Tools for dealing with Pretty Good Privacy (PGP) and email.
Python module and tools for constructing and sending PGP/MIME email.
# emerge -av app-portage/layman # layman --add wtk # emerge -av dev-python/pgp-mime
pgp-mime is a simple package with no external dependencies outside the Python 3 standard library. There are a number of GnuPG wrappers for python out there, but none of them seem mature/stable enough to be worth installing. Instead, we use the pyassuan module to talk to gpgme-tool over pipes or sockets. If this isn’t working for you, you need only replace the pgp_mime.crypt module to handle the cryptography.
Pgp-mime has grown up as I’ve become more experienced with Python. The current interface is much simpler, and there are lots of docstrings showing you how to use each function.
If you’re looking for a higher level example, pgp-mime includes a command line script send-pgp-mime.py that allows you to send signed and/or encrypted email from the command line. I recommend you use gpg2 with my wrappers and pinentry program to allow easy pinentry from the command line. Here’s how you could mail signed grades to your class:
$ FROM="From: Rincewind <firstname.lastname@example.org>" $ head -n2 grades Twoflower <email@example.com>|9 Eric Thursley <firstname.lastname@example.org>|10 $ while read LINE; do STUDENT=$(echo "$LINE" | cut -d '|' -f 1) GRADE=$(echo "$LINE" | cut -d '|' -f 2) HEAD=$(echo -e "$FROM\nTo: $STUDENT\nSubject: Grades") BODY=$(echo -e "$STUDENT,\n\nYou got a $GRADE.\n\nGood job.") send-pgp-mime.py -H <(echo "$HEAD") -B <(echo "$BODY") --mode sign done < grades
If you can convince your students to get PGP keys, you could also encrypt their grades by changing --mode sign to --mode sign-encrypt.
Of course, if you’re interested in working with students and grades, you might also be interested in my pygrader package, which uses pgp-mime under the hood.
Configuring the SMTP connection
Pgp-mime supports two methods for sending messages (via pgp_mime.mail). It can either call your system’s sendmail equivalent, or connect directly to an SMTP server using smtplib. Since I imagine SMTP will be more common, you can easily configure your SMTP connection via ~/.config/smtplib.conf:
[smtp] host: smtp.mail.uu.edu port: 587 starttls: yes username: rincewind password: 7ugg@g3
All of these fields are optional. host defaults to localhost and port defaults to 25. If username is not given, we do not attempt to login to the SMTP server after connecting.
If starttls is no or not given, the SMTP transaction occurs in plain text (although the underlying emails will still be encrypted). However, if you set a username (to login), pgp-mime will require a STARTTLS to protect your password from sniffing.
Run the internal unit tests using nose:
$ nosetests --with-doctest --doctest-tests pgp_mime
If a Python-3-version of nosetests is not the default on your system, you may need to try something like:
$ nosetests-3.2 --with-doctest --doctest-tests pgp_mime
This project is distributed under the GNU General Public License Version 3 or greater.