From 3abed698897f01f7b9d71675ea038e21bff39c56 Mon Sep 17 00:00:00 2001 From: "W. Trevor King" Date: Sat, 21 Apr 2012 13:20:00 -0400 Subject: [PATCH] Add `allow_default_signer` to `sign_and_encrypt_bytes`. This allows you to fall back to your configured default signer (`default-key` in `~/.gnupg/gpg.conf`). `sign_and_encrypt_bytes` will sign (and possibly encrypt) content when either `signers` is non-empty or `allow_default_signer` is set. The signing PGP/MIME wrappers around `sign_and_encrypt_bytes` (`sign` and `sign_and_encrypt`) both expose the new option to their callers. --- pgp_mime/crypt.py | 14 ++++++++------ pgp_mime/pgp.py | 10 ++++++---- 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/pgp_mime/crypt.py b/pgp_mime/crypt.py index d326d24..40d4572 100644 --- a/pgp_mime/crypt.py +++ b/pgp_mime/crypt.py @@ -72,7 +72,8 @@ def _write(fd, data): def sign_and_encrypt_bytes(data, signers=None, recipients=None, - always_trust=False, mode='detach'): + always_trust=False, mode='detach', + allow_default_signer=False): r"""Sign ``data`` with ``signers`` and encrypt to ``recipients``. Just sign: @@ -116,11 +117,12 @@ def sign_and_encrypt_bytes(data, signers=None, recipients=None, client.make_request( _common.Request('OUTPUT', 'FD={}'.format(output_write))) parameters = [] - if signers and recipients: - command = 'SIGN_ENCRYPT' - elif signers: - command = 'SIGN' - parameters.append('--{}'.format(mode)) + if signers or allow_default_signer: + if recipients: + command = 'SIGN_ENCRYPT' + else: + command = 'SIGN' + parameters.append('--{}'.format(mode)) elif recipients: command = 'ENCRYPT' else: diff --git a/pgp_mime/pgp.py b/pgp_mime/pgp.py index 498428a..8a7df52 100644 --- a/pgp_mime/pgp.py +++ b/pgp_mime/pgp.py @@ -12,7 +12,7 @@ from .email import email_targets as _email_targets from .email import strip_bcc as _strip_bcc -def sign(message, signers=None): +def sign(message, signers=None, allow_default_signer=False): r"""Sign a ``Message``, returning the signed version. multipart/signed @@ -92,7 +92,8 @@ def sign(message, signers=None): """ body = message.as_string().encode('us-ascii') signature = str(_sign_and_encrypt_bytes( - data=body, signers=signers), 'us-ascii') + data=body, signers=signers, + allow_default_signer=allow_default_signer), 'us-ascii') sig = _MIMEApplication( _data=signature, _subtype='pgp-signature; name="signature.asc"', @@ -202,7 +203,7 @@ def encrypt(message, recipients=None, always_trust=True): return msg def sign_and_encrypt(message, signers=None, recipients=None, - always_trust=False): + always_trust=False, allow_default_signer=False): r"""Sign and encrypt a ``Message``, returning the encrypted version. multipart/encrypted @@ -278,7 +279,8 @@ def sign_and_encrypt(message, signers=None, recipients=None, _LOG.debug('extracted encryption recipients: {}'.format(recipients)) encrypted = str(_sign_and_encrypt_bytes( data=body, signers=signers, recipients=recipients, - always_trust=always_trust), 'us-ascii') + always_trust=always_trust, + allow_default_signer=allow_default_signer), 'us-ascii') enc = _MIMEApplication( _data=encrypted, _subtype='octet-stream; name="encrypted.asc"', -- 2.26.2