import glob, subprocess, shutil, sys, re
key_start = '-----BEGIN PGP SIGNATURE-----\n'
sig_pattern = re.compile(r'^gpg: Signature made .*? using \w+ key ID (\w+)')
fp_pattern = re.compile(r'^pub\s+(\w+\/\w+)[^\n]*\n\s+Key\sfingerprint\s=((\s+[0-9A-F]{4}){10})\nuid\s+([^<\(]+)\s')
def grab_sig_ids():
good_sigs = {}
for filename in glob.glob('subversion-*.asc'):
shutil.copyfile(filename, '%s.bak' % filename)
text = open(filename).read()
keys = text.split(key_start)
for key in keys[1:]:
open(filename, 'w').write(key_start + key)
gpg = subprocess.Popen(['gpg', '--logger-fd', '1',
'--verify', filename],
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT)
rc = gpg.wait()
output = gpg.stdout.read()
if rc:
print(output)
sys.stderr.write("BAD SIGNATURE in %s\n" % filename)
shutil.move('%s.bak' % filename, filename)
sys.exit(1)
for line in output.split('\n'):
match = sig_pattern.match(line)
if match:
key_id = match.groups()[0]
good_sigs[key_id] = True
shutil.move('%s.bak' % filename, filename)
return good_sigs
def generate_output(good_sigs):
for id in good_sigs.keys():
gpg = subprocess.Popen(['gpg', '--fingerprint', id],
stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
rc = gpg.wait()
gpg_output = gpg.stdout.read()
if rc:
print(gpg_output)
sys.stderr.write("UNABLE TO GET FINGERPRINT FOR %s" % id)
sys.exit(1)
fp = fp_pattern.match(gpg_output).groups()
print(" %s [%s] with fingerprint:" % (fp[3], fp[0]))
print(" %s" % fp[1])
if __name__ == '__main__':
if len(sys.argv) < 2:
print("Give me a version number!")
sys.exit(1)
generate_output(grab_sig_ids())