Page Menu
Home
GnuPG
Search
Configure Global Search
Log In
Files
F22947829
local-sign-group.py
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Size
5 KB
Subscribers
None
local-sign-group.py
View Options
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
from
__future__
import
absolute_import
,
division
,
unicode_literals
import
gpg
import
os.path
import
subprocess
import
sys
from
groups
import
group_lists
# Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License and the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU General Public License and the GNU
# Lesser General Public along with this program; if not, see
# <https://www.gnu.org/licenses/>.
print
(
"""
This script applies a local signature or certification to every key in a group.
Usage: local-sign-group.py <group name> [signing keyid] [gnupg homedir]
"""
)
c
=
gpg
.
Context
(
armor
=
True
)
mkfpr
=
None
defkey_fpr
=
None
enckey_fpr
=
None
to_certify
=
[]
if
len
(
sys
.
argv
)
>=
4
:
clique
=
sys
.
argv
[
1
]
sigkey
=
sys
.
argv
[
2
]
homedir
=
sys
.
argv
[
3
]
elif
len
(
sys
.
argv
)
==
3
:
clique
=
sys
.
argv
[
1
]
sigkey
=
sys
.
argv
[
2
]
homedir
=
input
(
"Enter the GPG configuration directory path (optional): "
)
elif
len
(
sys
.
argv
)
==
2
:
clique
=
sys
.
argv
[
1
]
sigkey
=
input
(
"Enter the key ID to sign with (conditionally optional): "
)
homedir
=
input
(
"Enter the GPG configuration directory path (optional): "
)
else
:
clique
=
input
(
"Enter the group matching the key(s) to locally sign: "
)
sigkey
=
input
(
"Enter the key ID to sign with (conditionally optional): "
)
homedir
=
input
(
"Enter the GPG configuration directory path (optional): "
)
if
len
(
homedir
)
==
0
:
homedir
=
None
elif
homedir
.
startswith
(
"~"
):
userdir
=
os
.
path
.
expanduser
(
homedir
)
if
os
.
path
.
exists
(
userdir
)
is
True
:
homedir
=
os
.
path
.
realpath
(
userdir
)
else
:
homedir
=
None
else
:
homedir
=
os
.
path
.
realpath
(
homedir
)
if
homedir
is
not
None
and
os
.
path
.
exists
(
homedir
)
is
False
:
homedir
=
None
elif
homedir
is
not
None
and
os
.
path
.
exists
(
homedir
)
is
True
:
if
os
.
path
.
isdir
(
homedir
)
is
False
:
homedir
=
None
else
:
pass
if
homedir
is
not
None
:
c
.
home_dir
=
homedir
else
:
pass
if
len
(
sigkey
)
==
0
:
sigkey
=
None
else
:
pass
if
sys
.
platform
==
"win32"
:
gpgconfcmd
=
"gpgconf.exe --list-options gpg"
else
:
gpgconfcmd
=
"gpgconf --list-options gpg"
try
:
lines
=
subprocess
.
getoutput
(
gpgconfcmd
)
.
splitlines
()
except
:
process
=
subprocess
.
Popen
(
gpgconfcmd
.
split
(),
stdout
=
subprocess
.
PIPE
)
procom
=
process
.
communicate
()
if
sys
.
version_info
[
0
]
==
2
:
lines
=
procom
[
0
]
.
splitlines
()
else
:
lines
=
procom
[
0
]
.
decode
()
.
splitlines
()
for
i
in
range
(
len
(
lines
)):
if
lines
[
i
]
.
startswith
(
"default-key"
)
is
True
:
dline
=
lines
[
i
]
elif
lines
[
i
]
.
startswith
(
"encrypt-to"
)
is
True
:
eline
=
lines
[
i
]
else
:
pass
defkey_fpr
=
dline
.
split
(
":"
)[
-
1
]
.
replace
(
'"'
,
''
)
.
split
(
','
)[
0
]
.
upper
()
enckey_fpr
=
eline
.
split
(
":"
)[
-
1
]
.
replace
(
'"'
,
''
)
.
split
(
','
)[
0
]
.
upper
()
try
:
dkey
=
c
.
keylist
(
pattern
=
defkey_fpr
,
secret
=
True
)
dk
=
list
(
dkey
)
except
Exception
as
de
:
print
(
de
)
dk
=
None
print
(
"No valid default key."
)
try
:
ekey
=
c
.
keylist
(
pattern
=
defkey_fpr
,
secret
=
True
)
ek
=
list
(
ekey
)
except
Exception
as
ee
:
print
(
ee
)
ek
=
None
print
(
"No valid always encrypt to key."
)
if
sigkey
is
not
None
:
mykey
=
c
.
keylist
(
pattern
=
sigkey
,
secret
=
True
)
mk
=
list
(
mykey
)
mkfpr
=
mk
[
0
]
.
fpr
.
upper
()
c
.
signers
=
mk
else
:
if
dk
is
None
and
ek
is
not
None
:
c
.
signers
=
ek
else
:
pass
for
group
in
group_lists
:
if
group
[
0
]
==
clique
:
for
logrus
in
group
[
1
]:
khole
=
c
.
keylist
(
pattern
=
logrus
)
k
=
list
(
khole
)
to_certify
.
append
(
k
[
0
]
.
fpr
.
upper
())
else
:
pass
if
mkfpr
is
not
None
:
if
to_certify
.
count
(
mkfpr
)
>
0
:
for
n
in
range
(
to_certify
.
count
(
mkfpr
)):
to_certify
.
remove
(
mkfpr
)
else
:
pass
else
:
pass
if
defkey_fpr
is
not
None
:
if
to_certify
.
count
(
defkey_fpr
)
>
0
:
for
n
in
range
(
to_certify
.
count
(
defkey_fpr
)):
to_certify
.
remove
(
defkey_fpr
)
else
:
pass
else
:
pass
if
enckey_fpr
is
not
None
:
if
to_certify
.
count
(
enckey_fpr
)
>
0
:
for
n
in
range
(
to_certify
.
count
(
enckey_fpr
)):
to_certify
.
remove
(
enckey_fpr
)
else
:
pass
else
:
pass
for
fpr
in
to_certify
:
key
=
c
.
get_key
(
fpr
)
c
.
key_sign
(
key
,
uids
=
None
,
expires_in
=
False
,
local
=
True
)
File Metadata
Details
Attached
Mime Type
text/x-python
Expires
Sat, May 10, 8:36 AM (1 d, 16 h)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
57/91/3c7073811e573764541743618221
Attached To
rM GPGME
Event Timeline
Log In to Comment