GPG = '/usr/bin/gpg'
+def _popen_gpg(*args):
+ """Return a Popen object to GPG."""
+ return Popen((GPG, '--batch', '--no-tty') + args,
+ stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True)
def sign(data):
"""Return <data> signed with the default GPG key."""
- msg = dumps((data,))
- p = _popen_gpg('--armor', '--sign')
+ msg = dumps((data,), methodresponse = True)
+ p = _popen_gpg('--armor', '--sign', '--keyring', '/etc/planetlab/secring.gpg', '--no-default-keyring')
p.stdin.write(msg)
p.stdin.close()
signed_msg = p.stdout.read()
msg = p.stdout.read()
p.stdout.close()
p.stderr.close()
- if p.wait(): return None # verification failed
+ if p.wait():
+ return None # verification failed
else:
data, = loads(msg)[0]
return data
-
-def _popen_gpg(*args):
- """Return a Popen object to GPG."""
- return Popen((GPG, '--batch', '--no-tty') + args, stdin=PIPE, stdout=PIPE, stderr=PIPE)