aboutsummaryrefslogtreecommitdiff
path: root/src/mailman_pgp/utils/pgp.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/mailman_pgp/utils/pgp.py')
-rw-r--r--src/mailman_pgp/utils/pgp.py45
1 files changed, 45 insertions, 0 deletions
diff --git a/src/mailman_pgp/utils/pgp.py b/src/mailman_pgp/utils/pgp.py
index be97a75..05721b4 100644
--- a/src/mailman_pgp/utils/pgp.py
+++ b/src/mailman_pgp/utils/pgp.py
@@ -179,3 +179,48 @@ def key_usable(key, flags_required):
if bool(verified):
return False
return flags_required.issubset(key_flags(key))
+
+
+@public
+def key_merge(privkey, new_key, signer_key):
+ """
+
+ :param privkey:
+ :type privkey: pgpy.PGPKey
+ :param new_key:
+ :type new_key: pgpy.PGPKey
+ """
+ if privkey.pubkey.key_material != new_key.key_material:
+ raise ValueError('You sent a wrong key.')
+
+ uid_map = {}
+ for uid in privkey.userids:
+ for uid_other in new_key.userids:
+ if uid == uid_other:
+ uid_map[uid] = uid_other
+
+ if len(uid_map) == 0:
+ raise ValueError('No signed UIDs found.')
+
+ uid_sigs = {}
+ for uid, uid_other in uid_map.items():
+ for sig in uid_other.signatures:
+ if sig in uid.signatures:
+ continue
+ if sig.signer != signer_key.fingerprint.keyid:
+ continue
+ # sig is a new signature, not currenctly on uid, ans seems to
+ # be made by the pgp_address.key
+ try:
+ verification = signer_key.verify(uid, sig)
+ if bool(verification):
+ uid_sigs.setdefault(uid, []).append(sig)
+ except PGPError:
+ pass
+
+ if len(uid_sigs) == 0:
+ raise ValueError('No new certifications found.')
+
+ for uid, sigs in uid_sigs.items():
+ for sig in sigs:
+ uid |= sig
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-08 12:59:53 +0000