Skip to content
Snippets Groups Projects
Commit 458f7f04 authored by Chris Lamb's avatar Chris Lamb :eyes:
Browse files

Use a determistic name instead of trusting gpg's --use-embedded-filenames....

Use a determistic name instead of trusting gpg's --use-embedded-filenames. (Closes: reproducible-builds/diffoscope#361)

... but also expose the embedded name by attaching the ("unstable") output of
--list-packets.

Many thanks to Daniel Kahn Gillmor <dkg@debian.org> for reporting this issue
and providing feedback.
parent dde47ee9
No related branches found
No related tags found
No related merge requests found
Pipeline #636811 failed
......@@ -32,6 +32,8 @@ from .utils.command import Command, our_check_output
logger = logging.getLogger(__name__)
re_name = re.compile(r", created \d+, name=\"(?P<name>[^\"]+)\",")
class Pgpdump(Command):
@tool_required("pgpdump")
......@@ -46,21 +48,31 @@ class Pgpdump(Command):
)
class GpgListPackets(Command):
@tool_required("gpg")
def cmdline(self):
return (
"gpg",
"--no-keyring",
"--list-packets",
self.path,
)
class PGPContainer(Archive):
@tool_required("gpg")
def open_archive(self):
# Extract to a fresh temporary directory so that we can use the
# embedded filename.
# Extract to a fresh temporary directory.
self._temp_dir = get_temporary_directory(suffix="pgp")
try:
our_check_output(
(
"gpg",
"--use-embedded-filename",
"--decrypt",
"--no-keyring",
"--output",
os.path.join(self._temp_dir.name, "contents"),
os.path.abspath(self.source.path),
),
cwd=self._temp_dir.name,
......@@ -75,7 +87,7 @@ class PGPContainer(Archive):
self._temp_dir.cleanup()
def get_member_names(self):
# Will only return one filename, taken from the signature file itself.
# Will only ever return one filename
return os.listdir(self._temp_dir.name)
def extract(self, member_name, dest_dir):
......@@ -136,4 +148,16 @@ class PgpSignature(TextFile):
]
)
# ... as well as gpg --list-packets
difference.add_details(
[
Difference.from_operation(
GpgListPackets,
self.path,
other.path,
source="gpg --list-packets",
)
]
)
return difference
......@@ -80,8 +80,9 @@ def test_pgp_signature_identification(signature1, signature2):
def test_pgp_signature(signature1, signature2):
difference = signature1.compare(signature2)
assert_diff(difference, "pgp_signature_expected_diff")
assert len(difference.details) == 2
assert difference.details[0].source1 == "pgpdump"
assert len(difference.details) == 1
assert difference.details[1].source1 == "gpg --list-packets"
@skip_unless_tools_exist("pgpdump")
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment