12 return util.filter(data, gpgcmd) |
20 return util.filter(data, gpgcmd) |
13 |
21 |
14 def verify(self, data, sig): |
22 def verify(self, data, sig): |
15 """ returns of the good and bad signatures""" |
23 """ returns of the good and bad signatures""" |
16 try: |
24 try: |
|
25 # create temporary files |
17 fd, sigfile = tempfile.mkstemp(prefix="hggpgsig") |
26 fd, sigfile = tempfile.mkstemp(prefix="hggpgsig") |
18 fp = os.fdopen(fd, 'wb') |
27 fp = os.fdopen(fd, 'wb') |
19 fp.write(sig) |
28 fp.write(sig) |
20 fp.close() |
29 fp.close() |
21 fd, datafile = tempfile.mkstemp(prefix="hggpgdata") |
30 fd, datafile = tempfile.mkstemp(prefix="hggpgdata") |
22 fp = os.fdopen(fd, 'wb') |
31 fp = os.fdopen(fd, 'wb') |
23 fp.write(data) |
32 fp.write(data) |
24 fp.close() |
33 fp.close() |
25 gpgcmd = "%s --logger-fd 1 --status-fd 1 --verify \"%s\" \"%s\"" % (self.path, sigfile, datafile) |
34 gpgcmd = ("%s --logger-fd 1 --status-fd 1 --verify " |
26 #gpgcmd = "%s --status-fd 1 --verify \"%s\" \"%s\"" % (self.path, sigfile, datafile) |
35 "\"%s\" \"%s\"" % (self.path, sigfile, datafile)) |
27 ret = util.filter("", gpgcmd) |
36 ret = util.filter("", gpgcmd) |
28 except: |
37 except: |
29 for f in (sigfile, datafile): |
38 for f in (sigfile, datafile): |
30 try: |
39 try: |
31 if f: os.unlink(f) |
40 if f: os.unlink(f) |
59 if key is not None: |
68 if key is not None: |
60 keys.append(key + [fingerprint]) |
69 keys.append(key + [fingerprint]) |
61 return err, keys |
70 return err, keys |
62 |
71 |
63 def newgpg(ui, **opts): |
72 def newgpg(ui, **opts): |
|
73 """create a new gpg instance""" |
64 gpgpath = ui.config("gpg", "cmd", "gpg") |
74 gpgpath = ui.config("gpg", "cmd", "gpg") |
65 gpgkey = opts.get('key') |
75 gpgkey = opts.get('key') |
66 if not gpgkey: |
76 if not gpgkey: |
67 gpgkey = ui.config("gpg", "key", None) |
77 gpgkey = ui.config("gpg", "key", None) |
68 return gpg(gpgpath, gpgkey) |
78 return gpg(gpgpath, gpgkey) |
|
79 |
|
80 def sigwalk(repo): |
|
81 """ |
|
82 walk over every sigs, yields a couple |
|
83 ((node, version, sig), (filename, linenumber)) |
|
84 """ |
|
85 def parsefile(fileiter, context): |
|
86 ln = 1 |
|
87 for l in fileiter: |
|
88 if not l: |
|
89 continue |
|
90 yield (l.split(" ", 2), (context, ln)) |
|
91 ln +=1 |
|
92 |
|
93 fl = repo.file(".hgsigs") |
|
94 h = fl.heads() |
|
95 h.reverse() |
|
96 # read the heads |
|
97 for r in h: |
|
98 fn = ".hgsigs|%s" % hgnode.short(r) |
|
99 for item in parsefile(fl.read(r).splitlines(), fn): |
|
100 yield item |
|
101 try: |
|
102 # read local signatures |
|
103 fn = "localsigs" |
|
104 for item in parsefile(repo.opener(fn), fn): |
|
105 yield item |
|
106 except IOError: |
|
107 pass |
|
108 |
|
109 def getkeys(ui, repo, mygpg, sigdata, context): |
|
110 """get the keys who signed a data""" |
|
111 fn, ln = context |
|
112 node, version, sig = sigdata |
|
113 prefix = "%s:%d" % (fn, ln) |
|
114 node = hgnode.bin(node) |
|
115 |
|
116 data = node2txt(repo, node, version) |
|
117 sig = binascii.a2b_base64(sig) |
|
118 err, keys = mygpg.verify(data, sig) |
|
119 if err: |
|
120 ui.warn("%s:%d %s\n" % (fn, ln , err)) |
|
121 return None |
|
122 |
|
123 validkeys = [] |
|
124 # warn for expired key and/or sigs |
|
125 for key in keys: |
|
126 if key[0] == "BADSIG": |
|
127 ui.write(_("%s Bad signature from \"%s\"\n") % (prefix, key[2])) |
|
128 continue |
|
129 if key[0] == "EXPSIG": |
|
130 ui.write(_("%s Note: Signature has expired" |
|
131 " (signed by: \"%s\")\n") % (prefix, key[2])) |
|
132 elif key[0] == "EXPKEYSIG": |
|
133 ui.write(_("%s Note: This key has expired" |
|
134 " (signed by: \"%s\")\n") % (prefix, key[2])) |
|
135 validkeys.append((key[1], key[2], key[3])) |
|
136 return validkeys |
|
137 |
|
138 def sigs(ui, repo): |
|
139 """list signed changesets""" |
|
140 mygpg = newgpg(ui) |
|
141 revs = {} |
|
142 |
|
143 for data, context in sigwalk(repo): |
|
144 node, version, sig = data |
|
145 fn, ln = context |
|
146 try: |
|
147 n = repo.lookup(node) |
|
148 except KeyError: |
|
149 ui.warn(_("%s:%d node does not exist\n") % (fn, ln)) |
|
150 continue |
|
151 r = repo.changelog.rev(n) |
|
152 keys = getkeys(ui, repo, mygpg, data, context) |
|
153 if not keys: |
|
154 continue |
|
155 revs.setdefault(r, []) |
|
156 revs[r].extend(keys) |
|
157 nodes = list(revs) |
|
158 nodes.reverse() |
|
159 for r in nodes: |
|
160 for k in revs[r]: |
|
161 r = "%5d:%s" % (r, hgnode.hex(repo.changelog.node(r))) |
|
162 ui.write("%-30s %s\n" % (keystr(ui, k), r)) |
69 |
163 |
70 def check(ui, repo, rev): |
164 def check(ui, repo, rev): |
71 """verify all the signatures there may be for a particular revision""" |
165 """verify all the signatures there may be for a particular revision""" |
72 mygpg = newgpg(ui) |
166 mygpg = newgpg(ui) |
73 rev = repo.lookup(rev) |
167 rev = repo.lookup(rev) |
74 hexrev = hgnode.hex(rev) |
168 hexrev = hgnode.hex(rev) |
75 keys = [] |
169 keys = [] |
76 |
170 |
77 def addsig(fn, ln, l): |
171 for data, context in sigwalk(repo): |
78 if not l: return |
172 node, version, sig = data |
79 n, v, sig = l.split(" ", 2) |
173 if node == hexrev: |
80 if n == hexrev: |
174 k = getkeys(ui, repo, mygpg, data, context) |
81 data = node2txt(repo, rev, v) |
175 if k: |
82 sig = binascii.a2b_base64(sig) |
176 keys.extend(k) |
83 err, k = mygpg.verify(data, sig) |
|
84 if not err: |
|
85 keys.append((k, fn, ln)) |
|
86 else: |
|
87 ui.warn("%s:%d %s\n" % (fn, ln , err)) |
|
88 |
|
89 fl = repo.file(".hgsigs") |
|
90 h = fl.heads() |
|
91 h.reverse() |
|
92 # read the heads |
|
93 for r in h: |
|
94 ln = 1 |
|
95 for l in fl.read(r).splitlines(): |
|
96 addsig(".hgsigs|%s" % hgnode.short(r), ln, l) |
|
97 ln +=1 |
|
98 try: |
|
99 # read local signatures |
|
100 ln = 1 |
|
101 f = repo.opener("localsigs") |
|
102 for l in f: |
|
103 addsig("localsigs", ln, l) |
|
104 ln +=1 |
|
105 except IOError: |
|
106 pass |
|
107 |
177 |
108 if not keys: |
178 if not keys: |
109 ui.write("%s not signed\n" % hgnode.short(rev)) |
179 ui.write(_("No valid signature for %s\n") % hgnode.short(rev)) |
110 return |
180 return |
111 valid = [] |
181 |
112 # warn for expired key and/or sigs |
|
113 for k, fn, ln in keys: |
|
114 prefix = "%s:%d" % (fn, ln) |
|
115 for key in k: |
|
116 if key[0] == "BADSIG": |
|
117 ui.write("%s Bad signature from \"%s\"\n" % (prefix, key[2])) |
|
118 continue |
|
119 if key[0] == "EXPSIG": |
|
120 ui.write("%s Note: Signature has expired" |
|
121 " (signed by: \"%s\")\n" % (prefix, key[2])) |
|
122 elif key[0] == "EXPKEYSIG": |
|
123 ui.write("%s Note: This key has expired" |
|
124 " (signed by: \"%s\")\n" % (prefix, key[2])) |
|
125 valid.append((key[1], key[2], key[3])) |
|
126 # print summary |
182 # print summary |
127 ui.write("%s is signed by:\n" % hgnode.short(rev)) |
183 ui.write("%s is signed by:\n" % hgnode.short(rev)) |
128 for keyid, user, fingerprint in valid: |
184 for key in keys: |
129 role = getrole(ui, fingerprint) |
185 ui.write(" %s\n" % keystr(ui, key)) |
130 ui.write(" %s (%s)\n" % (user, role)) |
186 |
131 |
187 def keystr(ui, key): |
132 def getrole(ui, fingerprint): |
188 """associate a string to a key (username, comment)""" |
133 return ui.config("gpg", fingerprint, "no role defined") |
189 keyid, user, fingerprint = key |
|
190 comment = ui.config("gpg", fingerprint, None) |
|
191 if comment: |
|
192 return "%s (%s)" % (user, comment) |
|
193 else: |
|
194 return user |
134 |
195 |
135 def sign(ui, repo, *revs, **opts): |
196 def sign(ui, repo, *revs, **opts): |
136 """add a signature for the current tip or a given revision""" |
197 """add a signature for the current tip or a given revision""" |
137 mygpg = newgpg(ui, **opts) |
198 mygpg = newgpg(ui, **opts) |
138 sigver = "0" |
199 sigver = "0" |
186 def node2txt(repo, node, ver): |
248 def node2txt(repo, node, ver): |
187 """map a manifest into some text""" |
249 """map a manifest into some text""" |
188 if ver == "0": |
250 if ver == "0": |
189 return "%s\n" % hgnode.hex(node) |
251 return "%s\n" % hgnode.hex(node) |
190 else: |
252 else: |
191 util.Abort("unknown signature version") |
253 util.Abort(_("unknown signature version")) |
192 |
254 |
193 cmdtable = { |
255 cmdtable = { |
194 "sign": |
256 "sign": |
195 (sign, |
257 (sign, |
196 [('l', 'local', None, "make the signature local"), |
258 [('l', 'local', None, _("make the signature local")), |
197 ('f', 'force', None, "sign even if the sigfile is modified"), |
259 ('f', 'force', None, _("sign even if the sigfile is modified")), |
198 ('', 'no-commit', None, "do not commit the sigfile after signing"), |
260 ('', 'no-commit', None, _("do not commit the sigfile after signing")), |
199 ('m', 'message', "", "commit message"), |
261 ('m', 'message', "", _("commit message")), |
200 ('d', 'date', "", "date code"), |
262 ('d', 'date', "", _("date code")), |
201 ('u', 'user', "", "user"), |
263 ('u', 'user', "", _("user")), |
202 ('k', 'key', "", "the key id to sign with")], |
264 ('k', 'key', "", _("the key id to sign with"))], |
203 "hg sign [OPTION]... REVISIONS"), |
265 _("hg sign [OPTION]... REVISIONS")), |
204 "sigcheck": (check, [], 'hg sigcheck REVISION') |
266 "sigcheck": (check, [], _('hg sigcheck REVISION')), |
|
267 "sigs": (sigs, [], _('hg sigs')), |
205 } |
268 } |
206 |
269 |