pretty-bad-protocol (a.k.a. python-gnupg)

Complete rewrite of Vinay Sajip's python-gnupg, including patches to fix a shell injection vulnerability due to unsanitised inputs being passed to subprocess.Popen([...], shell=True).

Installation

From PyPI

It's simple. Just do:

[sudo] pip install pretty-bad-protocol

Additionally, the legacy way to install versions of this library < 3.0.0 is:

[sudo] pip install gnupg

From git

To install this package from this git repository, do:

git clone https://github.com/isislovecruft/python-gnupg.git
cd python-gnupg
make install
make test

Optionally, to build the Sphinx documentation, do:

make docs

To get started using python-gnupg's API, see the documentation, and import the module like so:

.. code-block:: python

>>> from pretty_bad_protocol import gnupg

The primary interface class you'll likely want to interact with is gnupg.GPG:

>>> gpg = gnupg.GPG(binary='/usr/bin/gpg',
...     homedir='./keys',
...     keyring='pubring.gpg',
...     secring='secring.gpg')
>>> batch_key_input = gpg.gen_key_input(
...     key_type='RSA',
...     key_length=4096)
>>> print batch_key_input
Key-Type: RSA
Name-Email: isis@wintermute
Key-Length: 4096
Name-Real: Autogenerated Key
%commit

>>> key = gpg.gen_key(batch_key_input)
>>> print key.fingerprint
245D8FA30F543B742053949F553C0E154F2E7A98

>>> message = "The crow flies at midnight."
>>> encrypted = str(gpg.encrypt(message, key.fingerprint))
>>> decrypted = str(gpg.decrypt(encrypted))
>>> assert decrypted == message

Bug Reports & Feature Requests

Our bugtracker can be found on Github. Public comments and discussions are also welcome on the bugtracker. Patches are always welcome.

I increasingly have less and less time to deal with maintaining this module. Please be patient, and if there is a patch your project urgently needs, please consider temporarily forking until I or one of the other maintainers can get to your issue.