import itertools
import shutil
import tempfile
from glob import glob
from twisted.internet.utils import getProcessOutputAndValue
class InvalidGPGSignature(Exception):
"""Raised when the gpg signature for a given file is invalid."""
def gpg_verify(filename, signature, gpg="/usr/bin/gpg", apt_dir="/etc/apt"):
"""Verify the GPG signature of a file.
@param filename: Path to the file to verify the signature against.
@param signature: Path to signature to use.
@param gpg: Optionally, path to the GPG binary to use.
@param apt_dir: Optionally, path to apt trusted keyring.
@return: a C{Deferred} resulting in C{True} if the signature is
valid, C{False} otherwise.
"""
def remove_gpg_home(ignored):
shutil.rmtree(gpg_home)
return ignored
def check_gpg_exit_code(args):
out, err, code = args
# We want a nice error message with Python 3 as well, so decode the
# bytes here.
out, err = out.decode("ascii"), err.decode("ascii")
if code != 0:
raise InvalidGPGSignature("%s failed (out='%s', err='%s', "
"code='%d')" % (gpg, out, err, code))
gpg_home = tempfile.mkdtemp()
keyrings = tuple(itertools.chain(*[
("--keyring", keyring)
for keyring in sorted(
glob("{}/trusted.gpg".format(apt_dir)) +
glob("{}/trusted.gpg.d/*.gpg".format(apt_dir))
)
]))
args = (
"--no-options", "--homedir", gpg_home, "--no-default-keyring",
"--ignore-time-conflict"
) + keyrings + ("--verify", signature, filename)
result = getProcessOutputAndValue(gpg, args=args)
result.addBoth(remove_gpg_home)
result.addCallback(check_gpg_exit_code)
return result
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| __pycache__ | Folder | 0755 |
|
|
| apt | Folder | 0755 |
|
|
| __init__.py | File | 198 B | 0644 |
|
| amp.py | File | 21.24 KB | 0644 |
|
| bootstrap.py | File | 1.38 KB | 0644 |
|
| bpickle.py | File | 6.31 KB | 0644 |
|
| cli.py | File | 440 B | 0644 |
|
| cloud.py | File | 1.67 KB | 0644 |
|
| compat.py | File | 564 B | 0644 |
|
| config.py | File | 12.15 KB | 0644 |
|
| disk.py | File | 4.97 KB | 0644 |
|
| encoding.py | File | 545 B | 0644 |
|
| fd.py | File | 751 B | 0644 |
|
| fetch.py | File | 6.49 KB | 0644 |
|
| format.py | File | 959 B | 0644 |
|
| fs.py | File | 3.55 KB | 0644 |
|
| gpg.py | File | 1.75 KB | 0644 |
|
| hashlib.py | File | 264 B | 0644 |
|
| jiffies.py | File | 1.58 KB | 0644 |
|
| juju.py | File | 860 B | 0644 |
|
| lock.py | File | 705 B | 0644 |
|
| log.py | File | 484 B | 0644 |
|
| logging.py | File | 2.47 KB | 0644 |
|
| lsb_release.py | File | 893 B | 0644 |
|
| message.py | File | 1.91 KB | 0644 |
|
| monitor.py | File | 6.13 KB | 0644 |
|
| network.py | File | 8.91 KB | 0644 |
|
| persist.py | File | 20.5 KB | 0644 |
|
| plugin.py | File | 1.75 KB | 0644 |
|
| process.py | File | 6.45 KB | 0644 |
|
| reactor.py | File | 8.61 KB | 0644 |
|
| schema.py | File | 5.97 KB | 0644 |
|
| scriptcontent.py | File | 522 B | 0644 |
|
| sequenceranges.py | File | 5.59 KB | 0644 |
|
| store.py | File | 1.38 KB | 0644 |
|
| sysstats.py | File | 6.94 KB | 0644 |
|
| tag.py | File | 505 B | 0644 |
|
| testing.py | File | 24.08 KB | 0644 |
|
| timestamp.py | File | 233 B | 0644 |
|
| twisted_util.py | File | 4.37 KB | 0644 |
|
| user.py | File | 1.44 KB | 0644 |
|
| versioning.py | File | 1.24 KB | 0644 |
|
| vm_info.py | File | 3.2 KB | 0644 |
|
| warning.py | File | 394 B | 0644 |
|