dotenv-gpg 0.3

data/lib/dotgpg/dir.rb

@@ -0,0 +1,220 @@
+class Dotgpg
+  class Dir
+
+    attr_reader :path
+
+    # Find the Dotgpg::Dir that contains the given path.
+    #
+    # If multiple are given only returns the directory if it contains all
+    # paths.
+    #
+    # If no path is given, find the Dotgpg::Dir that contains the current
+    # working directory.
+    #
+    # @param [*Array<String>] paths
+    # @return {nil|[Dotgpg::Dir]}
+    def self.closest(path=".", *others)
+      path = Pathname.new(File.absolute_path(path)).cleanpath
+
+      result = path.ascend do |parent|
+                maybe = Dotgpg::Dir.new(parent)
+                break maybe if maybe.dotgpg?
+              end
+
+      if others.any? && closest(*others) != result
+        nil
+      else
+        result
+      end
+    end
+
+    # Open a Dotgpg::Dir
+    #
+    # @param [String] path  The location of the directory
+    def initialize(path)
+      @path = Pathname.new(File.absolute_path(path)).cleanpath
+    end
+
+    # Get the keys currently associated with this directory.
+    #
+    # @return [Array<GPGME::Key>]
+    def known_keys
+      dotgpg.each_child.map do |key_file|
+        Dotgpg::Key.read key_file.open
+      end
+    end
+
+    # Decrypt the contents of path and write to output.
+    #
+    # The path should be absolute, and may point to outside
+    # this directory, though that is not recommended.
+    #
+    # @param [Pathname] path  The file to decrypt
+    # @param [IO] output  The IO to write to
+    # @return [Boolean]  false if decryption failed for an understandable reason
+    def decrypt(path, output)
+      File.open(path) do |f|
+        signature = false
+        temp = GPGME::Crypto.new.decrypt f, passphrase_callback: Dotgpg.method(:passfunc) do |s|
+          signature = s
+        end
+
+        unless ENV["DOTGPG_ALLOW_INJECTION_ATTACK"]
+          raise InvalidSignature, "file was not signed" unless signature
+          raise InvalidSignature, "signature was incorrect" unless signature.valid?
+          raise InvalidSignature, "signed by a stranger" unless known_keys.include?(signature.key)
+        end
+
+        output.write temp.read
+      end
+      true
+    rescue GPGME::Error::NoData, GPGME::Error::DecryptFailed, SystemCallError => e
+      Dotgpg.warn path, e
+      false
+    end
+
+    # Encrypt the input and write it to the given path.
+    #
+    # The path should be absolute, and may point to outside
+    # this directory, though that is not recommended.
+    #
+    # @param [Pathname] path  The desired destination
+    # @param [IO] input  The IO containing the plaintext
+    # @return [Boolean]  false if encryption failed for an understandable reason
+    def encrypt(path, input)
+      File.open(path, "w") do |f|
+        GPGME::Crypto.new.encrypt input, output: f,
+            recipients: known_keys,
+            armor: true,
+            always_trust: true,
+            sign: true,
+            passphrase_callback: Dotgpg.method(:passfunc),
+            signers: known_keys.detect{ |key| GPGME::Key.find(:secret).include?(key) }
+      end
+      true
+    rescue SystemCallError => e
+      Dotgpg.warn path, e
+      false
+    end
+
+    # Re-encrypts a set of files with the currently known keys.
+    #
+    # If a block is provided, it can be used to edit the files in
+    # their temporary un-encrypted state.
+    #
+    # @param [Array<Pathname>] files  the files to re-encrypt
+    # @yieldparam [Hash<Pathname, Tempfile>]  the unencrypted files for each param
+    def reencrypt(files, &block)
+      tempfiles = {}
+
+      files.uniq.each do |f|
+        temp = Tempfile.new([File.basename(f), ".sh"])
+        tempfiles[f] = temp
+        if File.exist? f
+          decrypted =  decrypt f, temp
+          tempfiles.delete f unless decrypted
+        end
+        temp.flush
+        temp.close(false)
+      end
+
+      yield tempfiles if block_given?
+
+      tempfiles.each_pair do |f, temp|
+        temp.open
+        temp.seek(0)
+        encrypt f, temp
+      end
+
+      nil
+    ensure
+      tempfiles.values.each do |temp|
+        temp.close(true)
+      end
+    end
+
+    # List every GPG-encrypted file in a directory recursively.
+    #
+    # Assumes the files are armored (non-armored files are hard to detect and
+    # dotgpg itself always armors)
+    #
+    # This is used to decide which files to re-encrypt when adding a user.
+    #
+    # @param [Pathname] dir
+    # @return [Array<Pathname>]
+    def all_encrypted_files(dir=path)
+      results = []
+      dir.each_child do |child|
+        if child.directory?
+          if !child.symlink? && child != dotgpg
+            results += all_encrypted_files(child)
+          end
+        elsif child.readable?
+          if child.read(1024) =~ /-----BEGIN PGP MESSAGE-----/
+            results << child
+          end
+        end
+      end
+
+      results
+    end
+
+    # Does this directory includea key for the given user yet?
+    #
+    # @param [GPGME::Key]
+    # @return [Boolean]
+    def has_key?(key)
+      File.exist? key_path(key)
+    end
+
+    # Add a given key to the directory
+    #
+    # Re-encrypts all files to add the new key as a recipient.
+    #
+    # @param [GPGME::Key]
+    def add_key(key)
+      reencrypt all_encrypted_files do
+        File.write key_path(key), key.export(armor: true).to_s
+      end
+    end
+
+    # Remove a given key from a directory
+    #
+    # Re-encrypts all files so that the removed key no-longer has access.
+    #
+    # @param [GPGME::Key]
+    def remove_key(key)
+      reencrypt all_encrypted_files do
+        key_path(key).unlink
+      end
+    end
+
+    # The path at which a key should be stored
+    #
+    # (i.e. .gpg/me@cirw.in)
+    #
+    # @param [GPGME::Key]
+    # @return [Pathname]
+    def key_path(key)
+      dotgpg + key.email
+    end
+
+    # The .gpg directory
+    #
+    # @return [Pathname]
+    def dotgpg
+      path + ".gpg"
+    end
+
+    # Does the .gpg directory exist?
+    #
+    # @return [Boolean]
+    def dotgpg?
+      dotgpg.directory?
+    end
+
+    def ==(other)
+      Dotgpg::Dir === other && other.path == self.path
+    end
+  end
+end

data/lib/dotgpg/key.rb

@@ -0,0 +1,105 @@
+class Dotgpg
+  class Key
+
+    def self.read(file)
+      GPGME::Key.import(file).imports.map do |import|
+        GPGME::Key.find(:public, import.fingerprint)
+      end.flatten.first
+    end
+
+    def self.secret_key(email=nil, force_new=nil)
+      new.secret_key(email, force_new)
+    end
+
+    def secret_key(email=nil, force_new=nil)
+      existing = existing_key(email)
+      if existing && !force_new
+        existing
+      else
+        create_new_key email
+      end
+    end
+
+    private
+
+    def existing_key(email=nil)
+      existing_private_keys.detect do |k|
+        email.nil? || k.email == email
+      end
+    end
+
+    def create_new_key(email=nil)
+      name = guess_name
+      email ||= guess_email
+
+      if email
+        puts "Creating a new GPG key: #{name} <#{email}>"
+        passphrase = get_passphrase
+      else
+        puts "Creating a new GPG key for #{name}"
+        email = get_email
+        passphrase = get_passphrase
+      end
+
+      puts "Generating large prime numbers, please wait..."
+      ctx = GPGME::Ctx.new
+      ctx.genkey(<<EOF, nil, nil)
+<GnupgKeyParms format="internal">
+Key-Type: RSA
+Key-Length: 2048
+Subkey-Type: RSA
+Subkey-Length: 2048
+Name-Real: #{name}
+Name-Comment: dotgpg
+Name-Email: #{email}
+Expire-Date: 0
+Passphrase: #{passphrase}
+</GnupgKeyParms>
+EOF
+
+      # return the most recently created key (race!)
+      GPGME::Key.find(:secret).sort_by{ |key|
+        key.primary_subkey.timestamp
+      }.last
+    end
+
+    def guess_name
+      name = `git config user.name 2>/dev/null`.strip
+      name = `whoami`.strip if name == ""
+      name
+    end
+
+    def guess_email
+      email = `git config user.email 2>/dev/null`.strip
+      email if email != ""
+    end
+
+    def get_email
+      email = ""
+      until email =~ /@/
+        email = Dotgpg.read_input "Email address: "
+      end
+      email
+    end
+
+    def get_passphrase
+      passphrase = confirmation = nil
+      until passphrase && passphrase == confirmation
+        times = 0
+        until passphrase && passphrase.length >= 10
+          times += 1
+          $stderr.puts "Passphrases should be secure! (>=10 chars)" if times >= 2
+          passphrase = Dotgpg.read_passphrase("Passphrase: ")
+        end
+        until confirmation && confirmation.length >= 10
+          confirmation = Dotgpg.read_passphrase("Passphrase confirmation: ")
+        end
+      end
+      passphrase
+    end
+
+    def existing_private_keys
+      GPGME::Key.find(:secret)
+    end
+  end
+end

data/lib/dotgpg/template/README.md

@@ -0,0 +1,20 @@
+This directory contains GPG-encrypted files managed by `dotgpg`.
+
+Getting started
+---------------
+
+To read files in this directory, send the output of running `dotgpg key` to someone
+who has access already. They will be able to run `dotgpg add` on your behalf.
+
+Usage
+-----
+
+You can edit any file with `dotgpg edit FILE`, and read any file with `dotgpg cat FILE`.
+
+The edit command looks at the value of `$EDITOR`, the internet will have a tutorial on
+how to set this up with your favourite editor.
+
+Details
+-------
+
+For more information, please see `dotgpg --help`, or the [README](https://github.com/ConradIrwin/dotgpg).

data/spec/cli_spec.rb

@@ -0,0 +1,255 @@
+require "./spec/helper"
+
+describe Dotgpg::Cli do
+  before do
+    @dotgpg = Dotgpg::Cli.new
+  end
+
+  describe "init" do
+    it "should default to the current directory" do
+      $fixture.join("create-0").mkdir
+      Dir.chdir $fixture.join("create-0") do
+        @dotgpg.invoke(:init, [])
+        assert $fixture.join("create-0", ".gpg", "test@example.com").exist?
+      end
+    end
+
+    it "should create a .gpg directory" do
+      refute $fixture.join("create-1", ".gpg").exist?
+      @dotgpg.invoke(:init, [($fixture + "create-1").to_s])
+      assert $fixture.join("create-1", ".gpg").exist?
+    end
+
+    it "should add the user's secret key to the .gpg directory" do
+      @dotgpg.invoke(:init, [($fixture + "create-2").to_s])
+      assert_equal $fixture.join("create-2", ".gpg", "test@example.com").read, GPGME::Key.find(:secret).first.export(armor: true).to_s
+    end
+
+    it "should add a README to the directory" do
+      @dotgpg.invoke(:init, [($fixture + "create-3").to_s])
+      assert_equal $fixture.join("create-3", ".gpg", "test@example.com").read, GPGME::Key.find(:secret).first.export(armor: true).to_s
+    end
+
+    it "should fail if the .gpg directory already exists" do
+      FileUtils.mkdir_p $fixture + "create-4" + ".gpg"
+      assert_fails(/\.gpg already exists/) do
+        @dotgpg.invoke(:init, [($fixture + "create-4").to_s])
+      end
+    end
+
+    it "can succeed if the directory itself already exists" do
+      FileUtils.mkdir_p $fixture + "create-5"
+      @dotgpg.invoke(:init, [($fixture + "create-5").to_s])
+      assert $fixture.join("create-5", ".gpg").exist?
+    end
+  end
+
+  describe "key" do
+    it "should output the secret key" do
+      assert_outputs GPGME::Key.find(:secret).first.export(armor: true).to_s do
+        @dotgpg.invoke(:key)
+      end
+    end
+  end
+
+  describe "add" do
+    before do
+      @path = $fixture + rand.to_s.gsub(".", "")
+      @path.mkdir
+      Dir.chdir @path do
+        Dotgpg::Cli.new.invoke(:init, [])
+      end
+    end
+
+    it "should add the specified key" do
+      key_path = ($fixture + "add1.key").to_s
+      Dir.chdir @path do
+        @dotgpg.invoke(:add, [key_path])
+      end
+      assert Dotgpg::Dir.new(@path).has_key? Dotgpg::Key.read(File.read(key_path))
+    end
+
+    it "should abort if the current working directory is not dotgpg" do
+      key_path = ($fixture + "add1.key").to_s
+      assert_fails(/not in a dotgpg directory/) do
+        @dotgpg.invoke(:add, [key_path])
+      end
+    end
+
+    it "should abort if the key cannot be read" do
+      key_path = ($fixture + "no-add1.key").to_s
+      Dir.chdir @path do
+        assert_fails(/no-add1.key: not a valid GPG key/) do
+          @dotgpg.invoke(:add, [key_path])
+        end
+      end
+    end
+
+    it "should abort if the key already exists" do
+      key_path = ($fixture + "add1.key").to_s
+      Dir.chdir @path do
+        Dotgpg::Cli.new.invoke(:add, [key_path])
+
+        assert_fails(/add1@example.com: already exists/) do
+          @dotgpg.invoke(:add, [key_path])
+        end
+      end
+    end
+
+    it "should do nothing if the key exists and --force is specified" do
+      key_path = ($fixture + "add1.key").to_s
+      Dir.chdir @path do
+        Dotgpg::Cli.new.invoke(:add, [key_path])
+
+        @dotgpg.invoke(:add, [key_path], force: true)
+      end
+    end
+  end
+
+  describe "rm" do
+    before do
+      @path = $fixture + rand.to_s.gsub(".", "")
+      @path.mkdir
+      Dir.chdir @path do
+        Dotgpg::Cli.new.invoke(:init, [])
+        Dotgpg::Cli.new.invoke(:add, [($fixture + "add1.key").to_s])
+      end
+    end
+
+    it "should remove the specified key" do
+      Dir.chdir @path do
+        @dotgpg.invoke :rm, [".gpg/add1@example.com"]
+      end
+      refute Dotgpg::Dir.new(@path).has_key? Dotgpg::Key.read(File.read($fixture + "add1.key"))
+    end
+
+    it "should find the key by email" do
+      Dir.chdir @path do
+        @dotgpg.invoke :rm, ["add1@example.com"]
+      end
+      refute Dotgpg::Dir.new(@path).has_key? Dotgpg::Key.read(File.read($fixture + "add1.key"))
+    end
+
+    it "should abort if the key doesn't exist" do
+      Dir.chdir @path do
+        assert_fails(/add2@example.com: not a valid GPG key/) do
+          @dotgpg.invoke :rm, ["add2@example.com"]
+        end
+      end
+    end
+
+    it "should abort if the key is the user's secret key" do
+      Dir.chdir @path do
+        assert_fails(/test@example.com: refusing to remove your own secret key/) do
+          @dotgpg.invoke :rm, ["test@example.com"]
+        end
+      end
+    end
+
+    it "should do nothing if they key doesn't exist and --force is specified" do
+      Dir.chdir @path do
+        @dotgpg.invoke :rm, ["add2@example.com"], force: true
+      end
+    end
+
+    it "should remove a secret key if --force is given" do
+      key = Dotgpg::Key.read(File.read(@path + ".gpg" + "test@example.com"))
+      Dir.chdir @path do
+        @dotgpg.invoke :rm, ["test@example.com"], force: true
+      end
+
+      refute Dotgpg::Dir.new(@path).has_key? key
+    end
+  end
+
+  describe "cat" do
+    before do
+      Dotgpg.passphrase = 'test'
+
+      @path = $fixture + rand.to_s.gsub(".", "")
+      Dotgpg::Cli.new.invoke(:init, [@path.to_s])
+      Dotgpg::Dir.new(@path).encrypt @path + "a", "Test\n"
+    end
+
+    it "should cat an existing encrypted file" do
+      assert_outputs "Test\n" do
+        @dotgpg.invoke :cat, [(@path + "a").to_s]
+      end
+    end
+
+    it "should warn if a file doesn't exist" do
+      assert_warns "#{@path + "b"}: No such file or directory" do
+        @dotgpg.invoke :cat, [(@path + "b").to_s]
+      end
+    end
+
+    it "should cat the existing files if a mixture is specified" do
+      assert_outputs "Test\n" do
+        assert_warns  "#{@path + "b"}: No such file or directory" do
+          @dotgpg.invoke :cat, [(@path + "b").to_s, (@path + "a").to_s]
+        end
+      end
+    end
+
+    it "should fail if the file is not in a .gpg directory" do
+      assert_fails "not in a dotgpg directory" do
+        @dotgpg.invoke :cat, ["/tmp/b"]
+      end
+    end
+
+    it "should fail if the passphrase is wrong" do
+      Dotgpg.passphrase = 'wrong'
+      assert_fails "Bad passphrase" do
+        @dotgpg.invoke :cat, [(@path + "a").to_s]
+      end
+    end
+  end
+
+  describe "edit" do
+    before do
+      Dotgpg.passphrase = 'test'
+
+      @path = $fixture + rand.to_s.gsub(".", "")
+      Dotgpg::Cli.new.invoke(:init, [@path.to_s])
+      Dotgpg::Dir.new(@path).encrypt @path + "a", "Bad test\n"
+
+    end
+
+    it "should let you edit an existing file" do
+      ENV['EDITOR'] = "sed -i '' s/Bad/Good/"
+      path = (@path + "a").to_s
+      @dotgpg.invoke(:edit, [path])
+      assert_outputs "Good test\n" do
+        Dotgpg::Dir.new(@path).decrypt path, $stdout
+      end
+    end
+
+    it "should open a non-existing file as blank" do
+      ENV['EDITOR'] = "ruby -e 'File.write(ARGV[0], %(Good test\n)) if File.read(ARGV[0]) == %()'"
+      path = (@path + "b").to_s
+      @dotgpg.invoke(:edit, [path])
+      assert_outputs "Good test\n" do
+        Dotgpg::Dir.new(@path).decrypt path, $stdout
+      end
+    end
+
+    it "should warn if a file cannot be decrypted" do
+      File.write(@path + "d", "not encrypted...")
+      path = (@path + "d").to_s
+      assert_warns "#{@path + "d"}: No data" do
+        @dotgpg.invoke(:edit, [path])
+      end
+    end
+
+    it "should fail if invoking the editor doesn't work" do
+      ENV['EDITOR'] = 'not-an-editor'
+      assert_fails "Problem with editor. Not saving changes" do
+        @dotgpg.invoke :edit, [(@path + "a").to_s]
+      end
+    end
+
+    it "should edit the existing files if a mixture is specified" do
+
+    end
+  end
+end