2 # vi: encoding=utf-8 ts=8 sts=4 sw=4 et
8 from config import sign_key
11 """checks signature from an hdr hand back signature information and/or
13 # yum-3.2.22/rpmUtils/miscutils.py
15 string = '%|DSAHEADER?{%{DSAHEADER:pgpsig}}:{%|RSAHEADER?{%{RSAHEADER:pgpsig}}:{%|SIGGPG?{%{SIGGPG:pgpsig}}:{%|SIGPGP?{%{SIGPGP:pgpsig}}:{(none)}|}|}|}|'
16 siginfo = hdr.sprintf(string)
17 if siginfo == '(none)':
20 return siginfo.split(',')[2].lstrip()
22 def is_signed(rpm_file):
23 """Returns rpm information is package signed by the same key"""
24 # http://code.activestate.com/recipes/306705/
30 ts.setVSFlags(rpm.RPMVSF_NODSAHEADER)
31 fdno = os.open(rpm_file, os.O_RDONLY)
32 hdr = ts.hdrFromFdno(fdno)
35 sigid = getSigInfo(hdr)
39 return sign_key == sigid[-len(sign_key):]
41 def signpkgs(files, password):
42 if not os.path.isfile('/usr/bin/gpg'):
43 raise OSError, 'Missing gnupg binary'
44 if not os.path.isfile('/bin/rpm'):
45 raise OSError, 'Missing rpm binary'
47 os.putenv('LC_ALL', 'C')
48 args = ['--resign', '--define', '_signature gpg', '--define', '_gpg_name ' + sign_key] + files
49 child = pexpect.spawn('/bin/rpm', args)
50 child.logfile_read = sys.stderr
51 child.expect('Enter pass phrase:', timeout=30)
52 child.sendline(password)
53 child.expect(pexpect.EOF, timeout=None)
57 raise OSError, 'package signing failed'