ahriman.core.sign package

Submodules

ahriman.core.sign.gpg module

class GPG(configuration: Configuration)

Bases: SyncHttpClient

gnupg wrapper

configuration

configuration instance

Type:: Configuration

default_key

default PGP key ID to use

Type:: str | None

targets

list of targets to sign (repository, package etc.)

Type:: set[SignSettings]

default constructor

Parameters:: configuration (Configuration) – configuration instance

key_download(server: str, key: str) → str

download key from public PGP server

Parameters:

server (str) – public PGP server which will be used to download data
key (str) – key ID to download

Returns:

key as plain text

Return type:

str

key_export(key: str) → str

export public key from stored keychain

Parameters:: key (str) – key ID to export
Returns:: PGP key in .asc format
Return type:: str

key_fingerprint(key: str) → str

get full key fingerprint from short key id

Parameters:: key (str) – key ID to lookup
Returns:: full PGP key fingerprint
Return type:: str

key_import(server: str, key: str) → None

import key to current user and sign it locally

Parameters:

server (str) – public PGP server which will be used to download data
key (str) – key ID to import

process(path: Path, key: str) → list[Path]

gpg command wrapper

Parameters:

path (Path) – path to file to sign
key (str) – PGP key ID

Returns:

list of generated files including original file

Return type:

list[Path]

process_sign_package(path: Path, packager_key: str | None) → list[Path]

sign package if required by configuration and signature doesn’t exist

Parameters:

path (Path) – path to file to sign
packager_key (str | None) – optional packager key to sign

Returns:

list of generated files including original file

Return type:

list[Path]

process_sign_repository(path: Path) → list[Path]

sign repository if required by configuration

Notes

More likely you just want to pass repository_sign_args to repo wrapper

Parameters:: path (Path) – path to repository database
Returns:: list of generated files including original file
Return type:: list[Path]

static sign_command(path: Path, key: str) → list[str]

gpg command to run

Parameters:

path (Path) – path to file to sign
key (str) – PGP key ID

Returns:

gpg command with all required arguments

Return type:

list[str]

static sign_options(configuration: Configuration) → tuple[set[SignSettings], str | None]

extract default sign options from configuration

Parameters:: configuration (Configuration) – configuration instance
Returns:: tuple of sign targets and default PGP key
Return type:: tuple[set[SignSettings], str | None]

static signature(filepath: Path) → Path

generate signature name for the file

Parameters:: filepath (Path) – path to the file which will be signed
Returns:: path to signature file
Return type:: str

property repository_sign_args: list[str]

get command line arguments based on settings

Returns:: command line arguments for repo-add command to sign database
Return type:: list[str]

ahriman.core.sign package

Submodules

ahriman.core.sign.gpg module

Module contents