Example #1
0
 def verify(self, data, sig):
     """ returns of the good and bad signatures"""
     sigfile = datafile = None
     try:
         # create temporary files
         fd, sigfile = tempfile.mkstemp(prefix="hg-gpg-", suffix=".sig")
         fp = util.fdopen(fd, "wb")
         fp.write(sig)
         fp.close()
         fd, datafile = tempfile.mkstemp(prefix="hg-gpg-", suffix=".txt")
         fp = util.fdopen(fd, "wb")
         fp.write(data)
         fp.close()
         gpgcmd = "%s --logger-fd 1 --status-fd 1 --verify " '"%s" "%s"' % (
             self.path,
             sigfile,
             datafile,
         )
         ret = util.filter("", gpgcmd)
     finally:
         for f in (sigfile, datafile):
             try:
                 if f:
                     os.unlink(f)
             except OSError:
                 pass
     keys = []
     key, fingerprint = None, None
     for l in ret.splitlines():
         # see DETAILS in the gnupg documentation
         # filter the logger output
         if not l.startswith("[GNUPG:]"):
             continue
         l = l[9:]
         if l.startswith("VALIDSIG"):
             # fingerprint of the primary key
             fingerprint = l.split()[10]
         elif l.startswith("ERRSIG"):
             key = l.split(" ", 3)[:2]
             key.append("")
             fingerprint = None
         elif (
             l.startswith("GOODSIG")
             or l.startswith("EXPSIG")
             or l.startswith("EXPKEYSIG")
             or l.startswith("BADSIG")
         ):
             if key is not None:
                 keys.append(key + [fingerprint])
             key = l.split(" ", 2)
             fingerprint = None
     if key is not None:
         keys.append(key + [fingerprint])
     return keys
Example #2
0
 def sign(self, data):
     gpgcmd = "%s --sign --detach-sign%s" % (self.path, self.key)
     return util.filter(data, gpgcmd)