2 * Claws Mail -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 1999-2012 Colin Leroy <colin@colino.net> and
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "claws-features.h"
30 #include <glib/gi18n.h>
37 #include "pgpinline.h"
38 #include <plugins/pgpcore/sgpgme.h>
39 #include <plugins/pgpcore/prefs_gpg.h>
40 #include <plugins/pgpcore/passphrase.h>
41 #include <plugins/pgpcore/pgp_utils.h>
42 #include "quoted-printable.h"
47 extern struct GPGConfig prefs_gpg;
49 typedef struct _PrivacyDataPGP PrivacyDataPGP;
51 struct _PrivacyDataPGP
55 gboolean done_sigtest;
57 gpgme_verify_result_t sigstatus;
61 static PrivacySystem pgpinline_system;
63 static gint pgpinline_check_signature(MimeInfo *mimeinfo);
65 static PrivacyDataPGP *pgpinline_new_privacydata()
70 data = g_new0(PrivacyDataPGP, 1);
71 data->data.system = &pgpinline_system;
72 data->done_sigtest = FALSE;
73 data->is_signed = FALSE;
74 data->sigstatus = NULL;
75 if ((err = gpgme_new(&data->ctx)) != GPG_ERR_NO_ERROR) {
76 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
83 static void pgpinline_free_privacydata(PrivacyData *_data)
85 PrivacyDataPGP *data = (PrivacyDataPGP *) _data;
86 gpgme_release(data->ctx);
90 static gboolean pgpinline_is_signed(MimeInfo *mimeinfo)
92 PrivacyDataPGP *data = NULL;
93 const gchar *sig_indicator = "-----BEGIN PGP SIGNED MESSAGE-----";
94 gchar *textdata, *sigpos;
96 cm_return_val_if_fail(mimeinfo != NULL, FALSE);
98 if (procmime_mimeinfo_parent(mimeinfo) == NULL)
99 return FALSE; /* not parent */
101 if (mimeinfo->type != MIMETYPE_TEXT &&
102 (mimeinfo->type != MIMETYPE_APPLICATION ||
103 g_ascii_strcasecmp(mimeinfo->subtype, "pgp")))
106 /* Seal the deal. This has to be text/plain through and through. */
107 if (mimeinfo->type == MIMETYPE_APPLICATION)
109 mimeinfo->type = MIMETYPE_TEXT;
110 g_free(mimeinfo->subtype);
111 mimeinfo->subtype = g_strdup("plain");
114 if (mimeinfo->privacy != NULL) {
115 data = (PrivacyDataPGP *) mimeinfo->privacy;
116 if (data->done_sigtest)
117 return data->is_signed;
120 textdata = get_part_as_string(mimeinfo);
124 if ((sigpos = strstr(textdata, sig_indicator)) == NULL) {
129 if (!(sigpos == textdata) && !(sigpos[-1] == '\n')) {
137 data = pgpinline_new_privacydata();
138 mimeinfo->privacy = (PrivacyData *) data;
140 data->done_sigtest = TRUE;
141 data->is_signed = TRUE;
146 static gint pgpinline_check_signature(MimeInfo *mimeinfo)
148 PrivacyDataPGP *data = NULL;
149 gchar *textdata = NULL, *tmp = NULL;
150 gpgme_data_t plain = NULL, cipher = NULL;
153 cm_return_val_if_fail(mimeinfo != NULL, 0);
155 if (procmime_mimeinfo_parent(mimeinfo) == NULL) {
156 privacy_set_error(_("Incorrect part"));
157 return 0; /* not parent */
159 if (mimeinfo->type != MIMETYPE_TEXT) {
160 privacy_set_error(_("Not a text part"));
161 debug_print("type %d\n", mimeinfo->type);
164 cm_return_val_if_fail(mimeinfo->privacy != NULL, 0);
165 data = (PrivacyDataPGP *) mimeinfo->privacy;
167 textdata = get_part_as_string(mimeinfo);
171 privacy_set_error(_("Couldn't get text data."));
175 /* gtk2: convert back from utf8 */
176 tmp = conv_codeset_strdup(textdata, CS_UTF_8,
177 procmime_mimeinfo_get_parameter(mimeinfo, "charset"));
179 tmp = conv_codeset_strdup(textdata, CS_UTF_8,
180 conv_get_locale_charset_str_no_utf8());
183 g_warning("Can't convert charset to anything sane\n");
184 tmp = conv_codeset_strdup(textdata, CS_UTF_8, CS_US_ASCII);
189 privacy_set_error(_("Couldn't convert text data to any sane charset."));
192 textdata = g_strdup(tmp);
195 if ((err = gpgme_new(&data->ctx)) != GPG_ERR_NO_ERROR) {
196 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
197 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
201 gpgme_set_textmode(data->ctx, 1);
202 gpgme_set_armor(data->ctx, 1);
204 gpgme_data_new_from_mem(&plain, textdata, (size_t)strlen(textdata), 1);
205 gpgme_data_new(&cipher);
207 data->sigstatus = sgpgme_verify_signature(data->ctx, plain, NULL, cipher);
209 gpgme_data_release(plain);
210 gpgme_data_release(cipher);
217 static SignatureStatus pgpinline_get_sig_status(MimeInfo *mimeinfo)
219 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
221 cm_return_val_if_fail(data != NULL, SIGNATURE_INVALID);
223 return sgpgme_sigstat_gpgme_to_privacy(data->ctx, data->sigstatus);
226 static gchar *pgpinline_get_sig_info_short(MimeInfo *mimeinfo)
228 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
230 cm_return_val_if_fail(data != NULL, g_strdup("Error"));
232 return sgpgme_sigstat_info_short(data->ctx, data->sigstatus);
235 static gchar *pgpinline_get_sig_info_full(MimeInfo *mimeinfo)
237 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
239 cm_return_val_if_fail(data != NULL, g_strdup("Error"));
241 return sgpgme_sigstat_info_full(data->ctx, data->sigstatus);
244 static gboolean pgpinline_is_encrypted(MimeInfo *mimeinfo)
246 const gchar *begin_indicator = "-----BEGIN PGP MESSAGE-----";
247 const gchar *end_indicator = "-----END PGP MESSAGE-----";
250 cm_return_val_if_fail(mimeinfo != NULL, FALSE);
252 if (procmime_mimeinfo_parent(mimeinfo) == NULL)
253 return FALSE; /* not parent */
255 if (mimeinfo->type != MIMETYPE_TEXT &&
256 (mimeinfo->type != MIMETYPE_APPLICATION ||
257 g_ascii_strcasecmp(mimeinfo->subtype, "pgp")))
260 /* Seal the deal. This has to be text/plain through and through. */
261 if (mimeinfo->type == MIMETYPE_APPLICATION)
263 mimeinfo->type = MIMETYPE_TEXT;
264 g_free(mimeinfo->subtype);
265 mimeinfo->subtype = g_strdup("plain");
268 textdata = get_part_as_string(mimeinfo);
272 if (!pgp_locate_armor_header(textdata, begin_indicator)) {
276 if (!pgp_locate_armor_header(textdata, end_indicator)) {
286 static MimeInfo *pgpinline_decrypt(MimeInfo *mimeinfo)
288 MimeInfo *decinfo, *parseinfo;
289 gpgme_data_t cipher, plain;
292 gchar *textdata = NULL;
294 const gchar *src_codeset = NULL;
295 gpgme_verify_result_t sigstat = 0;
296 PrivacyDataPGP *data = NULL;
300 const gchar *begin_indicator = "-----BEGIN PGP MESSAGE-----";
301 const gchar *end_indicator = "-----END PGP MESSAGE-----";
304 if (gpgme_new(&ctx) != GPG_ERR_NO_ERROR)
307 gpgme_set_textmode(ctx, 1);
308 gpgme_set_armor(ctx, 1);
310 cm_return_val_if_fail(mimeinfo != NULL, NULL);
311 cm_return_val_if_fail(pgpinline_is_encrypted(mimeinfo), NULL);
313 if (procmime_mimeinfo_parent(mimeinfo) == NULL ||
314 mimeinfo->type != MIMETYPE_TEXT) {
316 privacy_set_error(_("Couldn't parse mime part."));
320 textdata = get_part_as_string(mimeinfo);
323 privacy_set_error(_("Couldn't get text data."));
327 debug_print("decrypting '%s'\n", textdata);
328 gpgme_data_new_from_mem(&cipher, textdata, (size_t)strlen(textdata), 1);
330 plain = sgpgme_decrypt_verify(cipher, &sigstat, ctx);
331 if (sigstat && !sigstat->signatures)
334 gpgme_data_release(cipher);
341 fname = g_strdup_printf("%s%cplaintext.%08x",
342 get_mime_tmp_dir(), G_DIR_SEPARATOR, ++id);
344 if ((dstfp = g_fopen(fname, "wb")) == NULL) {
345 FILE_OP_ERROR(fname, "fopen");
346 privacy_set_error(_("Couldn't open decrypted file %s"), fname);
348 gpgme_data_release(plain);
353 src_codeset = procmime_mimeinfo_get_parameter(mimeinfo, "charset");
354 if (src_codeset == NULL)
355 src_codeset = CS_ISO_8859_1;
357 if (fprintf(dstfp, "MIME-Version: 1.0\r\n"
358 "Content-Type: text/plain; charset=%s\r\n"
359 "Content-Transfer-Encoding: 8bit\r\n"
362 FILE_OP_ERROR(fname, "fprintf");
363 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
367 /* Store any part before encrypted text */
368 pos = pgp_locate_armor_header(textdata, begin_indicator);
369 if (pos != NULL && (pos - textdata) > 0) {
370 if (fwrite(textdata, 1, pos - textdata, dstfp) < pos - textdata) {
371 FILE_OP_ERROR(fname, "fwrite");
372 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
377 if (fwrite(_("\n--- Start of PGP/Inline encrypted data ---\n"), 1,
378 strlen(_("\n--- Start of PGP/Inline encrypted data ---\n")),
379 dstfp) < strlen(_("\n--- Start of PGP/Inline encrypted data ---\n"))) {
380 FILE_OP_ERROR(fname, "fwrite");
381 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
384 chars = sgpgme_data_release_and_get_mem(plain, &len);
386 if (fwrite(chars, 1, len, dstfp) < len) {
387 FILE_OP_ERROR(fname, "fwrite");
389 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
394 /* Store any part after encrypted text */
395 if (fwrite(_("--- End of PGP/Inline encrypted data ---\n"), 1,
396 strlen(_("--- End of PGP/Inline encrypted data ---\n")),
397 dstfp) < strlen(_("--- End of PGP/Inline encrypted data ---\n"))) {
398 FILE_OP_ERROR(fname, "fwrite");
399 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
403 pos = pgp_locate_armor_header(pos, end_indicator);
404 if (pos != NULL && *pos != '\0') {
405 pos += strlen(end_indicator);
406 if (fwrite(pos, 1, strlen(pos), dstfp) < strlen(pos)) {
407 FILE_OP_ERROR(fname, "fwrite");
408 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
414 if (fclose(dstfp) == EOF) {
415 FILE_OP_ERROR(fname, "fclose");
416 privacy_set_error(_("Couldn't close decrypted file %s"), fname);
418 gpgme_data_release(plain);
423 parseinfo = procmime_scan_file(fname);
426 if (parseinfo == NULL) {
428 privacy_set_error(_("Couldn't scan decrypted file."));
431 decinfo = g_node_first_child(parseinfo->node) != NULL ?
432 g_node_first_child(parseinfo->node)->data : NULL;
434 if (decinfo == NULL) {
436 privacy_set_error(_("Couldn't scan decrypted file parts."));
440 g_node_unlink(decinfo->node);
441 procmime_mimeinfo_free_all(parseinfo);
445 if (sigstat != GPGME_SIG_STAT_NONE) {
446 if (decinfo->privacy != NULL) {
447 data = (PrivacyDataPGP *) decinfo->privacy;
449 data = pgpinline_new_privacydata();
450 decinfo->privacy = (PrivacyData *) data;
452 data->done_sigtest = TRUE;
453 data->is_signed = TRUE;
454 data->sigstatus = sigstat;
456 gpgme_release(data->ctx);
466 gpgme_data_release(plain);
471 static gboolean pgpinline_sign(MimeInfo *mimeinfo, PrefsAccount *account, const gchar *from_addr)
473 MimeInfo *msgcontent;
474 gchar *textstr, *tmp;
478 gpgme_data_t gpgtext, gpgsig;
481 struct passphrase_cb_info_s info;
482 gpgme_sign_result_t result = NULL;
484 memset (&info, 0, sizeof info);
486 /* get content node from message */
487 msgcontent = (MimeInfo *) mimeinfo->node->children->data;
488 if (msgcontent->type == MIMETYPE_MULTIPART) {
489 if (!msgcontent->node->children) {
490 debug_print("msgcontent->node->children NULL, bailing\n");
491 privacy_set_error(_("Malformed message"));
494 msgcontent = (MimeInfo *) msgcontent->node->children->data;
496 /* get rid of quoted-printable or anything */
497 procmime_decode_content(msgcontent);
501 perror("my_tmpfile");
502 privacy_set_error(_("Couldn't create temporary file."));
505 procmime_write_mimeinfo(msgcontent, fp);
508 /* read temporary file into memory */
509 textstr = fp_read_noconv(fp);
513 gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
514 gpgme_data_new(&gpgsig);
515 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
516 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
517 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
520 gpgme_set_textmode(ctx, 1);
521 gpgme_set_armor(ctx, 1);
523 if (!sgpgme_setup_signers(ctx, account, from_addr)) {
528 prefs_gpg_enable_agent(prefs_gpg_get_config()->use_gpg_agent);
529 if (!getenv("GPG_AGENT_INFO") || !prefs_gpg_get_config()->use_gpg_agent) {
531 gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
534 err = gpgme_op_sign(ctx, gpgtext, gpgsig, GPGME_SIG_MODE_CLEAR);
535 if (err != GPG_ERR_NO_ERROR) {
536 if (err == GPG_ERR_CANCELED) {
537 /* ignore cancelled signing */
538 privacy_reset_error();
539 debug_print("gpgme_op_sign cancelled\n");
541 privacy_set_error(_("Data signing failed, %s"), gpgme_strerror(err));
542 debug_print("gpgme_op_sign error : %x\n", err);
547 result = gpgme_op_sign_result(ctx);
548 if (result && result->signatures) {
549 gpgme_new_signature_t sig = result->signatures;
551 debug_print("valid signature: %s\n", sig->fpr);
554 } else if (result && result->invalid_signers) {
555 gpgme_invalid_key_t invalid = result->invalid_signers;
557 g_warning("invalid signer: %s (%s)", invalid->fpr,
558 gpgme_strerror(invalid->reason));
559 privacy_set_error(_("Data signing failed due to invalid signer: %s"),
560 gpgme_strerror(invalid->reason));
561 invalid = invalid->next;
566 /* can't get result (maybe no signing key?) */
567 debug_print("gpgme_op_sign_result error\n");
568 privacy_set_error(_("Data signing failed, no results."));
574 sigcontent = sgpgme_data_release_and_get_mem(gpgsig, &len);
576 if (sigcontent == NULL || len <= 0) {
577 g_warning("sgpgme_data_release_and_get_mem failed");
578 privacy_set_error(_("Data signing failed, no contents."));
579 gpgme_data_release(gpgtext);
586 tmp = g_malloc(len+1);
587 g_memmove(tmp, sigcontent, len+1);
589 gpgme_data_release(gpgtext);
593 if (msgcontent->content == MIMECONTENT_FILE &&
594 msgcontent->data.filename != NULL) {
595 if (msgcontent->tmp == TRUE)
596 claws_unlink(msgcontent->data.filename);
597 g_free(msgcontent->data.filename);
599 msgcontent->data.mem = g_strdup(tmp);
600 msgcontent->content = MIMECONTENT_MEM;
603 /* avoid all sorts of clear-signing problems with non ascii
606 procmime_encode_content(msgcontent, ENC_BASE64);
612 static gchar *pgpinline_get_encrypt_data(GSList *recp_names)
614 return sgpgme_get_encrypt_data(recp_names, GPGME_PROTOCOL_OpenPGP);
617 static const gchar *pgpinline_get_encrypt_warning(void)
619 if (prefs_gpg_should_skip_encryption_warning(pgpinline_system.id))
622 return _("Please note that attachments are not encrypted by "
623 "the PGP/Inline system, nor are email headers, like Subject.");
626 static void pgpinline_inhibit_encrypt_warning(gboolean inhibit)
629 prefs_gpg_add_skip_encryption_warning(pgpinline_system.id);
631 prefs_gpg_remove_skip_encryption_warning(pgpinline_system.id);
634 static gboolean pgpinline_encrypt(MimeInfo *mimeinfo, const gchar *encrypt_data)
636 MimeInfo *msgcontent;
640 gchar *textstr, *tmp;
641 gpgme_data_t gpgtext, gpgenc;
643 gpgme_key_t *kset = NULL;
644 gchar **fprs = g_strsplit(encrypt_data, " ", -1);
648 while (fprs[i] && strlen(fprs[i])) {
652 kset = g_malloc(sizeof(gpgme_key_t)*(i+1));
653 memset(kset, 0, sizeof(gpgme_key_t)*(i+1));
654 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
655 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
656 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
661 while (fprs[i] && strlen(fprs[i])) {
663 err = gpgme_get_key(ctx, fprs[i], &key, 0);
665 debug_print("can't add key '%s'[%d] (%s)\n", fprs[i],i, gpgme_strerror(err));
666 privacy_set_error(_("Couldn't add GPG key %s, %s"), fprs[i], gpgme_strerror(err));
670 debug_print("found %s at %d\n", fprs[i], i);
676 debug_print("Encrypting message content\n");
678 /* get content node from message */
679 msgcontent = (MimeInfo *) mimeinfo->node->children->data;
680 if (msgcontent->type == MIMETYPE_MULTIPART) {
681 if (!msgcontent->node->children) {
682 debug_print("msgcontent->node->children NULL, bailing\n");
683 privacy_set_error(_("Malformed message"));
687 msgcontent = (MimeInfo *) msgcontent->node->children->data;
689 /* get rid of quoted-printable or anything */
690 procmime_decode_content(msgcontent);
694 privacy_set_error(_("Couldn't create temporary file, %s"), strerror(errno));
695 perror("my_tmpfile");
699 procmime_write_mimeinfo(msgcontent, fp);
702 /* read temporary file into memory */
703 textstr = fp_read_noconv(fp);
708 gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
709 gpgme_data_new(&gpgenc);
710 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
711 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
712 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
716 gpgme_set_armor(ctx, 1);
718 err = gpgme_op_encrypt(ctx, kset, GPGME_ENCRYPT_ALWAYS_TRUST, gpgtext, gpgenc);
720 enccontent = sgpgme_data_release_and_get_mem(gpgenc, &len);
723 if (enccontent == NULL || len <= 0) {
724 g_warning("sgpgme_data_release_and_get_mem failed");
725 privacy_set_error(_("Encryption failed, %s"), gpgme_strerror(err));
726 gpgme_data_release(gpgtext);
732 tmp = g_malloc(len+1);
733 g_memmove(tmp, enccontent, len+1);
737 gpgme_data_release(gpgtext);
740 if (msgcontent->content == MIMECONTENT_FILE &&
741 msgcontent->data.filename != NULL) {
742 if (msgcontent->tmp == TRUE)
743 claws_unlink(msgcontent->data.filename);
744 g_free(msgcontent->data.filename);
746 msgcontent->data.mem = g_strdup(tmp);
747 msgcontent->content = MIMECONTENT_MEM;
754 static PrivacySystem pgpinline_system = {
755 "pgpinline", /* id */
756 "PGP Inline", /* name */
758 pgpinline_free_privacydata, /* free_privacydata */
760 pgpinline_is_signed, /* is_signed(MimeInfo *) */
761 pgpinline_check_signature, /* check_signature(MimeInfo *) */
762 pgpinline_get_sig_status, /* get_sig_status(MimeInfo *) */
763 pgpinline_get_sig_info_short, /* get_sig_info_short(MimeInfo *) */
764 pgpinline_get_sig_info_full, /* get_sig_info_full(MimeInfo *) */
766 pgpinline_is_encrypted, /* is_encrypted(MimeInfo *) */
767 pgpinline_decrypt, /* decrypt(MimeInfo *) */
773 pgpinline_get_encrypt_data,
775 pgpinline_get_encrypt_warning,
776 pgpinline_inhibit_encrypt_warning,
777 prefs_gpg_auto_check_signatures,
780 void pgpinline_init()
782 privacy_register_system(&pgpinline_system);
785 void pgpinline_done()
787 privacy_unregister_system(&pgpinline_system);
790 struct PluginFeature *plugin_provides(void)
792 static struct PluginFeature features[] =
793 { {PLUGIN_PRIVACY, N_("PGP/Inline")},
794 {PLUGIN_NOTHING, NULL}};
797 #endif /* USE_GPGME */