Part of lp.services.gpg.interfaces View In Hierarchy
Method | sanitizeFingerprint | Return sanitized fingerprint if well-formed. |
Method | getURLForKeyInServer | Return the URL for that fingerprint on the configured keyserver. |
Method | getVerifiedSignatureResilient | Wrapper for getVerifiedSignature. |
Method | getVerifiedSignature | Returns a PymeSignature object if content is correctly signed. |
Method | importPublicKey | Import the given public key into our local keyring. |
Method | importSecretKey | Import the given secret key into our local keyring. |
Method | generateKey | Generate a new GPG key with the given name. |
Method | encryptContent | Encrypt the given content for the given key. |
Method | signContent | Signs content with a given GPG key. |
Method | retrieveKey | Retrieve the key information from the local keyring. |
Method | retrieveActiveKey | Retrieve key information, raise errors if the key is not active. |
Method | uploadPublicKey | Upload the specified public key to a keyserver. |
Method | localKeys | Return an iterator of all keys locally known about. |
Method | resetLocalState | Reset the local state. |
If the firgerprint cannot be sanitized return None.
If public is True, return a URL for the public keyserver; otherwise, references the default (internal) keyserver. If action is provided, will attach that to the URL.
This calls the target method up to three times. Successful results are returned immediately, and GPGKeyExpired errors are raised immediately. Otherwise, captures the errors and raises GPGVerificationError with the accumulated error information.
If signature is None, we assume content is clearsigned. Otherwise it stores the detached signature and content should contain the plain text in question.
content and signature must be 8-bit encoded str objects. It's up to the caller to encode or decode as appropriate.
Parameters | content | The content to be verified as string; |
signature | The signature as string (or None if content is clearsigned) | |
Returns | a PymeSignature object. | |
Raises | GPGVerificationError | if the signature cannot be verified. |
GPGKeyExpired | if the signature was made with an expired key. | |
GPGKeyNotFoundError | if the key was not found on the keyserver. |
If the secret key's ASCII armored content is given, SecretGPGKeyDetected is raised.
If no key is found, GPGKeyNotFoundError is raised. On the other hand, if more than one key is found, MoreThanOneGPGKeyFound is raised.
Parameters | content | public key ASCII armored content (must be an ASCII string (it's up to the caller to encode or decode properly); |
Returns | a PymeKey object referring to the public key imported. |
If no key is found, GPGKeyNotFoundError is raised. On the other hand, if more than one key is found, MoreThanOneGPGKeyFound is raised.
Parameters | content | secret key ASCII armored content (must be an ASCII string (it's up to the caller to encode or decode properly); |
Returns | a PymeKey object referring to the secret key imported. |
Currently only passwordless, signo-only 1024-bit RSA keys are generated.
Parameters | name | unicode to be included in the key paramenters, 'comment' and 'email' will be empty. It's content will be encoded to 'utf-8' internally. |
Returns | a PymeKey object for the just-generated secret key. | |
Raises | AssertionError | if the key generation is not exaclty what we expect. |
content must be a traditional string. It's up to the caller to encode or decode properly.
Parameters | content | the Unicode content to be encrypted. |
key | the IPymeKey to encrypt the content for. | |
Returns | the encrypted content or None if failed. |
Parameters | content | the content to sign. |
key | the IPymeKey to use when signing the content. | |
password | optional password to the key identified by key_fingerprint, the default value is '', | |
mode | optional type of GPG signature to produce, the default mode is gpgme.SIG_MODE_CLEAR (clearsigned signatures) | |
Returns | The ASCII-armored signature for the content. |
Retrieve the key information from the local keyring. If the key with the given fingerprint is not present in the local keyring, first import it from the key server into the local keyring. :param fingerprint: The key fingerprint, which must be an hexadecimal string. :raise GPGKeyNotFoundError: if the key is not found neither in the local keyring nor in the key server. :return: a `PymeKey`object containing the key information.
Retrieve key information, raise errors if the key is not active. Exactly like `retrieveKey` except raises errors if the key is expired or has been revoked. :param fingerprint: The key fingerprint, which must be an hexadecimal string. :raise GPGKeyNotFoundError: if the key is not found neither in the local keyring nor in the key server. :return: a `PymeKey`object containing the key information.
Use retrieveKey
to get the public key content and upload an
ASCII-armored export chunk.
Parameters | fingerprint | The key fingerprint, which must be an hexadecimal string. |
Raises | GPGUploadFailure | if the keyserver could not be reaches. |
AssertionError | if the POST request doesn't succeed. |
Parameters | filter | optional string used to filter the results. By default gpgme tries to match '<name> [comment] [email]', the full fingerprint or the key ID (fingerprint last 8 digits); |
secret | optional boolean, restrict the domain to secret or public keys available in the keyring. Defaults to False. | |
Returns | a PymeKey generator with the matching keys. |