[OE-core] [PATCH 1/5] oe/gpg_sign: add verify() method
Markus Lehtonen
markus.lehtonen at linux.intel.com
Wed Feb 10 14:15:55 UTC 2016
A new method for verifying detached signatures.
[YOCTO #9006]
Signed-off-by: Markus Lehtonen <markus.lehtonen at linux.intel.com>
---
meta/lib/oe/gpg_sign.py | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py
index 821787e..a4f310e 100644
--- a/meta/lib/oe/gpg_sign.py
+++ b/meta/lib/oe/gpg_sign.py
@@ -65,6 +65,16 @@ class LocalSigner(object):
raise bb.build.FuncFailed("Failed to create signature for '%s': %s" %
(input_file, output))
+ def verify(self, sig_file):
+ """Verify signature"""
+ cmd = self.gpg_bin + " --verify "
+ if self.gpg_path:
+ cmd += "--homedir %s " % self.gpg_path
+ cmd += sig_file
+ status, _ = oe.utils.getstatusoutput(cmd)
+ ret = False if status else True
+ return ret
+
def get_signer(d, backend, keyid, passphrase_file):
"""Get signer object for the specified backend"""
--
2.6.2
More information about the Openembedded-core
mailing list