summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJon Stanley <jstanley@people1.fedoraproject.org>2009-07-20 04:14:18 +0000
committerJon Stanley <jstanley@people1.fedoraproject.org>2009-07-20 04:14:18 +0000
commit96a7e78a9bdee5419f827f257a98e740369c7214 (patch)
treede4d33409c918094cc16b7d4a4ab4574ef728e78
downloadkeychecker-96a7e78a9bdee5419f827f257a98e740369c7214.tar.gz
keychecker-96a7e78a9bdee5419f827f257a98e740369c7214.tar.xz
keychecker-96a7e78a9bdee5419f827f257a98e740369c7214.zip
Intial commit
-rw-r--r--key_checker61
1 files changed, 61 insertions, 0 deletions
diff --git a/key_checker b/key_checker
new file mode 100644
index 0000000..e7fdfc4
--- /dev/null
+++ b/key_checker
@@ -0,0 +1,61 @@
+#!/usr/bin/python
+import rpm, rpmUtils.miscutils, sys
+
+ts=rpm.TransactionSet()
+pubkeys={}
+pubkeys['unknown'] = 'Unknown signing key'
+
+def buildKeyList():
+ keys = ts.dbMatch(rpm.RPMTAG_NAME, 'gpg-pubkey')
+ for hdr in keys:
+ pubkeys[hdr[rpm.RPMTAG_VERSION]]=hdr[rpm.RPMTAG_SUMMARY][4:].rsplit('<',1)[0].rstrip()
+def getPkgNevra(hdr):
+ if hdr[rpm.RPMTAG_EPOCH]:
+ return '%s-%s:%s-%s.%s' % ( hdr[rpm.RPMTAG_NAME], hdr[rpm.RPMTAG_EPOCH],
+ hdr[rpm.RPMTAG_VERSION], hdr[rpm.RPMTAG_RELEASE],
+ hdr[rpm.RPMTAG_ARCH])
+ else:
+ return '%s-%s-%s.%s' % ( hdr[rpm.RPMTAG_NAME], hdr[rpm.RPMTAG_VERSION],
+ hdr[rpm.RPMTAG_RELEASE], hdr[rpm.RPMTAG_ARCH] )
+def getSig(hdr):
+ if hdr[rpm.RPMTAG_DSAHEADER]:
+ keyid = rpmUtils.miscutils.getSigInfo(hdr)[1][2][16:]
+ try:
+ return (getPkgNevra(hdr), pubkeys[keyid])
+ except KeyError:
+ return (getPkgNevra(hdr), pubkeys['unknown'])
+ else:
+ return (getPkgNevra(hdr), 'unsigned')
+
+if __name__ == '__main__':
+ buildKeyList()
+ pkgs = {}
+ for keyname in pubkeys.itervalues():
+ pkgs[keyname] = []
+ pkgs['unsigned'] = []
+ try:
+ foo = sys.argv[1]
+ for pkg in sys.argv[1:]:
+ mi=ts.dbMatch(rpm.RPMTAG_NAME, pkg)
+ exists = False
+ for hdr in mi:
+ exists = True
+ nevra, key=getSig(hdr)
+ pkgs[key].append(nevra)
+ if not exists:
+ sys.stderr.write('Package %s does not exist\n' % pkg)
+ except IndexError:
+ mi=ts.dbMatch()
+ for hdr in mi:
+ if hdr[rpm.RPMTAG_NAME] == 'gpg-pubkey':
+ continue
+ nevra, key = getSig(hdr)
+ pkgs[key].append(nevra)
+ for pkg in pkgs.iteritems():
+ if pkg[1]:
+ print pkg[0]
+ print '-' * len(pkg[0])
+ for pkginstance in pkg[1]:
+ print pkginstance
+ print
+