Example #1
0
    def testVerifySig(self):
        rpmName = 'tmpwatch-2.9.7-1.1.el5.2.x86_64.rpm'
        rpmPath = os.path.join(self.archiveDir, rpmName)
        fileObj = file(rpmPath)
        header = rpmhelper.readHeader(fileObj)
        from conary.lib import openpgpfile
        sig = openpgpfile.readSignature(header[rpmhelper.SIG_GPG])

        fileObj.seek(0)
        rpmhelper.readSignatureHeader(fileObj)
        k = openpgpfile.getKeyFromString(
            'E8562897', openpgpfile.parseAsciiArmorKey(pgpKeyCentos))

        rpmhelper.verifySignatures(fileObj, [k])

        # Similar deal, fileObj is an ExtendedFile
        fileObj = util.ExtendedFile(rpmPath, buffering=False)
        rpmhelper.verifySignatures(fileObj, [k])

        # Finally, StringIO
        fileObj.seek(0)
        fileObj = StringIO.StringIO(fileObj.read())
        rpmhelper.verifySignatures(fileObj, [k])

        # Replace last byte
        fileObj = StringIO.StringIO(fileObj.getvalue()[:-1])
        fileObj.seek(0, 2)
        fileObj.write("\xff")
        fileObj.seek(0)
        e = self.assertRaises(rpmhelper.MD5SignatureError,
                              rpmhelper.verifySignatures, fileObj, [k])
        self.assertEqual(
            str(e), 'The MD5 digest fails to verify: '
            'expected 6cc7c546c3a5de90bb272b11be2f3d67, got 744d88f4164ec2974b49839a69ea589d'
        )
Example #2
0
    def testVerifySig(self):
        rpmName = "tmpwatch-2.9.7-1.1.el5.2.x86_64.rpm"
        rpmPath = os.path.join(self.archiveDir, rpmName)
        fileObj = file(rpmPath)
        header = rpmhelper.readHeader(fileObj)
        from conary.lib import openpgpfile

        sig = openpgpfile.readSignature(header[rpmhelper.SIG_GPG])

        fileObj.seek(0)
        rpmhelper.readSignatureHeader(fileObj)
        k = openpgpfile.getKeyFromString("E8562897", openpgpfile.parseAsciiArmorKey(pgpKeyCentos))

        rpmhelper.verifySignatures(fileObj, [k])

        # Similar deal, fileObj is an ExtendedFile
        fileObj = util.ExtendedFile(rpmPath, buffering=False)
        rpmhelper.verifySignatures(fileObj, [k])

        # Finally, StringIO
        fileObj.seek(0)
        fileObj = StringIO.StringIO(fileObj.read())
        rpmhelper.verifySignatures(fileObj, [k])

        # Replace last byte
        fileObj = StringIO.StringIO(fileObj.getvalue()[:-1])
        fileObj.seek(0, 2)
        fileObj.write("\xff")
        fileObj.seek(0)
        e = self.assertRaises(rpmhelper.MD5SignatureError, rpmhelper.verifySignatures, fileObj, [k])
        self.assertEqual(
            str(e),
            "The MD5 digest fails to verify: "
            "expected 6cc7c546c3a5de90bb272b11be2f3d67, got 744d88f4164ec2974b49839a69ea589d",
        )
Example #3
0
 def _downloadKey(self, keyServer, fingerprint):
     print "downloading from %s" % keyServer
     opener = transport.URLOpener()
     url = "http://%s:11371/pks/lookup?op=get&search=0x%s" % (keyServer, fingerprint)
     handle = opener.open(url)
     keyData = openpgpfile.parseAsciiArmorKey(handle)
     return keyData
Example #4
0
 def _downloadKey(self, keyServer, fingerprint):
     print 'downloading from %s' % keyServer
     opener = transport.URLOpener()
     url = ('http://%s:11371/pks/lookup?op=get&search=0x%s' %
            (keyServer, fingerprint))
     handle = opener.open(url)
     keyData = openpgpfile.parseAsciiArmorKey(handle)
     return keyData
Example #5
0
def addKey(cfg, server, user):
    client = conaryclient.ConaryClient(cfg)
    repos = client.getRepos()

    if server is None:
        server = cfg.buildLabel.getHost()

    if user is None:
        user = cfg.user.find(server)[0]

    asciiKey = sys.stdin.read()
    binaryKey = openpgpfile.parseAsciiArmorKey(asciiKey)

    repos.addNewPGPKey(server, user, binaryKey)
Example #6
0
    def setKey(self, server_name, fingerprint):
        if fingerprint not in self.keys:
            key = self._getKeyFromKeyServer(fingerprint)
            self.keys[fingerprint] = key
        else:
            print >> sys.stderr, "already cached"
        ascii_key = self.keys.get(fingerprint)
        binary_key = openpgpfile.parseAsciiArmorKey(ascii_key)
        ascii_key.seek(0)

        try:
            user = self.cfg.user.find(server_name)[0]
        except:
            print >> sys.stderr, ("could not find user for %s in conary " "configuration" % server_name)
            raise

        self.client.repos.addNewPGPKey(server_name, user, binary_key)
Example #7
0
    def setKey(self, server_name, fingerprint):
        if fingerprint not in self.keys:
            key = self._getKeyFromKeyServer(fingerprint)
            self.keys[fingerprint] = key
        else:
            print >> sys.stderr, 'already cached'
        ascii_key = self.keys.get(fingerprint)
        binary_key = openpgpfile.parseAsciiArmorKey(ascii_key)
        ascii_key.seek(0)

        try:
            user = self.cfg.user.find(server_name)[0]
        except:
            print >> sys.stderr, ('could not find user for %s in conary '
                                  'configuration' % server_name)
            raise

        self.client.repos.addNewPGPKey(server_name, user, binary_key)
Example #8
0
 def addKey(self, ascii_key):
     keyData = openpgpfile.parseAsciiArmorKey(ascii_key)
     self.keyring.addKeysAsStrings([keyData])
Example #9
0
 def addNewAsciiKey(self, userId, asciiData):
     keyData = openpgpfile.parseAsciiArmorKey(asciiData)
     if not keyData:
         raise openpgpfile.IncompatibleKey('Unable to parse ASCII armored key')
     self.addNewKey(userId, keyData)
Example #10
0
 def addKey(self, ascii_key):
     keyData = openpgpfile.parseAsciiArmorKey(ascii_key)
     self.keyring.addKeysAsStrings([keyData])
Example #11
0
 def addNewAsciiKey(self, userId, asciiData):
     keyData = openpgpfile.parseAsciiArmorKey(asciiData)
     if not keyData:
         raise openpgpfile.IncompatibleKey(
             'Unable to parse ASCII armored key')
     self.addNewKey(userId, keyData)