[projects/pld-builder.new.git] / PLD_Builder / gpg.py

# vi: encoding=utf-8 ts=8 sts=4 sw=4 et

import log
import popen2
import re
import StringIO

import util
import pipeutil

def verify_sig(buf):
    """Check signature.
    
    Given email as file-like object, return (signer-emails, signed-body).
    where signer-emails is lists of strings, and signed-body is StringIO
    object.
    """
    (gpg_out, gpg_in, gpg_err) = popen2.popen3("gpg --batch --no-tty --decrypt")
    try:
        body = pipeutil.rw_pipe(buf, gpg_in, gpg_out)
    except OSError:
        log.error("gnupg signing failed; does gpg binary exist?")
        raise

    rx = re.compile("^gpg: (Good signature from|                aka) .*<([^>]+)>")
    emails = []
    for l in gpg_err.xreadlines():
        m = rx.match(l)
        if m:
            emails.append(m.group(2))
    gpg_err.close()
    return (emails, body)

def sign(buf):
    (gpg_out, gpg_in, gpg_err) = popen2.popen3("gpg --batch --no-tty --clearsign")
    try:
        body = pipeutil.rw_pipe(buf, gpg_in, gpg_out)
    except OSError:
        log.error("gnupg signing failed; does gpg binary exist?")
        raise

    gpg_err.close()
    return body
Commit	Line	Data
dfff8bd5 MM	1	# vi: encoding=utf-8 ts=8 sts=4 sw=4 et
dfff8bd5 MM	2
c764c38b	3	import log
f12b80ea MM	4	import popen2
f12b80ea MM	5	import re
94169186	6	import StringIO
f12b80ea	7
4d9b6f71	8	import util
3f446d8f	9	import pipeutil
4d9b6f71	10
94169186	11	def verify_sig(buf):
dfff8bd5 MM	12	"""Check signature.
	13
	14	Given email as file-like object, return (signer-emails, signed-body).
	15	where signer-emails is lists of strings, and signed-body is StringIO
	16	object.
	17	"""
	18	(gpg_out, gpg_in, gpg_err) = popen2.popen3("gpg --batch --no-tty --decrypt")
c764c38b AM	19	try:
	20	body = pipeutil.rw_pipe(buf, gpg_in, gpg_out)
	21	except OSError:
	22	log.error("gnupg signing failed; does gpg binary exist?")
	23	raise
	24
8fe263f9	25	rx = re.compile("^gpg: (Good signature from\| aka) .*<([^>]+)>")
dfff8bd5 MM	26	emails = []
	27	for l in gpg_err.xreadlines():
	28	m = rx.match(l)
	29	if m:
8fe263f9	30	emails.append(m.group(2))
dfff8bd5 MM	31	gpg_err.close()
dfff8bd5 MM	32	return (emails, body)
94169186 MM	33
94169186 MM	34	def sign(buf):
dfff8bd5	35	(gpg_out, gpg_in, gpg_err) = popen2.popen3("gpg --batch --no-tty --clearsign")
c764c38b AM	36	try:
	37	body = pipeutil.rw_pipe(buf, gpg_in, gpg_out)
	38	except OSError:
	39	log.error("gnupg signing failed; does gpg binary exist?")
	40	raise
	41
dfff8bd5 MM	42	gpg_err.close()
dfff8bd5 MM	43	return body