End-to-end Encryption API documentation


class poezio.plugin_e2ee.E2EEPlugin(name, plugin_api, core, plugins_conf_dir)[source]

Interface for E2EE plugins.

This is a wrapper built on top of BasePlugin. It provides a base for End-to-end Encryption mechanisms in poezio.

Plugin developers are excepted to implement the decrypt and encrypt function, provide an encryption name (and/or short name), and an eme namespace.

Once loaded, the plugin will attempt to decrypt any message that contains an EME message that matches the one set.

The plugin will also register a command (using the short name) to enable encryption per tab. It is only possible to have one encryption mechanism per tab, even if multiple e2ee plugins are loaded.

The encryption status will be displayed in the status bar, using the plugin short name, alongside the JID, nickname etc.

eme_ns: str | None = None

Required. https://xmpp.org/extensions/xep-0380.html.

encryption_name: str | None = None

Encryption name, used in command descriptions, and logs. At least one of encryption_name and encryption_short_name must be set.

encryption_short_name: str | None = None

Encryption short name, used as command name, and also to display encryption status in a tab. At least one of encryption_name and encryption_short_name must be set.

replace_body_with_eme = True

Replaces body with eme if set. Should be suitable for most plugins except those using <body/> directly as their encryption container, like OTR, or the example base64 plugin in poezio.

stanza_encryption = False

Specifies that the encryption mechanism does more than encrypting <body/>.

tag_whitelist = [('jabber:client', 'body'), ('urn:xmpp:eme:0', 'encryption'), ('urn:xmpp:hints', 'store'), ('urn:xmpp:hints', 'no-copy'), ('urn:xmpp:hints', 'no-store'), ('urn:xmpp:hints', 'no-permanent-store')]

Whitelist applied to messages when stanza_encryption is False.

Please refer to BasePlugin for more information on how to write plugins.

Example plugins

Example 1: Base64 plugin

from base64 import b64decode, b64encode
from poezio.plugin_e2ee import E2EEPlugin
from slixmpp import Message

class Plugin(E2EEPlugin):
    """Base64 Plugin"""

    encryption_name = 'base64'
    encryption_short_name = 'b64'
    eme_ns = 'urn:xmpps:base64:0'

    # This encryption mechanism is using <body/> as a container
    replace_body_with_eme = False

    def decrypt(self, message: Message, _tab) -> None:
            Decrypt base64
        body = message['body']
        message['body'] = b64decode(body.encode()).decode()

    def encrypt(self, message: Message, _tab) -> None:
            Encrypt to base64
        # TODO: Stop using <body/> for this. Put the encoded payload in another element.
        body = message['body']
        message['body'] = b64encode(body.encode()).decode()