[openpgp] Generate keys without protection

bf8a88d5 · Philipp Hörist · d8bf566d · bf8a88d5
Commit bf8a88d5 authored Nov 21, 2020 by Philipp Hörist
Hide whitespace changes
Inline Side-by-side

Showing with 13 additions and 17 deletions

openpgp/backend/pygpg.py openpgp/backend/pygpg.py +13 -17

No files found.
--- a/openpgp/backend/pygpg.py
+++ b/openpgp/backend/pygpg.py
@@ -33,14 +33,13 @@ KeyringItem = namedtuple('KeyringItem', 'jid keyid fingerprint')

 class PythonGnuPG(gnupg.GPG):
    def __init__(self, jid, gnupghome):
-        gnupg.GPG.__init__(
-            self, gpgbinary='gpg', gnupghome=str(gnupghome))
+        gnupg.GPG.__init__(self, gpgbinary='gpg', gnupghome=str(gnupghome))

-        self._passphrase = 'gajimopenpgppassphrase'
        self._jid = jid.getBare()
        self._own_fingerprint = None

-    def _get_key_params(self, jid, passphrase):
+    @staticmethod
+    def _get_key_params(jid):
        '''
        Generate --gen-key input
        '''
@@ -49,17 +48,17 @@ class PythonGnuPG(gnupg.GPG):
            'Key-Type': 'RSA',
            'Key-Length': 2048,
            'Name-Real': 'xmpp:%s' % jid,
-            'Passphrase': passphrase,
        }

-        out = "Key-Type: %s\n" % params.pop('Key-Type')
+        out = 'Key-Type: %s\n' % params.pop('Key-Type')
        for key, val in list(params.items()):
-            out += "%s: %s\n" % (key, val)
-        out += "%commit\n"
+            out += '%s: %s\n' % (key, val)
+        out += '%no-protection\n'
+        out += '%commit\n'
        return out

    def generate_key(self):
-        super().gen_key(self._get_key_params(self._jid, self._passphrase))
+        super().gen_key(self._get_key_params(self._jid))

    def encrypt(self, payload, keys):
        recipients = [key.fingerprint for key in keys]
@@ -71,8 +70,7 @@ class PythonGnuPG(gnupg.GPG):
                                 recipients,
                                 armor=False,
                                 sign=self._own_fingerprint,
-                                 always_trust=True,
-                                 passphrase=self._passphrase)
+                                 always_trust=True)

        if result.ok:
            error = ''
@@ -82,9 +80,7 @@ class PythonGnuPG(gnupg.GPG):
        return result.data, error

    def decrypt(self, payload):
-        result = super().decrypt(payload,
-                                 always_trust=True,
-                                 passphrase=self._passphrase)
+        result = super().decrypt(payload, always_trust=True)
        if not result.ok:
            raise DecryptionFailed(result.status)

@@ -134,6 +130,7 @@ class PythonGnuPG(gnupg.GPG):

        result = self.scan_keys(temppath)
        if result:
+            key_found = False
            for uid in result.uids:
                if uid.startswith('xmpp:'):
                    if uid[5:] == jid:
@@ -174,10 +171,9 @@ class PythonGnuPG(gnupg.GPG):

    def export_key(self, fingerprint):
        key = super().export_keys(
-            fingerprint, secret=False, armor=False, minimal=False,
-            passphrase=self._passphrase)
+            fingerprint, secret=False, armor=False, minimal=True)
        return key

    def delete_key(self, fingerprint):
        log.info('Delete Key: %s', fingerprint)
-        super().delete_keys(fingerprint, passphrase=self._passphrase)
+        super().delete_keys(fingerprint)