1 from zeroinstall
.injector
import gpg
2 import tempfile
, os
, base64
4 def check_signature(path
):
5 data
= file(path
).read()
6 xml_comment
= data
.rfind('\n<!-- Base64 Signature')
8 data_stream
, sigs
= gpg
.check_stream(file(path
))
10 data
= data
[:xml_comment
+ 1]
12 elif data
.startswith('BEGIN'):
13 data_stream
, sigs
= gpg
.check_stream(file(path
))
15 data
= data_stream
.read()
17 return data
, sign_unsigned
, None
19 if isinstance(sig
, gpg
.ValidSig
):
20 return data
, sign_fn
, sig
.fingerprint
21 raise Exception('No valid signatures found!')
23 def write_tmp(path
, data
):
24 """Create a temporary file in the same directory as 'path' and write data to it."""
25 fd
, tmp
= tempfile
.mkstemp(prefix
= 'tmp-', dir = os
.path
.dirname(path
))
26 stream
= os
.fdopen(fd
, 'w')
31 def run_gpg(default_key
, *arguments
):
32 arguments
= list(arguments
)
33 if default_key
is not None:
34 arguments
= ['--default-key', default_key
] + arguments
35 arguments
.insert(0, 'gpg')
36 if os
.spawnvp(os
.P_WAIT
, 'gpg', arguments
):
37 raise Exception("Command '%s' failed" % arguments
)
39 def sign_unsigned(path
, data
, key
):
40 os
.rename(write_tmp(path
, data
), path
)
42 def sign_plain(path
, data
, key
):
43 tmp
= write_tmp(path
, data
)
45 run_gpg(key
, '--clearsign', tmp
)
49 os
.rename(tmp
+ '.asc', path
)
51 def sign_xml(path
, data
, key
):
52 tmp
= write_tmp(path
, data
)
54 run_gpg(key
, '--detach-sign', tmp
)
58 encoded
= base64
.encodestring(file(tmp
).read())
60 sig
= "<!-- Base64 Signature\n" + encoded
+ "\n-->\n"
61 os
.rename(write_tmp(path
, data
+ sig
), path
)