rubygems-openpgp 0.4.0 → 0.5.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 0657ab763223c89affb7cfdbdfe7227ba093a0c0
+  data.tar.gz: 7b16826241b21a82815b8baa681697ad7e0f3983
+SHA512:
+  metadata.gz: b3c5a89a986acbcd84aaee04aae27aa5a68966529c830232be62cb64a3f7c62c59d1a18e749007477516227bcdf5969a3c0b1507a62aaa55c6bd84c82f6a9244
+  data.tar.gz: adeb6e5b33bb455ff52f90405744417d566af3b721cc829576b8eba9eeed7c0cc7fa5072393bf0e4ce4c1c6020f0e8e85883c97d89ad5482894a26431f628bd6

checksums.yaml.gz.asc

@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQEcBAABAgAGBQJRPJV6AAoJEP5F5V2hilTW55oH/RVctpv/kKf8erckN0vvNZUa
+KdtcULIoD0P8u26uiL8zTM4noWi2f3kkfv1fAd9026IsJarOpucfDmpZpTDb88Xw
+gElUTXKhG7bnoPhuEfrz6/h5cwMpQREktIbVwtCF0ED7aRLbxcUChx+BfFLLeUW1
+yLnwi8aN2EJlcL1w8fvDmPux6IppuZ/NPxo65dXVHIsjpyLvhrNhqaEOEHv2AP9b
+xNWSV+sn8i9YfVUZhmZLLakWkmfoRGrZYXQYisTQbKfN5Kfeyg3uJRcQ9kk8Kmua
+5UBTLEk/T2meyaN7FQ8l23P5ZNxcRhqDWnGKJMxRZxaShVJk4P8hmhgICL/YX6w=
+=CtND
+-----END PGP SIGNATURE-----

data.tar.gz.asc

@@ -1,11 +1,11 @@
 -----BEGIN PGP SIGNATURE-----
-Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
+Version: GnuPG v1.4.11 (GNU/Linux)
 
-iQEcBAABCgAGBQJRKNObAAoJEP5F5V2hilTWjFYH/RPGxYJA41R43Yrgqu56vtAU
-iPY/pg041S42UnObIIFgA76fMeixzfFCdBkvFFnlDuqmbSLxtiJt0Q/ql5c/hFzA
-S/rKibb1I9nlzOJ3p/GO78HzaD/M2Ja/jdrJtt+w7LVqSVtfDOyS+lPe3wxzf6SS
-7hgpycQv6GX3C5AEGY/nP0btkDxNtYMGGgcYz3WfrOEQFDIKS6IU4iZCj5c6Zw4n
-yD2pAvHWoqdkYy0y+eUsi83E1zCL9fHEK3R/I+c9Kc4TQF2OXFmGZdc7wbYwtdPb
-yDqlTNo8mbm+kxek1P4PobHJ7QADHRC7kOSBMOXVw80JALUThAt11Y+bHOHv3/Y=
-=58pK
+iQEcBAABAgAGBQJRPJV3AAoJEP5F5V2hilTWJnAH/jyebr8gp9guDxLVuN3lodD9
+OLjYgkI97P7e597lL7LDyMpadyo01yQjB1+xfKNQqgAaUtVUglfaeGjU+vnvpfAz
+5Hx/SdztlhDnzK+W71wzdBJ6/8Nco6wDhDe8dQcM3BgSK2ijvHgCfYMqy9SoKGgC
+ZHNWq+a2cPd8nglgaR2iTlN+0kzQq/f4WdGFOuCliq5E5ItFlCzMiSnVUfAvyT2G
+lOvnxYvzMOItxQMHU9lVvGvYhUxsUd4bvRMBvy3rdbErnp3zFFSu2tHTEvoJt2+v
+LvzBaiQ+u00qirlusp1amEHurUK7bPSuTSWN98fnrh5DaFwzh/hd1Cjrr0FY1xY=
+=rKlC
 -----END PGP SIGNATURE-----

data/README.md

@@ -1,6 +1,12 @@
 rubygems-openpgp
 ================
 
+Information for gem users and gem developers is slowly and surely migrating
+to the [rubygems-openpgp Certificate
+Authority](http://rubygems-openpgp-ca.org).  You probably want to go
+there unless you're interested in working on the plugin itself.
+
+
 Software Assurance
 ------------------
 
@@ -44,33 +50,28 @@ Signing example
 Verification Example
 --------------------
 
+A detailed walkthrough of verifiction is available at
+[The Complete Guide to Verifying Gems with
+rubygems-openpgp](http://www.rubygems-openpgp-ca.org/blog/the-complete-guide-to-verifying-gems-with-rubygems-openpgp.html)
+
+### TLDR?
+
 A test gem **openpgp_signed_hola** is on rubygems.org.  To try out
 this extension:
 
-    gem install openpgp_signed_hola-0.0.0.gem --verify
+    gem install openpgp_signed_hola-0.0.0.gem --verify  --trust --get-key
 
-But That Just Failed!
----------------------
 
-You probably don't have my public key yet.  You need my public key to
-verify the digital signature.  You also want to perform some
-authentication of that public key.
+### But That Just Failed!
 
-[Notes on retrieving and authenticating public keys.](./doc/retrieving-and-authenticating-keys.md)
+You probably don't *trust* my public key.  More information is
+available at [The Complete Guide to Verifying Gems with
+rubygems-openpgp](http://www.rubygems-openpgp-ca.org/blog/the-complete-guide-to-verifying-gems-with-rubygems-openpgp.html)
 
 Verifying your initial install
 ------------------------------
 
-All versions of this gem should be signed.  But the first time you
-install the package you run into a bit of a chicken-and-the-egg
-problem.  You can't verify the package until you've installed a copy.
-But if that copy isn't verified, if could already be compromised.
-
-But don't worry.  You can use a stand-alone signature to verify your
-initial install.  Since the stand-alone signature is on github, and
-the software package is on rubygems.org, a malicious user would need
-to compromise both sites to publish a compromised gem and
-compromised/forged digital signature.
-
-[Notes on verifying the initial install.](./doc/verifying-initial-install.md)
+You can verify your initial install with a detached signature.
+[Here's
+how.](http://www.rubygems-openpgp-ca.org/blog/the-complete-guide-to-verifying-your-initial-install.html)
 

data/lib/rubygems/gem_openpgp.rb

@@ -1,284 +1,2 @@
-require 'rubygems'
-require 'rubygems/package'
-require 'rubygems/user_interaction'
-require 'shellwords'
-require 'open3'
-require 'tempfile'
-require 'gpg_status_parser'
-
-# Exception for this class
-class Gem::OpenPGPException < RuntimeError; end
-
-# A wrapper that shells out the real OpenPGP crypto work
-# to gpg.
-module Gem::OpenPGP
-  extend Shellwords
-  extend Gem::UserInteraction
-
-  # Given a string of data, generate and return a detached
-  # signature.  By defualt, this will use your primary secret key.
-  # This can be overridden by specifying a key_id for another 
-  # private key.
-  def self.detach_sign data, key_id=nil, homedir=nil
-    is_gpg_available
-    is_key_valid key_id if key_id
-    is_homedir_valid homedir if homedir
-
-    key_flag = ""
-    key_flag = "-u #{shellescape(key_id)}" if key_id
-
-    homedir_flag = ""
-    homedir_flag = "--homedir #{shellescape(homedir)}" if homedir
-
-    gpg_args = "#{key_flag} #{homedir_flag} --detach-sign --armor"
-    gpg_results = run_gpg(gpg_args, data)
-    did_gpg_error? gpg_results
-
-    gpg_results[:stdout]
-  end
-
-  # Extract the info we care about, throw away the rest  
-  def self.verify_extract_status_info message, status_info
-      case message.status
-      when :GOODSIG, :BADSIG, :ERRSIG
-        status_info[:good_or_bad] = message.status
-        status_info[:uid] = (message.args[:username] || "").strip
-        
-      when :SIG_ID
-      when :VALIDSIG, :EXPSIG, :BADSIG
-        status_info[:sig_status] = message.status
-        status_info[:primary_key] = "0x#{message.args[:primary_key_fpr][-9..-1]}"
-      when :TRUST_UNDEFINED, :TRUST_NEVER, :TRUST_MARGINAL, :TRUST_FULLY, :TRUST_ULTIMATE
-        status_info[:trust_status] = message.status
-      when :NO_PUBKEY
-        status_info[:failure] = "You don't have the public key.  Use --get-key to automagically retrieve from keyservers"
-      when :IMPORTED, :IMPORT_OK, :IMPORT_RES
-        #silently_ignore
-      when :KEYEXPIRED, :SIGEXPIRED
-        # recalculating trust db, ignore.
-      else
-        puts "unexpected message: #{message.status} #{message.args.inspect}"
-      end
-  end
-
-  # Print info about the sig, check that we like it, and possibly abort
-  def self.verify_check_sig status_info
-    sig_msg = "Signature for #{status_info[:file_name]} from user #{status_info[:uid]} key #{status_info[:primary_key]} is #{status_info[:good_or_bad]}, #{status_info[:sig_status]} and #{status_info[:trust_status]}"
-    if status_info[:trust_status] == :TRUST_NEVER
-      say add_color(sig_msg, :red)
-      raise Gem::OpenPGPException, "Never Trusted.  Won't install."
-    elsif status_info[:trust_status] == :TRUST_UNDEFINED
-      say add_color(sig_msg, :yellow)
-      if options[:trust] && !options[:no_trust]
-        raise Gem::OpenPGPException, "Trust Undefined and you've specified --trust.  Won't install."
-      end
-    else
-      say add_color(sig_msg , :green)
-    end
-  end
-
-  # Given a string containing data, and a string containing
-  # a detached signature, verify the data.  If we can't verify
-  # then raise an exception.
-  #
-  # Optionally tell gpg to retrive the key if it's not provided
-  def self.verify file_name, data, sig, get_key=false, homedir=nil
-    is_gpg_available
-    is_homedir_valid homedir if homedir
-
-    data_file = create_tempfile data
-    sig_file = create_tempfile sig
-
-    get_key_params = "--keyserver pool.sks-keyservers.net --keyserver-options auto-key-retrieve"
-    get_key_params = "" if get_key != true
-
-    homedir_flags = ""
-    homedir_flags = "--homedir #{homedir}" if homedir
-
-    gpg_args = "#{get_key_params} #{homedir_flags} --verify #{sig_file.path} #{data_file.path}"
-    
-    status_info = {:file_name => file_name}
-    gpg_results = run_gpg(gpg_args) { |message| verify_extract_status_info(message, status_info) }
-    
-    if status_info[:failure]
-      say add_color(status_info[:failure], :red)
-      raise Gem::OpenPGPException, "Fail!"
-    else
-      verify_check_sig status_info
-    end
-
-    did_gpg_error? gpg_results
-
-    [gpg_results[:stderr], gpg_results[:status]]
-  end
-
-  # Signs an existing gemfile by iterating the tar'ed up contents,
-  # and signing any contents. creating a new file with original contents
-  # and OpenPGP sigs.  The OpenPGP sigs are saved as .asc files so they 
-  # won't conflict with X509 sigs.
-  #
-  # Optional param "key" allows you to use a different private
-  # key than the GPG default.
-  def self.sign_gem gem, key=nil, homedir=nil
-    unsigned_gem = gem + ".unsigned"
-
-    begin
-      FileUtils.mv gem, unsigned_gem
-    rescue Errno::ENOENT => ex
-      raise Gem::CommandLineError, "The gem #{gem} does not seem to exist. (#{ex.message})"
-    end
-
-    unsigned_gem_file = File.open(unsigned_gem, "r")
-    signed_gem_file = File.open(gem, "w")
-
-    signed_gem = Gem::Package::TarWriter.new(signed_gem_file)
-
-    Gem::Package::TarReader.new(unsigned_gem_file).each do |f|
-      say(f.full_name.inspect)
-      
-      if f.full_name[-4..-1] == ".asc"
-        say("Skipping old signature file #{f.full_name}")
-        next
-      end
-      
-      say("Signing #{f.full_name.inspect}...")
-
-      file_contents = f.read()
-
-      signed_gem.add_file(f.full_name, 0644) do |outfile|
-        outfile.write(file_contents)
-      end
-
-      signed_gem.add_file(f.full_name + ".asc", 0644) do |outfile|
-        outfile.write(Gem::OpenPGP.detach_sign(file_contents,key,homedir))
-      end
-
-    end
-    
-    signed_gem_file.close
-    unsigned_gem_file.close
-    File.delete unsigned_gem_file
-
-  rescue Exception => ex
-    if unsigned_gem_file
-      FileUtils.mv unsigned_gem_file, gem
-    end
-    
-    raise
-  end
-
-  def self.verify_gem gem, get_key=false, homedir=nil
-
-    begin
-      file = File.open(gem,"r")
-    rescue Errno::ENOENT => ex
-      raise Gem::CommandLineError, "Gem #{gem} not found.  Note you can only verify local gems at this time, so you may need to run 'gem fetch #{gem}' before verifying."  
-    end
-    
-    tar_files = {}
-
-    Gem::Package::TarReader.new(file).each do |f|
-      tar_files[f.full_name] = f.read()
-    end
-    
-    tar_files.keys.each do |file_name|
-      next if file_name[-4..-1] == ".asc"
-
-      sig_file_name = file_name + ".asc"
-      if !tar_files.has_key? sig_file_name
-        say add_color("WARNING!!! No sig found for #{file_name}", :red)
-        raise Gem::OpenPGPException, "Can't verify without sig, aborting!!!"
-      end
-      
-      begin
-        err, res = Gem::OpenPGP.verify(file_name, tar_files[file_name], tar_files[sig_file_name], get_key, homedir)
-
-      rescue Gem::OpenPGPException => ex
-        color_code = "31"
-        say add_color(ex.message, :red)
-        raise
-      end
-    end
-
-  ensure
-    file.close unless file.nil?
-  end
-
-private
-
-  def self.did_gpg_error? gpg_results
-    if gpg_results[:status] != 0
-      say add_color("gpg returned unexpected status code", :red)
-      say add_color(gpg_results[:stderr], :red)
-      raise Gem::OpenPGPException, "gpg returned unexpected error code #{gpg_results[:status]}"
-    end
-  end
-
-  # Tests to see if gpg is installed and available.
-  def self.is_gpg_available
-    err_msg = "Unable to find a working gnupg installation.  Make sure gnupg is installed and you can call 'gpg --version' from a command prompt."
-    `gpg --version`
-    raise Gem::OpenPGPException, err_msg if $? != 0
-  rescue Errno::ENOENT => ex
-    raise Gem::OpenPGPException, err_msg if $? != 0
-  end
-
-  def self.is_key_valid key_id
-    valid = /^0x[A-Za-z0-9]{8,8}/.match(key_id)
-    if valid.nil?
-      err_msg = "Invalid key id.  Keys should be in form of 0xDEADBEEF"
-      raise Gem::OpenPGPException, err_msg
-    end
-  end
- 
-  def self.is_homedir_valid homedir
-    if !File.exists? homedir
-      raise OpenPGPException, "Bad homedir #{homedir.inspect}"
-    end
-  end
-  
-  def self.run_gpg args, data=nil, &block
-    exit_status = nil
-    status_file = Tempfile.new("status")
-
-    full_gpg_command = "gpg --status-file #{status_file.path} #{args}"
-    gpg_results = Open3.popen3(full_gpg_command) do |stdin, stdout, stderr, wait_thr|
-      stdin.write data if data
-      stdin.close
-      exit_status = wait_thr.value
-      GPGStatusParser.parse(status_file, &block)
-      out = stdout.read()
-      err = stderr.read()
-      {:status => exit_status, :stdout => out, :err => err}
-    end
-    gpg_results
-  ensure
-    status_file.close
-    status_file.unlink
-  end
-
-  def self.create_tempfile data
-    temp_file = Tempfile.new("rubygems_gpg")
-    temp_file.binmode
-    temp_file.write(data)
-    temp_file.close
-    temp_file
-  end
-
-  def self.add_color s, color=:green
-    color_code = case color
-                 when :green then "32"
-                 when :red then "31"
-                 when :yellow then "33"
-                 else raise RuntimeError, "Invalid color #{color.inspect}"
-                 end
-    
-    #TODO - NO-OP on windows
-    "\033[#{color_code}m#{s}\033[0m"
-  end
-
-  def self.options
-    @options ||= {}
-    @options
-  end
-end
+require 'rubygems/openpgp/signing'
+require 'rubygems/openpgp/verification'

data/lib/rubygems/openpgp/gpg_helpers.rb

@@ -0,0 +1,24 @@
+module Gem::OpenPGP
+  extend Gem::UserInteraction
+
+private
+
+  def self.did_gpg_error? gpg_results
+    if gpg_results[:status] != 0
+      say add_color("gpg returned unexpected status code", :red)
+      say add_color(gpg_results[:stdout], :yellow)
+      say add_color(gpg_results[:stderr], :red)
+      raise Gem::OpenPGPException, "gpg returned unexpected error code #{gpg_results[:status]}"
+    end
+  end
+
+  # Tests to see if gpg is installed and available.
+  def self.is_gpg_available
+    err_msg = "Unable to find a working gnupg installation.  Make sure gnupg is installed and you can call 'gpg --version' from a command prompt."
+    `gpg --version`
+    raise Gem::OpenPGPException, err_msg if $? != 0
+  rescue Errno::ENOENT => ex
+    raise Gem::OpenPGPException, err_msg if $? != 0
+  end
+
+end

data/lib/rubygems/openpgp/keymaster.rb

@@ -0,0 +1,74 @@
+module Gem::OpenPGP
+  # Capture used signing keys so we can see if they changed.
+  module KeyMaster
+    SETTING_DIR = ".rubygems-openpgp"
+    KEYMASTER_FILE = "known_gems"
+
+    def self.full_setting_filename
+      home_dir = ENV["HOME"] || ENV["HOMEPATH"]
+      File.join(home_dir, SETTING_DIR, KEYMASTER_FILE)
+    end
+    
+    def self.touch_keymaster_file
+      home_dir = ENV["HOME"] || ENV["HOMEPATH"]
+      
+      setting_dir = File.join(home_dir, SETTING_DIR)
+      Dir.mkdir(setting_dir, 0700) if !File.directory? setting_dir
+
+      if !File.exists?(full_setting_filename)
+        File.open(full_setting_filename,"w").close
+      end
+    end
+    
+    def self.load_fingerprints
+      touch_keymaster_file
+
+      home_dir = ENV["HOME"] || ENV["HOMEPATH"]
+
+      fingerprints = {}
+      File.open(full_setting_filename) do |f|
+        f.readlines.each do |line|
+          gem, fingerprint = line.strip.split("\t")
+          fingerprints[gem] = fingerprint
+        end
+      end
+
+      fingerprints
+    end
+    
+    def self.save_fingerprints fingerprints
+      touch_keymaster_file
+
+      File.open(full_setting_filename,"w") do |f|
+        fingerprints.each_pair do |gem, fingerprint|
+          f.puts("#{gem}\t#{fingerprint}")
+        end
+      end
+    end
+
+    def self.get_fingerprint gem_name
+      load_fingerprints[gem_name]
+    end
+    
+    def self.add_fingerprint gem_name, fingerprint
+      fingerprints = load_fingerprints
+      fingerprints[gem_name] = fingerprint
+      save_fingerprints fingerprints
+    end
+
+    # Check that an existing gem fingerprint matches a given fingerprint.
+    # In the case we haven't seen the gem before, we'll add the fingerprint
+    # and won't complain.
+    def self.check_fingerprint gem_name, fingerprint
+      fingerprints = load_fingerprints
+      
+      if !fingerprints.has_key?(gem_name)
+        add_fingerprint gem_name, fingerprint
+        return true
+      end
+
+      fingerprints[gem_name] == fingerprint
+    end
+    
+  end
+end

data/lib/rubygems/openpgp/openpgpexception.rb

@@ -0,0 +1 @@
+class Gem::OpenPGPException < RuntimeError; end

data/lib/rubygems/openpgp/options.rb

@@ -0,0 +1,10 @@
+module Gem::OpenPGP
+  private
+
+  # Store options we get from command line here so sign/verify code
+  # can get to it.
+  def self.options
+    @options ||= {}
+    @options
+  end
+end

data/lib/rubygems/openpgp/sign_plugins.rb

@@ -0,0 +1,31 @@
+require 'rubygems/command_manager'
+require 'rubygems/gem_openpgp'
+
+Gem::CommandManager.instance.register_command :sign
+
+# gem build hooks
+b = Gem::CommandManager.instance[:build]
+b.add_option("--sign", "Sign gem with OpenPGP.") do |value, options|
+  Gem::OpenPGP.options[:sign] = true
+end
+
+b.add_option('--key KEY', "Specify key id if you don't want to use your default gpg key") do |key, options|
+  Gem::OpenPGP.options[:key] = key
+end
+
+class Gem::Commands::BuildCommand
+  alias_method :original_execute, :execute
+  def execute
+    original_execute
+
+    if Gem::OpenPGP.options[:sign]
+      gemspec = get_one_gem_name
+      if File.exist? gemspec then
+        spec = Gem::Specification.load gemspec
+        file_name = File.join(".", File.basename(spec.cache_file))
+        Gem::OpenPGP.sign_gem file_name, key=Gem::OpenPGP.options[:key]
+      end
+    end
+  end
+end
+

data/lib/rubygems/openpgp/signing.rb

@@ -0,0 +1,109 @@
+require 'rubygems'
+require 'rubygems/package'
+require 'rubygems/user_interaction'
+require 'gpg_status_parser'
+require 'rubygems/openpgp/gpg_helpers'
+require 'rubygems/openpgp/openpgpexception'
+require 'shellwords'
+
+module Gem::OpenPGP
+  extend Shellwords
+  
+  # Given a string of data, generate and return a detached
+  # signature.  By defualt, this will use your primary secret key.
+  # This can be overridden by specifying a key_id for another 
+  # private key.
+  def self.detach_sign data, key_id=nil, homedir=nil
+    is_gpg_available
+    is_key_valid key_id if key_id
+    is_homedir_valid homedir if homedir
+
+    key_flag = ""
+    key_flag = "-u #{shellescape(key_id)}" if key_id
+
+    homedir_flag = ""
+    homedir_flag = "--homedir #{shellescape(homedir)}" if homedir
+
+    gpg_args = "#{key_flag} #{homedir_flag} --detach-sign --armor"
+    gpg_results = GPGStatusParser.run_gpg(gpg_args, data)
+    did_gpg_error? gpg_results
+
+    gpg_results[:stdout]
+  end
+
+  # Signs an existing gemfile by iterating the tar'ed up contents,
+  # and signing any contents. creating a new file with original contents
+  # and OpenPGP sigs.  The OpenPGP sigs are saved as .asc files so they 
+  # won't conflict with X509 sigs.
+  #
+  # Optional param "key" allows you to use a different private
+  # key than the GPG default.
+  def self.sign_gem gem, key=nil, homedir=nil
+    unsigned_gem = gem + ".unsigned"
+
+    begin
+      FileUtils.mv gem, unsigned_gem
+    rescue Errno::ENOENT => ex
+      raise Gem::CommandLineError, "The gem #{gem} does not seem to exist. (#{ex.message})"
+    end
+
+    unsigned_gem_file = File.open(unsigned_gem, "r")
+    signed_gem_file = File.open(gem, "w")
+
+    signed_gem = Gem::Package::TarWriter.new(signed_gem_file)
+
+    Gem::Package::TarReader.new(unsigned_gem_file).each do |f|
+
+      if f.full_name[-4..-1] == ".asc"
+        say("Skipping old OpenPGP signature file #{f.full_name}")
+        next
+      end
+
+      file_contents = f.read()
+
+      # Copy file no matter what
+      signed_gem.add_file(f.full_name, 0644) do |outfile|
+        outfile.write(file_contents)
+      end
+
+      # Only sign if it's really part of the gem and not
+      # a X.509 sig
+      if f.full_name[-3..-1] == ".gz"
+        say add_color("Signing #{f.full_name.inspect}...",:green)
+        signed_gem.add_file(f.full_name + ".asc", 0644) do |outfile|
+          outfile.write(Gem::OpenPGP.detach_sign(file_contents,key,homedir))
+        end
+      elsif f.full_name[-4..-1] != ".sig"
+        say add_color("Not signing #{f.full_name.inspect}.  Didn't expect to see that...",:yellow)
+      end
+    end
+    
+    signed_gem_file.close
+    unsigned_gem_file.close
+    File.delete unsigned_gem_file
+
+  rescue Exception => ex
+    if unsigned_gem_file
+      FileUtils.mv unsigned_gem_file, gem
+    end
+    
+    raise
+  end
+
+  private
+
+  def self.is_key_valid key_id
+    valid = /^0x[A-Za-z0-9]{8,8}/.match(key_id)
+    if valid.nil?
+      err_msg = "Invalid key id.  Keys should be in form of 0xDEADBEEF"
+      raise Gem::OpenPGPException, err_msg
+    end
+  end
+ 
+  def self.is_homedir_valid homedir
+    if !File.exists? homedir
+      raise OpenPGPException, "Bad homedir #{homedir.inspect}"
+    end
+  end
+
+end

data/lib/rubygems/openpgp/verification.rb

@@ -0,0 +1,180 @@
+require 'rubygems'
+require 'rubygems/package'
+require 'rubygems/user_interaction'
+
+require 'tempfile'
+require 'rbconfig'
+
+require 'gpg_status_parser'
+
+require 'rubygems/openpgp/keymaster'
+require 'rubygems/openpgp/options'
+require 'rubygems/openpgp/gpg_helpers'
+require 'rubygems/openpgp/openpgpexception'
+
+module Gem::OpenPGP
+  extend Gem::UserInteraction
+
+  # Given a string containing data, and a string containing
+  # a detached signature, verify the data.  If we can't verify
+  # then raise an exception.
+  #
+  # Optionally tell gpg to retrive the key if it's not provided
+  #
+  # returns the fingerprint used to sign the file
+  def self.verify file_name, data, sig, get_key=false, homedir=nil
+    is_gpg_available
+    is_homedir_valid homedir if homedir
+
+    data_file = create_tempfile data
+    sig_file = create_tempfile sig
+
+    get_key_params = "--keyserver pool.sks-keyservers.net --keyserver-options auto-key-retrieve"
+    get_key_params = "" if get_key != true
+
+    homedir_flags = ""
+    homedir_flags = "--homedir #{homedir}" if homedir
+
+    gpg_args = "#{get_key_params} #{homedir_flags} --verify #{sig_file.path} #{data_file.path}"
+    
+    status_info = {:file_name => file_name}
+    gpg_results = GPGStatusParser.run_gpg(gpg_args) { |message| verify_extract_status_info(message, status_info) }
+    
+    if status_info[:failure]
+      say add_color(status_info[:failure], :red)
+      raise Gem::OpenPGPException, "Fail!"
+    else
+      verify_check_sig status_info
+    end
+
+    did_gpg_error? gpg_results
+
+    status_info[:primary_key_fingerprint]
+  end
+
+  def self.verify_gem gem, get_key=false, homedir=nil
+    raise Gem::CommandLineError, "Gem #{gem} not found."  if !File.exists?(gem)
+
+    gem_name = if Gem::VERSION[0..1] == "2." #gotta be a better way
+                 Gem::Package.new(gem).spec.name
+               else
+                 Gem::Format.from_file_by_path(gem).spec.name
+               end
+    
+    say("Verifying #{gem_name}...")
+
+    file = File.open(gem,"r")
+
+    fingerprints = []
+    tar_files = {}
+
+    Gem::Package::TarReader.new(file).each do |f|
+      tar_files[f.full_name] = f.read()
+    end
+    
+    tar_files.keys.each do |file_name|
+      next if [".asc",".sig"].include? file_name[-4..-1]
+
+      if file_name[-3..-1] != ".gz"
+        say add_color("Skipping #{file_name}.  Only expected .gz files...", :yellow)
+        next
+      end
+
+      sig_file_name = file_name + ".asc"
+      if !tar_files.has_key? sig_file_name
+        say add_color("WARNING!!! No sig found for #{file_name}", :red)
+        raise Gem::OpenPGPException, "Can't verify without sig, aborting!!!"
+      end
+      
+      begin
+        fingerprints << Gem::OpenPGP.verify(file_name, tar_files[file_name], tar_files[sig_file_name], get_key, homedir)
+      rescue Gem::OpenPGPException => ex
+        color_code = "31"
+        say add_color(ex.message, :red)
+        raise
+      end
+    end
+
+    # Verify fingerprint
+    fingerprints.uniq.each do |fp|
+      verify_gem_check_fingerprint gem_name, fp
+    end
+    
+  ensure
+    file.close unless file.nil?
+  end
+
+  private
+
+  # Extract the info we care about, throw away the rest  
+  def self.verify_extract_status_info message, status_info
+      case message.status
+      when :GOODSIG, :BADSIG, :ERRSIG
+        status_info[:good_or_bad] = message.status
+        status_info[:uid] = (message.args[:username] || "").strip
+        
+      when :SIG_ID
+      when :VALIDSIG, :EXPSIG, :BADSIG
+        status_info[:sig_status] = message.status
+        status_info[:primary_key] = "0x#{message.args[:primary_key_fpr][-9..-1]}"
+        status_info[:primary_key_fingerprint] = message.args[:primary_key_fpr]
+      when :TRUST_UNDEFINED, :TRUST_NEVER, :TRUST_MARGINAL, :TRUST_FULLY, :TRUST_ULTIMATE
+        status_info[:trust_status] = message.status
+      when :NO_PUBKEY
+        status_info[:failure] = "You don't have the public key.  Use --get-key to automagically retrieve from keyservers"
+      when :IMPORTED, :IMPORT_OK, :IMPORT_RES
+        #silently_ignore
+      when :KEYEXPIRED, :SIGEXPIRED
+        # recalculating trust db, ignore.
+      else
+        puts "unexpected message: #{message.status} #{message.args.inspect}"
+      end
+  end
+
+  # Print info about the sig, check that we like it, and possibly abort
+  def self.verify_check_sig status_info
+    sig_msg = "Signature for #{status_info[:file_name]} from user #{status_info[:uid]} key #{status_info[:primary_key]} is #{status_info[:good_or_bad]}, #{status_info[:sig_status]} and #{status_info[:trust_status]}"
+    if status_info[:trust_status] == :TRUST_NEVER
+      say add_color(sig_msg, :red)
+      raise Gem::OpenPGPException, "Never Trusted.  Won't install."
+    elsif status_info[:trust_status] == :TRUST_UNDEFINED
+      say add_color(sig_msg, :yellow)
+      if options[:trust] && !options[:no_trust]
+        raise Gem::OpenPGPException, "Trust Undefined and you've specified --trust.  Won't install."
+      end
+    else
+      say add_color(sig_msg , :green)
+    end
+  end
+
+  def self.verify_gem_check_fingerprint gem_name, fingerprint
+    if !Gem::OpenPGP::KeyMaster.check_fingerprint(gem_name, fingerprint)
+      raise Gem::OpenPGPException, "Gem #{gem_name} fingerprint #{fingerprint} didn't match fingerprint in #{Gem::OpenPGP::KeyMaster.full_setting_filename}.  Won't install!"
+    end
+  end
+
+  def self.create_tempfile data
+    temp_file = Tempfile.new("rubygems_gpg")
+    temp_file.binmode
+    temp_file.write(data)
+    temp_file.close
+    temp_file
+  end
+
+  def self.add_color s, color=:green
+    color_code = case color
+                 when :green then "32"
+                 when :red then "31"
+                 when :yellow then "33"
+                 else raise RuntimeError, "Invalid color #{color.inspect}"
+                 end
+    
+    if (RbConfig::CONFIG['host_os'] =~ /mswin|mingw/) 
+      s # no colors on windows
+    else
+      "\033[#{color_code}m#{s}\033[0m"
+    end
+    
+  end
+
+end

data/lib/rubygems/openpgp/verify_plugins.rb

@@ -0,0 +1,45 @@
+require 'rubygems/command_manager'
+require 'rubygems/gem_openpgp'
+
+Gem::CommandManager.instance.register_command :verify
+
+# gem install hooks
+i = Gem::CommandManager.instance[:install]
+i.add_option("--verify",
+             'Verifies a local gem that has been signed via OpenPGP.' +
+             'This helps to ensure the gem has not been tampered with in transit.') do |value, options|
+  Gem::OpenPGP.options[:verify] = true
+end
+
+i.add_option("--no-verify",
+             "Don't verify a gem, even if --verify has previously been specified") do |value, options|
+  Gem::OpenPGP.options[:no_verify] = true
+end
+
+i = Gem::CommandManager.instance[:install]
+i.add_option("--trust",
+             'Enforce gnupg trust settings.  Only install if trusted.') do |value, options|
+  Gem::OpenPGP.options[:trust] = true
+end
+
+i.add_option("--no-trust",
+             "Ignoure gnupg trust settings,  even if --trust has previously been specified") do |value, options|
+  Gem::OpenPGP.options[:no_trust] = true
+end
+
+i.add_option('--get-key', "If the key is not available, download it from a keyserver") do |key, options|
+  Gem::OpenPGP.options[:get_key] = true
+end
+
+Gem.pre_install do |installer|
+  begin
+    # --no-verify overrides --verify
+    if Gem::OpenPGP.options[:verify] && !Gem::OpenPGP.options[:no_verify]
+      Gem::OpenPGP.verify_gem(installer.gem,
+                              Gem::OpenPGP.options[:get_key])
+    end
+  rescue Gem::OpenPGPException => ex
+    installer.alert_error(ex.message)
+    installer.terminate_interaction(1)
+  end
+end

data/lib/rubygems_plugin.rb

@@ -1,72 +1,4 @@
-require 'rubygems/command_manager'
 require 'rubygems/gem_openpgp'
+require 'rubygems/openpgp/sign_plugins'
+require 'rubygems/openpgp/verify_plugins'
 
-Gem::CommandManager.instance.register_command :sign
-Gem::CommandManager.instance.register_command :verify
-
-# gem build hooks
-b = Gem::CommandManager.instance[:build]
-b.add_option("--sign", "Sign gem with OpenPGP.") do |value, options|
-  Gem::OpenPGP.options[:sign] = true
-end
-
-b.add_option('--key KEY', "Specify key id if you don't want to use your default gpg key") do |key, options|
-  Gem::OpenPGP.options[:key] = key
-end
-
-class Gem::Commands::BuildCommand
-  alias_method :original_execute, :execute
-  def execute
-    original_execute
-
-    if Gem::OpenPGP.options[:sign]
-      gemspec = get_one_gem_name
-      if File.exist? gemspec then
-        spec = Gem::Specification.load gemspec
-        file_name = File.join(".", File.basename(spec.cache_file))
-        Gem::OpenPGP.sign_gem file_name, key=Gem::OpenPGP.options[:key]
-      end
-    end
-  end
-end
-
-# gem install hooks
-i = Gem::CommandManager.instance[:install]
-i.add_option("--verify",
-             'Verifies a local gem that has been signed via OpenPGP.' +
-             'This helps to ensure the gem has not been tampered with in transit.') do |value, options|
-  Gem::OpenPGP.options[:verify] = true
-end
-
-i.add_option("--no-verify",
-             "Don't verify a gem, even if --verify has previously been specified") do |value, options|
-  Gem::OpenPGP.options[:no_verify] = true
-end
-
-i = Gem::CommandManager.instance[:install]
-i.add_option("--trust",
-             'Enforce gnupg trust settings.  Only install if trusted.') do |value, options|
-  Gem::OpenPGP.options[:trust] = true
-end
-
-i.add_option("--no-trust",
-             "Ignoure gnupg trust settings,  even if --trust has previously been specified") do |value, options|
-  Gem::OpenPGP.options[:no_trust] = true
-end
-
-i.add_option('--get-key', "If the key is not available, download it from a keyserver") do |key, options|
-  Gem::OpenPGP.options[:get_key] = true
-end
-
-Gem.pre_install do |installer|
-  begin
-    # --no-verify overrides --verify
-    if Gem::OpenPGP.options[:verify] && !Gem::OpenPGP.options[:no_verify]
-      Gem::OpenPGP.verify_gem(installer.gem,
-                              Gem::OpenPGP.options[:get_key])
-    end
-  rescue Gem::OpenPGPException => ex
-    installer.alert_error(ex.message)
-    installer.terminate_interaction(1)
-  end
-end

data/test/test_keymaster.rb

@@ -0,0 +1,31 @@
+require 'test/unit'
+require 'mocha/setup'
+
+require 'rubygems/openpgp/keymaster'
+
+class KeymasterTest < Test::Unit::TestCase
+  def setup
+    Gem::OpenPGP::KeyMaster.stubs(:load_fingerprints => {"foo" => "DEADBEEF"},
+                                  :save_fingerprints => nil)
+  end
+  
+  
+  def test_good_fingerprint
+    assert_block("Good fingerprint test") do
+      Gem::OpenPGP::KeyMaster.check_fingerprint("foo", "DEADBEEF") == true
+    end
+  end
+  
+  def test_bad_fingerprint
+    assert_block("Bad fingerprint test") do
+      Gem::OpenPGP::KeyMaster.check_fingerprint("foo", "C00FFEE") != true
+    end
+  end
+  
+  def test_new_gem
+    assert_block("New gem test") do
+      Gem::OpenPGP::KeyMaster.check_fingerprint("bar", "C00FFEE") == true
+    end
+  end
+  
+end

data/test/test_rubygems-openpgp.rb

@@ -1,4 +1,6 @@
 require 'test/unit'
+require 'mocha/setup'
+
 require 'rubygems_plugin'
 require 'rubygems/gem_openpgp'
 require 'tmpdir'
@@ -19,6 +21,8 @@ class RubygemsPluginTest < Test::Unit::TestCase
   end
   
   def test_gem_sign_and_verify
+    Gem::OpenPGP.stubs(:verify_gem_check_fingerprint => true)
+
     in_tmp_gpg_homedir do |gpg_home|
       assert_raise Gem::OpenPGPException do
         Gem::OpenPGP.verify_gem UNSIGNED_GEM, false, gpg_home
@@ -41,12 +45,12 @@ class RubygemsPluginTest < Test::Unit::TestCase
 
       sig = Gem::OpenPGP.detach_sign data, key_id=nil, homedir=gpg_home
       assert_nothing_raised do
-        Gem::OpenPGP.verify data, sig, false, homedir=gpg_home
+        Gem::OpenPGP.verify "<file>", data, sig, false, homedir=gpg_home
       end
 
       # BAD SIG
       assert_raise(Gem::OpenPGPException) do
-        Gem::OpenPGP.verify data + "\n", sig, false, homedir=gpg_home
+        Gem::OpenPGP.verify "<file>", data + "\n", sig, false, homedir=gpg_home
       end
     end
   end

metadata

@@ -1,76 +1,96 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: rubygems-openpgp
-version: !ruby/object:Gem::Version 
-  prerelease: 
-  version: 0.4.0
+version: !ruby/object:Gem::Version
+  version: 0.5.0
 platform: ruby
-authors: 
+authors:
 - Grant Olson
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2013-02-23 00:00:00 Z
-dependencies: 
-- !ruby/object:Gem::Dependency 
+date: 2013-03-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: gpg_status_parser
-  prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        version: 0.3.0
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 0.4.0
   type: :runtime
-  version_requirements: *id001
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 0.4.0
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 0.13.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 0.13.2
 description: Digitally sign gems via OpenPGP.
 email: kgo@grant-olson.net
 executables: []
-
 extensions: []
-
-extra_rdoc_files: 
+extra_rdoc_files:
 - README.md
-files: 
+files:
 - LICENSE
 - Rakefile
 - lib/rubygems_plugin.rb
 - lib/rubygems/commands/verify_command.rb
 - lib/rubygems/commands/sign_command.rb
 - lib/rubygems/gem_openpgp.rb
+- lib/rubygems/openpgp/gpg_helpers.rb
+- lib/rubygems/openpgp/options.rb
+- lib/rubygems/openpgp/signing.rb
+- lib/rubygems/openpgp/verification.rb
+- lib/rubygems/openpgp/keymaster.rb
+- lib/rubygems/openpgp/verify_plugins.rb
+- lib/rubygems/openpgp/sign_plugins.rb
+- lib/rubygems/openpgp/openpgpexception.rb
 - README.md
+- test/test_keymaster.rb
 - test/test_rubygems-openpgp.rb
 - test/pablo_escobar_seckey.asc
 - test/pablo_escobar_pubkey.asc
 - test/unsigned_hola-0.0.0.gem
-homepage: https://github.com/grant-olson/rubygems-openpgp
-licenses: 
+homepage: https://rubygems-openpgp-ca.org
+licenses:
 - BSD 3 Clause
+metadata: {}
 post_install_message: 
 rdoc_options: []
-
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
-  none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
-  none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      version: "0"
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
 rubyforge_project: 
-rubygems_version: 1.8.24
+rubygems_version: 2.0.0.rc.2
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Sign gems via OpenPGP
-test_files: 
+test_files:
+- test/test_keymaster.rb
 - test/test_rubygems-openpgp.rb
 - test/pablo_escobar_seckey.asc
 - test/pablo_escobar_pubkey.asc

metadata.gz.asc

@@ -1,11 +1,11 @@
 -----BEGIN PGP SIGNATURE-----
-Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
+Version: GnuPG v1.4.11 (GNU/Linux)
 
-iQEcBAABCgAGBQJRKNOhAAoJEP5F5V2hilTWcBgIAIob5FD4SK6UxfnXQk0U+5nP
-huK6hsanhLbH3m3fqz2BkB/WBVonF0sqO2zNIw+qxnIl/r426iXmxTfNYF3F+0Ri
-mP7YF+HBNfuElraRBBKUXSCQoB0yxqLpx3mcDwjB//0Q9CWXdeCLzefbs7+4ca4q
-rBezyxSxRXun2qBMBs7FSZYkC6rsP58EgTi555WfxymiqEZ9fEi1r4rEM37F+z2w
-FBMlYjTJhATOIhHTi8nFQoGgjFcQG9a7cgABHGZwB9IR6k5O6IeTHVXCQvOlg4au
-cj6HKS8YKpJGZPlPIJVpLmW9UhUQukg4AwTpPAHIeIiwZYahitQtm0Ra5MnSJtc=
-=bh2W
+iQEcBAABAgAGBQJRPJV0AAoJEP5F5V2hilTWUlgH/34nV018I/aZnDLYCQyFqJSJ
+Ek96fj//cmCbbN55YG8ptgB4NyZBBsc0Nvhe7CEsKFbcZJoutqoPXKeE0A3Qe9lp
+gnogg7mwcm5ndn2dxBH1fd2it0fS3vG09i5r7MMqsE5LzaLJ6OcmYWmNnV2HiPTr
+LQeqyC4hFyweIYpgO8sgdCDjrAaWDTBfoHmvHZ8xHZRZypJP45EdQ/+brp+DZmKu
+K5E7LpV9VOFFobb91a4RYuzqulSK5tQELSXkh2IcDPDyEu0FZl7iP3S6N6xuDUQc
+Zvtg1UpyMWs31DlCeivJhmQbFBbaVgjcqyHrEXnMWAIRq4XQxA7sZcxgg+K9j7k=
+=1hJH
 -----END PGP SIGNATURE-----