def testVerifySig(self):
rpmName = 'tmpwatch-2.9.7-1.1.el5.2.x86_64.rpm'
rpmPath = os.path.join(self.archiveDir, rpmName)
fileObj = file(rpmPath)
header = rpmhelper.readHeader(fileObj)
from conary.lib import openpgpfile
sig = openpgpfile.readSignature(header[rpmhelper.SIG_GPG])
fileObj.seek(0)
rpmhelper.readSignatureHeader(fileObj)
k = openpgpfile.getKeyFromString(
'E8562897', openpgpfile.parseAsciiArmorKey(pgpKeyCentos))
rpmhelper.verifySignatures(fileObj, [k])
# Similar deal, fileObj is an ExtendedFile
fileObj = util.ExtendedFile(rpmPath, buffering=False)
rpmhelper.verifySignatures(fileObj, [k])
# Finally, StringIO
fileObj.seek(0)
fileObj = StringIO.StringIO(fileObj.read())
rpmhelper.verifySignatures(fileObj, [k])
# Replace last byte
fileObj = StringIO.StringIO(fileObj.getvalue()[:-1])
fileObj.seek(0, 2)
fileObj.write("\xff")
fileObj.seek(0)
e = self.assertRaises(rpmhelper.MD5SignatureError,
rpmhelper.verifySignatures, fileObj, [k])
self.assertEqual(
str(e), 'The MD5 digest fails to verify: '
'expected 6cc7c546c3a5de90bb272b11be2f3d67, got 744d88f4164ec2974b49839a69ea589d'
)
def testVerifySig(self):
rpmName = "tmpwatch-2.9.7-1.1.el5.2.x86_64.rpm"
rpmPath = os.path.join(self.archiveDir, rpmName)
fileObj = file(rpmPath)
header = rpmhelper.readHeader(fileObj)
from conary.lib import openpgpfile
sig = openpgpfile.readSignature(header[rpmhelper.SIG_GPG])
fileObj.seek(0)
rpmhelper.readSignatureHeader(fileObj)
k = openpgpfile.getKeyFromString("E8562897", openpgpfile.parseAsciiArmorKey(pgpKeyCentos))
rpmhelper.verifySignatures(fileObj, [k])
# Similar deal, fileObj is an ExtendedFile
fileObj = util.ExtendedFile(rpmPath, buffering=False)
rpmhelper.verifySignatures(fileObj, [k])
# Finally, StringIO
fileObj.seek(0)
fileObj = StringIO.StringIO(fileObj.read())
rpmhelper.verifySignatures(fileObj, [k])
# Replace last byte
fileObj = StringIO.StringIO(fileObj.getvalue()[:-1])
fileObj.seek(0, 2)
fileObj.write("\xff")
fileObj.seek(0)
e = self.assertRaises(rpmhelper.MD5SignatureError, rpmhelper.verifySignatures, fileObj, [k])
self.assertEqual(
str(e),
"The MD5 digest fails to verify: "
"expected 6cc7c546c3a5de90bb272b11be2f3d67, got 744d88f4164ec2974b49839a69ea589d",
)
def _downloadKey(self, keyServer, fingerprint):
print "downloading from %s" % keyServer
opener = transport.URLOpener()
url = "http://%s:11371/pks/lookup?op=get&search=0x%s" % (keyServer, fingerprint)
handle = opener.open(url)
keyData = openpgpfile.parseAsciiArmorKey(handle)
return keyData
def _downloadKey(self, keyServer, fingerprint):
print 'downloading from %s' % keyServer
opener = transport.URLOpener()
url = ('http://%s:11371/pks/lookup?op=get&search=0x%s' %
(keyServer, fingerprint))
handle = opener.open(url)
keyData = openpgpfile.parseAsciiArmorKey(handle)
return keyData
def addKey(cfg, server, user):
client = conaryclient.ConaryClient(cfg)
repos = client.getRepos()
if server is None:
server = cfg.buildLabel.getHost()
if user is None:
user = cfg.user.find(server)[0]
asciiKey = sys.stdin.read()
binaryKey = openpgpfile.parseAsciiArmorKey(asciiKey)
repos.addNewPGPKey(server, user, binaryKey)
def setKey(self, server_name, fingerprint):
if fingerprint not in self.keys:
key = self._getKeyFromKeyServer(fingerprint)
self.keys[fingerprint] = key
else:
print >> sys.stderr, "already cached"
ascii_key = self.keys.get(fingerprint)
binary_key = openpgpfile.parseAsciiArmorKey(ascii_key)
ascii_key.seek(0)
try:
user = self.cfg.user.find(server_name)[0]
except:
print >> sys.stderr, ("could not find user for %s in conary " "configuration" % server_name)
raise
self.client.repos.addNewPGPKey(server_name, user, binary_key)
def setKey(self, server_name, fingerprint):
if fingerprint not in self.keys:
key = self._getKeyFromKeyServer(fingerprint)
self.keys[fingerprint] = key
else:
print >> sys.stderr, 'already cached'
ascii_key = self.keys.get(fingerprint)
binary_key = openpgpfile.parseAsciiArmorKey(ascii_key)
ascii_key.seek(0)
try:
user = self.cfg.user.find(server_name)[0]
except:
print >> sys.stderr, ('could not find user for %s in conary '
'configuration' % server_name)
raise
self.client.repos.addNewPGPKey(server_name, user, binary_key)
def addKey(self, ascii_key):
keyData = openpgpfile.parseAsciiArmorKey(ascii_key)
self.keyring.addKeysAsStrings([keyData])
def addNewAsciiKey(self, userId, asciiData):
keyData = openpgpfile.parseAsciiArmorKey(asciiData)
if not keyData:
raise openpgpfile.IncompatibleKey('Unable to parse ASCII armored key')
self.addNewKey(userId, keyData)
def addKey(self, ascii_key):
keyData = openpgpfile.parseAsciiArmorKey(ascii_key)
self.keyring.addKeysAsStrings([keyData])
def addNewAsciiKey(self, userId, asciiData):
keyData = openpgpfile.parseAsciiArmorKey(asciiData)
if not keyData:
raise openpgpfile.IncompatibleKey(
'Unable to parse ASCII armored key')
self.addNewKey(userId, keyData)
