iostreams 1.1.1 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1a141ad8f92a6c1387ad487fc8cf545bcc010ebc862967ffce8f79f71b7ba2d6
-  data.tar.gz: 0210b8d23390ddff6fe31133c24b88b2beb7e5e0f54d6b9df962632dc369a9ec
+  metadata.gz: 56c0432a5b7820924d8e7f72df07579366ae09dae03d8abe431e5b8fbc88de2b
+  data.tar.gz: 73d78b153b9bfd079f9d3345f8f56eed7afec70a7fddda14f5478135faedf6d3
 SHA512:
-  metadata.gz: 810573a43277573365e946205465a4a1cc87c65cf517450dc6f363f5bb7168e66a25cd2d891e346d09c4b96aa9166f369fd2bc9dc21ec2112d87bce270467ff2
-  data.tar.gz: 2304155b27a897f270263283bdf499855a81f80885b9103b6c116f135904a42d73bfb29705a8156f3bde973b7a899eba9b123073e7b140a2e502b2203869ad1f
+  metadata.gz: 84b123abc4f78428344baa772356cfac922584ed8c03af41701c5bdcd17380283b3592c9989941b1126999a6b3dcef7367b4a0d4bbf67143ab678a24dc798ff6
+  data.tar.gz: 4c35ae431bc0862b47e738b04f0dd88a98661b299845f3124c08f368c3532cf03012504d0ddcd18375295dd8590ea565e5a2483244602dd88f25fca7f7ef1328

data/README.md

@@ -5,7 +5,7 @@ Input and Output streaming for Ruby.
 
 ## Project Status
 
-Production Ready, but API is subject to breaking changes until V1 is released.
+Production Ready. 
 
 ## Features
 

data/lib/io_streams/pgp.rb

@@ -180,7 +180,7 @@ module IOStreams
 
     # Deprecated
     def self.has_key?(**args)
-      key(**args)
+      key?(**args)
     end
 
     # Returns [Array<Hash>] the list of keys.
@@ -327,7 +327,7 @@ module IOStreams
     def self.import_and_trust(key:)
       raise(ArgumentError, "Key cannot be empty") if key.nil? || (key == "")
 
-      email = key_info(key: key).first.fetch(:email)
+      email = key_info(key: key).last.fetch(:email)
       raise(ArgumentError, "Recipient email cannot be extracted from supplied key") unless email
 
       import(key: key)

data/lib/io_streams/pgp/writer.rb

@@ -12,6 +12,11 @@ module IOStreams
         # Default: None.
         attr_writer :default_signer_passphrase
 
+        # Encrypt all pgp output files with this recipient for audit purposes.
+        # Allows the generated pgp files to be decrypted with this email address.
+        # Useful for audit or problem resolution purposes.
+        attr_accessor :audit_recipient
+
         private
 
         attr_reader :default_signer_passphrase
@@ -19,6 +24,7 @@ module IOStreams
 
         @default_signer_passphrase = nil
         @default_signer            = nil
+        @audit_recipient           = nil
       end
 
       # Write to a PGP / GPG file, encrypting the contents as it is written.
@@ -26,8 +32,12 @@ module IOStreams
       # file_name: [String]
       #   Name of file to write to.
       #
-      # recipient: [String]
-      #   Email of user for which to encypt the file.
+      # recipient: [String|Array<String>]
+      #   One or more emails of users for which to encrypt the file.
+      #
+      # import_and_trust_key: [String|Array<String>]
+      #   One or more pgp keys to import and then use to encrypt the file.
+      #   Note: Ascii Keys can contain multiple keys, only the last one in the file is used.
       #
       # signer: [String]
       #   Name of user with which to sign the encypted file.
@@ -46,12 +56,26 @@ module IOStreams
       # compress_level: [Integer]
       #   Compression level
       #   Default: 6
-      def self.file(file_name, recipient: nil, import_and_trust_key: nil, signer: default_signer, signer_passphrase: default_signer_passphrase, compression: :zip, compress_level: 6, original_file_name: nil)
+      def self.file(file_name,
+                    recipient: nil,
+                    import_and_trust_key: nil,
+                    signer: default_signer,
+                    signer_passphrase: default_signer_passphrase,
+                    compression: :zip,
+                    compress_level: 6,
+                    original_file_name: nil)
+
         raise(ArgumentError, "Requires either :recipient or :import_and_trust_key") unless recipient || import_and_trust_key
 
-        recipient      = IOStreams::Pgp.import_and_trust(key: import_and_trust_key) if import_and_trust_key
         compress_level = 0 if compression == :none
 
+        recipients = Array(recipient)
+        recipients << audit_recipient if audit_recipient
+
+        Array(import_and_trust_key).each do |key|
+          recipients << IOStreams::Pgp.import_and_trust(key: key)
+        end
+
         # Write to stdin, with encrypted contents being written to the file
         command = "#{IOStreams::Pgp.executable} --batch --no-tty --yes --encrypt"
         command << " --sign --local-user \"#{signer}\"" if signer
@@ -61,7 +85,8 @@ module IOStreams
         end
         command << " -z #{compress_level}" if compress_level != 6
         command << " --compress-algo #{compression}" unless compression == :none
-        command << " --recipient \"#{recipient}\" -o \"#{file_name}\""
+        recipients.each { |address| command << " --recipient \"#{address}\"" }
+        command << " -o \"#{file_name}\""
 
         IOStreams::Pgp.logger&.debug { "IOStreams::Pgp::Writer.open: #{command}" }
 

data/lib/io_streams/version.rb

@@ -1,3 +1,3 @@
 module IOStreams
-  VERSION = "1.1.1".freeze
+  VERSION = "1.2.0".freeze
 end

data/test/pgp_writer_test.rb

@@ -52,6 +52,32 @@ class PgpWriterTest < Minitest::Test
         assert_equal decrypted, result
       end
 
+      it "supports multiple recipients" do
+          IOStreams::Pgp::Writer.file(file_name, recipient: %w[receiver@example.org receiver2@example.org], signer: "sender@example.org", signer_passphrase: "sender_passphrase") do |io|
+            io.write(decrypted)
+          end
+
+        result = IOStreams::Pgp::Reader.file(file_name, passphrase: "receiver_passphrase", &:read)
+        assert_equal decrypted, result
+
+        result = IOStreams::Pgp::Reader.file(file_name, passphrase: "receiver2_passphrase", &:read)
+        assert_equal decrypted, result
+      end
+
+      it "encrypts for recipient and audit recipient" do
+        IOStreams::Pgp::Writer.stub(:audit_recipient, "receiver2@example.org") do
+          IOStreams::Pgp::Writer.file(file_name, recipient: "receiver@example.org", signer: "sender@example.org", signer_passphrase: "sender_passphrase") do |io|
+            io.write(decrypted)
+          end
+        end
+
+        result = IOStreams::Pgp::Reader.file(file_name, passphrase: "receiver_passphrase", &:read)
+        assert_equal decrypted, result
+
+        result = IOStreams::Pgp::Reader.file(file_name, passphrase: "receiver2_passphrase", &:read)
+        assert_equal decrypted, result
+      end
+
       it "fails with bad signer passphrase" do
         skip "GnuPG v2.1 and above passes when it should not" if IOStreams::Pgp.pgp_version.to_f >= 2.1
         assert_raises IOStreams::Pgp::Failure do

data/test/test_helper.rb

@@ -32,6 +32,10 @@ unless IOStreams::Pgp.key?(email: "receiver@example.org")
   puts "Generating test PGP key: receiver@example.org"
   IOStreams::Pgp.generate_key(name: "Receiver", email: "receiver@example.org", passphrase: "receiver_passphrase", key_length: 2048)
 end
+unless IOStreams::Pgp.key?(email: "receiver2@example.org")
+  puts "Generating test PGP key: receiver2@example.org"
+  IOStreams::Pgp.generate_key(name: "Receiver2", email: "receiver2@example.org", passphrase: "receiver2_passphrase", key_length: 2048)
+end
 
 # Test paths
 root = File.expand_path(File.join(__dir__, "../tmp"))

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: iostreams
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 1.2.0
 platform: ruby
 authors:
 - Reid Morrison
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-04-04 00:00:00.000000000 Z
+date: 2020-04-29 00:00:00.000000000 Z
 dependencies: []
 description: 
 email:
@@ -131,7 +131,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.0.8
 signing_key: 
 specification_version: 4
 summary: Input and Output streaming for Ruby.