示例#1
0
def check_signature (sig_filename, data_filename=""):
    fingerprint = None

    keyrings = [
        "/home/joerg/keyring/keyrings/debian-keyring.gpg",
        "/home/joerg/keyring/keyrings/debian-maintainers.gpg",
        "/home/joerg/keyring/keyrings/debian-role-keys.gpg",
        "/home/joerg/keyring/keyrings/emeritus-keyring.pgp",
        "/home/joerg/keyring/keyrings/emeritus-keyring.gpg",
        "/home/joerg/keyring/keyrings/removed-keys.gpg",
        "/home/joerg/keyring/keyrings/removed-keys.pgp"
        ]

    keyringargs = " ".join(["--keyring %s" % x for x in keyrings ])

    # Build the command line
    status_read, status_write = os.pipe()
    cmd = "gpgv --status-fd %s %s %s" % (status_write, keyringargs, sig_filename)

    # Invoke gpgv on the file
    (output, status, exit_status) = gpgv_get_status_output(cmd, status_read, status_write)

    # Process the status-fd output
    (keywords, internal_error) = process_gpgv_output(status)

    # If we failed to parse the status-fd output, let's just whine and bail now
    if internal_error:
        warn("Couldn't parse signature")
        return None

    # usually one would check for bad things here. We, however, do not care.

    # Next check gpgv exited with a zero return code
    if exit_status:
        warn("Couldn't parse signature")
        return None

    # Sanity check the good stuff we expect
    if not keywords.has_key("VALIDSIG"):
        warn("Couldn't parse signature")
    else:
        args = keywords["VALIDSIG"]
        if len(args) < 1:
            warn("Couldn't parse signature")
        else:
            fingerprint = args[0]

    return fingerprint
示例#2
0
def check_signature(sig_filename, data_filename=""):
    keyrings = [
        "/home/joerg/keyring/keyrings/debian-keyring.gpg",
        "/home/joerg/keyring/keyrings/debian-maintainers.gpg",
        "/home/joerg/keyring/keyrings/debian-role-keys.gpg",
        "/home/joerg/keyring/keyrings/emeritus-keyring.pgp",
        "/home/joerg/keyring/keyrings/emeritus-keyring.gpg",
        "/home/joerg/keyring/keyrings/removed-keys.gpg",
        "/home/joerg/keyring/keyrings/removed-keys.pgp"
    ]

    keyringargs = " ".join(["--keyring %s" % x for x in keyrings])

    # Build the command line
    status_read, status_write = os.pipe()
    cmd = "gpgv --status-fd %s %s %s" % (status_write, keyringargs,
                                         sig_filename)

    # Invoke gpgv on the file
    (output, status,
     exit_status) = gpgv_get_status_output(cmd, status_read, status_write)

    # Process the status-fd output
    (keywords, internal_error) = process_gpgv_output(status)

    # If we failed to parse the status-fd output, let's just whine and bail now
    if internal_error:
        warn("Couldn't parse signature")
        return None

    # usually one would check for bad things here. We, however, do not care.

    # Next check gpgv exited with a zero return code
    if exit_status:
        warn("Couldn't parse signature")
        return None

    # Sanity check the good stuff we expect
    if not keywords.has_key("VALIDSIG"):
        warn("Couldn't parse signature")
    else:
        args = keywords["VALIDSIG"]
        if len(args) < 1:
            warn("Couldn't parse signature")
        else:
            fingerprint = args[0]

    return fingerprint
 def assertParse(self, input, output):
     self.assertEqual(process_gpgv_output(input)[0], output)
 def assertNotParse(self, input):
     ret = process_gpgv_output(input)
     self.assertNotEqual(len(ret[1]), 0)