diff options
| author | J08nY | 2017-07-06 00:47:31 +0200 |
|---|---|---|
| committer | J08nY | 2017-07-06 00:47:31 +0200 |
| commit | 5669d2db3a3c8637680d7130ff5d3a1391997b20 (patch) | |
| tree | 1fcb0471d709cdcfd187257ad635be7ba3b918dc /src/mailman_pgp/pgp/inline.py | |
| parent | e1f89aa523f50ed9e2aba45fe815a65088036b37 (diff) | |
| download | mailman-pgp-5669d2db3a3c8637680d7130ff5d3a1391997b20.tar.gz mailman-pgp-5669d2db3a3c8637680d7130ff5d3a1391997b20.tar.zst mailman-pgp-5669d2db3a3c8637680d7130ff5d3a1391997b20.zip | |
Diffstat (limited to 'src/mailman_pgp/pgp/inline.py')
| -rw-r--r-- | src/mailman_pgp/pgp/inline.py | 70 |
1 files changed, 50 insertions, 20 deletions
diff --git a/src/mailman_pgp/pgp/inline.py b/src/mailman_pgp/pgp/inline.py index fe5b2c3..ca83e89 100644 --- a/src/mailman_pgp/pgp/inline.py +++ b/src/mailman_pgp/pgp/inline.py @@ -159,11 +159,10 @@ class InlineWrapper: if not part.is_multipart() and self._is_signed(part): yield self._verify(part, key) - def _sign(self, part, key, hash): - payload = str(part.get_payload()) - pmsg = PGPMessage.new(payload, cleartext=True) - pmsg |= key.sign(pmsg, hash=hash) - part.set_payload(str(pmsg)) + def _sign(self, pmsg, key, hash): + smsg = copy.copy(pmsg) + smsg |= key.sign(smsg, hash=hash) + return smsg def sign(self, key, hash=None): """ @@ -179,7 +178,10 @@ class InlineWrapper: out = copy.deepcopy(self.msg) for part in walk(out): if not part.is_multipart(): - self._sign(part, key, hash) + payload = str(part.get_payload()) + pmsg = PGPMessage.new(payload, cleartext=True) + smsg = self._sign(pmsg, key, hash) + part.set_payload(str(smsg)) return out def _decrypt(self, part, key): @@ -202,12 +204,17 @@ class InlineWrapper: self._decrypt(part, key) return out - def _encrypt(self, part, *keys, **kwargs): - payload = str(part.get_payload()) - pmsg = PGPMessage.new(payload) - for key in keys: - pmsg = key.encrypt(pmsg, **kwargs) - part.set_payload(str(pmsg)) + def _encrypt(self, pmsg, *keys, cipher): + emsg = copy.copy(pmsg) + if len(keys) == 1: + emsg = keys[0].encrypt(emsg, cipher=cipher) + else: + session_key = cipher.gen_key() + for key in keys: + emsg = key.encrypt(emsg, cipher=cipher, + session_key=session_key) + del session_key + return emsg def encrypt(self, *keys, cipher=SymmetricKeyAlgorithm.AES256): """ @@ -225,12 +232,35 @@ class InlineWrapper: out = copy.deepcopy(self.msg) for part in walk(out): if not part.is_multipart(): - if len(keys) == 1: - self._encrypt(part, *keys, cipher=cipher) - else: - session_key = cipher.gen_key() - for key in keys: - self._encrypt(part, key, cipher=cipher, - session_key=session_key) - del session_key + payload = str(part.get_payload()) + pmsg = PGPMessage.new(payload) + emsg = self._encrypt(pmsg, *keys, cipher=cipher) + part.set_payload(str(emsg)) return out + + def sign_encrypt(self, key, *keys, hash=None, + cipher=SymmetricKeyAlgorithm.AES256): + """ + + :param key: + :param keys: + :param hash: + :param cipher: + :return: + """ + if len(keys) == 0: + raise ValueError('At least one key necessary.') + + out = copy.deepcopy(self.msg) + for part in walk(out): + if not part.is_multipart(): + payload = str(part.get_payload()) + pmsg = PGPMessage.new(payload) + smsg = self._sign(pmsg, key, hash=hash) + emsg = self._encrypt(smsg, *keys, cipher=cipher) + part.set_payload(str(emsg)) + return out + + def sign_then_encrypt(self, key, *keys, hash=None, + cipher=SymmetricKeyAlgorithm.AES256): + return self.sign_encrypt(key, *keys, hash=hash, cipher=cipher)
\ No newline at end of file |