End-to-end Encryption API documentation¶
- class poezio.plugin_e2ee.E2EEPlugin(name, plugin_api, core, plugins_conf_dir)¶
Interface for E2EE plugins.
This is a wrapper built on top of BasePlugin. It provides a base for End-to-end Encryption mechanisms in poezio.
Plugin developers are excepted to implement the decrypt and encrypt function, provide an encryption name (and/or short name), and an eme namespace.
Once loaded, the plugin will attempt to decrypt any message that contains an EME message that matches the one set.
The plugin will also register a command (using the short name) to enable encryption per tab. It is only possible to have one encryption mechanism per tab, even if multiple e2ee plugins are loaded.
The encryption status will be displayed in the status bar, using the plugin short name, alongside the JID, nickname etc.
- encryption_name: str | None = None¶
Encryption name, used in command descriptions, and logs. At least one of encryption_name and encryption_short_name must be set.
- encryption_short_name: str | None = None¶
Encryption short name, used as command name, and also to display encryption status in a tab. At least one of encryption_name and encryption_short_name must be set.
- replace_body_with_eme = True¶
Replaces body with eme if set. Should be suitable for most plugins except those using <body/> directly as their encryption container, like OTR, or the example base64 plugin in poezio.
- stanza_encryption = False¶
Specifies that the encryption mechanism does more than encrypting <body/>.
- tag_whitelist = [('jabber:client', 'body'), ('urn:xmpp:eme:0', 'encryption'), ('urn:xmpp:hints', 'store'), ('urn:xmpp:hints', 'no-copy'), ('urn:xmpp:hints', 'no-store'), ('urn:xmpp:hints', 'no-permanent-store')]¶
Whitelist applied to messages when stanza_encryption is False.
Please refer to
BasePlugin for more information on how to
Example 1: Base64 plugin
from base64 import b64decode, b64encode from poezio.plugin_e2ee import E2EEPlugin from slixmpp import Message class Plugin(E2EEPlugin): """Base64 Plugin""" encryption_name = 'base64' encryption_short_name = 'b64' eme_ns = 'urn:xmpps:base64:0' # This encryption mechanism is using <body/> as a container replace_body_with_eme = False def decrypt(self, message: Message, _tab) -> None: """ Decrypt base64 """ body = message['body'] message['body'] = b64decode(body.encode()).decode() def encrypt(self, message: Message, _tab) -> None: """ Encrypt to base64 """ # TODO: Stop using <body/> for this. Put the encoded payload in another element. body = message['body'] message['body'] = b64encode(body.encode()).decode()