2005-10-13 [colin] 1.9.15cvs37
[claws.git] / src / plugins / pgpcore / sgpgme.c
1 /*
2  * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
3  * Copyright (C) 1999-2003 Hiroyuki Yamamoto & the Sylpheed-Claws team
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18  */
19  
20 #ifdef HAVE_CONFIG_H
21 #  include "config.h"
22 #endif
23  
24 #ifdef USE_GPGME
25
26 #include <time.h>
27 #include <gtk/gtk.h>
28 #include <gpgme.h>
29 #include <glib.h>
30 #include <glib/gi18n.h>
31 #include <stdio.h>
32 #include <errno.h>
33
34 #include "sgpgme.h"
35 #include "privacy.h"
36 #include "prefs_common.h"
37 #include "utils.h"
38 #include "alertpanel.h"
39 #include "passphrase.h"
40 #include "prefs_gpg.h"
41 #include "select-keys.h"
42
43 static void sgpgme_disable_all(void)
44 {
45     /* FIXME: set a flag, so that we don't bother the user with failed
46      * gpgme messages */
47 }
48
49 gpgme_verify_result_t sgpgme_verify_signature(gpgme_ctx_t ctx, gpgme_data_t sig, 
50                                         gpgme_data_t plain, gpgme_data_t dummy)
51 {
52         gpgme_verify_result_t status = NULL;
53         gpgme_error_t err;
54
55         if ((err = gpgme_op_verify(ctx, sig, plain, dummy)) != GPG_ERR_NO_ERROR) {
56                 debug_print("op_verify err %s\n", gpgme_strerror(err));
57                 return GINT_TO_POINTER(-GPG_ERR_SYSTEM_ERROR);
58                 
59         }
60         status = gpgme_op_verify_result(ctx);
61
62         return status;
63 }
64
65 SignatureStatus sgpgme_sigstat_gpgme_to_privacy(gpgme_ctx_t ctx, gpgme_verify_result_t status)
66 {
67         unsigned long validity = 0;
68         gpgme_signature_t sig = NULL;
69         
70         if (GPOINTER_TO_INT(status) == -GPG_ERR_SYSTEM_ERROR) {
71                 debug_print("system error\n");
72                 return SIGNATURE_CHECK_FAILED;
73         }
74
75         if (status == NULL) {
76                 debug_print("status == NULL\n");
77                 return SIGNATURE_UNCHECKED;
78         }
79         sig = status->signatures;
80
81         if (sig == NULL) {
82                 debug_print("sig == NULL\n");
83                 return SIGNATURE_UNCHECKED;
84         }
85         validity = sig->validity;
86
87         debug_print("err code %d\n", gpg_err_code(sig->status));
88         switch (gpg_err_code(sig->status)) {
89         case GPG_ERR_NO_ERROR:
90                 return SIGNATURE_OK;
91         case GPG_ERR_SIG_EXPIRED:
92         case GPG_ERR_KEY_EXPIRED:
93                 return SIGNATURE_WARN;
94         case GPG_ERR_BAD_SIGNATURE:
95                 return SIGNATURE_INVALID;
96         case GPG_ERR_NO_PUBKEY:
97                 return SIGNATURE_CHECK_FAILED;
98         default:
99                 return SIGNATURE_CHECK_FAILED;
100         }
101         return SIGNATURE_CHECK_FAILED;
102 }
103
104 static const gchar *get_validity_str(unsigned long validity)
105 {
106         switch (gpg_err_code(validity)) {
107         case GPGME_VALIDITY_UNKNOWN:
108                 return _("Unknown");
109         case GPGME_VALIDITY_UNDEFINED:
110                 return _("Undefined");
111         case GPGME_VALIDITY_NEVER:
112                 return _("Never");
113         case GPGME_VALIDITY_MARGINAL:
114                 return _("Marginal");
115         case GPGME_VALIDITY_FULL:
116                 return _("Full");
117         case GPGME_VALIDITY_ULTIMATE:
118                 return _("Ultimate");
119         default:
120                 return _("Error");
121         }
122 }
123
124 static gchar *extract_name(const char *uid)
125 {
126         if (uid == NULL)
127                 return NULL;
128         if (!strncmp(uid, "CN=", 3)) {
129                 gchar *result = g_strdup(uid+3);
130                 if (strstr(result, ","))
131                         *(strstr(result, ",")) = '\0';
132                 return result;
133         } else if (strstr(uid, ",CN=")) {
134                 gchar *result = g_strdup(strstr(uid, ",CN=")+4);
135                 if (strstr(result, ","))
136                         *(strstr(result, ",")) = '\0';
137                 return result;
138         } else {
139                 return g_strdup(uid);
140         }
141 }
142 gchar *sgpgme_sigstat_info_short(gpgme_ctx_t ctx, gpgme_verify_result_t status)
143 {
144         gpgme_signature_t sig = NULL;
145         gchar *uname = NULL;
146         gpgme_key_t key;
147         gchar *result = NULL;
148
149         if (GPOINTER_TO_INT(status) == -GPG_ERR_SYSTEM_ERROR) {
150                 return g_strdup(_("The signature can't be checked - GPG error."));
151         }
152
153         if (status == NULL) {
154                 return g_strdup(_("The signature has not been checked."));
155         }
156         sig = status->signatures;
157         if (sig == NULL) {
158                 return g_strdup(_("The signature has not been checked."));
159         }
160
161         gpgme_get_key(ctx, sig->fpr, &key, 0);
162         if (key)
163                 uname = extract_name(key->uids->uid);
164         else
165                 uname = g_strdup("<?>");
166         switch (gpg_err_code(sig->status)) {
167         case GPG_ERR_NO_ERROR:
168                 result = g_strdup_printf(_("Good signature from %s."),
169                         uname);
170                 break;
171         case GPG_ERR_SIG_EXPIRED:
172                 result = g_strdup_printf(_("Expired signature from %s."), uname);
173                 break;
174         case GPG_ERR_KEY_EXPIRED:
175                 result = g_strdup_printf(_("Expired key from %s."), uname);
176                 break;
177         case GPG_ERR_BAD_SIGNATURE:
178                 result = g_strdup_printf(_("Bad signature from %s."), uname);
179                 break;
180         case GPG_ERR_NO_PUBKEY:
181                 result = g_strdup(_("No key available to verify this signature."));
182                 break;
183         default:
184                 result = g_strdup(_("The signature has not been checked."));
185                 break;
186         }
187         if (result == NULL)
188                 result = g_strdup(_("Error"));
189         g_free(uname);
190         return result;
191 }
192
193 gchar *sgpgme_sigstat_info_full(gpgme_ctx_t ctx, gpgme_verify_result_t status)
194 {
195         gint i = 0;
196         gchar *ret;
197         GString *siginfo;
198         gpgme_signature_t sig = status->signatures;
199         
200         siginfo = g_string_sized_new(64);
201         while (sig) {
202                 gpgme_user_id_t user = NULL;
203                 gpgme_key_t key;
204
205                 const gchar *keytype, *keyid, *uid;
206                 
207                 gpgme_get_key(ctx, sig->fpr, &key, 0);
208
209                 if (key) {
210                         user = key->uids;
211                         keytype = gpgme_pubkey_algo_name(
212                                         key->subkeys->pubkey_algo);
213                         keyid = key->subkeys->keyid;
214                         uid = user->uid;
215                 } else {
216                         keytype = "?";
217                         keyid = "?";
218                         uid = "?";
219                 }
220                 g_string_append_printf(siginfo,
221                         _("Signature made using %s key ID %s\n"),
222                         keytype, keyid);
223                 
224                 switch (gpg_err_code(sig->status)) {
225                 case GPG_ERR_NO_ERROR:
226                 case GPG_ERR_KEY_EXPIRED:
227                         g_string_append_printf(siginfo,
228                                 _("Good signature from \"%s\" (Trust: %s)\n"),
229                                 uid, get_validity_str(sig->validity));
230                         break;
231                 case GPG_ERR_SIG_EXPIRED:
232                         g_string_append_printf(siginfo,
233                                 _("Expired signature from \"%s\"\n"),
234                                 uid);
235                         break;
236                 case GPG_ERR_BAD_SIGNATURE:
237                         g_string_append_printf(siginfo,
238                                 _("BAD signature from \"%s\"\n"),
239                                 uid);
240                         break;
241                 default:
242                         break;
243                 }
244                 if (sig->status != GPG_ERR_BAD_SIGNATURE) {
245                         gint j = 1;
246                         user = user ? user->next : NULL;
247                         while (user != NULL) {
248                                 g_string_append_printf(siginfo,
249                                         _("                aka \"%s\"\n"),
250                                         user->uid);
251                                 j++;
252                                 user = user->next;
253                         }
254                         g_string_append_printf(siginfo,
255                                 _("Primary key fingerprint: %s\n"), 
256                                 sig ? sig->fpr: "?");
257                 }
258                 
259                 g_string_append(siginfo, "\n");
260                 i++;
261                 sig = sig->next;
262         }
263
264         ret = siginfo->str;
265         g_string_free(siginfo, FALSE);
266         return ret;
267 }
268
269 gpgme_data_t sgpgme_data_from_mimeinfo(MimeInfo *mimeinfo)
270 {
271         gpgme_data_t data = NULL;
272         gpgme_error_t err;
273         FILE *fp = g_fopen(mimeinfo->data.filename, "rb");
274         gchar *tmp_file = NULL;
275
276         if (!fp) 
277                 return NULL;
278
279         tmp_file = get_tmp_file();
280         copy_file_part(fp, mimeinfo->offset, mimeinfo->length, tmp_file);
281         fclose(fp);
282         fp = g_fopen(tmp_file, "rb");
283         debug_print("tmp file %s\n", tmp_file);
284         if (!fp) 
285                 return NULL;
286         
287         err = gpgme_data_new_from_file(&data, tmp_file, 1);
288         g_unlink(tmp_file);
289         g_free(tmp_file);
290
291         debug_print("data %p (%d %d)\n", (void *)&data, mimeinfo->offset, mimeinfo->length);
292         if (err) {
293                 debug_print ("gpgme_data_new_from_file failed: %s\n",
294                              gpgme_strerror (err));
295                 return NULL;
296         }
297         return data;
298 }
299
300 gpgme_data_t sgpgme_decrypt_verify(gpgme_data_t cipher, gpgme_verify_result_t *status, gpgme_ctx_t ctx)
301 {
302         struct passphrase_cb_info_s info;
303         gpgme_data_t plain;
304         gpgme_error_t err;
305
306         memset (&info, 0, sizeof info);
307         
308         if (gpgme_data_new(&plain) != GPG_ERR_NO_ERROR) {
309                 gpgme_release(ctx);
310                 return NULL;
311         }
312         
313         if (!getenv("GPG_AGENT_INFO")) {
314                 info.c = ctx;
315                 gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
316         }
317
318         err = gpgme_op_decrypt_verify(ctx, cipher, plain);
319         if (err != GPG_ERR_NO_ERROR) {
320                 debug_print("can't decrypt (%s)\n", gpgme_strerror(err));
321                 gpgmegtk_free_passphrase();
322                 gpgme_data_release(plain);
323                 return NULL;
324         }
325
326         err = gpgme_data_rewind(plain);
327         if (err) {
328                 debug_print("can't seek (%d %d %s)\n", err, errno, strerror(errno));
329         }
330
331         debug_print("decrypted.\n");
332         *status = gpgme_op_verify_result (ctx);
333
334         return plain;
335 }
336
337 gchar *sgpgme_get_encrypt_data(GSList *recp_names)
338 {
339         SelectionResult result = KEY_SELECTION_CANCEL;
340         gpgme_key_t *keys = gpgmegtk_recipient_selection(recp_names, &result);
341         gchar *ret = NULL;
342         int i = 0;
343
344         if (!keys) {
345                 if (result == KEY_SELECTION_DONT)
346                         return g_strdup("_DONT_ENCRYPT_");
347                 else
348                         return NULL;
349         }
350         while (keys[i]) {
351                 gpgme_subkey_t skey = keys[i]->subkeys;
352                 gchar *fpr = skey->fpr;
353                 gchar *tmp = NULL;
354                 debug_print("adding %s\n", fpr);
355                 tmp = g_strconcat(ret?ret:"", fpr, " ", NULL);
356                 g_free(ret);
357                 ret = tmp;
358                 i++;
359         }
360         return ret;
361 }
362
363 gboolean sgpgme_setup_signers(gpgme_ctx_t ctx, PrefsAccount *account)
364 {
365         GPGAccountConfig *config;
366
367         gpgme_signers_clear(ctx);
368
369         config = prefs_gpg_account_get_config(account);
370
371         if (config->sign_key != SIGN_KEY_DEFAULT) {
372                 gchar *keyid;
373                 gpgme_key_t key;
374
375                 if (config->sign_key == SIGN_KEY_BY_FROM)
376                         keyid = account->address;
377                 else if (config->sign_key == SIGN_KEY_CUSTOM)
378                         keyid = config->sign_key_id;
379                 else
380                         return FALSE;
381
382                 gpgme_op_keylist_start(ctx, keyid, 1);
383                 while (!gpgme_op_keylist_next(ctx, &key)) {
384                         gpgme_signers_add(ctx, key);
385                         gpgme_key_release(key);
386                 }
387                 gpgme_op_keylist_end(ctx);
388         }
389
390         prefs_gpg_account_free_config(config);
391
392         return TRUE;
393 }
394
395 void sgpgme_init()
396 {
397         gpgme_engine_info_t engineInfo;
398         if (gpgme_check_version("0.4.5")) {
399                 gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL));
400                 gpgme_set_locale(NULL, LC_MESSAGES, setlocale(LC_MESSAGES, NULL));
401                 if (!gpgme_get_engine_info(&engineInfo)) {
402                         while (engineInfo) {
403                                 debug_print("GpgME Protocol: %s\n      Version: %s\n",
404                                         gpgme_get_protocol_name(engineInfo->protocol),
405                                         engineInfo->version);
406                                 engineInfo = engineInfo->next;
407                         }
408                 }
409         } else {
410                 sgpgme_disable_all();
411
412                 if (prefs_gpg_get_config()->gpg_warning) {
413                         AlertValue val;
414
415                         val = alertpanel_full
416                                 (_("Warning"),
417                                  _("GnuPG is not installed properly, or needs "
418                                  "to be upgraded.\n"
419                                  "OpenPGP support disabled."),
420                                  GTK_STOCK_CLOSE, NULL, NULL, TRUE, NULL,
421                                  ALERT_WARNING, G_ALERTDEFAULT);
422                         if (val & G_ALERTDISABLE)
423                                 prefs_gpg_get_config()->gpg_warning = FALSE;
424                 }
425         }
426 }
427
428 void sgpgme_done()
429 {
430         gpgmegtk_free_passphrase();
431 }
432
433 #endif /* USE_GPGME */