Rewrite of Vinay Sajip's python-gnupg,
including patches to fix a shell injection vulnerability due to unsanitised
inputs being passed to subprocess.Popen([...], shell=True)
.
From PyPI
It's simple. Just do:
[sudo] pip install gnupg
To install this package from this git repository, do:
git clone https://github.com/isislovecruft/python-gnupg.git cd python-gnupg make install make test
Optionally, to build the Sphinx documentation, do:
make docs
To get started using python-gnupg's API, see the documentation, and import the module like so:
>>> import gnupg
The primary interface class you'll likely want to interact with is gnupg.GPG
:
>>> gpg = gnupg.GPG(binary='/usr/bin/gpg', ... homedir='./keys', ... keyring='pubring.gpg', ... secring='secring.gpg') >>> batch_key_input = gpg.gen_key_input( ... key_type='RSA', ... key_length=4096) >>> print batch_key_input Key-Type: RSA Name-Email: isis@wintermute Key-Length: 4096 Name-Real: Autogenerated Key %commit >>> key = gpg.gen_key(batch_key_input) >>> print key.fingerprint 245D8FA30F543B742053949F553C0E154F2E7A98 >>> message = "The crow flies at midnight." >>> encrypted = str(gpg.encrypt(message, key.fingerprint)) >>> decrypted = str(gpg.decrypt(encrypted)) >>> assert(decrypted == message)
Our bugtracker can be found on Github. Public comments and discussions are also welcome on the bugtracker, or as tweets. Patches are always welcome.