verify-sig_waf.sh

   1 #! /usr/bin/env python
   2 # encoding: utf-8
   3 # Thomas Nagy, 2014-2015
   4
   5 """
   6 A simple file for verifying signatures in signed waf files
   7 This script is meant for Python >= 2.6 and the encoding is bytes - latin-1
   8
   9 Distributing detached signatures is boring
  10 """
  11
  12 import sys, os, re, subprocess
  13
  14 if __name__ == '__main__':
  15         try:
  16                 infile = sys.argv[1]
  17         except IndexError:
  18                 infile = 'waf'
  19
  20         try:
  21                 outfile1 = sys.argv[2]
  22         except IndexError:
  23                 outfile1 = infile + '-sig'
  24
  25         try:
  26                 outfile2 = sys.argv[3]
  27         except IndexError:
  28                 outfile2 = outfile1 + '.asc'
  29
  30         f1 = open(outfile1, 'wb')
  31         f2 = open(outfile2, 'wb')
  32         f = open(infile, 'rb')
  33         try:
  34                 txt = f.read()
  35
  36                 lastline = txt.decode('latin-1').splitlines()[-1] # just the last line
  37                 if not lastline.startswith('#-----BEGIN PGP SIGNATURE-----'):
  38                         print("ERROR: there is no signature to verify in %r :-/" % infile)
  39                         sys.exit(1)
  40
  41                 sigtext = lastline.replace('\\n', '\n') # convert newlines
  42                 sigtext = sigtext[1:] # omit the '# character'
  43                 sigtext = sigtext.encode('latin-1') # python3
  44
  45                 f2.write(sigtext)
  46                 f1.write(txt[:-len(lastline) - 1]) # one newline character was eaten from splitlines()
  47         finally:
  48                 f.close()
  49                 f1.close()
  50                 f2.close()
  51
  52         cmd = 'gpg --verify %s' % outfile2
  53         print("-> %r" % cmd)
  54         ret = subprocess.Popen(cmd, shell=True).wait()
  55         sys.exit(ret)
  56