def testVerifySig(self):
rpmName = "tmpwatch-2.9.7-1.1.el5.2.x86_64.rpm"
rpmPath = os.path.join(self.archiveDir, rpmName)
fileObj = file(rpmPath)
header = rpmhelper.readHeader(fileObj)
from conary.lib import openpgpfile
sig = openpgpfile.readSignature(header[rpmhelper.SIG_GPG])
fileObj.seek(0)
rpmhelper.readSignatureHeader(fileObj)
k = openpgpfile.getKeyFromString("E8562897", openpgpfile.parseAsciiArmorKey(pgpKeyCentos))
rpmhelper.verifySignatures(fileObj, [k])
# Similar deal, fileObj is an ExtendedFile
fileObj = util.ExtendedFile(rpmPath, buffering=False)
rpmhelper.verifySignatures(fileObj, [k])
# Finally, StringIO
fileObj.seek(0)
fileObj = StringIO.StringIO(fileObj.read())
rpmhelper.verifySignatures(fileObj, [k])
# Replace last byte
fileObj = StringIO.StringIO(fileObj.getvalue()[:-1])
fileObj.seek(0, 2)
fileObj.write("\xff")
fileObj.seek(0)
e = self.assertRaises(rpmhelper.MD5SignatureError, rpmhelper.verifySignatures, fileObj, [k])
self.assertEqual(
str(e),
"The MD5 digest fails to verify: "
"expected 6cc7c546c3a5de90bb272b11be2f3d67, got 744d88f4164ec2974b49839a69ea589d",
)
def testVerifySig(self):
rpmName = 'tmpwatch-2.9.7-1.1.el5.2.x86_64.rpm'
rpmPath = os.path.join(self.archiveDir, rpmName)
fileObj = file(rpmPath)
header = rpmhelper.readHeader(fileObj)
from conary.lib import openpgpfile
sig = openpgpfile.readSignature(header[rpmhelper.SIG_GPG])
fileObj.seek(0)
rpmhelper.readSignatureHeader(fileObj)
k = openpgpfile.getKeyFromString(
'E8562897', openpgpfile.parseAsciiArmorKey(pgpKeyCentos))
rpmhelper.verifySignatures(fileObj, [k])
# Similar deal, fileObj is an ExtendedFile
fileObj = util.ExtendedFile(rpmPath, buffering=False)
rpmhelper.verifySignatures(fileObj, [k])
# Finally, StringIO
fileObj.seek(0)
fileObj = StringIO.StringIO(fileObj.read())
rpmhelper.verifySignatures(fileObj, [k])
# Replace last byte
fileObj = StringIO.StringIO(fileObj.getvalue()[:-1])
fileObj.seek(0, 2)
fileObj.write("\xff")
fileObj.seek(0)
e = self.assertRaises(rpmhelper.MD5SignatureError,
rpmhelper.verifySignatures, fileObj, [k])
self.assertEqual(
str(e), 'The MD5 digest fails to verify: '
'expected 6cc7c546c3a5de90bb272b11be2f3d67, got 744d88f4164ec2974b49839a69ea589d'
)
def getPublicKey(self, keyId, label = None, warn=False):
if keyId in self.publicDict:
return self.publicDict[keyId]
keyTable = self.keyTable()
if self.keyTable is None:
raise openpgpkey.KeyNotFound(keyId, "Can't open database")
# get the key data from the database
fingerprint = keyTable.getFingerprint(keyId)
keyData = keyTable.getPGPKeyData(keyId)
# instantiate the key object from the raw key data
key = openpgpfile.getKeyFromString(keyId, keyData)
# populate the cache
# note keys in the repository are always considered fully trusted
self.publicDict[keyId] = openpgpkey.OpenPGPKey(key, key.getCryptoKey(),
openpgpfile.TRUST_FULL)
return self.publicDict[keyId]
def getPublicKey(self, keyId, label=None, warn=False):
if keyId in self.publicDict:
return self.publicDict[keyId]
keyTable = self.keyTable()
if self.keyTable is None:
raise openpgpkey.KeyNotFound(keyId, "Can't open database")
# get the key data from the database
fingerprint = keyTable.getFingerprint(keyId)
keyData = keyTable.getPGPKeyData(keyId)
# instantiate the key object from the raw key data
key = openpgpfile.getKeyFromString(keyId, keyData)
# populate the cache
# note keys in the repository are always considered fully trusted
self.publicDict[keyId] = openpgpkey.OpenPGPKey(key, key.getCryptoKey(),
openpgpfile.TRUST_FULL)
return self.publicDict[keyId]
