docs: python bindings howto
authorBen McGinnes <ben@adversary.org>
Sat, 2 Jun 2018 14:46:46 +0000 (00:46 +1000)
committerBen McGinnes <ben@adversary.org>
Sat, 2 Jun 2018 14:46:46 +0000 (00:46 +1000)
* Another attempt at fixing the org-mode version.
* A proof reader ascertained there were tabs in it instead of whitespace.
* Stripped the lot out and replaced with standard 4 spaces, fixed
  every incorrect example ... and it still breaks upon save and/or export.
* Added the reference to the mutt-groups.py script to demonstrate the
  groups.py module/code.

lang/python/docs/GPGMEpythonHOWTOen.org

index c9397bc..3325c08 100644 (file)
       ciphertext, result, sign_result = c.encrypt(text, recipients=rkey, sign=False)
 
       with open("secret_plans.txt.asc", "wb") as afile:
-         afile.write(ciphertext)
+      afile.write(ciphertext)
     #+end_src
 
     Though this is even more likely to be used like this; with the
       a_key = "0x12345678DEADBEEF"
 
       with open("secret_plans.txt", "rb") as afile:
-         text = afile.read()
+      text = afile.read()
 
       c = gpg.Context(armor=True)
       rkey = list(c.keylist(pattern=a_key, secret=False))
       ciphertext, result, sign_result = c.encrypt(text, recipients=rkey,
-                             sign=True, always_trust=True, add_encrypt_to=True)
+                                                 sign=True, always_trust=True,
+                                                 add_encrypt_to=True)
 
       with open("secret_plans.txt.asc", "wb") as afile:
          afile.write(ciphertext)
          if rpattern[i].can_encrypt == 1:
              logrus.append(rpattern[i])
 
-      ciphertext, result, sign_result = c.encrypt(text, recipients=logrus, sign=False,
-                                 always_trust=True)
+      ciphertext, result, sign_result = c.encrypt(text, recipients=logrus,
+                                                 sign=False, always_trust=True)
 
       with open("secret_plans.txt.asc", "wb") as afile:
          afile.write(ciphertext)
 
     #+begin_src python
       ciphertext, result, sign_result = c.encrypt(text, recipients=logrus,
-                                                 always_trust=True,
-                                                 add_encrypt_to=True)
+                          always_trust=True,
+                          add_encrypt_to=True)
     #+end_src
 
     The only keyword arguments requiring modification are those for
       import gpg
 
       with open("secret_plans.txt.asc", "rb") as afile:
-         text = afile.read()
+      text = afile.read()
 
       c = gpg.Context(armor=True)
       rpattern = list(c.keylist(pattern="@gnupg.org", secret=False))
          if rpattern[i].can_encrypt == 1:
              logrus.append(rpattern[i])
 
-      try:
-         ciphertext, result, sign_result = c.encrypt(text, recipients=logrus,
-                                                     add_encrypt_to=True)
-      except gpg.errors.InvalidRecipients as e:
-         for i in range(len(e.recipients)):
-             for n in range(len(logrus)):
-                 if logrus[n].fpr == e.recipients[i].fpr:
-                     logrus.remove(logrus[n])
-                 else:
-                     pass
          try:
              ciphertext, result, sign_result = c.encrypt(text, recipients=logrus,
                                                          add_encrypt_to=True)
-         except:
-             pass
+         except gpg.errors.InvalidRecipients as e:
+             for i in range(len(e.recipients)):
+                 for n in range(len(logrus)):
+                     if logrus[n].fpr == e.recipients[i].fpr:
+                         logrus.remove(logrus[n])
+                     else:
+                         pass
 
-      with open("secret_plans.txt.asc", "wb") as afile:
-         afile.write(ciphertext)
+      try:
+         ciphertext, result, sign_result = c.encrypt(text, recipients=logrus,
+                                                     add_encrypt_to=True)
+         with open("secret_plans.txt.asc", "wb") as afile:
+             afile.write(ciphertext)
+      except:
+         pass
     #+end_src
 
     This will attempt to encrypt to all the keys searched for, then
      import gpg
 
      with open("/path/to/statement.txt", "rb") as tfile:
-         text = tfile.read()
+        text = tfile.read()
 
      c = gpg.Context()
      signed_data, result = c.sign(text, mode=gpg.constants.sig.mode.NORMAL)
 
      with open("/path/to/statement.txt.sig", "wb") as afile:
-         afile.write(signed_data)
+        afile.write(signed_data)
    #+end_src
 
 
       signed_data, result = c.sign(text, mode=gpg.constants.sig.mode.DETACH)
 
       with open("/path/to/statement.txt.asc", "w") as afile:
-          afile.write(signed_data.decode())
+         afile.write(signed_data.decode())
     #+end_src
 
     As with normal signatures, detached signatures are best handled as
       import gpg
 
       with open("/path/to/statement.txt", "rb") as tfile:
-          text = tfile.read()
+         text = tfile.read()
 
       c = gpg.Context(signers=sig_src)
       signed_data, result = c.sign(text, mode=gpg.constants.sig.mode.DETACH)
 
       with open("/path/to/statement.txt.sig", "wb") as afile:
-          afile.write(signed_data)
+         afile.write(signed_data)
     #+end_src
 
 
       import gpg
 
       with open("/path/to/statement.txt", "rb") as tfile:
-          text = tfile.read()
+         text = tfile.read()
 
       c = gpg.Context()
       signed_data, result = c.sign(text, mode=gpg.constants.sig.mode.CLEAR)
 
       with open("/path/to/statement.txt.asc", "wb") as afile:
-          afile.write(signed_data)
+         afile.write(signed_data)
     #+end_src
 
 
      {0}
      with key {1}
      made at {2}
-     """.format(c.get_key(sign.fpr).uids[0].uid,
-               sign.fpr, time.ctime(sign.timestamp)))
+     """.format(c.get_key(sign.fpr).uids[0].uid, sign.fpr,
+               time.ctime(sign.timestamp)))
      else:
         pass
    #+end_src
      {0}
      with key {1}
      made at {2}
-     """.format(c.get_key(sign.fpr).uids[0].uid,
-               sign.fpr, time.ctime(sign.timestamp)))
+     """.format(c.get_key(sign.fpr).uids[0].uid, sign.fpr,
+               time.ctime(sign.timestamp)))
      else:
         pass
    #+end_src
      {0}
      with key {1}
      made at {2}
-     """.format(c.get_key(sign.fpr).uids[0].uid,
-               sign.fpr, time.ctime(sign.timestamp)))
+     """.format(c.get_key(sign.fpr).uids[0].uid, sign.fpr,
+               time.ctime(sign.timestamp)))
      else:
         pass
    #+end_src
         verified = False
         print(e)
 
-     if verified is not None:
+     if verified is True:
         for i in range(len(result.signatures)):
             sign = result.signatures[i]
             print("""Good signature from:
      {0}
      with key {1}
      made at {2}
-     """.format(c.get_key(sign.fpr).uids[0].uid,
-               sign.fpr, time.ctime(sign.timestamp)))
+     """.format(c.get_key(sign.fpr).uids[0].uid, sign.fpr,
+               time.ctime(sign.timestamp)))
      else:
         pass
    #+end_src
    returned =GenkeyResult= object, which includes the following data:
 
    #+begin_src python
-     print("""
-     Fingerprint:  {0}
-     Primary Key:  {1}
-      Public Key:  {2}
-      Secret Key:  {3}
-        Sub Key:  {4}
-       User IDs:  {5}
-     """.format(dmkey.fpr, dmkey.primary, dmkey.pubkey, dmkey.seckey, dmkey.sub,
-               dmkey.uid))
+      print("""
+      Fingerprint:  {0}
+      Primary Key:  {1}
+       Public Key:  {2}
+       Secret Key:  {3}
+      Sub Key:  {4}
+     User IDs:  {5}
+      """.format(dmkey.fpr, dmkey.primary, dmkey.pubkey, dmkey.seckey, dmkey.sub,
+                dmkey.uid))
    #+end_src
 
    Alternatively the information can be confirmed using the command
      ~/.gnupg-dm/pubring.kbx
      ----------------------
      sec   rsa3072 2018-03-15 [SC] [expires: 2019-03-15]
-          177B7C25DB99745EE2EE13ED026D2F19E99E63AA
+       177B7C25DB99745EE2EE13ED026D2F19E99E63AA
      uid           [ultimate] Danger Mouse <dm@secret.example.net>
 
      bash-4.4$
      Secret key is available.
 
      sec  rsa3072/026D2F19E99E63AA
-         created: 2018-03-15  expires: 2019-03-15  usage: SC
-         trust: ultimate      validity: ultimate
+      created: 2018-03-15  expires: 2019-03-15  usage: SC
+      trust: ultimate      validity: ultimate
      [ultimate] (1). Danger Mouse <dm@secret.example.net>
 
      [ultimate] (1). Danger Mouse <dm@secret.example.net>
-         Cipher: TWOFISH, CAMELLIA256, AES256, CAMELLIA192, AES192, CAMELLIA128, AES, BLOWFISH, IDEA, CAST5, 3DES
-         Digest: SHA512, SHA384, SHA256, SHA224, RIPEMD160, SHA1
-         Compression: ZLIB, BZIP2, ZIP, Uncompressed
-         Features: MDC, Keyserver no-modify
+      Cipher: TWOFISH, CAMELLIA256, AES256, CAMELLIA192, AES192, CAMELLIA128, AES, BLOWFISH, IDEA, CAST5, 3DES
+      Digest: SHA512, SHA384, SHA256, SHA224, RIPEMD160, SHA1
+      Compression: ZLIB, BZIP2, ZIP, Uncompressed
+      Features: MDC, Keyserver no-modify
 
      bash-4.4$
    #+end_src
    As with the primary key, the results here can be checked with:
 
    #+begin_src python
-     print("""
-     Fingerprint:  {0}
-     Primary Key:  {1}
-      Public Key:  {2}
-      Secret Key:  {3}
-        Sub Key:  {4}
-       User IDs:  {5}
-     """.format(dmsub.fpr, dmsub.primary, dmsub.pubkey, dmsub.seckey, dmsub.sub,
-               dmsub.uid))
+      print("""
+      Fingerprint:  {0}
+      Primary Key:  {1}
+       Public Key:  {2}
+       Secret Key:  {3}
+      Sub Key:  {4}
+     User IDs:  {5}
+      """.format(dmsub.fpr, dmsub.primary, dmsub.pubkey, dmsub.seckey, dmsub.sub,
+                dmsub.uid))
    #+end_src
 
    As well as on the command line with:
      ~/.gnupg-dm/pubring.kbx
      ----------------------
      sec   rsa3072 2018-03-15 [SC] [expires: 2019-03-15]
-          177B7C25DB99745EE2EE13ED026D2F19E99E63AA
+       177B7C25DB99745EE2EE13ED026D2F19E99E63AA
      uid           [ultimate] Danger Mouse <dm@secret.example.net>
      ssb   rsa3072 2018-03-15 [E] [expires: 2018-09-13]
 
       ~/.gnupg-dm/pubring.kbx
       ----------------------
       sec   rsa3072 2018-03-15 [SC] [expires: 2019-03-15]
-           177B7C25DB99745EE2EE13ED026D2F19E99E63AA
+        177B7C25DB99745EE2EE13ED026D2F19E99E63AA
       uid           [ultimate] Danger Mouse <danger.mouse@secret.example.net>
       uid           [ultimate] Danger Mouse <dm@secret.example.net>
       ssb   rsa3072 2018-03-15 [E] [expires: 2018-09-13]
         if lines[i].startswith("group") is True:
             line = lines[i]
         else:
-                pass
+            pass
 
      groups = line.split(":")[-1].replace('"', '').split(',')
 
    =group_lines[i][0]= as the name of the group, but
    =group_lists[i][1]= is the key IDs of the group as a string.
 
+   A demonstration of using the =groups.py= module is also available
+   in the form of the executable =mutt-groups.py= script.  This second
+   script reads all the group entries in a user's =gpg.conf= file and
+   converts them into crypt-hooks suitable for use with the Mutt and
+   Neomutt mail clients.
+
 
 * Copyright and Licensing
   :PROPERTIES: