Class: MrF::Keyring

Inherits:

Object

• Object
• MrF::Keyring

Defined in:

lib/mrf/keyring.rb

Instance Attribute Summary

• #gpg_passphrase ⇒ Object readonly

  Returns the value of attribute gpg_passphrase.

• #path ⇒ Object

  Returns the value of attribute path.

• #recipients ⇒ Object

  Returns the value of attribute recipients.

Instance Method Summary

• #crypto ⇒ Object
• #data ⇒ Object
• #initialize(opts = {}) ⇒ Keyring constructor

  A new instance of Keyring.

• #passfunc(obj, uid_hint, passphrase_info, prev_was_bad, fd) ⇒ Object

Constructor Details

#initialize(opts = {}) ⇒ Keyring

Returns a new instance of Keyring.

# File 'lib/mrf/keyring.rb', line 12

def initialize (opts = {})
  @path = opts.fetch(:path)
  @gpg_passphrase = opts[:gpg_passphrase]
end

Instance Attribute Details

#gpg_passphrase ⇒ Object (readonly)

Returns the value of attribute gpg_passphrase.

# File 'lib/mrf/keyring.rb', line 10

def gpg_passphrase
  @gpg_passphrase
end

#path ⇒ Object

Returns the value of attribute path.

# File 'lib/mrf/keyring.rb', line 9

def path
  @path
end

#recipients ⇒ Object

Returns the value of attribute recipients.

# File 'lib/mrf/keyring.rb', line 9

def recipients
  @recipients
end

Instance Method Details

#crypto ⇒ Object

# File 'lib/mrf/keyring.rb', line 66

def crypto
  @crypto ||= GPGME::Crypto.new
end

#data ⇒ Object

# File 'lib/mrf/keyring.rb', line 17

def data
  return @data if @data
  if File.exists?(path)
    raw_text = crypto.decrypt(File.open(path), passphrase_callback: method(:passfunc))
    @data = YAML.load(raw_text.to_s)
  else
    @data = {}
  end
end

#passfunc(obj, uid_hint, passphrase_info, prev_was_bad, fd) ⇒ Object

# File 'lib/mrf/keyring.rb', line 27

def passfunc (obj, uid_hint, passphrase_info, prev_was_bad, fd)
  # Use known passphrase when given
  if @gpg_passphrase
    io = IO.for_fd(fd, 'w')
    io.puts(@gpg_passphrase)
    io.flush
    return
  end

  # Try from keychain
  key_id = passphrase_info.split(' ').first
  key_id = uid_hint[/<[^<>]*>$/].tr("<>", "")
  dump = `security -q find-generic-password -s "gpg-#{key_id}" -g 2>&1`
  password = dump[/password: "(.*)"/, 1]

  if password
    io = IO.for_fd(fd, 'w')
    io.puts(password)
    io.flush
  else
    # Prompt user
    begin
      io = IO.for_fd(fd, 'w')

      console = IO.console
      console.write("Passphrase for #{uid_hint}: ")
      console.noecho do |noecho|
        io.puts(noecho.gets)
        io.flush
      end
      console.puts
    ensure
      (0 ... $_.length).each do |i| $_[i] = ?0 end if $_
    end
  end

  $stderr.puts
end