DuckCorp » CyborgHood

require 'gpgme' # >= 1.0.2 needed for :always_trust sign option

# Attempt to handle PGP/GPG features in a RFC3156-compliant way

#

# notes: These methods have been designed to be able to sign, crypt,

# or sign+crypt with RFC 1847 Encapsulation. There is no

# support (yet?) for the combined method described in chapter

# 6.2 of RFC3156.

signers = signers_id.collect{|key_id| gpg_key(key_id, true) }

# we don't use GPGME.sign(), because we need to get operation information to get the hash_algo and compute the micalg parameter

gpg = GPGME::Ctx.new({:signers => signers, :passphrase_callback => method(:gpg_passphrase_callback_wrapper),

:passphrase_callback_value => passphrase_callback, :armor => true})

gpg.add_signer(*signers)

sig_data = GPGME::Data.new

gpg.sign(GPGME::Data.new(self.to_rfc3156), sig_data, GPGME::SIG_MODE_NORMAL)

hash_algo = GPGME.gpgme_op_sign_result(gpg).signatures.first.hash_algo

micalg = "pgp-" + GPGME.gpgme_hash_algo_name(hash_algo).downcase

sig_data.seek(0, IO::SEEK_SET)

{:signature => sig_data.read, :micalg => micalg}

def gpg_key(fingerprint, secret = false)

gpg.get_key(fingerprint, secret)