File Coverage

blib/lib/Brackup/Decrypt.pm

Criterion	Covered	Total	%
statement	43	50	86.0
branch	12	24	50.0
condition	6	13	46.1
subroutine	8	8	100.0
pod	0	4	0.0
total	69	99	69.7

line	stmt	bran	cond	sub	pod	time	code
1							package Brackup::Decrypt;
2
3	13			13		68	use strict;
	13					27
	13					541
4	13			13		66	use warnings;
	13					21
	13					337
5	13			13		61	use Carp qw(croak);
	13					24
	13					589
6	13			13		94	use Brackup::Util qw(slurp tempfile);
	13					43
	13					9965
7
8							# Decrypt a dataref into a dataref
9							sub decrypt_data {
10	133			133	0	543	my ($dataref, %opts) = @_;
11
12	133					487	my $meta = $opts{meta};
13
14							# do nothing if the data is not encrypted
15	133	100	66			4778	return $dataref unless $meta && $meta->{"GPG-Recipient"};
16
17	88		50			1422	my $dataref_temp = ( (tempfile())[1] \|\| die );
18	88					1854	write_to_file($dataref_temp, $dataref);
19
20	88					1244	my $decrypted_temp = decrypt_file($dataref_temp,%opts);
21	88					21585	unlink($dataref_temp);
22
23	88					4212	my $data = slurp($decrypted_temp);
24	88					11157	unlink($decrypted_temp);
25
26	88					2996	return \$data;
27							}
28
29							sub write_to_file {
30	88			88	0	486	my ($file, $ref) = @_;
31	88	50				6275	open (my $fh, '>', $file) or die "Failed to open $file for writing: $!\n";
32	88					683	print $fh $$ref;
33	88	50				7155	close($fh) or die;
34	88	50				2205	die "File is not of the correct size" unless -s $file == length $$ref;
35	88					402	return 1;
36							}
37
38							sub decrypt_file_if_needed {
39	13			13	0	46	my ($filename) = @_;
40
41	13					81	my $meta = slurp($filename, decompress => 1);
42	13	50				8374	if ($meta =~ /[\x00-\x08]/) { # silly is-binary heuristic
43	0					0	my $new_file = decrypt_file($filename,no_batch => 1);
44	0	0				0	if (defined $new_file) {
45	0					0	warn "Decrypted ${filename} to ${new_file}.\n";
46							}
47	0					0	return $new_file;
48							}
49	13					104	return undef;
50							}
51
52							# Decrypt a file into a new file
53							# Return the new file's name, or undef.
54
55							our $warned_about_gpg_agent = 0;
56
57							sub decrypt_file {
58	88			88	0	572	my ($encrypted_file,%opts) = @_;
59
60	88					257	my $no_batch = delete $opts{no_batch};
61	88					351	my $meta = delete $opts{meta};
62	88	50				469	croak("Unknown options: " . join(', ', keys %opts)) if %opts;
63
64							# find which key we're using to decrypt it
65	88	50				330	if ($meta) {
66	88	50				790	my $rcpt = $meta->{"GPG-Recipient"} or
67							return undef;
68							}
69
70	88	50	33			9163	unless ($ENV{'GPG_AGENT_INFO'} \|\|
			33
71							@Brackup::GPG_ARGS \|\|
72							$warned_about_gpg_agent++)
73							{
74	0					0	my $err = q{
75							#
76							# WARNING: trying to restore encrypted files,
77							# but $ENV{'GPG_AGENT_INFO'} not present.
78							# Are you running gpg-agent?
79							#
80							};
81	0					0	$err =~ s/^\s+//gm;
82	0					0	warn $err;
83							}
84
85	88		50			392	my $output_temp = ( (tempfile())[1] \|\| die );
86
87	88	50				2064	my @list = ("gpg", @Brackup::GPG_ARGS,
88							"--use-agent",
89							!$opts{no_batch} ? ("--batch") : (),
90							"--trust-model=always",
91							"--output", $output_temp,
92							"--yes", "--quiet",
93							"--decrypt", $encrypted_file);
94	88	50				3044139	system(@list)
95							and die "Failed to decrypt with gpg: $!\n";
96
97	88					8714	return $output_temp;
98							}
99
100							1;