#!/usr/bin/python -tt __version__ = '0.1' import sys import os import stat import optparse import gpgme keyringDir = '/home/badger/.gnupg/encryptingkeyring/' keyringDir = './keyring' keyserver = 'hkp://wwwkeys.eu.pgp.net' adminKeyIds = {'5D917E05' : 'Max Spevack ', 'F71F191F' : 'Mike McGrath (Senior Technical Architect) ', '7EAB9AFD' : 'Red Hat, Inc. (Security Response Team) ', '961630A2' : 'Red Hat, Inc ', 'FB939E34' : 'Fedora Project ', '4AD75982' : 'Warren Togami (Work) ', 'DACAFBC8' : 'Elliot Lee ', '6634542F' : 'Bill Nottingham ', 'CD84EE48' : 'Toshio Ernie Kuratomi (toshio@chump.com) ', 'B05A59F7' : 'Dennis Gilmore ', '1828D94D' : 'Stacy Brandenburg ' } def parse_commandline(argv): '''Retrieve options from the commandline Currently this is just the filename. ''' parser = optparse.OptionParser(version='%prog ' + __version__, usage='''%prog FILENAME Encrypt FILENAME with the keys belonging to the sysadmin group. ''' ) (options, args) = parser.parse_args() if len(args) != 1: raise Exception, 'Incorrect number of arguments' return (options, args[0]) if __name__ == '__main__': # Pull out the filename to encrypt and any other commandline options try: (options, filename) = parse_commandline(sys.argv) except Exception, msg: print 'This program takes one argument, the filename to encrypt.' sys.exit(1) # Make sure the permissions of the keyringDir and input filename are # reasonable. os.chmod(keyringDir, stat.S_IRWXU) os.chmod(filename, stat.S_IRUSR | stat.S_IWUSR) # Set up gpg os.environ['GNUPGHOME'] = keyringDir gpgKeys = [] gpgContext = gpgme.Context() gpgContext.protocol = gpgme.PROTOCOL_OpenPGP gpgContext.armor = True warnings = [] # Check that we have the necessary keys to encrypt the file for keyId in adminKeyIds.keys(): key = None try: key = gpgContext.get_key(keyId) except gpgme.GpgmeError, e: warnings.append('Ran gpg to find a key for %s %s' % (keyId, adminKeyIds[keyId])) os.system('gpg --keyserver %s --recv-key %s' % (keyserver, keyId)) try: key = gpgContext.get_key(keyId) except gpgme.GpgmeError, e: warnings.append('Warning: No key for %s %s' % (keyId, adminKeyIds[keyId])) key = None if key: gpgKeys.append(key) if warnings: for line in warnings: print line if not gpgKeys: print 'Error: No keys to encrypt to!' sys.exit(1) # Encrypt the file inFile = file(filename, 'r') outFile = file(filename + '.asc', 'w') gpgContext.encrypt(gpgKeys, gpgme.ENCRYPT_ALWAYS_TRUST, inFile, outFile) outFile.close() inFile.close() sys.exit(0)