GSoC 2017 - Finally a nice PGP library
Since my last post, I’ve been looking for a suitable PGP python library as I realized my original candidate python-pgp just wouldn’t work:
- Its not actively maintained.
- Its tests/docs etc.. are lacking.
- Its security is questionable.
I’ve since found and tried using python-gnupg, gnupg, python-gpgmime and finally PGPy.
Considered#
python-gnupg#
repo@bitbucket pypi A library that uses the GNUPG binary and its status interface to provide functions similar to GNUPG command-line functionality.
gnupg#
repo@github pypi A fork of the original python-gnupg, that fixes security issues mainly considering unvalidated input passed to the GNUPG binary. However it diverges from the original library and doesn’t offer some functionality the original does.
python-gpgmime#
repo@github pypi This library provides PGP/MIME functionality on top of python-gnupg, although I got it to work with the gnupg fork after some changes. Only handles RFC 3156 partially (no combined method, sign + encrypt).
However, all of these libraries require the GPG binary, mostly work only with some specific versions of it and break terribly when it replies unexpectedly. They all suffer from having to work with the GPG binary and having to adjust to its API changes, where one additional response word (in a new version of GPG) causes the operation to fail completely. And since these work with the GPG binary they only provide what functionality it offers, so no direct PGP packet manipulation, no signing with keys from a different keyring and so on.
Selected#
PGPy#
repo@github pypi This library is an (almost complete) implementaton of the OpenPGP format (RFC 4880), that doesn’t use the GPG binary but implements packet parsing, encryption/decryption, signing and other PGP features using python and OpenSSL. Also it seems that the library is in active development, accepts PRs and has an up-to-date pypi distribution. It has an extensive test suite, when counting parametrized tests it sits at around 800+ tests.
Since it allows access to OpenPGP packets (and parses around 90% of them), it enables the Mailman PGP plugin to not strip the original senders signature (if configured to do so), or encrypt to recipients anonymously (zeroing keyids in PKESK) and so on.