[PATCH 1/1] keyhandler: Avoid GPG warning on check if key is cached
4 views
Skip to first unread message
Felix Moessbauer
Jun 2, 2026, 12:04:28 PMJun 2
to kas-...@googlegroups.com, jan.k...@siemens.com, Felix Moessbauer
The current implementation of the check if a GPG key is already in the
keystore issues an internal warning if it is not. This is because
internally the gpg binary returns a non-zero exit code when listing a
key by fingerprint that is not yet know. While the API does not document
this behavior and the results (no keys returned) are also completely
valid, it leads to a warning on the kas output.
We avoid the warning by implementing the check differently: Instead of
letting gnupg check the fingerprint, we now simply list all keys and
manually compare the fingerprints against the desired one.
As we operate on a local keystore, the performance impact is negligible
as the keystore is small.
Signed-off-by: Felix Moessbauer <felix.mo...@siemens.com>
---
kas/keyhandler.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/kas/keyhandler.py b/kas/keyhandler.py
index 586f07a4a..d01d31880 100644
--- a/kas/keyhandler.py
+++ b/kas/keyhandler.py
@@ -141,8 +141,8 @@ class GPGKeyHandler(KeyHandler):
f'"{actual_fp}"')
def _key_cached(self, fingerprint):
- keys = self.gpg.list_keys(keys=fingerprint)
- return len(keys) > 0
+ return any(key.get('fingerprint') == fingerprint
+ for key in self.gpg.list_keys())
def _fingerprint(self, keyname):
fingerprint = self.fingerprints.get(keyname)
--
2.53.0
keystore issues an internal warning if it is not. This is because
internally the gpg binary returns a non-zero exit code when listing a
key by fingerprint that is not yet know. While the API does not document
this behavior and the results (no keys returned) are also completely
valid, it leads to a warning on the kas output.
We avoid the warning by implementing the check differently: Instead of
letting gnupg check the fingerprint, we now simply list all keys and
manually compare the fingerprints against the desired one.
As we operate on a local keystore, the performance impact is negligible
as the keystore is small.
Signed-off-by: Felix Moessbauer <felix.mo...@siemens.com>
---
kas/keyhandler.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/kas/keyhandler.py b/kas/keyhandler.py
index 586f07a4a..d01d31880 100644
--- a/kas/keyhandler.py
+++ b/kas/keyhandler.py
@@ -141,8 +141,8 @@ class GPGKeyHandler(KeyHandler):
f'"{actual_fp}"')
def _key_cached(self, fingerprint):
- keys = self.gpg.list_keys(keys=fingerprint)
- return len(keys) > 0
+ return any(key.get('fingerprint') == fingerprint
+ for key in self.gpg.list_keys())
def _fingerprint(self, keyname):
fingerprint = self.fingerprints.get(keyname)
--
2.53.0
Jan Kiszka
Jun 2, 2026, 12:56:22 PMJun 2
to Felix Moessbauer, kas-...@googlegroups.com
Jan
--
Siemens AG, Foundational Technologies
Linux Expert Center
Reply all
Reply to author
Forward
0 new messages