src/v8/tools/testrunner/server/signatures.py - cobalt - Git at Google

 # Copyright 2012 the V8 project authors. All rights reserved.
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions are
 # met:
 #
 #     * Redistributions of source code must retain the above copyright
 #       notice, this list of conditions and the following disclaimer.
 #     * Redistributions in binary form must reproduce the above
 #       copyright notice, this list of conditions and the following
 #       disclaimer in the documentation and/or other materials provided
 #       with the distribution.
 #     * Neither the name of Google Inc. nor the names of its
 #       contributors may be used to endorse or promote products derived
 #       from this software without specific prior written permission.
 #
 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.


 import base64
 import os
 import subprocess


 def ReadFileAndSignature(filename):
   with open(filename, "rb") as f:
     file_contents = base64.b64encode(f.read())
   signature_file = filename + ".signature"
   if (not os.path.exists(signature_file) or
       os.path.getmtime(signature_file) < os.path.getmtime(filename)):
     private_key = "~/.ssh/v8_dtest"
     code = subprocess.call("openssl dgst -out %s -sign %s %s" %
                            (signature_file, private_key, filename),
                            shell=True)
     if code != 0: return [None, code]
   with open(signature_file) as f:
     signature = base64.b64encode(f.read())
   return [file_contents, signature]


 def VerifySignature(filename, file_contents, signature, pubkeyfile):
   with open(filename, "wb") as f:
     f.write(base64.b64decode(file_contents))
   signature_file = filename + ".foreign_signature"
   with open(signature_file, "wb") as f:
     f.write(base64.b64decode(signature))
   code = subprocess.call("openssl dgst -verify %s -signature %s %s" %
                          (pubkeyfile, signature_file, filename),
                          shell=True)
   matched = (code == 0)
   if not matched:
     os.remove(signature_file)
     os.remove(filename)
   return matched
	# Copyright 2012 the V8 project authors. All rights reserved.
	# Redistribution and use in source and binary forms, with or without
	# modification, are permitted provided that the following conditions are
	# met:
	#
	# * Redistributions of source code must retain the above copyright
	# notice, this list of conditions and the following disclaimer.
	# * Redistributions in binary form must reproduce the above
	# copyright notice, this list of conditions and the following
	# disclaimer in the documentation and/or other materials provided
	# with the distribution.
	# * Neither the name of Google Inc. nor the names of its
	# contributors may be used to endorse or promote products derived
	# from this software without specific prior written permission.
	#
	# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
	# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
	# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
	# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
	# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
	# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
	# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.


	import base64
	import os
	import subprocess


	def ReadFileAndSignature(filename):
	with open(filename, "rb") as f:
	file_contents = base64.b64encode(f.read())
	signature_file = filename + ".signature"
	if (not os.path.exists(signature_file) or
	os.path.getmtime(signature_file) < os.path.getmtime(filename)):
	private_key = "~/.ssh/v8_dtest"
	code = subprocess.call("openssl dgst -out %s -sign %s %s" %
	(signature_file, private_key, filename),
	shell=True)
	if code != 0: return [None, code]
	with open(signature_file) as f:
	signature = base64.b64encode(f.read())
	return [file_contents, signature]


	def VerifySignature(filename, file_contents, signature, pubkeyfile):
	with open(filename, "wb") as f:
	f.write(base64.b64decode(file_contents))
	signature_file = filename + ".foreign_signature"
	with open(signature_file, "wb") as f:
	f.write(base64.b64decode(signature))
	code = subprocess.call("openssl dgst -verify %s -signature %s %s" %
	(pubkeyfile, signature_file, filename),
	shell=True)
	matched = (code == 0)
	if not matched:
	os.remove(signature_file)
	os.remove(filename)
	return matched