summaryrefslogtreecommitdiff
path: root/src/mailman_pgp/utils/pgp.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/mailman_pgp/utils/pgp.py')
-rw-r--r--src/mailman_pgp/utils/pgp.py31
1 files changed, 31 insertions, 0 deletions
diff --git a/src/mailman_pgp/utils/pgp.py b/src/mailman_pgp/utils/pgp.py
index 621aa02..1dfdc5e 100644
--- a/src/mailman_pgp/utils/pgp.py
+++ b/src/mailman_pgp/utils/pgp.py
@@ -18,6 +18,7 @@
"""Miscellaneous PGP utilities."""
from pgpy import PGPKey, PGPSignature
from pgpy.constants import SignatureType
+from pgpy.errors import PGPError
from pgpy.packet import Packet, Signature
from pgpy.types import Armorable
from public import public
@@ -97,3 +98,33 @@ def revoc_from_blob(blob):
sig = PGPSignature()
sig |= p
return sig
+
+
+@public
+def key_usable(key, flags_required):
+ """
+
+ :param key:
+ :type key: pgpy.PGPKey
+ :param flags_required:
+ :return:
+ :rtype: bool
+ """
+ if key.is_expired:
+ return False
+ primary_revocs = (sig for sig in key.self_signatures if
+ sig.sigtype is SignatureType.KeyRevocation)
+ for revoc in primary_revocs:
+ try:
+ verified = key.verify(key, revoc)
+ except PGPError:
+ continue
+ if bool(verified):
+ return False
+ usage_flags = key.usage_flags()
+ for subkey in key.subkeys.values():
+ usage_flags |= subkey.usage_flags()
+
+ if flags_required not in usage_flags:
+ return False
+ return True
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-08 19:00:45 +0000