git.cworth.org Git - sup/blob - lib/sup/crypto.rb

   1 module Redwood
   2
   3 class CryptoManager
   4   include Singleton
   5
   6   def initialize
   7     @mutex = Mutex.new
   8     self.class.i_am_the_instance self
   9
  10     @cmd = `which gpg`.chomp
  11     @cmd = `which pgp`.chomp unless @cmd =~ /\S/
  12     @cmd = nil unless @cmd =~ /\S/
  13   end
  14
  15   def verify payload, signature # both RubyMail::Message objects
  16     return unknown unless @cmd
  17
  18     payload_fn = Tempfile.new "redwood.payload"
  19     payload_fn.write payload.to_s.gsub(/(^|[^\r])\n/, "\\1\r\n").gsub(/^MIME-Version: .*\r\n/, "")
  20     payload_fn.close
  21
  22     signature_fn = Tempfile.new "redwood.signature"
  23     signature_fn.write signature.decode
  24     signature_fn.close
  25
  26     cmd = "#{@cmd} --quiet --batch --no-verbose --verify --logger-fd 1 #{signature_fn.path} #{payload_fn.path} 2> /dev/null"
  27
  28     #Redwood::log "gpg: running: #{cmd}"
  29     gpg_output = `#{cmd}`
  30     #Redwood::log "got output: #{gpg_output.inspect}"
  31     lines = gpg_output.split(/\n/)
  32
  33     if gpg_output =~ /^gpg: (.* signature from .*$)/
  34       $? == 0 ? [:valid, $1, lines] : [:invalid, $1, lines]
  35     else
  36       unknown lines
  37     end
  38   end
  39
  40 private
  41
  42   def unknown lines=[]
  43     [:unknown, "Unable to determine validity of cryptographic signature", lines]
  44   end
  45 end
  46 end