aboutsummaryrefslogtreecommitdiff
path: root/src/mailman_pgp/pgp
diff options
context:
space:
mode:
Diffstat (limited to 'src/mailman_pgp/pgp')
-rw-r--r--src/mailman_pgp/pgp/__init__.py94
1 files changed, 10 insertions, 84 deletions
diff --git a/src/mailman_pgp/pgp/__init__.py b/src/mailman_pgp/pgp/__init__.py
index 6841f02..a68c66b 100644
--- a/src/mailman_pgp/pgp/__init__.py
+++ b/src/mailman_pgp/pgp/__init__.py
@@ -17,103 +17,29 @@
""""""
-from glob import glob
-from os import makedirs
-from os.path import join
-
-from mailman.config import config as mailman_config
-from mailman.utilities.string import expand
from pgpy import PGPKeyring
-from pgpy.constants import EllipticCurveOID, PubKeyAlgorithm
from public import public
from mailman_pgp.config import config
-
-KEYDIR_CONFIG_PATHS = ['list_keydir', 'user_keydir', 'archive_keydir']
-KEYPAIR_CONFIG_VARIABLES = ['autogenerate', 'primary_key', 'sub_key']
-
-KEYPAIR_TYPE_MAP = {
- 'RSA': PubKeyAlgorithm.RSAEncryptOrSign,
- 'DSA': PubKeyAlgorithm.DSA,
- 'ECDSA': PubKeyAlgorithm.ECDSA,
- 'ECDH': PubKeyAlgorithm.ECDH
-}
-ECC_OID_MAP = {
- 'nistp256': EllipticCurveOID.NIST_P256,
- 'nistp384': EllipticCurveOID.NIST_P384,
- 'nistp521': EllipticCurveOID.NIST_P521,
- 'brainpoolP256r1': EllipticCurveOID.Brainpool_P256,
- 'brainpoolP384r1': EllipticCurveOID.Brainpool_P384,
- 'brainpoolP512r1': EllipticCurveOID.Brainpool_P512,
- 'secp256k1': EllipticCurveOID.SECP256K1
-}
+from mailman_pgp.utils.config import key_spec
@public
class PGP:
def __init__(self):
- self._load_config()
- self._validate_config()
-
- def _load_config(self):
- """
- Load [keypairs] and [keydirs] config sections. Expand paths in them.
- """
- # Get all the [keypairs] config variables.
- self._keypair_config = dict(
- (k, config.get('keypairs', k)) for k in
- KEYPAIR_CONFIG_VARIABLES)
-
- # Get and expand all [keydirs] config paths against Mailman's paths.
- self.keydir_config = dict(
- (k,
- expand(config.get('keydirs', k), None, mailman_config.paths))
- for k in KEYDIR_CONFIG_PATHS)
-
- def _parse_key_directive(self, value):
- key_type, key_length = value.split(':')
- key_type = key_type.upper()
- key_length = key_length.lower()
-
- if key_type not in KEYPAIR_TYPE_MAP:
- raise ValueError('Invalid key type: {}.'.format(key_type))
-
- out_type = KEYPAIR_TYPE_MAP[key_type]
- if key_type in ('ECDSA', 'ECDH'):
- if key_length not in ECC_OID_MAP:
- raise ValueError('Invalid key length: {}.'.format(key_length))
- out_length = ECC_OID_MAP[key_length]
- else:
- out_length = int(key_length)
- return (out_type, out_length)
-
- def _validate_config(self):
- """
- Validate [keypairs] and [keydirs] config sections. And create
- keydirs if necessary.
- """
- # Validate keypair config.
- self.primary_key_args = self._parse_key_directive(
- self._keypair_config['primary_key'])
- if not self.primary_key_args[0].can_sign:
- raise ValueError(
- 'Invalid primary key type: {}.'.format(
- self.primary_key_args[0]))
-
- self.sub_key_args = self._parse_key_directive(
- self._keypair_config['sub_key'])
- if not self.sub_key_args[0].can_encrypt:
- raise ValueError(
- 'Invalid sub key type: {}.'.format(self.sub_key_args[0]))
-
+ self.primary_key_args = key_spec(
+ config.get_value('keypairs', 'primary_key'))
+ self.sub_key_args = key_spec(config.get_value('keypairs', 'sub_key'))
# Make sure the keydir paths are directories and exist.
- for keydir in self.keydir_config.values():
+ self.keydirs = {keydir_name: config.get_value('keydirs', keydir_name)
+ for keydir_name in config.options('keydirs')}
+ for keydir_path in self.keydirs.values():
# TODO set a strict mode here
- makedirs(keydir, exist_ok=True)
+ keydir_path.mkdir(parents=True, exist_ok=True)
def _keyring(self, keydir):
- directory = self.keydir_config[keydir]
- return PGPKeyring(*glob(join(directory, '*.asc')))
+ directory = self.keydirs[keydir]
+ return PGPKeyring(*directory.glob('*.asc'))
@property
def list_keyring(self):
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-08 07:15:37 +0000