rnp 0.2.0 → 1.0.0

data/lib/rnp/input.rb

@@ -0,0 +1,99 @@
+# frozen_string_literal: true
+
+# (c) 2018 Ribose Inc.
+
+require 'English'
+
+require 'ffi'
+
+require 'rnp/error'
+require 'rnp/ffi/librnp'
+require 'rnp/utils'
+
+class Rnp
+  # Class used to feed data into RNP.
+  #
+  # @note When dealing with very large data sources, prefer {from_path} which
+  #   should be the most efficient. {from_io} is likely to have more overhead.
+  #
+  # @example input from a string
+  #   Rnp::Input.from_string('my data')
+  #
+  # @example input from a file
+  #   Rnp::Input.from_path('/path/to/my/file')
+  #
+  # @example input from a Ruby IO object
+  #   Rnp::Input.from_io(File.open('/path/to/file', 'rb'))
+  class Input
+    # @api private
+    attr_reader :ptr
+
+    # @api private
+    def initialize(ptr, reader = nil)
+      raise Rnp::Error, 'NULL pointer' if ptr.null?
+      @ptr = FFI::AutoPointer.new(ptr, self.class.method(:destroy))
+      @reader = reader
+    end
+
+    # @api private
+    def self.destroy(ptr)
+      LibRnp.rnp_input_destroy(ptr)
+    end
+
+    def inspect
+      Rnp.inspect_ptr(self)
+    end
+
+    # Create an Input to read from a string.
+    #
+    # @param data [String] the string data
+    # @return [Input]
+    def self.from_string(data)
+      pptr = FFI::MemoryPointer.new(:pointer)
+      buf = FFI::MemoryPointer.from_data(data)
+      Rnp.call_ffi(:rnp_input_from_memory, pptr, buf, buf.size, true)
+      Input.new(pptr.read_pointer)
+    end
+
+    # Create an Input to read from a path.
+    #
+    # @param path [String] the path
+    # @return [Input]
+    def self.from_path(path)
+      pptr = FFI::MemoryPointer.new(:pointer)
+      Rnp.call_ffi(:rnp_input_from_path, pptr, path)
+      Input.new(pptr.read_pointer)
+    end
+
+    # Create an Input to read from an IO object.
+    #
+    # @param io [IO, #read] the IO object
+    # @return [Input]
+    def self.from_io(io)
+      from_callback(io.method(:read))
+    end
+
+    # @api private
+    READER = lambda do |reader, _ctx, buf, buf_len|
+      begin
+        data = reader.call(buf_len)
+        return 0 unless data
+        raise Rnp::Error, 'Read exceeded buffer size' if data.size > buf_len
+        buf.write_bytes(data)
+        return data.size
+      rescue
+        puts $ERROR_INFO
+        return -1
+      end
+    end
+
+    # @api private
+    def self.from_callback(reader)
+      pptr = FFI::MemoryPointer.new(:pointer)
+      readercb = READER.curry[reader]
+      Rnp.call_ffi(:rnp_input_from_callback, pptr, readercb, nil, nil)
+      Input.new(pptr.read_pointer, readercb)
+    end
+  end # class
+end # class
+

data/lib/rnp/key.rb

@@ -0,0 +1,275 @@
+# frozen_string_literal: true
+
+# (c) 2018 Ribose Inc.
+
+require 'ffi'
+
+require 'rnp/error'
+require 'rnp/ffi/librnp'
+require 'rnp/utils'
+
+class Rnp
+  # Class that represents a PGP key (potentially encompassing both the public
+  # and private portions).
+  class Key
+    # @api private
+    attr_reader :ptr
+
+    # @api private
+    def initialize(ptr, free = true)
+      raise Rnp::Error, 'NULL pointer' if ptr.null?
+      if free
+        @ptr = FFI::AutoPointer.new(ptr, self.class.method(:destroy))
+      else
+        @ptr = ptr
+      end
+    end
+
+    # @api private
+    def self.destroy(ptr)
+      LibRnp.rnp_key_handle_destroy(ptr)
+    end
+
+    def inspect
+      Rnp.inspect_ptr(self)
+    end
+
+    def to_s
+      "#<#{self.class}:#{keyid}>"
+    end
+
+    # Get the fingerprint of the key
+    #
+    # @return [String]
+    def fingerprint
+      string_property(:rnp_key_get_fprint)
+    end
+
+    # Get the keyid of the key
+    #
+    # @return [String]
+    def keyid
+      string_property(:rnp_key_get_keyid)
+    end
+
+    # Get the grip of the key
+    #
+    # @return [String]
+    def grip
+      string_property(:rnp_key_get_grip)
+    end
+
+    # Get the primary userid of the key
+    #
+    # @return [String]
+    def primary_userid
+      string_property(:rnp_key_get_primary_uid)
+    end
+
+    # Enumerate each userid for this key.
+    #
+    # @return [self, Enumerator]
+    def each_userid(&block)
+      block or return enum_for(:userid_iterator)
+      userid_iterator(&block)
+      self
+    end
+
+    # Get a list of all userids for this key.
+    #
+    # @return [Array<String>]
+    def userids
+      each_userid.to_a
+    end
+
+    # Add a userid to a key.
+    #
+    # @param userid [String] the userid to add
+    # @param hash (see Sign#hash=)
+    # @param expiration_time (see Sign#expiration_time=)
+    # @param key_flags [Integer]
+    # @param primary [Boolean] if true then this userid will be marked as the
+    #   primary userid
+    # @return [void]
+    def add_userid(userid, hash: nil, expiration_time: nil, key_flags: 0,
+                   primary: false)
+      Rnp.call_ffi(:rnp_key_add_uid, @ptr, userid, hash, expiration_time,
+                   key_flags, primary)
+    end
+
+    # Returns true if the key is currently locked.
+    #
+    # @return [Boolean]
+    def locked?
+      bool_property(:rnp_key_is_locked)
+    end
+
+    # Lock the key.
+    #
+    # @return [self]
+    def lock
+      Rnp.call_ffi(:rnp_key_lock, @ptr)
+      self
+    end
+
+    # Unlock the key.
+    #
+    # @param password [String, nil] the password to unlock the key. If nil, the
+    #   current password provider will be used (see {Rnp#password_provider=}).
+    # @return [self]
+    def unlock(password = nil)
+      Rnp.call_ffi(:rnp_key_unlock, @ptr, password)
+      self
+    end
+
+    # Returns true if the key is currently protected.
+    #
+    # @return [Boolean]
+    def protected?
+      bool_property(:rnp_key_is_protected)
+    end
+
+    # Protect or re-protect the key.
+    #
+    # @param password [String] the password with which to encrypt the key.
+    # @param cipher [String] the cipher algorithm to encrypt with
+    # @param cipher_mode [String] the cipher mode
+    # @param s2k_hash (see Encrypt#add_password)
+    # @param s2k_iterations (see Encrypt#add_password)
+    # @return [self]
+    def protect(password, cipher: nil, cipher_mode: nil, s2k_hash: nil,
+                s2k_iterations: 0)
+      Rnp.call_ffi(:rnp_key_protect, @ptr, password, cipher, cipher_mode,
+                   s2k_hash, s2k_iterations)
+      self
+    end
+
+    # Unprotect the key.
+    #
+    # @param password [String, nil] the password to unlock the key. If nil,
+    #   the current password provider will be used (see {Rnp#password_provider=}).
+    # @return [self]
+    def unprotect(password = nil)
+      Rnp.call_ffi(:rnp_key_unprotect, @ptr, password)
+      self
+    end
+
+    # Returns true if the key is a primary key.
+    #
+    # @return [Boolean]
+    def primary?
+      bool_property(:rnp_key_is_primary)
+    end
+
+    # Returns true if the key is a subkey.
+    #
+    # @return [Boolean]
+    def sub?
+      bool_property(:rnp_key_is_sub)
+    end
+
+    # Returns true if the public key packet is available.
+    #
+    # @return [Boolean]
+    def public_key_present?
+      bool_property(:rnp_key_have_public)
+    end
+
+    # Returns true if the secret key packet is available.
+    #
+    # @return [Boolean]
+    def secret_key_present?
+      bool_property(:rnp_key_have_secret)
+    end
+
+    # Returns the raw public key data as PGP packets.
+    #
+    # @return [String]
+    def public_key_data
+      buf_property(:rnp_get_public_key_data)
+    end
+
+    # Returns the raw secret key data.
+    #
+    # The format may be either PGP packets or an s-expr/G10.
+    #
+    # @return [String]
+    def secret_key_data
+      buf_property(:rnp_get_secret_key_data)
+    end
+
+    # Return a JSON representation of this key (as a Hash).
+    #
+    # @param public_mpis [Boolean] if true then public MPIs will be included
+    # @param secret_mpis [Boolean] if true then secret MPIs will be included
+    # @param signatures [Boolean] if true then signatures will be included
+    # @param signature_mpis [Boolean] if true then signature MPIs will be
+    #   included
+    # @return [Hash]
+    def json(public_mpis: false, secret_mpis: false, signatures: true,
+             signature_mpis: false)
+      flags = 0
+      flags |= LibRnp::RNP_JSON_PUBLIC_MPIS if public_mpis
+      flags |= LibRnp::RNP_JSON_SECRET_MPIS if secret_mpis
+      flags |= LibRnp::RNP_JSON_SIGNATURES if signatures
+      flags |= LibRnp::RNP_JSON_SIGNATURE_MPIS if signature_mpis
+      pptr = FFI::MemoryPointer.new(:pointer)
+      Rnp.call_ffi(:rnp_key_to_json, @ptr, flags, pptr)
+      begin
+        presult = pptr.read_pointer
+        JSON.parse(presult.read_string) unless presult.null?
+      ensure
+        LibRnp.rnp_buffer_destroy(presult)
+      end
+    end
+
+    private
+
+    def string_property(func)
+      pptr = FFI::MemoryPointer.new(:pointer)
+      Rnp.call_ffi(func, @ptr, pptr)
+      begin
+        pvalue = pptr.read_pointer
+        pvalue.read_string unless pvalue.null?
+      ensure
+        LibRnp.rnp_buffer_destroy(pvalue)
+      end
+    end
+
+    def bool_property(func)
+      presult = FFI::MemoryPointer.new(:bool)
+      Rnp.call_ffi(func, @ptr, presult)
+      presult.read(:bool)
+    end
+
+    def buf_property(func)
+      pptr = FFI::MemoryPointer.new(:pointer)
+      pbuflen = FFI::MemoryPointer.new(:size_t)
+      Rnp.call_ffi(func, @ptr, pptr, pbuflen)
+      begin
+        pbuf = pptr.read_pointer
+        buflen = pbuflen.read(:size_t)
+        pbuf.read_bytes(buflen) unless pbuf.null?
+      ensure
+        LibRnp.rnp_buffer_destroy(pbuf)
+      end
+    end
+
+    def userid_iterator
+      pcount = FFI::MemoryPointer.new(:size_t)
+      Rnp.call_ffi(:rnp_key_get_uid_count, @ptr, pcount)
+      count = pcount.read(:size_t)
+      pptr = FFI::MemoryPointer.new(:pointer)
+      (0...count).each do |i|
+        Rnp.call_ffi(:rnp_key_get_uid_at, @ptr, i, pptr)
+        begin
+          puserid = pptr.read_pointer
+          yield puserid.read_string unless puserid.null?
+        ensure
+          LibRnp.rnp_buffer_destroy(puserid)
+        end
+      end
+    end
+  end # class
+end # class
+

data/lib/rnp/misc.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+# (c) 2018 Ribose Inc.
+
+require 'ffi'
+
+require 'rnp/utils'
+require 'rnp/ffi/librnp'
+
+class Rnp
+  # Get the default homedir for RNP.
+  #
+  # @return [String]
+  def self.default_homedir
+    pptr = FFI::MemoryPointer.new(:pointer)
+    Rnp.call_ffi(:rnp_get_default_homedir, pptr)
+    begin
+      phomedir = pptr.read_pointer
+      phomedir.read_string unless phomedir.null?
+    ensure
+      LibRnp.rnp_buffer_destroy(phomedir)
+    end
+  end
+
+  # Attempt to detect information about a homedir.
+  #
+  # @param homedir [String] the homedir
+  # @return [Hash<Symbol>]
+  #   * :public [Hash<Symbol>]
+  #     * :format [String]
+  #     * :path [String]
+  #   * :secret [Hash<Symbol>]
+  #     * :format [String]
+  #     * :path [String]
+  def self.homedir_info(homedir)
+    pptrs = FFI::MemoryPointer.new(:pointer, 4)
+    Rnp.call_ffi(:rnp_detect_homedir_info, homedir, pptrs[0], pptrs[1],
+                 pptrs[2], pptrs[3])
+    ptrs = (0..3).collect { |i| pptrs[i] }.map(&:read_pointer)
+    return if ptrs.all?(&:null?)
+    {
+      public: {
+        format: ptrs[0].read_string,
+        path: ptrs[1].read_string
+      },
+      secret: {
+        format: ptrs[2].read_string,
+        path: ptrs[3].read_string
+      }
+    }
+  ensure
+    ptrs&.each { |ptr| LibRnp.rnp_buffer_destroy(ptr) }
+  end
+
+  # Attempt to detect the format of a key.
+  #
+  # @param key_data [String] the key data
+  # @return [String]
+  def self.key_format(key_data)
+    pptr = FFI::MemoryPointer.new(:pointer)
+    data = FFI::MemoryPointer.from_data(key_data)
+    Rnp.call_ffi(:rnp_detect_key_format, data, data.size, pptr)
+    begin
+      pformat = pptr.read_pointer
+      pformat.read_string unless pformat.null?
+    ensure
+      LibRnp.rnp_buffer_destroy(pformat)
+    end
+  end
+end # class
+

data/lib/rnp/op/encrypt.rb

@@ -0,0 +1,181 @@
+# frozen_string_literal: true
+
+# (c) 2018 Ribose Inc.
+
+require 'set'
+
+require 'ffi'
+
+require 'rnp/error'
+require 'rnp/ffi/librnp'
+require 'rnp/utils'
+
+class Rnp
+  # Encryption operation
+  class Encrypt
+    # @api private
+    attr_reader :ptr
+
+    # @api private
+    def initialize(ptr)
+      raise Rnp::Error, 'NULL pointer' if ptr.null?
+      @ptr = FFI::AutoPointer.new(ptr, self.class.method(:destroy))
+    end
+
+    # @api private
+    def self.destroy(ptr)
+      LibRnp.rnp_op_encrypt_destroy(ptr)
+    end
+
+    def inspect
+      Rnp.inspect_ptr(self)
+    end
+
+    # Add a recipient.
+    #
+    # @param recipient [Key] the recipient
+    # @return [self]
+    def add_recipient(recipient)
+      Rnp.call_ffi(:rnp_op_encrypt_add_recipient, @ptr, recipient.ptr)
+      self
+    end
+
+    # Add a signer.
+    #
+    # @param signer [Key] the signer
+    # @param hash (see #hash=)
+    # @param creation_time (see #creation_time=)
+    # @param expiration_time (see #expiration_time=)
+    # @return [self]
+    def add_signer(signer, hash: nil, creation_time: nil, expiration_time: nil)
+      pptr = FFI::MemoryPointer.new(:pointer)
+      Rnp.call_ffi(:rnp_op_encrypt_add_signature, @ptr, signer.ptr, pptr)
+      psig = pptr.read_pointer
+      Sign.set_signature_options(
+        psig,
+        hash: hash,
+        creation_time: creation_time,
+        expiration_time: expiration_time
+      )
+      self
+    end
+
+    # Add a password.
+    #
+    # @param password [String] the password
+    # @param s2k_hash [String] the hash algorithm to use for the
+    #   string-to-key key derivation.
+    # @param s2k_iterations [Integer] the number of iterations for the
+    #   string-to-key key derivation. A value of 0 will choose
+    #   a default.
+    # @param s2k_cipher [String] the cipher algorithm used to wrap the key.
+    # @note This is a separate cipher from the one used to encrypt the main
+    #   payload/stream (see {#cipher=}). This cipher may not be used in all
+    #   circumstances. For example, when encrypting with *only* a password
+    #   (no public keys), this cipher would generally not be used.
+    #   When encrypting with a combination of one or more passwords and one
+    #   or more public keys, this cipher would generally be used.
+    # @return [self]
+    def add_password(password, s2k_hash: nil, s2k_iterations: 0,
+                     s2k_cipher: nil)
+      Rnp.call_ffi(:rnp_op_encrypt_add_password, @ptr, password, s2k_hash,
+                   s2k_iterations, s2k_cipher)
+      self
+    end
+
+    # Set a group of options.
+    #
+    # @note Some options are related to signatures and will have no effect if
+    # there are no signers.
+    #
+    # @param armored (see #armored=)
+    # @param compression (see #compression=)
+    # @param cipher (see #cipher=)
+    # @param hash (see #hash=)
+    # @param creation_time (see #creation_time=)
+    # @param expiration_time (see #expiration_time=)
+    def options=(armored: nil, compression: nil, cipher: nil, hash: nil,
+                 creation_time: nil, expiration_time: nil)
+      self.armored = armored unless armored.nil?
+      self.compression = compression unless compression.nil?
+      self.cipher = cipher unless cipher.nil?
+      self.hash = hash unless hash.nil?
+      self.creation_time = creation_time unless creation_time.nil?
+      self.expiration_time = expiration_time unless expiration_time.nil?
+    end
+
+    # Set whether the output will be ASCII-armored.
+    #
+    # @param armored [Boolean] true if the output should be
+    #        ASCII-armored, false otherwise.
+    def armored=(armored)
+      Rnp.call_ffi(:rnp_op_encrypt_set_armor, @ptr, armored)
+    end
+
+    # Set the compression algorithm and level.
+    #
+    # @param [Hash<Symbol>] compression
+    # @option compression [String] :algorithm the compression algorithm
+    #   (bzip2, etc)
+    # @option compression [Integer] :level the compression level. This should
+    #   generally be between 0 (no compression) and 9 (best compression).
+    def compression=(compression)
+      if !compression.is_a?(Hash) || Set.new(compression.keys) != Set.new(%i[algorithm level])
+        raise ArgumentError,
+              'Compression option must be of the form: {algorithm: \'zlib\', level: 5}'
+      end
+      Rnp.call_ffi(:rnp_op_encrypt_set_compression, @ptr,
+                   compression[:algorithm], compression[:level])
+    end
+
+    # Set the cipher used to encrypt the input.
+    #
+    # @param cipher [String] the cipher algorithm name
+    def cipher=(cipher)
+      Rnp.call_ffi(:rnp_op_encrypt_set_cipher, @ptr, cipher)
+    end
+
+    # Set the hash algorithm used for calculating signatures.
+    #
+    # @note This is only valid when there is one or more signer.
+    #
+    # @param hash [String] the hash algorithm name
+    def hash=(hash)
+      Rnp.call_ffi(:rnp_op_encrypt_set_hash, @ptr, hash)
+    end
+
+    # Set the creation time for signatures.
+    #
+    # @note This is only valid when there is one or more signer.
+    #
+    # @param creation_time [Time, Integer] the creation time to use for all
+    #   signatures. As an integer, this is the number of seconds
+    #   since the unix epoch.
+    def creation_time=(creation_time)
+      creation_time = creation_time.to_i if creation_time.is_a?(::Time)
+      Rnp.call_ffi(:rnp_op_encrypt_set_creation_time, @ptr, creation_time)
+    end
+
+    # Set the expiration time for signatures.
+    #
+    # @note This is only valid when there is one or more signer.
+    #
+    # @param expiration_time [Integer] the lifetime of the signatures, as the number
+    #        of seconds. The actual expiration date/time is the creation time
+    #        plus this value. A value of 0 will create signatures that do not
+    #        expire.
+    def expiration_time=(expiration_time)
+      Rnp.call_ffi(:rnp_op_encrypt_set_expiration_time, @ptr, expiration_time)
+    end
+
+    # Execute the operation.
+    #
+    # This should only be called once.
+    #
+    # @return [void]
+    def execute
+      Rnp.call_ffi(:rnp_op_encrypt_execute, @ptr)
+    end
+  end # class
+end # class
+