hueso/gajim-plugins
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[pgp] Port to Gtk4 and add type annotations

Browse Source
This commit is contained in:
Philipp Hörist
2025-01-28 23:22:05 +01:00
parent 6fe2da67c3
commit 3a5816259c
11 changed files with 1323 additions and 285 deletions
Download Patch File Download Diff File Expand all files Collapse all files

899
typings/gnupg/__init__.pyi Normal file
View File

@@ -0,0 +1,899 @@
"""
This type stub file was generated by pyright.
"""
from typing import Any
__version__: str = ...
__author__: str = ...
__date__: str = ...
class StatusHandler:
"""
The base class for handling status messages from `gpg`.
"""
on_data_failure = ...
def __init__(self, gpg: GPG) -> None:
"""
Initialize an instance.
Args:
gpg (GPG): The :class:`GPG` instance in use.
"""
...
def handle_status(self, key: str, value: str) -> None:
"""
Handle status messages from the `gpg` child process. These are lines of the format
[GNUPG:] <key> <value>
Args:
key (str): Identifies what the status message is.
value (str): Identifies additional data, which differs depending on the key.
"""
...
class Verify(StatusHandler):
"""
This class handles status messages during signature verificaton.
"""
TRUST_EXPIRED: int = ...
TRUST_UNDEFINED: int = ...
TRUST_NEVER: int = ...
TRUST_MARGINAL: int = ...
TRUST_FULLY: int = ...
TRUST_ULTIMATE: int = ...
TRUST_LEVELS: dict[str, int] = ...
GPG_SYSTEM_ERROR_CODES: dict[int, str] = ...
GPG_ERROR_CODES: dict[int, str] = ...
returncode = ...
valid: bool = ...
fingerprint: str | None = ...
def __init__(self, gpg: GPG) -> None: ...
def __nonzero__(self) -> bool: ...
__bool__ = ...
def handle_status(self, key: str, value: str) -> None: ...
class ImportResult(StatusHandler):
"""
This class handles status messages during key import.
"""
counts = ...
returncode = ...
def __init__(self, gpg: GPG) -> None: ...
def __nonzero__(self) -> bool: ...
__bool__ = ...
ok_reason: dict[str, str] = ...
problem_reason: dict[str, str] = ...
def handle_status(self, key: str, value: str) -> None: ...
def summary(self) -> str:
"""
Return a summary indicating how many keys were imported and how many were not imported.
"""
...
ESCAPE_PATTERN = ...
BASIC_ESCAPES = ...
class SendResult(StatusHandler):
"""
This class handles status messages during key sending.
"""
returncode = ...
def handle_status(self, key: str, value: str) -> None: ...
class SearchKeys(StatusHandler, list[dict[Any, Any]]):
"""
This class handles status messages during key search.
"""
UID_INDEX = ...
FIELDS = ...
returncode = ...
def __init__(self, gpg: GPG) -> None: ...
def get_fields(self, args: Any) -> dict[str, Any]:
"""
Internal method used to update the instance from a `gpg` status message.
"""
...
def pub(self, args: Any) -> None:
"""
Internal method used to update the instance from a `gpg` status message.
"""
...
def uid(self, args: Any) -> None:
"""
Internal method used to update the instance from a `gpg` status message.
"""
...
def handle_status(self, key: str, value: str) -> None: ...
class ListKeys(SearchKeys):
"""
This class handles status messages during listing keys and signatures.
Handle pub and uid (relating the latter to the former).
We don't care about (info from GnuPG DETAILS file):
crt = X.509 certificate
crs = X.509 certificate and private key available
uat = user attribute (same as user id except for field 10).
sig = signature
rev = revocation signature
pkd = public key data (special field format, see below)
grp = reserved for gpgsm
rvk = revocation key
"""
UID_INDEX = ...
FIELDS = ...
fingerprints: list[str] = ...
def __init__(self, gpg: GPG) -> None: ...
def key(self, args: Any) -> None:
"""
Internal method used to update the instance from a `gpg` status message.
"""
...
sec = ...
def fpr(self, args: Any) -> None:
"""
Internal method used to update the instance from a `gpg` status message.
"""
...
def grp(self, args: Any) -> None:
"""
Internal method used to update the instance from a `gpg` status message.
"""
...
def sub(self, args: Any) -> None:
"""
Internal method used to update the instance from a `gpg` status message.
"""
...
def ssb(self, args: Any) -> None:
"""
Internal method used to update the instance from a `gpg` status message.
"""
...
def sig(self, args: Any) -> None:
"""
Internal method used to update the instance from a `gpg` status message.
"""
...
class ScanKeys(ListKeys):
"""
This class handles status messages during scanning keys.
"""
def sub(self, args: Any) -> None:
"""
Internal method used to update the instance from a `gpg` status message.
"""
...
class TextHandler: ...
_INVALID_KEY_REASONS = ...
class Crypt(Verify, TextHandler):
"""
This class handles status messages during encryption and decryption.
"""
ok: bool = ...
status: str = ...
data: bytes = ...
def __init__(self, gpg: GPG) -> None: ...
def __nonzero__(self) -> bool: ...
__bool__ = ...
def handle_status(self, key: str, value: str) -> None: ...
class GenKey(StatusHandler):
"""
This class handles status messages during key generation.
"""
returncode = ...
def __init__(self, gpg: GPG) -> None: ...
def __nonzero__(self) -> bool: ...
__bool__ = ...
def __str__(self) -> str: ...
def handle_status(self, key: str, value: str) -> None: ...
class AddSubkey(StatusHandler):
"""
This class handles status messages during subkey addition.
"""
returncode = ...
def __init__(self, gpg: GPG) -> None: ...
def __nonzero__(self) -> bool: ...
__bool__ = ...
def __str__(self) -> str: ...
def handle_status(self, key: str, value: str) -> None: ...
class ExportResult(GenKey):
"""
This class handles status messages during key export.
"""
def handle_status(self, key: str, value: str) -> None: ...
class DeleteResult(StatusHandler):
"""
This class handles status messages during key deletion.
"""
returncode = ...
def __init__(self, gpg: GPG) -> None: ...
def __str__(self) -> str: ...
problem_reason = ...
def handle_status(self, key: str, value: str) -> None: ...
def __nonzero__(self) -> bool: ...
__bool__ = ...
class TrustResult(DeleteResult):
"""
This class handles status messages during key trust setting.
"""
...
class Sign(StatusHandler, TextHandler):
"""
This class handles status messages during signing.
"""
returncode = ...
fingerprint: str | None = ...
status: str | None = ...
def __init__(self, gpg: GPG) -> None: ...
def __nonzero__(self) -> bool: ...
__bool__ = ...
def handle_status(self, key: str, value: str) -> None: ...
class AutoLocateKey(StatusHandler):
"""
This class handles status messages during key auto-locating.
fingerprint: str
key_length: int
created_at: date
email: str
email_real_name: str
"""
def __init__(self, gpg: GPG) -> None: ...
def handle_status(self, key: str, value: str) -> None: ...
def pub(self, args: Any) -> None:
"""
Internal method to handle the 'pub' status message.
`pub` message contains the fingerprint of the public key, its type and its creation date.
"""
...
def uid(self, args: Any) -> None: ...
def sub(self, args: Any) -> None: ...
def fpr(self, args: Any) -> None: ...
VERSION_RE = ...
HEX_DIGITS_RE = ...
PUBLIC_KEY_RE = ...
class GPG:
"""
This class provides a high-level programmatic interface for `gpg`.
"""
error_map = ...
encoding: str = ...
decode_errors: str = ...
buffer_size = ...
result_map = ...
def __init__(
self,
gpgbinary: str = ...,
gnupghome: str | None = ...,
verbose: bool = ...,
use_agent: bool = ...,
keyring: str | list[str] | None = ...,
options: list[str] | None = ...,
secret_keyring: str | list[str] | None = ...,
env: dict[str, str] | None = ...,
) -> None:
"""Initialize a GPG process wrapper.
Args:
gpgbinary (str): A pathname for the GPG binary to use.
gnupghome (str): A pathname to where we can find the public and private keyrings. The default is
whatever `gpg` defaults to.
keyring (str|list): The name of alternative keyring file to use, or a list of such keyring files. If
specified, the default keyring is not used.
options (list): A list of additional options to pass to the GPG binary.
secret_keyring (str|list): The name of an alternative secret keyring file to use, or a list of such
keyring files.
env (dict): A dict of environment variables to be used for the GPG subprocess.
"""
...
def make_args(self, args: list[str], passphrase: str) -> list[str]:
"""
Make a list of command line elements for GPG. The value of ``args``
will be appended. The ``passphrase`` argument needs to be True if
a passphrase will be sent to `gpg`, else False.
Args:
args (list[str]): A list of arguments.
passphrase (str): The passphrase to use.
"""
...
def is_valid_file(self, fileobj: Any) -> bool:
"""
A simplistic check for a file-like object.
Args:
fileobj (object): The object to test.
Returns:
bool: ``True`` if it's a file-like object, else ``False``.
"""
...
def sign(self, message: str | bytes, **kwargs: Any) -> Sign:
"""
Sign a message. This method delegates most of the work to the `sign_file()` method.
Args:
message (str|bytes): The data to sign.
kwargs (dict): Keyword arguments, which are passed to `sign_file()`:
* keyid (str): The key id of the signer.
* passphrase (str): The passphrase for the key.
* clearsign (bool): Whether to use clear signing.
* detach (bool): Whether to produce a detached signature.
* binary (bool): Whether to produce a binary signature.
* output (str): The path to write a detached signature to.
* extra_args (list[str]): Additional arguments to pass to `gpg`.
"""
...
def set_output_without_confirmation(self, args: list[str], output: str) -> None:
"""
If writing to a file which exists, avoid a confirmation message by
updating the *args* value in place to set the output path and avoid
any cpmfirmation prompt.
Args:
args (list[str]): A list of arguments.
output (str): The path to the outpur file.
"""
...
def is_valid_passphrase(self, passphrase: str) -> bool:
"""
Confirm that the passphrase doesn't contain newline-type characters - it is passed in a pipe to `gpg`,
and so not checking could lead to spoofing attacks by passing arbitrary text after passphrase and newline.
Args:
passphrase (str): The passphrase to test.
Returns:
bool: ``True`` if it's a valid passphrase, else ``False``.
"""
...
def sign_file(
self,
fileobj_or_path: Any,
keyid: str | None = ...,
passphrase: str | None = ...,
clearsign: bool = ...,
detach: bool = ...,
binary: bool = ...,
output: str | None = ...,
extra_args: list[str] | None = ...,
) -> Sign:
"""
Sign data in a file or file-like object.
Args:
fileobj_or_path (str|file): The file or file-like object to sign.
keyid (str): The key id of the signer.
passphrase (str): The passphrase for the key.
clearsign (bool): Whether to use clear signing.
detach (bool): Whether to produce a detached signature.
binary (bool): Whether to produce a binary signature.
output (str): The path to write a detached signature to.
extra_args (list[str]): Additional arguments to pass to `gpg`.
"""
...
def verify(self, data: str | bytes, **kwargs: Any) -> Verify:
"""
Verify the signature on the contents of the string *data*. This method delegates most of the work to
`verify_file()`.
Args:
data (str|bytes): The data to verify.
kwargs (dict): Keyword arguments, which are passed to `verify_file()`:
* fileobj_or_path (str|file): A path to a signature, or a file-like object containing one.
* data_filename (str): If the signature is a detached one, the path to the data that was signed.
* close_file (bool): If a file-like object is passed in, whether to close it.
* extra_args (list[str]): Additional arguments to pass to `gpg`.
"""
...
def verify_file(
self,
fileobj_or_path: Any,
data_filename: str | None = ...,
close_file: bool = ...,
extra_args: list[str] | None = ...,
) -> Verify:
"""
Verify a signature.
Args:
fileobj_or_path (str|file): A path to a signature, or a file-like object containing one.
data_filename (str): If the signature is a detached one, the path to the data that was signed.
close_file (bool): If a file-like object is passed in, whether to close it.
extra_args (list[str]): Additional arguments to pass to `gpg`.
"""
...
def verify_data(
self, sig_filename: str, data: str | bytes, extra_args: list[str] | None = ...
) -> Verify:
"""
Verify the signature in sig_filename against data in memory
Args:
sig_filename (str): The path to a signature.
data (str|bytes): The data to be verified.
extra_args (list[str]): Additional arguments to pass to `gpg`.
"""
...
def import_keys(
self,
key_data: str | bytes,
extra_args: list[str] | None = ...,
passphrase: str | None = ...,
) -> ImportResult:
"""
Import the key_data into our keyring.
Args:
key_data (str|bytes): The key data to import.
passphrase (str): The passphrase to use.
extra_args (list[str]): Additional arguments to pass to `gpg`.
"""
...
def import_keys_file(self, key_path: str, **kwargs: Any) -> ImportResult:
"""
Import the key data in key_path into our keyring.
Args:
key_path (str): A path to the key data to be imported.
"""
...
def recv_keys(self, keyserver: str, *keyids: str, **kwargs: Any) -> ImportResult:
"""
Import one or more keys from a keyserver.
Args:
keyserver (str): The key server hostname.
keyids (str): A list of key ids to receive.
"""
...
def send_keys(self, keyserver: str, *keyids: str, **kwargs: Any) -> SendResult:
"""
Send one or more keys to a keyserver.
Args:
keyserver (str): The key server hostname.
keyids (list[str]): A list of key ids to send.
"""
...
def delete_keys(
self,
fingerprints: str | list[str],
secret: bool = ...,
passphrase: str | None = ...,
expect_passphrase: bool = ...,
exclamation_mode: bool = ...,
) -> DeleteResult:
"""
Delete the indicated keys.
Args:
fingerprints (str|list[str]): The keys to delete.
secret (bool): Whether to delete secret keys.
passphrase (str): The passphrase to use.
expect_passphrase (bool): Whether a passphrase is expected.
exclamation_mode (bool): If specified, a `'!'` is appended to each fingerprint. This deletes only a subkey
or an entire key, depending on what the fingerprint refers to.
.. note:: Passphrases
Since GnuPG 2.1, you can't delete secret keys without providing a passphrase. However, if you're expecting
the passphrase to go to `gpg` via pinentry, you should specify expect_passphrase=False. (It's only checked
for GnuPG >= 2.1).
"""
...
def export_keys(
self,
keyids: str | list[str],
secret: bool = ...,
armor: bool = ...,
minimal: bool = ...,
passphrase: str | None = ...,
expect_passphrase: bool = ...,
output: str | None = ...,
) -> ExportResult:
"""
Export the indicated keys. A 'keyid' is anything `gpg` accepts.
Args:
keyids (str|list[str]): A single keyid or a list of them.
secret (bool): Whether to export secret keys.
armor (bool): Whether to ASCII-armor the output.
minimal (bool): Whether to pass `--export-options export-minimal` to `gpg`.
passphrase (str): The passphrase to use.
expect_passphrase (bool): Whether a passphrase is expected.
output (str): If specified, the path to write the exported key(s) to.
.. note:: Passphrases
Since GnuPG 2.1, you can't export secret keys without providing a passphrase. However, if you're expecting
the passphrase to go to `gpg` via pinentry, you should specify expect_passphrase=False. (It's only checked
for GnuPG >= 2.1).
"""
...
def list_keys(
self, secret: bool = ..., keys: str | list[str] | None = ..., sigs: bool = ...
) -> ListKeys:
"""
List the keys currently in the keyring.
Args:
secret (bool): Whether to list secret keys.
keys (str|list[str]): A list of key ids to match.
sigs (bool): Whether to include signature information.
Returns:
list[dict]: A list of dictionaries with key information.
"""
...
def scan_keys(self, filename: str) -> ScanKeys:
"""
List details of an ascii armored or binary key file without first importing it to the local keyring.
Args:
filename (str): The path to the file containing the key(s).
.. warning:: Warning:
Care is needed. The function works on modern GnuPG by running:
$ gpg --dry-run --import-options import-show --import filename
On older versions, it does the *much* riskier:
$ gpg --with-fingerprint --with-colons filename
"""
...
def scan_keys_mem(self, key_data: str | bytes) -> ScanKeys:
"""
List details of an ascii armored or binary key without first importing it to the local keyring.
Args:
key_data (str|bytes): The key data to import.
.. warning:: Warning:
Care is needed. The function works on modern GnuPG by running:
$ gpg --dry-run --import-options import-show --import filename
On older versions, it does the *much* riskier:
$ gpg --with-fingerprint --with-colons filename
"""
...
def search_keys(
self, query: str, keyserver: str = ..., extra_args: list[str] | None = ...
) -> SearchKeys:
"""
search a keyserver by query (using the `--search-keys` option).
Args:
query(str): The query to use.
keyserver (str): The key server hostname.
extra_args (list[str]): Additional arguments to pass to `gpg`.
"""
...
def auto_locate_key(
self, email: str, mechanisms: list[str] | None = ..., **kwargs: Any
) -> AutoLocateKey:
"""
Auto locate a public key by `email`.
Args:
email (str): The email address to search for.
mechanisms (list[str]): A list of mechanisms to use. Valid mechanisms can be found
here https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html
under "--auto-key-locate". Default: ['wkd', 'ntds', 'ldap', 'cert', 'dane', 'local']
"""
...
def gen_key(self, input: str) -> GenKey:
"""
Generate a key; you might use `gen_key_input()` to create the input.
Args:
input (str): The input to the key creation operation.
"""
...
def gen_key_input(self, **kwargs: Any) -> str:
"""
Generate `--gen-key` input (see `gpg` documentation in DETAILS).
Args:
kwargs (dict): A list of keyword arguments.
Returns:
str: A string suitable for passing to the `gen_key()` method.
"""
...
def add_subkey(
self,
master_key: str,
master_passphrase: str | None = ...,
algorithm: str = ...,
usage: str = ...,
expire: str = ...,
) -> AddSubkey:
"""
Add subkeys to a master key,
Args:
master_key (str): The master key.
master_passphrase (str): The passphrase for the master key.
algorithm (str): The key algorithm to use.
usage (str): The desired uses for the subkey.
expire (str): The expiration date of the subkey.
"""
...
def encrypt_file(
self,
fileobj_or_path: Any,
recipients: str | list[str],
sign: str | None = ...,
always_trust: bool = ...,
passphrase: str | None = ...,
armor: bool = ...,
output: str | None = ...,
symmetric: bool = ...,
extra_args: list[str] | None = ...,
) -> Crypt:
"""
Encrypt data in a file or file-like object.
Args:
fileobj_or_path (str|file): A path to a file or a file-like object containing the data to be encrypted.
recipients (str|list): A key id of a recipient of the encrypted data, or a list of such key ids.
sign (str): If specified, the key id of a signer to sign the encrypted data.
always_trust (bool): Whether to always trust keys.
passphrase (str): The passphrase to use for a signature.
armor (bool): Whether to ASCII-armor the output.
output (str): A path to write the encrypted output to.
symmetric (bool): Whether to use symmetric encryption,
extra_args (list[str]): A list of additional arguments to pass to `gpg`.
"""
...
def encrypt(
self, data: str | bytes, recipients: str | list[str], **kwargs: Any
) -> Crypt:
"""
Encrypt the message contained in the string *data* for *recipients*. This method delegates most of the work to
`encrypt_file()`.
Args:
data (str|bytes): The data to encrypt.
recipients (str|list[str]): A key id of a recipient of the encrypted data, or a list of such key ids.
kwargs (dict): Keyword arguments, which are passed to `encrypt_file()`:
* sign (str): If specified, the key id of a signer to sign the encrypted data.
* always_trust (bool): Whether to always trust keys.
* passphrase (str): The passphrase to use for a signature.
* armor (bool): Whether to ASCII-armor the output.
* output (str): A path to write the encrypted output to.
* symmetric (bool): Whether to use symmetric encryption,
* extra_args (list[str]): A list of additional arguments to pass to `gpg`.
"""
...
def decrypt(self, message: str | bytes, **kwargs: Any) -> Crypt:
"""
Decrypt the data in *message*. This method delegates most of the work to
`decrypt_file()`.
Args:
message (str|bytes): The data to decrypt. A default key will be used for decryption.
kwargs (dict): Keyword arguments, which are passed to `decrypt_file()`:
* always_trust: Whether to always trust keys.
* passphrase (str): The passphrase to use.
* output (str): If specified, the path to write the decrypted data to.
* extra_args (list[str]): A list of extra arguments to pass to `gpg`.
"""
...
def decrypt_file(
self,
fileobj_or_path: Any,
always_trust: bool = ...,
passphrase: str | None = ...,
output: str | None = ...,
extra_args: list[str] | None = ...,
) -> Crypt:
"""
Decrypt data in a file or file-like object.
Args:
fileobj_or_path (str|file): A path to a file or a file-like object containing the data to be decrypted.
always_trust: Whether to always trust keys.
passphrase (str): The passphrase to use.
output (str): If specified, the path to write the decrypted data to.
extra_args (list[str]): A list of extra arguments to pass to `gpg`.
"""
...
def get_recipients(self, message: str | bytes, **kwargs: Any) -> list[str]:
"""Get the list of recipients for an encrypted message. This method delegates most of the work to
`get_recipients_file()`.
Args:
message (str|bytes): The encrypted message.
kwargs (dict): Keyword arguments, which are passed to `get_recipients_file()`:
* extra_args (list[str]): A list of extra arguments to pass to `gpg`.
"""
...
def get_recipients_file(
self, fileobj_or_path: Any, extra_args: list[str] | None = ...
) -> list[str]:
"""
Get the list of recipients for an encrypted message in a file or file-like object.
Args:
fileobj_or_path (str|file): A path to a file or file-like object containing the encrypted data.
extra_args (list[str]): A list of extra arguments to pass to `gpg`.
"""
...
def trust_keys(self, fingerprints: str | list[str], trustlevel: str) -> TrustResult:
"""
Set the trust level for one or more keys.
Args:
fingerprints (str|list[str]): A key id for which to set the trust level, or a list of such key ids.
trustlevel (str): The trust level. This is one of the following.
* ``'TRUST_EXPIRED'``
* ``'TRUST_UNDEFINED'``
* ``'TRUST_NEVER'``
* ``'TRUST_MARGINAL'``
* ``'TRUST_FULLY'``
* ``'TRUST_ULTIMATE'``
"""
...