciiData(kblock)
for packet in data.packets():
if packet.tag() == 17:
packet.parse()
print "User Attribute found: ", packet
return 1
def test_parse_v3_elgamal_pk(self):
'''Two older version 3 public keys.'''
rawdata = self.load_data('v3elgpk.asc')
data = AsciiData(rawdata)
packets = list(data.packets())
self.assertEqual(3, len(packets))
packet = packets[0]
self.assertTrue(isinstance(packet, PublicKeyPacket))
self.assertEqual(16, packet.raw_pub_algorithm)
self.assertEqual("elg", packet.pub_algorithm_type)
self.assertEqual(888716291, packet.raw_creation_time)
self.assertIsNone(packet.expiration_time)
self.assertIsNone(packet.modulus)
self.assertIsNone(packet.modulus_bitlen)
self.assertIsNone(packet.exponent)
self.assertIsNotNone(packet.prime)
self.assertIsNotNone(packet.group_gen)
self.assertEqual(b"FF570A03", packet.key_id)
self.assertEqual(b"7C4529FB11669ACA567BD53972000594",
packet.fingerprint)
self.assertTrue(isinstance(packets[1], UserIDPacket))
packet = packets[2]
self.assertTrue(isinstance(packet, SignaturePacket))
self.assertEqual(16, packet.raw_pub_algorithm)
self.assertEqual(888716292, packet.raw_creation_time)
def test_parse_v3_elgamal_pk(self):
'''Two older version 3 public keys.'''
rawdata = self.load_data('v3elgpk.asc')
data = AsciiData(rawdata)
packets = list(data.packets())
self.assertEqual(3, len(packets))
packet = packets[0]
self.assertTrue(isinstance(packet, PublicKeyPacket))
self.assertEqual(16, packet.raw_pub_algorithm)
self.assertEqual("elg", packet.pub_algorithm_type)
self.assertEqual(888716291, packet.raw_creation_time)
self.assertIsNone(packet.expiration_time)
self.assertIsNone(packet.modulus)
self.assertIsNone(packet.modulus_bitlen)
self.assertIsNone(packet.exponent)
self.assertIsNotNone(packet.prime)
self.assertIsNotNone(packet.group_gen)
self.assertEqual(b"FF570A03", packet.key_id)
self.assertEqual(b"7C4529FB11669ACA567BD53972000594",
packet.fingerprint)
self.assertTrue(isinstance(packets[1], UserIDPacket))
packet = packets[2]
self.assertTrue(isinstance(packet, SignaturePacket))
self.assertEqual(16, packet.raw_pub_algorithm)
self.assertEqual(888716292, packet.raw_creation_time)
def test_parse_compressed_zlib(self):
msg = """-----BEGIN PGP MESSAGE-----
Version: GnuPG v2
owFtUm1MFEcY5lAqnqJFWhpSautCLJiL7OzOfh0FQkREEpq0igk0hO7szh4b8A5u
Dw6KJxVo09ZrKicSCfEDpY39OisfLUHx40RA6I8SiBJBw5Wm1ZqmVtQE0dI5Yn80
6fyZzDvP87zP884ciFoWFmnqSq0uGfAfHDGN3kFh+dOfZNdSyKHWUNZaqhQvbZpu
t2FnuVO3uygrJSIRsRwCAmA4qCBOExTIiQJELIsEkRcVKGOJVWTKQpU4jBCDyCDZ
wJt1B6mRQ7Gukur/4EuXLmhAA5UDKo8ZVeB5GUmMLAIWI8hptKoAXsYy0qAoIZZX
BEaBDFQlUeGJMRmyEpKJJB2Sq1ySU0UNA5HVOCRigWWgxIsSQIQgYZljgRQCGthp
l3djgsY12KA8FsqJqxylOJTe0G3EsEFZ36E0GWq0BgCrMowmYVrUGEmRNValaRIB
KSwgM8Eaq/CIE1SORoBhaZ4BCGgc4ACmNaqIaJNuVbqyJP6sq013lVSi/zrZUWnP
cstOLeTGVVMeKrkxKn5GLka6XSXvQjhV2GnoDjtlBQSpuPQQG0BIc4DnedFC4epy
3YmL9RCCE3iRJstClZOERJJRMcnEsyrkJGkHpoGmkbliBQqiKkPA8owkYh7IZO4s
hwHLMrKEVU5RJcjQSMIiFcpTYXcQcZ4YlW1ElIzMLrsqnZjymD8Oj18eZooMey4i
PPS5wswrn//3x9n+Wvs0LuVE58tNvQH3QHSPmrpxT3Fc3dbmrd4X824UDqQZD2yZ
/uZXN0UYK5CFH0WzZzz3evCDfeKjvJgLP0/J6zK+f9LWbkmKXr5YdDjq7aj1bwze
HdGyPTFfwc9d4depF8qy/f11/fPxPza2FYy4rNsZJ13ts+3sLqxKNL6JSF7XXHra
tOFR+5aEnC+LzJe3rCnsSh27P6tuHM2AhV/jyT2DjcOb83OCC2m5Aw87UJWBRKbf
slpYOHJjavxsVr69bY5POnHz+M2zq7tNuV3Tvp41H8xN1KavF7tX/nSfS8w8Op7R
EhtpvxLu+9S9atuZg7u8rRvoU+dj9z6p9Fa044TJnDv+3EbvqXs9vcHb1oHjecN1
EzU1wYbUBcfv+eefPh57vW94U+rutILeIT144AvX+MmoCPO191v6Cs/d/kNYFWzy
vXYp/d2p2bjrnuls3GX0ZczOBYINJ+Ojf6gv+0xKTI/wnTvUnvDRpWNN11plxuQU
vA3s4K/bFnuZkk6rqe+XwOSQ/5Zrxu+r8L55eu8R2H+V+a7irYkCU3jcsg8TLPv3
/xk7XpqyMzZqJjC06DF12t6Lhe6W+bWBqytcHY230i/+lpKdMhSTOGMeeSmt9e5F
68N54XJHpuKG6VmPDx0ucfHJo/Vw7NvEC0fNenlu574rrzQl/e0pC9Tvoqe3e5PF
fwA=
=3Snw
-----END PGP MESSAGE-----""".encode()
data = AsciiData(msg)
packets = list(data.packets())
self.assertEqual(packets[0].raw_compression_algo, 1)
newpackets = list(BinaryData(packets[0].decompressed_data).packets())
self.assertEqual(len(newpackets), 3)
def test_parse_compressed_zlib(self):
msg = """-----BEGIN PGP MESSAGE-----
Version: GnuPG v2
owFtUm1MFEcY5lAqnqJFWhpSautCLJiL7OzOfh0FQkREEpq0igk0hO7szh4b8A5u
Dw6KJxVo09ZrKicSCfEDpY39OisfLUHx40RA6I8SiBJBw5Wm1ZqmVtQE0dI5Yn80
6fyZzDvP87zP884ciFoWFmnqSq0uGfAfHDGN3kFh+dOfZNdSyKHWUNZaqhQvbZpu
t2FnuVO3uygrJSIRsRwCAmA4qCBOExTIiQJELIsEkRcVKGOJVWTKQpU4jBCDyCDZ
wJt1B6mRQ7Gukur/4EuXLmhAA5UDKo8ZVeB5GUmMLAIWI8hptKoAXsYy0qAoIZZX
BEaBDFQlUeGJMRmyEpKJJB2Sq1ySU0UNA5HVOCRigWWgxIsSQIQgYZljgRQCGthp
l3djgsY12KA8FsqJqxylOJTe0G3EsEFZ36E0GWq0BgCrMowmYVrUGEmRNValaRIB
KSwgM8Eaq/CIE1SORoBhaZ4BCGgc4ACmNaqIaJNuVbqyJP6sq013lVSi/zrZUWnP
cstOLeTGVVMeKrkxKn5GLka6XSXvQjhV2GnoDjtlBQSpuPQQG0BIc4DnedFC4epy
3YmL9RCCE3iRJstClZOERJJRMcnEsyrkJGkHpoGmkbliBQqiKkPA8owkYh7IZO4s
hwHLMrKEVU5RJcjQSMIiFcpTYXcQcZ4YlW1ElIzMLrsqnZjymD8Oj18eZooMey4i
PPS5wswrn//3x9n+Wvs0LuVE58tNvQH3QHSPmrpxT3Fc3dbmrd4X824UDqQZD2yZ
/uZXN0UYK5CFH0WzZzz3evCDfeKjvJgLP0/J6zK+f9LWbkmKXr5YdDjq7aj1bwze
HdGyPTFfwc9d4depF8qy/f11/fPxPza2FYy4rNsZJ13ts+3sLqxKNL6JSF7XXHra
tOFR+5aEnC+LzJe3rCnsSh27P6tuHM2AhV/jyT2DjcOb83OCC2m5Aw87UJWBRKbf
slpYOHJjavxsVr69bY5POnHz+M2zq7tNuV3Tvp41H8xN1KavF7tX/nSfS8w8Op7R
EhtpvxLu+9S9atuZg7u8rRvoU+dj9z6p9Fa044TJnDv+3EbvqXs9vcHb1oHjecN1
EzU1wYbUBcfv+eefPh57vW94U+rutILeIT144AvX+MmoCPO191v6Cs/d/kNYFWzy
vXYp/d2p2bjrnuls3GX0ZczOBYINJ+Ojf6gv+0xKTI/wnTvUnvDRpWNN11plxuQU
vA3s4K/bFnuZkk6rqe+XwOSQ/5Zrxu+r8L55eu8R2H+V+a7irYkCU3jcsg8TLPv3
/xk7XpqyMzZqJjC06DF12t6Lhe6W+bWBqytcHY230i/+lpKdMhSTOGMeeSmt9e5F
68N54XJHpuKG6VmPDx0ucfHJo/Vw7NvEC0fNenlu574rrzQl/e0pC9Tvoqe3e5PF
fwA=
=3Snw
-----END PGP MESSAGE-----""".encode()
data = AsciiData(msg)
packets = list(data.packets())
self.assertEqual(packets[0].raw_compression_algo, 1)
newpackets = list(BinaryData(packets[0].decompressed_data).packets())
self.assertEqual(len(newpackets), 3)
def test_parse_sessionkey_elg(self):
'''This file contains a public key and message encrypted with an
ElGamal Encrypt-Only key.'''
asc_data = self.load_data('sessionkey_elg.asc')
data = AsciiData(asc_data)
packets = list(data.packets())
self.assertEqual(2, len(packets))
session_key = packets[0]
self.assertEqual(3, session_key.session_key_version)
self.assertEqual(b"B705D3A4C3751D38", session_key.key_id)
self.assertEqual(16, session_key.raw_pub_algorithm)
self.assertEqual("ElGamal Encrypt-Only", session_key.pub_algorithm)
def test_parse_sessionkey_rsa(self):
'''This file contains a public key and message encrypted with a RSA
Encrypt or Sign key.'''
asc_data = self.load_data('sessionkey_rsa.asc')
data = AsciiData(asc_data)
packets = list(data.packets())
self.assertEqual(2, len(packets))
session_key = packets[0]
self.assertEqual(3, session_key.session_key_version)
self.assertEqual(b"1C39A7BD114BFFA5", session_key.key_id)
self.assertEqual(1, session_key.raw_pub_algorithm)
self.assertEqual("RSA Encrypt or Sign", session_key.pub_algorithm)
def test_parse_sessionkey_elg(self):
'''This file contains a public key and message encrypted with an
ElGamal Encrypt-Only key.'''
asc_data = self.load_data('sessionkey_elg.asc')
data = AsciiData(asc_data)
packets = list(data.packets())
self.assertEqual(2, len(packets))
session_key = packets[0]
self.assertEqual(3, session_key.session_key_version)
self.assertEqual(b"B705D3A4C3751D38", session_key.key_id)
self.assertEqual(16, session_key.raw_pub_algorithm)
self.assertEqual("ElGamal Encrypt-Only", session_key.pub_algorithm)
def test_parse_sessionkey_rsa(self):
'''This file contains a public key and message encrypted with a RSA
Encrypt or Sign key.'''
asc_data = self.load_data('sessionkey_rsa.asc')
data = AsciiData(asc_data)
packets = list(data.packets())
self.assertEqual(2, len(packets))
session_key = packets[0]
self.assertEqual(3, session_key.session_key_version)
self.assertEqual(b"1C39A7BD114BFFA5", session_key.key_id)
self.assertEqual(1, session_key.raw_pub_algorithm)
self.assertEqual("RSA Encrypt or Sign", session_key.pub_algorithm)
def generate_public_key_file(self):
if self.public_key_file:
return
identity = "Time capsule key for %s (%s)" % (self.release_date_display(), json.dumps(self.get_gpg_info()))
self.public_key_file, self.temp_private_key_file = generate_public_elgamal_key(self.p, self.g, self.y, identity)
# get key id
parsed_key = AsciiData(self.public_key_file)
elgamal_packet = next(packet for packet in parsed_key.packets() if type(packet)==PublicSubkeyPacket)
self.elgamal_key_id = elgamal_packet.key_id
self.save()
def partIsEncrypted(self, part):
"""
determine if a part is encrypted or not
"""
try:
data = AsciiData(part.get_payload(decode=True))
packets = list()
for pkt in data.packets():
packets.append(pkt)
log("valid pgp message with {} packets".format(len(packets)))
return len(packets) > 0
except:
return False
def test_parse_ascii_clearsign(self):
"""This is a clearsigned document with an expiring signature, so tests
both the ignore pattern in AsciiData as well as additional signature
subpackets."""
asc_data = self.load_data("README.asc")
data = AsciiData(asc_data)
packets = list(data.packets())
self.assertEqual(1, len(packets))
sig_packet = packets[0]
self.assertFalse(sig_packet.new)
self.assertEqual(3, len(sig_packet.subpackets))
self.check_sig_packet(sig_packet, 76, 4, 1, 1332874080, b"5C2E46A0F53A76ED", 17, 2)
# raw expires time is in seconds from creation date
self.assertEqual(345600, sig_packet.raw_expiration_time)
expires = datetime(2012, 3, 31, 18, 48, 00)
self.assertEqual(expires, sig_packet.expiration_time)
def test_parse_ascii_sig_packet(self):
asc_data = b"""
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEABECAAYFAk6neOwACgkQXC5GoPU6du23AQCgghWjIFgBazXWIZNj4PGnkuYv
gMsAoLGOjudliDT9u0UqxN9KeJ22Jdne
=KYol
-----END PGP SIGNATURE-----"""
data = AsciiData(asc_data)
packets = list(data.packets())
self.assertEqual(1, len(packets))
sig_packet = packets[0]
self.assertFalse(sig_packet.new)
self.check_sig_packet(sig_packet, 70, 4, 0, 1319598316, b"5C2E46A0F53A76ED", 17, 2)
self.assertEqual(2, len(sig_packet.subpackets))
def decrypt(request):
if request.method != "POST":
return HttpResponseNotAllowed(["POST"])
uploaded_file = request.FILES.get('file')
if not uploaded_file:
return HttpResponseBadRequest("Please supply a file upload.")
# parse file for key id
file_contents = uploaded_file.read()
try:
parsed_file = AsciiData(file_contents)
except PgpdumpException:
try:
parsed_file = BinaryData(file_contents)
except PgpdumpException:
return HttpResponseBadRequest("Can't parse PGP file.")
public_key_packet = next(
packet for packet in parsed_file.packets()
if type(packet) == PublicKeyEncryptedSessionKeyPacket)
elgamal_key_id = public_key_packet.key_id
# get key
try:
keypair = KeyPair.objects.get(elgamal_key_id=elgamal_key_id)
except KeyPair.DoesNotExist:
return HttpResponseBadRequest("No key was found matching this file.")
if not keypair.private_key_file:
return HttpResponseBadRequest(
"We do not yet have a private key to decrypt this file (release date %s)."
% keypair.release_date_display())
# decrypt
output = gpg_decrypt(keypair.private_key_file, file_contents)
if not output.ok:
return HttpResponseBadRequest("Unable to decrypt file.")
# deliver
if output.data_filename:
output_name = output.data_filename
else:
output_name = uploaded_file.name
if output_name.endswith('.gpg'):
output_name = output_name[:-4]
return deliver_file(output.data, 'application/octet-stream', output_name)
def test_parse_v3_sig(self):
asc_data = b"""
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
iD8DBQBPWDfGXC5GoPU6du0RAq6XAKC3TejpiBsu3pGF37Q9Id/vPzoFlwCgtwXE
E/GGdt/Cn5Rr1G933H9nwxo=
=aJ6u
-----END PGP SIGNATURE-----"""
data = AsciiData(asc_data)
packets = list(data.packets())
self.assertEqual(1, len(packets))
sig_packet = packets[0]
self.assertFalse(sig_packet.new)
self.check_sig_packet(sig_packet, 63, 3, 0, 1331181510, b"5C2E46A0F53A76ED", 17, 2)
self.assertEqual(b"\xae\x97", sig_packet.hash2)
self.assertEqual(0, len(sig_packet.subpackets))
def test_parse_ascii_sig_packet(self):
asc_data = b'''
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEABECAAYFAk6neOwACgkQXC5GoPU6du23AQCgghWjIFgBazXWIZNj4PGnkuYv
gMsAoLGOjudliDT9u0UqxN9KeJ22Jdne
=KYol
-----END PGP SIGNATURE-----'''
data = AsciiData(asc_data)
packets = list(data.packets())
self.assertEqual(1, len(packets))
sig_packet = packets[0]
self.assertFalse(sig_packet.new)
self.check_sig_packet(sig_packet, 70, 4, 0, 1319598316,
b"5C2E46A0F53A76ED", 17, 2)
self.assertEqual(2, len(sig_packet.subpackets))
def test_parse_ascii_clearsign(self):
'''This is a clearsigned document with an expiring signature, so tests
both the ignore pattern in AsciiData as well as additional signature
subpackets.'''
asc_data = self.load_data('README.asc')
data = AsciiData(asc_data)
packets = list(data.packets())
self.assertEqual(1, len(packets))
sig_packet = packets[0]
self.assertFalse(sig_packet.new)
self.assertEqual(3, len(sig_packet.subpackets))
self.check_sig_packet(sig_packet, 76, 4, 1, 1332874080,
b"5C2E46A0F53A76ED", 17, 2)
# raw expires time is in seconds from creation date
self.assertEqual(345600, sig_packet.raw_expiration_time)
expires = datetime(2012, 3, 31, 18, 48, 00)
self.assertEqual(expires, sig_packet.expiration_time)
def test_parse_v3_sig(self):
asc_data = b'''
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
iD8DBQBPWDfGXC5GoPU6du0RAq6XAKC3TejpiBsu3pGF37Q9Id/vPzoFlwCgtwXE
E/GGdt/Cn5Rr1G933H9nwxo=
=aJ6u
-----END PGP SIGNATURE-----'''
data = AsciiData(asc_data)
packets = list(data.packets())
self.assertEqual(1, len(packets))
sig_packet = packets[0]
self.assertFalse(sig_packet.new)
self.check_sig_packet(sig_packet, 63, 3, 0, 1331181510,
b"5C2E46A0F53A76ED", 17, 2)
self.assertEqual(b'\xae\x97', sig_packet.hash2)
self.assertEqual(0, len(sig_packet.subpackets))
def main(keyfile, expert):
passphrase = None
print("\nNitroinit - Create and import GnuPG keys to the Nitrokey\n")
# No keyfile was given, thus create a new key and import this one
if keyfile is None:
print("No keyfile was provided. We create a new key, back it up and then import it to " + \
"the Nitrokey.")
print("You can provide an existing key via '--keyfile' flag. Please use '--help' for " + \
"more information.")
print("We start key creation now...\n")
keyfile = create_key(expert)
else:
# get passphrase
passphrase = getpass.getpass("Please provide passphrase of the key or hit enter if no " + \
"passphrase is used: ")
# open key file and parse it to get the key packets
with open(keyfile, 'rb') as f:
if keyfile.endswith('.asc') or keyfile.endswith('.txt'):
data = AsciiData(f.read(), secret_keys=True, passphrase=passphrase)
else:
data = BinaryData(f.read(),
secret_keys=True,
passphrase=passphrase)
userid, keys = parse_packets(data.packets())
# TODO add test case for this
keys = check_keys(keys)
print_summary(userid, keys)
# Do not import, dry-run only
if dry:
sys.exit(0)
input("\nPlease press enter to start importing... (Ctrl-C otherwise)\n")
import_keys(keys)
print("\nImport successful.\n")
def search():
#User is prompted to search for something
search = raw_input("*Needs work*Search for: ")
#Search is sent
response = urllib.urlopen("http://pgp.mit.edu:11371/pks/lookup?options=mr&op=get&search=" + search)
#Result is safed to pub_key
pub_key = response.read()
#pub_key is stripped of they PGP lines
test = AsciiData(pub_key)
test.strip_magic(pub_key)
#Pub key packets are listed
packets = list(test.packets())
#Print Name/Email of pub_key owner
for packet in packets:
print packet
#Promt user if add pub_key
add_response = raw_input("Add this Pubkey? (yes or no) ")
#If yes import key, need to update this section to parse through each key to allow selection
#Mirror how pub and private keys are selected
if add_response == 'yes':
print "Import: ", gpg.import_keys(packet).summary()
else:
print "Returning"
def test_parse_linus_ascii(self):
with open('linus.asc', 'rb') as keyfile:
rawdata = keyfile.read()
data = AsciiData(rawdata)
packets = list(data.packets())
self.assertEqual(44, len(packets))
from pgpdump import AsciiData
from base64 import b64encode, encodebytes, standard_b64encode
import binascii
from pgp.pgpFileHelper import writePrivateKeyASC
from pgp.pgpManipulateKeyfile_helper import printDSAKeyPaket
keyfile = open('bob-dsa-private-keyasc.sec', 'rb')
keyasc_data = keyfile.read()
keydata = AsciiData(keyasc_data)
keypackets = list(keydata.packets())
keydatabytes = keypackets[0].data
privatekeypaket = ''
j = len(keydatabytes)
# From keydatabytes to privatekeypacket which is string
# Privatekeypaket is String and used for replacing the private key
while j > 0:
privatekeypaket += ''.join('{:02x}'.format(keydatabytes[len(keydatabytes) -
j]))
j -= 1
#print('keydatabytes: ' + privatekeypaket)
# Analyzes the DSA key paket and prints all relevant data
# If Checksum doesn't fit the conditions there will be a new one calculated and returned
printDSAKeyPaket(keydatabytes)
print('OLD_keydatabytes: ' + privatekeypaket)
def pgp_dump(cls, armored: str, packets: list = None):
"""
Generates a key using pgpdump.
:param armored: The armored data to output.
:param packets: Optional: A packets list to use instead of the armored data.
:return: A new :KeyInfo: object.
"""
if packets is None:
armored_l = armored.split("-----END PGP PUBLIC KEY BLOCK-----")
if armored_l:
armored = armored_l[0] + "-----END PGP PUBLIC KEY BLOCK-----"
try:
data = AsciiData(armored.encode())
except PgpdumpException as e:
return None, e.args
except binascii.Error as e:
return None, e.args
try:
packets = [pack for pack in data.packets()]
except PgpdumpException as e:
return None, e.args
# Set initial values
uid = []
keyid, fingerprint = "", ""
length = 0
algo = 999
created, expires = 0, 0
revoked = False
signatures = {}
subkeys = []
most_recent_packet = None
oid = None
npackets = []
for n, packet in enumerate(packets):
# Public key packet, main body.
# But NOT a subkey.
if (isinstance(packet, pgpdump.packet.PublicKeyPacket)
and not isinstance(packet, pgpdump.packet.PublicSubkeyPacket)):
if keyid:
# We already have a key. No thanks!
# If you get a REALLY shitty key that puts the public key packets (multiples of them) in front of eachother, that's f*****g dumb
# And we're gonna skip those. Better hope your data packets are before your second public key packet!
# I blame GPG for this.
break
# Set data
created = packet.creation_time.replace(tzinfo=datetime.timezone.utc).timestamp()
expires = (
packet.expiration_time.replace(tzinfo=datetime.timezone.utc).timestamp()
if packet.expiration_time is not None else None if not expires else expires
)
try:
algo = PGPAlgo(packet.raw_pub_algorithm)
except KeyError:
algo = PGPAlgo.unknown
# Check if the length is known for ECC keys.
if packet.bitlen:
length = packet.bitlen
else:
length = -1
keyid = packet.key_id.decode()
fingerprint = packet.fingerprint.decode()
if packet.oid:
oid = packet.oid
elif isinstance(packet, pgpdump.packet.SignaturePacket):
# Self-signed signature
if packet.raw_sig_type == 24:
sig_uid = uid
# Revocation, mark as such
elif packet.raw_sig_type == 32:
sig_uid = "Revocation signature from primary key"
revoked = True
# Lookup the UserID
else:
sig_uid = db.Key.query.filter(db.Key.key_fp_id == packet.key_id.decode()[-8:]).first()
# Check if we know it
if not sig_uid:
sig_uid = "[User ID Unknown]"
else:
sig_uid = sig_uid.uid
# Check if the most recent packet is a subkey packet.
# If it is, we place the signature under the subkey, as opposed to the the main key.
# This allows us to apply a signature to the subkey.
if isinstance(most_recent_packet, pgpdump.packet.PublicSubkeyPacket):
key_for = most_recent_packet.key_id.decode()[-8:]
else:
key_for = keyid[-8:]
if key_for not in signatures:
signatures[key_for] = []
signatures[key_for].append([packet.key_id.decode()[-8:], sig_uid, packet.raw_sig_type])
# Scan the subsignatures.
for subpacket in packet.subpackets:
if subpacket.subtype == 9:
# EXPIRATION DATE!
# I have been doing nothing but teleport bread for the last three days.
seconds = int.from_bytes(subpacket.data, byteorder="big")
delta = datetime.timedelta(seconds=seconds)
expires = (datetime.datetime.utcfromtimestamp(created) + delta).timestamp()
elif isinstance(packet, pgpdump.packet.PublicSubkeyPacket):
subkeys.append(
packet.fingerprint.decode()
)
elif isinstance(packet, pgpdump.packet.UserIDPacket):
# Load in the UIDs
u = db.UID()
u.uid_name = packet.user_name
u.uid_email = packet.user_email
u.full_uid = packet.user
uid.append(u)
elif isinstance(packet, str):
armored = packet
most_recent_packet = packet
npackets.append(packet)
for packet in npackets:
if isinstance(packet, pgpdump.packet.PublicKeyPacket):
break
else: # Panic and cry.
return None
if cfg.cfg.config.features.armor_rewrite:
# Re-construct the armored data.
s = b''.join([p.original_data for p in npackets])
s = base64.b64encode(s).decode()
s = "".join(s[i:i + 64] + "\n" for i in range(0, len(s), 64))
# Construct CRC
crc = crc24(b''.join([p.original_data for p in npackets]))
crc = crc.to_bytes((crc.bit_length() + 7) // 8, 'big') or b'\0'
crc = base64.b64encode(crc).decode()
s = """-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: SkierPGP v{v}\n\n{content}={crc24}\n-----END PGP PUBLIC KEY BLOCK-----""".format(
v=cfg.SKIER_VERSION,
content=s,
crc24=crc
)
armored = s
return KeyInfo(uid=uid, keyid=keyid, fingerprint=fingerprint, length=length, algo=algo,
created=created, expires=expires, revoked=revoked,
expired=(time.time() - expires if expires else 1) < 0,
subkeys=subkeys, sigs=signatures, armored=armored, oid=oid)
def test_parse_linus_ascii(self):
rawdata = self.load_data('linus.asc')
data = AsciiData(rawdata)
packets = list(data.packets())
self.assertEqual(44, len(packets))
def lambda_handler(event, context):
"""
:param event:
:param context:
:return:
INFO: pgpdump has problem on parse expiration_time.
"""
public_key_content = event.get('public_key_content', '').encode('utf-8')
filename = event['filename']
if filename != '0A.asc' and filename[1] == 'A':
encrypt_content = event['encrypt_content'].encode('utf-8')
encrypt_file_key_id_list = []
for pkeskp in list(AsciiData(encrypt_content).packets()):
encrypt_file_key_id = getattr(pkeskp, 'key_id',
'')[-8:].upper().decode('utf-8')
if encrypt_file_key_id:
encrypt_file_key_id_list.append(encrypt_file_key_id)
if len(encrypt_file_key_id_list) != 2:
return {
'status': 403,
'message': '403 Forbidden: PublicKeyCountError'
}
encrypt_file_key_id_list.remove(PUBLIC_KEY_ID)
public_key_file_key_id = encrypt_file_key_id_list[0]
dynamo = boto3.resource('dynamodb').Table(DYNAMODB_TABLE)
response = dynamo.get_item(
Key={
'email': public_key_file_key_id,
'type': 'reverse-apply-account-at-exam.yueh-cake.com'
})
item = response.get('Item', {})
if not item:
return {
'status': 403,
'message': '403 Forbidden: PublicKeyID DoesNotExist'
}
email = item.get('public_key_id_email', '')
if not email:
return {
'status': 403,
'message': '403 Forbidden: EmailDoesNotExist'
}
s3 = boto3.client('s3')
_key = '%s/%s-%s/%s' % (S3_LOCATION, email, public_key_file_key_id,
filename)
try:
s3.head_object(Bucket=S3_BUCKET, Key=_key)
except:
response = s3.put_object(
ACL='public-read',
Body=encrypt_content,
Bucket=S3_BUCKET,
ContentType='text/plain',
Key=_key,
StorageClass='STANDARD',
)
send_notice(email=email, filename=filename)
return {'status': 200, 'message': filename}
else:
return {'status': 403, 'message': filename + ' was exist'}
elif filename == '0A.asc':
ad = AsciiData(public_key_content)
adps = list(ad.packets())
pub_algorithm_type = adps[0].pub_algorithm_type.lower()
raw_pub_algorithm = adps[0].raw_pub_algorithm
user_name = adps[1].user_name.lower()
user_email = adps[1].user_email.lower()
public_key_file_key_id = adps[3].key_id[-8:].upper().decode('utf-8')
if pub_algorithm_type != 'rsa' or raw_pub_algorithm != 1:
return {
'status': 403,
'message': '403 Forbidden: PublicKey TypeError'
}
if re.sub('(applicants|[ \(\)])', '', user_name):
return {
'status':
403,
'message':
'403 Forbidden: PublicKey UserNameError, It should be "applicants (applicants) <%s>"'
% user_email
}
dynamo = boto3.resource('dynamodb').Table(DYNAMODB_TABLE)
response = dynamo.get_item(
Key={
'email': user_email,
'type': 'apply-account-at-exam.yueh-cake.com'
})
item = response.get('Item', {})
if not item:
return {
'status': 403,
'message': '403 Forbidden: PublicKey EmailAddressDoesNotExist'
}
elif (int(item['timestamp']) + 86400) < int(time()):
return {
'status': 403,
'message': '403 Forbidden: EmailAddressExpiration'
}
elif item.get('public_key_id', ''):
return {
'status': 403,
'message': '403 Forbidden: PublicKeyAlreadyExist'
}
encrypt_content = event['encrypt_content'].encode('utf-8')
encrypt_file_key_id_list = []
for pkeskp in list(AsciiData(encrypt_content).packets()):
encrypt_file_key_id = getattr(pkeskp, 'key_id', '')[-8:].upper()
if encrypt_file_key_id:
encrypt_file_key_id_list.append(
encrypt_file_key_id.decode('utf-8'))
if len(encrypt_file_key_id_list) != 2:
return {
'status': 403,
'message': '403 Forbidden: PublicKeyCountError'
}
elif PUBLIC_KEY_ID not in encrypt_file_key_id_list or public_key_file_key_id not in encrypt_file_key_id_list:
return {
'status': 403,
'message': '403 Forbidden: PublicKeyUsageError'
}
s3 = boto3.client('s3')
response = s3.get_object(Bucket=S3_BUCKET,
Key='%s/index.html' % S3_LOCATION)
index_html = response['Body'].read().decode('utf-8')
user_directory = '%s/%s-%s' % (S3_LOCATION, user_email,
public_key_file_key_id)
index_html = re.sub(
'<div id="build_version">.*</div>',
'<div id="create_time">Create Time at {}</div>'.format(
datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S+UTC')),
index_html)
index_html = re.sub(
'(<textarea[^>]+name="public_key_content")></textarea>',
'\\1 readonly="readonly" style="background-color : #d1d1d1;">{}</textarea>'
.format(public_key_content), index_html)
index_html = re.sub('<li[^>]+id="0A"[^>]+>', '<li id="0A">',
index_html)
response = s3.put_object(
ACL='public-read',
Body=index_html,
Bucket=S3_BUCKET,
ContentType='text/html',
Key='%s/index.html' % user_directory,
StorageClass='STANDARD',
)
response = s3.put_object(
ACL='public-read',
Body=public_key_content,
Bucket=S3_BUCKET,
ContentType='text/plain',
Key='%s/public_key.asc' % user_directory,
StorageClass='STANDARD',
)
response = s3.put_object(
ACL='public-read',
Body=encrypt_content,
Bucket=S3_BUCKET,
ContentType='text/plain',
Key='%s/0A.asc' % user_directory,
StorageClass='STANDARD',
)
dynamo.update_item(
Key={
'email': user_email,
'type': 'apply-account-at-exam.yueh-cake.com'
},
UpdateExpression="set public_key_id = :public_key_id",
ExpressionAttributeValues={
":public_key_id": public_key_file_key_id
},
ReturnValues="UPDATED_NEW",
)
dynamo.put_item(
Item={
"timestamp": int(time()),
"email": public_key_file_key_id,
"public_key_id_email": user_email,
"type": 'reverse-apply-account-at-exam.yueh-cake.com'
})
Q1 = encrypt_text(random_q1(),
public_keys=[
PUBLIC_KEY_CONTENT,
public_key_content.decode('utf-8')
])
response = s3.put_object(
ACL='public-read',
Body=Q1,
Bucket=S3_BUCKET,
ContentType='text/plain',
Key='%s/1Q.asc' % user_directory,
StorageClass='STANDARD',
)
filename += " and 1Q.asc"
send_notice(email=user_email, filename=filename)
return {'status': 200, 'message': user_directory}
else:
return {'status': 403, 'message': 'FilenameError'}
def test_parse_linus_ascii(self):
with open('linus.asc', 'rb') as keyfile:
rawdata = keyfile.read()
data = AsciiData(rawdata)
packets = list(data.packets())
self.assertEqual(44, len(packets))
m = rs[0]
pulled_encrypt_message = m.get_body()
print "Pulled Encrypted Message: " + pulled_encrypt_message
decrypted_message = str(gpg.decrypt(str(pulled_encrypt_message), passphrase=password))
if decrypted_message == '':
print "Posting back to SQS, incorrect key or password"
q.write(m)
else:
print "Decrypted Message: " + decrypted_message
if n.strip() == 'search':
search = raw_input("Search for: ")
response = urllib.urlopen("http://pgp.mit.edu:11371/pks/lookup?options=mr&op=get&search=" + search)
pub_key = response.read()
from pgpdump import AsciiData
test = AsciiData(pub_key)
test.strip_magic(pub_key)
packets = list(test.packets())
print packets[1]
add_response = raw_input("Add this Pubkey? (yes or no) ")
if add_response == 'yes':
print "Import: ", gpg.import_keys(pub_key).summary()
else:
print "Returning"
if n.strip() == 'delete':
key_id_queue = raw_input("GPG Key ID: ")
sure = raw_input("Are you sure you want to delete the queue: (yes or no)")
if sure == 'yes':
conn.delete_queue(key_id_queue)
else:
print "Returning"
def get_pubkey_id_from_ascii(data):
generator = AsciiData(data)
for packet in generator.packets():
if packet.raw == 6:
return packet.key_id
from pgpdump import AsciiData
file = open('AliceMsgtxt.asc', 'rb')
asc_data = file.read()
data = AsciiData(asc_data)
packets = list(data.packets())
datastr = str(packets[0].sig_data)
databytes = packets[0].data
x = ''
# for byte_s in databytes:
# print(''.join('{:02x}'.format(byte_s)))
# x += ''.join('{:02x}'.format(byte_s))
#
# print(len(databytes))
r = '0x'
s = '0x'
for i in range(len(databytes)):
# print(i)
# print(''.join('{:02x}'.format(databytes[i])))
x += ''.join('{:02x}'.format(databytes[i]))
if i > 39 and i <= 59:
r += ''.join('{:02x}'.format(databytes[i]))
if i > 61:
s += ''.join('{:02x}'.format(databytes[i]))
print('x:' + x)
def test_parse_linus_ascii(self):
rawdata = self.load_data('linus.asc')
data = AsciiData(rawdata)
packets = list(data.packets())
self.assertEqual(44, len(packets))
