Class: Arver::KeySaver

Inherits:

Object

• Object
• Arver::KeySaver

Defined in:

lib/arver/key_saver.rb

Class Method Summary

• .add(user, key) ⇒ Object
• .add_padding(key) ⇒ Object
• .backup_key_path(user) ⇒ Object
• .config_path ⇒ Object
• .deflate(string, level = 6) ⇒ Object
• .inflate(string) ⇒ Object
• .key_path(user) ⇒ Object
• .num_of_key_files(user) ⇒ Object
• .purge_keys(user) ⇒ Object
• .read(user) ⇒ Object
• .save(user, key) ⇒ Object
• .save_to(user, key, path) ⇒ Object
• .substract_padding(key) ⇒ Object
• .tmp_key_path(user) ⇒ Object

Class Method Details

.add(user, key) ⇒ Object

# File 'lib/arver/key_saver.rb', line 17

def self.add( user, key )
  path     = key_path( user )
  filename = save_to( user, key, path )
  File.join(path,filename)
end

.add_padding(key) ⇒ Object

# File 'lib/arver/key_saver.rb', line 120

def self.add_padding( key )
  marker = "--"+SecureRandom.base64( 82 )
  size = 200000
  padding_size = size - key.size
  if padding_size <= 0
    padding_size = 0
    Arver::Log.warn( "Warning: Your arver keys exceed the maximal padding size, therefore i can no longer disguise how many keys you possess.")
  end
  padding = SecureRandom.base64( padding_size )[0..padding_size]
  marker +"\n"+ key + "\n" + marker + "\n" + padding
end

.backup_key_path(user) ⇒ Object

# File 'lib/arver/key_saver.rb', line 73

def self.backup_key_path( user )
  "#{key_path(user)}.bak"
end

.config_path ⇒ Object

# File 'lib/arver/key_saver.rb', line 81

def self.config_path
  Arver::LocalConfig.instance.config_dir
end

.deflate(string, level = 6) ⇒ Object

# File 'lib/arver/key_saver.rb', line 23

def self.deflate(string, level=6)
  z = Zlib::Deflate.new(level)
  dst = z.deflate(string, Zlib::FINISH)
  z.close
  dst
end

.inflate(string) ⇒ Object

# File 'lib/arver/key_saver.rb', line 30

def self.inflate(string)
  zstream = Zlib::Inflate.new
  buf = zstream.inflate(string)
  zstream.finish
  zstream.close
  buf
end

.key_path(user) ⇒ Object

# File 'lib/arver/key_saver.rb', line 69

def self.key_path( user )
  File.join("#{config_path}","keys","#{user}")
end

.num_of_key_files(user) ⇒ Object

# File 'lib/arver/key_saver.rb', line 89

def self.num_of_key_files( user )
  Dir.entries( key_path( user ) ).size - 2
end

.purge_keys(user) ⇒ Object

# File 'lib/arver/key_saver.rb', line 85

def self.purge_keys( user )
  FileUtils.rm_rf( key_path( user ) )
end

.read(user) ⇒ Object

# File 'lib/arver/key_saver.rb', line 93

def self.read( user )
  GPGKeyManager.check_key_of( user )
  return [] unless File.exists?( key_path( user ) )
  decrypted = []
  crypto = GPGME::Crypto.new
  Dir.entries( key_path( user ) ).sort.each do | file |
    unless( file == "." || file == ".." )
      Arver::Log.trace( "Loading keyfile "+file )
      key_encrypted = File.open( File.join( key_path( user ),file) )
      begin
        decrypted_txt = crypto.decrypt( key_encrypted, { :passphrase_callback => method( :passfunc ) } )
      rescue GPGME::Error => gpgerr
        Arver::Log.error( "GPGME Error #{gpgerr} Message: #{gpgerr.message}" )
        next
      end
      decrypted_key = substract_padding( decrypted_txt.read )
      begin
        decrypted_key = inflate( decrypted_key )
      rescue Zlib::DataError
        Log.write("You have an outdated key. Run garbage collect to update it.")
      end
      decrypted += [ decrypted_key ];
    end
  end
  decrypted
end

.save(user, key) ⇒ Object

# File 'lib/arver/key_saver.rb', line 6

def self.save( user, key )
  tmp_path  = tmp_key_path( user )
  back_path = backup_key_path( user )
  path      = key_path( user )
  filename  = save_to( user, key, tmp_path )
  FileUtils.mv(path,back_path) if File.exists?(path) 
  FileUtils.mv(tmp_path,path)
  FileUtils.rm_rf(back_path)
  File.join(path,filename)
end

.save_to(user, key, path) ⇒ Object

# File 'lib/arver/key_saver.rb', line 38

def self.save_to( user, key, path )
  #compress the key before applying padding, so the size after encryption+compression by gpg is more stable...
  key = deflate(key)
  unless GPGKeyManager.check_key_of( user )
    Arver::Log.error( "Error no key for #{user}" )
    return
  end
  gpg_key = GPGKeyManager.key_of( user )
  key = add_padding( key )
  crypto = GPGME::Crypto.new :armor => true
  begin
    if( Arver::RuntimeConfig.instance.trust_all )
      encrypted = crypto.encrypt( key, {:recipients => gpg_key.fingerprint, :always_trust => true})
    else
      encrypted = crypto.encrypt( key, {:recipients => gpg_key.fingerprint, :armor => true})
    end
  rescue GPGME::Error => gpgerr
    Arver::Log.error( "GPGME Error #{gpgerr} Message: #{gpgerr.message}" )
    return
  end
  key_encrypted = encrypted.read
  unless( Arver::RuntimeConfig.instance.dry_run )
    FileUtils.mkdir_p path unless File.exists?( path )
    filename = "#{OpenSSL::Digest::SHA256.new << key_encrypted}"
    File.open( File.join("#{path}","#{filename}"), 'w' ) do |f|
      f.write key_encrypted
    end
  end
  filename
end

.substract_padding(key) ⇒ Object

# File 'lib/arver/key_saver.rb', line 132

def self.substract_padding( key )
  if key[0...4] == "--- "
    Arver::Log.warn( "Warning: you are using deprecated unpadded keyfiles. Please run garbage collect!" )
    return key
  end
  marker = ""
  striped_key = ""
  key.each_line do |line|
    if( marker.empty? )
       marker = line
    elsif( line == marker )
      break
    else
      striped_key += line
    end
  end
  striped_key.chomp
end

.tmp_key_path(user) ⇒ Object

# File 'lib/arver/key_saver.rb', line 77

def self.tmp_key_path( user )
  File.join("#{config_path}","tmp","#{user}")
end