def _import(user=None, text=None, filename=None):
    '''
    salt.module.gpg.import_key is broken, so implement it here for now.
    '''
    ret = {'result': False, 'message': 'Unable to import key.'}

    gnupg = _gpg._create_gpg(user)  # pylint: disable=W0212

    if not text and not filename:
        raise SaltInvocationError('filename or text must be passed.')

    if filename:
        try:
            with salt.utils.flopen(filename, 'rb') as _fp:
                lines = _fp.readlines()
                text = ''.join(lines)
        except IOError:
            raise SaltInvocationError('filename does not exist.')

    imported_data = gnupg.import_keys(text)
    log.debug('imported_data {0}'.format(imported_data.__dict__.keys()))
    log.debug('imported_data {0}'.format(imported_data.counts))

    results = imported_data.results[-1]
    if results.get('fingerprint', None) and 'ok' in results:
        ret['result'] = True

    ret['message'] = results.get('text', imported_data.summary())
    ret['stdout'] = imported_data.stderr
    return ret
def verify(name, *varargs, **kwargs):
    '''
    Verify a message or file.

    source
        The filename.asc to verify.

    key-content
        The text to verify.

    data-source
        The filename data to verify.

    user
        Which user's keychain to access, defaults to user Salt is running as.
        Passing the user as 'salt' will set the GPG home directory to
        /etc/salt/gpgkeys.

    CLI Example:

    .. code-block:: bash

        qubesctl gnupg.verify source='/path/to/important.file.asc'

        qubesctl gnupg.verify <source|key-content> [key-data] [user=]

    '''
    base = _GPGBase('gpg.verify', **kwargs)
    base.parser.add_argument('name', help='The name id of state object')
    group = base.parser.add_mutually_exclusive_group()

    group.add_argument(
        'source',
        nargs='?',
        help='The filename containing the key to import'
    )

    group.add_argument(
        '--key-contents',
        '--key_contents',
        nargs=1,
        help='The text containing import key to import'
    )

    base.parser.add_argument(
        '--data-source',
        '--data_source',
        nargs='?',
        help='Source file data path to verify (source)'
    )

    base.parser.add_argument(
        '--user',
        nargs=1,
        default='salt',
        help="Which user's keychain to access, defaults to user Salt is \
        running as.  Passing the user as 'salt' will set the GPG home \
        directory to /etc/salt/gpgkeys."
    )

    args = base.parse_args(name, *varargs, **kwargs)
    gnupg = _gpg._create_gpg(args.user)  # pylint: disable=W0212
    status = Status()

    # Key source validation
    if args.source:
        key_source = _get_path(args.source)
        if not key_source:
            status.recode = 1
            status.message = 'GPG validation failed: invalid key-source {0}'.format(
                key_source
            )

    elif args.key_contents:
        key_source = args.key_contents

    else:
        key_source = _get_path(args.name)

    # Data source validation
    data_source = _get_path(args.data_source)
    if not data_source:
        data_source, ext = os.path.splitext(key_source)  # pylint: disable=W0612

    if not os.path.exists(data_source):
        status.retcode = 1
        message = 'GPG validation failed: invalid data-source {0}'.format(
            data_source
        )
        base.save_status(status, message=message)
        return base.status()

    # GPG verify
    status = Status()
    data = gnupg.verify_data(key_source, _get_data(data_source))

    if not data.valid:
        raise CommandExecutionError(data.stderr)

    status.stdout = data.stderr
    base.save_status(status)

    # Returns the status 'data' dictionary
    return base.status()