l.a.i.a.IArchiveSigningKey(ISignableArchive) : interface documentation

Part of lp.archivepublisher.interfaces.archivesigningkey View In Hierarchy

ArchiveSigningKey interface.

IArchive adapter for operations using its 'signing_key'.

Note that this adapter only works on zopeless mode for generating new signing keys.

Method getPathForSecretKey Return the absolute path to access a secret key export.
Method exportSecretKey Export the given secret key into a private location.
Method generateSigningKey Generate a new GPG secret/public key pair.
Method setSigningKey Set a given secret key export as the context archive signing key.

Inherited from ISignableArchive:

Object archive Undocumented
Attribute can_sign True if this archive is set up for signing.
Method signRepository Sign the corresponding repository.
Method signFile Sign the corresponding file.
def getPathForSecretKey(key):
Return the absolute path to access a secret key export.

Disk location specified in the configurarion, for storing a secret key, e.g.:

/<ppa.signing_keys_root>/<FINGERPRINT>.gpg

Parameterskeya secret PymeKey object to be exported.
Returnspath to the key export.
def exportSecretKey(key):
Export the given secret key into a private location.

Place a ASCII armored export of the given secret key in the location specified by getPathForSecretKey.

Parameterskeya secret PymeKey object to be exported.
RaisesAssertionErrorif the given key is public.
def generateSigningKey():

Generate a new GPG secret/public key pair.

For named-ppas, the existing signing-key for the default PPA owner by the same user/team is reused. The trust belongs to the archive maintainer (owner) not the archive itself.

Default ppas get brand new keys via the following procedure.

  • Export the secret key in the configuration disk location;
  • Upload the public key to the configuration keyserver;
  • Store a reference for the public key in GPGKey table, which is set as the context archive 'signing_key'.
RaisesAssertionErrorif the context archive already has a signing_key.
GPGUploadFailureif the just-generated key could not be upload to the keyserver.
def setSigningKey(key_path, async_keyserver=False):
Set a given secret key export as the context archive signing key.
Parameterskey_pathfull path to the secret key.
async_keyservertrue if the keyserver is running asynchronously in the current thread.
RaisesAssertionErrorif the context archive already has a signing_key.
AssertionErrorif the given 'key_path' does not exist.
API Documentation for Launchpad, generated by pydoctor at 2022-06-16 00:00:12.