OLD | NEW |
| (Empty) |
1 # Copyright 2012 the V8 project authors. All rights reserved. | |
2 # Redistribution and use in source and binary forms, with or without | |
3 # modification, are permitted provided that the following conditions are | |
4 # met: | |
5 # | |
6 # * Redistributions of source code must retain the above copyright | |
7 # notice, this list of conditions and the following disclaimer. | |
8 # * Redistributions in binary form must reproduce the above | |
9 # copyright notice, this list of conditions and the following | |
10 # disclaimer in the documentation and/or other materials provided | |
11 # with the distribution. | |
12 # * Neither the name of Google Inc. nor the names of its | |
13 # contributors may be used to endorse or promote products derived | |
14 # from this software without specific prior written permission. | |
15 # | |
16 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
17 # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
18 # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | |
19 # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | |
20 # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
21 # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | |
22 # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
23 # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
24 # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
25 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
26 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
27 | |
28 | |
29 import base64 | |
30 import os | |
31 import subprocess | |
32 | |
33 | |
34 def ReadFileAndSignature(filename): | |
35 with open(filename, "rb") as f: | |
36 file_contents = base64.b64encode(f.read()) | |
37 signature_file = filename + ".signature" | |
38 if (not os.path.exists(signature_file) or | |
39 os.path.getmtime(signature_file) < os.path.getmtime(filename)): | |
40 private_key = "~/.ssh/v8_dtest" | |
41 code = subprocess.call("openssl dgst -out %s -sign %s %s" % | |
42 (signature_file, private_key, filename), | |
43 shell=True) | |
44 if code != 0: return [None, code] | |
45 with open(signature_file) as f: | |
46 signature = base64.b64encode(f.read()) | |
47 return [file_contents, signature] | |
48 | |
49 | |
50 def VerifySignature(filename, file_contents, signature, pubkeyfile): | |
51 with open(filename, "wb") as f: | |
52 f.write(base64.b64decode(file_contents)) | |
53 signature_file = filename + ".foreign_signature" | |
54 with open(signature_file, "wb") as f: | |
55 f.write(base64.b64decode(signature)) | |
56 code = subprocess.call("openssl dgst -verify %s -signature %s %s" % | |
57 (pubkeyfile, signature_file, filename), | |
58 shell=True) | |
59 matched = (code == 0) | |
60 if not matched: | |
61 os.remove(signature_file) | |
62 os.remove(filename) | |
63 return matched | |
OLD | NEW |