def get_keys_from_header(hdr): """Extract signing key id from a rpm header. @param hdr: rpm header @type hdr: rpm.hdr @return: signing key id represented as an uppercase hex string @rtype: str """ result = [] head_keys = [] for field in head_header_tags: sigkey = get_header_field(hdr, field) if sigkey: head_keys.append(koji.get_sigpacket_key_id(sigkey).upper()) for field in body_header_tags: sigkey = get_header_field(hdr, field) if sigkey: key_id = koji.get_sigpacket_key_id(sigkey).upper() if key_id in head_keys: result.append(key_id) else: raise ValueError("%s key not found in head keys: %s" % (field, key_id)) if len(result) > 1: raise ValueError("More than one key found: %s" % result) if len(result) == 1: return result[0]
def __get_sighdr(self, signed_rpm_path, rpm_path, rpm_info): try: header_fields = koji.get_header_fields(signed_rpm_path, ('siggpg', 'sigpgp')) except rpm.error: raise SigningError("Signing server returned corrupt RPM for %s" % rpm_path) if header_fields['siggpg'] is not None: sigkey = header_fields['siggpg'] elif header_fields['sigpgp'] is not None: sigkey = header_fields['sigpgp'] else: raise SigningError("Signing server returned unsigned RPM for %s" % rpm_path) sigkey = koji.get_sigpacket_key_id(sigkey) sigs = context.handlers.call("queryRPMSigs", rpm_id=rpm_info['id'], sigkey=sigkey) if len(sigs) > 0: raise AlreadySignedError() return koji.rip_rpm_sighdr(signed_rpm_path), sigkey
def _get_rpm_sighdr_sigkey(self, path): """ Read header and sigkey from an RPM. :param path: Path to a RPM package :type path: str :return: (sighdr, sigkey) :rtype: tuple """ # I/O is expensive, cache RPM headers and sigkeys result = self._get_rpm_sighdr_sigkey_cache.get(path) if result: return result sighdr = koji.rip_rpm_sighdr(path) rawhdr = koji.RawHeader(sighdr) sigpkt = rawhdr.get(koji.RPM_SIGTAG_GPG) if not sigpkt: sigpkt = rawhdr.get(koji.RPM_SIGTAG_PGP) sigkey = "" if sigpkt: sigkey = koji.get_sigpacket_key_id(sigpkt) sigkey = sigkey.lower() result = (sighdr, sigkey) self._get_rpm_sighdr_sigkey_cache[path] = result return result
def rip_sighdr(self, path): sigkey = "" sighdr = koji.rip_rpm_sighdr(path) rawhdr = koji.RawHeader(sighdr) sigpkt = rawhdr.get(koji.RPM_SIGTAG_GPG) if not sigpkt: sigpkt = rawhdr.get(koji.RPM_SIGTAG_PGP) if sigpkt: sigkey = koji.get_sigpacket_key_id(sigpkt) return sighdr, sigkey
def test_scan_sighdr_header_signed(self): """Test _scan_sighdr on a header-only signed package""" rpm_path = os.path.join(self.data_path, 'header-signed.rpm') sighdr = koji.rip_rpm_sighdr(rpm_path) sigmd5, sig = kojihub._scan_sighdr(sighdr, rpm_path) self.assertEqual(koji.hex_string(sigmd5), '1706d0174aa29a5a3e5c60855a778c35') sigkey = koji.get_sigpacket_key_id(sig) self.assertEqual(sigkey, '15f712be')
def get_keys_from_header(hdr): """Extract signing key id from a rpm header. @param hdr: rpm header @type hdr: rpm.hdr @return: signing key id represented as an uppercase hex string @rtype: str """ result = set() for field in head_header_tags + body_header_tags: sigkey = get_header_field(hdr, field, decode=False) if sigkey: result.add(koji.get_sigpacket_key_id(sigkey).upper()) if len(result) > 1: raise ValueError("More than one key found: %s" % result) if len(result) == 1: return result.pop()