hiera-eyaml-gpg_ruby 0.5 → 0.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c1113a5bd3e83150d3f368f627085a531895d003
-  data.tar.gz: 23077e7de1fdef016abe4877e1cacf671905a209
+  metadata.gz: f977e0b374e9acc78af2c238573bf15dc5f30e76
+  data.tar.gz: 757317de188420c1687b61fd5f8b8ae7e503b773
 SHA512:
-  metadata.gz: 2f0611e3d8125b4a558ac6283f0ece66f8f569bd43cedc94e0d171bc94910f7c4c9bb051e1c08c6bb855f54c21575dd3a12c70de4cd677f70caa08258be07c52
-  data.tar.gz: ba5ef926bf73f74dba4faacc4ad09cc9c7051640087b85e911f49497116aba9eb0a7cce5cc5b74b8521686e2e020609a9d4334be02fd2627d2b699340b11e710
+  metadata.gz: dd63716ef95adcf8768b30aaf0ad99215fcde7944a7f54c7c067cbd7285a2e6de77cd3e99fcfa81e1fd22693522a85d9df239268045794f4d055242ad9b82c26
+  data.tar.gz: b417987eb441341f2db218a7767dc6663f430705dbe938964d6080c4ef5397fa56ca7fc9079774a6c68e062a0366ec3cca9912adea433349e1d30d040b85d57f

data/Gemfile

@@ -1,8 +1,8 @@
 source 'https://rubygems.org/'
 
 gem 'hiera-eyaml', ">=1.3.8"
-gem 'ruby_gpg', ">=0.3.0"
+gem 'gpgme', ">=2.0.0"
 
 group :development do
   gem "aruba"
-end
+end

data/lib/hiera/backend/eyaml/encryptors/gpg.rb

@@ -1,4 +1,4 @@
-require 'gpgme'
+require 'ruby_gpg'
 require 'base64'
 require 'pathname'
 require 'hiera/backend/eyaml/encryptor'
@@ -94,75 +94,25 @@ class Hiera
 
           def self.encrypt plaintext
             gnupghome = self.option :gnupghome
-            GPGME::Engine.home_dir = gnupghome
             debug("GNUPGHOME is #{gnupghome}")
-
-            ctx = GPGME::Ctx.new
+            RubyGpg.config.homedir = gnupghome
 
             recipients = self.find_recipients
             debug("Recipents are #{recipients}")
 
             raise RecoverableError, 'No recipients provided, don\'t know who to encrypt to' if recipients.empty?
 
-            keys = recipients.map {|r| 
-              key_to_use = ctx.keys(r).first 
-              if key_to_use.nil? 
-                raise RecoverableError, "No key found on keyring for #{r}"
-              end
-              key_to_use
-            }
-            debug("Keys: #{keys}")
-
-            always_trust = self.option(:always_trust)
-            unless always_trust
-              # check validity of recipients (this is possibly naive, but better than the unhelpful
-              # error that it would spit out otherwise)
-              keys.each do |key|
-                unless key.primary_uid.validity >= GPGME::VALIDITY_FULL
-                  raise RecoverableError, "Key #{key.sha} (#{key.email}) not trusted (if key trust is established by another means then specify always-trust)"
-                end
-              end
-            end
-
-            data = GPGME::Data.from_str(plaintext)
-            crypto = GPGME::Crypto.new(:always_trust => always_trust)
+            # TODO: check that keys are trusted
 
-            ciphertext = crypto.encrypt(data, :recipients => keys)
-            ciphertext.seek 0
-            ciphertext.read
+            RubyGpg.encrypt_string(plaintext, recipients)
           end
 
           def self.decrypt ciphertext
             gnupghome = self.option :gnupghome
-            GPGME::Engine.home_dir = gnupghome
             debug("GNUPGHOME is #{gnupghome}")
+            RubyGpg.config.homedir = gnupghome
 
-            ctx = if hiera?
-              GPGME::Ctx.new
-            else
-              GPGME::Ctx.new(:passphrase_callback => method(:passfunc))
-            end
-
-            if !ctx.keys.empty?
-              raw = GPGME::Data.new(ciphertext)
-              txt = GPGME::Data.new
-
-              begin
-                txt = ctx.decrypt(raw)
-              rescue GPGME::Error::DecryptFailed => e
-                warn("Fatal: Failed to decrypt ciphertext (check settings and that you are a recipient)")
-                raise e
-              rescue Exception => e
-                warn("Warning: General exception decrypting GPG file")
-                raise e
-              end
-
-              txt.seek 0
-              txt.read
-            else
-              warn("No usable keys found in #{gnupghome}. Check :gpg_gnupghome value in hiera.yaml is correct")
-              raise ArgumentError, "No usable keys found in #{gnupghome}. Check :gpg_gnupghome value in hiera.yaml is correct"
-            end
+            RubyGpg.decrypt_string(ciphertext)
           end
 
           def self.create_keys

data/lib/hiera/backend/eyaml/encryptors/gpg/version.rb

@@ -3,7 +3,7 @@ class Hiera
     module Eyaml
       module Encryptors
         module Gpg
-          VERSION = "0.5"
+          VERSION = "0.6"
         end
       end
     end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: hiera-eyaml-gpg_ruby
 version: !ruby/object:Gem::Version
-  version: '0.5'
+  version: '0.6'
 platform: ruby
 authors:
 - Raphaël Pinson