From f00ffb7dd2547ce41ddebedb10841aa2f0c3082a Mon Sep 17 00:00:00 2001 From: s3lph <1375407-s3lph@users.noreply.gitlab.com> Date: Tue, 31 Jan 2023 01:23:16 +0100 Subject: [PATCH] Implement revoked key submission in client --- client.py | 42 +++++++++++++++++++++++++++++------------- 1 file changed, 29 insertions(+), 13 deletions(-) diff --git a/client.py b/client.py index d416b6f..f1e8042 100755 --- a/client.py +++ b/client.py @@ -397,7 +397,7 @@ def _parse_confirmation_request(address, fingerprint, encrypted): return rdict['sender'], rdict['nonce'] -def _create_submission_request(address: str, fingerprint: str, submission_address: str): +def _create_submission_request(address: str, submission_address: str, fingerprint: str, revoked_fingerprints): gpg = subprocess.Popen([ '/usr/bin/gpg', '--locate-keys', '--with-colons', submission_address ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) @@ -409,7 +409,7 @@ def _create_submission_request(address: str, fingerprint: str, submission_addres '/usr/bin/gpg', '--armor', '--export-options', 'export-minimal', '--export', fingerprint - ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) + ] + revoked_fingerprints, stdout=subprocess.PIPE, stderr=subprocess.PIPE) gpg.wait() if gpg.returncode != 0: raise RuntimeError(f'gpg subprocess returned with non-zero exit code; stderr: {gpg.stderr.read()}') @@ -529,26 +529,40 @@ def _gpg_get_uid_fp(address: str): raise RuntimeError(f'gpg subprocess returned with non-zero exit code; stderr: {gpg.stderr.read()}') keylist = gpg.stdout.read().decode() pubs = [] + revoked = [] fprs = [] for line in keylist.splitlines(): if line.startswith('pub:'): pub = line.split(':')[4] + r = line.split(':')[1] == 'r' pubs.append(pub) + revoked.append(r) elif line.startswith('fpr:'): fpr = line.split(':')[9] fprs.append(fpr) - if len(pubs) == 0: - raise ValueError(f'No key found for {address}.') - elif len(pubs) > 1: + valid = {fprs[i]: pub for i, pub in enumerate(pubs) if not revoked[i]} + revoked = {fprs[i]: pub for i, pub in enumerate(pubs) if revoked[i]} + if len(valid) == 0: + raise ValueError(f'No valid key found for {address}.') + elif len(valid) > 1: print(f'Found multiple keys for {address}, please choose:') - for i, pub in enumerate(pubs, start=1): - print(f'{i}: {pub}') + fpridx = list(valid.keys()) + for i, f in enumerate(fpridx, start=1): + print(f'{i}: {f}') i = int(input('Enter number: ')) - 1 + fpr = fpridx[i] else: - i = 0 - pub = pubs[i] - fpr = next(filter(lambda x: x.endswith(pub), fprs)) - return fpr + fpr = list(valid.keys())[0] + if len(revoked) > 0: + print(f'There are revoked keys for {address}. Please choose which to upload (separate multiple by spaces): ') + revidx = list(revoked.keys()) + for i, f in enumerate(revidx, start=1): + print(f'{i}: {f}') + rids = [int(i)-1 for i in input('Enter number(s): ').split()] + rfprs = [revidx[i] for i in rids] + else: + rfprs = [] + return fpr, rfprs def _get_submission_address(address: str): @@ -572,8 +586,10 @@ def main(): except urllib.error.URLError: print('No WKS submission address found. Does your provider support WKS?') exit(1) - fp = _gpg_get_uid_fp(ad) + fp, rfprs = _gpg_get_uid_fp(ad) print(f'Chose {fp}') + for rfpr in rfprs: + print(f'Chose revoked key {rfpr}') pw = getpass('Enter IMAP/POP3/SMTP password (will not echo): ') for fn in [tb_wellknown_autoconfig, rfc6186_autoconfig, tb_ispdb_autoconfig, manual_config]: autoconf = fn(ad, pw) @@ -610,7 +626,7 @@ def main(): with incoming_server: now = datetime.utcnow() done = False - request = _create_submission_request(ad, fp, sa) + request = _create_submission_request(ad, sa, fp, rfprs) print('Sending submission request') with outgoing_server: outgoing_server.send_message(request)