duplicity.gpg module

duplicity’s gpg interface, builds upon Frank Tobin’s GnuPGInterface which is now patched with some code for iterative threaded execution see duplicity’s README for details

exception duplicity.gpg.GPGError

Bases: Exception

Indicate some GPG Error

class duplicity.gpg.GPGFile(encrypt, encrypt_path, profile)

Bases: object

File-like object that encrypts decrypts another file on the fly

__init__(encrypt, encrypt_path, profile)

GPGFile initializer

If recipients is set, use public key encryption and encrypt to the given keys. Otherwise, use symmetric encryption.

encrypt_path is the Path of the gpg encrypted file. Right now only symmetric encryption/decryption is supported.

If passphrase is false, do not set passphrase - GPG program should prompt for it.

close()

get_signature()

Return keyID of signature, or None if none

gpg_failed()

read(length=-1)

seek(offset)

set_signature()

Set self.signature to signature keyID

This only applies to decrypted files. If the file was not signed, set self.signature to None.

tell()

write(buf)

class duplicity.gpg.GPGProfile(passphrase=None, sign_key=None, recipients=None, hidden_recipients=None)

Bases: object

Just hold some GPG settings, avoid passing tons of arguments

__init__(passphrase=None, sign_key=None, recipients=None, hidden_recipients=None)

Set all data with initializer

passphrase is the passphrase. If it is None (not “”), assume it hasn’t been set. sign_key can be blank if no signing is indicated, and recipients should be a list of keys. For all keys, the format should be an hex key like ‘AA0E73D2’.

_version_re = re.compile(b'^gpg.*\\(GnuPG(?:/MacGPG2)?\\) (?P<maj>[0-9]+)\\.(?P<min>[0-9]+)\\.(?P<bug>[0-9]+)(-.+)?$')

get_gpg_version(binary)

rc(flags=0)

Compile a regular expression pattern, returning a Pattern object.

duplicity.gpg.GPGWriteFile(block_iter, filename, profile, size=209715200, max_footer_size=16384)

Write GPG compressed file of given size

This function writes a gpg compressed file by reading from the input iter and writing to filename. When it has read an amount close to the size limit, it “tops off” the incoming data with incompressible data, to try to hit the limit exactly.

block_iter should have methods .next(size), which returns the next block of data, which should be at most size bytes long. Also .get_footer() returns a string to write at the end of the input file. The footer should have max length max_footer_size.

Because gpg uses compression, we don’t assume that putting bytes_in bytes into gpg will result in bytes_out = bytes_in out. However, do assume that bytes_out <= bytes_in approximately.

Returns true if succeeded in writing until end of block_iter.

duplicity.gpg.GzipWriteFile(block_iter, filename, size=209715200, gzipped=True)

Write gzipped compressed file of given size

This is like the earlier GPGWriteFile except it writes a gzipped file instead of a gpg’d file. This function is somewhat out of place, because it doesn’t deal with GPG at all, but it is very similar to GPGWriteFile so they might as well be defined together.

The input requirements on block_iter and the output is the same as GPGWriteFile (returns true if wrote until end of block_iter).

duplicity.gpg.PlainWriteFile(block_iter, filename, size=209715200, gzipped=False)

Write plain uncompressed file of given size

This is like the earlier GPGWriteFile except it writes a gzipped file instead of a gpg’d file. This function is somewhat out of place, because it doesn’t deal with GPG at all, but it is very similar to GPGWriteFile so they might as well be defined together.

The input requirements on block_iter and the output is the same as GPGWriteFile (returns true if wrote until end of block_iter).

duplicity.gpg.get_hash(hash, path, hex=1)

Return hash of path

hash should be “MD5” or “SHA1”. The output will be in hexadecimal form if hex is true, and in text (base64) otherwise.