-
Notifications
You must be signed in to change notification settings - Fork 0
/
Rakefile
115 lines (100 loc) · 2.91 KB
/
Rakefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
# (c) Copyright 2018 Ribose Inc.
#
require "bundler/gem_tasks"
require "rspec/core/rake_task"
require "tempfile"
RSpec::Core::RakeTask.new(:spec)
task :default => :spec
namespace :pgp_keys do
def init_homedir_if_missing
FileUtils.mkdir_p(TMP_PGP_HOME)
end
def execute_gpg(*options)
init_homedir_if_missing
common_options = ["--no-permission-warning", "--homedir", TMP_PGP_HOME]
cmd = ["gpg", *common_options, *options]
system(*cmd)
end
# Available parameters for unattended GPG key generation are described here:
# https://www.gnupg.org/documentation/manuals/gnupg/Unattended-GPG-key-generation.html
def generate_pgp_keys(key_params)
Tempfile.create("gnupg-key-params") do |key_params_file|
key_params_file.write(key_params)
key_params_file.close
execute_gpg("--batch", "--gen-key", in: key_params_file.path)
end
end
desc "Lists keys in tmp/pgp_home"
task :list => :prepare do
execute_gpg "--list-keys"
end
desc "Stops all GPG daemons, and deletes tmp/pgp_home"
task :clear => :prepare do
if File.exists?(TMP_PGP_HOME)
system "gpgconf", "--homedir", TMP_PGP_HOME, "--kill", "all"
FileUtils.remove_entry_secure TMP_PGP_HOME
end
end
desc "Clears tmp/pgp_home, and generates new set of keys"
task :regenerate => %i[clear generate]
desc "Generates keys in tmp/pgp_home"
task :generate => :prepare do
# Key pairs without password
generate_pgp_keys(<<~KEY_PARAMS)
%no-protection
Key-Type: RSA
Key-Usage: sign, cert
Key-Length: 2048
Subkey-Type: RSA
Subkey-Length: 2048
Subkey-Usage: encrypt
Name-Real: Some Arbitrary Key
Name-Email: [email protected]
Name-Comment: Without passphrase
Expire-Date: 0
KEY_PARAMS
generate_pgp_keys(<<~KEY_PARAMS)
%no-protection
Key-Type: RSA
Key-Usage: sign, cert
Key-Length: 2048
Subkey-Type: RSA
Subkey-Length: 2048
Subkey-Usage: encrypt
Name-Real: Cato Elder
Name-Email: [email protected]
Name-Comment: Without passphrase
Expire-Date: 0
KEY_PARAMS
generate_pgp_keys(<<~KEY_PARAMS)
%no-protection
Key-Type: RSA
Key-Usage: sign, cert
Key-Length: 2048
Subkey-Type: RSA
Subkey-Length: 2048
Subkey-Usage: encrypt
Name-Real: Roman Senate
Name-Email: [email protected]
Name-Comment: Without passphrase
Expire-Date: 0
KEY_PARAMS
# Password-protected key pairs
generate_pgp_keys(<<~KEY_PARAMS)
Key-Type: RSA
Key-Usage: sign, cert
Key-Length: 2048
Subkey-Type: RSA
Subkey-Length: 2048
Subkey-Usage: encrypt
Name-Real: Cato Elder
Name-Email: [email protected]
Name-Comment: Password-protected
Expire-Date: 0
Passphrase: 1234
KEY_PARAMS
end
end
task :prepare do
require_relative "./spec/support/0_tmp_pgp_home"
end