~bzr-pqm/bzr/bzr.dev : contents of bzrlib/gpg.py at revision 1740.2.1

~bzr-pqm/bzr/bzr.dev : (revision 1740.2.1)

# Copyright (C) 2005 by Canonical Ltd
#   Authors: Robert Collins <robert.collins@canonical.com>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

"""GPG signing and checking logic."""

import errno
import subprocess

import bzrlib.errors as errors

class DisabledGPGStrategy(object):
    """A GPG Strategy that makes everything fail."""

    def __init__(self, ignored):
        """Real strategies take a configuration."""

    def sign(self, content):
        raise errors.SigningFailed('Signing is disabled.')


class LoopbackGPGStrategy(object):
    """A GPG Strategy that acts like 'cat' - data is just passed through."""

    def __init__(self, ignored):
        """Real strategies take a configuration."""

    def sign(self, content):
        return content


class GPGStrategy(object):
    """GPG Signing and checking facilities."""
        
    def _command_line(self):
        return [self._config.gpg_signing_command(), '--clearsign']

    def __init__(self, config):
        self._config = config

    def sign(self, content):
        try:
            process = subprocess.Popen(self._command_line(),
                                       stdin=subprocess.PIPE,
                                       stdout=subprocess.PIPE)
            try:
                result = process.communicate(content)[0]
                if process.returncode is None:
                    process.wait()
                if process.returncode != 0:
                    raise errors.SigningFailed(self._command_line())
                return result
            except OSError, e:
                if e.errno == errno.EPIPE:
                    raise errors.SigningFailed(self._command_line())
                else:
                    raise
        except ValueError:
            # bad subprocess parameters, should never happen.
            raise
        except OSError, e:
            if e.errno == errno.ENOENT:
                # gpg is not installed
                raise errors.SigningFailed(self._command_line())
            else:
                raise

1442.1.57 by Robert Collins check that we get the right command line from the default gpg strategy.	1	# Copyright (C) 2005 by Canonical Ltd
	2	# Authors: Robert Collins <robert.collins@canonical.com>
	3	#
	4	# This program is free software; you can redistribute it and/or modify
	5	# it under the terms of the GNU General Public License as published by
	6	# the Free Software Foundation; either version 2 of the License, or
	7	# (at your option) any later version.
	8	#
	9	# This program is distributed in the hope that it will be useful,
	10	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	# GNU General Public License for more details.
	13	#
	14	# You should have received a copy of the GNU General Public License
	15	# along with this program; if not, write to the Free Software
	16	# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
	17
	18	"""GPG signing and checking logic."""
	19
1442.1.58 by Robert Collins gpg signing of content	20	import errno
1442.1.57 by Robert Collins check that we get the right command line from the default gpg strategy.	21	import subprocess
	22
1442.1.58 by Robert Collins gpg signing of content	23	import bzrlib.errors as errors
1442.1.57 by Robert Collins check that we get the right command line from the default gpg strategy.	24
1442.1.62 by Robert Collins Allow creation of testaments from uncommitted data, and use that to get signatures before committing revisions.	25	class DisabledGPGStrategy(object):
	26	"""A GPG Strategy that makes everything fail."""
	27
	28	def __init__(self, ignored):
	29	"""Real strategies take a configuration."""
	30
	31	def sign(self, content):
	32	raise errors.SigningFailed('Signing is disabled.')
	33
	34
1442.1.59 by Robert Collins Add re-sign command to generate a digital signature on a single revision.	35	class LoopbackGPGStrategy(object):
1442.1.62 by Robert Collins Allow creation of testaments from uncommitted data, and use that to get signatures before committing revisions.	36	"""A GPG Strategy that acts like 'cat' - data is just passed through."""
1442.1.59 by Robert Collins Add re-sign command to generate a digital signature on a single revision.	37
	38	def __init__(self, ignored):
	39	"""Real strategies take a configuration."""
	40
	41	def sign(self, content):
	42	return content
	43
	44
1442.1.57 by Robert Collins check that we get the right command line from the default gpg strategy.	45	class GPGStrategy(object):
	46	"""GPG Signing and checking facilities."""
	47
	48	def _command_line(self):
1185.78.4 by John Arbash Meinel Reverting gpg changes, should not be mainline, see gpg_uses_tempfile plugin.	49	return [self._config.gpg_signing_command(), '--clearsign']
1442.1.57 by Robert Collins check that we get the right command line from the default gpg strategy.	50
	51	def __init__(self, config):
	52	self._config = config
1442.1.58 by Robert Collins gpg signing of content	53
	54	def sign(self, content):
	55	try:
1185.78.4 by John Arbash Meinel Reverting gpg changes, should not be mainline, see gpg_uses_tempfile plugin.	56	process = subprocess.Popen(self._command_line(),
	57	stdin=subprocess.PIPE,
1442.1.58 by Robert Collins gpg signing of content	58	stdout=subprocess.PIPE)
1442.1.58 by Robert Collins gpg signing of content	59	try:
1185.78.4 by John Arbash Meinel Reverting gpg changes, should not be mainline, see gpg_uses_tempfile plugin.	60	result = process.communicate(content)[0]
1442.1.58 by Robert Collins gpg signing of content	61	if process.returncode is None:
	62	process.wait()
	63	if process.returncode != 0:
1185.78.4 by John Arbash Meinel Reverting gpg changes, should not be mainline, see gpg_uses_tempfile plugin.	64	raise errors.SigningFailed(self._command_line())
1442.1.58 by Robert Collins gpg signing of content	65	return result
1442.1.59 by Robert Collins Add re-sign command to generate a digital signature on a single revision.	66	except OSError, e:
1442.1.58 by Robert Collins gpg signing of content	67	if e.errno == errno.EPIPE:
1185.78.4 by John Arbash Meinel Reverting gpg changes, should not be mainline, see gpg_uses_tempfile plugin.	68	raise errors.SigningFailed(self._command_line())
1442.1.59 by Robert Collins Add re-sign command to generate a digital signature on a single revision.	69	else:
	70	raise
1442.1.58 by Robert Collins gpg signing of content	71	except ValueError:
	72	# bad subprocess parameters, should never happen.
	73	raise
	74	except OSError, e:
	75	if e.errno == errno.ENOENT:
	76	# gpg is not installed
1185.78.4 by John Arbash Meinel Reverting gpg changes, should not be mainline, see gpg_uses_tempfile plugin.	77	raise errors.SigningFailed(self._command_line())
1442.1.58 by Robert Collins gpg signing of content	78	else:
1442.1.58 by Robert Collins gpg signing of content	79	raise