Ejemplo n.º 1
0
    def testVerifySig(self):
        rpmName = "tmpwatch-2.9.7-1.1.el5.2.x86_64.rpm"
        rpmPath = os.path.join(self.archiveDir, rpmName)
        fileObj = file(rpmPath)
        header = rpmhelper.readHeader(fileObj)
        from conary.lib import openpgpfile

        sig = openpgpfile.readSignature(header[rpmhelper.SIG_GPG])

        fileObj.seek(0)
        rpmhelper.readSignatureHeader(fileObj)
        k = openpgpfile.getKeyFromString("E8562897", openpgpfile.parseAsciiArmorKey(pgpKeyCentos))

        rpmhelper.verifySignatures(fileObj, [k])

        # Similar deal, fileObj is an ExtendedFile
        fileObj = util.ExtendedFile(rpmPath, buffering=False)
        rpmhelper.verifySignatures(fileObj, [k])

        # Finally, StringIO
        fileObj.seek(0)
        fileObj = StringIO.StringIO(fileObj.read())
        rpmhelper.verifySignatures(fileObj, [k])

        # Replace last byte
        fileObj = StringIO.StringIO(fileObj.getvalue()[:-1])
        fileObj.seek(0, 2)
        fileObj.write("\xff")
        fileObj.seek(0)
        e = self.assertRaises(rpmhelper.MD5SignatureError, rpmhelper.verifySignatures, fileObj, [k])
        self.assertEqual(
            str(e),
            "The MD5 digest fails to verify: "
            "expected 6cc7c546c3a5de90bb272b11be2f3d67, got 744d88f4164ec2974b49839a69ea589d",
        )
Ejemplo n.º 2
0
    def testVerifySig(self):
        rpmName = 'tmpwatch-2.9.7-1.1.el5.2.x86_64.rpm'
        rpmPath = os.path.join(self.archiveDir, rpmName)
        fileObj = file(rpmPath)
        header = rpmhelper.readHeader(fileObj)
        from conary.lib import openpgpfile
        sig = openpgpfile.readSignature(header[rpmhelper.SIG_GPG])

        fileObj.seek(0)
        rpmhelper.readSignatureHeader(fileObj)
        k = openpgpfile.getKeyFromString(
            'E8562897', openpgpfile.parseAsciiArmorKey(pgpKeyCentos))

        rpmhelper.verifySignatures(fileObj, [k])

        # Similar deal, fileObj is an ExtendedFile
        fileObj = util.ExtendedFile(rpmPath, buffering=False)
        rpmhelper.verifySignatures(fileObj, [k])

        # Finally, StringIO
        fileObj.seek(0)
        fileObj = StringIO.StringIO(fileObj.read())
        rpmhelper.verifySignatures(fileObj, [k])

        # Replace last byte
        fileObj = StringIO.StringIO(fileObj.getvalue()[:-1])
        fileObj.seek(0, 2)
        fileObj.write("\xff")
        fileObj.seek(0)
        e = self.assertRaises(rpmhelper.MD5SignatureError,
                              rpmhelper.verifySignatures, fileObj, [k])
        self.assertEqual(
            str(e), 'The MD5 digest fails to verify: '
            'expected 6cc7c546c3a5de90bb272b11be2f3d67, got 744d88f4164ec2974b49839a69ea589d'
        )
Ejemplo n.º 3
0
    def getPublicKey(self, keyId, label = None, warn=False):
        if keyId in self.publicDict:
            return self.publicDict[keyId]

        keyTable = self.keyTable()
        if self.keyTable is None:
            raise openpgpkey.KeyNotFound(keyId, "Can't open database")

        # get the key data from the database
        fingerprint = keyTable.getFingerprint(keyId)
        keyData = keyTable.getPGPKeyData(keyId)

        # instantiate the key object from the raw key data
        key = openpgpfile.getKeyFromString(keyId, keyData)

        # populate the cache
        # note keys in the repository are always considered fully trusted
        self.publicDict[keyId] = openpgpkey.OpenPGPKey(key, key.getCryptoKey(),
                                                       openpgpfile.TRUST_FULL)
        return self.publicDict[keyId]
Ejemplo n.º 4
0
    def getPublicKey(self, keyId, label=None, warn=False):
        if keyId in self.publicDict:
            return self.publicDict[keyId]

        keyTable = self.keyTable()
        if self.keyTable is None:
            raise openpgpkey.KeyNotFound(keyId, "Can't open database")

        # get the key data from the database
        fingerprint = keyTable.getFingerprint(keyId)
        keyData = keyTable.getPGPKeyData(keyId)

        # instantiate the key object from the raw key data
        key = openpgpfile.getKeyFromString(keyId, keyData)

        # populate the cache
        # note keys in the repository are always considered fully trusted
        self.publicDict[keyId] = openpgpkey.OpenPGPKey(key, key.getCryptoKey(),
                                                       openpgpfile.TRUST_FULL)
        return self.publicDict[keyId]