forked from hswaw/hscloud
Merge "tools/secretstore: fix gpg encryption for expired key"
commit
892ab3d6ab
|
@ -49,6 +49,10 @@ keys = [
|
|||
"0879F9FCA1C836677BB808C870FD60197E195C26", # implr
|
||||
]
|
||||
|
||||
# Currently, Patryk's GPG key is expired. This hacks around that by pretending
|
||||
# it's January 2021.
|
||||
# TODO(q3k/patryk): remove this once Patryk updates his key.
|
||||
systime = '20210101T000000'
|
||||
|
||||
_logger_name = __name__
|
||||
if _logger_name == '__main__':
|
||||
|
@ -61,7 +65,15 @@ class CLIException(Exception):
|
|||
|
||||
|
||||
def encrypt(src, dst):
|
||||
cmd = ['gpg' , '--encrypt', '--armor', '--batch', '--yes', '--output', dst]
|
||||
cmd = [
|
||||
'gpg' ,
|
||||
'--encrypt',
|
||||
'--faked-system-time', systime,
|
||||
'--trust-model', 'always',
|
||||
'--armor',
|
||||
'--batch', '--yes',
|
||||
'--output', dst,
|
||||
]
|
||||
for k in keys:
|
||||
cmd.append('--recipient')
|
||||
cmd.append(k)
|
||||
|
@ -80,7 +92,7 @@ def _encryption_key_for_fingerprint(fp):
|
|||
Returns the encryption key ID for a given GPG fingerprint (eg. one from the
|
||||
'keys' list.
|
||||
"""
|
||||
cmd = ['gpg', '-k', '--keyid-format', 'long', fp]
|
||||
cmd = ['gpg', '-k', '--faked-system-time', systime, '--keyid-format', 'long', fp]
|
||||
res = subprocess.check_output(cmd).decode()
|
||||
|
||||
# Sample output:
|
||||
|
|
Loading…
Reference in New Issue