def sign(data):
"""Return <data> signed with the default GPG key."""
- msg = dumps((data,))
- p = _popen_gpg('--armor', '--sign')
+ msg = dumps((data,), methodresponse = True)
+ p = _popen_gpg('--armor', '--sign', '--keyring', '/etc/planetlab/secring.gpg', '--no-default-keyring')
p.stdin.write(msg)
p.stdin.close()
signed_msg = p.stdout.read()
def verify(signed_msg):
"""If <signed_msg> is a valid signed document, return its contents. Otherwise, return None."""
- p = _popen_gpg('--decrypt')
+ p = _popen_gpg('--decrypt', '--keyring', '/usr/boot/pubring.gpg', '--no-default-keyring')
p.stdin.write(signed_msg)
p.stdin.close()
msg = p.stdout.read()
def _popen_gpg(*args):
"""Return a Popen object to GPG."""
- return Popen((GPG, '--batch', '--no-tty') + args, stdin=PIPE, stdout=PIPE, stderr=PIPE)
+ return Popen((GPG, '--batch', '--no-tty') + args, stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True)