/brz/remove-bazaar

To get this branch, use:
bzr branch http://gegoxaren.bato24.eu/bzr/brz/remove-bazaar

« back to all changes in this revision

Viewing changes to breezy/gpg.py

  • Committer: Jelmer Vernooij
  • Date: 2018-11-17 00:47:52 UTC
  • mfrom: (7182 work)
  • mto: This revision was merged to the branch mainline in revision 7305.
  • Revision ID: jelmer@jelmer.uk-20181117004752-6ywampe5pfywlby4
Merge trunk.

Show diffs side-by-side

added added

removed removed

Lines of Context:
breezy/gpg.py
20
20
from __future__ import absolute_import
21
21
 
22
22
import os
23
 
import sys
24
23
 
25
24
from breezy.lazy_import import lazy_import
26
25
lazy_import(globals(), """
27
 
import errno
28
 
import subprocess
29
 
 
30
26
from breezy import (
31
27
    config,
32
28
    trace,
45
41
    text_type,
46
42
    )
47
43
 
48
 
#verification results
 
44
# verification results
49
45
SIGNATURE_VALID = 0
50
46
SIGNATURE_KEY_MISSING = 1
51
47
SIGNATURE_NOT_VALID = 2
82
78
 
83
79
 
84
80
def bulk_verify_signatures(repository, revids, strategy,
85
 
        process_events_callback=None):
 
81
                           process_events_callback=None):
86
82
    """Do verifications on a set of revisions
87
83
 
88
84
    :param repository: repository object
151
147
        """Real strategies take a configuration."""
152
148
 
153
149
    def sign(self, content, mode):
154
 
        return (b"-----BEGIN PSEUDO-SIGNED CONTENT-----\n" + content +
155
 
                b"-----END PSEUDO-SIGNED CONTENT-----\n")
 
150
        return (b"-----BEGIN PSEUDO-SIGNED CONTENT-----\n" + content
 
151
                + b"-----END PSEUDO-SIGNED CONTENT-----\n")
156
152
 
157
153
    def verify(self, signed_data, signature=None):
158
 
        plain_text = signed_data.replace(b"-----BEGIN PSEUDO-SIGNED CONTENT-----\n", b"")
159
 
        plain_text = plain_text.replace(b"-----END PSEUDO-SIGNED CONTENT-----\n", b"")
 
154
        plain_text = signed_data.replace(
 
155
            b"-----BEGIN PSEUDO-SIGNED CONTENT-----\n", b"")
 
156
        plain_text = plain_text.replace(
 
157
            b"-----END PSEUDO-SIGNED CONTENT-----\n", b"")
160
158
        return SIGNATURE_VALID, None, plain_text
161
159
 
162
160
    def set_acceptable_keys(self, command_line_input):
195
193
            self.context = gpg.Context()
196
194
            self.context.armor = True
197
195
            self.context.signers = self._get_signing_keys()
198
 
        except ImportError as error:
199
 
            pass # can't use verify()
 
196
        except ImportError:
 
197
            pass  # can't use verify()
200
198
 
201
199
    def _get_signing_keys(self):
202
200
        import gpg
210
208
        if keyname is None or keyname == 'default':
211
209
            # 'default' or not setting gpg_signing_key at all means we should
212
210
            # use the user email address
213
 
            keyname = config.extract_email_address(self._config_stack.get('email'))
 
211
            keyname = config.extract_email_address(
 
212
                self._config_stack.get('email'))
214
213
        possible_keys = self.context.keylist(keyname, secret=True)
215
214
        try:
216
215
            return [next(possible_keys)]
225
224
        :return: boolean if this strategy can verify signatures
226
225
        """
227
226
        try:
228
 
            import gpg
 
227
            import gpg  # noqa: F401
229
228
            return True
230
 
        except ImportError as error:
 
229
        except ImportError:
231
230
            return False
232
231
 
233
232
    def sign(self, content, mode):
269
268
        except gpg.errors.BadSignatures as error:
270
269
            fingerprint = error.result.signatures[0].fpr
271
270
            if error.result.signatures[0].summary & gpg.constants.SIGSUM_KEY_EXPIRED:
272
 
                expires = self.context.get_key(error.result.signatures[0].fpr).subkeys[0].expires
 
271
                expires = self.context.get_key(
 
272
                    error.result.signatures[0].fpr).subkeys[0].expires
273
273
                if expires > error.result.signatures[0].timestamp:
274
274
                    # The expired key was not expired at time of signing.
275
275
                    # test_verify_expired_but_valid()
281
281
 
282
282
            # GPG does not know this key.
283
283
            # test_verify_unknown_key()
284
 
            if error.result.signatures[0].summary & gpg.constants.SIGSUM_KEY_MISSING:
 
284
            if (error.result.signatures[0].summary &
 
285
                    gpg.constants.SIGSUM_KEY_MISSING):
285
286
                return SIGNATURE_KEY_MISSING, fingerprint[-8:], None
286
287
 
287
288
            return SIGNATURE_NOT_VALID, None, None
297
298
        # it.  test_verify_unacceptable_key()
298
299
        fingerprint = result.signatures[0].fpr
299
300
        if self.acceptable_keys is not None:
300
 
            if not fingerprint in self.acceptable_keys:
 
301
            if fingerprint not in self.acceptable_keys:
301
302
                return SIGNATURE_KEY_MISSING, fingerprint[-8:], plain_output
302
303
        # Yay gpg set the valid bit.
303
304
        # Can't write a test for this one as you can't set a key to be
306
307
            key = self.context.get_key(fingerprint)
307
308
            name = key.uids[0].name
308
309
            email = key.uids[0].email
309
 
            return SIGNATURE_VALID, name.decode('utf-8') + u" <" + email.decode('utf-8') + u">", plain_output
 
310
            return (
 
311
                SIGNATURE_VALID,
 
312
                name.decode('utf-8') + u" <" + email.decode('utf-8') + u">",
 
313
                plain_output)
310
314
        # Sigsum_red indicates a problem, unfortunatly I have not been able
311
315
        # to write any tests which actually set this.
312
316
        if result.signatures[0].summary & gpg.constants.SIGSUM_RED:
313
317
            return SIGNATURE_NOT_VALID, None, plain_output
314
318
        # Summary isn't set if sig is valid but key is untrusted but if user
315
319
        # has explicity set the key as acceptable we can validate it.
316
 
        if result.signatures[0].summary == 0 and self.acceptable_keys is not None:
 
320
        if (result.signatures[0].summary == 0 and
 
321
                self.acceptable_keys is not None):
317
322
            if fingerprint in self.acceptable_keys:
318
323
                # test_verify_untrusted_but_accepted()
319
324
                return SIGNATURE_VALID, None, plain_output
336
341
        acceptable_keys_config = self._config_stack.get('acceptable_keys')
337
342
        if acceptable_keys_config is not None:
338
343
            patterns = acceptable_keys_config
339
 
        if command_line_input is not None: # command line overrides config
 
344
        if command_line_input is not None:  # command line overrides config
340
345
            patterns = command_line_input.split(',')
341
346
 
342
347
        if patterns:
350
355
                    trace.mutter("Added acceptable key: " + key.subkeys[0].fpr)
351
356
                if not found_key:
352
357
                    trace.note(gettext(
353
 
                            "No GnuPG key results for pattern: {0}"
354
 
                                ).format(pattern))
 
358
                        "No GnuPG key results for pattern: {0}"
 
359
                        ).format(pattern))
355
360
 
356
361
 
357
362
def valid_commits_message(count):
358
363
    """returns message for number of commits"""
359
364
    return gettext(u"{0} commits with valid signatures").format(
360
 
                                    count[SIGNATURE_VALID])
 
365
        count[SIGNATURE_VALID])
361
366
 
362
367
 
363
368
def unknown_key_message(count):
365
370
    return ngettext(u"{0} commit with unknown key",
366
371
                    u"{0} commits with unknown keys",
367
372
                    count[SIGNATURE_KEY_MISSING]).format(
368
 
                                    count[SIGNATURE_KEY_MISSING])
 
373
        count[SIGNATURE_KEY_MISSING])
369
374
 
370
375
 
371
376
def commit_not_valid_message(count):
373
378
    return ngettext(u"{0} commit not valid",
374
379
                    u"{0} commits not valid",
375
380
                    count[SIGNATURE_NOT_VALID]).format(
376
 
                                        count[SIGNATURE_NOT_VALID])
 
381
        count[SIGNATURE_NOT_VALID])
377
382
 
378
383
 
379
384
def commit_not_signed_message(count):
381
386
    return ngettext(u"{0} commit not signed",
382
387
                    u"{0} commits not signed",
383
388
                    count[SIGNATURE_NOT_SIGNED]).format(
384
 
                                    count[SIGNATURE_NOT_SIGNED])
 
389
        count[SIGNATURE_NOT_SIGNED])
385
390
 
386
391
 
387
392
def expired_commit_message(count):
389
394
    return ngettext(u"{0} commit with key now expired",
390
395
                    u"{0} commits with key now expired",
391
396
                    count[SIGNATURE_EXPIRED]).format(
392
 
                                count[SIGNATURE_EXPIRED])
 
397
        count[SIGNATURE_EXPIRED])
393
398
 
394
399
 
395
400
def verbose_expired_key_message(result, repo):
422
427
            signers[uid] += 1
423
428
    result = []
424
429
    for uid, number in signers.items():
425
 
         result.append(ngettext(u"{0} signed {1} commit",
426
 
                                u"{0} signed {1} commits",
427
 
                                number).format(uid, number))
 
430
        result.append(ngettext(u"{0} signed {1} commit",
 
431
                               u"{0} signed {1} commits",
 
432
                               number).format(uid, number))
428
433
    return result
429
434
 
430
435