diff options
author | David Bremner <david@tethera.net> | 2022-05-05 08:29:21 -0300 |
---|---|---|
committer | Sean Whitton <spwhitton@spwhitton.name> | 2022-05-05 12:26:10 -0700 |
commit | 8cfab42bc3a063f48a3934326818f1c5f2ca9721 (patch) | |
tree | a59b70aa5fd5ad6d977ad94ff4d727bd65b6ba19 /src/data/util.lisp | |
parent | 54d75297ea8b190a3b91bd662deb61e670e9f9ef (diff) | |
download | consfigurator-8cfab42bc3a063f48a3934326818f1c5f2ca9721.tar.gz |
refactor use of gnupg in CONSFIGURATOR.DATA.PGP
Add a new low level function GPG, and a function GPG-FILE-AS-STRING intended
for use in the pgp data source and the future pass(1) data source. Both of
these functions support a new parameter *DATA-SOURCE-GNUPGHOME*, which allows
the user (or test suite) to control where key material is stored for accessing
data sources.
Signed-off-by: David Bremner <david@tethera.net>
Diffstat (limited to 'src/data/util.lisp')
-rw-r--r-- | src/data/util.lisp | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/src/data/util.lisp b/src/data/util.lisp index 3fd8895..871eb9a 100644 --- a/src/data/util.lisp +++ b/src/data/util.lisp @@ -1,6 +1,7 @@ ;;; Consfigurator -- Lisp declarative configuration management system ;;; Copyright (C) 2022 David Bremner <david@tethera.net> +;;; Copyright (C) 2021 Sean Whitton <spwhitton@spwhitton.name> ;;; This file is free software; you can redistribute it and/or modify ;;; it under the terms of the GNU General Public License as published by @@ -38,3 +39,26 @@ may contain '/' characters to map into multiple levels of directory." (uiop:relativize-pathname-directory (ensure-directory-pathname iden1)) base-dir)))) + +(defun gpg (args &key input output) + "Run gnupg, taking homedir from *DATA-SOURCE-GNUPGHOME* if set. + +INPUT and OUTPUT have the same meaning as for RUN-PROGRAM, except that OUTPUT +defaults to :STRING. The default return value is thus the output from gnupg, +as a string." + (run-program + `("gpg" + ,@(and *data-source-gnupghome* + (list "--homedir" (namestring *data-source-gnupghome*))) + ,@args) + :input input + :output (or output :string))) + +(defun gpg-file-as-string (location) + "Decrypt the contents of a gpg encrypted file at LOCATION, return as a +string." + (handler-case + (gpg (list "--decrypt" (unix-namestring location))) + (subprocess-error (error) + (missing-data-source "While attempt to decrypt ~A, gpg exited with ~A" + location (uiop:subprocess-error-code error))))) |