Beispiel #1
0
        _die("in run inspections - %s" % e)

    try:
        log.doing("verify all step matchrules...")
        toto.verifylib.verify_all_item_rules(layout.steps, step_link_dict)
    except Exception, e:
        _die("in verify all step matchrules - %s" % e)

    try:
        log.doing("verify all inspection matchrules...")
        toto.verifylib.verify_all_item_rules(layout.inspect, inspection_link_dict,
        step_link_dict)
    except Exception, e:
        _die("in verify all inspection matchrules - %s" % e)

    log.passing("all verification")

def in_toto_verify_wrapper(location, toto_verify=None, layout_path="root.layout", layout_keys="alice.pub", toto_default=None ):
    original_cwd = os.getcwd()
    os.chdir(location)

    if toto_default:
        layout_key_paths = layout_keys.split(',')
        in_toto_verify(layout_path, layout_key_paths)
    elif toto_verify:
        layout_key_paths = toto_verify[1].split(',')
        in_toto_verify(toto_verify[0], layout_key_paths)
    #else:
        #layout_key_paths = layout_keys.split(',')
        #in_toto_verify(layout_path, layout_key_paths)
Beispiel #2
0
    log.doing("'%s' - load key '%s'" % (layout_path, layout_key))
    # FIXME: Change key load
    layout_key_dict = toto.util.create_and_persist_or_load_key(layout_key)

  except Exception, e:
    log.error("in load key - %s" % e)


  # Verify signature
  try:
    log.doing("'%s' - verify signature - key '%s'" \
        % (layout_path, layout_key))

    msg = "'%s' - verify signature" % layout_path
    if layout.verify_signature(layout_key):
      log.passing(msg)
    else:
      log.failing(msg)
      retval = 1

  except Exception, e:
    log.error("in verify signature - %s" % e)
    raise # TODO: exit gracefully instead of exception?

  step_links = {}

  # Load links by steps
  for step in layout.steps:
    try:
      step_name = "%s.link" % step.name
      log.doing("'%s' - '%s' - load link" % (layout_path, step.name))