replaced the functionality with openssl, didn't do the encryption spec

2010-08-04 20:32:15 -07:00 · 2010-08-04 20:32:15 -07:00 · 5dfc097c88
commit 5dfc097c88
parent b74438a5dc
11 changed files with 16 additions and 60 deletions
--- a/1
+++ b/1
@ -7,6 +7,7 @@ gem 'rails', '3.0.0.beta4'
 gem 'bundler', '0.9.26'

 #Security
+gem 'openssl'
 gem 'gpgme'
 gem 'devise', :git => 'http://github.com/BadMinus/devise.git'

--- a/1
+++ b/1
@ -4,5 +4,4 @@
 require File.expand_path('../config/application', __FILE__)
 require 'rake'
 ENV['GNUPGHOME'] = File.expand_path("../../gpg/diaspora-#{Rails.env}/", __FILE__)
-GPGME::check_version({})
 Rails::Application.load_tasks
--- a/app/models/person.rb
+++ b/app/models/person.rb
@ -12,7 +12,7 @@ class Person
  key :email, String
  key :url, String
  key :active, Boolean, :default => false
-  key :key_fingerprint, String
+  key :key, OpenSSL::PKey::RSA 

  one :profile, :class_name => 'Profile'
  many :posts, :class_name => 'Post', :foreign_key => :person_id
@ -37,12 +37,8 @@ class Person
    "#{profile.first_name.to_s} #{profile.last_name.to_s}"
  end

-  def key
-    GPGME::Ctx.new.get_key key_fingerprint
-  end
-  
  def export_key
-    GPGME::export(key_fingerprint, :armor => true)
+    key.public_key  
  end

  protected
@ -66,10 +62,4 @@ class Person
    self.posts.delete_all
  end

-  def remove_key
-    puts 'Removing key from keyring in test environment' if Rails.env == 'test'
-    ctx = GPGME::Ctx.new
-    ctx.delete_key(key)
-  end
-
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -9,7 +9,6 @@ class User < Person
  
  before_validation :do_bad_things
 
- 
  
  ######## Posting ########

@ -75,7 +74,6 @@ class User < Person

  def receive_friend_request(friend_request)
    Rails.logger.info("receiving friend request #{friend_request.to_json}")
-    GPGME.import(friend_request.exported_key)
    if Request.where(:callback_url => friend_request.callback_url).first
      friend_request.activate_friend
      friend_request.destroy
@ -125,32 +123,14 @@ class User < Person
  protected
  
  def assign_key
-    keys = GPGME.list_keys(real_name, true)
-    if keys.empty?
-      generate_key
-    end
-    self.key_fingerprint = GPGME.list_keys(real_name, true).first.subkeys.first.fingerprint
+    generate_key
  end

  def generate_key
    puts "Generating key"
-    puts paramstring
-    ctx = GPGME::Ctx.new
-    ctx.genkey(paramstring, nil, nil)
+    
+    self.rsa_key = OpenSSL::PKey::RSA::generate 1024 
    
  end

-  def paramstring
-"<GnupgKeyParms format=\"internal\">
-Key-Type: DSA
-Key-Length: 512
-Subkey-Type: ELG-E
-Subkey-Length: 512
-Name-Real: #{self.real_name}
-Name-Comment: #{self.url}
-Name-Email: #{self.email}
-Expire-Date: 0
-</GnupgKeyParms>"
-
-  end
 end
--- a/config/environment.rb
+++ b/config/environment.rb
@ -4,5 +4,4 @@ Haml::Template.options[:format] = :html5
 # Initialize the rails application
 Diaspora::Application.initialize!

-ENV['GNUPGHOME'] = File.expand_path("../../gpg/diaspora-#{Rails.env}/", __FILE__)
-GPGME::check_version({})
+
--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@ -26,8 +26,7 @@ Diaspora::Application.configure do
  config.action_mailer.delivery_method = :test
  config.threadsafe!
  
-  ENV['GNUPGHOME'] = File.expand_path("../../gpg/diaspora-#{Rails.env}/", __FILE__)
-  GPGME::check_version({})
+
  # Use SQL instead of Active Record's schema dumper when creating the test database.
  # This is necessary if your schema can't be completely dumped by the schema dumper,
  # like if you have constraints or database-specific column types
--- a/db/seeds/backer.rb
+++ b/db/seeds/backer.rb
@ -7,9 +7,6 @@
 #   Mayor.create(:name => 'Daley', :city => citie

 require 'config/environment'
-ENV['GNUPGHOME'] = File.expand_path("../../../gpg/diaspora-#{Rails.env}/", __FILE__)
-GPGME::check_version({})
-

 def create(backer_number)
  backer_info = [ [5072,"George", "Washington"],
--- a/db/seeds/dev.rb
+++ b/db/seeds/dev.rb
@ -7,8 +7,7 @@
 #   Mayor.create(:name => 'Daley', :city => citie

 require 'config/environment'
-ENV['GNUPGHOME'] = File.expand_path("../../../gpg/diaspora-#{Rails.env}/", __FILE__)
-GPGME::check_version({})
+
 # Create seed user
 user = User.create( :email => "robert@joindiaspora.com", :password => "evankorth", :profile => Profile.new( :first_name => "bobert", :last_name => "brin" ))

--- a/db/seeds/tom.rb
+++ b/db/seeds/tom.rb
@ -7,8 +7,7 @@
 #   Mayor.create(:name => 'Daley', :city => citie

 require 'config/environment'
-ENV['GNUPGHOME'] = File.expand_path("../../../gpg/diaspora-#{Rails.env}/", __FILE__)
-GPGME::check_version({})
+
 # Create seed user
 user = User.create( :email => "tom@tom.joindiaspora.com", :password => "evankorth", :url => "http://tom.joindiaspora.com/", :profile => Profile.new( :first_name => "Alexander", :last_name => "Hamiltom" ))

--- a/lib/encryptable.rb
+++ b/lib/encryptable.rb
@ -10,13 +10,8 @@
      return false unless signature && person.key_fingerprint
      validity = nil
      Rails.logger.info("Verifying sig on #{signable_string} from person #{person.real_name}")
-      GPGME::verify(signature, signable_string, 
-        {:armor => true, :always_trust => true}){ |signature_analysis|
-        #puts signature_analysis
-        validity =  signature_analysis.status == GPGME::GPG_ERR_NO_ERROR &&
-            signature_analysis.fpr == person.key_fingerprint
-      }
-      return validity
+      person.key.verify "SHA", signature, signable_string
+      
    end
    
    protected
@ -32,8 +27,8 @@

    def sign_with_key(key)
      Rails.logger.info("Signing #{signable_string}")
-      GPGME::sign(signable_string,nil,
-          {:armor=> true, :mode => GPGME::SIG_MODE_DETACH, :signers => [key]})
+      key.sign "SHA", signable_string
+      
    end
  end

--- a/spec/factories.rb
+++ b/spec/factories.rb
@ -2,8 +2,6 @@
 #http://github.com/thoughtbot/factory_girl
 # http://railscasts.com/episodes/158-factories-not-fixtures
 #This inclsion, because gpg-agent(not needed) is never run and hence never sets any env. variables on a MAC
-ENV['GNUPGHOME'] = File.expand_path("../../gpg/diaspora-#{Rails.env}/", __FILE__)
-GPGME::check_version({})

 Factory.define :profile do |p|
  p.first_name "Robert"
@ -14,7 +12,7 @@ Factory.define :person do |p|
  p.email "bob-person@aol.com"
  p.active true
  p.sequence(:url)  {|n|"http://google-#{n}.com/"}
-  p.key_fingerprint GPGME::list_keys("Wesley").first.subkeys.first.fingerprint
+  p.key OpenSSL::PKey::RSA.new(OpenSSL::PKey::RSA.generate(1024).public_key) 
  p.profile Profile.new( :first_name => "Robert", :last_name => "Grimm" )
 end

@ -23,7 +21,7 @@ Factory.define :user do |u|
  u.password "bluepin7"
  u.password_confirmation "bluepin7"
  u.url  "www.example.com/"
-  u.key_fingerprint GPGME.list_keys("Smith", true).first.subkeys.first.fingerprint
+  u.key OpenSSL::PKey::RSA::generate 1024 
  u.profile Profile.new( :first_name => "Bob", :last_name => "Smith" )
 end
 Factory.define :status_message do |m|