def test_simple(): cfg = ConfigParser.RawConfigParser() cfg.readfp(StringIO("""\ [fingerprints] jdoe = B18D D37D 391B D037 B668 A32A C447 4F3C 620F 3B4B """)) got = user_to_fpr.user_to_fpr(cfg, 'jdoe') eq(got, 'B18DD37D391BD037B668A32AC4474F3C620F3B4B')
def set_secret(cfg, path): users = decide_recipients.decide_recipients(cfg, path) users = list(users) if not users: raise RuntimeError('Nobody to encrypt to: %s', path) fingerprints = [ user_to_fpr.user_to_fpr(cfg=cfg, user=user) for user in users ] if not fingerprints: raise RuntimeError('No fingerprints found for users: %s', ' '.join(users)) gpg = GnuPGInterface.GnuPG() gpg.options.armor = 1 gpg.options.meta_interactive = 0 gpg.options.recipients = fingerprints if not os.isatty(sys.stdin.fileno()): # redirected from file / pipe, read passphrase from there secret1 = sys.stdin.readline() secret1 = secret1.rstrip('\n') else: secret1 = prompt(message='Passphrase for %s' % path) secret2 = prompt(message='Repeat pass for %s' % path) if secret1 != secret2: del secret1 del secret2 print >>sys.stderr, '%s: Passphrases do not match.' % sys.argv[0] sys.exit(1) del secret2 tmp = '{path}.{pid}.tmp'.format( path=path, pid=os.getpid(), ) with file(tmp, 'w') as fp: try: proc = gpg.run( [ '--encrypt', '--for-your-eyes-only', '--trust-mode=always', ], create_fhs=['stdin'], attach_fhs=dict( stdout=fp, logger=sys.stderr, ), ) proc.handles['stdin'].write(secret1) del secret1 proc.handles['stdin'].close() try: proc.wait() except IOError, e: print >>sys.stderr, '%s: gnupg: %s' % (sys.argv[0], e) sys.exit(1) except: try: os.unlink(tmp) except: pass raise os.rename(tmp, path) print 'Encrypted to:' for uid in users: print '\t%s' % uid