Python gpg_agent Beispiele

Beispiel #1

def test_gpg_agent(tmpdir):
    fake_socket = os.path.join(str(tmpdir), 'S.gpg-agent.fake')
    with gpg_agent(str(tmpdir)):
        assert not os.path.isfile(fake_socket)
        with open(fake_socket, mode='w') as file:
            file.write('fake socket')
        assert os.path.isfile(fake_socket)

    assert not os.path.isfile(fake_socket)

Beispiel #2

def build_keyring(tempdir, keyring_file, key_data):
    if key_data:
        keyring_file_path = os.path.join(tempdir, keyring_file)
        with gpg_agent(str(tempdir)):
            gpg = gnupg.GPG(gnupghome=tempdir, keyring=keyring_file_path)
            gpg.encoding = 'utf-8'
            gpg.import_keys(key_data)
        return keyring_file_path
    else:
        return None

Beispiel #3

Datei: test_debhelpers.py Projekt: vraevsky/edi

 def sign_release(self):
     cmd = ['gpg', '--batch', '--yes',
            '--homedir', str(self.datadir),
            '--no-default-keyring',
            '--secret-keyring', os.path.join(str(self.datadir), 'test-secring.gpg'),
            '--keyring', os.path.join(str(self.datadir), 'test-pubring.gpg'),
            '--digest-algo', 'SHA256',
            '-abs',
            '-o', os.path.join(str(self.datadir), 'Release.gpg'),
            os.path.join(str(self.datadir), 'Release')]
     with gpg_agent(str(self.datadir)):
         subprocess.run(cmd, input=None, timeout=None, check=True)

Beispiel #4

Datei: debhelpers.py Projekt: matthiasklein/edi

    def _verify_signature(self,
                          homedir,
                          keyring,
                          signed_file,
                          detached_signature=None):
        cmd = ['gpg']
        cmd.extend(['--homedir', homedir])
        cmd.extend(['--weak-digest', 'SHA1'])
        cmd.extend(['--weak-digest', 'RIPEMD160'])
        cmd.extend(['--no-default-keyring', '--keyring', keyring])
        cmd.extend(['--status-fd', '1'])
        cmd.append('--verify')
        if detached_signature:
            cmd.append(detached_signature)
        cmd.append(signed_file)

        with gpg_agent(str(homedir)):
            output = subprocess.run(cmd,
                                    input=None,
                                    timeout=None,
                                    check=False,
                                    universal_newlines=True,
                                    stdout=subprocess.PIPE,
                                    stderr=subprocess.PIPE)

        logging.info(output.stdout)

        goodsig = re.search(r'^\[GNUPG:\] GOODSIG', output.stdout,
                            re.MULTILINE)
        validsig = re.search(r'^\[GNUPG:\] VALIDSIG', output.stdout,
                             re.MULTILINE)

        if goodsig and validsig:
            logging.info('Signature check ok!')
        else:
            if detached_signature:
                release_file_url = self._get_release_file_url('Release')
            else:
                release_file_url = self._get_release_file_url('InRelease')

            if output.stderr:
                raise FatalError(
                    ("Signature check for '{}' failed with error message '{}'!"
                     ).format(release_file_url, output.stderr))
            else:
                raise FatalError("Signature check for '{}' failed!".format(
                    release_file_url))