3
sys.path.append('/usr/share/armory')
6
from armoryengine import *
9
def extractSignedDataFromVersionsDotTxt(wholeFile, doVerify=True):
11
This method returns a pair: a dictionary to lookup link by OS, and
12
a formatted string that is sorted by OS, and re-formatted list that
13
will hash the same regardless of original format or ordering
16
msgBegin = wholeFile.find('# -----BEGIN-SIGNED-DATA-')
17
msgBegin = wholeFile.find('\n', msgBegin+1) + 1
18
msgEnd = wholeFile.find('# -----SIGNATURE---------')
19
sigBegin = wholeFile.find('\n', msgEnd+1) + 3
20
sigEnd = wholeFile.find('# -----END-SIGNED-DATA---')
22
MSGRAW = wholeFile[msgBegin:msgEnd]
23
SIGHEX = wholeFile[sigBegin:sigEnd].strip()
25
if -1 in [msgBegin,msgEnd,sigBegin,sigEnd]:
26
LOGERROR('No signed data block found')
36
Pub = SecureBinaryData(hex_to_binary(ARMORY_INFO_SIGN_PUBLICKEY))
37
Msg = SecureBinaryData(MSGRAW)
38
Sig = SecureBinaryData(hex_to_binary(SIGHEX))
39
isVerified = CryptoECDSA().VerifyData(Msg, Sig, Pub)
42
LOGERROR('Signed data block failed verification!')
45
print 'SIGNATURE IS GOOD!'
51
def parseLinkList(theData):
53
Plug the verified data into here...
55
DLDICT,VERDICT = {},{}
57
for line in theData.split('\n'):
58
pcs = line[1:].split()
59
if line.startswith('# SECTION-') and 'INSTALLERS' in line:
60
sectStr = pcs[0].split('-')[-1].lower()
61
if not sectStr in DLDICT:
65
VERDICT[sectStr] = pcs[-1]
68
if len(pcs)==3 and pcs[1].startswith('http'):
69
DLDICT[sectStr][pcs[0]] = pcs[1:]
74
if __name__=='__main__':
76
if not os.path.exists(fn):
77
print 'File does not exist!'
78
fn = '../versions.txt'
79
if not os.path.exists(fn):
80
print 'Really does not exist. Aborting.'
86
msgVerified = extractSignedDataFromVersionsDotTxt(allData, doVerify=False)
87
DICT,VER = parseLinkList(msgVerified)
91
print dl.upper(), VER[dl]
92
for theOS in DICT[dl]:
93
print ' ' + dl + '-' + theOS
94
print ' ', DICT[dl][theOS][0]
95
print ' ', DICT[dl][theOS][1]
97
msgVerified = extractSignedDataFromVersionsDotTxt(allData)