Encrypt/decrypt messages using openssl.
Author: Nicolai Lissner
— Version: 1.4.5
— License: GPL-3.0-or-later
For WeeChat ≥ 0.3.0, requires: openssl.
Tags: irc, crypto, py2
Added: 2008-08-29
— Updated: 2021-05-11
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 | # =============================================================== # crypt.py (c) 2008-2012 by Nicolai Lissner <nlissne@linux01.org> # =============================================================== SCRIPT_NAME = "crypt" SCRIPT_AUTHOR = "Nicolai Lissner <nlissne@linux01.org>" SCRIPT_VERSION = "1.4.5" SCRIPT_LICENSE = "GPL3" SCRIPT_DESC = "encrypt/decrypt PRIVMSGs using a pre-shared key and openssl" # # This plugin uses openssl to encrypt/decrypt messages you send # or receive with weechat. Due to the very simple method # used it should be easy to port this plugin to any other # IRC client. # # The default encryption algorithm is blowfish, but you can # change it to any other cipher your openssl offers. # Read output of "openssl -h" to find out which ciphers are # supported (also depends on your kernel!) # # To activate encryption for a given user just # put a file called "cryptkey.username" into # your weechat-directory, containing the passphrase # to use for encryption/decryption # # you can add 'encryption' to # weechat.bar.status.items to have an indication # that the message you are going to send is encrypted # (i.e. a keyfile exists) # # You can activate encryption on irc-channels, too, # just use cryptkey.#channelname as keyfile then. # # example: if you have exchanged a secret key with me, # you would put it in a file called # cryptkey.blackpenguin in your weechat_dir # # Of course, you need to share this keyfile with the # remote side in another secure way (i.e. sending # pgp-encrypted mail) import weechat, string, os, subprocess, re script_options = { "message_indicator" : "(enc) ", "statusbar_indicator" : "(encrypted) ", "cipher" : "blowfish", } def decrypt(data, msgtype, servername, args): hostmask, chanmsg = string.split(args, "PRIVMSG ", 1) channelname, message = string.split(chanmsg, " :", 1) if re.match(r'^\[\d{2}:\d{2}:\d{2}]\s', message): timestamp = message[:11] message = message[11:] else: timestamp = '' if channelname[0] == "#": username=channelname else: username, rest = string.split(hostmask, "!", 1) username = username[1:] if os.path.exists(weechat_dir + "/cryptkey." + username): p = subprocess.Popen(["openssl", "enc", "-d", "-a", "-" + weechat.config_get_plugin("cipher"), "-pass" ,"file:" + weechat_dir + "/cryptkey." + username], bufsize=4096, stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True) p.stdin.write("U2FsdGVkX1" + message.replace("|","\n")) p.stdin.close() decrypted = p.stdout.read() p.stdout.close() if decrypted == "": return args decrypted = ''.join(c for c in decrypted if ord(c) > 31 or ord(c) == 9 or ord(c) == 2 or ord(c) == 3 or ord(c) == 15) return hostmask + "PRIVMSG " + channelname + " :" + chr(3) + "04" + weechat.config_get_plugin("message_indicator") + chr(15) + timestamp + decrypted else: return args def encrypt(data, msgtype, servername, args): pre, message = string.split(args, ":", 1) prestr=pre.split(" ") username=prestr[-2] if os.path.exists(weechat_dir + "/cryptkey." + username): p = subprocess.Popen(["openssl", "enc", "-a", "-" + weechat.config_get_plugin("cipher"), "-pass" ,"file:" + weechat_dir + "/cryptkey." + username], bufsize=4096, stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True) p.stdin.write(message) p.stdin.close() encrypted = p.stdout.read() p.stdout.close() encrypted = encrypted.replace("\n","|") if len(encrypted) > 400: splitmsg=string.split(message," ") cutpoint=len(splitmsg)/2 p = subprocess.Popen(["openssl", "enc", "-a", "-" + weechat.config_get_plugin("cipher"), "-pass" ,"file:" + weechat_dir + "/cryptkey." + username], bufsize=4096, stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True) p.stdin.write(string.join(splitmsg[:cutpoint]," ") + "\n") p.stdin.close() encrypted = p.stdout.read() p.stdout.close() encrypted = encrypted.replace("\n","|") p = subprocess.Popen(["openssl", "enc", "-a", "-" + weechat.config_get_plugin("cipher"), "-pass" ,"file:" + weechat_dir + "/cryptkey." + username], bufsize=4096, stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True) p.stdin.write( string.join(splitmsg[cutpoint:]," ") ) p.stdin.close() encrypted2 = p.stdout.read() p.stdout.close() encrypted2 = encrypted2.replace("\n","|") encrypted = encrypted + "\n" + pre + ":" + encrypted2[10:] return pre + ":" + encrypted[10:] else: return args def update_encryption_status(data, signal, signal_data): buffer = signal_data weechat.bar_item_update('encryption') return weechat.WEECHAT_RC_OK def encryption_statusbar(data, item, window): if window: buf = weechat.window_get_pointer(window, 'buffer') else: buf = weechat.current_buffer() if os.path.exists(weechat_dir + "/cryptkey." + weechat.buffer_get_string(buf, "short_name")): return weechat.config_get_plugin("statusbar_indicator") else: return "" # for subprocess.Popen call PIPE=-1 # register plugin if weechat.register(SCRIPT_NAME, SCRIPT_AUTHOR, SCRIPT_VERSION, SCRIPT_LICENSE, SCRIPT_DESC, "", "UTF-8"): weechat_dir = weechat.info_get("weechat_data_dir", "") \ or weechat.info_get("weechat_dir", "") version = weechat.info_get("version_number", "") or 0 if int(version) < 0x00030000: weechat.prnt("", "%s%s: WeeChat 0.3.0 is required for this script." % (weechat.prefix("error"), SCRIPT_NAME)) else: weechat.bar_item_new('encryption', 'encryption_statusbar', '') for option, default_value in script_options.iteritems(): if not weechat.config_is_set_plugin(option): weechat.config_set_plugin(option, default_value) # register the modifiers weechat.hook_modifier("irc_in_privmsg", "decrypt", "") weechat.hook_modifier("irc_out_privmsg", "encrypt", "") weechat.hook_signal("buffer_switch","update_encryption_status","") |