summaryrefslogtreecommitdiffstats
path: root/meta/lib/oe/gpg_sign.py
diff options
context:
space:
mode:
authorMarkus Lehtonen <markus.lehtonen@linux.intel.com>2016-02-10 16:15:58 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-02-19 01:01:25 +0000
commitdb7c7c2eceda534d0205c6d4eaf09fd192193fb7 (patch)
tree3184609dd0a6f130306b83d0ab10654a66aa5c9b /meta/lib/oe/gpg_sign.py
parente845b75f8fc718765158a858cfe904c575315f45 (diff)
downloadpoky-db7c7c2eceda534d0205c6d4eaf09fd192193fb7.tar.gz
oe/gpg_sign: add 'passphrase' argument to detach_sign method
This allows directly giving the passphrase, instead of reading from a file. [YOCTO #9006] (From OE-Core rev: fd55c6e86b38b33f62006324e73678a13a534220) Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/lib/oe/gpg_sign.py')
-rw-r--r--meta/lib/oe/gpg_sign.py30
1 files changed, 20 insertions, 10 deletions
diff --git a/meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py
index c4cadd6a24..ada1b2f408 100644
--- a/meta/lib/oe/gpg_sign.py
+++ b/meta/lib/oe/gpg_sign.py
@@ -50,20 +50,30 @@ class LocalSigner(object):
50 bb.error('rpmsign failed: %s' % proc.before.strip()) 50 bb.error('rpmsign failed: %s' % proc.before.strip())
51 raise bb.build.FuncFailed("Failed to sign RPM packages") 51 raise bb.build.FuncFailed("Failed to sign RPM packages")
52 52
53 def detach_sign(self, input_file, keyid, passphrase_file, armor=True): 53 def detach_sign(self, input_file, keyid, passphrase_file, passphrase=None, armor=True):
54 """Create a detached signature of a file""" 54 """Create a detached signature of a file"""
55 cmd = "%s --detach-sign --batch --no-tty --yes " \ 55 import subprocess
56 "--passphrase-file '%s' -u '%s' " % \ 56
57 (self.gpg_bin, passphrase_file, keyid) 57 if passphrase_file and passphrase:
58 raise Exception("You should use either passphrase_file of passphrase, not both")
59
60 cmd = [self.gpg_bin, '--detach-sign', '--batch', '--no-tty', '--yes',
61 '-u', keyid]
62 if passphrase_file:
63 cmd += ['--passphrase-file', passphrase_file]
64 else:
65 cmd += ['--passphrase-fd', '0']
58 if self.gpg_path: 66 if self.gpg_path:
59 cmd += "--homedir %s " % self.gpg_path 67 cmd += ['--homedir', self.gpg_path]
60 if armor: 68 if armor:
61 cmd += "--armor " 69 cmd += ['--armor']
62 cmd += input_file 70 cmd.append(input_file)
63 status, output = oe.utils.getstatusoutput(cmd) 71 job = subprocess.Popen(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE,
64 if status: 72 stderr=subprocess.PIPE)
73 _, stderr = job.communicate(passphrase)
74 if job.returncode:
65 raise bb.build.FuncFailed("Failed to create signature for '%s': %s" % 75 raise bb.build.FuncFailed("Failed to create signature for '%s': %s" %
66 (input_file, output)) 76 (input_file, stderr))
67 77
68 def verify(self, sig_file): 78 def verify(self, sig_file):
69 """Verify signature""" 79 """Verify signature"""