diff options
author | Johannes Kulick <kulick@hildensia.de> | 2012-12-18 09:22:37 +0100 |
---|---|---|
committer | Patrick Totzke <patricktotzke@gmail.com> | 2013-02-19 10:10:08 +0000 |
commit | b9a57a6f9840fe16c920148eae4451997abdde64 (patch) | |
tree | 53061ec16d07c736a4989e508f77b9c20c34bd22 /alot | |
parent | ea8f3fbe19229fabaa58b61d86c38c01f9361a22 (diff) |
validate key before adding to encryption list
we check whether a key is
- revoked
- expired
- invalid
- unable to encrypt
- unable to sign
Diffstat (limited to 'alot')
-rw-r--r-- | alot/commands/envelope.py | 6 | ||||
-rw-r--r-- | alot/crypto.py | 12 |
2 files changed, 17 insertions, 1 deletions
diff --git a/alot/commands/envelope.py b/alot/commands/envelope.py index 26b87381..b462e0bc 100644 --- a/alot/commands/envelope.py +++ b/alot/commands/envelope.py @@ -515,13 +515,17 @@ class EncryptCommand(Command): keys = dict() for keyid in self.encrypt_keys: tmp_key = crypto.get_key(keyid) + crypto.validate_key(tmp_key, encrypt=True) keys[crypto.hash_key(tmp_key)] = tmp_key envelope.encrypt_keys.update(keys) except gpgme.GpgmeError as e: if e.code == gpgme.ERR_INV_VALUE or e.code == gpgme.ERR_EOF: - raise GPGProblem("Can not find key to encrypt.") + ui.notify("Can not find key to encrypt.", priority='error') raise GPGProblem(str(e)) + except GPGProblem, e: + ui.notify(e.message, priority='error') + return #reload buffer ui.current_buffer.rebuild() diff --git a/alot/crypto.py b/alot/crypto.py index 55b9e30c..9000d15b 100644 --- a/alot/crypto.py +++ b/alot/crypto.py @@ -198,3 +198,15 @@ def hash_key(key): for tmp_key in key.subkeys: hash_str += tmp_key.keyid return hash_str + +def validate_key(key, sign=False, encrypt=False): + if key.revoked: + raise GPGProblem("The key \"" + key.uids[0].uid + "\" is revoked.") + elif key.expired: + raise GPGProblem("The key \"" + key.uids[0].uid + "\" is expired.") + elif key.invalid: + raise GPGProblem("The key \"" + key.uids[0].uid + "\" is invalid.") + if encrypt and not key.can_encrypt: + raise GPGProblem("The key \"" + key.uids[0].uid + "\" can not encrypt.") + if sign and not key.can_sign: + raise GPGProblem("The key \"" + key.uids[0].uid + "\" can not sign.") |