2 * Claws Mail -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 1999-2014 Colin Leroy <colin@colino.net> and
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "claws-features.h"
30 #include <glib/gi18n.h>
37 #include "pgpinline.h"
38 #include <plugins/pgpcore/sgpgme.h>
39 #include <plugins/pgpcore/prefs_gpg.h>
40 #include <plugins/pgpcore/passphrase.h>
41 #include <plugins/pgpcore/pgp_utils.h>
42 #include "quoted-printable.h"
47 extern struct GPGConfig prefs_gpg;
49 typedef struct _PrivacyDataPGP PrivacyDataPGP;
51 struct _PrivacyDataPGP
55 gboolean done_sigtest;
57 gpgme_verify_result_t sigstatus;
61 static PrivacySystem pgpinline_system;
63 static gint pgpinline_check_signature(MimeInfo *mimeinfo);
65 static PrivacyDataPGP *pgpinline_new_privacydata()
70 data = g_new0(PrivacyDataPGP, 1);
71 data->data.system = &pgpinline_system;
72 data->done_sigtest = FALSE;
73 data->is_signed = FALSE;
74 data->sigstatus = NULL;
75 if ((err = gpgme_new(&data->ctx)) != GPG_ERR_NO_ERROR) {
76 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
83 static void pgpinline_free_privacydata(PrivacyData *_data)
85 PrivacyDataPGP *data = (PrivacyDataPGP *) _data;
86 gpgme_release(data->ctx);
90 static gboolean pgpinline_is_signed(MimeInfo *mimeinfo)
92 PrivacyDataPGP *data = NULL;
93 const gchar *sig_indicator = "-----BEGIN PGP SIGNED MESSAGE-----";
94 gchar *textdata, *sigpos;
96 cm_return_val_if_fail(mimeinfo != NULL, FALSE);
98 if (procmime_mimeinfo_parent(mimeinfo) == NULL)
99 return FALSE; /* not parent */
101 if (mimeinfo->type != MIMETYPE_TEXT &&
102 (mimeinfo->type != MIMETYPE_APPLICATION ||
103 g_ascii_strcasecmp(mimeinfo->subtype, "pgp")))
106 /* Seal the deal. This has to be text/plain through and through. */
107 if (mimeinfo->type == MIMETYPE_APPLICATION)
109 mimeinfo->type = MIMETYPE_TEXT;
110 g_free(mimeinfo->subtype);
111 mimeinfo->subtype = g_strdup("plain");
114 if (mimeinfo->privacy != NULL) {
115 data = (PrivacyDataPGP *) mimeinfo->privacy;
116 if (data->done_sigtest)
117 return data->is_signed;
120 textdata = get_part_as_string(mimeinfo);
124 if ((sigpos = strstr(textdata, sig_indicator)) == NULL) {
129 if (!(sigpos == textdata) && !(sigpos[-1] == '\n')) {
137 data = pgpinline_new_privacydata();
138 mimeinfo->privacy = (PrivacyData *) data;
141 data->done_sigtest = TRUE;
142 data->is_signed = TRUE;
148 static gint pgpinline_check_signature(MimeInfo *mimeinfo)
150 PrivacyDataPGP *data = NULL;
151 gchar *textdata = NULL, *tmp = NULL;
152 gpgme_data_t plain = NULL, cipher = NULL;
155 cm_return_val_if_fail(mimeinfo != NULL, 0);
157 if (procmime_mimeinfo_parent(mimeinfo) == NULL) {
158 privacy_set_error(_("Incorrect part"));
159 return 0; /* not parent */
161 if (mimeinfo->type != MIMETYPE_TEXT) {
162 privacy_set_error(_("Not a text part"));
163 debug_print("type %d\n", mimeinfo->type);
166 cm_return_val_if_fail(mimeinfo->privacy != NULL, 0);
167 data = (PrivacyDataPGP *) mimeinfo->privacy;
169 textdata = get_part_as_string(mimeinfo);
173 privacy_set_error(_("Couldn't get text data."));
177 /* gtk2: convert back from utf8 */
178 tmp = conv_codeset_strdup(textdata, CS_UTF_8,
179 procmime_mimeinfo_get_parameter(mimeinfo, "charset"));
181 tmp = conv_codeset_strdup(textdata, CS_UTF_8,
182 conv_get_locale_charset_str_no_utf8());
185 g_warning("Can't convert charset to anything sane\n");
186 tmp = conv_codeset_strdup(textdata, CS_UTF_8, CS_US_ASCII);
191 privacy_set_error(_("Couldn't convert text data to any sane charset."));
194 textdata = g_strdup(tmp);
197 if ((err = gpgme_new(&data->ctx)) != GPG_ERR_NO_ERROR) {
198 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
199 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
203 gpgme_set_textmode(data->ctx, 1);
204 gpgme_set_armor(data->ctx, 1);
206 gpgme_data_new_from_mem(&plain, textdata, (size_t)strlen(textdata), 1);
207 gpgme_data_new(&cipher);
209 data->sigstatus = sgpgme_verify_signature(data->ctx, plain, NULL, cipher);
211 gpgme_data_release(plain);
212 gpgme_data_release(cipher);
219 static SignatureStatus pgpinline_get_sig_status(MimeInfo *mimeinfo)
221 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
223 cm_return_val_if_fail(data != NULL, SIGNATURE_INVALID);
225 return sgpgme_sigstat_gpgme_to_privacy(data->ctx, data->sigstatus);
228 static gchar *pgpinline_get_sig_info_short(MimeInfo *mimeinfo)
230 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
232 cm_return_val_if_fail(data != NULL, g_strdup("Error"));
234 return sgpgme_sigstat_info_short(data->ctx, data->sigstatus);
237 static gchar *pgpinline_get_sig_info_full(MimeInfo *mimeinfo)
239 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
241 cm_return_val_if_fail(data != NULL, g_strdup("Error"));
243 return sgpgme_sigstat_info_full(data->ctx, data->sigstatus);
246 static gboolean pgpinline_is_encrypted(MimeInfo *mimeinfo)
248 const gchar *begin_indicator = "-----BEGIN PGP MESSAGE-----";
249 const gchar *end_indicator = "-----END PGP MESSAGE-----";
252 cm_return_val_if_fail(mimeinfo != NULL, FALSE);
254 if (procmime_mimeinfo_parent(mimeinfo) == NULL)
255 return FALSE; /* not parent */
257 if (mimeinfo->type != MIMETYPE_TEXT &&
258 (mimeinfo->type != MIMETYPE_APPLICATION ||
259 g_ascii_strcasecmp(mimeinfo->subtype, "pgp")))
262 /* Seal the deal. This has to be text/plain through and through. */
263 if (mimeinfo->type == MIMETYPE_APPLICATION)
265 mimeinfo->type = MIMETYPE_TEXT;
266 g_free(mimeinfo->subtype);
267 mimeinfo->subtype = g_strdup("plain");
270 textdata = get_part_as_string(mimeinfo);
274 if (!pgp_locate_armor_header(textdata, begin_indicator)) {
278 if (!pgp_locate_armor_header(textdata, end_indicator)) {
288 static MimeInfo *pgpinline_decrypt(MimeInfo *mimeinfo)
290 MimeInfo *decinfo, *parseinfo;
291 gpgme_data_t cipher, plain;
294 gchar *textdata = NULL;
296 const gchar *src_codeset = NULL;
297 gpgme_verify_result_t sigstat = 0;
298 PrivacyDataPGP *data = NULL;
302 const gchar *begin_indicator = "-----BEGIN PGP MESSAGE-----";
303 const gchar *end_indicator = "-----END PGP MESSAGE-----";
306 if (gpgme_new(&ctx) != GPG_ERR_NO_ERROR)
309 gpgme_set_textmode(ctx, 1);
310 gpgme_set_armor(ctx, 1);
312 cm_return_val_if_fail(mimeinfo != NULL, NULL);
313 cm_return_val_if_fail(pgpinline_is_encrypted(mimeinfo), NULL);
315 if (procmime_mimeinfo_parent(mimeinfo) == NULL ||
316 mimeinfo->type != MIMETYPE_TEXT) {
318 privacy_set_error(_("Couldn't parse mime part."));
322 textdata = get_part_as_string(mimeinfo);
325 privacy_set_error(_("Couldn't get text data."));
329 debug_print("decrypting '%s'\n", textdata);
330 gpgme_data_new_from_mem(&cipher, textdata, (size_t)strlen(textdata), 1);
332 plain = sgpgme_decrypt_verify(cipher, &sigstat, ctx);
333 if (sigstat && !sigstat->signatures)
336 gpgme_data_release(cipher);
343 fname = g_strdup_printf("%s%cplaintext.%08x",
344 get_mime_tmp_dir(), G_DIR_SEPARATOR, ++id);
346 if ((dstfp = g_fopen(fname, "wb")) == NULL) {
347 FILE_OP_ERROR(fname, "fopen");
348 privacy_set_error(_("Couldn't open decrypted file %s"), fname);
350 gpgme_data_release(plain);
355 src_codeset = procmime_mimeinfo_get_parameter(mimeinfo, "charset");
356 if (src_codeset == NULL)
357 src_codeset = CS_ISO_8859_1;
359 if (fprintf(dstfp, "MIME-Version: 1.0\r\n"
360 "Content-Type: text/plain; charset=%s\r\n"
361 "Content-Transfer-Encoding: 8bit\r\n"
364 FILE_OP_ERROR(fname, "fprintf");
365 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
369 /* Store any part before encrypted text */
370 pos = pgp_locate_armor_header(textdata, begin_indicator);
371 if (pos != NULL && (pos - textdata) > 0) {
372 if (fwrite(textdata, 1, pos - textdata, dstfp) < pos - textdata) {
373 FILE_OP_ERROR(fname, "fwrite");
374 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
379 if (fwrite(_("\n--- Start of PGP/Inline encrypted data ---\n"), 1,
380 strlen(_("\n--- Start of PGP/Inline encrypted data ---\n")),
381 dstfp) < strlen(_("\n--- Start of PGP/Inline encrypted data ---\n"))) {
382 FILE_OP_ERROR(fname, "fwrite");
383 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
386 chars = sgpgme_data_release_and_get_mem(plain, &len);
388 if (fwrite(chars, 1, len, dstfp) < len) {
389 FILE_OP_ERROR(fname, "fwrite");
391 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
396 /* Store any part after encrypted text */
397 if (fwrite(_("--- End of PGP/Inline encrypted data ---\n"), 1,
398 strlen(_("--- End of PGP/Inline encrypted data ---\n")),
399 dstfp) < strlen(_("--- End of PGP/Inline encrypted data ---\n"))) {
400 FILE_OP_ERROR(fname, "fwrite");
401 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
405 pos = pgp_locate_armor_header(pos, end_indicator);
406 if (pos != NULL && *pos != '\0') {
407 pos += strlen(end_indicator);
408 if (fwrite(pos, 1, strlen(pos), dstfp) < strlen(pos)) {
409 FILE_OP_ERROR(fname, "fwrite");
410 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
416 if (fclose(dstfp) == EOF) {
417 FILE_OP_ERROR(fname, "fclose");
418 privacy_set_error(_("Couldn't close decrypted file %s"), fname);
420 gpgme_data_release(plain);
425 parseinfo = procmime_scan_file(fname);
428 if (parseinfo == NULL) {
430 privacy_set_error(_("Couldn't scan decrypted file."));
433 decinfo = g_node_first_child(parseinfo->node) != NULL ?
434 g_node_first_child(parseinfo->node)->data : NULL;
436 if (decinfo == NULL) {
438 privacy_set_error(_("Couldn't scan decrypted file parts."));
442 g_node_unlink(decinfo->node);
443 procmime_mimeinfo_free_all(parseinfo);
447 if (sigstat != GPGME_SIG_STAT_NONE) {
448 if (decinfo->privacy != NULL) {
449 data = (PrivacyDataPGP *) decinfo->privacy;
451 data = pgpinline_new_privacydata();
452 decinfo->privacy = (PrivacyData *) data;
455 data->done_sigtest = TRUE;
456 data->is_signed = TRUE;
457 data->sigstatus = sigstat;
459 gpgme_release(data->ctx);
470 gpgme_data_release(plain);
475 static gboolean pgpinline_sign(MimeInfo *mimeinfo, PrefsAccount *account, const gchar *from_addr)
477 MimeInfo *msgcontent;
478 gchar *textstr, *tmp;
482 gpgme_data_t gpgtext, gpgsig;
485 struct passphrase_cb_info_s info;
486 gpgme_sign_result_t result = NULL;
488 memset (&info, 0, sizeof info);
490 /* get content node from message */
491 msgcontent = (MimeInfo *) mimeinfo->node->children->data;
492 if (msgcontent->type == MIMETYPE_MULTIPART) {
493 if (!msgcontent->node->children) {
494 debug_print("msgcontent->node->children NULL, bailing\n");
495 privacy_set_error(_("Malformed message"));
498 msgcontent = (MimeInfo *) msgcontent->node->children->data;
500 /* get rid of quoted-printable or anything */
501 procmime_decode_content(msgcontent);
505 perror("my_tmpfile");
506 privacy_set_error(_("Couldn't create temporary file."));
509 procmime_write_mimeinfo(msgcontent, fp);
512 /* read temporary file into memory */
513 textstr = fp_read_noconv(fp);
517 gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
518 gpgme_data_new(&gpgsig);
519 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
520 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
521 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
524 gpgme_set_textmode(ctx, 1);
525 gpgme_set_armor(ctx, 1);
527 if (!sgpgme_setup_signers(ctx, account, from_addr)) {
532 prefs_gpg_enable_agent(prefs_gpg_get_config()->use_gpg_agent);
533 if (!getenv("GPG_AGENT_INFO") || !prefs_gpg_get_config()->use_gpg_agent) {
535 gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
538 err = gpgme_op_sign(ctx, gpgtext, gpgsig, GPGME_SIG_MODE_CLEAR);
539 if (err != GPG_ERR_NO_ERROR) {
540 if (err == GPG_ERR_CANCELED) {
541 /* ignore cancelled signing */
542 privacy_reset_error();
543 debug_print("gpgme_op_sign cancelled\n");
545 privacy_set_error(_("Data signing failed, %s"), gpgme_strerror(err));
546 debug_print("gpgme_op_sign error : %x\n", err);
551 result = gpgme_op_sign_result(ctx);
552 if (result && result->signatures) {
553 gpgme_new_signature_t sig = result->signatures;
555 debug_print("valid signature: %s\n", sig->fpr);
558 } else if (result && result->invalid_signers) {
559 gpgme_invalid_key_t invalid = result->invalid_signers;
561 g_warning("invalid signer: %s (%s)", invalid->fpr,
562 gpgme_strerror(invalid->reason));
563 privacy_set_error(_("Data signing failed due to invalid signer: %s"),
564 gpgme_strerror(invalid->reason));
565 invalid = invalid->next;
570 /* can't get result (maybe no signing key?) */
571 debug_print("gpgme_op_sign_result error\n");
572 privacy_set_error(_("Data signing failed, no results."));
578 sigcontent = sgpgme_data_release_and_get_mem(gpgsig, &len);
580 if (sigcontent == NULL || len <= 0) {
581 g_warning("sgpgme_data_release_and_get_mem failed");
582 privacy_set_error(_("Data signing failed, no contents."));
583 gpgme_data_release(gpgtext);
590 tmp = g_malloc(len+1);
591 g_memmove(tmp, sigcontent, len+1);
593 gpgme_data_release(gpgtext);
597 if (msgcontent->content == MIMECONTENT_FILE &&
598 msgcontent->data.filename != NULL) {
599 if (msgcontent->tmp == TRUE)
600 claws_unlink(msgcontent->data.filename);
601 g_free(msgcontent->data.filename);
603 msgcontent->data.mem = g_strdup(tmp);
604 msgcontent->content = MIMECONTENT_MEM;
607 /* avoid all sorts of clear-signing problems with non ascii
610 procmime_encode_content(msgcontent, ENC_BASE64);
616 static gchar *pgpinline_get_encrypt_data(GSList *recp_names)
618 return sgpgme_get_encrypt_data(recp_names, GPGME_PROTOCOL_OpenPGP);
621 static const gchar *pgpinline_get_encrypt_warning(void)
623 if (prefs_gpg_should_skip_encryption_warning(pgpinline_system.id))
626 return _("Please note that attachments are not encrypted by "
627 "the PGP/Inline system, nor are email headers, like Subject.");
630 static void pgpinline_inhibit_encrypt_warning(gboolean inhibit)
633 prefs_gpg_add_skip_encryption_warning(pgpinline_system.id);
635 prefs_gpg_remove_skip_encryption_warning(pgpinline_system.id);
638 static gboolean pgpinline_encrypt(MimeInfo *mimeinfo, const gchar *encrypt_data)
640 MimeInfo *msgcontent;
644 gchar *textstr, *tmp;
645 gpgme_data_t gpgtext, gpgenc;
647 gpgme_key_t *kset = NULL;
648 gchar **fprs = g_strsplit(encrypt_data, " ", -1);
652 while (fprs[i] && strlen(fprs[i])) {
656 kset = g_malloc(sizeof(gpgme_key_t)*(i+1));
657 memset(kset, 0, sizeof(gpgme_key_t)*(i+1));
658 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
659 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
660 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
665 while (fprs[i] && strlen(fprs[i])) {
667 err = gpgme_get_key(ctx, fprs[i], &key, 0);
669 debug_print("can't add key '%s'[%d] (%s)\n", fprs[i],i, gpgme_strerror(err));
670 privacy_set_error(_("Couldn't add GPG key %s, %s"), fprs[i], gpgme_strerror(err));
674 debug_print("found %s at %d\n", fprs[i], i);
680 debug_print("Encrypting message content\n");
682 /* get content node from message */
683 msgcontent = (MimeInfo *) mimeinfo->node->children->data;
684 if (msgcontent->type == MIMETYPE_MULTIPART) {
685 if (!msgcontent->node->children) {
686 debug_print("msgcontent->node->children NULL, bailing\n");
687 privacy_set_error(_("Malformed message"));
691 msgcontent = (MimeInfo *) msgcontent->node->children->data;
693 /* get rid of quoted-printable or anything */
694 procmime_decode_content(msgcontent);
698 privacy_set_error(_("Couldn't create temporary file, %s"), strerror(errno));
699 perror("my_tmpfile");
703 procmime_write_mimeinfo(msgcontent, fp);
706 /* read temporary file into memory */
707 textstr = fp_read_noconv(fp);
712 gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
713 gpgme_data_new(&gpgenc);
714 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
715 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
716 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
720 gpgme_set_armor(ctx, 1);
722 err = gpgme_op_encrypt(ctx, kset, GPGME_ENCRYPT_ALWAYS_TRUST, gpgtext, gpgenc);
724 enccontent = sgpgme_data_release_and_get_mem(gpgenc, &len);
727 if (enccontent == NULL || len <= 0) {
728 g_warning("sgpgme_data_release_and_get_mem failed");
729 privacy_set_error(_("Encryption failed, %s"), gpgme_strerror(err));
730 gpgme_data_release(gpgtext);
737 tmp = g_malloc(len+1);
738 g_memmove(tmp, enccontent, len+1);
742 gpgme_data_release(gpgtext);
745 if (msgcontent->content == MIMECONTENT_FILE &&
746 msgcontent->data.filename != NULL) {
747 if (msgcontent->tmp == TRUE)
748 claws_unlink(msgcontent->data.filename);
749 g_free(msgcontent->data.filename);
751 msgcontent->data.mem = g_strdup(tmp);
752 msgcontent->content = MIMECONTENT_MEM;
759 static PrivacySystem pgpinline_system = {
760 "pgpinline", /* id */
761 "PGP Inline", /* name */
763 pgpinline_free_privacydata, /* free_privacydata */
765 pgpinline_is_signed, /* is_signed(MimeInfo *) */
766 pgpinline_check_signature, /* check_signature(MimeInfo *) */
767 pgpinline_get_sig_status, /* get_sig_status(MimeInfo *) */
768 pgpinline_get_sig_info_short, /* get_sig_info_short(MimeInfo *) */
769 pgpinline_get_sig_info_full, /* get_sig_info_full(MimeInfo *) */
771 pgpinline_is_encrypted, /* is_encrypted(MimeInfo *) */
772 pgpinline_decrypt, /* decrypt(MimeInfo *) */
778 pgpinline_get_encrypt_data,
780 pgpinline_get_encrypt_warning,
781 pgpinline_inhibit_encrypt_warning,
782 prefs_gpg_auto_check_signatures,
785 void pgpinline_init()
787 privacy_register_system(&pgpinline_system);
790 void pgpinline_done()
792 privacy_unregister_system(&pgpinline_system);
795 struct PluginFeature *plugin_provides(void)
797 static struct PluginFeature features[] =
798 { {PLUGIN_PRIVACY, N_("PGP/Inline")},
799 {PLUGIN_NOTHING, NULL}};
802 #endif /* USE_GPGME */