Part of canonical.launchpad.interfaces.gpghandler View In Hierarchy
Known implementations: canonical.launchpad.utilities.gpghandler.GPGHandler
| Method | sanitizeFingerprint | Return sanitized fingerprint if well-formed. |
| Method | verifySignature | See getVerifiedSignature. |
| Method | getURLForKeyInServer | Return the URL for that fingerprint on the configured keyserver. |
| Method | getVerifiedSignatureResilient | Wrapper for getVerifiedSignature. |
| Method | getVerifiedSignature | Returns a PymeSignature object if content is correctly signed. |
| Method | importPublicKey | Import the given public key into our local keyring. |
| Method | importSecretKey | Import the given secret key into our local keyring. |
| Method | generateKey | Generate a new GPG key with the given name. |
| Method | importKeyringFile | Import the keyring filepath into the local key database. |
| Method | encryptContent | Encrypt the given content for the given fingerprint. |
| Method | signContent | Signs content with a given GPG fingerprint. |
| Method | retrieveKey | Retrieve the key information from the local keyring. |
| Method | retrieveActiveKey | Retrieve key information, raise errors if the key is not active. |
| Method | uploadPublicKey | Upload the specified public key to a keyserver. |
| Method | checkTrustDb | Check whether the OpenPGP trust database is up to date. |
| Method | localKeys | Return an iterator of all keys locally known about. |
| Method | resetLocalState | Reset the local state. |
If the firgerprint cannot be sanitized return None.
getVerifiedSignature.
Suppress all exceptions and simply return None if the could not be verified.
If public is True, return a URL for the public keyserver; otherwise, references the default (internal) keyserver. If action is provided, will attach that to the URL.
It calls the target method exactly 3 times.
Return the result if it succeed during the cycle, otherwise capture the errors and emits at the end GPGVerificationError with the stored error information.
If signature is None, we assume content is clearsigned. Otherwise it stores the detached signature and content should contain the plain text in question.
content and signature must be 8-bit encoded str objects. It's up to the caller to encode or decode as appropriate.
The only exception likely to be propogated out is GPGVerificationError
| Parameters | content | The content to be verified as string; |
| signature | The signature as string (or None if content is clearsigned) | |
| Returns | a PymeSignature object. | |
| Raises | GPGVerificationError | if the signature cannot be verified. |
If the secret key's ASCII armored content is given, SecretGPGKeyDetected is raised.
If no key is found, GPGKeyNotFoundError is raised. On the other hand, if more than one key is found, MoreThanOneGPGKeyFound is raised.
| Parameters | content | public key ASCII armored content (must be an ASCII string (it's up to the caller to encode or decode properly); |
| Returns | a PymeKey object referring to the public key imported. | |
If no key is found, GPGKeyNotFoundError is raised. On the other hand, if more than one key is found, MoreThanOneGPGKeyFound is raised.
| Parameters | content | secret key ASCII armored content (must be an ASCII string (it's up to the caller to encode or decode properly); |
| Returns | a PymeKey object referring to the secret key imported. | |
Currently only passwordless, signo-only 1024-bit RSA keys are generated.
| Parameters | name | unicode to be included in the key paramenters, 'comment' and 'email' will be empty. It's content will be encoded to 'utf-8' internally. |
| Returns | a PymeKey object for the just-generated secret key. | |
| Raises | AssertionError | if the key generation is not exaclty what we expect. |
| Parameters | filepath | the path to a keyring to import. |
| Returns | a list of the imported keys. | |
content must be a traditional string. It's up to the caller to encode or decode properly. Fingerprint must be hexadecimal string.
| Parameters | content | the Unicode content to be encrypted. |
| fingerprint | the OpenPGP key's fingerprint. | |
| Returns | the encrypted content or None if failed. | |
| Parameters | content | the content to sign. |
| key_fingerprint | the fingerprint of the key to use when signing the content. | |
| password | optional password to the key identified by key_fingerprint, the default value is '', | |
| mode | optional he type of GPG signature to produce, the default mode is gpgme.SIG_MODE_CLEAR (clearsigned signatures) | |
| Returns | The ASCII-armored signature for the content. | |
Retrieve the key information from the local keyring.
If the key with the given fingerprint is not present in the local
keyring, first import it from the key server into the local keyring.
:param fingerprint: The key fingerprint, which must be an hexadecimal
string.
:raise GPGKeyNotFoundError: if the key is not found neither in the
local keyring nor in the key server.
:return: a `PymeKey`object containing the key information.
Retrieve key information, raise errors if the key is not active.
Exactly like `retrieveKey` except raises errors if the key is expired
or has been revoked.
:param fingerprint: The key fingerprint, which must be an hexadecimal
string.
:raise GPGKeyNotFoundError: if the key is not found neither in the
local keyring nor in the key server.
:return: a `PymeKey`object containing the key information.
Use retrieveKey to get the public key content and upload an
ASCII-armored export chunk.
| Parameters | fingerprint | The key fingerprint, which must be an hexadecimal string. |
| Raises | GPGUploadFailure | if the keyserver could not be reaches. |
| AssertionError | if the POST request doesn't succeed. |
The method automatically rebuild the trust values if necessary.
The results will be visible in any new retrieved key objects. Existing key objects will not reflect the new trust value.
| Parameters | filter | optional string used to filter the results. By default gpgme tries to match '<name> [comment] [email]', the full fingerprint or the key ID (fingerprint last 8 digits); |
| secret | optional boolean, restrict the domain to secret or public keys available in the keyring. Defaults to False. | |
| Returns | a PymeKey generator with the matching keys. | |