コード例 #1
0
    def _makeSignatures(self, signatures, log=None):
        """Make a sequence of signatures.

        This abstraction is useful in the case where we're using an
        in-process `GPGHandler`, since it avoids having to import the secret
        key more than once.

        :param signatures: A sequence of (input path, output path,
            `SigningMode`, suite) tuples.  Note that some backends may make
            a policy decision not to produce all the requested output paths.
        :param log: An optional logger.
        :return: A list of output paths that were produced.
        """
        if not self.can_sign:
            raise CannotSignArchive("No signing key available for %s" %
                                    self.archive.displayname)

        if self.archive.signing_key is not None:
            secret_key_path = self.getPathForSecretKey(
                self.archive.signing_key)
            with open(secret_key_path) as secret_key_file:
                secret_key_export = secret_key_file.read()
            gpghandler = getUtility(IGPGHandler)
            secret_key = gpghandler.importSecretKey(secret_key_export)

        output_paths = []
        for input_path, output_path, mode, suite in signatures:
            if self.archive.signing_key is not None:
                with open(input_path) as input_file:
                    input_content = input_file.read()
                signature = gpghandler.signContent(input_content,
                                                   secret_key,
                                                   mode=self.gpgme_modes[mode])
                with open(output_path, "w") as output_file:
                    output_file.write(signature)
                output_paths.append(output_path)
            elif find_run_parts_dir(self.archive.distribution.name,
                                    "sign.d") is not None:
                remove_if_exists(output_path)
                env = {
                    "ARCHIVEROOT": self.pubconf.archiveroot,
                    "INPUT_PATH": input_path,
                    "OUTPUT_PATH": output_path,
                    "MODE": mode.name.lower(),
                    "DISTRIBUTION": self.archive.distribution.name,
                    "SUITE": suite,
                }
                run_parts(self.archive.distribution.name,
                          "sign.d",
                          log=log,
                          env=env)
                if os.path.exists(output_path):
                    output_paths.append(output_path)
            else:
                raise AssertionError("No signing key available for %s" %
                                     self.archive.displayname)
        return output_paths
コード例 #2
0
 def can_sign(self):
     """See `ISignableArchive`."""
     return (self.archive.signing_key is not None or find_run_parts_dir(
         self.archive.distribution.name, "sign.d") is not None)
コード例 #3
0
 def test_ignores_none_config(self):
     self.enableRunParts("none")
     self.assertIs(None, find_run_parts_dir("ubuntu", "finalize.d"))
コード例 #4
0
 def test_ignores_nonexistent_directory(self):
     self.enableRunParts()
     self.assertIs(None, find_run_parts_dir("nonexistent", "finalize.d"))
コード例 #5
0
 def test_finds_runparts_directory(self):
     self.enableRunParts()
     self.assertEqual(
         os.path.join(config.root, self.parts_directory, "ubuntu",
                      "finalize.d"),
         find_run_parts_dir("ubuntu", "finalize.d"))