Class: C3D::Encryptor

Inherits:

Object

• Object
• C3D::Encryptor

Includes:

Celluloid

Defined in:

lib/c3d/util/encrypt.rb

Overview

The Encryptor class is used to sign and encrypt file blobs using

gpg (for now) on a user's computer. The object class is instantiated
using any of gpg's options and the instance methods can then be used
and will rely upon the instatiated options. The encryptor class
will not blob files, and as such it should be called prior to and
in conjunction with the Blobber class for users to share encrypted
files via the torrent layer c3d utilizes.

Instance Attribute Summary

• #opts ⇒ Object

  Returns the value of attribute opts.

• #opts_addendum ⇒ Object readonly

  Returns the value of attribute opts_addendum.

Instance Method Summary

• #clearsign(blob) ⇒ Object

  clearsign will call gpg’s clearsign function on a blob.

• #decrypt(blob_file) ⇒ Object

  decrypt will call gpg’s decrypt function on a blob.

• #encrypt(blob, recipients = []) ⇒ Object

  encrypt will call gpg’s sign and encrypt function on a blob.

• #initialize(opts = {}) ⇒ Encryptor constructor

  Encryptor.new can be instantiated using any gpg options available to the user.

• #verify(blob_file) ⇒ Object

  verify will call gpg’s verify function on a blob file.

Constructor Details

#initialize(opts = {}) ⇒ Encryptor

Encryptor.new can be instantiated using any gpg options available to the

user. Each of the options should be sent as the key to the hash with
the value of the hash being the value of the option send to the gpg
cli. The instantiated class will then use these options whenever any
of the instance methods are called.

# File 'lib/c3d/util/encrypt.rb', line 22

def initialize opts={}
  @opts = '--quiet --yes '
  @opts << build_opts(opts)
end

Instance Attribute Details

#opts ⇒ Object

Returns the value of attribute opts.

# File 'lib/c3d/util/encrypt.rb', line 14

def opts
  @opts
end

#opts_addendum ⇒ Object (readonly)

Returns the value of attribute opts_addendum.

# File 'lib/c3d/util/encrypt.rb', line 15

def opts_addendum
  @opts_addendum
end

Instance Method Details

#clearsign(blob) ⇒ Object

clearsign will call gpg’s clearsign function on a blob. A blob can be passed

in the form of raw file contents already read into memory, or as a filepath
as is the case with the Blobber class. clearsign will return the raw contents
of the clearsigned file to the caller, by clearsigning to a tmp file and reading
that tempfile into memory (this will avoid any gpg errors being passed back to
the caller). the clearsign function would typically be called in conjunction with
the verify function. typically, clearsign will utilize the default gpg keys
for the user.

# File 'lib/c3d/util/encrypt.rb', line 35

def clearsign blob
  clear_addendum
  blob = file_or_contents blob
  outf = add_output_path_to_opts
  cmd  = build_command '--clearsign', blob
  system "#{cmd}"
  return outf
end

#decrypt(blob_file) ⇒ Object

decrypt will call gpg’s decrypt function on a blob. the function will only accept

a file path and does not accept raw file contents (roughly mirroring the verify
function). the function will return an array containing: [0] -- true or false flag
which signals whether the signature of the file was correct and verified by gpg as
well as [1] -- the path to the decrypted file.

# File 'lib/c3d/util/encrypt.rb', line 83

def decrypt blob_file
  clear_addendum
  outf   = add_output_path_to_opts
  cmd    = build_command '--decrypt', blob_file
  result = `#{cmd} 2>&1`
  result = parse_gpg_output result
  result = [outf, result]
  return result
end

#encrypt(blob, recipients = []) ⇒ Object

encrypt will call gpg’s sign and encrypt function on a blob. by default encrypt will

sign and encrypt via the user's default keys. this function is opinionated and
has not been built to provide abstracted gpg encryption functionality. as such,
it will utilized gpg's built in rsa encryption functionality rather than using
elliptical curve functionality. over time, Project Douglas intends to expand the
scope of blob encryption options. the blob argument passed to the encrypt function
can be either a file path or raw file contents as with the Blobber class as well as
the clearsign function. in addition, the function accepts an array of recipient email
addresses or gpg keys which can be used to restrict decryption functionality to the
intended recipients of the file blob only.

# File 'lib/c3d/util/encrypt.rb', line 68

def encrypt blob, recipients=[]
  clear_addendum
  blob = file_or_contents blob
  outf = add_output_path_to_opts
  add_recipients_to_opts recipients unless recipients.empty?
  cmd  = build_command '--sign --encrypt', blob
  system "#{cmd}"
  return outf
end

#verify(blob_file) ⇒ Object

verify will call gpg’s verify function on a blob file. the function will only

accept a file path and does not accept raw file contents. the function will return
true or false depending on whether the clearsigned file was valid or not. Verify
is not used with encrypted files (for simplicity in c3d's case) but only with
clearsigned files. This is a design decision for convenience.

# File 'lib/c3d/util/encrypt.rb', line 49

def verify blob_file
  clear_addendum
  cmd    = build_command '--verify', blob_file
  result = `#{cmd} 2>&1`
  p "REAS: " + result
  result = parse_gpg_output result
  return result
end