Implemented constructors for both encryption and decryption

Signed-off-by: Brandon Lum <lumjjb@gmail.com>

pkg/encryption/gpg.go

@@ -322,7 +322,7 @@ func uint64ToStringArray(format string, in []uint64) []string {
 // in the GPGVault or on this system and prompts for the passwords for those
 // that are available. If we do not find a private key on the system for
 // getting to the symmetric key of a layer then an error is generated.
-func GPGGetPrivateKey(descs []ocispec.Descriptor, gpgClient GPGClient, gpgVault GPGVault, mustFindKey bool, dcparameters map[string][][]byte) error {
+func GPGGetPrivateKey(descs []ocispec.Descriptor, gpgClient GPGClient, gpgVault GPGVault, mustFindKey bool) (gpgPrivKeys [][]byte, gpgPrivKeysPwds [][]byte, err error) {
 	// PrivateKeyData describes a private key
 	type PrivateKeyData struct {
 		KeyData         []byte
@@ -338,11 +338,11 @@ func GPGGetPrivateKey(descs []ocispec.Descriptor, gpgClient GPGClient, gpgVault
 			}
 			keywrapper := GetKeyWrapper(scheme)
 			if keywrapper == nil {
-				return errors.Errorf("could not get KeyWrapper for %s\n", scheme)
+				return nil, nil, errors.Errorf("could not get KeyWrapper for %s\n", scheme)
 			}
 			keyIds, err := keywrapper.GetKeyIdsFromPacket(b64pgpPackets)
 			if err != nil {
-				return err
+				return nil, nil, err
 			}
 
 			found := false
@@ -376,11 +376,11 @@ func GPGGetPrivateKey(descs []ocispec.Descriptor, gpgClient GPGClient, gpgVault
 						password, err := terminal.ReadPassword(int(os.Stdin.Fd()))
 						fmt.Printf("\n")
 						if err != nil {
-							return err
+							return nil, nil, err
 						}
 						keydata, err := gpgClient.GetGPGPrivateKey(keyid, string(password))
 						if err != nil {
-							return err
+							return nil, nil, err
 						}
 						pkd = PrivateKeyData{
 							KeyData:         keydata,
@@ -391,63 +391,21 @@ func GPGGetPrivateKey(descs []ocispec.Descriptor, gpgClient GPGClient, gpgVault
 					}
 					break
 				} else {
-					return errors.Wrapf(errdefs.ErrInvalidArgument, "no GPGVault or GPGClient passed.")
+					return nil, nil, errors.Wrapf(errdefs.ErrInvalidArgument, "no GPGVault or GPGClient passed.")
 				}
 			}
 			if !found && len(b64pgpPackets) > 0 && mustFindKey {
 				ids := uint64ToStringArray("0x%x", keyIds)
 
-				return errors.Wrapf(errdefs.ErrNotFound, "missing key for decryption of layer %x of %s. Need one of the following keys: %s", desc.Digest, desc.Platform, strings.Join(ids, ", "))
+				return nil, nil, errors.Wrapf(errdefs.ErrNotFound, "missing key for decryption of layer %x of %s. Need one of the following keys: %s", desc.Digest, desc.Platform, strings.Join(ids, ", "))
 			}
 		}
 	}
 
-	var (
-		privKeys    [][]byte
-		privKeysPwd [][]byte
-	)
 	for _, pkd := range keyIDPasswordMap {
-		privKeys = append(privKeys, pkd.KeyData)
-		privKeysPwd = append(privKeysPwd, pkd.KeyDataPassword)
+		gpgPrivKeys = append(gpgPrivKeys, pkd.KeyData)
+		gpgPrivKeysPwds = append(gpgPrivKeysPwds, pkd.KeyDataPassword)
 	}
-	dcparameters["gpg-privatekeys"] = privKeys
-	dcparameters["gpg-privatekeys-passwords"] = privKeysPwd
 
-	return nil
-}
-
-// GPGSetupPrivateKeys uses the gpg specific parameters in the dcparameters map
-// to get the private keys needed for decryption the give layers
-func GPGSetupPrivateKeys(dcparameters map[string][][]byte, descs []ocispec.Descriptor) error {
-	/* we have to find a GPG key until we also get other private keys passed */
-	var (
-		gpgVault   GPGVault
-		gpgClient  GPGClient
-		gpgVersion string
-		gpgHomeDir string
-		err        error
-	)
-	gpgPrivateKeys := dcparameters["gpg-privatekeys"]
-	if len(gpgPrivateKeys) > 0 {
-		gpgVault = NewGPGVault()
-		gpgVault.AddSecretKeyRingDataArray(gpgPrivateKeys)
-	}
-
-	haveGPGClient := dcparameters["gpg-client"]
-	if len(haveGPGClient) > 0 {
-		item := dcparameters["gpg-client-version"]
-		if len(item) == 1 {
-			gpgVersion = string(item[0])
-		}
-		item = dcparameters["gpg-client-homedir"]
-		if len(item) == 1 {
-			gpgHomeDir = string(item[0])
-		}
-		gpgClient, err = NewGPGClient(gpgVersion, gpgHomeDir)
-		if err != nil {
-			return err
-		}
-	}
-
-	return GPGGetPrivateKey(descs, gpgClient, gpgVault, false, dcparameters)
+	return gpgPrivKeys, gpgPrivKeysPwds, nil
 }