src/plugins/pgpcore/sgpgme.c

   1 /*
   2  * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
   3  * Copyright (C) 1999-2003 Hiroyuki Yamamoto & the Sylpheed-Claws team
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License
  16  * along with this program; if not, write to the Free Software
  17  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  18  */
  19
  20 #ifdef HAVE_CONFIG_H
  21 #  include "config.h"
  22 #endif
  23
  24 #ifdef USE_GPGME
  25
  26 #include <time.h>
  27 #include <gtk/gtk.h>
  28 #include <gpgme.h>
  29 #include <glib.h>
  30 #include <glib/gi18n.h>
  31 #include <stdio.h>
  32 #include <errno.h>
  33
  34 #include "sgpgme.h"
  35 #include "privacy.h"
  36 #include "prefs_common.h"
  37 #include "utils.h"
  38 #include "alertpanel.h"
  39 #include "passphrase.h"
  40 #include "prefs_gpg.h"
  41 #include "select-keys.h"
  42
  43 static void sgpgme_disable_all(void)
  44 {
  45     /* FIXME: set a flag, so that we don't bother the user with failed
  46      * gpgme messages */
  47 }
  48
  49 gpgme_verify_result_t sgpgme_verify_signature(gpgme_ctx_t ctx, gpgme_data_t sig,
  50                                         gpgme_data_t plain, gpgme_data_t dummy)
  51 {
  52         gpgme_verify_result_t status = NULL;
  53         gpgme_error_t err;
  54
  55         if ((err = gpgme_op_verify(ctx, sig, plain, dummy)) != GPG_ERR_NO_ERROR) {
  56                 debug_print("op_verify err %s\n", gpgme_strerror(err));
  57                 return GINT_TO_POINTER(-GPG_ERR_SYSTEM_ERROR);
  58
  59         }
  60         status = gpgme_op_verify_result(ctx);
  61
  62         return status;
  63 }
  64
  65 SignatureStatus sgpgme_sigstat_gpgme_to_privacy(gpgme_ctx_t ctx, gpgme_verify_result_t status)
  66 {
  67         unsigned long validity = 0;
  68         gpgme_signature_t sig = NULL;
  69
  70         if (GPOINTER_TO_INT(status) == -GPG_ERR_SYSTEM_ERROR) {
  71                 debug_print("system error\n");
  72                 return SIGNATURE_CHECK_FAILED;
  73         }
  74
  75         if (status == NULL) {
  76                 debug_print("status == NULL\n");
  77                 return SIGNATURE_UNCHECKED;
  78         }
  79         sig = status->signatures;
  80
  81         if (sig == NULL) {
  82                 debug_print("sig == NULL\n");
  83                 return SIGNATURE_UNCHECKED;
  84         }
  85         validity = sig->validity;
  86
  87         debug_print("err code %d\n", gpg_err_code(sig->status));
  88         switch (gpg_err_code(sig->status)) {
  89         case GPG_ERR_NO_ERROR:
  90                 if ((validity != GPGME_VALIDITY_MARGINAL) &&
  91                     (validity != GPGME_VALIDITY_FULL) &&
  92                     (validity != GPGME_VALIDITY_ULTIMATE))
  93                         return SIGNATURE_WARN;
  94                 return SIGNATURE_OK;
  95         case GPG_ERR_SIG_EXPIRED:
  96         case GPG_ERR_KEY_EXPIRED:
  97                 return SIGNATURE_WARN;
  98         case GPG_ERR_BAD_SIGNATURE:
  99                 return SIGNATURE_INVALID;
 100         case GPG_ERR_NO_PUBKEY:
 101                 return SIGNATURE_CHECK_FAILED;
 102         default:
 103                 return SIGNATURE_CHECK_FAILED;
 104         }
 105         return SIGNATURE_CHECK_FAILED;
 106 }
 107
 108 static const gchar *get_validity_str(unsigned long validity)
 109 {
 110         switch (gpg_err_code(validity)) {
 111         case GPGME_VALIDITY_UNKNOWN:
 112                 return _("Unknown");
 113         case GPGME_VALIDITY_UNDEFINED:
 114                 return _("Undefined");
 115         case GPGME_VALIDITY_NEVER:
 116                 return _("Never");
 117         case GPGME_VALIDITY_MARGINAL:
 118                 return _("Marginal");
 119         case GPGME_VALIDITY_FULL:
 120                 return _("Full");
 121         case GPGME_VALIDITY_ULTIMATE:
 122                 return _("Ultimate");
 123         default:
 124                 return _("Error");
 125         }
 126 }
 127
 128 gchar *sgpgme_sigstat_info_short(gpgme_ctx_t ctx, gpgme_verify_result_t status)
 129 {
 130         gpgme_signature_t sig = NULL;
 131         gchar *uname = NULL;
 132         gpgme_key_t key;
 133
 134         if (GPOINTER_TO_INT(status) == -GPG_ERR_SYSTEM_ERROR) {
 135                 return g_strdup(_("The signature can't be checked - GPG error."));
 136         }
 137
 138         if (status == NULL) {
 139                 return g_strdup(_("The signature has not been checked."));
 140         }
 141         sig = status->signatures;
 142         if (sig == NULL) {
 143                 return g_strdup(_("The signature has not been checked."));
 144         }
 145
 146         gpgme_get_key(ctx, sig->fpr, &key, 0);
 147         if (key)
 148                 uname = key->uids->uid;
 149         else
 150                 uname = "<?>";
 151         switch (gpg_err_code(sig->status)) {
 152         case GPG_ERR_NO_ERROR:
 153         {
 154                 return g_strdup_printf(_("Good signature from %s (Trust: %s)."),
 155                         uname, get_validity_str(sig->validity));
 156         }
 157         case GPG_ERR_SIG_EXPIRED:
 158                 return g_strdup_printf(_("Expired signature from %s."), uname);
 159         case GPG_ERR_KEY_EXPIRED:
 160                 return g_strdup_printf(_("Expired key from %s."), uname);
 161         case GPG_ERR_BAD_SIGNATURE:
 162                 return g_strdup_printf(_("Bad signature from %s."), uname);
 163         case GPG_ERR_NO_PUBKEY:
 164                 return g_strdup(_("No key available to verify this signature."));
 165         default:
 166                 return g_strdup(_("The signature has not been checked."));
 167         }
 168         return g_strdup(_("Error"));
 169 }
 170
 171 gchar *sgpgme_sigstat_info_full(gpgme_ctx_t ctx, gpgme_verify_result_t status)
 172 {
 173         gint i = 0;
 174         gchar *ret;
 175         GString *siginfo;
 176         gpgme_signature_t sig = status->signatures;
 177
 178         siginfo = g_string_sized_new(64);
 179         while (sig) {
 180                 gpgme_user_id_t user = NULL;
 181                 gpgme_key_t key;
 182
 183                 const gchar *keytype, *keyid, *uid;
 184
 185                 gpgme_get_key(ctx, sig->fpr, &key, 0);
 186                 user = key->uids;
 187
 188                 keytype = gpgme_pubkey_algo_name(key->subkeys->pubkey_algo);
 189                 keyid = key->subkeys->keyid;
 190                 g_string_append_printf(siginfo,
 191                         _("Signature made using %s key ID %s\n"),
 192                         keytype, keyid);
 193
 194                 uid = user->uid;
 195                 switch (gpg_err_code(sig->status)) {
 196                 case GPG_ERR_NO_ERROR:
 197                 case GPG_ERR_KEY_EXPIRED:
 198                         g_string_append_printf(siginfo,
 199                                 _("Good signature from \"%s\"\n"),
 200                                 uid);
 201                         break;
 202                 case GPG_ERR_SIG_EXPIRED:
 203                         g_string_append_printf(siginfo,
 204                                 _("Expired signature from \"%s\"\n"),
 205                                 uid);
 206                         break;
 207                 case GPG_ERR_BAD_SIGNATURE:
 208                         g_string_append_printf(siginfo,
 209                                 _("BAD signature from \"%s\"\n"),
 210                                 uid);
 211                         break;
 212                 default:
 213                         break;
 214                 }
 215                 if (sig->status != GPG_ERR_BAD_SIGNATURE) {
 216                         gint j = 1;
 217                         user = user->next;
 218                         while (user != NULL) {
 219                                 g_string_append_printf(siginfo,
 220                                         _("                aka \"%s\"\n"),
 221                                         user->uid);
 222                                 j++;
 223                                 user = user->next;
 224                         }
 225                         g_string_append_printf(siginfo,
 226                                 _("Primary key fingerprint: %s\n"),
 227                                 sig->fpr);
 228                 }
 229
 230                 g_string_append(siginfo, "\n");
 231                 i++;
 232                 sig = sig->next;
 233         }
 234
 235         ret = siginfo->str;
 236         g_string_free(siginfo, FALSE);
 237         return ret;
 238 }
 239
 240 gpgme_data_t sgpgme_data_from_mimeinfo(MimeInfo *mimeinfo)
 241 {
 242         gpgme_data_t data = NULL;
 243         gpgme_error_t err;
 244         FILE *fp = g_fopen(mimeinfo->data.filename, "rb");
 245         gchar *tmp_file = NULL;
 246
 247         if (!fp)
 248                 return NULL;
 249
 250         tmp_file = get_tmp_file();
 251         copy_file_part(fp, mimeinfo->offset, mimeinfo->length, tmp_file);
 252         fclose(fp);
 253         fp = g_fopen(tmp_file, "rb");
 254         debug_print("tmp file %s\n", tmp_file);
 255         if (!fp)
 256                 return NULL;
 257
 258         err = gpgme_data_new_from_file(&data, tmp_file, 1);
 259         g_unlink(tmp_file);
 260         g_free(tmp_file);
 261
 262         debug_print("data %p (%d %d)\n", (void *)&data, mimeinfo->offset, mimeinfo->length);
 263         if (err) {
 264                 debug_print ("gpgme_data_new_from_file failed: %s\n",
 265                              gpgme_strerror (err));
 266                 return NULL;
 267         }
 268         return data;
 269 }
 270
 271 gpgme_data_t sgpgme_decrypt_verify(gpgme_data_t cipher, gpgme_verify_result_t *status, gpgme_ctx_t ctx)
 272 {
 273         struct passphrase_cb_info_s info;
 274         gpgme_data_t plain;
 275         gpgme_error_t err;
 276
 277         memset (&info, 0, sizeof info);
 278
 279         if (gpgme_data_new(&plain) != GPG_ERR_NO_ERROR) {
 280                 gpgme_release(ctx);
 281                 return NULL;
 282         }
 283
 284         if (!getenv("GPG_AGENT_INFO")) {
 285                 info.c = ctx;
 286                 gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
 287         }
 288
 289         err = gpgme_op_decrypt_verify(ctx, cipher, plain);
 290         if (err != GPG_ERR_NO_ERROR) {
 291                 debug_print("can't decrypt (%s)\n", gpgme_strerror(err));
 292                 gpgmegtk_free_passphrase();
 293                 gpgme_data_release(plain);
 294                 return NULL;
 295         }
 296
 297         err = gpgme_data_rewind(plain);
 298         if (err) {
 299                 debug_print("can't seek (%d %d %s)\n", err, errno, strerror(errno));
 300         }
 301
 302         debug_print("decrypted.\n");
 303         *status = gpgme_op_verify_result (ctx);
 304
 305         return plain;
 306 }
 307
 308 gchar *sgpgme_get_encrypt_data(GSList *recp_names)
 309 {
 310         SelectionResult result = KEY_SELECTION_CANCEL;
 311         gpgme_key_t *keys = gpgmegtk_recipient_selection(recp_names, &result);
 312         gchar *ret = NULL;
 313         int i = 0;
 314
 315         if (!keys) {
 316                 if (result == KEY_SELECTION_DONT)
 317                         return g_strdup("_DONT_ENCRYPT_");
 318                 else
 319                         return NULL;
 320         }
 321         while (keys[i]) {
 322                 gpgme_subkey_t skey = keys[i]->subkeys;
 323                 gchar *fpr = skey->fpr;
 324                 gchar *tmp = NULL;
 325                 debug_print("adding %s\n", fpr);
 326                 tmp = g_strconcat(ret?ret:"", fpr, " ", NULL);
 327                 g_free(ret);
 328                 ret = tmp;
 329                 i++;
 330         }
 331         return ret;
 332 }
 333
 334 gboolean sgpgme_setup_signers(gpgme_ctx_t ctx, PrefsAccount *account)
 335 {
 336         GPGAccountConfig *config;
 337
 338         gpgme_signers_clear(ctx);
 339
 340         config = prefs_gpg_account_get_config(account);
 341
 342         if (config->sign_key != SIGN_KEY_DEFAULT) {
 343                 gchar *keyid;
 344                 gpgme_key_t key;
 345
 346                 if (config->sign_key == SIGN_KEY_BY_FROM)
 347                         keyid = account->address;
 348                 else if (config->sign_key == SIGN_KEY_CUSTOM)
 349                         keyid = config->sign_key_id;
 350                 else
 351                         return FALSE;
 352
 353                 gpgme_op_keylist_start(ctx, keyid, 1);
 354                 while (!gpgme_op_keylist_next(ctx, &key)) {
 355                         gpgme_signers_add(ctx, key);
 356                         gpgme_key_release(key);
 357                 }
 358                 gpgme_op_keylist_end(ctx);
 359         }
 360
 361         prefs_gpg_account_free_config(config);
 362
 363         return TRUE;
 364 }
 365
 366 void sgpgme_init()
 367 {
 368         gpgme_engine_info_t engineInfo;
 369         if (gpgme_check_version("0.4.5")) {
 370                 gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL));
 371                 gpgme_set_locale(NULL, LC_MESSAGES, setlocale(LC_MESSAGES, NULL));
 372                 if (!gpgme_get_engine_info(&engineInfo)) {
 373                         while (engineInfo) {
 374                                 debug_print("GpgME Protocol: %s\n      Version: %s\n",
 375                                         gpgme_get_protocol_name(engineInfo->protocol),
 376                                         engineInfo->version);
 377                                 engineInfo = engineInfo->next;
 378                         }
 379                 }
 380         } else {
 381                 sgpgme_disable_all();
 382
 383                 if (prefs_gpg_get_config()->gpg_warning) {
 384                         AlertValue val;
 385
 386                         val = alertpanel_full
 387                                 (_("Warning"),
 388                                  _("GnuPG is not installed properly, or needs "
 389                                  "to be upgraded.\n"
 390                                  "OpenPGP support disabled."),
 391                                  GTK_STOCK_CLOSE, NULL, NULL, TRUE, NULL,
 392                                  ALERT_WARNING, G_ALERTDEFAULT);
 393                         if (val & G_ALERTDISABLE)
 394                                 prefs_gpg_get_config()->gpg_warning = FALSE;
 395                 }
 396         }
 397 }
 398
 399 void sgpgme_done()
 400 {
 401         gpgmegtk_free_passphrase();
 402 }
 403
 404 #endif /* USE_GPGME */