def testVerifySig(self): rpmName = "tmpwatch-2.9.7-1.1.el5.2.x86_64.rpm" rpmPath = os.path.join(self.archiveDir, rpmName) fileObj = file(rpmPath) header = rpmhelper.readHeader(fileObj) from conary.lib import openpgpfile sig = openpgpfile.readSignature(header[rpmhelper.SIG_GPG]) fileObj.seek(0) rpmhelper.readSignatureHeader(fileObj) k = openpgpfile.getKeyFromString("E8562897", openpgpfile.parseAsciiArmorKey(pgpKeyCentos)) rpmhelper.verifySignatures(fileObj, [k]) # Similar deal, fileObj is an ExtendedFile fileObj = util.ExtendedFile(rpmPath, buffering=False) rpmhelper.verifySignatures(fileObj, [k]) # Finally, StringIO fileObj.seek(0) fileObj = StringIO.StringIO(fileObj.read()) rpmhelper.verifySignatures(fileObj, [k]) # Replace last byte fileObj = StringIO.StringIO(fileObj.getvalue()[:-1]) fileObj.seek(0, 2) fileObj.write("\xff") fileObj.seek(0) e = self.assertRaises(rpmhelper.MD5SignatureError, rpmhelper.verifySignatures, fileObj, [k]) self.assertEqual( str(e), "The MD5 digest fails to verify: " "expected 6cc7c546c3a5de90bb272b11be2f3d67, got 744d88f4164ec2974b49839a69ea589d", )
def testVerifySig(self): rpmName = 'tmpwatch-2.9.7-1.1.el5.2.x86_64.rpm' rpmPath = os.path.join(self.archiveDir, rpmName) fileObj = file(rpmPath) header = rpmhelper.readHeader(fileObj) from conary.lib import openpgpfile sig = openpgpfile.readSignature(header[rpmhelper.SIG_GPG]) fileObj.seek(0) rpmhelper.readSignatureHeader(fileObj) k = openpgpfile.getKeyFromString( 'E8562897', openpgpfile.parseAsciiArmorKey(pgpKeyCentos)) rpmhelper.verifySignatures(fileObj, [k]) # Similar deal, fileObj is an ExtendedFile fileObj = util.ExtendedFile(rpmPath, buffering=False) rpmhelper.verifySignatures(fileObj, [k]) # Finally, StringIO fileObj.seek(0) fileObj = StringIO.StringIO(fileObj.read()) rpmhelper.verifySignatures(fileObj, [k]) # Replace last byte fileObj = StringIO.StringIO(fileObj.getvalue()[:-1]) fileObj.seek(0, 2) fileObj.write("\xff") fileObj.seek(0) e = self.assertRaises(rpmhelper.MD5SignatureError, rpmhelper.verifySignatures, fileObj, [k]) self.assertEqual( str(e), 'The MD5 digest fails to verify: ' 'expected 6cc7c546c3a5de90bb272b11be2f3d67, got 744d88f4164ec2974b49839a69ea589d' )
def getPublicKey(self, keyId, label = None, warn=False): if keyId in self.publicDict: return self.publicDict[keyId] keyTable = self.keyTable() if self.keyTable is None: raise openpgpkey.KeyNotFound(keyId, "Can't open database") # get the key data from the database fingerprint = keyTable.getFingerprint(keyId) keyData = keyTable.getPGPKeyData(keyId) # instantiate the key object from the raw key data key = openpgpfile.getKeyFromString(keyId, keyData) # populate the cache # note keys in the repository are always considered fully trusted self.publicDict[keyId] = openpgpkey.OpenPGPKey(key, key.getCryptoKey(), openpgpfile.TRUST_FULL) return self.publicDict[keyId]
def getPublicKey(self, keyId, label=None, warn=False): if keyId in self.publicDict: return self.publicDict[keyId] keyTable = self.keyTable() if self.keyTable is None: raise openpgpkey.KeyNotFound(keyId, "Can't open database") # get the key data from the database fingerprint = keyTable.getFingerprint(keyId) keyData = keyTable.getPGPKeyData(keyId) # instantiate the key object from the raw key data key = openpgpfile.getKeyFromString(keyId, keyData) # populate the cache # note keys in the repository are always considered fully trusted self.publicDict[keyId] = openpgpkey.OpenPGPKey(key, key.getCryptoKey(), openpgpfile.TRUST_FULL) return self.publicDict[keyId]