2 # -*- coding: utf-8 -*-
4 from __future__ import absolute_import, division, unicode_literals
11 from groups import group_lists
13 # Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>
15 # This program is free software; you can redistribute it and/or modify it under
16 # the terms of the GNU General Public License as published by the Free Software
17 # Foundation; either version 2 of the License, or (at your option) any later
20 # This program is free software; you can redistribute it and/or modify it under
21 # the terms of the GNU Lesser General Public License as published by the Free
22 # Software Foundation; either version 2.1 of the License, or (at your option)
25 # This program is distributed in the hope that it will be useful, but WITHOUT
26 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
27 # FOR A PARTICULAR PURPOSE. See the GNU General Public License and the GNU
28 # Lesser General Public License for more details.
30 # You should have received a copy of the GNU General Public License and the GNU
31 # Lesser General Public along with this program; if not, see
32 # <http://www.gnu.org/licenses/>.
35 This script applies a local signature or certification to every key in a group.
37 Usage: local-sign-group.py <group name> [signing keyid] [gnupg homedir]
40 c = gpg.Context(armor=True)
46 if len(sys.argv) >= 4:
50 elif len(sys.argv) == 3:
53 homedir = input("Enter the GPG configuration directory path (optional): ")
54 elif len(sys.argv) == 2:
56 sigkey = input("Enter the key ID to sign with (conditionally optional): ")
57 homedir = input("Enter the GPG configuration directory path (optional): ")
59 clique = input("Enter the group matching the key(s) to locally sign: ")
60 sigkey = input("Enter the key ID to sign with (conditionally optional): ")
61 homedir = input("Enter the GPG configuration directory path (optional): ")
65 elif homedir.startswith("~"):
66 userdir = os.path.expanduser(homedir)
67 if os.path.exists(userdir) is True:
68 homedir = os.path.realpath(userdir)
72 homedir = os.path.realpath(homedir)
74 if homedir is not None and os.path.exists(homedir) is False:
76 elif homedir is not None and os.path.exists(homedir) is True:
77 if os.path.isdir(homedir) is False:
82 if homedir is not None:
92 if sys.platform == "win32":
93 gpgconfcmd = "gpgconf.exe --list-options gpg"
95 gpgconfcmd = "gpgconf --list-options gpg"
98 lines = subprocess.getoutput(gpgconfcmd).splitlines()
100 process = subprocess.Popen(gpgconfcmd.split(), stdout=subprocess.PIPE)
101 procom = process.communicate()
102 if sys.version_info[0] == 2:
103 lines = procom[0].splitlines()
105 lines = procom[0].decode().splitlines()
107 for i in range(len(lines)):
108 if lines[i].startswith("default-key") is True:
110 elif lines[i].startswith("encrypt-to") is True:
115 defkey_fpr = dline.split(":")[-1].replace('"', '').split(',')[0].upper()
116 enckey_fpr = eline.split(":")[-1].replace('"', '').split(',')[0].upper()
119 dkey = c.keylist(pattern=defkey_fpr, secret=True)
121 except Exception as de:
124 print("No valid default key.")
127 ekey = c.keylist(pattern=defkey_fpr, secret=True)
129 except Exception as ee:
132 print("No valid always encrypt to key.")
134 if sigkey is not None:
135 mykey = c.keylist(pattern=sigkey, secret=True)
137 mkfpr = mk[0].fpr.upper()
140 if dk is None and ek is not None:
145 for group in group_lists:
146 if group[0] == clique:
147 for logrus in group[1]:
148 khole = c.keylist(pattern=logrus)
150 to_certify.append(k[0].fpr.upper())
154 if mkfpr is not None:
155 if to_certify.count(mkfpr) > 0:
156 for n in range(to_certify.count(mkfpr)):
157 to_certify.remove(mkfpr)
163 if defkey_fpr is not None:
164 if to_certify.count(defkey_fpr) > 0:
165 for n in range(to_certify.count(defkey_fpr)):
166 to_certify.remove(defkey_fpr)
172 if enckey_fpr is not None:
173 if to_certify.count(enckey_fpr) > 0:
174 for n in range(to_certify.count(enckey_fpr)):
175 to_certify.remove(enckey_fpr)
181 for fpr in to_certify:
183 c.key_sign(key, uids=None, expires_in=False, local=True)