rnp 0.2.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5d997fdd65d50e439f931a6afc105659dd9bfbbd
-  data.tar.gz: ab48ba3cc08fc0602681c2a4a984e0268ce86470
+  metadata.gz: 819cdabaf35f30cd1ab40367c4f1ac1e737f00ed
+  data.tar.gz: 4ef0f37aa752856fdff385d5008d0fd1c64b8846
 SHA512:
-  metadata.gz: d8dd13a749c5a8a198237b190162152b82adad829dd84543999fef314243feb40a15a551ad215bc6919ff87affc48b165f7783df93d9a28d4d00d6128b897d5c
-  data.tar.gz: 5d9638146fe1a5b9966cdec3bc6fa0c5f3870526c3bff347aa0c07f62fdec63b5419de06a01dcb44f774e19a04e7fffbded61d332b365375fc7e3019fc04a8f2
+  metadata.gz: 571f718f9d06e6b5b796b2d867af8edb0a4e36ebb09d7db52e40c93582998761c271d93b10306378e73823fce0a604c11954cb855ee5ce05915dc7de49e14299
+  data.tar.gz: c42de97ae72fb766073073d4080f36e9b93cae4a558a53b5a05377eaf946d7abc45ffe9c32f1f683b41275da78ba5abaa8ceb4f08f7474db8ca60f95fa56e381

data/CHANGELOG.adoc

@@ -0,0 +1,5 @@
+== Changelog
+
+=== 1.0.0 [05-01-2018]
+* Completely rewritten for RNP's new FFI.
+

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2017 Ribose Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.adoc

@@ -1,5 +1,8 @@
 = Ruby RNP bindings
 
+image:https://img.shields.io/travis/riboseinc/ruby-rnp/master.svg["Build Status", link="https://travis-ci.org/riboseinc/ruby-rnp"]
+image:https://codecov.io/github/riboseinc/ruby-rnp/coverage.svg["Code Coverage", link="https://codecov.io/github/riboseinc/ruby-rnp?branch=master"]
+
 The `rnp` gem provides Ruby bindings to the
 https://github.com/riboseinc/rnp[librnp OpenPGP library].
 
@@ -24,185 +27,3 @@ Or install it yourself as:
 gem install rnp
 ----
 
-
-== Overview
-
-The code is split in to two main modules.
-
-* low-level binding code is in the module `LibRNP` (`lib/rnp/lowlevel/`).
-
-* high-level wrapper is in the module `RNP` (`lib/rnp/highlevel/`).
-
-
-== Usage
-
-=== Loading Keys
-
-[source,ruby]
-----
-require 'rnp'
-keyring = RNP::Keyring.load(File.read('spec/keys/seckey_sign_only.asc'))
-# load some more keys in to this keyring
-keyring.add(File.read('spec/keys/pubkey_sign_only.asc'))
-# access public keys
-keyring.public_keys
-# access secret keys
-keyring.secret_keys
-----
-
-=== Generating Keys
-
-[source,ruby]
-----
-key = RNP::SecretKey.generate('mypassphrase', {
-  key_length: 1024,
-  public_key_algorithm: RNP::PublicKeyAlgorithm::RSA,
-  algorithm_params: {e: 65537},
-  hash_algorithm: RNP::HashAlgorithm::SHA1,
-  symmetric_key_algorithm: RNP::SymmetricKeyAlgorithm::CAST5
-})
-
-# Note that the passphrase of the parent key will be used, so pass an
-# empty string here.
-
-# Also note that we are only providing the key_Length option here, so
-# defaults will be used.
-subkey = RNP::SecretKey.generate('', { key_length: 1024 })
-key.add_subkey(subkey)
-----
-
-=== Unlocking Secret Keys
-
-Most secret keys are encrypted and require a passphrase for certain
-operations. This can be provided during keyring loading by providing a
-block, like so:
-
-[source,ruby]
-----
-keyring = RNP::Keyring.load(File.read('spec/keys/seckey_sign_only.asc')) {|seckey|
-    # This block will be called for each encrypted key that is found
-    # during parsing.
-    # An instance of SecretKey is passed.
-    print "Enter passphrase for key #{seckey.key_id_hex}: "
-    $stdin.gets.chomp
-}
-----
-
-The above method will result in fully unlocked SecretKey instances that
-have `@passphrase` set correctly (and have decrypted key material in
-`@mpi`).
-
-Alternatively, you can manually set `@passphrase` on a secret key to
-enable operations that require a passphrase. In this case, the key
-material in `@mpi` will have nil values, but the encrypted key material
-will be available in `@raw_subpackets` and used for operations requiring
-it.
-
-[source,ruby]
-----
-secret_key = keyring.secret_keys[0]
-secret_key.passphrase = 'password'
-# decrypt, sign, etc.
-----
-
-=== Encryption and Decryption
-
-Encryption is done with a `PublicKey`.
-
-[source,ruby]
-----
-public_key = keyring.public_keys[0]
-encrypted_message = public_key.encrypt('Test')
-----
-
-Decryption is done with the corresponding `SecretKey`.
-
-[source,ruby]
-----
-# find the secret key that corresponds with the above public key
-secret_key = keyring.secret_keys.find { |key|
-  key.key_id_hex == public_key.key_id_hex
-}
-
-# decrypt (note that secret_key.passphrase must be correctly set, if
-# required)
-secret_key.decrypt(encrypted_message)
-----
-
-=== Signing and Verifying
-
-Signing is done with a SecretKey, like so:
-
-[source,ruby]
-----
-signed_message = secret_key.sign('My Data')
-----
-
-Verification is done with a Keyring.
-
-[source,ruby]
-----
-# returns true or false
-keyring.verify(signed_message)
-----
-
-=== Exporting
-
-Keys can be exported by using the Keyring::export function.
-
-[source,ruby]
-----
-# this will output an ASCII-armored private key
-puts keyring.export(secret_key)
-
-# a secret key also has a public key inside
-puts keyring.export(secret_key.public_key)
-----
-
-== Documentation
-
-Run "yardoc" to generate documentation in the `doc/` directory.
-
-[source,sh]
-----
-$ yardoc
-----
-
-
-== Tests
-
-Run "rake" or "rspec" to run all tests in the `spec/` directory.
-
-[source,sh]
-----
-$ rake
-----
-
-**Note**: Some of the tests generate keys and thus will consume entropy.
-
-== Examples
-
-There are examples demonstrating the use of both the low-level and
-high-level interfaces in `examples/`.
-
-
-== Development
-
-After checking out the repo, run `bin/setup` to install dependencies.
-Then, run `rake spec` to run the tests. You can also run `bin/console`
-for an interactive prompt that will allow you to experiment.
-
-To install this gem onto your local machine, run `bundle exec rake
-install`. To release a new version, update the version number in
-`version.rb`, and then run `bundle exec rake release`, which will create
-a git tag for the version, push git commits and tags, and push the
-`.gem` file to https://rubygems.org(rubygems.org).
-
-== Contributing
-
-Bug reports and pull requests are welcome on GitHub at
-https://github.com/riboseinc/ruby-rnp. This project is intended to be a
-safe, welcoming space for collaboration, and contributors are expected
-to adhere to the http://contributor-covenant.org[Contributor Covenant]
-code of conduct.
-

data/lib/rnp.rb

@@ -1,5 +1,14 @@
-require "rnp/version"
+# frozen_string_literal: true
 
-require_relative 'rnp/lowlevel'
-require_relative 'rnp/highlevel'
+# (c) 2018 Ribose Inc.
+
+require 'rnp/error'
+require 'rnp/input'
+require 'rnp/misc'
+require 'rnp/op/encrypt'
+require 'rnp/op/sign'
+require 'rnp/op/verify'
+require 'rnp/output'
+require 'rnp/rnp'
+require 'rnp/version'
 

data/lib/rnp/error.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+# (c) 2018 Ribose Inc.
+
+require 'rnp/ffi/librnp'
+
+class Rnp
+  class Error < ::StandardError
+    attr_reader :rc
+
+    def initialize(msg, rc = nil)
+      @rc = rc
+      if rc
+        desc = LibRnp.rnp_result_to_string(rc)
+        msg = "#{msg} - (rc: 0x#{rc.to_s(16)}): #{desc}"
+      end
+      super(msg)
+    end
+  end
+
+  class BadPasswordError < Error; end
+  class InvalidSignatureError < Error; end
+  class BadFormatError < Error; end
+  class NoSuitableKeyError < Error; end
+
+  # @api private
+  def self.raise_error(msg, rc = nil)
+    klass = ERRORS_MAP.fetch(rc, Error)
+    raise klass.new(msg, rc)
+  end
+
+  # @api private
+  ERRORS_MAP = {
+    LibRnp::RNP_ERROR_BAD_PASSWORD => BadPasswordError,
+    LibRnp::RNP_ERROR_SIGNATURE_INVALID => InvalidSignatureError,
+    LibRnp::RNP_ERROR_BAD_FORMAT => BadFormatError,
+    LibRnp::RNP_ERROR_NO_SUITABLE_KEY => NoSuitableKeyError
+  }.freeze
+end # class
+

data/lib/rnp/ffi/librnp.rb

@@ -0,0 +1,306 @@
+# frozen_string_literal: true
+
+# (c) 2018 Ribose Inc.
+
+require 'ffi'
+
+# @api private
+module LibRnp
+  extend FFI::Library
+  ffi_lib 'rnp'
+
+  callback        :rnp_get_key_cb,
+                  %i[pointer pointer string string bool],
+                  :void
+  callback        :rnp_password_cb,
+                  %i[pointer pointer pointer string pointer size_t],
+                  :bool
+  callback        :rnp_input_reader_t,
+                  %i[pointer pointer size_t],
+                  :ssize_t
+  callback        :rnp_output_writer_t,
+                  %i[pointer pointer size_t],
+                  :bool
+
+  attach_function :rnp_result_to_string,
+                  %i[uint32],
+                  :string
+  attach_function :rnp_ffi_create,
+                  %i[pointer string string],
+                  :uint32
+  attach_function :rnp_ffi_destroy,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_ffi_set_log_fd,
+                  %i[pointer int],
+                  :uint32
+  attach_function :rnp_ffi_set_key_provider,
+                  %i[pointer rnp_get_key_cb pointer],
+                  :uint32
+  attach_function :rnp_ffi_set_pass_provider,
+                  %i[pointer rnp_password_cb pointer],
+                  :uint32
+  attach_function :rnp_get_default_homedir,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_detect_homedir_info,
+                  %i[string pointer pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_detect_key_format,
+                  %i[pointer int pointer],
+                  :uint32
+  attach_function :rnp_load_keys,
+                  %i[pointer string pointer uint32],
+                  :uint32
+  attach_function :rnp_save_keys,
+                  %i[pointer string pointer uint32],
+                  :uint32
+  attach_function :rnp_get_public_key_count,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_get_secret_key_count,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_locate_key,
+                  %i[pointer string string pointer],
+                  :uint32
+  attach_function :rnp_key_handle_destroy,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_generate_key_json,
+                  %i[pointer string pointer],
+                  :uint32
+  attach_function :rnp_key_get_primary_uid,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_key_get_uid_count,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_key_get_uid_at,
+                  %i[pointer int pointer],
+                  :uint32
+  attach_function :rnp_key_add_uid,
+                  %i[pointer string string uint32 uint8 int],
+                  :uint32
+  attach_function :rnp_key_get_fprint,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_key_get_keyid,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_key_get_grip,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_key_is_locked,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_key_lock,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_key_unlock,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_key_is_protected,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_key_protect,
+                  %i[pointer string string string string size_t],
+                  :uint32
+  attach_function :rnp_key_unprotect,
+                  %i[pointer string],
+                  :uint32
+  attach_function :rnp_key_is_primary,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_key_is_sub,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_key_have_secret,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_key_have_public,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_op_sign_create,
+                  %i[pointer pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_op_sign_cleartext_create,
+                  %i[pointer pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_op_sign_detached_create,
+                  %i[pointer pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_op_sign_add_signature,
+                  %i[pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_op_sign_signature_set_hash,
+                  %i[pointer string],
+                  :uint32
+  attach_function :rnp_op_sign_signature_set_creation_time,
+                  %i[pointer uint32],
+                  :uint32
+  attach_function :rnp_op_sign_signature_set_expiration_time,
+                  %i[pointer uint32],
+                  :uint32
+  attach_function :rnp_op_sign_set_compression,
+                  %i[pointer string int],
+                  :uint32
+  attach_function :rnp_op_sign_set_armor,
+                  %i[pointer bool],
+                  :uint32
+  attach_function :rnp_op_sign_set_hash,
+                  %i[pointer string],
+                  :uint32
+  attach_function :rnp_op_sign_set_creation_time,
+                  %i[pointer uint32],
+                  :uint32
+  attach_function :rnp_op_sign_set_expiration_time,
+                  %i[pointer uint32],
+                  :uint32
+  attach_function :rnp_op_sign_execute,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_op_sign_destroy,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_op_verify_create,
+                  %i[pointer pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_op_verify_detached_create,
+                  %i[pointer pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_op_verify_execute,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_op_verify_get_signature_count,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_op_verify_get_signature_at,
+                  %i[pointer int pointer],
+                  :uint32
+  attach_function :rnp_op_verify_get_file_info,
+                  %i[pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_op_verify_destroy,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_op_verify_signature_get_status,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_op_verify_signature_get_hash,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_op_verify_signature_get_key,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_op_verify_signature_get_times,
+                  %i[pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_buffer_destroy,
+                  %i[pointer],
+                  :void
+  attach_function :rnp_input_from_path,
+                  %i[pointer string],
+                  :uint32
+  attach_function :rnp_input_from_memory,
+                  %i[pointer pointer int bool],
+                  :uint32
+  attach_function :rnp_input_from_callback,
+                  %i[pointer rnp_input_reader_t pointer pointer],
+                  :uint32
+  attach_function :rnp_input_destroy,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_output_to_path,
+                  %i[pointer string],
+                  :uint32
+  attach_function :rnp_output_to_memory,
+                  %i[pointer int],
+                  :uint32
+  attach_function :rnp_output_memory_get_buf,
+                  %i[pointer pointer pointer bool],
+                  :uint32
+  attach_function :rnp_output_to_callback,
+                  %i[pointer rnp_output_writer_t pointer pointer],
+                  :uint32
+  attach_function :rnp_output_to_null,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_output_destroy,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_op_encrypt_create,
+                  %i[pointer pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_op_encrypt_add_recipient,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_op_encrypt_add_signature,
+                  %i[pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_op_encrypt_set_hash,
+                  %i[pointer string],
+                  :uint32
+  attach_function :rnp_op_encrypt_set_creation_time,
+                  %i[pointer uint32],
+                  :uint32
+  attach_function :rnp_op_encrypt_set_expiration_time,
+                  %i[pointer uint32],
+                  :uint32
+  attach_function :rnp_op_encrypt_add_password,
+                  %i[pointer string string int string],
+                  :uint32
+  attach_function :rnp_op_encrypt_set_armor,
+                  %i[pointer bool],
+                  :uint32
+  attach_function :rnp_op_encrypt_set_cipher,
+                  %i[pointer string],
+                  :uint32
+  attach_function :rnp_op_encrypt_set_compression,
+                  %i[pointer string int],
+                  :uint32
+  attach_function :rnp_op_encrypt_execute,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_op_encrypt_destroy,
+                  %i[pointer],
+                  :uint32
+  attach_function :rnp_decrypt,
+                  %i[pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_get_public_key_data,
+                  %i[pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_get_secret_key_data,
+                  %i[pointer pointer pointer],
+                  :uint32
+  attach_function :rnp_key_to_json,
+                  %i[pointer uint32 pointer],
+                  :uint32
+  attach_function :rnp_identifier_iterator_create,
+                  %i[pointer pointer string],
+                  :uint32
+  attach_function :rnp_identifier_iterator_next,
+                  %i[pointer pointer],
+                  :uint32
+  attach_function :rnp_identifier_iterator_destroy,
+                  %i[pointer],
+                  :uint32
+
+
+  RNP_LOAD_SAVE_PUBLIC_KEYS = (1 << 0)
+  RNP_LOAD_SAVE_SECRET_KEYS = (1 << 1)
+
+  RNP_JSON_PUBLIC_MPIS = (1 << 0)
+  RNP_JSON_SECRET_MPIS = (1 << 1)
+  RNP_JSON_SIGNATURES = (1 << 2)
+  RNP_JSON_SIGNATURE_MPIS = (1 << 3)
+
+  RNP_SUCCESS = 0
+  RNP_ERROR_BAD_FORMAT =        0x10000001
+  RNP_ERROR_SIGNATURE_INVALID = 0x12000002
+  RNP_ERROR_BAD_PASSWORD =      0x12000004
+  RNP_ERROR_NO_SUITABLE_KEY =   0x12000006
+  RNP_ERROR_SIGNATURE_EXPIRED = 0x1200000B
+end # module
+