/usr/share/weechat/python/crypt.py is in weechat-scripts 20180330-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 | # ===============================================================
# crypt.py (c) 2008-2012 by Nicolai Lissner <nlissne@linux01.org>
# ===============================================================
SCRIPT_NAME = "crypt"
SCRIPT_AUTHOR = "Nicolai Lissner <nlissne@linux01.org>"
SCRIPT_VERSION = "1.4.4"
SCRIPT_LICENSE = "GPL3"
SCRIPT_DESC = "encrypt/decrypt PRIVMSGs using a pre-shared key and openssl"
#
# This plugin uses openssl to encrypt/decrypt messages you send
# or receive with weechat. Due to the very simple method
# used it should be easy to port this plugin to any other
# IRC client.
#
# The default encryption algorithm is blowfish, but you can
# change it to any other cipher your openssl offers.
# Read output of "openssl -h" to find out which ciphers are
# supported (also depends on your kernel!)
#
# To activate encryption for a given user just
# put a file called "cryptkey.username" into
# your weechat-directory, containing the passphrase
# to use for encryption/decryption
#
# you can add 'encryption' to
# weechat.bar.status.items to have an indication
# that the message you are going to send is encrypted
# (i.e. a keyfile exists)
#
# You can activate encryption on irc-channels, too,
# just use cryptkey.#channelname as keyfile then.
#
# example: if you have exchanged a secret key with me,
# you would put it in a file called
# cryptkey.blackpenguin in your weechat_dir
#
# Of course, you need to share this keyfile with the
# remote side in another secure way (i.e. sending
# pgp-encrypted mail)
import weechat, string, os, subprocess, re
script_options = {
"message_indicator" : "(enc) ",
"statusbar_indicator" : "(encrypted) ",
"cipher" : "blowfish",
}
def decrypt(data, msgtype, servername, args):
hostmask, chanmsg = string.split(args, "PRIVMSG ", 1)
channelname, message = string.split(chanmsg, " :", 1)
if re.match(r'^\[\d{2}:\d{2}:\d{2}]\s', message):
timestamp = message[:11]
message = message[11:]
else:
timestamp = ''
if channelname[0] == "#":
username=channelname
else:
username, rest = string.split(hostmask, "!", 1)
username = username[1:]
if os.path.exists(weechat_dir + "/cryptkey." + username):
p = subprocess.Popen(["openssl", "enc", "-d", "-a", "-" + weechat.config_get_plugin("cipher"), "-pass" ,"file:" + weechat_dir + "/cryptkey." + username], bufsize=4096, stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True)
p.stdin.write("U2FsdGVkX1" + message.replace("|","\n"))
p.stdin.close()
decrypted = p.stdout.read()
p.stdout.close()
if decrypted == "":
return args
decrypted = ''.join(c for c in decrypted if ord(c) > 31 or ord(c) == 9 or ord(c) == 2 or ord(c) == 3 or ord(c) == 15)
return hostmask + "PRIVMSG " + channelname + " :" + chr(3) + "04" + weechat.config_get_plugin("message_indicator") + chr(15) + timestamp + decrypted
else:
return args
def encrypt(data, msgtype, servername, args):
pre, message = string.split(args, ":", 1)
prestr=pre.split(" ")
username=prestr[-2]
if os.path.exists(weechat_dir + "/cryptkey." + username):
p = subprocess.Popen(["openssl", "enc", "-a", "-" + weechat.config_get_plugin("cipher"), "-pass" ,"file:" + weechat_dir + "/cryptkey." + username], bufsize=4096, stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True)
p.stdin.write(message)
p.stdin.close()
encrypted = p.stdout.read()
p.stdout.close()
encrypted = encrypted.replace("\n","|")
if len(encrypted) > 400:
splitmsg=string.split(message," ")
cutpoint=len(splitmsg)/2
p = subprocess.Popen(["openssl", "enc", "-a", "-" + weechat.config_get_plugin("cipher"), "-pass" ,"file:" + weechat_dir + "/cryptkey." + username], bufsize=4096, stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True)
p.stdin.write(string.join(splitmsg[:cutpoint]," ") + "\n")
p.stdin.close()
encrypted = p.stdout.read()
p.stdout.close()
encrypted = encrypted.replace("\n","|")
p = subprocess.Popen(["openssl", "enc", "-a", "-" + weechat.config_get_plugin("cipher"), "-pass" ,"file:" + weechat_dir + "/cryptkey." + username], bufsize=4096, stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True)
p.stdin.write( string.join(splitmsg[cutpoint:]," ") )
p.stdin.close()
encrypted2 = p.stdout.read()
p.stdout.close()
encrypted2 = encrypted2.replace("\n","|")
encrypted = encrypted + "\n" + pre + ":" + encrypted2[10:]
return pre + ":" + encrypted[10:]
else:
return args
def update_encryption_status(data, signal, signal_data):
buffer = signal_data
weechat.bar_item_update('encryption')
return weechat.WEECHAT_RC_OK
def encryption_statusbar(data, item, window):
if window:
buf = weechat.window_get_pointer(window, 'buffer')
else:
buf = weechat.current_buffer()
if os.path.exists(weechat_dir + "/cryptkey." + weechat.buffer_get_string(buf, "short_name")):
return weechat.config_get_plugin("statusbar_indicator")
else:
return ""
# for subprocess.Popen call
PIPE=-1
# register plugin
if weechat.register(SCRIPT_NAME, SCRIPT_AUTHOR, SCRIPT_VERSION, SCRIPT_LICENSE, SCRIPT_DESC, "", "UTF-8"):
weechat_dir = weechat.info_get("weechat_dir","")
version = weechat.info_get("version_number", "") or 0
if int(version) < 0x00030000:
weechat.prnt("", "%s%s: WeeChat 0.3.0 is required for this script."
% (weechat.prefix("error"), SCRIPT_NAME))
else:
weechat.bar_item_new('encryption', 'encryption_statusbar', '')
for option, default_value in script_options.iteritems():
if not weechat.config_is_set_plugin(option):
weechat.config_set_plugin(option, default_value)
# register the modifiers
weechat.hook_modifier("irc_in_privmsg", "decrypt", "")
weechat.hook_modifier("irc_out_privmsg", "encrypt", "")
weechat.hook_signal("buffer_switch","update_encryption_status","")
|