GitHub - isislovecruft/python-gnupg: A modified version of python-gnupg, including security patches, extensive documentation, and extra features. (original) (raw)

pretty-bad-protocol (a.k.a. python-gnupg) On PyPI

Complete rewrite of Vinay Sajip's python-gnupg, including patches to fix a shell injection vulnerability due to unsanitised inputs being passed to subprocess.Popen([...], shell=True).

Installation

From PyPI

It's simple. Just do:

[sudo] pip install pretty-bad-protocol

Additionally, the legacy way to install versions of this library < 3.0.0 is:

[sudo] pip install gnupg

From git

To install this package from this git repository, do:

git clone https://github.com/isislovecruft/python-gnupg.git cd python-gnupg make install make test

Optionally, to build the Sphinx documentation, do:

make docs

To get started using python-gnupg's API, see the documentation, and import the module like so:

.. code-block:: python

from pretty_bad_protocol import gnupg

The primary interface class you'll likely want to interact with is gnupg.GPG:

gpg = gnupg.GPG(binary='/usr/bin/gpg', ... homedir='./keys', ... keyring='pubring.gpg', ... secring='secring.gpg') batch_key_input = gpg.gen_key_input( ... key_type='RSA', ... key_length=4096) print batch_key_input Key-Type: RSA Name-Email: isis@wintermute Key-Length: 4096 Name-Real: Autogenerated Key %commit

key = gpg.gen_key(batch_key_input) print key.fingerprint 245D8FA30F543B742053949F553C0E154F2E7A98

message = "The crow flies at midnight." encrypted = str(gpg.encrypt(message, key.fingerprint)) decrypted = str(gpg.decrypt(encrypted)) assert decrypted == message

Bug Reports & Feature Requests

Our bugtracker can be found on Github. Public comments and discussions are also welcome on the bugtracker. Patches are always welcome.

I increasingly have less and less time to deal with maintaining this module. Please be patient, and if there is a patch your project urgently needs, please consider temporarily forking until I or one of the other maintainers can get to your issue.