Tiny-gnupg

Latest version: v0.9.0

Safety actively analyzes 685670 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 10 of 10

0.2.1

Not secure
=========================


Minor Changes
-------------

- The names of some existing methods were changed. ``parse_output()``
is now ``read_output()``. ``gpg_directory()`` is now
``format_homedir()``. The names of some existing attributes were
changed. ``gpg_path`` is now ``executable``, with its parent folder
uri now stored in ``home``. ``key_id`` is now ``fingerprint`` to
avoid similarities with the naming convention used for the methods
which query the package environment keys for uid information,
i.e. ``key_fingerprint()`` & ``key_email()``.


Major Changes
-------------

- Good riddance to the pynput library hack! We figured out how to
gracefully send passphrases & other inputs into the gpg2
commandline interface. This has brought major changes to the package,
& lots of increased functionality.
- Many added utilities:

- Keys generated with the ``gen_key()`` method now get stored in a
local keyring instead of the operating system keyring.
- aiohttp, aiohttp_socks used to power the keyserver queries and
uploading features. All contact with the keyserver is done over
tor, with async/await syntax. ``search(uid)`` to query for a key
with matches to the supplied uid, which could be a fingerprint or
email address. ``network_import(uid)`` to import a key with
matches to the supplied uid. ``network_export(uid)`` to upload a
key in the package’s keyring with matches to the supplied uid to
the keyserver. Also, raw access to the aiohttp.ClientSession
networking interface is available by using
``async with instance.session as session:``. More info is
available in the `aiohttp docs`_
- New ``text_import(key)``, ``file_import(filename)``,
``text_export(key)``, & ``file_export(path, uid)`` methods for
importing & exporting keys from key strings or files.
- New ``reset_daemon()`` method for refreshing the system gpg-agent
daemon if errors begin to occur from manual deletion or
modification of files in the package/gpghome/ directory.
- New ``encrypt(message, recipient_uid)`` & ``decrypt(message)``
methods. The ``encrypt()`` method automatically signs the message,
therefore needs the key passphrase to be stored in the
``passphrase`` attribute. The same goes for the ``decrypt()``
method.
- The ``command(*options)``, ``encode_inputs(*inputs)``, and
``read_output(commands, inputs)`` methods can be used to create
custom commands to the package’s gpg2 environment. This allows for
flexibility without hardcoding flexibility into every method,
which would increase code size & complexity. The ``command()``
method takes a series of options that would normally be passed to
the terminal gpg2 program (such as –encrypt) & returns a list
with those options included, as well as, the other boiler-plate
options (like the correct path to the package executable, & the
package’s local gpg2 environment.). ``encode_inputs()`` takes a
series of inputs that will be needed by the program called with
the ``command()`` instructions, & ``bytes()`` encodes them with
the necessary linebreaks to signal separate inputs.
``read_output()`` takes the instructions from ``command()`` and
inputs from ``encode_inputs()`` & calls
``subprocess.check_output(commands, input=inputs).decode()`` on
them to retrieve the resulting terminal output.

.. _aiohttp docs: https://docs.aiohttp.org/en/stable/client_advanced.html#client-session

Page 10 of 10

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.