mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-09 05:29:32 +00:00
Code Issues Projects Releases Wiki Activity

oe/gpg_sign: add 'passphrase' argument to detach_sign method

Browse Source 
This allows directly giving the passphrase, instead of reading from a
file.

[YOCTO #9006]

(From OE-Core rev: fd55c6e86b38b33f62006324e73678a13a534220)

Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Markus Lehtonen
2016-02-10 16:15:58 +02:00
committed by Richard Purdie
parent e845b75f8f
commit db7c7c2ece
1 changed files with 20 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/lib/oe/gpg_sign.py
+20 -10
View File
@@ -50,20 +50,30 @@ class LocalSigner(object):
bb.error('rpmsign failed: %s' % proc.before.strip()) bb.error('rpmsign failed: %s' % proc.before.strip())
raise bb.build.FuncFailed("Failed to sign RPM packages") raise bb.build.FuncFailed("Failed to sign RPM packages")
def detach_sign(self, input_file, keyid, passphrase_file, armor=True): def detach_sign(self, input_file, keyid, passphrase_file, passphrase=None, armor=True):
"""Create a detached signature of a file""" """Create a detached signature of a file"""
cmd = "%s --detach-sign --batch --no-tty --yes " \ import subprocess
"--passphrase-file '%s' -u '%s' " % \
(self.gpg_bin, passphrase_file, keyid) if passphrase_file and passphrase:
raise Exception("You should use either passphrase_file of passphrase, not both")
cmd = [self.gpg_bin, '--detach-sign', '--batch', '--no-tty', '--yes',
'-u', keyid]
if passphrase_file:
cmd += ['--passphrase-file', passphrase_file]
else:
cmd += ['--passphrase-fd', '0']
if self.gpg_path: if self.gpg_path:
cmd += "--homedir %s " % self.gpg_path cmd += ['--homedir', self.gpg_path]
if armor: if armor:
cmd += "--armor " cmd += ['--armor']
cmd += input_file cmd.append(input_file)
status, output = oe.utils.getstatusoutput(cmd) job = subprocess.Popen(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE,
if status: stderr=subprocess.PIPE)
_, stderr = job.communicate(passphrase)
if job.returncode:
raise bb.build.FuncFailed("Failed to create signature for '%s': %s" % raise bb.build.FuncFailed("Failed to create signature for '%s': %s" %
(input_file, output)) (input_file, stderr))
def verify(self, sig_file): def verify(self, sig_file):
"""Verify signature""" """Verify signature"""