2016-09-24 13:52:43 +02:00
|
|
|
module Hbc
|
|
|
|
|
module Verify
|
|
|
|
|
class Gpg
|
|
|
|
|
def self.me?(cask)
|
|
|
|
|
cask.gpg
|
|
|
|
|
end
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
attr_reader :cask, :downloaded_path
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
def initialize(cask, downloaded_path, command = Hbc::SystemCommand)
|
|
|
|
|
@command = command
|
|
|
|
|
@cask = cask
|
|
|
|
|
@downloaded_path = downloaded_path
|
|
|
|
|
end
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
def available?
|
|
|
|
|
return @available unless @available.nil?
|
|
|
|
|
@available = self.class.me?(cask) && installed?
|
|
|
|
|
end
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
def installed?
|
|
|
|
|
cmd = @command.run("/usr/bin/type",
|
|
|
|
|
args: ["-p", "gpg"])
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
# if `gpg` is found, return its absolute path
|
|
|
|
|
cmd.success? ? cmd.stdout : false
|
|
|
|
|
end
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
def fetch_sig(force = false)
|
|
|
|
|
unversioned_cask = cask.version.is_a?(Symbol)
|
|
|
|
|
cached = cask.metadata_subdir("gpg") unless unversioned_cask
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
meta_dir = cached || cask.metadata_subdir("gpg", :now, true)
|
|
|
|
|
sig_path = meta_dir.join("signature.asc")
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
curl(cask.gpg.signature, "-o", sig_path.to_s) unless cached || force
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
sig_path
|
|
|
|
|
end
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
def import_key
|
|
|
|
|
args = if cask.gpg.key_id
|
2016-10-14 20:11:33 +02:00
|
|
|
["--recv-keys", cask.gpg.key_id]
|
|
|
|
|
elsif cask.gpg.key_url
|
|
|
|
|
["--fetch-key", cask.gpg.key_url.to_s]
|
|
|
|
|
end
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
@command.run!("gpg", args: args)
|
|
|
|
|
end
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
def verify
|
|
|
|
|
return unless available?
|
|
|
|
|
import_key
|
|
|
|
|
sig = fetch_sig
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
ohai "Verifying GPG signature for #{cask}"
|
2016-08-18 22:11:42 +03:00
|
|
|
|
2016-09-24 13:52:43 +02:00
|
|
|
@command.run!("gpg",
|
|
|
|
|
args: ["--verify", sig, downloaded_path],
|
|
|
|
|
print_stdout: true)
|
|
|
|
|
end
|
|
|
|
|
end
|
2016-08-18 22:11:42 +03:00
|
|
|
end
|
|
|
|
|
end
|
