%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /usr/lib/python2.7/site-packages/salt/modules/
Upload File :
Create Path :
Current File : //usr/lib/python2.7/site-packages/salt/modules/gpg.pyo

�
���^c
@@s�dZddlmZmZmZddlZddlZddlZddlZddl	Z	ddl
ZddlZddl
ZddlmZddlmZddlmZeje�ZdZidd	6d
d6dd
6dd6dd6dd6d
d6Zidd6dd6dd6dd6dd6dd 6Zidd6d
d6dd6d!d6dd6dd6Zid"d#6d$d6d%d6d&d6d'd6ZeZy1ddlZe Z!eej"�ed(�kZWne#k
r�eZ!nXd)�Z$d*�Z%dd+�Z'd,�Z(d-�Z)ddd.�Z*dded/�Z+dd0�Z,ddd1�Z-ddd2�Z.ddd3�Z/e)d4d5d6d7ddddeddd8��Z0ddeddd9�Z1ddddd:�Z2ddddd;�Z3e)ddddd<��Z4deddd=�Z5e)ddddd>��Z6ddddd?�Z7dddddedd@�Z8dddddddA�Z9ddddddededB�	Z:ddddededC�Z;dS(Du
Manage a GPG keychains, add keys, create keys, retrieve keys from keyservers.
Sign, encrypt and sign plus encrypt text and files.

.. versionadded:: 2015.5.0

.. note::

    The ``python-gnupg`` library and ``gpg`` binary are required to be
    installed.

i(tabsolute_importtprint_functiontunicode_literalsN(tSaltInvocationError(tLooseVersion(tsixugpguExpiredueuUnknownuquNot Trustedunu
Fully TrustedufuMarginally TrustedumuUltimately Trusteduuu-u1uexpiredu2uunknownu3unot_trustedu4u
marginallyu5ufullyu6u
ultimatelyu
Marginallyu	Undefinedu0uNeveruMarginaluFullyuUltimateu1.3.1cC@stjjjd�S(u,
    Returns the path to the gpg binary
    ugpg(tsalttutilstpathtwhich(((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyt_gpgTscC@s't�stdfStrtStdfS(u=
    Makes sure that python-gnupg and gpg are available.
    uIThe gpg execution module cannot be loaded: gpg binary is not in the path.uTThe gpg execution module cannot be loaded; the gnupg python module is not installed.(R
tFalsetHAS_GPG_BINDINGSt__virtualname__(((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyt__virtual__\s	

cC@sc|stdd�}ntd|�}|s_|dkrGt�}q_tdj|���n|S(u-
    Wrapper for user.info Salt function
    u
config.optionuuseru	user.infousaltuUser {0} does not exist(t__salt__t_get_user_infoRtformat(tusertuserinfo((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyRiscC@sQ|dkr.tjjtdd�d�}ntjjt|�dd�}|S(u=
    Return default GnuPG home directory path for a user
    usaltu
config.getu
config_dirugpgkeysuhomeu.gnupg(tosRtjoinRR(Rt	gnupghome((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyt_get_user_gnupghome~s"c@s"tj���fd��}|S(Nc
@sc|jd�}|jd�}|s3t|�}nt|�}t�}|d|dkr�tjj|�r�td|d�}x:|gtd|�D]}td||d|�q�Wnx-t|�D]}|jd	�r�||=q�q�W�||�}	|d|dkr_td|d�}x6|gtd|�D]}td|||�q>Wn|	S(
u<
        Wrap gpg function calls to fix permissions
        uuseru	gnupghomeuuidufile.gid_to_groupugidu	file.findu
file.chownunameu__(	tgetRRRRtexistsRtlistt
startswith(
targstkwargsRRRtrun_usertgroupRtkeytret(tfunc(s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pytfunc_wrapper�s&	&(t	functoolstwraps(R"R#((R"s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyt_restore_ownership�s#cC@sF|st|�}ntr0tjd|�}ntjd|�}|S(u
    Create the GPG object
    thomedirR(Rt	GPG_1_3_1tgnupgtGPG(RRtgpg((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyt_create_gpg�scC@s"t||�}|j|�}|S(u*
    Helper function for Listing keys
    (R,t	list_keys(RRtsecretR+t_keys((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyt
_list_keys�scC@s:t|�}|r'|j||�}n|j|�}|S(u;
    Helper function for searching keys from keyserver
    (R,tsearch_keys(ttextt	keyserverRR+R/((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyt_search_keys�s
c	C@s)trtd��n|s$d}ng}x�t|||�D]�}i|dd6|dd6}|jdd�}|jdd�}|jdd�}|r�tjdtjt|d���|d<n|r�tjdtjt|d���|d	<n|r|d|d
<n|j	|�q=W|SdS(u�
    Search keys from keyserver

    text
        Text to search the keyserver for, e.g. email address, keyID or fingerprint.

    keyserver
        Keyserver to use for searching for GPG keys, defaults to pgp.mit.edu.

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.search_keys user@example.com

        salt '*' gpg.search_keys user@example.com keyserver=keyserver.ubuntu.com

        salt '*' gpg.search_keys user@example.com keyserver=keyserver.ubuntu.com user=username

    uJThe search_keys function is not support with this version of python-gnupg.upgp.mit.eduukeyiduuidsuexpiresudateulengthu%Y-%m-%ducreatedu	keyLengthN(
R(RR4RtNonettimetstrftimet	localtimetfloattappend(	R2R3RR/t_keyttmptexpirestdatetlength((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyR1�s*		#	#c
C@scg}xVt||�D]E}i|dd6|dd6|dd6}|jdd
�}|jdd
�}|jdd
�}|jdd
�}|jdd
�}	|r�tjd	tjt|d���|d<n|rtjd	tjt|d���|d
<n|r|d|d<n|r3t|d|d<n|	rNt|d|d<n|j|�qW|S(u�
    List keys in GPG keychain

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    gnupghome
        Specify the location where GPG keyring and related files are stored.

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.list_keys

    ukeyidufingerprintuuidsuexpiresudateulengthu
ownertrustutrustu%Y-%m-%ducreatedu	keyLengthu
ownerTrustN(	R0RR5R6R7R8R9tLETTER_TRUST_DICTR:(
RRR/R;R<R=R>R?towner_trustttrust((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyR-
s0	#	#c
C@sig}x\t||dt�D]E}i|dd6|dd6|dd6}|jdd�}|jdd�}|jdd�}|jdd�}|jd	d�}	|r�tjd
tjt|d���|d<n|rtjd
tjt|d���|d<n|r|d|d<n|r9t|d|d
<n|	rTt|d	|d	<n|j	|�qW|S(u�
    List secret keys in GPG keychain

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    gnupghome
        Specify the location where GPG keyring and related files are stored.

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.list_secret_keys

    R.ukeyidufingerprintuuidsuexpiresudateulengthu
ownertrustutrustu%Y-%m-%ducreatedu	keyLengthu
ownerTrustN(
R0tTrueRR5R6R7R8R9R@R:(
RRR/R;R<R=R>R?RARB((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pytlist_secret_keys9s0	#	#uRSAiuAutogenerated KeyuGenerated by SaltStackcC@s2itd6dd6dd6}i|d6|d6|d6|d6}t|	|
�}
|r_||d	<n|rr||d
<n|r�||d<n|r�||d<n|r�td
d�}|s�t|d<d|d<|S||d<n|
j|�}|
j|�}|jr|j|d<d|d<nt|d<d|d<|S(u
    Create a key in the GPG keychain

    .. note::

        GPG key generation requires *a lot* of entropy and randomness.
        Difficult to do over a remote connection, consider having
        another process available which is generating randomness for
        the machine.  Also especially difficult on virtual machines,
        consider the `rng-tools
        <http://www.gnu.org/software/hurd/user/tlecarrour/rng-tools.html>`_
        package.

        The create_key process takes awhile so increasing the timeout
        may be necessary, e.g. -t 15.

    key_type
        The type of the primary key to generate. It must be capable of signing.
        'RSA' or 'DSA'.

    key_length
        The length of the primary key in bits.

    name_real
        The real name of the user identity which is represented by the key.

    name_comment
        A comment to attach to the user id.

    name_email
        An email address for the user.

    subkey_type
        The type of the secondary key to generate.

    subkey_length
        The length of the secondary key in bits.

    expire_date
        The expiration date for the primary and any secondary key.
        You can specify an ISO date, A number of days/weeks/months/years,
        an epoch value, or 0 for a non-expiring key.

    use_passphrase
        Whether to use a passphrase with the signing key. Passphrase is received
        from Pillar.

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    gnupghome
        Specify the location where GPG keyring and related files are stored.

    CLI Example:

    .. code-block:: bash

        salt -t 15 '*' gpg.create_key

    uresuufingerprintumessageukey_typeu
key_lengthu	name_realuname_commentu
name_emailusubkey_typeu
subkey_lengthuexpire_dateu
pillar.getugpg_passphraseu'gpg_passphrase not available in pillar.u
passphraseu$GPG key pair successfully generated.u Unable to generate GPG key pair.(RCR,RRt
gen_key_inputtgen_keytfingerprint(tkey_typet
key_lengtht	name_realtname_commentt
name_emailtsubkey_typet
subkey_lengthtexpire_datetuse_passphraseRRR!t
create_paramsR+tgpg_passphraset
input_dataR ((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyt
create_keyhs@J









	



c	
C@smitd6dd6}|r8|r8t|d<d|d<|S|r^|r^t|d<d|d<|St||�}t|||�}|rQ|d}t|||�}|r�|r�t|d<d|d<|S|r	|r	tj|j|t��dkr	d	j|�|d<ntj|j|��dkrC|dcd
j|�7<nt|d<|St|d<d|d<|SdS(
u�
    Get a key from the GPG keychain

    keyid
        The keyid of the key to be deleted.

    fingerprint
        The fingerprint of the key to be deleted.

    delete_secret
        Whether to delete a corresponding secret key prior to deleting the public key.
        Secret keys must be deleted before deleting any corresponding public keys.

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    gnupghome
        Specify the location where GPG keyring and related files are stored.

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.delete_key keyid=3FAD9F1E

        salt '*' gpg.delete_key fingerprint=53C96788253E58416D20BCD352952C84C3252192

        salt '*' gpg.delete_key keyid=3FAD9F1E user=username

        salt '*' gpg.delete_key keyid=3FAD9F1E user=username delete_secret=True

    uresuumessageu/Only specify one argument, fingerprint or keyidu'Required argument, fingerprint or keyidufingerprintu;Secret key exists, delete first or pass delete_secret=True.uokuSecret key for {0} deleted
uPublic key for {0} deleteduKey not available in keychain.N(	RCRR,tget_keytget_secret_keyRt	text_typetdelete_keysR(	tkeyidRGt
delete_secretRRR!R+R tskey((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyt
delete_key�s:'








-


c	C@s�i}x�t||�D]r}|d|ksP|d|ksP|dd|kr|d|d<|d|d<|d|d<|jdd�}|jdd�}|jdd�}|jdd�}	|jd	d�}
|rtjd
tjt|d���|d<n|r8tjd
tjt|d���|d<n|rO|d|d<n|	rjt|d|d
<n|
r�t|d	|d	<q�qqW|s�tS|SdS(u�
    Get a key from the GPG keychain

    keyid
        The key ID (short or long) of the key to be retrieved.

    fingerprint
        The fingerprint of the key to be retrieved.

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    gnupghome
        Specify the location where GPG keyring and related files are stored.

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.get_key keyid=3FAD9F1E

        salt '*' gpg.get_key fingerprint=53C96788253E58416D20BCD352952C84C3252192

        salt '*' gpg.get_key keyid=3FAD9F1E user=username

    ufingerprintukeyidiuuidsuexpiresudateulengthu
ownertrustutrustu%Y-%m-%ducreatedu	keyLengthu
ownerTrustN(	R0RR5R6R7R8R9R@R(RYRGRRR<R;R=R>R?RARB((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyRU/s8	#	#c	C@s�i}x�t||dt�D]r}|d|ksV|d|ksV|dd|kr|d|d<|d|d<|d|d<|jdd�}|jdd�}|jdd�}|jd	d�}	|jd
d�}
|rtjdtjt|d���|d<n|r>tjdtjt|d���|d<n|rU|d|d
<n|	rpt|d	|d<n|
r�t|d
|d
<q�qqW|s�t	S|SdS(u�
    Get a key from the GPG keychain

    keyid
        The key ID (short or long) of the key to be retrieved.

    fingerprint
        The fingerprint of the key to be retrieved.

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    gnupghome
        Specify the location where GPG keyring and related files are stored.

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.get_secret_key keyid=3FAD9F1E

        salt '*' gpg.get_secret_key fingerprint=53C96788253E58416D20BCD352952C84C3252192

        salt '*' gpg.get_secret_key keyid=3FAD9F1E user=username

    R.ufingerprintukeyidiuuidsuexpiresudateulengthu
ownertrustutrustu%Y-%m-%ducreatedu	keyLengthu
ownerTrustN(
R0RCRR5R6R7R8R9R@R(RYRGRRR<R;R=R>R?RARB((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyRVms8	#	#c	C@s�itd6dd6}t||�}|r@|r@td��n|r�y@tjjj|d��"}tjjj|j	��}WdQXWq�t
k
r�td��q�Xn|j|�}tr]|j
}|jd�s�|jd	�r�d
|d<q�|jd�rd|d<q�|jd
�r4t|d<d|d<q�|jd�s�t|d<d|d<q�nu|jso|jr|d
|d<nV|jr�d|d<n@|jr�t|d<d|d<n |js�t|d<d|d<n|S(u�
    Import a key from text or file

    text
        The text containing to import.

    filename
        The filename containing the key to import.

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    gnupghome
        Specify the location where GPG keyring and related files are stored.

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.import_key text='-----BEGIN PGP PUBLIC KEY BLOCK-----\n ... -----END PGP PUBLIC KEY BLOCK-----'
        salt '*' gpg.import_key filename='/path/to/public-key-file'

    uresuumessageu filename or text must be passed.urbNufilename does not exist.uimporteduimported_rsauSuccessfully imported key(s).u	unchangedu!Key(s) already exist in keychain.unot_importeduUnable to import key.ucount(RCR,RRRtfilestflopentstringutilst
to_unicodetreadtIOErrortimport_keysR(tcountsRRtimportedtimported_rsat	unchangedtnot_importedtcount(	R2tfilenameRRR!R+t_fpt
imported_dataRd((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyt
import_key�sH
%
	





	
	

	

cC@sCt||�}t|tj�r3|jd�}n|j||�S(u�
    Export a key from the GPG keychain

    keyids
        The key ID(s) of the key(s) to be exported. Can be specified as a comma
        separated string or a list. Anything which GnuPG itself accepts to
        identify a key - for example, the key ID or the fingerprint could be
        used.

    secret
        Export the secret key identified by the ``keyids`` information passed.

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    gnupghome
        Specify the location where GPG keyring and related files are stored.

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.export_key keyids=3FAD9F1E

        salt '*' gpg.export_key keyids=3FAD9F1E secret=True

        salt '*' gpg.export_key keyids="['3FAD9F1E','3FBD8F1E']" user=username

    u,(R,t
isinstanceRtstring_typestsplittexport_keys(tkeyidsR.RRR+((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyt
export_key�s cC@sitd6id6gd6}t||�}|s9d}nt|tj�r]|jd�}n|j||�}x�|jD]�}d|kr�|ddkr�|djdj	|d	��q|dd
kr|djdj	|d	��qqyd|kry|djd
�qyqyW|S(u
    Receive key(s) from keyserver and add them to keychain

    keyserver
        Keyserver to use for searching for GPG keys, defaults to pgp.mit.edu

    keys
        The keyID(s) to retrieve from the keyserver.  Can be specified as a comma
        separated string or a list.

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    gnupghome
        Specify the location where GPG keyring and related files are stored.

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.receive_keys keys='3FAD9F1E'

        salt '*' gpg.receive_keys keys="['3FAD9F1E','3FBD9F2E']"

        salt '*' gpg.receive_keys keys=3FAD9F1E user=username

    uresuchangesumessageupgp.mit.eduu,uoku1uKey {0} added to keychainufingerprintu0u"Key {0} already exists in keychainuproblemuUnable to add key to keychain(
RCR,RnRRoRpt	recv_keystresultsR:R(R3tkeysRRR!R+t	recv_datatresult((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pytreceive_keyss&
	!$c
	C@smitd6dd6}dddddd	g}|rP|rPt|d<d
|d<|S|s�|r�t|d|�}|r�d|kr�t|d<d
j|�|d<|S|d}q�t|d<dj|�|d<|Sq�t|d<d|d<|Sn||krdjdj|��Sdj|t|�}t�dg}|}	|dkr�tjjt	dd�d�}
|j
d|
g�d}	nt	d|d|d|	dt�}|ddks�t|d<|d |d<n�|d r[tjd!|d �}t
|�d"kr3||d<d#jt|dt|d$�|d<qi||d<d%jt|d�|d<n|d |d<|S(&u
    Set the trust level for a key in GPG keychain

    keyid
        The keyid of the key to set the trust level for.

    fingerprint
        The fingerprint of the key to set the trust level for.

    trust_level
        The trust level to set for the specified key, must be one
        of the following:
        expired, unknown, not_trusted, marginally, fully, ultimately

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.trust_key keyid='3FAD9F1E' trust_level='marginally'
        salt '*' gpg.trust_key fingerprint='53C96788253E58416D20BCD352952C84C3252192' trust_level='not_trusted'
        salt '*' gpg.trust_key keys=3FAD9F1E trust_level='ultimately' user='username'

    uresuumessageuexpireduunknownunot_trustedu
marginallyufullyu
ultimatelyu/Only specify one argument, fingerprint or keyidRufingerprintu#Fingerprint not found for keyid {0}uKeyID {0} not in GPG keychainu'Required argument, fingerprint or keyiduERROR: Valid trust levels - {0}u,u{0}:{1}
u--import-ownertrustusaltu
config.getu
config_dirugpgkeysu	--homedirurootucmd.run_alltstdintrunastpython_shelluretcodeiustderru\diu)Changing ownership trust from {0} to {1}.iuSetting ownership trust to {0}.(RCRRURRtNUM_TRUST_DICTR
RRRtextendtretfindalltlentINV_NUM_TRUST_DICT(
RYRGttrust_levelRR!t_VALID_TRUST_LEVELSR Rztcmdt_userthomeDirtrest_match((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyt	trust_keyVsh 







	
	



c

C@swt||�}|r=tdd�}|sCtd��qCnd	}ttj�}	|r�|	td�kr�|j|d|d|�}
qp|j|d|d|�}
n�|rdtj	j
j|d��R}|	td�kr�|j|d|d|�}
n|j|d|d|�}
Wd	QX|rptj	j
j|d
��&}|j
tj	jj|
j��Wd	QXqpntd��|
jS(u�
    Sign message or file

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    keyid
        The keyid of the key to set the trust level for, defaults to
        first key in the secret keyring.

    text
        The text to sign.

    filename
        The filename to sign.

    output
        The filename where the signed file will be written, default is standard out.

    use_passphrase
        Whether to use a passphrase with the signing key. Passphrase is received
        from Pillar.

    gnupghome
        Specify the location where GPG keyring and related files are stored.

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.sign text='Hello there.  How are you?'

        salt '*' gpg.sign filename='/path/to/important.file'

        salt '*' gpg.sign filename='/path/to/important.file' use_passphrase=True

    u
pillar.getugpg_passphraseu'gpg_passphrase not available in pillar.u1.3.1tdefault_keyt
passphraseRYurbNuwu filename or text must be passed.(R,RRR5t
_LooseVersionR)t__version__tsignRRR]R^t	sign_filetwriteR_tto_bytestdata(
RRYR2RjtoutputRPRR+RRt
gnupg_versiontsigned_dataRktfout((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyR��s*.!+c

C@s�t|�}d}|r^||kr^dj|d	j|��}tj|�itd
6|d6Sg}	|r�|	jd|g�n|r�|j|d
|	�}
n�|r|r�tj	j
j|d��}|j||d
|	�}
WdQXq+tj	j
j
|d��}|j|d
|	�}
WdQXntd��i}|
jdk	r�t|d
<|
j|d<|
j|d<ttj|
j�|d<d|d<nt|d
<d|d<|S(u<
    Verify a message or file

    text
        The text to verify.

    filename
        The filename to verify.

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    gnupghome
        Specify the location where GPG keyring and related files are stored.

    signature
        Specify the filename of a detached signature.

        .. versionadded:: 2018.3.0

    trustmodel
        Explicitly define the used trust model. One of:
          - pgp
          - classic
          - tofu
          - tofu+pgp
          - direct
          - always
          - auto

        .. versionadded:: fluorine

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.verify text='Hello there.  How are you?'
        salt '*' gpg.verify filename='/path/to/important.file'
        salt '*' gpg.verify filename='/path/to/important.file' use_passphrase=True
        salt '*' gpg.verify filename='/path/to/important.file' trustmodel=direct

    upgpuclassicutofuutofu+pgpudirectualwaysuautou.Invalid trustmodel defined: {}. Use one of: {}u, uresumessageu
--trust-modelt
extra_argsurbNu filename or text must be passed.uusernameukey_idutrust_leveluThe signature is verified.u$The signature could not be verified.(upgpuclassicutofuutofu+pgpudirectualwaysuauto(R,RRtlogtwarnRR~tverifyRRR]tfopentverify_fileR^RR�R5RCtusernametkey_idtVERIFY_TRUST_LEVELSRRW(
R2RRjRt	signaturet
trustmodelR+ttrustmodelstmsgR�tverifiedRkR!((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyR�s82
!





c	
C@s�itd6dd6}	t||�}
|r[tdd�}|sNtd��n|d}nd	}|r�|
j||d|�}n�|rZtr�tjj	j
|d��"}
tjjj|
j
��}Wd	QX|
j||d|d
|�}qftjj	j
|d��R}
|r3|
j|
|d|d
|d|�}n|
j|
|d|d|�}Wd	QXntd��|jr�|s�|r�d
j|�|	d<q�|j|	d<q�|j}	n?|s�t|	d<dj|j�|	d<nt}	tj|j�|	S(u�
    Encrypt a message or file

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    recipients
        The fingerprints for those recipient whom the data is being encrypted for.

    text
        The text to encrypt.

    filename
        The filename to encrypt.

    output
        The filename where the signed file will be written, default is standard out.

    sign
        Whether to sign, in addition to encrypt, the data. ``True`` to use
        default key or fingerprint to specify a different key to sign with.

    use_passphrase
        Whether to use a passphrase with the signing key. Passphrase is received
        from Pillar.

    gnupghome
        Specify the location where GPG keyring and related files are stored.

    bare
        If ``True``, return the (armored) encrypted block as a string without
        the standard comment/res dict.

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.encrypt text='Hello there.  How are you?'

        salt '*' gpg.encrypt filename='/path/to/important.file'

        salt '*' gpg.encrypt filename='/path/to/important.file' use_passphrase=True

    uresuucommentu
pillar.getugpg_passphraseu'gpg_passphrase not available in pillar.R�urbNR�R�u filename or text must be passed.u&Encrypted data has been written to {0}u&{0}.
Please check the salt-minion log.(RCR,RRR5tencryptR(RRR]R^R_R`Ratencrypt_filetokRR�RtstatusR�terrortstderr(Rt
recipientsR2RjR�R�RPRtbareR!R+RRRxRkt	_contents((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyR�asD7

!!''	
c
C@sxitd6dd6}t||�}|r[tdd�}	|	sNtd��n|	d}	nd
}	|r|j|d|	�}
no|r�tjjj	|d��@}|r�|j
|d|	d	|�}
n|j
|d|	�}
Wd
QXntd��|
jr5|s)|rdj|�|d<q2|
j
|d<qt|
j
}n?|s^t|d<d
j|
j�|d<nt}tj|
j�|S(u�
    Decrypt a message or file

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as ``salt`` will set the GnuPG home directory to the
        ``/etc/salt/gpgkeys``.

    text
        The encrypted text to decrypt.

    filename
        The encrypted filename to decrypt.

    output
        The filename where the decrypted data will be written, default is standard out.

    use_passphrase
        Whether to use a passphrase with the signing key. Passphrase is received
        from Pillar.

    gnupghome
        Specify the location where GPG keyring and related files are stored.

    bare
        If ``True``, return the (armored) decrypted block as a string without the
        standard comment/res dict.

    CLI Example:

    .. code-block:: bash

        salt '*' gpg.decrypt filename='/path/to/important.file.gpg'

        salt '*' gpg.decrypt filename='/path/to/important.file.gpg' use_passphrase=True

    uresuucommentu
pillar.getugpg_passphraseu'gpg_passphrase not available in pillar.R�urbR�Nu filename or text must be passed.u&Decrypted data has been written to {0}u&{0}.
Please check the salt-minion log.(RCR,RRR5tdecryptRRR]R^tdecrypt_fileR�RR�RR�R�R�R�(RR2RjR�RPRR�R!R+RRRxRk((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyR��s<,

	
(<t__doc__t
__future__RRRR$tloggingRRR6tsalt.utils.filesRtsalt.utils.pathtsalt.utils.stringutilstsalt.exceptionsRtsalt.utils.versionsRR�tsalt.extRt	getLoggert__name__R�R
R@R}R�R�RR(R)RCRR�tImportErrorR
RR5RRR&R,R0R4R1R-RDRTR\RURVRmRsRyR�R�R�R�R�(((s4/usr/lib/python2.7/site-packages/salt/modules/gpg.pyt<module>
s�





		
		'	5//nJ>>G'8aGUb

Zerion Mini Shell 1.0