summaryrefslogtreecommitdiff
path: root/cloudinit/util.py
diff options
context:
space:
mode:
Diffstat (limited to 'cloudinit/util.py')
-rw-r--r--cloudinit/util.py38
1 files changed, 38 insertions, 0 deletions
diff --git a/cloudinit/util.py b/cloudinit/util.py
index d6b80dbe..d3b14f72 100644
--- a/cloudinit/util.py
+++ b/cloudinit/util.py
@@ -2234,3 +2234,41 @@ def message_from_string(string):
if sys.version_info[:2] < (2, 7):
return email.message_from_file(six.StringIO(string))
return email.message_from_string(string)
+
+
+def gpg_export_armour(key):
+ """Export gpg key, armoured key gets returned"""
+ (armour, _) = subp(["gpg", "--export", "--armour", key], capture=True)
+ return armour
+
+
+def gpg_recv_key(key, keyserver):
+ """Receive gpg key from the specified keyserver"""
+ try:
+ subp(["gpg", "--keyserver", keyserver, "--recv", key],
+ capture=True)
+ except ProcessExecutionError as error:
+ raise ValueError('Failed to import key %s from server %s - error %s' %
+ (key, keyserver, error))
+
+
+def gpg_delete_key(key):
+ """Delete the specified key from the local gpg ring"""
+ subp(["gpg", "--batch", "--yes", "--delete-keys", key], capture=False)
+
+
+def getkeybyid(keyid, keyserver):
+ """get gpg keyid from keyserver"""
+ armour = gpg_export_armour(keyid)
+ if not armour:
+ try:
+ gpg_recv_key(keyid, keyserver=keyserver)
+ except ValueError:
+ LOG.exception('Failed to obtain gpg key %s', keyid)
+ raise
+
+ armour = gpg_export_armour(keyid)
+ # delete just imported key to leave environment as it was before
+ gpg_delete_key(keyid)
+
+ return armour.rstrip('\n')
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-25 22:43:10 +0000