rspec-pgp_matchers 0.1.0

data/.rubocop.yml

@@ -0,0 +1,40 @@
+# This project follows the Ribose OSS style guide.
+# https://github.com/riboseinc/oss-guides
+# All project-specific additions and overrides should be specified in this file.
+
+inherit_from:
+  # Thoughtbot's style guide from: https://github.com/thoughtbot/guides
+  - ".rubocop.tb.yml"
+  # Overrides from Ribose
+  - ".rubocop.ribose.yml"
+AllCops:
+  DisplayCopNames: false
+  StyleGuideCopsOnly: false
+  TargetRubyVersion: 2.3
+  Exclude:
+    - bin/bundle
+    - bin/rake
+    - bin/rspec
+Rails:
+  Enabled: false
+
+Style/EmptyCaseCondition:
+  Enabled: false
+
+Style/TrailingCommaInArguments:
+  Exclude:
+    # RSpec expectations can easily go multiline.  And sometimes, it's all not
+    # about multiple arguments, but more about & or | operators.  Comma placed
+    # after a single method argument which spans across many lines is confusing,
+    # not helpful.  Hence, I'm disabling this cop for all specs.
+    - "spec/**/*"
+
+Metrics/BlockLength:
+  Exclude:
+    - "spec/**/*"
+    - "**/*.rake"
+    - "Rakefile"
+
+Style/HashSyntax:
+  Exclude:
+    - "Rakefile"

data/.travis.yml

@@ -0,0 +1,77 @@
+dist: trusty
+language: ruby
+sudo: true
+
+rvm:
+  - "2.3"
+  - "2.4"
+  - "2.5"
+  - "ruby-head"
+
+env:
+  matrix:
+    - GPG_VERSION="2.2"
+
+  global:
+    - DEPS_BUILD_DIR="${TRAVIS_BUILD_DIR}/build"
+    - DEPS_PREFIX="${TRAVIS_BUILD_DIR}/opt"
+    - GPG_PREFIX="${DEPS_PREFIX}/gpg"
+
+    - LD_RUN_PATH="${GPG_PREFIX}/lib"
+
+    - PATH="${GPG_PREFIX}/bin:${PATH}"
+
+    # Many of these are supported only in few GPG components, hence bunch of
+    # harmless warnings typically shows up.
+    - >
+      GPG_CONFIGURE_OPTS="--disable-doc --enable-pinentry-curses
+      --disable-pinentry-emacs --disable-pinentry-gtk2 --disable-pinentry-gnome3
+      --disable-pinentry-qt --disable-pinentry-qt4 --disable-pinentry-qt5
+      --disable-pinentry-tqt --disable-pinentry-fltk
+      --prefix=${GPG_PREFIX}
+      --with-libgpg-error-prefix=${GPG_PREFIX}
+      --with-libassuan-prefix=${GPG_PREFIX}
+      --with-libgpg-error-prefix=${GPG_PREFIX}
+      --with-libgcrypt-prefix=${GPG_PREFIX}
+      --with-libassuan-prefix=${GPG_PREFIX}
+      --with-ksba-prefix=${GPG_PREFIX}
+      --with-npth-prefix=${GPG_PREFIX}"
+
+cache:
+  bundler: true
+  directories:
+    - opt
+
+before_install:
+  - mkdir -p ${DEPS_PREFIX}
+  - pushd ci
+  - >
+    [ -d "${GPG_PREFIX}" ] ||
+    ./install_gpg_all.sh "${GPG_VERSION}"
+    --build-dir "${DEPS_BUILD_DIR}/gpg"
+    --configure-opts "${GPG_CONFIGURE_OPTS}"
+    --folding-style travis
+  - popd
+  - gem install bundler -v "~> 1.16"
+
+install:
+  - bundle install --jobs=3 --retry=3 --path=${BUNDLE_PATH:-vendor/bundle}
+  - bundle update --jobs=3 --retry=3
+
+before_script:
+  - gpg --version
+  - bundle exec rake pgp_keys:generate
+  - bundle exec rake pgp_keys:list
+
+matrix:
+  include:
+    - gemfile: ci/gemfiles/rspec-3.7.gemfile
+      rvm: 2.5
+    - gemfile: ci/gemfiles/rspec-3.6.gemfile
+      rvm: 2.5
+    - gemfile: ci/gemfiles/rspec-3.5.gemfile
+      rvm: 2.5
+    - gemfile: ci/gemfiles/rspec-3.4.gemfile
+      rvm: 2.5
+  allow_failures:
+    - rvm: ruby-head

data/Gemfile

@@ -0,0 +1,12 @@
+# (c) Copyright 2018 Ribose Inc.
+#
+
+source "https://rubygems.org"
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in rspec-pgp_matchers.gemspec
+gemspec
+
+gem "codecov", require: false, group: :test
+gem "simplecov", require: false, group: :test

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2018 Ribose Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.adoc

@@ -0,0 +1,114 @@
+= RSpec::PGPMatchers
+
+image:https://img.shields.io/gem/v/rspec-pgp_matchers.svg[
+	Gem Version, link="https://rubygems.org/gems/rspec-pgp_matchers"]
+image:https://img.shields.io/travis/riboseinc/rspec-pgp_matchers/master.svg[
+	Build Status, link="https://travis-ci.org/riboseinc/rspec-pgp_matchers/branches"]
+image:https://img.shields.io/codecov/c/github/riboseinc/rspec-pgp_matchers.svg[
+	Test Coverage, link="https://codecov.io/gh/riboseinc/rspec-pgp_matchers"]
+image:https://img.shields.io/codeclimate/maintainability/riboseinc/rspec-pgp_matchers.svg[
+	"Code Climate", link="https://codeclimate.com/github/riboseinc/rspec-pgp_matchers"]
+
+RSpec matchers for testing PGP-encrypted messages, and signatures.
+
+IMPORTANT: This gem calls GnuPG executables internally.  However, it does not
+rely on machine-readable interface yet, and may easily break when they change
+something in GnuPG's human-readable output. As long as it is not resolved in
+a better way, we are going to maintain compatibility with the most recent
+versions of GnuPG.  At the moment of writing this statement, it is GnuPG 2.2.9.
+
+TIP: In order to check which GnuPG version this gem was tested against,
+check out builds in Travis.  One of the build steps in a "before script" phase
+executes `gpg --version` to make things clear.
+
+== Usage
+
+=== Getting started
+
+1. Make sure that you have GnuPG 2.2 installed.
+
+2. Add this line to your application’s Gemfile:
++
+[source,ruby]
+----
+gem "rspec-pgp_matchers", github: "riboseinc/rspec-pgp_matchers", require: false, group: :test
+----
+
+3. And following to your spec helper:
++
+[source,ruby]
+----
+require "rspec/pgp_matchers"
+RSpec::PGPMatchers.homedir = "path/to/pgp_home_directory/with/development/keys"
+----
+
+=== Matching signatures
+
+[source,ruby]
+----
+text = "Some text"
+signer_uid = "mail@example.com"
+someones_uid = "someone@example.com"
+
+# Not defined in this gem, but required for this example
+signature = sign_text(text: text, signer: signer_uid, ascii_armor: true)
+
+# Both following do pass
+expect(signature).to be_a_valid_pgp_signature_of(text)
+expect(signature).to be_a_valid_pgp_signature_of(text).signed_by(signer_uid)
+
+# This one fails
+expect(signature).to be_a_valid_pgp_signature_of(text).signed_by(someones_uid)
+----
+
+=== Matching encrypted messages
+
+[source,ruby]
+----
+text = "Some text"
+recipient1_uid = "mail1@example.com"
+recipient2_uid = "mail2@example.com"
+someones_uid = "someone@example.com"
+
+# Not defined in this gem, but required for this example
+encrypted = encrypt_text(
+  text: text,
+  recipients: [recipient1_uid, recipient2_uid],
+  ascii_armor: true
+)
+
+# Following do pass
+expect(encrypted).to be_a_pgp_encrypted_message
+expect(encrypted).to be_a_pgp_encrypted_message.containing(text)
+expect(encrypted).to be_a_pgp_encrypted_message.encrypted_for(recipient1_uid, recipient2_uid)
+
+# This one fails
+expect(encrypted).to be_a_pgp_encrypted_message.encrypted_for(someones_uid)
+----
+
+== Development
+
+After checking out the repo, run `bin/setup` to install dependencies.
+Then, run `rake spec` to run the tests. You can also run `bin/console`
+for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run
+`bundle exec rake install`. To release a new version, update the version
+number in `version.rb`, and then run `bundle exec rake release`, which
+will create a git tag for the version, push git commits and tags, and
+push the `.gem` file to https://rubygems.org[rubygems.org].
+
+== Contributing
+
+Bug reports and pull requests are welcome on GitHub at
+https://github.com/riboseinc/rspec-pgp_matchers.
+
+== Credits
+
+This gem is developed, maintained and funded by
+https://www.ribose.com[Ribose Inc].
+
+== License
+
+The gem is available as open source under the terms of the
+https://opensource.org/licenses/MIT[MIT License].

data/Rakefile

@@ -0,0 +1,115 @@
+# (c) Copyright 2018 Ribose Inc.
+#
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+require "tempfile"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec
+
+namespace :pgp_keys do
+  def init_homedir_if_missing
+    FileUtils.mkdir_p(TMP_PGP_HOME)
+  end
+
+  def execute_gpg(*options)
+    init_homedir_if_missing
+    common_options = ["--no-permission-warning", "--homedir", TMP_PGP_HOME]
+    cmd = ["gpg", *common_options, *options]
+    system(*cmd)
+  end
+
+  # Available parameters for unattended GPG key generation are described here:
+  # https://www.gnupg.org/documentation/manuals/gnupg/Unattended-GPG-key-generation.html
+  def generate_pgp_keys(key_params)
+    Tempfile.create("gnupg-key-params") do |key_params_file|
+      key_params_file.write(key_params)
+      key_params_file.close
+      execute_gpg("--batch", "--gen-key", in: key_params_file.path)
+    end
+  end
+
+  desc "Lists keys in tmp/pgp_home"
+  task :list => :prepare do
+    execute_gpg "--list-keys"
+  end
+
+  desc "Stops all GPG daemons, and deletes tmp/pgp_home"
+  task :clear => :prepare do
+    if File.exists?(TMP_PGP_HOME)
+      system "gpgconf", "--homedir", TMP_PGP_HOME, "--kill", "all"
+      FileUtils.remove_entry_secure TMP_PGP_HOME
+    end
+  end
+
+  desc "Clears tmp/pgp_home, and generates new set of keys"
+  task :regenerate => %i[clear generate]
+
+  desc "Generates keys in tmp/pgp_home"
+  task :generate => :prepare do
+    # Key pairs without password
+    generate_pgp_keys(<<~KEY_PARAMS)
+      %no-protection
+      Key-Type: RSA
+      Key-Usage: sign, cert
+      Key-Length: 2048
+      Subkey-Type: RSA
+      Subkey-Length: 2048
+      Subkey-Usage: encrypt
+      Name-Real: Some Arbitrary Key
+      Name-Email: whatever@example.test
+      Name-Comment: Without passphrase
+      Expire-Date: 0
+    KEY_PARAMS
+
+    generate_pgp_keys(<<~KEY_PARAMS)
+      %no-protection
+      Key-Type: RSA
+      Key-Usage: sign, cert
+      Key-Length: 2048
+      Subkey-Type: RSA
+      Subkey-Length: 2048
+      Subkey-Usage: encrypt
+      Name-Real: Cato Elder
+      Name-Email: cato.elder@example.test
+      Name-Comment: Without passphrase
+      Expire-Date: 0
+    KEY_PARAMS
+
+    generate_pgp_keys(<<~KEY_PARAMS)
+      %no-protection
+      Key-Type: RSA
+      Key-Usage: sign, cert
+      Key-Length: 2048
+      Subkey-Type: RSA
+      Subkey-Length: 2048
+      Subkey-Usage: encrypt
+      Name-Real: Roman Senate
+      Name-Email: senate@example.test
+      Name-Comment: Without passphrase
+      Expire-Date: 0
+    KEY_PARAMS
+
+    # Password-protected key pairs
+    generate_pgp_keys(<<~KEY_PARAMS)
+      Key-Type: RSA
+      Key-Usage: sign, cert
+      Key-Length: 2048
+      Subkey-Type: RSA
+      Subkey-Length: 2048
+      Subkey-Usage: encrypt
+      Name-Real: Cato Elder
+      Name-Email: cato.elder+pwd@example.test
+      Name-Comment: Password-protected
+      Expire-Date: 0
+      Passphrase: 1234
+    KEY_PARAMS
+  end
+end
+
+task :prepare do
+  require_relative "./spec/support/0_tmp_pgp_home"
+end

data/bin/bundle

@@ -0,0 +1,105 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'bundle' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "rubygems"
+
+m = Module.new do
+    module_function
+
+  def invoked_as_script?
+    File.expand_path($0) == File.expand_path(__FILE__)
+  end
+
+  def env_var_version
+    ENV["BUNDLER_VERSION"]
+  end
+
+  def cli_arg_version
+    return unless invoked_as_script? # don't want to hijack other binstubs
+    return unless "update".start_with?(ARGV.first || " ") # must be running `bundle update`
+    bundler_version = nil
+    update_index = nil
+    ARGV.each_with_index do |a, i|
+      if update_index && update_index.succ == i && a =~ Gem::Version::ANCHORED_VERSION_PATTERN
+        bundler_version = a
+      end
+      next unless a =~ /\A--bundler(?:[= ](#{Gem::Version::VERSION_PATTERN}))?\z/
+      bundler_version = $1 || ">= 0.a"
+      update_index = i
+    end
+    bundler_version
+  end
+
+  def gemfile
+    gemfile = ENV["BUNDLE_GEMFILE"]
+    return gemfile if gemfile && !gemfile.empty?
+
+    File.expand_path("../../Gemfile", __FILE__)
+  end
+
+  def lockfile
+    lockfile =
+      case File.basename(gemfile)
+      when "gems.rb" then gemfile.sub(/\.rb$/, gemfile)
+      else "#{gemfile}.lock"
+      end
+    File.expand_path(lockfile)
+  end
+
+  def lockfile_version
+    return unless File.file?(lockfile)
+    lockfile_contents = File.read(lockfile)
+    return unless lockfile_contents =~ /\n\nBUNDLED WITH\n\s{2,}(#{Gem::Version::VERSION_PATTERN})\n/
+    Regexp.last_match(1)
+  end
+
+  def bundler_version
+    @bundler_version ||= begin
+      env_var_version || cli_arg_version ||
+        lockfile_version || "#{Gem::Requirement.default}.a"
+    end
+  end
+
+  def load_bundler!
+    ENV["BUNDLE_GEMFILE"] ||= gemfile
+
+    # must dup string for RG < 1.8 compatibility
+    activate_bundler(bundler_version.dup)
+  end
+
+  def activate_bundler(bundler_version)
+    if Gem::Version.correct?(bundler_version) && Gem::Version.new(bundler_version).release < Gem::Version.new("2.0")
+      bundler_version = "< 2"
+    end
+    gem_error = activation_error_handling do
+      gem "bundler", bundler_version
+    end
+    return if gem_error.nil?
+    require_error = activation_error_handling do
+      require "bundler/version"
+    end
+    return if require_error.nil? && Gem::Requirement.new(bundler_version).satisfied_by?(Gem::Version.new(Bundler::VERSION))
+    warn "Activating bundler (#{bundler_version}) failed:\n#{gem_error.message}\n\nTo install the version of bundler this project requires, run `gem install bundler -v '#{bundler_version}'`"
+    exit 42
+  end
+
+  def activation_error_handling
+    yield
+    nil
+  rescue StandardError, LoadError => e
+    e
+  end
+end
+
+m.load_bundler!
+
+if m.invoked_as_script?
+  load Gem.bin_path("bundler", "bundle")
+end