gpg.py
390 lines
| 10.9 KiB
| text/x-python
|
PythonLexer
/ hgext / gpg.py
Benoit Boissinot
|
r1681 | # Copyright 2005, 2006 Benoit Boissinot <benoit.boissinot@ens-lyon.org> | ||
# | ||||
Martin Geisler
|
r8225 | # This software may be used and distributed according to the terms of the | ||
Matt Mackall
|
r10263 | # GNU General Public License version 2 or any later version. | ||
Benoit Boissinot
|
r1681 | |||
Dirkjan Ochtman
|
r8934 | '''commands to sign and verify changesets''' | ||
Dirkjan Ochtman
|
r8873 | |||
Matt Harbison
|
r52756 | from __future__ import annotations | ||
Pulkit Goyal
|
r29124 | |||
import binascii | ||||
import os | ||||
Yuya Nishihara
|
r29205 | |||
from mercurial.i18n import _ | ||||
Joerg Sonnenberger
|
r46729 | from mercurial.node import ( | ||
bin, | ||||
hex, | ||||
short, | ||||
) | ||||
Pulkit Goyal
|
r29124 | from mercurial import ( | ||
cmdutil, | ||||
error, | ||||
rdamazio@google.com
|
r40329 | help, | ||
Pulkit Goyal
|
r29124 | match, | ||
Pulkit Goyal
|
r30925 | pycompat, | ||
Yuya Nishihara
|
r32337 | registrar, | ||
Pulkit Goyal
|
r29124 | ) | ||
Yuya Nishihara
|
r37138 | from mercurial.utils import ( | ||
dateutil, | ||||
procutil, | ||||
) | ||||
Benoit Boissinot
|
r1592 | |||
Martin Geisler
|
r14299 | cmdtable = {} | ||
Yuya Nishihara
|
r32337 | command = registrar.command(cmdtable) | ||
Augie Fackler
|
r29841 | # Note for extension authors: ONLY specify testedwith = 'ships-with-hg-core' for | ||
Augie Fackler
|
r25186 | # extensions which SHIP WITH MERCURIAL. Non-mainline extensions should | ||
# be specifying the version(s) of Mercurial they are tested with, or | ||||
# leave the attribute unspecified. | ||||
Augie Fackler
|
r43347 | testedwith = b'ships-with-hg-core' | ||
Martin Geisler
|
r14299 | |||
Boris Feld
|
r34502 | configtable = {} | ||
configitem = registrar.configitem(configtable) | ||||
Augie Fackler
|
r43346 | configitem( | ||
Augie Fackler
|
r46554 | b'gpg', | ||
b'cmd', | ||||
default=b'gpg', | ||||
Boris Feld
|
r34502 | ) | ||
Augie Fackler
|
r43346 | configitem( | ||
Augie Fackler
|
r46554 | b'gpg', | ||
b'key', | ||||
default=None, | ||||
Boris Feld
|
r34503 | ) | ||
Augie Fackler
|
r43346 | configitem( | ||
Augie Fackler
|
r46554 | b'gpg', | ||
b'.*', | ||||
default=None, | ||||
generic=True, | ||||
Boris Feld
|
r34771 | ) | ||
Boris Feld
|
r34502 | |||
rdamazio@google.com
|
r40329 | # Custom help category | ||
Augie Fackler
|
r43347 | _HELP_CATEGORY = b'gpg' | ||
Sietse Brouwer
|
r42421 | help.CATEGORY_ORDER.insert( | ||
Augie Fackler
|
r43346 | help.CATEGORY_ORDER.index(registrar.command.CATEGORY_HELP), _HELP_CATEGORY | ||
Sietse Brouwer
|
r42421 | ) | ||
Augie Fackler
|
r43347 | help.CATEGORY_NAMES[_HELP_CATEGORY] = b'Signing changes (GPG)' | ||
rdamazio@google.com
|
r40329 | |||
Augie Fackler
|
r43346 | |||
Gregory Szorc
|
r49801 | class gpg: | ||
Benoit Boissinot
|
r1592 | def __init__(self, path, key=None): | ||
self.path = path | ||||
Augie Fackler
|
r43347 | self.key = (key and b" --local-user \"%s\"" % key) or b"" | ||
Benoit Boissinot
|
r1592 | |||
def sign(self, data): | ||||
Augie Fackler
|
r43347 | gpgcmd = b"%s --sign --detach-sign%s" % (self.path, self.key) | ||
Yuya Nishihara
|
r37138 | return procutil.filter(data, gpgcmd) | ||
Benoit Boissinot
|
r1592 | |||
def verify(self, data, sig): | ||||
Kyle Lippincott
|
r47856 | """returns of the good and bad signatures""" | ||
Thomas Arendsen Hein
|
r2231 | sigfile = datafile = None | ||
Benoit Boissinot
|
r1592 | try: | ||
Benoit Boissinot
|
r1681 | # create temporary files | ||
Augie Fackler
|
r43347 | fd, sigfile = pycompat.mkstemp(prefix=b"hg-gpg-", suffix=b".sig") | ||
Augie Fackler
|
r43906 | fp = os.fdopen(fd, 'wb') | ||
Benoit Boissinot
|
r1592 | fp.write(sig) | ||
fp.close() | ||||
Augie Fackler
|
r43347 | fd, datafile = pycompat.mkstemp(prefix=b"hg-gpg-", suffix=b".txt") | ||
Augie Fackler
|
r43906 | fp = os.fdopen(fd, 'wb') | ||
Benoit Boissinot
|
r1592 | fp.write(data) | ||
fp.close() | ||||
r43663 | gpgcmd = ( | |||
b"%s --logger-fd 1 --status-fd 1 --verify \"%s\" \"%s\"" | ||||
Augie Fackler
|
r46554 | % ( | ||
self.path, | ||||
sigfile, | ||||
datafile, | ||||
) | ||||
Augie Fackler
|
r43346 | ) | ||
Augie Fackler
|
r43347 | ret = procutil.filter(b"", gpgcmd) | ||
Thomas Arendsen Hein
|
r2231 | finally: | ||
Benoit Boissinot
|
r1592 | for f in (sigfile, datafile): | ||
try: | ||||
Matt Mackall
|
r10282 | if f: | ||
os.unlink(f) | ||||
Brodie Rao
|
r16688 | except OSError: | ||
Matt Mackall
|
r10282 | pass | ||
Benoit Boissinot
|
r1592 | keys = [] | ||
key, fingerprint = None, None | ||||
for l in ret.splitlines(): | ||||
# see DETAILS in the gnupg documentation | ||||
# filter the logger output | ||||
Augie Fackler
|
r43347 | if not l.startswith(b"[GNUPG:]"): | ||
Benoit Boissinot
|
r1592 | continue | ||
l = l[9:] | ||||
Augie Fackler
|
r43347 | if l.startswith(b"VALIDSIG"): | ||
Benoit Boissinot
|
r1592 | # fingerprint of the primary key | ||
fingerprint = l.split()[10] | ||||
Augie Fackler
|
r43347 | elif l.startswith(b"ERRSIG"): | ||
key = l.split(b" ", 3)[:2] | ||||
key.append(b"") | ||||
Wei, Elson
|
r19441 | fingerprint = None | ||
Augie Fackler
|
r43346 | elif ( | ||
Augie Fackler
|
r43347 | l.startswith(b"GOODSIG") | ||
or l.startswith(b"EXPSIG") | ||||
or l.startswith(b"EXPKEYSIG") | ||||
or l.startswith(b"BADSIG") | ||||
Augie Fackler
|
r43346 | ): | ||
Benoit Boissinot
|
r1592 | if key is not None: | ||
keys.append(key + [fingerprint]) | ||||
Augie Fackler
|
r43347 | key = l.split(b" ", 2) | ||
Benoit Boissinot
|
r1592 | fingerprint = None | ||
if key is not None: | ||||
keys.append(key + [fingerprint]) | ||||
Wei, Elson
|
r19442 | return keys | ||
Benoit Boissinot
|
r1592 | |||
Augie Fackler
|
r43346 | |||
Benoit Boissinot
|
r1592 | def newgpg(ui, **opts): | ||
Benoit Boissinot
|
r1681 | """create a new gpg instance""" | ||
Augie Fackler
|
r43347 | gpgpath = ui.config(b"gpg", b"cmd") | ||
Augie Fackler
|
r43906 | gpgkey = opts.get('key') | ||
Benoit Boissinot
|
r1592 | if not gpgkey: | ||
Augie Fackler
|
r43347 | gpgkey = ui.config(b"gpg", b"key") | ||
Benoit Boissinot
|
r1592 | return gpg(gpgpath, gpgkey) | ||
Augie Fackler
|
r43346 | |||
Benoit Boissinot
|
r1681 | def sigwalk(repo): | ||
""" | ||||
walk over every sigs, yields a couple | ||||
((node, version, sig), (filename, linenumber)) | ||||
""" | ||||
Augie Fackler
|
r43346 | |||
Benoit Boissinot
|
r1681 | def parsefile(fileiter, context): | ||
ln = 1 | ||||
for l in fileiter: | ||||
if not l: | ||||
continue | ||||
Augie Fackler
|
r43347 | yield (l.split(b" ", 2), (context, ln)) | ||
Benoit Boissinot
|
r10394 | ln += 1 | ||
Benoit Boissinot
|
r1681 | |||
Matt Mackall
|
r8210 | # read the heads | ||
Augie Fackler
|
r43347 | fl = repo.file(b".hgsigs") | ||
Matt Mackall
|
r8210 | for r in reversed(fl.heads()): | ||
Joerg Sonnenberger
|
r46729 | fn = b".hgsigs|%s" % short(r) | ||
Benoit Boissinot
|
r1681 | for item in parsefile(fl.read(r).splitlines(), fn): | ||
yield item | ||||
try: | ||||
# read local signatures | ||||
Augie Fackler
|
r43347 | fn = b"localsigs" | ||
Angel Ezquerra
|
r23877 | for item in parsefile(repo.vfs(fn), fn): | ||
Benoit Boissinot
|
r1681 | yield item | ||
except IOError: | ||||
pass | ||||
Augie Fackler
|
r43346 | |||
Benoit Boissinot
|
r1681 | def getkeys(ui, repo, mygpg, sigdata, context): | ||
"""get the keys who signed a data""" | ||||
fn, ln = context | ||||
node, version, sig = sigdata | ||||
Augie Fackler
|
r43347 | prefix = b"%s:%d" % (fn, ln) | ||
Joerg Sonnenberger
|
r46729 | node = bin(node) | ||
Benoit Boissinot
|
r1681 | |||
data = node2txt(repo, node, version) | ||||
sig = binascii.a2b_base64(sig) | ||||
Wei, Elson
|
r19442 | keys = mygpg.verify(data, sig) | ||
Benoit Boissinot
|
r1681 | |||
validkeys = [] | ||||
# warn for expired key and/or sigs | ||||
for key in keys: | ||||
Augie Fackler
|
r43347 | if key[0] == b"ERRSIG": | ||
ui.write(_(b"%s Unknown key ID \"%s\"\n") % (prefix, key[1])) | ||||
Wei, Elson
|
r19444 | continue | ||
Augie Fackler
|
r43347 | if key[0] == b"BADSIG": | ||
ui.write(_(b"%s Bad signature from \"%s\"\n") % (prefix, key[2])) | ||||
Benoit Boissinot
|
r1681 | continue | ||
Augie Fackler
|
r43347 | if key[0] == b"EXPSIG": | ||
Augie Fackler
|
r43346 | ui.write( | ||
Martin von Zweigbergk
|
r43387 | _(b"%s Note: Signature has expired (signed by: \"%s\")\n") | ||
Augie Fackler
|
r43346 | % (prefix, key[2]) | ||
) | ||||
Augie Fackler
|
r43347 | elif key[0] == b"EXPKEYSIG": | ||
Augie Fackler
|
r43346 | ui.write( | ||
Martin von Zweigbergk
|
r43387 | _(b"%s Note: This key has expired (signed by: \"%s\")\n") | ||
Augie Fackler
|
r43346 | % (prefix, key[2]) | ||
) | ||||
Benoit Boissinot
|
r1681 | validkeys.append((key[1], key[2], key[3])) | ||
return validkeys | ||||
Augie Fackler
|
r43346 | |||
Augie Fackler
|
r43347 | @command(b"sigs", [], _(b'hg sigs'), helpcategory=_HELP_CATEGORY) | ||
Benoit Boissinot
|
r1681 | def sigs(ui, repo): | ||
"""list signed changesets""" | ||||
mygpg = newgpg(ui) | ||||
revs = {} | ||||
for data, context in sigwalk(repo): | ||||
node, version, sig = data | ||||
fn, ln = context | ||||
try: | ||||
n = repo.lookup(node) | ||||
except KeyError: | ||||
Augie Fackler
|
r43347 | ui.warn(_(b"%s:%d node does not exist\n") % (fn, ln)) | ||
Benoit Boissinot
|
r1681 | continue | ||
r = repo.changelog.rev(n) | ||||
keys = getkeys(ui, repo, mygpg, data, context) | ||||
if not keys: | ||||
continue | ||||
revs.setdefault(r, []) | ||||
revs[r].extend(keys) | ||||
Martin Geisler
|
r8303 | for rev in sorted(revs, reverse=True): | ||
Benoit Boissinot
|
r1682 | for k in revs[rev]: | ||
Joerg Sonnenberger
|
r46729 | r = b"%5d:%s" % (rev, hex(repo.changelog.node(rev))) | ||
Augie Fackler
|
r43347 | ui.write(b"%-30s %s\n" % (keystr(ui, k), r)) | ||
Benoit Boissinot
|
r1681 | |||
Augie Fackler
|
r43346 | |||
Augie Fackler
|
r43347 | @command(b"sigcheck", [], _(b'hg sigcheck REV'), helpcategory=_HELP_CATEGORY) | ||
timeless
|
r27117 | def sigcheck(ui, repo, rev): | ||
Benoit Boissinot
|
r1592 | """verify all the signatures there may be for a particular revision""" | ||
mygpg = newgpg(ui) | ||||
rev = repo.lookup(rev) | ||||
Joerg Sonnenberger
|
r46729 | hexrev = hex(rev) | ||
Benoit Boissinot
|
r1592 | keys = [] | ||
Benoit Boissinot
|
r1681 | for data, context in sigwalk(repo): | ||
node, version, sig = data | ||||
if node == hexrev: | ||||
k = getkeys(ui, repo, mygpg, data, context) | ||||
if k: | ||||
keys.extend(k) | ||||
Benoit Boissinot
|
r1592 | |||
if not keys: | ||||
Joerg Sonnenberger
|
r46729 | ui.write(_(b"no valid signature for %s\n") % short(rev)) | ||
Benoit Boissinot
|
r1592 | return | ||
Benoit Boissinot
|
r1681 | |||
Benoit Boissinot
|
r1592 | # print summary | ||
Joerg Sonnenberger
|
r46729 | ui.write(_(b"%s is signed by:\n") % short(rev)) | ||
Benoit Boissinot
|
r1681 | for key in keys: | ||
Augie Fackler
|
r43347 | ui.write(b" %s\n" % keystr(ui, key)) | ||
Benoit Boissinot
|
r1592 | |||
Augie Fackler
|
r43346 | |||
Benoit Boissinot
|
r1681 | def keystr(ui, key): | ||
"""associate a string to a key (username, comment)""" | ||||
keyid, user, fingerprint = key | ||||
Augie Fackler
|
r43347 | comment = ui.config(b"gpg", fingerprint) | ||
Benoit Boissinot
|
r1681 | if comment: | ||
Augie Fackler
|
r43347 | return b"%s (%s)" % (user, comment) | ||
Benoit Boissinot
|
r1681 | else: | ||
return user | ||||
Benoit Boissinot
|
r1592 | |||
Augie Fackler
|
r43346 | |||
@command( | ||||
Augie Fackler
|
r43347 | b"sign", | ||
Augie Fackler
|
r43346 | [ | ||
Augie Fackler
|
r43347 | (b'l', b'local', None, _(b'make the signature local')), | ||
(b'f', b'force', None, _(b'sign even if the sigfile is modified')), | ||||
( | ||||
b'', | ||||
b'no-commit', | ||||
None, | ||||
_(b'do not commit the sigfile after signing'), | ||||
), | ||||
(b'k', b'key', b'', _(b'the key id to sign with'), _(b'ID')), | ||||
(b'm', b'message', b'', _(b'use text as commit message'), _(b'TEXT')), | ||||
(b'e', b'edit', False, _(b'invoke editor on commit messages')), | ||||
Augie Fackler
|
r43346 | ] | ||
+ cmdutil.commitopts2, | ||||
Augie Fackler
|
r43347 | _(b'hg sign [OPTION]... [REV]...'), | ||
Augie Fackler
|
r43346 | helpcategory=_HELP_CATEGORY, | ||
) | ||||
Benoit Boissinot
|
r1592 | def sign(ui, repo, *revs, **opts): | ||
Thomas Arendsen Hein
|
r3916 | """add a signature for the current or given revision | ||
If no revision is given, the parent of the working directory is used, | ||||
or tip if no revision is checked out. | ||||
Thomas Arendsen Hein
|
r6163 | |||
Matt Mackall
|
r25791 | The ``gpg.cmd`` config setting can be used to specify the command | ||
to run. A default key can be specified with ``gpg.key``. | ||||
Martin Geisler
|
r11193 | See :hg:`help dates` for a list of formats valid for -d/--date. | ||
Thomas Arendsen Hein
|
r3916 | """ | ||
Bryan O'Sullivan
|
r27814 | with repo.wlock(): | ||
FUJIWARA Katsunori
|
r27196 | return _dosign(ui, repo, *revs, **opts) | ||
Thomas Arendsen Hein
|
r3916 | |||
Augie Fackler
|
r43346 | |||
FUJIWARA Katsunori
|
r27196 | def _dosign(ui, repo, *revs, **opts): | ||
Benoit Boissinot
|
r1592 | mygpg = newgpg(ui, **opts) | ||
Matt Harbison
|
r51770 | |||
Augie Fackler
|
r43347 | sigver = b"0" | ||
sigmessage = b"" | ||||
Thomas Arendsen Hein
|
r6139 | |||
Matt Harbison
|
r51770 | date = opts.get('date') | ||
Thomas Arendsen Hein
|
r6139 | if date: | ||
Matt Harbison
|
r51770 | opts['date'] = dateutil.parsedate(date) | ||
Thomas Arendsen Hein
|
r6139 | |||
Benoit Boissinot
|
r1592 | if revs: | ||
nodes = [repo.lookup(n) for n in revs] | ||||
else: | ||||
Joerg Sonnenberger
|
r47771 | nodes = [ | ||
node for node in repo.dirstate.parents() if node != repo.nullid | ||||
] | ||||
Thomas Arendsen Hein
|
r3916 | if len(nodes) > 1: | ||
Augie Fackler
|
r43346 | raise error.Abort( | ||
Martin von Zweigbergk
|
r43387 | _(b'uncommitted merge - please provide a specific revision') | ||
Augie Fackler
|
r43346 | ) | ||
Thomas Arendsen Hein
|
r3916 | if not nodes: | ||
nodes = [repo.changelog.tip()] | ||||
Benoit Boissinot
|
r1592 | |||
for n in nodes: | ||||
Joerg Sonnenberger
|
r46729 | hexnode = hex(n) | ||
ui.write(_(b"signing %d:%s\n") % (repo.changelog.rev(n), short(n))) | ||||
Benoit Boissinot
|
r1592 | # build data | ||
data = node2txt(repo, n, sigver) | ||||
sig = mygpg.sign(data) | ||||
if not sig: | ||||
Augie Fackler
|
r43347 | raise error.Abort(_(b"error while signing")) | ||
Benoit Boissinot
|
r1592 | sig = binascii.b2a_base64(sig) | ||
Augie Fackler
|
r43347 | sig = sig.replace(b"\n", b"") | ||
sigmessage += b"%s %s %s\n" % (hexnode, sigver, sig) | ||||
Benoit Boissinot
|
r1592 | |||
# write it | ||||
Matt Harbison
|
r51770 | if opts['local']: | ||
Augie Fackler
|
r43347 | repo.vfs.append(b"localsigs", sigmessage) | ||
Benoit Boissinot
|
r1592 | return | ||
Matt Harbison
|
r51715 | msigs = match.exact([b'.hgsigs']) | ||
Matt Harbison
|
r51770 | if not opts["force"]: | ||
Augie Fackler
|
r25149 | if any(repo.status(match=msigs, unknown=True, ignored=True)): | ||
Augie Fackler
|
r43346 | raise error.Abort( | ||
Augie Fackler
|
r43347 | _(b"working copy of .hgsigs is changed "), | ||
hint=_(b"please commit .hgsigs manually"), | ||||
Augie Fackler
|
r43346 | ) | ||
Benoit Boissinot
|
r1592 | |||
Matt Harbison
|
r51771 | with repo.wvfs(b".hgsigs", b"ab") as sigsfile: | ||
sigsfile.write(sigmessage) | ||||
Benoit Boissinot
|
r1592 | |||
Augie Fackler
|
r43347 | if b'.hgsigs' not in repo.dirstate: | ||
r50932 | with repo.dirstate.changing_files(repo): | |||
repo[None].add([b".hgsigs"]) | ||||
Benoit Boissinot
|
r1592 | |||
Matt Harbison
|
r51770 | if opts["no_commit"]: | ||
Benoit Boissinot
|
r1592 | return | ||
Matt Harbison
|
r51770 | message = opts['message'] | ||
Benoit Boissinot
|
r1592 | if not message: | ||
Martin Geisler
|
r9183 | # we don't translate commit messages | ||
Augie Fackler
|
r43347 | message = b"\n".join( | ||
Joerg Sonnenberger
|
r46729 | [b"Added signature for changeset %s" % short(n) for n in nodes] | ||
Augie Fackler
|
r43346 | ) | ||
Benoit Boissinot
|
r1592 | try: | ||
Matt Harbison
|
r51770 | editor = cmdutil.getcommiteditor(editform=b'gpg.sign', **opts) | ||
Augie Fackler
|
r43346 | repo.commit( | ||
Matt Harbison
|
r51770 | message, opts['user'], opts['date'], match=msigs, editor=editor | ||
Augie Fackler
|
r43346 | ) | ||
Gregory Szorc
|
r25660 | except ValueError as inst: | ||
Pulkit Goyal
|
r36671 | raise error.Abort(pycompat.bytestr(inst)) | ||
Benoit Boissinot
|
r1592 | |||
Augie Fackler
|
r43346 | |||
Benoit Boissinot
|
r1592 | def node2txt(repo, node, ver): | ||
"""map a manifest into some text""" | ||||
Augie Fackler
|
r43347 | if ver == b"0": | ||
Joerg Sonnenberger
|
r46729 | return b"%s\n" % hex(node) | ||
Benoit Boissinot
|
r1592 | else: | ||
Augie Fackler
|
r43347 | raise error.Abort(_(b"unknown signature version")) | ||
rdamazio@google.com
|
r40329 | |||
Augie Fackler
|
r43346 | |||
rdamazio@google.com
|
r40329 | def extsetup(ui): | ||
# Add our category before "Repository maintenance". | ||||
help.CATEGORY_ORDER.insert( | ||||
Augie Fackler
|
r43346 | help.CATEGORY_ORDER.index(command.CATEGORY_MAINTENANCE), _HELP_CATEGORY | ||
) | ||||
Augie Fackler
|
r43347 | help.CATEGORY_NAMES[_HELP_CATEGORY] = b'GPG signing' | ||