def verify(filename, require_signature=True): with open(fixture(filename), mode='rb') as fh: data = fh.read() return SignedFile(data, [keyring], require_signature)
def strip_pgp_signature(filename): with utils.open_file(filename) as f: data = f.read() signedfile = SignedFile(data, keyrings=(), require_signature=False) return signedfile.contents
def evaluate(self): """evaluate commands file @rtype: bool @returns: C{True} if the file was processed sucessfully, C{False} otherwise """ result = True session = DBConn().session() keyrings = session.query(Keyring).filter_by(active=True).order_by(Keyring.priority) keyring_files = [ k.keyring_name for k in keyrings ] signed_file = SignedFile(self.data, keyring_files) if not signed_file.valid: self.log.log(['invalid signature', self.filename]) return False self.fingerprint = session.query(Fingerprint).filter_by(fingerprint=signed_file.primary_fingerprint).one() if self.fingerprint.keyring is None: self.log.log(['singed by key in unknown keyring', self.filename]) return False assert self.fingerprint.keyring.active self.log.log(['processing', self.filename, 'signed-by={0}'.format(self.fingerprint.fingerprint)]) with tempfile.TemporaryFile() as fh: fh.write(signed_file.contents) fh.seek(0) sections = apt_pkg.TagFile(fh) self.uploader = None addresses = gpg_get_key_addresses(self.fingerprint.fingerprint) if len(addresses) > 0: self.uploader = addresses[0] try: sections.next() section = sections.section if 'Uploader' in section: self.uploader = section['Uploader'] if 'Cc' in section: self.cc.append(section['Cc']) # TODO: Verify first section has valid Archive field if 'Archive' not in section: raise CommandError('No Archive field in first section.') # TODO: send mail when we detected a replay. self._check_replay(signed_file, session) self._evaluate_sections(sections, session) self.result.append('') except Exception as e: self.log.log(['ERROR', e]) self.result.append("There was an error processing this section. No changes were committed.\nDetails:\n{0}".format(e)) result = False self._notify_uploader() session.close() return result