# HG changeset patch # User Paul Boddie # Date 1409743807 -7200 # Node ID 28a668fa9bbaf681325cfb10ef6ce38337ae9f8d # Parent 661d772305fdfe6c285ae10758d62e2ba12734ca Added support for bundling a secret with an exported key for subsequent encryption and sending to a recipient. diff -r 661d772305fd -r 28a668fa9bba README.txt --- a/README.txt Sun Mar 30 23:58:12 2014 +0200 +++ b/README.txt Wed Sep 03 13:30:07 2014 +0200 @@ -511,6 +511,24 @@ of the exported key other than the originator was able to sign it with the same keypair information. +An alternative can involve bundling a secret with an exported key: + +To export a public key, the following command can be used: + +python tests/text_export.py 1C1AAF83 --secret + +This does nothing more than put a key in one message part and a secret entered +on standard input in another part. However, the combination can then be +encrypted and sent in a form where the secret is clearly associated with the +key and can thus vouch for its authenticity: + + python tests/text_export.py 1C1AAF83 --secret \ +| python tests/test_encrypt.py 0891463A + +Here, only the recipient with key 0891463A can read the specified secret, +check it with their copy of the secret, and thus come to a conclusion about +the validity of the key provided. + The Message Format ------------------ diff -r 661d772305fd -r 28a668fa9bba tests/test_export.py --- a/tests/test_export.py Sun Mar 30 23:58:12 2014 +0200 +++ b/tests/test_export.py Wed Sep 03 13:30:07 2014 +0200 @@ -1,10 +1,12 @@ #!/usr/bin/env python from MoinMessage import GPG, Message +from email.mime.text import MIMEText import sys if __name__ == "__main__": keyid = sys.argv[1] + use_secret = sys.argv[2:3] in [["-s"], ["--secret"]] gpg = GPG() key = gpg.exportKey(keyid) @@ -13,9 +15,16 @@ message = Message() message.add_update(key) + # Get any secret + + if use_secret: + print >>sys.stderr, "Secret..." + secret = sys.stdin.read().strip() + message.add_update(MIMEText(secret)) + # Show the resulting text. - text = message.get_payload() + text = message.get_payload(subtype=use_secret and "x-moinmessage-keys" or None) print text # vim: tabstop=4 expandtab shiftwidth=4