From b89ac6b7caeeade5ad21137773ac4496cdaea2c5 Mon Sep 17 00:00:00 2001
From: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Date: Thu, 9 Jun 2016 09:18:35 +0200
Subject: move gpg functions into gpg.py

This helps for cleaner code structuring.
ALong that makeing sure all these functions have a gpg_prefix.
---
 cloudinit/gpg.py | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)
 create mode 100644 cloudinit/gpg.py

(limited to 'cloudinit/gpg.py')

diff --git a/cloudinit/gpg.py b/cloudinit/gpg.py
new file mode 100644
index 00000000..620dfb19
--- /dev/null
+++ b/cloudinit/gpg.py
@@ -0,0 +1,64 @@
+"""gpg.py - Collection of gpg key related functions"""
+# vi: ts=4 expandtab
+#
+#    Copyright (C) 2016 Canonical Ltd.
+#
+#    Author: Scott Moser <scott.moser@canonical.com>
+#    Author: Juerg Haefliger <juerg.haefliger@hp.com>
+#    Author: Joshua Harlow <harlowja@yahoo-inc.com>
+#    Author: Christian Ehrhardt <christian.ehrhardt@canonical.com>
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License version 3, as
+#    published by the Free Software Foundation.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+from cloudinit import util
+from cloudinit import log as logging
+
+LOG = logging.getLogger(__name__)
+
+
+def gpg_export_armour(key):
+    """Export gpg key, armoured key gets returned"""
+    (armour, _) = util.subp(["gpg", "--export", "--armour", key], capture=True)
+    return armour
+
+
+def gpg_recv_key(key, keyserver):
+    """Receive gpg key from the specified keyserver"""
+    try:
+        util.subp(["gpg", "--keyserver", keyserver, "--recv", key],
+                  capture=True)
+    except util.ProcessExecutionError as error:
+        raise ValueError('Failed to import key %s from server %s - error %s' %
+                         (key, keyserver, error))
+
+
+def gpg_delete_key(key):
+    """Delete the specified key from the local gpg ring"""
+    util.subp(["gpg", "--batch", "--yes", "--delete-keys", key], capture=True)
+
+
+def gpg_getkeybyid(keyid, keyserver):
+    """get gpg keyid from keyserver"""
+    armour = gpg_export_armour(keyid)
+    if not armour:
+        try:
+            gpg_recv_key(keyid, keyserver=keyserver)
+        except ValueError:
+            LOG.exception('Failed to obtain gpg key %s', keyid)
+            raise
+
+        armour = gpg_export_armour(keyid)
+        # delete just imported key to leave environment as it was before
+        gpg_delete_key(keyid)
+
+    return armour.rstrip('\n')
-- 
cgit v1.2.3