python-gnupg-mail

Documentation for the python-gnupg-mail package.

How it works

The essence of this project is to automate PGP e-mail verification in Python 3.

  • Message headers are stripped and saved to the Message object.

  • Top MIME separator is detected.

  • If the message is encrypted (has a content-type of multipart/encrypted), its content is extracted and decrypted using the gnupg library.

  • If the message is signed (has a content-type of multipart/signed), its content is extracted and verified using the gnupg library. (NOTE: Signature is frequently embedded in the decryption result, as these steps can be combined.)

  • The output of both steps is checked and a result is saved: a boolean telling if the requested action was successfull, and a text message describing the boolean value.

It is basically a fancy wrapper around bash command

gpg --verify signature-file mail-content

In order to function properly, the user’s GPG keyring has to have respective keys imported, without them the decryption and verification cannot be run.