Context Navigation

+0
← Previous Version
View Latest Version
Next Version →

Version 1 (modified by Steffen Hoffmann, 14 years ago) (diff)
initial design and content

Messages encryption

I'll document the effort to add support for optionally message encryption using GnuPG.

Code structure

Where

Where to kick in and mangle the message body is of course an essential decision. Reading the current code from trunk I found this in ./announcerplugin_trunk/announcer/distributors/mail.py

        parentMessage.attach(msgText)
        decorators = self._get_decorators()
        if len(decorators) > 0:
            decorator = decorators.pop()
            decorator.decorate_message(event, rootMessage, decorators)
-->
        recip_adds = [x[2] for x in recipients if x]
        # Append any to, cc or bccs added to the recipient list
        for field in ('To', 'Cc', 'Bcc'):

--> Here I'll add some code to make encryption just work (1st step). Encryption/signing key ID hard-coded, growing number of variables I'd like to see as options in [annoucer] section of trac.ini and other ugliness. This will evolve over time.

[FIXME: add more Q+A here to help with code design evaluation and code review]

?: Why not implement encryption as another IAnnouncementEmailDecorator

A: Decorators are called without guaranteed order. Encryption needs control, that it'll be the last message body mangling action.

?: Why not implement encryption as another IAnnouncementFormatter

A: Encryption is not about encoding etc.

What

What to do. It greatly depends on decision about how much is read from configuration or qualified deduction/guessing. Less configuration is good for the Admin in charge.

Overview of expected behavior/features:

set gpg environment, preferable a dedicated place
read recipient list, optionally group recipients into require_encryption_group and allow_verbatim_msg_group
associate each recipient in require_encryption_group with key
handle behavior on missing key
embed DEBUG logging into all operations mentioned above

sources (ideas and code)

Intro to python-gnupg at http://groups.google.de/group/comp.lang.python/browse_thread/thread/f2b97a2c11e1df63
Python Wrapper for GnuPG v0.2.4 documentation: http://www.red-dove.com/python_gnupg/index.html
some real-world implementations of python-gnupg (not found by now, hints?)

-- hasienda

Attachments (1)

announcer.pdf (26.7 KB) - added by Robert Corsaro 14 years ago.

Download all attachments as: .zip

Download in other formats:

Plain Text