23 files changed, 1017 insertions, 0 deletions

diff --git a/lib/backend.rb b/lib/backend.rb
new file mode 100644
index 0000000..76abd01
--- /dev/null
+++ b/lib/backend.rb
@@ -0,0 +1,32 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+# gems
+require 'rubygems'
+require 'parseconfig'
+require 'git'
+
+# internal requires
+$:.unshift File.dirname(__FILE__)
+require 'backend/fs'
+require 'backend/git'
+require 'backend/crypt'
+require 'backend/recipients_store'
+require 'backend/parse_config'
diff --git a/lib/backend/crypt.rb b/lib/backend/crypt.rb
new file mode 100644
index 0000000..2f00515
--- /dev/null
+++ b/lib/backend/crypt.rb
@@ -0,0 +1,159 @@
+# This code is based on the library from http://schleuder2.nadir.org/
+require 'gpgme'
+
+module Backend
+  # Wrapper for ruby-gpgme. Method naming is not strictly logical, this might
+  # change but aliases will be set up then.
+  class Crypt
+    # Instantiates and stores password
+    def initialize(password)
+      @password = password
+      @ctx = GPGME::Ctx.new
+      # feed the passphrase into the Context
+      @ctx.set_passphrase_cb(method(:passfunc))		
+    end
+
+    # TODO: use a logging facility
+    def debug(message)
+      puts message
+    end
+
+    # TODO: use a logging facility
+    def error(message)
+      puts message
+    end
+
+    # Verify a gpg-signature. Use +signed_string+ if the signature is
+    # detached. Returns a GPGME::SignatureResult
+    def verify(sig, signed_string='')
+      in_signed = ''
+      if signed_string.empty?
+        # verify +sig+ as cleartext (aka pgp/inline) signature
+        debug 'No extra signed_string, verifying cleartext signature'
+        output = GPGME.verify(sig) do |sig|
+          in_signed = sig
+        end
+      else
+        # verify detached signature
+        debug 'Verifying detached signature'
+        # Don't know why we need a GPGME::Data object this time but without gpgme throws exceptions
+        plain = GPGME::Data.new
+        GPGME.verify(sig, signed_string, plain) do |sig|
+          in_signed = sig
+        end
+        output = signed_string
+
+      end
+      debug 'verify_result: ' + in_signed.inspect
+
+      [output, in_signed]
+    end
+
+    # Decrypt a string.
+    def decrypt(str)
+      output = ""
+      in_encrypted = nil
+      in_signed = nil
+
+      # TODO: return ciphertext if missing key. Sensible e.g. if it is part
+      # of a nested MIME-message and encrypted to someone else on purpose.
+      # Breaking if even the whole message is not decryptable is a job for
+      # the processor.
+
+      # return input instead of empty String if not encrypted
+      unless str =~ /^-----BEGIN PGP MESSAGE-----/
+        # match pgp-mime- and inline-pgp-signatures
+        if str =~ /^-----BEGIN PGP SIG/
+          debug 'found signed, not encrypted message, verifying'
+          output, in_signed = verify(str)
+        else
+          debug 'found not signed, not encrypted message, returning input'
+          output = str
+        end
+      else
+        debug 'found pgp content, decrypting and verifying with gpgme'
+        in_encrypted = true
+        output = GPGME.decrypt(str, :passphrase_callback => method(:passfunc)) do |sig|
+          in_signed = sig
+        end
+        if output.empty?
+          Exception.new("Output from GPGME.decrypt was empty!")
+        end
+        # TODO: return mailadresses or keys instead of signature-objects?
+      end
+      [output, in_encrypted, in_signed]
+    end
+
+    # Encrypt a string to a single receiver and sign it. +receiver+ must be a
+    # Keyringer::Member
+    def encrypt_str(str, receiver)
+      # encypt and sign and return encrypted data as string
+      key = receiver.key || receiver.email
+      GPGME.encrypt([key], str, {:passphrase_callback => method(:passfunc), :armor => true, :sign => true, :always_trust => true})
+    end
+
+    # Lists all public keys matching +pattern+. Returns an array of
+    # GPGME::GpgKey's
+    def list_keys(pattern='')
+      GPGME.list_keys(pattern)
+    end
+
+    # Returns the GPGME::GpgKey matching +pattern+. Log an error if more than
+    # one matches, because duplicated user-ids is a sensitive issue.
+    def get_key(pattern)
+      pattern = "<#{pattern}>" if pattern =~ /.*@.*/
+        k = list_keys(pattern)
+      if k.length > 1
+        error "There's more than one key matching the pattern you gave me!\nPattern: #{pattern}\nkeys: #{k.inspect}"
+        false
+      else
+        k.first
+      end
+    end
+
+    # Signs +string+ with the private key of the list (aka detached signature)
+    def sign(string)
+      GPGME::detach_sign(string, {:armor => true, :passphrase_callback => method(:passfunc)})
+    end
+
+    # Clearsigns +string+ with the private key of the list
+    def clearsign(string)
+      GPGME::clearsign(string, {:armor => true, :passphrase_callback => method(:passfunc)})
+    end
+
+    # Exports the public key matching +keyid+ as ascii key block.
+    def export(keyid)
+      GPGME.export(keyid, :armor=>:true)
+    end
+
+    # Delete the public key matching +pattern+ from the public key ring of the
+    # list
+    def delete_key(key)
+      key = get_key(key) if key.kind_of?(String)
+      begin
+        @ctx.delete_key(key)
+        return true
+      rescue => e
+        return e
+      end
+    end
+
+    # Import +keydata+ into public key ring of the list
+    def add_key(keydata)
+      GPGME.import(keydata)
+    end
+
+    def add_key_from_file(keyfile)
+      add_key(File.read(keyfile))
+    end
+
+    private
+
+    def passfunc(hook, uid_hint, passphrase_info, prev_was_bad, fd)
+      io = IO.for_fd(fd, 'w')
+      io.puts @password
+      io.flush
+    end
+
+  end
+end
diff --git a/lib/backend/fs.rb b/lib/backend/fs.rb
new file mode 100644
index 0000000..b657ec9
--- /dev/null
+++ b/lib/backend/fs.rb
@@ -0,0 +1,32 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Backend
+  class Fs
+    def get_as_string(filename)
+      data = ''
+      f = File.open(filename, "r") 
+      f.each_line do |line|
+        data += line
+      end
+      return data
+    end
+  end
+end
diff --git a/lib/backend/git.rb b/lib/backend/git.rb
new file mode 100644
index 0000000..3ca2d60
--- /dev/null
+++ b/lib/backend/git.rb
@@ -0,0 +1,48 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Backend
+  class Git
+    def open(path)
+      begin
+        @git = ::Git.open(path)
+      rescue Exception => e
+        puts "Cannot open #{path}"
+        false
+      end
+    end
+
+    def init(path)
+      @git = ::Git.init(path)
+    end
+
+    def clone(url, path)
+      @git = ::Git.clone(url, path)
+    end
+
+    def add(pattern)
+       @git.add(pattern)
+    end
+
+    def commit(message)
+      @git.commit(message)
+    end
+  end
+end
diff --git a/lib/backend/parse_config.rb b/lib/backend/parse_config.rb
new file mode 100644
index 0000000..c879cb5
--- /dev/null
+++ b/lib/backend/parse_config.rb
@@ -0,0 +1,26 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Backend
+  # A wrapper around ParseConfig
+  def self.parse_config(config)
+    ParseConfig.new(config)
+  end
+end
diff --git a/lib/backend/recipients_store.rb b/lib/backend/recipients_store.rb
new file mode 100644
index 0000000..bae28df
--- /dev/null
+++ b/lib/backend/recipients_store.rb
@@ -0,0 +1,113 @@
+#!/usr/bin/env ruby

+#

+# Keyringer secret management system.

+#

+# Copyright (C) 2011 Keyringer Development Team.

+# 

+# This program is free software: you can redistribute it and/or modify

+# it under the terms of the GNU Affero General Public License as

+# published by the Free Software Foundation, either version 3 of the

+# License, or any later version.

+# 

+# This program is distributed in the hope that it will be useful,

+# but WITHOUT ANY WARRANTY; without even the implied warranty of

+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+# GNU Affero General Public License for more details.

+# 

+# You should have received a copy of the GNU Affero General Public License

+# along with this program.  If not, see <http://www.gnu.org/licenses/>.

+#

+

+module Backend

+  # a store for the recipients configuration

+  class RecipientsStore

+    # Instantiates and stores password

+    def initialize(aBaseDir = "")

+      @baseDir = aBaseDir

+    end

+    

+    def addRecipient(aRecipientAddress, aRecipientKey)

+      @recipients.push(Recipient.new(aRecipientAddress, aRecipientKey))

+    end

+    

+    def removeRecipient(aRecipientKey)

+#      read()

+#      @recipients.push(Recipient.new(aRecipientAddress, aRecipientKey))

+#      write()

+    end

+    

+    def getRecipients()

+      return @recipients

+    end

+    

+    def load()

+      read()

+    end

+

+    def save()

+      write()

+    end

+

+    def getPath()

+      File.join(@baseDir, "config", "recipients")

+    end

+

+    def hasPath?()

+      File.directory?(getPath())

+    end

+

+    def create()

+      fileName = getPath()

+      file     = File.new(fileName, "w")

+      file.close

+    end

+

+    private

+

+    def read()

+      fileName = getPath()

+      file = File.new(fileName, "r")

+      begin

+        recipients = []

+       

+        while (line = file.gets)

+          parts = line.split()

+          if (parts.length == 2)

+            recipients.push(Recipient.new(parts[1], parts[0]))

+          end

+        end

+        

+        @recipients = recipients

+      rescue => err

+        throw err

+      ensure

+        file.close

+      end

+    end

+

+    def write()

+      fileName = getPath()

+      file = File.new(fileName, "w")

+      begin

+        @recipients.each do |recipient|

+          file.puts("#{recipient.email} #{recipient.keySignature}")

+        end

+      rescue => err

+        throw err

+      ensure

+        file.close

+      end

+    end

+

+  end

+  

+  class Recipient

+    def initialize(aKeySignature, anEmail)

+      @keySignature = aKeySignature

+      @email = anEmail

+    end

+    

+    attr_reader :keySignature

+    attr_reader :email

+  end

+end

diff --git a/lib/keyringer/csr.sh b/lib/bash/csr.sh
index 881a46f..881a46f 100755
--- a/lib/keyringer/csr.sh
+++ b/lib/bash/csr.sh
diff --git a/lib/keyringer/functions b/lib/bash/functions
index 11d1b86..11d1b86 100644
--- a/lib/keyringer/functions
+++ b/lib/bash/functions
diff --git a/lib/keyring.rb b/lib/keyring.rb
new file mode 100644
index 0000000..8f81bba
--- /dev/null
+++ b/lib/keyring.rb
@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+# internal requires
+$:.unshift File.dirname(__FILE__)
+require 'backend'
+require 'keyring/fs'
+require 'keyring/keys'
+require 'keyring/repository'
+require 'keyring/crypt'
+require 'keyring/recipients'
+require 'keyring/user_config'
diff --git a/lib/keyring/crypt.rb b/lib/keyring/crypt.rb
new file mode 100644
index 0000000..2fae909
--- /dev/null
+++ b/lib/keyring/crypt.rb
@@ -0,0 +1,43 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Keyring
+  class Crypt
+    def initialize
+      @keyStore = UserConfig.instance.path + '/keys'
+    end
+
+    def decrypt(filename)
+      file    = Backend::Fs.new
+      crypt   = Backend::Crypt.new(nil)
+      content = file.get_as_string(filename)
+      crypt.decrypt(content)
+    end
+
+    # Determine the file name for a given key
+    def keyFile(name)
+      @keyStore + '/' + File.dirname(name) + '/' + File.basename(name, '.asc') + '.asc'
+    end
+
+    def decryptKey(name)
+      decrypt(keyFile(name))
+    end
+  end
+end
diff --git a/lib/keyring/fs.rb b/lib/keyring/fs.rb
new file mode 100644
index 0000000..6252217
--- /dev/null
+++ b/lib/keyring/fs.rb
@@ -0,0 +1,31 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Keyring
+  class Fs
+    def listKeys(relativePath)
+      path  = Keys.getPath
+      files = Dir.entries(path + "#{relativePath}")
+      files.delete('.')
+      files.delete('..')
+      files
+    end
+  end
+end
diff --git a/lib/keyring/keys.rb b/lib/keyring/keys.rb
new file mode 100644
index 0000000..846baee
--- /dev/null
+++ b/lib/keyring/keys.rb
@@ -0,0 +1,31 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Keyring
+  class Keys
+    def self.getPath(path = nil)
+      if path != nil
+        path + "/keys"
+      else
+        UserConfig.instance.path + "/keys"
+      end
+    end
+  end
+end
diff --git a/lib/keyring/recipients.rb b/lib/keyring/recipients.rb
new file mode 100644
index 0000000..f3264ed
--- /dev/null
+++ b/lib/keyring/recipients.rb
@@ -0,0 +1,51 @@
+#!/usr/bin/env ruby

+#

+# Keyringer secret management system.

+#

+# Copyright (C) 2011 Keyringer Development Team.

+# 

+# This program is free software: you can redistribute it and/or modify

+# it under the terms of the GNU Affero General Public License as

+# published by the Free Software Foundation, either version 3 of the

+# License, or any later version.

+# 

+# This program is distributed in the hope that it will be useful,

+# but WITHOUT ANY WARRANTY; without even the implied warranty of

+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+# GNU Affero General Public License for more details.

+# 

+# You should have received a copy of the GNU Affero General Public License

+# along with this program.  If not, see <http://www.gnu.org/licenses/>.

+#

+

+module Keyring

+  class Recipients

+    def initialize(path = nil)

+      if !path

+        path = UserConfig.instance.path

+      end

+

+      # Load backend and ensure that the file exists

+      @recipientsStore = Backend::RecipientsStore.new(path)

+      @recipientsStore.create()

+    end

+    def addRecipient(anEmail, aKeySignature)

+

+      @recipientsStore.load()

+      @recipientsStore.addRecipient(anEmail, aKeySignature)

+      @recipientsStore.save()

+    end

+    

+    def removeRecipient(aKeySignature)

+      @recipientsStore.load()

+      @recipientsStore.removeRecipient(aKeySignature)

+      @recipientsStore.save()

+    end

+    

+    def listRecipients()

+      @recipientsStore.load()

+      

+      return @recipientsStore.getRecipients()

+    end

+  end

+end

diff --git a/lib/keyring/repository.rb b/lib/keyring/repository.rb
new file mode 100644
index 0000000..a9e0de5
--- /dev/null
+++ b/lib/keyring/repository.rb
@@ -0,0 +1,68 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Keyring
+  class Repository
+    def initialize
+      @git = Backend::Git.new
+    end
+
+    # Check for a valid repository
+    def exists?(path)
+      File.directory?(path + '/.git')
+    end
+
+    def getConfigPath(path)
+      path + '/config'
+    end
+
+    def create(path, url = nil)
+      keys_path   = Keys.getPath(path)
+      config_path = getConfigPath(path)
+
+      if url
+        raise "Path #{path} exists and is a git repository" if exists?(path)
+        @git.clone(url, path)
+      else
+        @git.init(path)
+      end
+
+      # Setup folders
+      FileUtils.mkdir_p keys_path
+      FileUtils.mkdir_p config_path
+      FileUtils.chmod(0700, path)
+
+      # Reparse basedir to force absolute folder
+      path = Pathname.new(path).realpath
+      
+      # Create recipients
+      recipients = Keyring::Recipients.new(path)
+
+      # TODO: if needed:
+      # options, version, keys
+      # save user config
+
+      @git.add('.')
+
+      # TODO: commit just if the repository status has changed
+      @git.commit('Importing')
+    end
+  end
+end
diff --git a/lib/keyring/user_config.rb b/lib/keyring/user_config.rb
new file mode 100644
index 0000000..c6d48e6
--- /dev/null
+++ b/lib/keyring/user_config.rb
@@ -0,0 +1,61 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Keyring
+  class UserConfig
+    include Singleton
+
+    def initialize(path = nil)
+      self.loadMainConfig
+      self.check
+    end
+
+    def loadMainConfig
+      @user_config = ENV['HOME'] + '/.keyringer/config'
+      @keyrings    = Backend::parse_config(@user_config)
+      @path        = @keyrings.get_value($keyring)
+    end
+
+    # TODO
+    def saveMainConfig
+      # TODO: copy each keyring definition to a hash
+      # update path of the current keyring
+      file = open(@user_config, 'w')
+    end
+
+    def keyrings
+      @keyrings
+    end
+
+    def path
+      @path
+    end
+
+    def setPath(path)
+      @path = path
+      saveMainConfig
+    end
+
+    def check
+      raise "Not a directory: #{@path}" if !File::directory?(@path)
+      raise "No keydir configured for #{$keyring} keyring." if @path.nil?
+    end
+  end
+end
diff --git a/lib/keyringer.rb b/lib/keyringer.rb
new file mode 100644
index 0000000..94ae4b8
--- /dev/null
+++ b/lib/keyringer.rb
@@ -0,0 +1,38 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+# general requires
+require 'singleton'
+require 'pathname'
+
+# internal requires
+$:.unshift File.dirname(__FILE__)
+require 'keyring'
+require 'keyringer/bash_wrapper'
+require 'keyringer/parser'
+require 'keyringer/console'
+require 'keyringer/actions/decrypt'
+require 'keyringer/actions/recipients'
+require 'keyringer/actions/init'
+require 'keyringer/actions/ls'
+
+module Keyringer
+  VERSION = '2.0-alpha'
+end
diff --git a/lib/keyringer/actions/decrypt.rb b/lib/keyringer/actions/decrypt.rb
new file mode 100644
index 0000000..316db34
--- /dev/null
+++ b/lib/keyringer/actions/decrypt.rb
@@ -0,0 +1,31 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Keyringer
+  module Actions
+    class Decrypt
+      def execute
+        raise "Missing argument: key" if $args[0].nil?
+        crypt = Keyring::Crypt.new
+        crypt.decryptKey($args[0])
+      end
+    end
+  end
+end
diff --git a/lib/keyringer/actions/init.rb b/lib/keyringer/actions/init.rb
new file mode 100644
index 0000000..00a609a
--- /dev/null
+++ b/lib/keyringer/actions/init.rb
@@ -0,0 +1,31 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Keyringer
+  module Actions
+    class Init
+      def execute
+        raise "Missing argument: path" if $args[0].nil?
+        repository = Keyring::Repository.new
+        repository.create($args[0], $args[1])
+      end
+    end
+  end
+end
diff --git a/lib/keyringer/actions/ls.rb b/lib/keyringer/actions/ls.rb
new file mode 100644
index 0000000..c9b0fd1
--- /dev/null
+++ b/lib/keyringer/actions/ls.rb
@@ -0,0 +1,30 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Keyringer
+  module Actions
+    class Ls
+      def execute
+        fs = Keyring::Fs.new
+        fs.listKeys($args[0]).join(' ')
+      end
+    end
+  end
+end
diff --git a/lib/keyringer/actions/recipients.rb b/lib/keyringer/actions/recipients.rb
new file mode 100644
index 0000000..c093416
--- /dev/null
+++ b/lib/keyringer/actions/recipients.rb
@@ -0,0 +1,45 @@
+#!/usr/bin/env ruby

+#

+# Keyringer secret management system.

+#

+# Copyright (C) 2011 Keyringer Development Team.

+# 

+# This program is free software: you can redistribute it and/or modify

+# it under the terms of the GNU Affero General Public License as

+# published by the Free Software Foundation, either version 3 of the

+# License, or any later version.

+# 

+# This program is distributed in the hope that it will be useful,

+# but WITHOUT ANY WARRANTY; without even the implied warranty of

+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+# GNU Affero General Public License for more details.

+# 

+# You should have received a copy of the GNU Affero General Public License

+# along with this program.  If not, see <http://www.gnu.org/licenses/>.

+#

+

+module Keyringer

+  module Actions

+  class Recipients

+    def execute

+      subCommand = $args[0]

+

+      recipients    = Keyring::Recipients.new

+      

+      if subCommand == "add"

+        recipients.addRecipient($args[1], $args[2])

+      elsif subCommand == "remove"

+        recipients.removeRecipient($args[1])

+      elsif subCommand == "list"

+        recipients.listRecipients().each() do |recipient|

+          puts("#{recipient.email}     #{recipient.keySignature}")

+        end

+      else

+        throw "Invalid recipients command: #{subCommand} "

+      end

+      

+      return ""

+    end

+  end

+  end

+end

diff --git a/lib/keyringer/bash_wrapper.rb b/lib/keyringer/bash_wrapper.rb
new file mode 100644
index 0000000..30aa3d2
--- /dev/null
+++ b/lib/keyringer/bash_wrapper.rb
@@ -0,0 +1,27 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Keyringer
+  class BashWrapper
+    def execute
+      exec("keyringer #{$keyring} #{$action} " + $args.join(' '))
+    end
+  end
+end
diff --git a/lib/keyringer/console.rb b/lib/keyringer/console.rb
new file mode 100644
index 0000000..e3b6fae
--- /dev/null
+++ b/lib/keyringer/console.rb
@@ -0,0 +1,27 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Keyringer
+  class Console
+    include Singleton
+    def initialize
+    end
+  end
+end
diff --git a/lib/keyringer/parser.rb b/lib/keyringer/parser.rb
new file mode 100644
index 0000000..0e7f46a
--- /dev/null
+++ b/lib/keyringer/parser.rb
@@ -0,0 +1,64 @@
+#!/usr/bin/env ruby
+#
+# Keyringer secret management system.
+#
+# Copyright (C) 2011 Keyringer Development Team.
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+module Keyringer
+  class Parser
+    def initialize
+      require 'optparse'
+
+      options  = {}
+      optparse = OptionParser.new do |opts|
+        # Set a banner, displayed at the top of the help screen.
+        opts.banner = "Usage: #{File.basename($0)} <keyring> <action> [arguments]"
+
+        # TODO: example option
+        #options[:verbose] = false
+        #opts.on( '-v', '--verbose', 'Output more information' ) do
+          #options[:verbose] = true
+        #end
+
+        # TODO: example option
+        #options[:logfile] = nil
+        #opts.on( '-l', '--logfile FILE', 'Write log to FILE' ) do |file|
+          #options[:logfile] = file
+        #end
+
+        # This displays the help screen
+        opts.on( '-h', '--help', 'Display this help message' ) do
+          puts opts
+          exit
+        end
+      end
+
+      # Parse using 'parse!' to remove all options found at ARGV
+      optparse.parse!
+
+      # Parse positional arguments
+      $args    = ARGV.dup
+      $keyring = $args.shift
+      $action  = $args.shift
+
+      unless $action
+        puts optparse
+        exit
+      end
+    end
+  end
+end