X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=userdir_gpg.py;h=cf9cdbc72d999032d3938d913a42f6af3ca6cdbb;hb=25e44ab9788aeb949e3dd5143a4f52f1c076ee1b;hp=c883d140939ce7ecbb9c349790b3512df0afd146;hpb=ad01f23258ec16be62e092ab4deb4a31fc3163d5;p=mirror%2Fuserdir-ldap.git diff --git a/userdir_gpg.py b/userdir_gpg.py index c883d14..cf9cdbc 100644 --- a/userdir_gpg.py +++ b/userdir_gpg.py @@ -254,11 +254,20 @@ def GPGWriteFilter(Program,Options,Message): # It is best if the recipient is specified using the hex key fingerprint # of the target, ie 0x64BE1319CCF6D393BF87FF9358A6D4EE def GPGEncrypt(Message,To,PGP2): + Error = "KeyringError" # Encrypt using the PGP5 block encoding and with the PGP5 option set. # This will handle either RSA or DSA/DH asymetric keys. # In PGP2 compatible mode IDEA and rfc1991 encoding are used so that # PGP2 can read the result. RSA keys do not need PGP2 to be set, as GPG # can read a message encrypted with blowfish and RSA. + searchkey = GPGKeySearch(To); + if len(searchkey) == 0: + raise Error, "No key found matching %s"%(To); + elif len(searchkey) > 1: + raise Error, "Multiple keys found matching %s"%(To); + if searchkey[0][4].find("E") < 0: + raise Error, "Key %s has no encryption capability - are all encryption subkeys expired or revoked? Are there any encryption subkeys?"%(To); + if PGP2 == 0: try: Res = None; @@ -443,6 +452,7 @@ def GPGKeySearch(SearchCriteria): Result = []; Owner = ""; KeyID = ""; + Capabilities = "" Expired = None; Hits = {}; @@ -464,7 +474,8 @@ def GPGKeySearch(SearchCriteria): if Split[0] == 'pub': KeyID = Split[4]; Owner = Split[9]; - Length = int(Split[2]); + Length = int(Split[2]) + Capabilities = Split[11] Expired = Split[1] == 'e' # Output the key @@ -473,7 +484,7 @@ def GPGKeySearch(SearchCriteria): continue; Hits[Split[9]] = None; if not Expired: - Result.append( (KeyID,Split[9],Owner,Length) ); + Result.append( (KeyID,Split[9],Owner,Length,Capabilities) ); finally: if Strm != None: Strm.close();