Merge pull request #1244 from coreos-inc/enableaci

Add UI to the setup tool for enabling ACI conversion
2016-02-17 12:29:48 -05:00 · 2016-02-17 12:29:48 -05:00 · 11af123ba5
commit 11af123ba5
parent 04cd3c2f63 1940fd9939
11 changed files with 106 additions and 18 deletions
--- a/util/security/signing.py
+++ b/util/security/signing.py
@ -4,22 +4,22 @@ from StringIO import StringIO

 class GPG2Signer(object):
  """ Helper class for signing data using GPG2. """
-  def __init__(self, app, key_directory):
-    if not app.config.get('GPG2_PRIVATE_KEY_NAME'):
+  def __init__(self, config, key_directory):
+    if not config.get('GPG2_PRIVATE_KEY_NAME'):
      raise Exception('Missing configuration key GPG2_PRIVATE_KEY_NAME')

-    if not app.config.get('GPG2_PRIVATE_KEY_FILENAME'):
+    if not config.get('GPG2_PRIVATE_KEY_FILENAME'):
      raise Exception('Missing configuration key GPG2_PRIVATE_KEY_FILENAME')

-    if not app.config.get('GPG2_PUBLIC_KEY_FILENAME'):
+    if not config.get('GPG2_PUBLIC_KEY_FILENAME'):
      raise Exception('Missing configuration key GPG2_PUBLIC_KEY_FILENAME')

    self._ctx = gpgme.Context()
    self._ctx.armor = True
-    self._private_key_name = app.config['GPG2_PRIVATE_KEY_NAME']
-    self._public_key_path = os.path.join(key_directory, app.config['GPG2_PUBLIC_KEY_FILENAME'])
+    self._private_key_name = config['GPG2_PRIVATE_KEY_NAME']
+    self._public_key_path = os.path.join(key_directory, config['GPG2_PUBLIC_KEY_FILENAME'])

-    key_file = os.path.join(key_directory, app.config['GPG2_PRIVATE_KEY_FILENAME'])
+    key_file = os.path.join(key_directory, config['GPG2_PRIVATE_KEY_FILENAME'])
    if not os.path.exists(key_file):
      raise Exception('Missing key file %s' % key_file)

@ -37,10 +37,13 @@ class GPG2Signer(object):
  def detached_sign(self, stream):
    """ Signs the given stream, returning the signature. """
    ctx = self._ctx
-    ctx.signers = [ctx.get_key(self._private_key_name)]
+    try:
+      ctx.signers = [ctx.get_key(self._private_key_name)]
+    except:
+      raise Exception('Invalid private key name')
+
    signature = StringIO()
    new_sigs = ctx.sign(stream, signature, gpgme.SIG_MODE_DETACH)
-
    signature.seek(0)
    return signature.getvalue()

@ -58,7 +61,7 @@ class Signer(object):
    if preference is None:
      return None

-    return SIGNING_ENGINES[preference](app, key_directory)
+    return SIGNING_ENGINES[preference](app.config, key_directory)

  def __getattr__(self, name):
    return getattr(self.state, name, None)