2 * Claws Mail -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 1999-2015 Colin Leroy and the Claws Mail team
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "claws-features.h"
28 #include <glib/gi18n.h>
35 #include "pgpinline.h"
36 #include <plugins/pgpcore/sgpgme.h>
37 #include <plugins/pgpcore/prefs_gpg.h>
38 #include <plugins/pgpcore/passphrase.h>
39 #include <plugins/pgpcore/pgp_utils.h>
40 #include "quoted-printable.h"
44 extern struct GPGConfig prefs_gpg;
46 typedef struct _PrivacyDataPGP PrivacyDataPGP;
48 struct _PrivacyDataPGP
52 gboolean done_sigtest;
54 gpgme_verify_result_t sigstatus;
58 static PrivacySystem pgpinline_system;
60 static gint pgpinline_check_signature(MimeInfo *mimeinfo);
62 static PrivacyDataPGP *pgpinline_new_privacydata()
67 data = g_new0(PrivacyDataPGP, 1);
68 data->data.system = &pgpinline_system;
69 data->done_sigtest = FALSE;
70 data->is_signed = FALSE;
71 data->sigstatus = NULL;
72 if ((err = gpgme_new(&data->ctx)) != GPG_ERR_NO_ERROR) {
73 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
80 static void pgpinline_free_privacydata(PrivacyData *_data)
82 PrivacyDataPGP *data = (PrivacyDataPGP *) _data;
83 gpgme_release(data->ctx);
87 static gboolean pgpinline_is_signed(MimeInfo *mimeinfo)
89 PrivacyDataPGP *data = NULL;
90 const gchar *sig_indicator = "-----BEGIN PGP SIGNED MESSAGE-----";
91 gchar *textdata, *sigpos;
93 cm_return_val_if_fail(mimeinfo != NULL, FALSE);
95 if (procmime_mimeinfo_parent(mimeinfo) == NULL)
96 return FALSE; /* not parent */
98 if (mimeinfo->type != MIMETYPE_TEXT &&
99 (mimeinfo->type != MIMETYPE_APPLICATION ||
100 g_ascii_strcasecmp(mimeinfo->subtype, "pgp")))
103 /* Seal the deal. This has to be text/plain through and through. */
104 if (mimeinfo->type == MIMETYPE_APPLICATION)
106 mimeinfo->type = MIMETYPE_TEXT;
107 g_free(mimeinfo->subtype);
108 mimeinfo->subtype = g_strdup("plain");
111 if (mimeinfo->privacy != NULL) {
112 data = (PrivacyDataPGP *) mimeinfo->privacy;
113 if (data->done_sigtest)
114 return data->is_signed;
117 textdata = get_part_as_string(mimeinfo);
121 if ((sigpos = strstr(textdata, sig_indicator)) == NULL) {
126 if (!(sigpos == textdata) && !(sigpos[-1] == '\n')) {
134 data = pgpinline_new_privacydata();
135 mimeinfo->privacy = (PrivacyData *) data;
138 data->done_sigtest = TRUE;
139 data->is_signed = TRUE;
145 static gint pgpinline_check_signature(MimeInfo *mimeinfo)
147 PrivacyDataPGP *data = NULL;
148 gchar *textdata = NULL, *tmp = NULL;
149 gpgme_data_t plain = NULL, cipher = NULL;
152 cm_return_val_if_fail(mimeinfo != NULL, 0);
154 if (procmime_mimeinfo_parent(mimeinfo) == NULL) {
155 privacy_set_error(_("Incorrect part"));
156 return 0; /* not parent */
158 if (mimeinfo->type != MIMETYPE_TEXT) {
159 privacy_set_error(_("Not a text part"));
160 debug_print("type %d\n", mimeinfo->type);
163 cm_return_val_if_fail(mimeinfo->privacy != NULL, 0);
164 data = (PrivacyDataPGP *) mimeinfo->privacy;
166 textdata = get_part_as_string(mimeinfo);
170 privacy_set_error(_("Couldn't get text data."));
174 /* gtk2: convert back from utf8 */
175 tmp = conv_codeset_strdup(textdata, CS_UTF_8,
176 procmime_mimeinfo_get_parameter(mimeinfo, "charset"));
178 tmp = conv_codeset_strdup(textdata, CS_UTF_8,
179 conv_get_locale_charset_str_no_utf8());
182 g_warning("Can't convert charset to anything sane");
183 tmp = conv_codeset_strdup(textdata, CS_UTF_8, CS_US_ASCII);
188 privacy_set_error(_("Couldn't convert text data to any sane charset."));
191 textdata = g_strdup(tmp);
194 if ((err = gpgme_new(&data->ctx)) != GPG_ERR_NO_ERROR) {
195 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
196 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
200 gpgme_set_textmode(data->ctx, 1);
201 gpgme_set_armor(data->ctx, 1);
203 gpgme_data_new_from_mem(&plain, textdata, (size_t)strlen(textdata), 1);
204 gpgme_data_new(&cipher);
206 data->sigstatus = sgpgme_verify_signature(data->ctx, plain, NULL, cipher);
208 gpgme_data_release(plain);
209 gpgme_data_release(cipher);
216 static SignatureStatus pgpinline_get_sig_status(MimeInfo *mimeinfo)
218 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
220 cm_return_val_if_fail(data != NULL, SIGNATURE_INVALID);
222 return sgpgme_sigstat_gpgme_to_privacy(data->ctx, data->sigstatus);
225 static gchar *pgpinline_get_sig_info_short(MimeInfo *mimeinfo)
227 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
229 cm_return_val_if_fail(data != NULL, g_strdup("Error"));
231 return sgpgme_sigstat_info_short(data->ctx, data->sigstatus);
234 static gchar *pgpinline_get_sig_info_full(MimeInfo *mimeinfo)
236 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
238 cm_return_val_if_fail(data != NULL, g_strdup("Error"));
240 return sgpgme_sigstat_info_full(data->ctx, data->sigstatus);
243 static gboolean pgpinline_is_encrypted(MimeInfo *mimeinfo)
245 const gchar *begin_indicator = "-----BEGIN PGP MESSAGE-----";
246 const gchar *end_indicator = "-----END PGP MESSAGE-----";
249 cm_return_val_if_fail(mimeinfo != NULL, FALSE);
251 if (procmime_mimeinfo_parent(mimeinfo) == NULL)
252 return FALSE; /* not parent */
254 if (mimeinfo->type != MIMETYPE_TEXT &&
255 (mimeinfo->type != MIMETYPE_APPLICATION ||
256 g_ascii_strcasecmp(mimeinfo->subtype, "pgp")))
259 /* Seal the deal. This has to be text/plain through and through. */
260 if (mimeinfo->type == MIMETYPE_APPLICATION)
262 mimeinfo->type = MIMETYPE_TEXT;
263 g_free(mimeinfo->subtype);
264 mimeinfo->subtype = g_strdup("plain");
267 textdata = get_part_as_string(mimeinfo);
271 if (!pgp_locate_armor_header(textdata, begin_indicator)) {
275 if (!pgp_locate_armor_header(textdata, end_indicator)) {
285 static MimeInfo *pgpinline_decrypt(MimeInfo *mimeinfo)
287 MimeInfo *decinfo, *parseinfo;
288 gpgme_data_t cipher, plain;
291 gchar *textdata = NULL;
293 const gchar *src_codeset = NULL;
294 gpgme_verify_result_t sigstat = 0;
295 PrivacyDataPGP *data = NULL;
299 const gchar *begin_indicator = "-----BEGIN PGP MESSAGE-----";
300 const gchar *end_indicator = "-----END PGP MESSAGE-----";
303 if (gpgme_new(&ctx) != GPG_ERR_NO_ERROR)
306 gpgme_set_textmode(ctx, 1);
307 gpgme_set_armor(ctx, 1);
309 cm_return_val_if_fail(mimeinfo != NULL, NULL);
310 cm_return_val_if_fail(pgpinline_is_encrypted(mimeinfo), NULL);
312 if (procmime_mimeinfo_parent(mimeinfo) == NULL ||
313 mimeinfo->type != MIMETYPE_TEXT) {
315 privacy_set_error(_("Couldn't parse mime part."));
319 textdata = get_part_as_string(mimeinfo);
322 privacy_set_error(_("Couldn't get text data."));
326 debug_print("decrypting '%s'\n", textdata);
327 gpgme_data_new_from_mem(&cipher, textdata, (size_t)strlen(textdata), 1);
329 plain = sgpgme_decrypt_verify(cipher, &sigstat, ctx);
330 if (sigstat && !sigstat->signatures)
333 gpgme_data_release(cipher);
340 fname = g_strdup_printf("%s%cplaintext.%08x",
341 get_mime_tmp_dir(), G_DIR_SEPARATOR, ++id);
343 if ((dstfp = g_fopen(fname, "wb")) == NULL) {
344 FILE_OP_ERROR(fname, "fopen");
345 privacy_set_error(_("Couldn't open decrypted file %s"), fname);
347 gpgme_data_release(plain);
352 src_codeset = procmime_mimeinfo_get_parameter(mimeinfo, "charset");
353 if (src_codeset == NULL)
354 src_codeset = CS_ISO_8859_1;
356 if (fprintf(dstfp, "MIME-Version: 1.0\r\n"
357 "Content-Type: text/plain; charset=%s\r\n"
358 "Content-Transfer-Encoding: 8bit\r\n"
361 FILE_OP_ERROR(fname, "fprintf");
362 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
366 /* Store any part before encrypted text */
367 pos = pgp_locate_armor_header(textdata, begin_indicator);
368 if (pos != NULL && (pos - textdata) > 0) {
369 if (fwrite(textdata, 1, pos - textdata, dstfp) < pos - textdata) {
370 FILE_OP_ERROR(fname, "fwrite");
371 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
376 if (fwrite(_("\n--- Start of PGP/Inline encrypted data ---\n"), 1,
377 strlen(_("\n--- Start of PGP/Inline encrypted data ---\n")),
378 dstfp) < strlen(_("\n--- Start of PGP/Inline encrypted data ---\n"))) {
379 FILE_OP_ERROR(fname, "fwrite");
380 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
383 chars = sgpgme_data_release_and_get_mem(plain, &len);
385 if (fwrite(chars, 1, len, dstfp) < len) {
386 FILE_OP_ERROR(fname, "fwrite");
388 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
393 /* Store any part after encrypted text */
394 if (fwrite(_("--- End of PGP/Inline encrypted data ---\n"), 1,
395 strlen(_("--- End of PGP/Inline encrypted data ---\n")),
396 dstfp) < strlen(_("--- End of PGP/Inline encrypted data ---\n"))) {
397 FILE_OP_ERROR(fname, "fwrite");
398 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
402 pos = pgp_locate_armor_header(pos, end_indicator);
403 if (pos != NULL && *pos != '\0') {
404 pos += strlen(end_indicator);
405 if (fwrite(pos, 1, strlen(pos), dstfp) < strlen(pos)) {
406 FILE_OP_ERROR(fname, "fwrite");
407 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
413 if (fclose(dstfp) == EOF) {
414 FILE_OP_ERROR(fname, "fclose");
415 privacy_set_error(_("Couldn't close decrypted file %s"), fname);
417 gpgme_data_release(plain);
422 parseinfo = procmime_scan_file(fname);
425 if (parseinfo == NULL) {
427 privacy_set_error(_("Couldn't scan decrypted file."));
430 decinfo = g_node_first_child(parseinfo->node) != NULL ?
431 g_node_first_child(parseinfo->node)->data : NULL;
433 if (decinfo == NULL) {
435 privacy_set_error(_("Couldn't scan decrypted file parts."));
439 g_node_unlink(decinfo->node);
440 procmime_mimeinfo_free_all(parseinfo);
444 if (sigstat != GPGME_SIG_STAT_NONE) {
445 if (decinfo->privacy != NULL) {
446 data = (PrivacyDataPGP *) decinfo->privacy;
448 data = pgpinline_new_privacydata();
449 decinfo->privacy = (PrivacyData *) data;
452 data->done_sigtest = TRUE;
453 data->is_signed = TRUE;
454 data->sigstatus = sigstat;
456 gpgme_release(data->ctx);
467 gpgme_data_release(plain);
472 static gboolean pgpinline_sign(MimeInfo *mimeinfo, PrefsAccount *account, const gchar *from_addr)
474 MimeInfo *msgcontent;
475 gchar *textstr, *tmp;
479 gpgme_data_t gpgtext, gpgsig;
482 struct passphrase_cb_info_s info;
483 gpgme_sign_result_t result = NULL;
485 memset (&info, 0, sizeof info);
487 /* get content node from message */
488 msgcontent = (MimeInfo *) mimeinfo->node->children->data;
489 if (msgcontent->type == MIMETYPE_MULTIPART) {
490 if (!msgcontent->node->children) {
491 debug_print("msgcontent->node->children NULL, bailing\n");
492 privacy_set_error(_("Malformed message"));
495 msgcontent = (MimeInfo *) msgcontent->node->children->data;
497 /* get rid of quoted-printable or anything */
498 procmime_decode_content(msgcontent);
502 perror("my_tmpfile");
503 privacy_set_error(_("Couldn't create temporary file."));
506 procmime_write_mimeinfo(msgcontent, fp);
509 /* read temporary file into memory */
510 textstr = fp_read_noconv(fp);
514 gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
515 gpgme_data_new(&gpgsig);
516 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
517 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
518 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
521 gpgme_set_textmode(ctx, 1);
522 gpgme_set_armor(ctx, 1);
524 if (!sgpgme_setup_signers(ctx, account, from_addr)) {
529 prefs_gpg_enable_agent(prefs_gpg_get_config()->use_gpg_agent);
530 if (!g_getenv("GPG_AGENT_INFO") || !prefs_gpg_get_config()->use_gpg_agent) {
532 gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
535 err = gpgme_op_sign(ctx, gpgtext, gpgsig, GPGME_SIG_MODE_CLEAR);
536 if (err != GPG_ERR_NO_ERROR) {
537 if (err == GPG_ERR_CANCELED) {
538 /* ignore cancelled signing */
539 privacy_reset_error();
540 debug_print("gpgme_op_sign cancelled\n");
542 privacy_set_error(_("Data signing failed, %s"), gpgme_strerror(err));
543 debug_print("gpgme_op_sign error : %x\n", err);
548 result = gpgme_op_sign_result(ctx);
549 if (result && result->signatures) {
550 gpgme_new_signature_t sig = result->signatures;
552 debug_print("valid signature: %s\n", sig->fpr);
555 } else if (result && result->invalid_signers) {
556 gpgme_invalid_key_t invalid = result->invalid_signers;
558 g_warning("invalid signer: %s (%s)", invalid->fpr,
559 gpgme_strerror(invalid->reason));
560 privacy_set_error(_("Data signing failed due to invalid signer: %s"),
561 gpgme_strerror(invalid->reason));
562 invalid = invalid->next;
567 /* can't get result (maybe no signing key?) */
568 debug_print("gpgme_op_sign_result error\n");
569 privacy_set_error(_("Data signing failed, no results."));
575 sigcontent = sgpgme_data_release_and_get_mem(gpgsig, &len);
577 if (sigcontent == NULL || len <= 0) {
578 g_warning("sgpgme_data_release_and_get_mem failed");
579 privacy_set_error(_("Data signing failed, no contents."));
580 gpgme_data_release(gpgtext);
587 tmp = g_malloc(len+1);
588 g_memmove(tmp, sigcontent, len+1);
590 gpgme_data_release(gpgtext);
594 if (msgcontent->content == MIMECONTENT_FILE &&
595 msgcontent->data.filename != NULL) {
596 if (msgcontent->tmp == TRUE)
597 claws_unlink(msgcontent->data.filename);
598 g_free(msgcontent->data.filename);
600 msgcontent->data.mem = g_strdup(tmp);
601 msgcontent->content = MIMECONTENT_MEM;
604 /* avoid all sorts of clear-signing problems with non ascii
607 procmime_encode_content(msgcontent, ENC_BASE64);
613 static gchar *pgpinline_get_encrypt_data(GSList *recp_names)
615 return sgpgme_get_encrypt_data(recp_names, GPGME_PROTOCOL_OpenPGP);
618 static const gchar *pgpinline_get_encrypt_warning(void)
620 if (prefs_gpg_should_skip_encryption_warning(pgpinline_system.id))
623 return _("Please note that attachments are not encrypted by "
624 "the PGP/Inline system, nor are email headers, like Subject.");
627 static void pgpinline_inhibit_encrypt_warning(gboolean inhibit)
630 prefs_gpg_add_skip_encryption_warning(pgpinline_system.id);
632 prefs_gpg_remove_skip_encryption_warning(pgpinline_system.id);
635 static gboolean pgpinline_encrypt(MimeInfo *mimeinfo, const gchar *encrypt_data)
637 MimeInfo *msgcontent;
641 gchar *textstr, *tmp;
642 gpgme_data_t gpgtext, gpgenc;
644 gpgme_key_t *kset = NULL;
645 gchar **fprs = g_strsplit(encrypt_data, " ", -1);
649 while (fprs[i] && strlen(fprs[i])) {
653 kset = g_malloc(sizeof(gpgme_key_t)*(i+1));
654 memset(kset, 0, sizeof(gpgme_key_t)*(i+1));
655 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
656 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
657 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
662 while (fprs[i] && strlen(fprs[i])) {
664 err = gpgme_get_key(ctx, fprs[i], &key, 0);
666 debug_print("can't add key '%s'[%d] (%s)\n", fprs[i],i, gpgme_strerror(err));
667 privacy_set_error(_("Couldn't add GPG key %s, %s"), fprs[i], gpgme_strerror(err));
671 debug_print("found %s at %d\n", fprs[i], i);
677 debug_print("Encrypting message content\n");
679 /* get content node from message */
680 msgcontent = (MimeInfo *) mimeinfo->node->children->data;
681 if (msgcontent->type == MIMETYPE_MULTIPART) {
682 if (!msgcontent->node->children) {
683 debug_print("msgcontent->node->children NULL, bailing\n");
684 privacy_set_error(_("Malformed message"));
688 msgcontent = (MimeInfo *) msgcontent->node->children->data;
690 /* get rid of quoted-printable or anything */
691 procmime_decode_content(msgcontent);
695 privacy_set_error(_("Couldn't create temporary file, %s"), g_strerror(errno));
696 perror("my_tmpfile");
700 procmime_write_mimeinfo(msgcontent, fp);
703 /* read temporary file into memory */
704 textstr = fp_read_noconv(fp);
709 gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
710 gpgme_data_new(&gpgenc);
711 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
712 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
713 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
717 gpgme_set_armor(ctx, 1);
719 err = gpgme_op_encrypt(ctx, kset, GPGME_ENCRYPT_ALWAYS_TRUST, gpgtext, gpgenc);
721 enccontent = sgpgme_data_release_and_get_mem(gpgenc, &len);
724 if (enccontent == NULL || len <= 0) {
725 g_warning("sgpgme_data_release_and_get_mem failed");
726 privacy_set_error(_("Encryption failed, %s"), gpgme_strerror(err));
727 gpgme_data_release(gpgtext);
734 tmp = g_malloc(len+1);
735 g_memmove(tmp, enccontent, len+1);
739 gpgme_data_release(gpgtext);
742 if (msgcontent->content == MIMECONTENT_FILE &&
743 msgcontent->data.filename != NULL) {
744 if (msgcontent->tmp == TRUE)
745 claws_unlink(msgcontent->data.filename);
746 g_free(msgcontent->data.filename);
748 msgcontent->data.mem = g_strdup(tmp);
749 msgcontent->content = MIMECONTENT_MEM;
756 static PrivacySystem pgpinline_system = {
757 "pgpinline", /* id */
758 "PGP Inline", /* name */
760 pgpinline_free_privacydata, /* free_privacydata */
762 pgpinline_is_signed, /* is_signed(MimeInfo *) */
763 pgpinline_check_signature, /* check_signature(MimeInfo *) */
764 pgpinline_get_sig_status, /* get_sig_status(MimeInfo *) */
765 pgpinline_get_sig_info_short, /* get_sig_info_short(MimeInfo *) */
766 pgpinline_get_sig_info_full, /* get_sig_info_full(MimeInfo *) */
768 pgpinline_is_encrypted, /* is_encrypted(MimeInfo *) */
769 pgpinline_decrypt, /* decrypt(MimeInfo *) */
775 pgpinline_get_encrypt_data,
777 pgpinline_get_encrypt_warning,
778 pgpinline_inhibit_encrypt_warning,
779 prefs_gpg_auto_check_signatures,
782 void pgpinline_init()
784 privacy_register_system(&pgpinline_system);
787 void pgpinline_done()
789 privacy_unregister_system(&pgpinline_system);
792 struct PluginFeature *plugin_provides(void)
794 static struct PluginFeature features[] =
795 { {PLUGIN_PRIVACY, N_("PGP/Inline")},
796 {PLUGIN_NOTHING, NULL}};
799 #endif /* USE_GPGME */