Home | History | Annotate | Download | only in server 
      1 # Copyright 2012 the V8 project authors. All rights reserved.
      2 # Redistribution and use in source and binary forms, with or without
      3 # modification, are permitted provided that the following conditions are
      4 # met:
      5 #
      6 #     * Redistributions of source code must retain the above copyright
      7 #       notice, this list of conditions and the following disclaimer.
      8 #     * Redistributions in binary form must reproduce the above
      9 #       copyright notice, this list of conditions and the following
     10 #       disclaimer in the documentation and/or other materials provided
     11 #       with the distribution.
     12 #     * Neither the name of Google Inc. nor the names of its
     13 #       contributors may be used to endorse or promote products derived
     14 #       from this software without specific prior written permission.
     15 #
     16 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
     17 # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
     18 # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
     19 # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
     20 # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
     21 # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
     22 # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
     23 # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
     24 # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     25 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     26 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     27 
     28 
     29 import base64
     30 import os
     31 import subprocess
     32 
     33 
     34 def ReadFileAndSignature(filename):
     35   with open(filename, "rb") as f:
     36     file_contents = base64.b64encode(f.read())
     37   signature_file = filename + ".signature"
     38   if (not os.path.exists(signature_file) or
     39       os.path.getmtime(signature_file) < os.path.getmtime(filename)):
     40     private_key = "~/.ssh/v8_dtest"
     41     code = subprocess.call("openssl dgst -out %s -sign %s %s" %
     42                            (signature_file, private_key, filename),
     43                            shell=True)
     44     if code != 0: return [None, code]
     45   with open(signature_file) as f:
     46     signature = base64.b64encode(f.read())
     47   return [file_contents, signature]
     48 
     49 
     50 def VerifySignature(filename, file_contents, signature, pubkeyfile):
     51   with open(filename, "wb") as f:
     52     f.write(base64.b64decode(file_contents))
     53   signature_file = filename + ".foreign_signature"
     54   with open(signature_file, "wb") as f:
     55     f.write(base64.b64decode(signature))
     56   code = subprocess.call("openssl dgst -verify %s -signature %s %s" %
     57                          (pubkeyfile, signature_file, filename),
     58                          shell=True)
     59   matched = (code == 0)
     60   if not matched:
     61     os.remove(signature_file)
     62     os.remove(filename)
     63   return matched
     64