Implement revoked key submission in client
This commit is contained in:
parent
68ac57c4ce
commit
f00ffb7dd2
1 changed files with 29 additions and 13 deletions
42
client.py
42
client.py
|
@ -397,7 +397,7 @@ def _parse_confirmation_request(address, fingerprint, encrypted):
|
|||
return rdict['sender'], rdict['nonce']
|
||||
|
||||
|
||||
def _create_submission_request(address: str, fingerprint: str, submission_address: str):
|
||||
def _create_submission_request(address: str, submission_address: str, fingerprint: str, revoked_fingerprints):
|
||||
gpg = subprocess.Popen([
|
||||
'/usr/bin/gpg', '--locate-keys', '--with-colons', submission_address
|
||||
], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
|
@ -409,7 +409,7 @@ def _create_submission_request(address: str, fingerprint: str, submission_addres
|
|||
'/usr/bin/gpg', '--armor',
|
||||
'--export-options', 'export-minimal',
|
||||
'--export', fingerprint
|
||||
], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
] + revoked_fingerprints, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
gpg.wait()
|
||||
if gpg.returncode != 0:
|
||||
raise RuntimeError(f'gpg subprocess returned with non-zero exit code; stderr: {gpg.stderr.read()}')
|
||||
|
@ -529,26 +529,40 @@ def _gpg_get_uid_fp(address: str):
|
|||
raise RuntimeError(f'gpg subprocess returned with non-zero exit code; stderr: {gpg.stderr.read()}')
|
||||
keylist = gpg.stdout.read().decode()
|
||||
pubs = []
|
||||
revoked = []
|
||||
fprs = []
|
||||
for line in keylist.splitlines():
|
||||
if line.startswith('pub:'):
|
||||
pub = line.split(':')[4]
|
||||
r = line.split(':')[1] == 'r'
|
||||
pubs.append(pub)
|
||||
revoked.append(r)
|
||||
elif line.startswith('fpr:'):
|
||||
fpr = line.split(':')[9]
|
||||
fprs.append(fpr)
|
||||
if len(pubs) == 0:
|
||||
raise ValueError(f'No key found for {address}.')
|
||||
elif len(pubs) > 1:
|
||||
valid = {fprs[i]: pub for i, pub in enumerate(pubs) if not revoked[i]}
|
||||
revoked = {fprs[i]: pub for i, pub in enumerate(pubs) if revoked[i]}
|
||||
if len(valid) == 0:
|
||||
raise ValueError(f'No valid key found for {address}.')
|
||||
elif len(valid) > 1:
|
||||
print(f'Found multiple keys for {address}, please choose:')
|
||||
for i, pub in enumerate(pubs, start=1):
|
||||
print(f'{i}: {pub}')
|
||||
fpridx = list(valid.keys())
|
||||
for i, f in enumerate(fpridx, start=1):
|
||||
print(f'{i}: {f}')
|
||||
i = int(input('Enter number: ')) - 1
|
||||
fpr = fpridx[i]
|
||||
else:
|
||||
i = 0
|
||||
pub = pubs[i]
|
||||
fpr = next(filter(lambda x: x.endswith(pub), fprs))
|
||||
return fpr
|
||||
fpr = list(valid.keys())[0]
|
||||
if len(revoked) > 0:
|
||||
print(f'There are revoked keys for {address}. Please choose which to upload (separate multiple by spaces): ')
|
||||
revidx = list(revoked.keys())
|
||||
for i, f in enumerate(revidx, start=1):
|
||||
print(f'{i}: {f}')
|
||||
rids = [int(i)-1 for i in input('Enter number(s): ').split()]
|
||||
rfprs = [revidx[i] for i in rids]
|
||||
else:
|
||||
rfprs = []
|
||||
return fpr, rfprs
|
||||
|
||||
|
||||
def _get_submission_address(address: str):
|
||||
|
@ -572,8 +586,10 @@ def main():
|
|||
except urllib.error.URLError:
|
||||
print('No WKS submission address found. Does your provider support WKS?')
|
||||
exit(1)
|
||||
fp = _gpg_get_uid_fp(ad)
|
||||
fp, rfprs = _gpg_get_uid_fp(ad)
|
||||
print(f'Chose {fp}')
|
||||
for rfpr in rfprs:
|
||||
print(f'Chose revoked key {rfpr}')
|
||||
pw = getpass('Enter IMAP/POP3/SMTP password (will not echo): ')
|
||||
for fn in [tb_wellknown_autoconfig, rfc6186_autoconfig, tb_ispdb_autoconfig, manual_config]:
|
||||
autoconf = fn(ad, pw)
|
||||
|
@ -610,7 +626,7 @@ def main():
|
|||
with incoming_server:
|
||||
now = datetime.utcnow()
|
||||
done = False
|
||||
request = _create_submission_request(ad, fp, sa)
|
||||
request = _create_submission_request(ad, sa, fp, rfprs)
|
||||
print('Sending submission request')
|
||||
with outgoing_server:
|
||||
outgoing_server.send_message(request)
|
||||
|
|
Loading…
Reference in a new issue