ANN: A new version (0.3.6) of python-gnupg has been released.

Vinay Sajip vinay_sajip at
Thu Feb 6 21:53:59 CET 2014

A new version of the Python module which wraps GnuPG has been

What Changed?
This is an enhancement and bug-fix release, but the bug-fixes
include some security improvements, so all users are encouraged
to upgrade. See the project website ( )
for more information. Summary:

Enabled fast random tests on gpg as well as gpg2.
Avoided deleting temporary file to preserve its permissions.
Avoided writing passphrase to log.
Added export-minimal and armor options when exporting keys.
Added verify_data() method to allow verification of signatures in memory.
Regularised end-of-line characters in ths source code.
Rectified problems with earlier fix for shell injection.

The current version passes all tests on Windows (CPython 2.4, 2.5,
2.6, 3.1, 2.7 and Jython 2.5.1) and Ubuntu (CPython 2.4, 2.5, 2.6,
2.7, 3.0, 3.1, 3.2). On Windows, GnuPG 1.4.11 has been used for the

What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.

This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.

A test suite using unittest is included with the source distribution.

Simple usage:

>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
  'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
  'keyid': '197D5DAC68F1AAB2',
  'length': '1024',
  'type': 'pub',
  'uids': ['', 'Gary Gross (A test user) < at>']},
  'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
  'keyid': '0C5FEFA7A921FC4A',
  'length': '1024',
  'uids': ['', 'Danny Davis (A test user) <danny.da... at>']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-----BEGIN PGP MESSAGE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
-----END PGP MESSAGE-----\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"

For more information, visit -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!


Vinay Sajip
Red Dove Consultants Ltd.

More information about the Python-list mailing list