1# Copyright 2012 the V8 project authors. All rights reserved.
2# Redistribution and use in source and binary forms, with or without
3# modification, are permitted provided that the following conditions are
4# met:
5#
6#     * Redistributions of source code must retain the above copyright
7#       notice, this list of conditions and the following disclaimer.
8#     * Redistributions in binary form must reproduce the above
9#       copyright notice, this list of conditions and the following
10#       disclaimer in the documentation and/or other materials provided
11#       with the distribution.
12#     * Neither the name of Google Inc. nor the names of its
13#       contributors may be used to endorse or promote products derived
14#       from this software without specific prior written permission.
15#
16# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
17# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
18# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
19# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
20# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
26# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27
28
29import base64
30import os
31import subprocess
32
33
34def ReadFileAndSignature(filename):
35  with open(filename, "rb") as f:
36    file_contents = base64.b64encode(f.read())
37  signature_file = filename + ".signature"
38  if (not os.path.exists(signature_file) or
39      os.path.getmtime(signature_file) < os.path.getmtime(filename)):
40    private_key = "~/.ssh/v8_dtest"
41    code = subprocess.call("openssl dgst -out %s -sign %s %s" %
42                           (signature_file, private_key, filename),
43                           shell=True)
44    if code != 0: return [None, code]
45  with open(signature_file) as f:
46    signature = base64.b64encode(f.read())
47  return [file_contents, signature]
48
49
50def VerifySignature(filename, file_contents, signature, pubkeyfile):
51  with open(filename, "wb") as f:
52    f.write(base64.b64decode(file_contents))
53  signature_file = filename + ".foreign_signature"
54  with open(signature_file, "wb") as f:
55    f.write(base64.b64decode(signature))
56  code = subprocess.call("openssl dgst -verify %s -signature %s %s" %
57                         (pubkeyfile, signature_file, filename),
58                         shell=True)
59  matched = (code == 0)
60  if not matched:
61    os.remove(signature_file)
62    os.remove(filename)
63  return matched
64