mini_buildd.gnupg module

class mini_buildd.gnupg.Colons(colons_line)

Bases: object

Provide a colon->name mapping for the gpg script-parsable ‘–with-colons’ output.

See /usr/share/doc/gnupg/DETAILS.gz.

property type
property key_id
property creation_date
property expiration_date
property user_id

Fingerprint for ‘fpr’ type.

exception mini_buildd.gnupg.GpgmeVerifyFailed(detail, signatures)

Bases: HTTPUnauthorized

classmethod sig_info(signature)

Human-readable info combining actual keyid (if subkey, gpgme only provides fpr of subkey) and gpgme reason.

classmethod sigs_info(signatures)
class mini_buildd.gnupg.BaseGnuPG(home)

Bases: object

classmethod get_flavor()

Ugly-parse GPG binary flavor(=major.minor).

“1.4” (“classic”), “2.0” (“stable”) or “2.1” (“modern”) from “gpg –version” output (like “gpg (GnuPG) 2.1.14”). Don’t fail but return “unknown” if anything nasty happens.

gen_secret_key(template)
export(dest_file, identity='')
get_pub_key(identity)
get_colons(type_regex, list_arg='--list-public-keys', identity=None)
get_pub_keys_infos()
get_pub_keys()
get_first_sec_colon(type_regex)
get_first_sec_key()
get_first_sec_key_fingerprint()
get_first_sec_key_user_id()
add_pub_key(key)
add_keyring(keyring)
verify(signature, data=None)
gpgme_verify(signed_message, signature=None)
gpgme_verify_release(signed_data, signature=None, accept_expired=False, needs_all=False)
sign(file_name, identity=None)
gpgme_sign(message)
class mini_buildd.gnupg.GnuPG(template, fullname, email)

Bases: BaseGnuPG

update()
prepare()
remove()
get_pub_key(identity=None)
class mini_buildd.gnupg.TmpGnuPG(tmpdir_options=None, **kwargs)

Bases: BaseGnuPG, TmpDir

Temporary GnuPG. Use with contextlib.closing() to guarantee dir is purged afterwards.

>>> import contextlib
>>> # mini_buildd.config.DEBUG.append("keep")  # Enable 'keep' for debugging only
>>> gnupg_home = tempfile.TemporaryDirectory(prefix="test-home")
>>> mini_buildd.config.ROUTES = mini_buildd.config.Routes(gnupg_home.name)
>>> dummy = shutil.copy2("test-data/gpg/secring.gpg", gnupg_home.name)
>>> dummy = shutil.copy2("test-data/gpg/pubring.gpg", gnupg_home.name)
>>> gnupg = BaseGnuPG(home=gnupg_home.name)
>>> gnupg.get_first_sec_colon("sec").type
'sec'
>>> gnupg.get_first_sec_key_user_id()
'Üdo Ümlaut <test@key.org>'
>>> gnupg.get_first_sec_key()  
'AF95FC80FC40A82E'
>>> gnupg.get_first_sec_key_fingerprint()  
'4FB13BDD777C046D72D4E7D3AF95FC80FC40A82E'
>>> with contextlib.closing(mini_buildd.gnupg.TmpGnuPG(tmpdir_options={"prefix": "d17-"})) as tgnupg, tempfile.NamedTemporaryFile(prefix="d0-") as t, tempfile.NamedTemporaryFile(prefix="d1-") as export:
...     gnupg.export(export.name)
...     dummy = t.write(b"A test file\n")
...     t.flush()
...     gnupg.sign(file_name=t.name, identity="test@key.org")
...     gnupg.verify(t.name)
...     pub_key = gnupg.get_pub_key(identity="test@key.org")
...     tgnupg.add_pub_key(pub_key)
...     tgnupg.verify(t.name)
>>>
>>> gnupg_home.cleanup()
class mini_buildd.gnupg.PublicKeyCache

Bases: TmpGnuPG

Public key cache, initially with apt keys installed on the system (usually, from debian-archive-keyring package).

KEYSERVER_RECV_TIMEOUT = 5
classmethod key2id(key)
keyinfo(key_id, key=None)