2005-07-14 [colin] 1.9.12cvs49
[claws.git] / src / plugins / pgpcore / sgpgme.c
1 /*
2  * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
3  * Copyright (C) 1999-2003 Hiroyuki Yamamoto & the Sylpheed-Claws team
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
18  */
19  
20 #ifdef HAVE_CONFIG_H
21 #  include "config.h"
22 #endif
23  
24 #ifdef USE_GPGME
25
26 #include <time.h>
27 #include <gtk/gtk.h>
28 #include <gpgme.h>
29 #include <glib.h>
30 #include <glib/gi18n.h>
31 #include <stdio.h>
32
33 #include "sgpgme.h"
34 #include "privacy.h"
35 #include "prefs_common.h"
36 #include "utils.h"
37 #include "alertpanel.h"
38 #include "passphrase.h"
39 #include "prefs_gpg.h"
40 #include "select-keys.h"
41
42 static void sgpgme_disable_all(void)
43 {
44     /* FIXME: set a flag, so that we don't bother the user with failed
45      * gpgme messages */
46 }
47
48 gpgme_verify_result_t sgpgme_verify_signature(gpgme_ctx_t ctx, gpgme_data_t sig, 
49                                         gpgme_data_t plain, gpgme_data_t dummy)
50 {
51         gpgme_verify_result_t status = NULL;
52         gpgme_error_t err;
53
54         if ((err = gpgme_op_verify(ctx, sig, plain, dummy)) != GPG_ERR_NO_ERROR) {
55                 debug_print("op_verify err %s\n", gpgme_strerror(err));
56                 return NULL;
57         }
58         status = gpgme_op_verify_result(ctx);
59
60         return status;
61 }
62
63 SignatureStatus sgpgme_sigstat_gpgme_to_privacy(gpgme_ctx_t ctx, gpgme_verify_result_t status)
64 {
65         unsigned long validity = 0;
66         gpgme_signature_t sig = NULL;
67         
68         if (status == NULL)
69                 return SIGNATURE_UNCHECKED;
70
71         sig = status->signatures;
72
73         if (sig == NULL)
74                 return SIGNATURE_UNCHECKED;
75
76         validity = sig->validity;
77
78         switch (gpg_err_code(sig->status)) {
79         case GPG_ERR_NO_ERROR:
80                 if ((validity != GPGME_VALIDITY_MARGINAL) &&
81                     (validity != GPGME_VALIDITY_FULL) &&
82                     (validity != GPGME_VALIDITY_ULTIMATE))
83                         return SIGNATURE_WARN;
84                 return SIGNATURE_OK;
85         case GPG_ERR_SIG_EXPIRED:
86         case GPG_ERR_KEY_EXPIRED:
87                 return SIGNATURE_WARN;
88         case GPG_ERR_BAD_SIGNATURE:
89                 return SIGNATURE_INVALID;
90         case GPG_ERR_NO_PUBKEY:
91                 return SIGNATURE_CHECK_FAILED;
92         default:
93                 return SIGNATURE_CHECK_FAILED;
94         }
95         return SIGNATURE_CHECK_FAILED;
96 }
97
98 static const gchar *get_validity_str(unsigned long validity)
99 {
100         switch (gpg_err_code(validity)) {
101         case GPGME_VALIDITY_UNKNOWN:
102                 return _("Unknown");
103         case GPGME_VALIDITY_UNDEFINED:
104                 return _("Undefined");
105         case GPGME_VALIDITY_NEVER:
106                 return _("Never");
107         case GPGME_VALIDITY_MARGINAL:
108                 return _("Marginal");
109         case GPGME_VALIDITY_FULL:
110                 return _("Full");
111         case GPGME_VALIDITY_ULTIMATE:
112                 return _("Ultimate");
113         default:
114                 return _("Error");
115         }
116 }
117
118 gchar *sgpgme_sigstat_info_short(gpgme_ctx_t ctx, gpgme_verify_result_t status)
119 {
120         gpgme_signature_t sig = NULL;
121         
122         if (status == NULL) {
123                 return g_strdup(_("The signature has not been checked"));
124         }
125         sig = status->signatures;
126         if (sig == NULL) {
127                 return g_strdup(_("The signature has not been checked"));
128         }
129
130         switch (gpg_err_code(sig->status)) {
131         case GPG_ERR_NO_ERROR:
132         {       gpgme_user_id_t user = NULL;
133                 gpgme_key_t key;
134
135                 gpgme_get_key(ctx, sig->fpr, &key, 0);
136
137                 user = key->uids;
138
139                 return g_strdup_printf(_("Valid signature by %s (Trust: %s)"),
140                         user->uid, get_validity_str(sig->validity));
141         }
142         case GPG_ERR_SIG_EXPIRED:
143                 return g_strdup(_("The signature has expired"));
144         case GPG_ERR_KEY_EXPIRED:
145                 return g_strdup(_("The key that was used to sign this part has expired"));
146         case GPG_ERR_BAD_SIGNATURE:
147                 return g_strdup(_("This signature is invalid"));
148         case GPG_ERR_NO_PUBKEY:
149                 return g_strdup(_("You have no key to verify this signature"));
150         default:
151                 return g_strdup(_("The signature has not been checked"));
152         }
153         return g_strdup(_("Error"));
154 }
155
156 gchar *sgpgme_sigstat_info_full(gpgme_ctx_t ctx, gpgme_verify_result_t status)
157 {
158         gint i = 0;
159         gchar *ret;
160         GString *siginfo;
161         gpgme_signature_t sig = status->signatures;
162         
163         siginfo = g_string_sized_new(64);
164         while (sig) {
165                 gpgme_user_id_t user = NULL;
166                 gpgme_key_t key;
167
168                 const gchar *keytype, *keyid, *uid;
169                 
170                 gpgme_get_key(ctx, sig->fpr, &key, 0);
171                 user = key->uids;
172
173                 keytype = gpgme_pubkey_algo_name(key->subkeys->pubkey_algo);
174                 keyid = key->subkeys->keyid;
175                 g_string_append_printf(siginfo,
176                         _("Signature made using %s key ID %s\n"),
177                         keytype, keyid);
178                 
179                 uid = user->uid;
180                 switch (gpg_err_code(sig->status)) {
181                 case GPG_ERR_NO_ERROR:
182                 case GPG_ERR_KEY_EXPIRED:
183                         g_string_append_printf(siginfo,
184                                 _("Good signature from \"%s\"\n"),
185                                 uid);
186                         break;
187                 case GPG_ERR_SIG_EXPIRED:
188                         g_string_append_printf(siginfo,
189                                 _("Expired signature from \"%s\"\n"),
190                                 uid);
191                         break;
192                 case GPG_ERR_BAD_SIGNATURE:
193                         g_string_append_printf(siginfo,
194                                 _("BAD signature from \"%s\"\n"),
195                                 uid);
196                         break;
197                 default:
198                         break;
199                 }
200                 if (sig->status != GPG_ERR_BAD_SIGNATURE) {
201                         gint j = 1;
202                         user = user->next;
203                         while (user != NULL) {
204                                 g_string_append_printf(siginfo,
205                                         _("                aka \"%s\"\n"),
206                                         user->uid);
207                                 j++;
208                                 user = user->next;
209                         }
210                         g_string_append_printf(siginfo,
211                                 _("Primary key fingerprint: %s\n"), 
212                                 sig->fpr);
213                 }
214                 
215                 g_string_append(siginfo, "\n");
216                 i++;
217                 sig = sig->next;
218         }
219
220         ret = siginfo->str;
221         g_string_free(siginfo, FALSE);
222         return ret;
223 }
224
225 gpgme_data_t sgpgme_data_from_mimeinfo(MimeInfo *mimeinfo)
226 {
227         gpgme_data_t data = NULL;
228         gpgme_error_t err;
229         FILE *fp = fopen(mimeinfo->data.filename, "rb");
230         gchar *tmp_file = NULL;
231
232         if (!fp) 
233                 return NULL;
234
235         tmp_file = get_tmp_file();
236         copy_file_part(fp, mimeinfo->offset, mimeinfo->length, tmp_file);
237         fclose(fp);
238         fp = fopen(tmp_file, "rb");
239         debug_print("tmp file %s\n", tmp_file);
240         if (!fp) 
241                 return NULL;
242         
243         err = gpgme_data_new_from_file(&data, tmp_file, 1);
244         unlink(tmp_file);
245         g_free(tmp_file);
246
247         debug_print("data %p (%d %d)\n", data, mimeinfo->offset, mimeinfo->length);
248         if (err) {
249                 debug_print ("gpgme_data_new_from_file failed: %s\n",
250                    gpgme_strerror (err));
251                 return NULL;
252         }
253         return data;
254 }
255
256 gpgme_data_t sgpgme_decrypt_verify(gpgme_data_t cipher, gpgme_verify_result_t *status, gpgme_ctx_t ctx)
257 {
258         struct passphrase_cb_info_s info;
259         gpgme_data_t plain;
260         gpgme_error_t err;
261
262         memset (&info, 0, sizeof info);
263         
264         if (gpgme_data_new(&plain) != GPG_ERR_NO_ERROR) {
265                 gpgme_release(ctx);
266                 return NULL;
267         }
268         
269         if (!getenv("GPG_AGENT_INFO")) {
270                 info.c = ctx;
271                 gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
272         }
273
274         err = gpgme_op_decrypt_verify(ctx, cipher, plain);
275         if (err != GPG_ERR_NO_ERROR) {
276                 debug_print("can't decrypt (%s)\n", gpgme_strerror(err));
277                 gpgmegtk_free_passphrase();
278                 gpgme_data_release(plain);
279                 return NULL;
280         }
281
282         err = gpgme_data_rewind(plain);
283         if (err) {
284                 debug_print("can't seek (%d %d %s)\n", err, errno, strerror(errno));
285         }
286
287         debug_print("decrypted.\n");
288         *status = gpgme_op_verify_result (ctx);
289
290         return plain;
291 }
292
293 gchar *sgpgme_get_encrypt_data(GSList *recp_names)
294 {
295         gpgme_key_t *keys = gpgmegtk_recipient_selection(recp_names);
296         gchar *ret = NULL;
297         int i = 0;
298
299         if (!keys)
300                 return NULL;
301
302         while (keys[i]) {
303                 gpgme_subkey_t skey = keys[i]->subkeys;
304                 gchar *fpr = skey->fpr;
305                 gchar *tmp = NULL;
306                 debug_print("adding %s\n", fpr);
307                 tmp = g_strconcat(ret?ret:"", fpr, " ", NULL);
308                 g_free(ret);
309                 ret = tmp;
310                 i++;
311         }
312         return ret;
313 }
314
315 gboolean sgpgme_setup_signers(gpgme_ctx_t ctx, PrefsAccount *account)
316 {
317         GPGAccountConfig *config;
318
319         gpgme_signers_clear(ctx);
320
321         config = prefs_gpg_account_get_config(account);
322
323         if (config->sign_key != SIGN_KEY_DEFAULT) {
324                 gchar *keyid;
325                 gpgme_key_t key;
326
327                 if (config->sign_key == SIGN_KEY_BY_FROM)
328                         keyid = account->address;
329                 else if (config->sign_key == SIGN_KEY_CUSTOM)
330                         keyid = config->sign_key_id;
331                 else
332                         return FALSE;
333
334                 gpgme_op_keylist_start(ctx, keyid, 1);
335                 while (!gpgme_op_keylist_next(ctx, &key)) {
336                         gpgme_signers_add(ctx, key);
337                         gpgme_key_release(key);
338                 }
339                 gpgme_op_keylist_end(ctx);
340         }
341
342         prefs_gpg_account_free_config(config);
343
344         return TRUE;
345 }
346
347 void sgpgme_init()
348 {
349         gpgme_engine_info_t engineInfo;
350         if (gpgme_check_version("0.4.5")) {
351                 gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL));
352                 gpgme_set_locale(NULL, LC_MESSAGES, setlocale(LC_MESSAGES, NULL));
353                 if (!gpgme_get_engine_info(&engineInfo)) {
354                         while (engineInfo) {
355                                 debug_print("GpgME Protocol: %s\n      Version: %s\n",
356                                         gpgme_get_protocol_name(engineInfo->protocol),
357                                         engineInfo->version);
358                                 engineInfo = engineInfo->next;
359                         }
360                 }
361         } else {
362                 sgpgme_disable_all();
363
364                 if (prefs_gpg_get_config()->gpg_warning) {
365                         AlertValue val;
366
367                         val = alertpanel_message_with_disable
368                                 (_("Warning"),
369                                  _("GnuPG is not installed properly, or needs "
370                                    "to be upgraded.\n"
371                                    "OpenPGP support disabled."), 
372                                 NULL, NULL, NULL, ALERT_WARNING);
373                         if (val & G_ALERTDISABLE)
374                                 prefs_gpg_get_config()->gpg_warning = FALSE;
375                 }
376         }
377 }
378
379 void sgpgme_done()
380 {
381         gpgmegtk_free_passphrase();
382 }
383
384 #endif /* USE_GPGME */