2005-09-10 [colin] 1.9.14cvs17
[claws.git] / src / plugins / pgpcore / sgpgme.c
1 /*
2  * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
3  * Copyright (C) 1999-2003 Hiroyuki Yamamoto & the Sylpheed-Claws team
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
18  */
19  
20 #ifdef HAVE_CONFIG_H
21 #  include "config.h"
22 #endif
23  
24 #ifdef USE_GPGME
25
26 #include <time.h>
27 #include <gtk/gtk.h>
28 #include <gpgme.h>
29 #include <glib.h>
30 #include <glib/gi18n.h>
31 #include <stdio.h>
32 #include <errno.h>
33
34 #include "sgpgme.h"
35 #include "privacy.h"
36 #include "prefs_common.h"
37 #include "utils.h"
38 #include "alertpanel.h"
39 #include "passphrase.h"
40 #include "prefs_gpg.h"
41 #include "select-keys.h"
42
43 static void sgpgme_disable_all(void)
44 {
45     /* FIXME: set a flag, so that we don't bother the user with failed
46      * gpgme messages */
47 }
48
49 gpgme_verify_result_t sgpgme_verify_signature(gpgme_ctx_t ctx, gpgme_data_t sig, 
50                                         gpgme_data_t plain, gpgme_data_t dummy)
51 {
52         gpgme_verify_result_t status = NULL;
53         gpgme_error_t err;
54
55         if ((err = gpgme_op_verify(ctx, sig, plain, dummy)) != GPG_ERR_NO_ERROR) {
56                 debug_print("op_verify err %s\n", gpgme_strerror(err));
57                 return NULL;
58         }
59         status = gpgme_op_verify_result(ctx);
60
61         return status;
62 }
63
64 SignatureStatus sgpgme_sigstat_gpgme_to_privacy(gpgme_ctx_t ctx, gpgme_verify_result_t status)
65 {
66         unsigned long validity = 0;
67         gpgme_signature_t sig = NULL;
68         
69         if (status == NULL)
70                 return SIGNATURE_UNCHECKED;
71
72         sig = status->signatures;
73
74         if (sig == NULL)
75                 return SIGNATURE_UNCHECKED;
76
77         validity = sig->validity;
78
79         switch (gpg_err_code(sig->status)) {
80         case GPG_ERR_NO_ERROR:
81                 if ((validity != GPGME_VALIDITY_MARGINAL) &&
82                     (validity != GPGME_VALIDITY_FULL) &&
83                     (validity != GPGME_VALIDITY_ULTIMATE))
84                         return SIGNATURE_WARN;
85                 return SIGNATURE_OK;
86         case GPG_ERR_SIG_EXPIRED:
87         case GPG_ERR_KEY_EXPIRED:
88                 return SIGNATURE_WARN;
89         case GPG_ERR_BAD_SIGNATURE:
90                 return SIGNATURE_INVALID;
91         case GPG_ERR_NO_PUBKEY:
92                 return SIGNATURE_CHECK_FAILED;
93         default:
94                 return SIGNATURE_CHECK_FAILED;
95         }
96         return SIGNATURE_CHECK_FAILED;
97 }
98
99 static const gchar *get_validity_str(unsigned long validity)
100 {
101         switch (gpg_err_code(validity)) {
102         case GPGME_VALIDITY_UNKNOWN:
103                 return _("Unknown");
104         case GPGME_VALIDITY_UNDEFINED:
105                 return _("Undefined");
106         case GPGME_VALIDITY_NEVER:
107                 return _("Never");
108         case GPGME_VALIDITY_MARGINAL:
109                 return _("Marginal");
110         case GPGME_VALIDITY_FULL:
111                 return _("Full");
112         case GPGME_VALIDITY_ULTIMATE:
113                 return _("Ultimate");
114         default:
115                 return _("Error");
116         }
117 }
118
119 gchar *sgpgme_sigstat_info_short(gpgme_ctx_t ctx, gpgme_verify_result_t status)
120 {
121         gpgme_signature_t sig = NULL;
122         gpgme_user_id_t user = NULL;
123         gchar *uname = NULL;
124         gpgme_key_t key;
125
126         if (status == NULL) {
127                 return g_strdup(_("The signature has not been checked."));
128         }
129         sig = status->signatures;
130         if (sig == NULL) {
131                 return g_strdup(_("The signature has not been checked."));
132         }
133
134         gpgme_get_key(ctx, sig->fpr, &key, 0);
135         if (key)
136                 uname = key->uids->uid;
137         else
138                 uname = "<?>";
139         switch (gpg_err_code(sig->status)) {
140         case GPG_ERR_NO_ERROR:
141         {
142                 return g_strdup_printf(_("Good signature from %s (Trust: %s)."),
143                         uname, get_validity_str(sig->validity));
144         }
145         case GPG_ERR_SIG_EXPIRED:
146                 return g_strdup_printf(_("Expired signature from %s."), uname);
147         case GPG_ERR_KEY_EXPIRED:
148                 return g_strdup_printf(_("Expired key from %s."), uname);
149         case GPG_ERR_BAD_SIGNATURE:
150                 return g_strdup_printf(_("Bad signature from %s."), uname);
151         case GPG_ERR_NO_PUBKEY:
152                 return g_strdup(_("No key available to verify this signature."));
153         default:
154                 return g_strdup(_("The signature has not been checked."));
155         }
156         return g_strdup(_("Error"));
157 }
158
159 gchar *sgpgme_sigstat_info_full(gpgme_ctx_t ctx, gpgme_verify_result_t status)
160 {
161         gint i = 0;
162         gchar *ret;
163         GString *siginfo;
164         gpgme_signature_t sig = status->signatures;
165         
166         siginfo = g_string_sized_new(64);
167         while (sig) {
168                 gpgme_user_id_t user = NULL;
169                 gpgme_key_t key;
170
171                 const gchar *keytype, *keyid, *uid;
172                 
173                 gpgme_get_key(ctx, sig->fpr, &key, 0);
174                 user = key->uids;
175
176                 keytype = gpgme_pubkey_algo_name(key->subkeys->pubkey_algo);
177                 keyid = key->subkeys->keyid;
178                 g_string_append_printf(siginfo,
179                         _("Signature made using %s key ID %s\n"),
180                         keytype, keyid);
181                 
182                 uid = user->uid;
183                 switch (gpg_err_code(sig->status)) {
184                 case GPG_ERR_NO_ERROR:
185                 case GPG_ERR_KEY_EXPIRED:
186                         g_string_append_printf(siginfo,
187                                 _("Good signature from \"%s\"\n"),
188                                 uid);
189                         break;
190                 case GPG_ERR_SIG_EXPIRED:
191                         g_string_append_printf(siginfo,
192                                 _("Expired signature from \"%s\"\n"),
193                                 uid);
194                         break;
195                 case GPG_ERR_BAD_SIGNATURE:
196                         g_string_append_printf(siginfo,
197                                 _("BAD signature from \"%s\"\n"),
198                                 uid);
199                         break;
200                 default:
201                         break;
202                 }
203                 if (sig->status != GPG_ERR_BAD_SIGNATURE) {
204                         gint j = 1;
205                         user = user->next;
206                         while (user != NULL) {
207                                 g_string_append_printf(siginfo,
208                                         _("                aka \"%s\"\n"),
209                                         user->uid);
210                                 j++;
211                                 user = user->next;
212                         }
213                         g_string_append_printf(siginfo,
214                                 _("Primary key fingerprint: %s\n"), 
215                                 sig->fpr);
216                 }
217                 
218                 g_string_append(siginfo, "\n");
219                 i++;
220                 sig = sig->next;
221         }
222
223         ret = siginfo->str;
224         g_string_free(siginfo, FALSE);
225         return ret;
226 }
227
228 gpgme_data_t sgpgme_data_from_mimeinfo(MimeInfo *mimeinfo)
229 {
230         gpgme_data_t data = NULL;
231         gpgme_error_t err;
232         FILE *fp = g_fopen(mimeinfo->data.filename, "rb");
233         gchar *tmp_file = NULL;
234
235         if (!fp) 
236                 return NULL;
237
238         tmp_file = get_tmp_file();
239         copy_file_part(fp, mimeinfo->offset, mimeinfo->length, tmp_file);
240         fclose(fp);
241         fp = g_fopen(tmp_file, "rb");
242         debug_print("tmp file %s\n", tmp_file);
243         if (!fp) 
244                 return NULL;
245         
246         err = gpgme_data_new_from_file(&data, tmp_file, 1);
247         g_unlink(tmp_file);
248         g_free(tmp_file);
249
250         debug_print("data %p (%d %d)\n", data, mimeinfo->offset, mimeinfo->length);
251         if (err) {
252                 debug_print ("gpgme_data_new_from_file failed: %s\n",
253                    gpgme_strerror (err));
254                 return NULL;
255         }
256         return data;
257 }
258
259 gpgme_data_t sgpgme_decrypt_verify(gpgme_data_t cipher, gpgme_verify_result_t *status, gpgme_ctx_t ctx)
260 {
261         struct passphrase_cb_info_s info;
262         gpgme_data_t plain;
263         gpgme_error_t err;
264
265         memset (&info, 0, sizeof info);
266         
267         if (gpgme_data_new(&plain) != GPG_ERR_NO_ERROR) {
268                 gpgme_release(ctx);
269                 return NULL;
270         }
271         
272         if (!getenv("GPG_AGENT_INFO")) {
273                 info.c = ctx;
274                 gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
275         }
276
277         err = gpgme_op_decrypt_verify(ctx, cipher, plain);
278         if (err != GPG_ERR_NO_ERROR) {
279                 debug_print("can't decrypt (%s)\n", gpgme_strerror(err));
280                 gpgmegtk_free_passphrase();
281                 gpgme_data_release(plain);
282                 return NULL;
283         }
284
285         err = gpgme_data_rewind(plain);
286         if (err) {
287                 debug_print("can't seek (%d %d %s)\n", err, errno, strerror(errno));
288         }
289
290         debug_print("decrypted.\n");
291         *status = gpgme_op_verify_result (ctx);
292
293         return plain;
294 }
295
296 gchar *sgpgme_get_encrypt_data(GSList *recp_names)
297 {
298         SelectionResult result = KEY_SELECTION_CANCEL;
299         gpgme_key_t *keys = gpgmegtk_recipient_selection(recp_names, &result);
300         gchar *ret = NULL;
301         int i = 0;
302
303         if (!keys) {
304                 if (result == KEY_SELECTION_DONT)
305                         return g_strdup("_DONT_ENCRYPT_");
306                 else
307                         return NULL;
308         }
309         while (keys[i]) {
310                 gpgme_subkey_t skey = keys[i]->subkeys;
311                 gchar *fpr = skey->fpr;
312                 gchar *tmp = NULL;
313                 debug_print("adding %s\n", fpr);
314                 tmp = g_strconcat(ret?ret:"", fpr, " ", NULL);
315                 g_free(ret);
316                 ret = tmp;
317                 i++;
318         }
319         return ret;
320 }
321
322 gboolean sgpgme_setup_signers(gpgme_ctx_t ctx, PrefsAccount *account)
323 {
324         GPGAccountConfig *config;
325
326         gpgme_signers_clear(ctx);
327
328         config = prefs_gpg_account_get_config(account);
329
330         if (config->sign_key != SIGN_KEY_DEFAULT) {
331                 gchar *keyid;
332                 gpgme_key_t key;
333
334                 if (config->sign_key == SIGN_KEY_BY_FROM)
335                         keyid = account->address;
336                 else if (config->sign_key == SIGN_KEY_CUSTOM)
337                         keyid = config->sign_key_id;
338                 else
339                         return FALSE;
340
341                 gpgme_op_keylist_start(ctx, keyid, 1);
342                 while (!gpgme_op_keylist_next(ctx, &key)) {
343                         gpgme_signers_add(ctx, key);
344                         gpgme_key_release(key);
345                 }
346                 gpgme_op_keylist_end(ctx);
347         }
348
349         prefs_gpg_account_free_config(config);
350
351         return TRUE;
352 }
353
354 void sgpgme_init()
355 {
356         gpgme_engine_info_t engineInfo;
357         if (gpgme_check_version("0.4.5")) {
358                 gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL));
359                 gpgme_set_locale(NULL, LC_MESSAGES, setlocale(LC_MESSAGES, NULL));
360                 if (!gpgme_get_engine_info(&engineInfo)) {
361                         while (engineInfo) {
362                                 debug_print("GpgME Protocol: %s\n      Version: %s\n",
363                                         gpgme_get_protocol_name(engineInfo->protocol),
364                                         engineInfo->version);
365                                 engineInfo = engineInfo->next;
366                         }
367                 }
368         } else {
369                 sgpgme_disable_all();
370
371                 if (prefs_gpg_get_config()->gpg_warning) {
372                         AlertValue val;
373
374                         val = alertpanel_full
375                                 (_("Warning"),
376                                  _("GnuPG is not installed properly, or needs "
377                                  "to be upgraded.\n"
378                                  "OpenPGP support disabled."),
379                                  GTK_STOCK_CLOSE, NULL, NULL, TRUE, NULL,
380                                  ALERT_WARNING, G_ALERTDEFAULT);
381                         if (val & G_ALERTDISABLE)
382                                 prefs_gpg_get_config()->gpg_warning = FALSE;
383                 }
384         }
385 }
386
387 void sgpgme_done()
388 {
389         gpgmegtk_free_passphrase();
390 }
391
392 #endif /* USE_GPGME */