RubyGems - rnp - Versions diffs - 0.2.0 → 1.0.0 - Mend

rnp 0.2.0 → 1.0.0

Files changed (59) hide show

checksums.yaml +4 -4
data/CHANGELOG.adoc +5 -0
data/LICENSE.txt +21 -0
data/README.adoc +3 -182
data/lib/rnp.rb +12 -3
data/lib/rnp/error.rb +40 -0
data/lib/rnp/ffi/librnp.rb +306 -0
data/lib/rnp/input.rb +99 -0
data/lib/rnp/key.rb +275 -0
data/lib/rnp/misc.rb +71 -0
data/lib/rnp/op/encrypt.rb +181 -0
data/lib/rnp/op/sign.rb +139 -0
data/lib/rnp/op/verify.rb +147 -0
data/lib/rnp/output.rb +121 -0
data/lib/rnp/rnp.rb +595 -0
data/lib/rnp/utils.rb +44 -0
data/lib/rnp/version.rb +8 -3
metadata +124 -50
data/.gitignore +0 -12
data/.rspec +0 -2
data/.travis.yml +0 -5
data/CODE_OF_CONDUCT.md +0 -74
data/Gemfile +0 -4
data/Rakefile +0 -6
data/Use_Cases.adoc +0 -119
data/bin/console +0 -14
data/bin/setup +0 -8
data/example-usage.rb +0 -766
data/examples/highlevel/decrypt_mem.rb +0 -44
data/examples/highlevel/encrypt_mem.rb +0 -46
data/examples/lowlevel/decrypt_file.rb +0 -76
data/examples/lowlevel/decrypt_mem.rb +0 -80
data/examples/lowlevel/encrypt_file.rb +0 -68
data/examples/lowlevel/encrypt_mem.rb +0 -75
data/examples/lowlevel/load_pubkey.rb +0 -118
data/examples/lowlevel/print_keyring_file.rb +0 -68
data/examples/lowlevel/print_keyring_mem.rb +0 -96
data/examples/lowlevel/sign_file.rb +0 -104
data/examples/lowlevel/sign_mem.rb +0 -96
data/examples/lowlevel/verify_file.rb +0 -55
data/examples/lowlevel/verify_mem.rb +0 -61
data/lib/rnp/highlevel.rb +0 -5
data/lib/rnp/highlevel/constants.rb +0 -96
data/lib/rnp/highlevel/keyring.rb +0 -259
data/lib/rnp/highlevel/publickey.rb +0 -150
data/lib/rnp/highlevel/secretkey.rb +0 -318
data/lib/rnp/highlevel/utils.rb +0 -119
data/lib/rnp/lowlevel.rb +0 -6
data/lib/rnp/lowlevel/constants.rb +0 -11
data/lib/rnp/lowlevel/dynarray.rb +0 -129
data/lib/rnp/lowlevel/enums.rb +0 -243
data/lib/rnp/lowlevel/libc.rb +0 -28
data/lib/rnp/lowlevel/libopenssl.rb +0 -15
data/lib/rnp/lowlevel/librnp.rb +0 -213
data/lib/rnp/lowlevel/structs.rb +0 -541
data/lib/rnp/lowlevel/utils.rb +0 -25
data/rnp.gemspec +0 -35
data/rnp/lib/rnp.rb +0 -5
data/rnp/spec/rnp_spec.rb +0 -11

@@ -1,5 +0,0 @@
-require_relative 'highlevel/constants'
-require_relative 'highlevel/publickey'
-require_relative 'highlevel/secretkey'
-require_relative 'highlevel/keyring'

data/lib/rnp/highlevel/constants.rb DELETED

@@ -1,96 +0,0 @@
-require 'rubygems'
-module RNP
-class PublicKeyAlgorithm
-  NONE = 0
-  RSA = 1
-  RSA_ENCRYPT_ONLY = 2
-  RSA_SIGN_ONLY = 3
-  ELGAMAL = 16
-  DSA = 17
-  ECDH = 18
-  ECDSA = 19
-  FORMERLY_ELGAMAL = 20
-  def self.from_native(alg)
-    raise if alg.class != Symbol
-    LibRNP::PGP_PUBKEY_ALG_T[alg]
-  end
-  def self.to_native(alg)
-    # avoid a warning on newer versions of ruby
-    if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.4.0')
-      raise if alg.class != Integer
-    else
-      raise if alg.class != Fixnum
-    end
-    LibRNP::PGP_PUBKEY_ALG_T[alg]
-  end
-end
-class HashAlgorithm
-  MD5 = 1
-  SHA1 = 2
-  RIPEMD = 3
-  SHA256 = 8
-  SHA384 = 9
-  SHA512 = 10
-  SHA224 = 11
-  # see pgp_str_to_hash_alg
-  STRING_MAPPING = {
-    MD5 => 'md5',
-    SHA1 => 'sha1',
-    SHA256 => 'sha256',
-    SHA384 => 'sha384',
-    SHA512 => 'sha512'
-  }
-  def self.to_s(alg)
-    STRING_MAPPING[alg]
-  end
-end
-class SymmetricKeyAlgorithm
-  PLAINTEXT = 0
-  IDEA = 1
-  TRIPLEDES = 2
-  CAST5 = 3
-  BLOWFISH = 4
-  AES128 = 7
-  AES192 = 8
-  AES256 = 9
-  TWOFISH256 = 10
-  # see pgp_str_to_cipher
-  STRING_MAPPING = {
-    IDEA => 'idea',
-    TRIPLEDES => 'tripledes',
-    CAST5 => 'cast5',
-    AES128 => 'aes128',
-    AES256 => 'aes256'
-  }
-  def self.to_s(alg)
-    STRING_MAPPING[alg]
-  end
-end
-class StringToKeyUsage
-  NONE = 0
-  ENCRYPTED_AND_HASHED = 254
-  ENCRYPTED = 255
-end
-class StringToKeySpecifier
-  SIMPLE = 0
-  SALTED = 1
-  ITERATED_AND_SALTED = 3
-end
-end

data/lib/rnp/highlevel/keyring.rb DELETED

@@ -1,259 +0,0 @@
-require 'English'
-require 'forwardable'
-module RNP
-class Keyring
-  extend Forwardable
-  delegate [:size, :each, :select, :[], :push, :clear] => :@keys
-  attr_reader :keys
-  def initialize
-    @keys = []
-  end
-  def self.load(data, armored=true, &passphrase_provider)
-    kr = Keyring.new
-    kr.add(data, armored, &passphrase_provider)
-    kr
-  end
-  def add(data, armored=true, &passphrase_provider)
-    keys = RNP::load_keys(data, armored, &passphrase_provider)
-    @keys.push(*keys)
-    keys.size
-  end
-  def verify(data, armored=true)
-    RNP::verify(@keys, data, armored)
-  end
-  def export(key, armored=true)
-    raise if key.parent
-    is_public = key.is_a?(PublicKey)
-    if is_public
-      seckey = secret_keys.find {|sk| sk.key_id == key.key_id}
-    else
-      seckey = key
-    end
-    return nil if not seckey
-    output_ptr = FFI::MemoryPointer.new(:pointer)
-    mem_ptr = FFI::MemoryPointer.new(:pointer)
-    output = nil
-    mem = nil
-    decrypted_seckey = nil
-    begin
-      LibRNP::pgp_setup_memory_write(output_ptr, mem_ptr, 4096)
-      output = LibRNP::PGPOutput.new(output_ptr.read_pointer)
-      mem = LibRNP::PGPMemory.new(mem_ptr.read_pointer)
-      native_ptr = LibC::calloc(1, LibRNP::PGPKey.size)
-      native = LibRNP::PGPKey.new(native_ptr)
-      native_auto = FFI::AutoPointer.new(native_ptr, LibRNP::PGPKey.method(:release))
-      key.to_native_key(native)
-      decrypted_seckey = seckey.decrypted_seckey
-      return nil if not decrypted_seckey
-      # this is necessary for signatures
-      seckey = SecretKey.from_native(decrypted_seckey)
-      seckey.to_native(native[:key][:seckey])
-      native[:type] = :PGP_PTAG_CT_SECRET_KEY
-      if is_public
-        LibRNP::dynarray_clear(native, 'uid', :string)
-        key.userids.each {|userid|
-          LibRNP::pgp_add_selfsigned_userid(native, userid)
-        }
-      end
-      # PGPKeyring is a ManagedStruct
-      subkeysring_ptr = LibC::calloc(1, LibRNP::PGPKeyring.size)
-      subkeysring = LibRNP::PGPKeyring.new(subkeysring_ptr)
-      RNP::keys_to_native_keyring(key.subkeys, subkeysring)
-      # add a binding signature to each subkey
-      (0..LibRNP::dynarray_count(subkeysring, 'key') - 1).each {|n|
-        subkey = LibRNP::dynarray_get_item(subkeysring, 'key', LibRNP::PGPKey, n)
-        LibRNP::dynarray_clear(subkey, 'packet', LibRNP::PGPSubPacket)
-        RNP::add_subkey_signature(native, subkey)
-      }
-      if is_public
-        ret = LibRNP::pgp_write_xfer_pubkey(output, native, subkeysring, armored ? 1 : 0)
-      else
-        decrypted_key_ptr = LibC::calloc(1, LibRNP::PGPKey.size)
-        decrypted_key = LibRNP::PGPKey.new(decrypted_key_ptr)
-        decrypted_key_auto = FFI::AutoPointer.new(decrypted_key_ptr, LibRNP::PGPKey.method(:release))
-        seckey.to_native_key(decrypted_key)
-        key.userids.each {|userid|
-          LibRNP::pgp_add_selfsigned_userid(decrypted_key, userid)
-        }
-        decrypted_key[:key][:seckey][:s2k_usage] = :PGP_S2KU_ENCRYPTED_AND_HASHED
-        decrypted_key[:key][:seckey][:alg] = :PGP_SA_CAST5
-        decrypted_key[:key][:seckey][:s2k_specifier] = :PGP_S2KS_SALTED
-        (0..LibRNP::dynarray_count(subkeysring, 'key') - 1).each {|n|
-          subkey = LibRNP::dynarray_get_item(subkeysring, 'key', LibRNP::PGPKey, n)
-          subkey[:key][:seckey][:s2k_usage] = :PGP_S2KU_ENCRYPTED_AND_HASHED
-          subkey[:key][:seckey][:alg] = :PGP_SA_CAST5
-          subkey[:key][:seckey][:s2k_specifier] = :PGP_S2KS_SALTED
-        }
-        ret = LibRNP::pgp_write_xfer_seckey(output, decrypted_key, key.passphrase, key.passphrase.size, subkeysring, armored ? 1 : 0)
-      end
-      return nil if ret != 1
-      data = mem[:buf].read_bytes(mem[:length])
-      data
-    ensure
-      LibRNP::pgp_teardown_memory_write(output, mem) if mem
-      LibRNP::pgp_seckey_free(decrypted_seckey) if decrypted_seckey
-    end
-  end
-  def public_keys
-    self.select {|key|
-      key.is_a?(PublicKey)
-    }
-  end
-  def secret_keys
-    self.select {|key|
-      key.is_a?(SecretKey)
-    }
-  end
-  def to_native(native)
-    keys_to_native_keyring(@keys, native)
-  end
-end
-PARSE_KEYRING = Proc.new do |state, passphrase_provider, pkt, data|
-  next :PGP_RELEASE_MEMORY if state[:errors].any?
-  begin
-    lastkey = state[:keys].last
-    case pkt[:tag]
-    when :PGP_PTAG_CT_PUBLIC_KEY
-      key = PublicKey::from_native(pkt[:u][:pubkey])
-      state[:keys].push(key)
-    when :PGP_PTAG_CT_PUBLIC_SUBKEY
-      key = PublicKey::from_native(pkt[:u][:pubkey])
-      lastkey.add_subkey(key)
-      state[:keys].push(key)
-    when :PGP_PTAG_CT_ENCRYPTED_SECRET_KEY
-      key = SecretKey::from_native(pkt[:u][:seckey], true)
-      state[:keys].push(key)
-    when :PGP_PTAG_CT_ENCRYPTED_SECRET_SUBKEY
-      key = SecretKey::from_native(pkt[:u][:seckey], true)
-      lastkey.add_subkey(key)
-      state[:keys].push(key)
-    when :PGP_PTAG_CT_SECRET_KEY
-      key = SecretKey::from_native(pkt[:u][:seckey])
-      if state[:passphrase]
-        key.passphrase = state[:passphrase]
-        state[:passphrase] = nil
-      end
-      state[:keys].push(key)
-    when :PGP_PTAG_CT_SECRET_SUBKEY
-      key = SecretKey::from_native(pkt[:u][:seckey])
-      lastkey.add_subkey(key)
-      state[:keys].push(key)
-    when :PGP_GET_PASSPHRASE
-      seckey_ptr = pkt[:u][:skey_passphrase][:seckey]
-      seckey = LibRNP::PGPSecKey.new(seckey_ptr)
-      key = SecretKey::from_native(seckey)
-      passphrase = passphrase_provider.call(key)
-      if passphrase and passphrase != ''
-        passphrase_mem = LibC::calloc(1, passphrase.bytesize + 1)
-        passphrase_mem.write_bytes(passphrase)
-        pkt[:u][:skey_passphrase][:passphrase].write_pointer(passphrase_mem)
-        state[:passphrase] = passphrase
-        next :PGP_KEEP_MEMORY
-      end
-    when :PGP_PARSER_PACKET_END
-      if lastkey.is_a? RNP::SecretKey
-        raw_packet = pkt[:u][:packet]
-        bytes = raw_packet[:raw].read_bytes(raw_packet[:length])
-        lastkey.raw_subpackets.push(bytes)
-      end
-    when :PGP_PTAG_CT_USER_ID
-      lastkey.userids.push(pkt[:u][:userid].force_encoding('utf-8'))
-    when :PGP_PTAG_SS_KEY_EXPIRY
-      lastkey.expiration_time = lastkey.creation_time + pkt[:u][:ss_time]
-    else
-      # For debugging
-      #puts "Unhandled tag: #{pkt[:tag]}"
-    end # case
-  rescue
-    state[:errors].push($ERROR_INFO)
-  end
-  next :PGP_RELEASE_MEMORY
-end
-DEFAULT_PASSPHRASE_PROVIDER = Proc.new do |seckey|
-  nil
-end
-def self.load_keys(data, armored=true, &passphrase_provider)
-  # Just for readability
-  print_errors = 0
-  stream_mem = LibC::calloc(1, LibRNP::PGPStream.size)
-  # This will free the above memory (PGPStream is a ManagedStruct)
-  stream = LibRNP::PGPStream.new(stream_mem)
-  stream[:readinfo][:accumulate] = 1
-  LibRNP::pgp_parse_options(stream, :PGP_PTAG_SS_ALL, :PGP_PARSE_PARSED)
-  # This memory will be GC'd
-  mem = FFI::MemoryPointer.new(:uint8, data.bytesize)
-  mem.write_bytes(data)
-  LibRNP::pgp_reader_set_memory(stream, mem, mem.size)
-  state = {keys: [], errors: []}
-  provider = block_given? ? passphrase_provider : DEFAULT_PASSPHRASE_PROVIDER
-  callback = RNP::PARSE_KEYRING.curry[state][provider]
-  LibRNP::pgp_set_callback(stream, callback, nil)
-  LibRNP::pgp_reader_push_dearmour(stream) if armored
-  if LibRNP::pgp_parse(stream, print_errors) != 1
-    state[:errors].push('pgp_parse failed')
-  end
-  LibRNP::pgp_reader_pop_dearmour(stream) if armored
-  errors = stream_errors(stream)
-  state[:errors].push(errors) if errors.any?
-  raise state[:errors].join("\n") if state[:errors].any?
-  state[:keys]
-end
-def self.keys_to_native_keyring(keys, native)
-  raise if not native[:keys].null?
-  for key in keys
-    native_key = LibRNP::PGPKey.new
-    key.to_native_key(native_key)
-    LibRNP::dynarray_append_item(native, 'key', LibRNP::PGPKey, native_key)
-  end
-end
-def self.verify(keys, data, armored=true)
-  native_keyring_ptr = LibC::calloc(1, LibRNP::PGPKeyring.size)
-  native_keyring = LibRNP::PGPKeyring.new(native_keyring_ptr)
-  RNP::keys_to_native_keyring(keys, native_keyring)
-  pgpio = LibRNP::PGPIO.new
-  pgpio[:outs] = LibC::fdopen($stdout.to_i, 'w')
-  pgpio[:errs] = LibC::fdopen($stderr.to_i, 'w')
-  pgpio[:res] = pgpio[:errs]
-  data_buf = FFI::MemoryPointer.new(:uint8, data.bytesize)
-  data_buf.write_bytes(data)
-  # pgp_validate_mem frees this
-  mem_ptr = LibC::calloc(1, LibRNP::PGPMemory.size)
-  mem = LibRNP::PGPMemory.new(mem_ptr)
-  LibRNP::pgp_memory_add(mem, data_buf, data_buf.size)
-  # ManagedStruct, this frees itself
-  result_ptr = LibC::calloc(1, LibRNP::PGPValidation.size)
-  result = LibRNP::PGPValidation.new(result_ptr)
-  ret = LibRNP::pgp_validate_mem(pgpio, result, mem, nil, armored ? 1 : 0, native_keyring)
-  ret == 1
-end
-end # module RNP

data/lib/rnp/highlevel/publickey.rb DELETED

@@ -1,150 +0,0 @@
-module RNP
-require_relative 'utils'
-class PublicKey
-  attr_accessor :version,
-                :creation_time,
-                :expiration_time,
-                :public_key_algorithm,
-                :mpi,
-                :userids,
-                :parent,
-                :subkeys
-  def initialize
-    @version = nil
-    @creation_time = nil
-    @expiration_time = 0
-    @public_key_algorithm = nil
-    @mpi = {}
-    @userids = []
-    @parent = nil
-    @subkeys = []
-  end
-  def fingerprint
-    fp = LibRNP::PGPFingerprint.new
-    native_pubkey_ptr = LibC::calloc(1, LibRNP::PGPPubKey.size)
-    native_pubkey = LibRNP::PGPPubKey.new(native_pubkey_ptr)
-    native_pubkey_auto = FFI::AutoPointer.new(native_pubkey_ptr, LibRNP::PGPPubKey.method(:release))
-    to_native(native_pubkey)
-    hash = @version == 3 ? :PGP_HASH_MD5 : :PGP_HASH_SHA1
-    ret = LibRNP::pgp_fingerprint(fp, native_pubkey, hash)
-    raise 'pgp_fingerprint failed' if ret != 1
-    fp[:fingerprint].to_s[0, fp[:length]]
-  end
-  def fingerprint_hex
-    fingerprint.bytes.collect {|byte| '%02X' % byte}.join
-  end
-  def key_id
-    keyid_ptr = FFI::MemoryPointer.new(:uint8, LibRNP::PGP_KEY_ID_SIZE)
-    native_pubkey = LibRNP::PGPPubKey.new
-    to_native(native_pubkey)
-    ret = LibRNP::pgp_keyid(keyid_ptr, LibRNP::PGP_KEY_ID_SIZE, native_pubkey, :PGP_HASH_SHA1)
-    raise 'pgp_keyid failed' if ret != 1
-    keyid_ptr.read_bytes(LibRNP::PGP_KEY_ID_SIZE)
-  end
-  def key_id_hex
-    key_id.bytes.collect {|byte| '%02X' % byte}.join
-  end
-  def key_length
-    case @public_key_algorithm
-    when PublicKeyAlgorithm::RSA,
-         PublicKeyAlgorithm::RSA_ENCRYPT_ONLY,
-         PublicKeyAlgorithm::RSA_SIGN_ONLY
-      return RNP::bignum_byte_count(@mpi[:n]) * 8
-    when PublicKeyAlgorithm::DSA
-      case RNP::bignum_byte_count(@mpi[:q])
-      when 20
-        1024
-      when 28
-        2048
-      when 32
-        3072
-      end
-    when PublicKeyAlgorithm::ELGAMAL
-      RNP::bignum_byte_count(@mpi[:y]) * 8
-    end
-    0
-  end
-  def encrypt(data, armored=true, sk_algorithm=SymmetricKeyAlgorithm::CAST5)
-    cipher = SymmetricKeyAlgorithm::to_s(sk_algorithm)
-    memory = nil
-    begin
-      pubkey_ptr = LibC::calloc(1, LibRNP::PGPKey.size)
-      pubkey = LibRNP::PGPKey.new(pubkey_ptr)
-      pubkey_auto = FFI::AutoPointer.new(pubkey_ptr, LibRNP::PGPKey.method(:release))
-      to_native_key(pubkey)
-      data_buf = FFI::MemoryPointer.new(:uint8, data.bytesize)
-      data_buf.write_bytes(data)
-      pgpio = LibRNP::PGPIO.new
-      pgpio[:outs] = LibC::fdopen($stdout.to_i, 'w')
-      pgpio[:errs] = LibC::fdopen($stderr.to_i, 'w')
-      pgpio[:res] = pgpio[:errs]
-      memory_ptr = LibRNP::pgp_encrypt_buf(pgpio, data_buf, data_buf.size, pubkey, armored ? 1 : 0, cipher)
-      return nil if memory_ptr.null?
-      memory = LibRNP::PGPMemory.new(memory_ptr)
-      memory[:buf].read_bytes(memory[:length])
-    ensure
-      LibRNP::pgp_memory_free(memory) if memory
-    end
-  end
-  def verify(data, armored=true)
-    RNP::verify([self], data, armored)
-  end
-  def add_subkey(subkey)
-    raise if subkey.subkeys.any?
-    subkey.parent = self
-    subkey.userids = @userids
-    @subkeys.push(subkey)
-  end
-  def self.from_native(native)
-    pubkey = PublicKey.new
-    pubkey.version = LibRNP::enum_value(native[:version])
-    pubkey.creation_time = Time.at(native[:birthtime])
-    if pubkey.version == 3
-      pubkey.expiration_time = Time.at(native[:birthtime]) + (native[:days_valid] * 86400)
-    end
-    pubkey.public_key_algorithm = PublicKeyAlgorithm::from_native(native[:alg])
-    pubkey.mpi = RNP::mpis_from_native(native[:alg], native)
-    pubkey
-  end
-  def to_native(native)
-    native[:version] = @version
-    native[:birthtime] = @creation_time.to_i
-    if @version == 3 and @expiration_time
-      native[:days_valid] = ((@expiration_time.to_i - @creation_time.to_i) / 86400).to_i
-    else
-      native[:duration] = (@expiration_time.to_i - @creation_time.to_i).to_i
-    end
-    native[:alg] = @public_key_algorithm
-    RNP::mpis_to_native(native[:alg], @mpi, native)
-  end
-  def to_native_key(native_key)
-    native_key[:type] = :PGP_PTAG_CT_PUBLIC_KEY
-    native_key[:sigid] = key_id
-    to_native(native_key[:key][:pubkey])
-    if not @parent
-      @userids.each {|userid|
-        LibRNP::dynarray_append_item(native_key, 'uid', :string, userid)
-      }
-    end
-  end
-end
-end # module RNP