Show signature data on package details page

Now that we have a way to decode and process the signature data, we can
match the key_id to a known developer if possible and show this data on
the package page.

Signed-off-by: Dan McGee <dan@archlinux.org>

4 files changed, 39 insertions, 10 deletions

diff --git a/main/models.py b/main/models.py
index 15a92662..4f2d64ea 100644
--- a/main/models.py
+++ b/main/models.py
@@ -1,3 +1,9 @@
+from base64 import b64decode
+from datetime import datetime
+from itertools import groupby
+from pgpdump import BinaryData
+import pytz
+
 from django.db import models
 from django.contrib.auth.models import User
 from django.contrib.sites.models import Site
@@ -5,10 +11,6 @@ from django.contrib.sites.models import Site
 from .fields import PositiveBigIntegerField, PGPKeyField
 from .utils import cache_function, make_choice, set_created_field
 
-from datetime import datetime
-from itertools import groupby
-import pytz
-
 
 class UserProfile(models.Model):
     notify = models.BooleanField(
@@ -183,8 +185,29 @@ class Package(models.Model):
         domain = Site.objects.get_current().domain
         return '%s://%s%s' % (proto, domain, self.get_absolute_url())
 
-    def is_signed(self):
-        return bool(self.pgp_signature)
+    @property
+    @cache_function(15)
+    def signature(self):
+        try:
+            data = b64decode(self.pgp_signature)
+        except TypeError:
+            return None
+        data = BinaryData(data)
+        packets = list(data.packets())
+        return packets[0]
+
+    @property
+    @cache_function(15)
+    def signer(self):
+        sig = self.signature
+        if sig and sig.key_id:
+            try:
+                user = User.objects.get(
+                        userprofile__pgp_key__endswith=sig.key_id)
+            except User.DoesNotExist:
+                user = None
+            return user
+        return None
 
     _maintainers = None
 
diff --git a/requirements.txt b/requirements.txt
index a9643581..83355a9e 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,5 @@
 Django==1.3.1
 Markdown==2.1.1
 South==0.7.3
+pgpdump==1.1
 pytz>=2011n
diff --git a/requirements_prod.txt b/requirements_prod.txt
index bb8c6954..ebac73ca 100644
--- a/requirements_prod.txt
+++ b/requirements_prod.txt
@@ -2,6 +2,7 @@ Django==1.3.1
 Markdown==2.1.1
 MySQL-python==1.2.3
 South==0.7.3
-pyinotify==0.9.2
+pgpdump==1.1
+pyinotify==0.9.3
 python-memcached==1.48
 pytz>=2011n
diff --git a/templates/packages/details.html b/templates/packages/details.html
index e0dd7034..be7da7be 100644
--- a/templates/packages/details.html
+++ b/templates/packages/details.html
@@ -1,5 +1,6 @@
 {% extends "base.html" %}
 {% load package_extras %}
+{% load pgp %}
 
 {% block title %}Arch Linux - {{ pkg.pkgname }} {{ pkg.full_version }} ({{ pkg.arch.name }}){% endblock %}
 {% block navbarclass %}anb-packages{% endblock %}
@@ -145,12 +146,15 @@
             <th>Last Packager:</th>
             <td>{% with pkg.packager as pkgr %}{% if pkgr %}{% packager_link pkgr %}{% else %}{{ pkg.packager_str }}{% endif %}{% endwith %}</td>
         </tr><tr>
-            <th>Signed:</th>
-            <td>{{ pkg.is_signed|yesno|capfirst }}</td>
-        </tr><tr>
             <th>Build Date:</th>
             <td>{{ pkg.build_date|date:"DATETIME_FORMAT" }} UTC</td>
         </tr><tr>
+            <th>Signed By:</th>
+            <td>{% with pkg.signer as signer %}{% if signer %}{% pgp_key_link pkg.signature.key_id signer.get_full_name %}{% else %}Unsigned{% endif %}{% endwith %}</td>
+        </tr>{% if pkg.signature %}<tr>
+            <th>Signature Date:</th>
+            <td>{{ pkg.signature.datetime|date:"DATETIME_FORMAT" }} UTC</td>
+        </tr>{% endif %}<tr>
             <th>Last Updated:</th>
             <td>{{ pkg.last_update|date }}</td>
         </tr>