Merge branch 'release/0.4.0'

.travis.yml

@@ -1,41 +1,46 @@
 language: python
 python:
+  - "3.5"
   - "3.4"
   - "3.3"
-  - "3.2"
   - "2.7"
   - "pypy"
   - "pypy3"
 matrix:
   include:
     # add a pep8 test
-    - python: 3.4
+    - python: 3.5
       env: TOXENV=pep8
-    # add a test of setup.py using python 3.4
+    # test setup.py using each tested version
+    - python: 3.5
+      env: TOXENV=setup35
     - python: 3.4
-      env: TOXENV=setup
-    # add a setup.py test using python 2.7
+      env: TOXENV=setup34
+    - python: 3.3
+      env: TOXENV=setup33
     - python: 2.7
       env: TOXENV=setup27
   allow_failures:
+    # pep8 failures shouldn't be considered fatal
     - env: TOXENV=pep8
+    # pypy and pypy3 tests are just for fun
     - python: "pypy"
     - python: "pypy3"
 # install requirements
 install:
-  # make sure gnupg, pgpdump, and the requested version of OpenSSL are installed
+  # make sure libffi-dev, gnupg2, and pgpdump are installed
   - sudo apt-get update
-  - sudo apt-get install -y gnupg pgpdump
-  # install coveralls
+  - sudo apt-get install -y libffi-dev gnupg2 pgpdump
+  # ensure tox and coveralls are installed
   - pip install tox python-coveralls
 # set TOXENV if it isn't yet
 before_script:
   - if [[ -z "$TOXENV" ]]; then export TOXENV=py${TRAVIS_PYTHON_VERSION//.}; fi
   - if [[ "$TRAVIS_PYTHON_VERSION" == 'pypy' ]]; then export TOXENV=pypy; fi
   - if [[ "$TRAVIS_PYTHON_VERSION" == 'pypy3' ]]; then export TOXENV=pypy3; fi
-# use setup.py to invoke testing via coveralls
+# run tox
 script:
- - tox
+  - ./tox.sh
 # and report coverage to coveralls, but only if this was a pytest run
 after_success:
-  if [[ "${TOXENV}" == "py"* ]]; then coveralls; fi
+  - if [[ "${TOXENV}" == "py"* ]]; then coveralls; fi

README.rst

@@ -10,7 +10,7 @@ PGPy: Pretty Good Privacy for Python
     :alt: Travis-CI
 
 .. image:: https://coveralls.io/repos/SecurityInnovation/PGPy/badge.png?branch=master
-    :target: https://coveralls.io/r/SecurityInnovation/PGPy?branch=master
+    :target: https://coveralls.io/github/SecurityInnovation/PGPy?branch=master
     :alt: Coveralls
 
 Homepage: None yet.
@@ -22,7 +22,7 @@ Features
 
 Currently, PGPy can load keys and signatures of all kinds in both ASCII armored and binary formats.
 
-It can create and verify RSA and DSA signatures, at the moment.
+It can create and verify RSA, DSA, and ECDSA signatures, at the moment. It can also encrypt and decrypt messages using RSA and ECDH.
 
 Installation
 ------------
@@ -41,20 +41,21 @@ Documentation
 Requirements
 ------------
 
-- Python >= 2.7
+- Python 3 >= 3.3; Python 2 >= 2.7
 
-  Tested with: 3.4, 3.3, 3.2, 2.7
+  Tested with: 3.5, 3.4, 3.3, 2.7
 
 - `Cryptography <https://pypi.python.org/pypi/cryptography>`_
 
 - `enum34 <https://pypi.python.org/pypi/enum34>`_
 
 - `singledispatch <https://pypi.python.org/pypi/singledispatch>`_
 
+- `pyasn1 <https://pypi.python.org/pypi/pyasn1/>`_
+
 - `six <https://pypi.python.org/pypi/six>`_
 
 License
 -------
 
 BSD 3-Clause licensed. See the bundled `LICENSE <https://github.com/SecurityInnovation/PGPy/blob/master/LICENSE>`_ file for more details.
-

arch/PKGBUILD

@@ -4,19 +4,18 @@
 
 pkgbase=python-pgpy
 pkgname=('python-pgpy' 'python2-pgpy')
-pkgver=0.3.0
+pkgver=0.4.0
 pkgrel=1
 pkgdesc="Pretty Good Privacy for Python - a pure Python OpenPGP implementation."
 arch=('any')
 license=('BSD')
-url="https://github.com/Commod0re/PGPy"
-makedepends=('python-setuptools' 'python-cryptography' 'python-singledispatch' 'python-six'
-             'python2-setuptools' 'python2-cryptography' 'python2-enum34' 'python2-singledispatch' 'python2-six')
-source=("https://pypi.python.org/packages/source/P/PGPy/PGPy-${pkgver}.tar.gz")
-##TODO: sum this shit
-sha256sums=()
-sha384sums=()
-sha512sums=()
+url="https://github.com/SecurityInnovation/PGPy"
+makedepends=('python-setuptools' 'python-cryptography' 'python-six' 'python-pyasn1'
+             'python2-setuptools' 'python2-cryptography' 'python2-enum34' 'python2-singledispatch' 'python2-six' 'python2-pyasn1')
+source=("https://pypi.python.org/packages/0a/2c/bfe57ac97d31fcd7172df43770d68bab1fbd38d629448ec8013f4714e779/PGPy-0.4.0a.tar.gz")
+sha256sums=('0025d65f2db2886868ac5af68a85322d255ed52211756c6141c9d46264091da2')
+sha384sums=('4ea26e952e6004778661072dbe4644351716b53122f4e96b8d2c44e57c31e23dc5e62e74f5700f628db2c163e01317c8')
+sha512sums=('527625a143e6fc221f7f5d84455546b9687287059c1b28f4e16db46f80a2227e69f0781b95752797c212d3ff788979622331285a55f32bd3bbe4f108328ae2ed')
 
 prepare() {
     cp -a PGPy-${pkgver}{,-python2}
@@ -33,16 +32,15 @@ build() {
 }
 
 package_python-pgpy() {
-    depends=('python-cryptography>=0.5.2' 'python-cryptography<=0.6' 'python-singledispatch' 'python-six>=1.7.2')
+    depends=('python-cryptography>=1.1.0' 'python-six>=1.9.0' 'python-pyasn1')
 
     cd PGPy-${pkgver}
     python3 setup.py install --root="${pkgdir}" --optimize=1 --skip-build
     install -D -m 644 LICENSE ${pkgdir}/usr/share/licenses/python-pgpy/LICENSE
 }
 
 package_python2-pgpy() {
-    depends=('python2-cryptography>=0.5.2' 'python2-cryptography<=0.6' 
-             'python2-six>=1.7.2' 'python2-enum34' 'python-singledispatch')
+    depends=('python2-cryptography>=1.1.0' 'python2-six>=1.9.0' 'python2-enum34' 'python2-singledispatch' 'python2-pyasn1')
 
     cd PGPy-${pkgver}-python2
     python2 setup.py install --root="${pkgdir}" --optimize=1 --skip-build

debian/changelog

@@ -1,3 +1,9 @@
+pgpy (0.4.0a-1) unstable; urgency=low
+
+  * Updated to latest release
+
+ -- Michael <mgreene@securityinnovation.com>  Thu, 21 Apr 2016 21:15:38 -0700
+
 pgpy (0.3.0-1) unstable; urgency=low
 
   * Initial release (Closes: #62)

debian/control

@@ -2,12 +2,14 @@ Source: pgpy
 Section: python
 Priority: optional
 Maintainer: Michael Greene <mgreene@securityinnovation.com>
-Build-Depends: debhelper (>= 8.0.0), cdbs, python-all-dev (>= 2.7), python3-all-dev (>= 3.2), python-setuptools, python3-setuptools
+Build-Depends: debhelper (>= 8.0.0), cdbs,
+ python3-all-dev (>= 3.2), python3-setuptools,
+ python-all-dev (>= 2.7), python-setuptools
 Standards-Version: 3.9.2
 X-Python-Version: >= 2.7
-X-Python3-Version: >= 3.2
-Vcs-Git: https://github.com/Commod0re/PGPy.git
-Vcs-Browser: https://github.com/Commod0re/PGPy
+X-Python3-Version: >= 3.3
+Vcs-Git: https://github.com/SecurityInnovation/PGPy.git
+Vcs-Browser: https://github.com/SecurityInnovation/PGPy
 
 Package: python-pgpy
 Architecture: all

debian/copyright

@@ -1,26 +1,26 @@
 Format: http://dep.debian.net/deps/dep5
 Upstream-Name: PGPy
-Source: https://github.com/Commod0re/PGPy
+Source: https://github.com/SecurityInnovation/PGPy
 
 Files: *
-Copyright: 2014 Michael Greene
+Copyright: 2014-2016 Michael Greene, 2014-2016 Security Innovation, Inc
 License: BSD 3-Clause
  All rights reserved.
- 
+
  Redistribution and use in source and binary forms, with or without
  modification, are permitted provided that the following conditions are met:
- 
+
  * Redistributions of source code must retain the above copyright notice, this
    list of conditions and the following disclaimer.
- 
+
  * Redistributions in binary form must reproduce the above copyright notice,
    this list of conditions and the following disclaimer in the documentation
    and/or other materials provided with the distribution.
- 
+
  * Neither the name of the {organization} nor the names of its
    contributors may be used to endorse or promote products derived from
    this software without specific prior written permission.
- 
+
  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE

debian/python-pgpy.pydist

@@ -1,4 +1,5 @@
 enum34 python-enum34
 singledispatch python-singledispatch
-six python-six (>= 1.7.2)
-cryptography python-cryptography (>= 0.5.2), python-cryptography (<= 0.6.0)
+six python-six (>= 1.9.0)
+cryptography python-cryptography (>= 1.1.0)
+pyasn1 python-pyasn1

debian/python3-pgpy.pydist

@@ -1,4 +1,5 @@
 enum34 -3.4 python3-enum34
 singledispatch python3-singledispatch
-six python3-six (>= 1.7.2)
-cryptography python3-cryptography (>= 0.5.2), python3-cryptography (<= 0.6.0)
+six python3-six (>= 1.9.0)
+cryptography python3-cryptography (>= 1.1.0)
+pyasn1 python3-pyasn1

docs/source/_ext/progress.py

@@ -112,8 +112,9 @@ def run(self):
                                         classes=['field-value'])
                 body += tr
 
-        # finish up the final hrow
-        self.add_progbar(shrow, len([c for c in comps[cur] if c == True]), len(comps[cur]))
+        if self.content:
+            # finish up the final hrow
+            self.add_progbar(shrow, len([c for c in comps[cur] if c == True]), len(comps[cur]))
 
 
         # and fill in the end of mrow

docs/source/api/classes.rst

@@ -8,6 +8,7 @@ Classes
 
 .. autoclass:: PGPKey
     :members:
+    :noindex:
 
     .. py:attribute:: ascii_header
         :noindex:
@@ -30,7 +31,6 @@ Classes
                     key, others = PGPKey.from_file('path/to/keyfile')
                     # others: { (Fingerprint, bool(key.is_public): PGPKey }
 
-
     .. py:classmethod:: from_blob(blob)
         :noindex:
 

docs/source/api/constants.rst

@@ -22,6 +22,56 @@ Constants
         :noindex:
         :annotation:
 
+    .. autoattribute:: ECDH
+        :noindex:
+        :annotation:
+
+    .. autoattribute:: ECDSA
+        :noindex:
+        :annotation:
+
+:py:class:`EllipticCurveOID`
+----------------------------
+
+.. autoclass:: EllipticCurveOID
+    :noindex:
+
+    .. autoattribute:: Curve25519
+        :noindex:
+        :annotation:
+
+    .. autoattribute:: Ed25519
+        :noindex:
+        :annotation:
+
+    .. autoattribute:: NIST_P256
+        :noindex:
+        :annotation:
+
+    .. autoattribute:: NIST_P384
+        :noindex:
+        :annotation:
+
+    .. autoattribute:: NIST_P521
+        :noindex:
+        :annotation:
+
+    .. autoattribute:: Brainpool_P256
+        :noindex:
+        :annotation:
+
+    .. autoattribute:: Brainpool_P384
+        :noindex:
+        :annotation:
+
+    .. autoattribute:: Brainpool_P512
+        :noindex:
+        :annotation:
+
+    .. autoattribute:: SECP256K1
+        :noindex:
+        :annotation:
+
 
 :py:class:`SymmetricKeyAlgorithm`
 ---------------------------------

docs/source/changelog.rst

@@ -4,11 +4,48 @@
 Changelog
 *********
 
-v0.3.0
+v0.4.0
 ======
 
 Released: |today|
 
+Bugs Fixed
+----------
+ * Armorable.from_blob was incorrectly not accepting bytes objects; this has been fixed (#140)
+ * Fixed an issue where string-formatting PGPUID objects would sometimes raise an exception (#142)
+ * Occasionally, the ASN.1 encoding of DSA signatures was being built in a way that although GPG could parse and verify them,
+   it was incorrect, and PGPy incorrectly failed to verify them. (#143)
+ * Fixed an issue where keys with expiration dates set would have the wrong value returned from the ``key.is_expired`` property (#151)
+ * Fixed an issue where PGPy would try to incorrectly coerce non-ASCII-compatible characters to ASCII-compatible bytes, potentially resulting in mojibake. (#154)
+
+New Features
+------------
+ * ECDSA and ECDH keys can now be loaded (#109, #110)
+ * Keys can be generated with the following algorithms:
+
+   - RSA
+   - DSA
+   - ECDSA
+   - ECDH
+
+ * Keys can now be passphrase-protected. It is also possible to change the passphrase on a key that is already protected. (#149)
+ * ECDSA keys can now be used to sign and verify (#111)
+ * ECDH keys can now be used to encrypt and decrypt
+ * It is now possible to recover a public key from a private key (#92)
+ * Marker packets are now understood
+
+Other Changes
+-------------
+ * Removed support for Python 3.2, as multiple dependency libraries have already done so
+ * Added explicit support for Python 3.5
+ * Updated library dependencies where required or useful
+ * Reworked some IO-intensive routines to be less IO-intensive, and therefore faster
+
+v0.3.0
+======
+
+Released: November 19, 2014
+
 PGPy v0.3.0 is a major feature release.
 
 .. warning::