klacointe-openpgp 0.0.1.3

data/lib/openpgp/engine/gnupg.rb

@@ -0,0 +1,194 @@
+module OpenPGP class Engine
+  ##
+  # GNU Privacy Guard (GnuPG) wrapper.
+  #
+  # @see http://www.gnupg.org/
+  class GnuPG < Engine
+    class Error < IOError; end
+
+    def self.available?
+      self.new.available?
+    end
+
+    OPTIONS = {
+      :batch                 => true,
+      :quiet                 => true,
+      :no_verbose            => true,
+      :no_tty                => true,
+      :no_permission_warning => true,
+      :no_random_seed_file   => true,
+    }
+
+    attr_accessor :where
+    attr_accessor :options
+
+    def initialize(options = {})
+      @where   = '/usr/bin/env gpg' # FIXME
+      @options = OPTIONS.merge!(options)
+    end
+
+    ##
+    # Determines if GnuPG is available.
+    def available?
+      !!version
+    end
+
+    ##
+    # Returns the GnuPG version number.
+    def version
+      exec(:version).readline =~ /^gpg \(GnuPG\) (.*)$/ ? $1 : nil
+    end
+
+    ##
+    # Generates a new OpenPGP keypair and stores it GnuPG's keyring.
+    def gen_key(info = {})
+      stdin, stdout, stderr = exec3(:gen_key) do |stdin, stdout, stderr|
+        stdin.puts "Key-Type: #{info[:key_type]}"           if info[:key_type]
+        stdin.puts "Key-Length: #{info[:key_length]}"       if info[:key_length]
+        stdin.puts "Subkey-Type: #{info[:subkey_type]}"     if info[:subkey_type]
+        stdin.puts "Subkey-Length: #{info[:subkey_length]}" if info[:subkey_length]
+        stdin.puts "Name-Real: #{info[:name]}"              if info[:name]
+        stdin.puts "Name-Comment: #{info[:comment]}"        if info[:comment]
+        stdin.puts "Name-Email: #{info[:email]}"            if info[:email]
+        stdin.puts "Expire-Date: #{info[:expire_date]}"     if info[:expire_date]
+        stdin.puts "Passphrase: #{info[:passphrase]}"       if info[:passphrase]
+        stdin.puts "%commit"
+      end
+      stderr.each_line do |line|
+        if (line = line.chomp) =~ /^gpg: key ([0-9A-F]+) marked as ultimately trusted/
+          return $1.to_i(16) # the key ID
+        end
+      end
+      return nil
+    end
+
+    ##
+    # Exports a specified key from the GnuPG keyring.
+    def export(key_id = nil, opts = {})
+      OpenPGP::Message.parse(exec([:export, *[key_id].flatten], opts ).read)
+    end
+
+    ##
+    ##
+    # Imports a specified keyfile into the GnuPG keyring.
+    def import()
+      # TODO
+    end
+
+    def delete_secret_and_public_key(key_id)
+      opts = {:batch => true}
+      OpenPGP::Message.parse(exec([:delete_secret_and_public_key, key_fingerprint(key_id)], opts ).read)
+    end
+
+    def key_fingerprint(key_id, opts = {})
+      message = exec([:fingerprint, *[key_id].flatten], opts ).read
+      if message =~ /Key fingerprint = (.*)\n/
+        return $1.delete(" ")
+      end
+      nil
+    end
+
+    ##
+    # Returns an array of key IDs/titles of the keys in the public keyring.
+    def list_keys()
+      # TODO
+    end
+
+    ##
+    # Encrypts the given plaintext to the specified recipients.
+    def encrypt(plaintext, options = {})
+      # TODO
+    end
+
+    ##
+    # Decrypts the given ciphertext using the specified key ID.
+    def decrypt(ciphertext, options = {})
+      # TODO
+    end
+
+    ##
+    # Makes an OpenPGP signature.
+    def sign()
+      # TODO
+    end
+
+    ##
+    # Makes an OpenPGP signature.
+    def sign_file(key_id, file, passphrase)
+      OpenPGP::Message.parse(exec([:sign, file],{ :local_user => key_id, :passphrase => passphrase}).read)
+    end
+
+    ##
+    # Makes a clear text OpenPGP signature.
+    def clearsign()
+      # TODO
+    end
+
+    ##
+    # Makes a detached OpenPGP signature.
+    def detach_sign()
+      # TODO
+    end
+
+    ##
+    # Verifies an OpenPGP signature.
+    def verify(key_id, file)
+      OpenPGP::Message.parse(exec([:verify, file],{ :local_user => key_id}).read)
+    end
+
+    ##
+    # Executes a GnuPG command, yielding the standard input and returning
+    # the standard output.
+    def exec(command, options = {}, &block) #:yields: stdin
+      exec4(command, options) do |pid, stdin, stdout, stderr|
+        block.call(stdin) if block_given?
+        stdin.close_write
+        pid, status = Process.waitpid2(pid)
+        raise Error, stderr.read.chomp if status.exitstatus.nonzero?
+        stdout
+      end
+    end
+
+    ##
+    # Executes a GnuPG command, yielding and returning the standard input,
+    # output and error.
+    def exec3(command, options = {}, &block) #:yields: stdin, stdout, stderr
+      exec4(command, options) do |pid, stdin, stdout, stderr|
+        block.call(stdin, stdout, stderr) if block_given?
+        stdin.close_write
+        pid, status = Process.waitpid2(pid)
+        raise Error, stderr.read.chomp if status.exitstatus.nonzero?
+        [stdin, stdout, stderr]
+      end
+    end
+
+    ##
+    # Executes a GnuPG command, yielding the process identifier as well as
+    # the standard input, output and error.
+    def exec4(command, options = {}, &block) #:yields: pid, stdin, stdout, stderr
+      require 'rubygems'
+      require 'open4'
+      p Open4.popen4(cmdline(command, options))
+      block.call(*Open4.popen4(cmdline(command, options)))
+    end
+
+    protected
+
+      ##
+      # Constructs the GnuPG command-line for use with +exec+.
+      def cmdline(command, options = {})
+        command = [command].flatten
+        cmdline = [where]
+        cmdline += @options.merge(options).map { |k, v| !v ? nil : "#{option(k)} #{v == true ? '' : v.to_s}".rstrip }.compact
+        cmdline << option(command.shift)
+        cmdline += command
+        cmdline.flatten.join(' ').strip
+      end
+
+      ##
+      # Translates Ruby symbols into GnuPG option arguments.
+      def option(option)
+        "--" << option.to_s.gsub('_', '-')
+      end
+  end
+end end

data/lib/openpgp/engine/openssl.rb

@@ -0,0 +1,47 @@
+module OpenPGP
+  class Engine
+    class OpenSSL < Engine
+      def self.load!(reload = false)
+        require 'openssl' unless defined?(::OpenSSL) || reload
+      end
+
+      def self.install!
+        load!
+        [Random, Digest].each { |mod| install_extensions! mod }
+      end
+
+      module Random #:nodoc:
+        def number(bits = 32, options = {})
+          ::OpenSSL::BN.rand(bits)
+        end
+
+        def prime(bits, options = {})
+          ::OpenSSL::BN.generate_prime(bits, options[:safe])
+        end
+
+        def bytes(count, &block)
+          ::OpenSSL::Random.random_bytes(count)
+        end
+      end
+
+      module Digest #:nodoc:
+        def size
+          ::OpenSSL::Digest.new(algorithm.to_s).digest_length
+        end
+
+        def hexdigest(data)
+          ::OpenSSL::Digest.hexdigest(algorithm.to_s, data).upcase
+        end
+
+        def digest(data)
+          ::OpenSSL::Digest.digest(algorithm.to_s, data)
+        end
+      end
+
+      module Cipher #:nodoc:
+        # TODO
+      end
+
+    end
+  end
+end

data/lib/openpgp/engine.rb

@@ -0,0 +1,46 @@
+module OpenPGP
+  class Engine
+    autoload :GnuPG,   'openpgp/engine/gnupg'
+    autoload :OpenSSL, 'openpgp/engine/openssl'
+
+    def self.available?
+      begin
+        load!(true)
+        return true
+      rescue LoadError => e
+        return false
+      end
+    end
+
+    def self.load!(reload = false)
+      raise LoadError
+    end
+
+    def self.install!
+      load!
+    end
+
+    def self.use(&block)
+      load!
+      block.call(self)
+    end
+
+    protected
+
+      def self.install_extensions!(extension)
+        name = extension.name.split('::').last.to_sym
+
+        klass = OpenPGP.const_get(name)
+        extension.constants.each do |const|
+          klass.send(:remove_const, const)
+          klass.const_set(const, extension.const_get(const))
+        end
+
+        target = (class << klass; self; end)
+        extension.instance_methods(false).each do |method|
+          target.send(:remove_method, method)
+          target.send(:include, extension)
+        end
+      end
+  end
+end

data/lib/openpgp/message.rb

@@ -0,0 +1,106 @@
+module OpenPGP
+  ##
+  # OpenPGP message.
+  #
+  # @see http://tools.ietf.org/html/rfc4880#section-4.1
+  # @see http://tools.ietf.org/html/rfc4880#section-11
+  # @see http://tools.ietf.org/html/rfc4880#section-11.3
+  class Message
+    include Enumerable
+
+    attr_accessor :packets
+
+    ##
+    # Creates an encrypted OpenPGP message.
+    def self.encrypt(data, options = {}, &block)
+      if options[:symmetric]
+        key    = (options[:key]    || S2K::DEFAULT.new(options[:passphrase]))
+        cipher = (options[:cipher] || Cipher::DEFAULT).new(key)
+
+        msg    = self.new do |msg|
+          msg << Packet::SymmetricSessionKey.new(:algorithm => cipher.identifier, :s2k => key)
+          msg << Packet::EncryptedData.new do |packet|
+            plaintext = self.write do |msg|
+              case data
+                when Message then data.each { |packet| msg << packet }
+                when Packet  then msg << data
+                else msg << Packet::LiteralData.new(:data => data)
+              end
+            end
+            packet.data = cipher.encrypt(plaintext)
+          end
+        end
+
+        block_given? ? block.call(msg) : msg
+      else
+        raise NotImplementedError # TODO
+      end
+    end
+
+    ##
+    def self.decrypt(data, options = {}, &block)
+      raise NotImplementedError # TODO
+    end
+
+    ##
+    # Parses an OpenPGP message.
+    #
+    # @see http://tools.ietf.org/html/rfc4880#section-4.1
+    # @see http://tools.ietf.org/html/rfc4880#section-4.2
+    def self.parse(data)
+      data = Buffer.new(data.to_str) if data.respond_to?(:to_str)
+
+      msg = self.new
+      until data.eof?
+        if packet = OpenPGP::Packet.parse(data)
+          msg << packet
+        else
+          raise "Invalid OpenPGP message data at position #{data.pos}"
+        end
+      end
+      msg
+    end
+
+    def self.write(io = nil, &block)
+      data = self.new(&block).to_s
+      io.respond_to?(:write) ? io.write(data) : data
+    end
+
+    def initialize(*packets, &block)
+      @packets = packets.flatten
+      block.call(self) if block_given?
+    end
+
+    def each(&block) # :yields: packet
+      packets.each(&block)
+    end
+
+    def to_a
+      packets.to_a
+    end
+
+    def <<(packet)
+      packets << packet
+    end
+
+    def empty?
+      packets.empty?
+    end
+
+    def size
+      inject(0) { |sum, packet| sum + packet.size }
+    end
+
+    def to_s
+      Buffer.write do |buffer|
+        packets.each do |packet|
+          if body = packet.body
+            buffer.write_byte(packet.class.tag | 0xC0)
+            buffer.write_byte(body.size)
+            buffer.write_bytes(body)
+          end
+        end
+      end
+    end
+  end
+end