2 * Claws Mail -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 1999-2012 Colin Leroy <colin@colino.net> and
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "claws-features.h"
30 #include <glib/gi18n.h>
37 #include "pgpinline.h"
38 #include <plugins/pgpcore/sgpgme.h>
39 #include <plugins/pgpcore/prefs_gpg.h>
40 #include <plugins/pgpcore/passphrase.h>
41 #include <plugins/pgpcore/pgp_utils.h>
42 #include "quoted-printable.h"
47 extern struct GPGConfig prefs_gpg;
49 typedef struct _PrivacyDataPGP PrivacyDataPGP;
51 struct _PrivacyDataPGP
55 gboolean done_sigtest;
57 gpgme_verify_result_t sigstatus;
61 static PrivacySystem pgpinline_system;
63 static gint pgpinline_check_signature(MimeInfo *mimeinfo);
65 static PrivacyDataPGP *pgpinline_new_privacydata()
70 data = g_new0(PrivacyDataPGP, 1);
71 data->data.system = &pgpinline_system;
72 data->done_sigtest = FALSE;
73 data->is_signed = FALSE;
74 data->sigstatus = NULL;
75 if ((err = gpgme_new(&data->ctx)) != GPG_ERR_NO_ERROR) {
76 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
83 static void pgpinline_free_privacydata(PrivacyData *_data)
85 PrivacyDataPGP *data = (PrivacyDataPGP *) _data;
86 gpgme_release(data->ctx);
90 static gboolean pgpinline_is_signed(MimeInfo *mimeinfo)
92 PrivacyDataPGP *data = NULL;
93 const gchar *sig_indicator = "-----BEGIN PGP SIGNED MESSAGE-----";
94 gchar *textdata, *sigpos;
96 cm_return_val_if_fail(mimeinfo != NULL, FALSE);
98 if (procmime_mimeinfo_parent(mimeinfo) == NULL)
99 return FALSE; /* not parent */
101 if (mimeinfo->type != MIMETYPE_TEXT &&
102 (mimeinfo->type != MIMETYPE_APPLICATION ||
103 g_ascii_strcasecmp(mimeinfo->subtype, "pgp")))
106 /* Seal the deal. This has to be text/plain through and through. */
107 if (mimeinfo->type == MIMETYPE_APPLICATION)
109 mimeinfo->type = MIMETYPE_TEXT;
110 g_free(mimeinfo->subtype);
111 mimeinfo->subtype = g_strdup("plain");
114 if (mimeinfo->privacy != NULL) {
115 data = (PrivacyDataPGP *) mimeinfo->privacy;
116 if (data->done_sigtest)
117 return data->is_signed;
120 textdata = get_part_as_string(mimeinfo);
124 if ((sigpos = strstr(textdata, sig_indicator)) == NULL) {
129 if (!(sigpos == textdata) && !(sigpos[-1] == '\n')) {
137 data = pgpinline_new_privacydata();
138 mimeinfo->privacy = (PrivacyData *) data;
140 data->done_sigtest = TRUE;
141 data->is_signed = TRUE;
146 static gint pgpinline_check_signature(MimeInfo *mimeinfo)
148 PrivacyDataPGP *data = NULL;
149 gchar *textdata = NULL, *tmp = NULL;
150 gpgme_data_t plain = NULL, cipher = NULL;
153 cm_return_val_if_fail(mimeinfo != NULL, 0);
155 if (procmime_mimeinfo_parent(mimeinfo) == NULL) {
156 privacy_set_error(_("Incorrect part"));
157 return 0; /* not parent */
159 if (mimeinfo->type != MIMETYPE_TEXT) {
160 privacy_set_error(_("Not a text part"));
161 debug_print("type %d\n", mimeinfo->type);
164 cm_return_val_if_fail(mimeinfo->privacy != NULL, 0);
165 data = (PrivacyDataPGP *) mimeinfo->privacy;
167 textdata = get_part_as_string(mimeinfo);
171 privacy_set_error(_("Couldn't get text data."));
175 /* gtk2: convert back from utf8 */
176 tmp = conv_codeset_strdup(textdata, CS_UTF_8,
177 procmime_mimeinfo_get_parameter(mimeinfo, "charset"));
179 tmp = conv_codeset_strdup(textdata, CS_UTF_8,
180 conv_get_locale_charset_str_no_utf8());
183 g_warning("Can't convert charset to anything sane\n");
184 tmp = conv_codeset_strdup(textdata, CS_UTF_8, CS_US_ASCII);
189 privacy_set_error(_("Couldn't convert text data to any sane charset."));
192 textdata = g_strdup(tmp);
195 if ((err = gpgme_new(&data->ctx)) != GPG_ERR_NO_ERROR) {
196 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
197 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
201 gpgme_set_textmode(data->ctx, 1);
202 gpgme_set_armor(data->ctx, 1);
204 gpgme_data_new_from_mem(&plain, textdata, (size_t)strlen(textdata), 1);
205 gpgme_data_new(&cipher);
207 data->sigstatus = sgpgme_verify_signature(data->ctx, plain, NULL, cipher);
209 gpgme_data_release(plain);
210 gpgme_data_release(cipher);
217 static SignatureStatus pgpinline_get_sig_status(MimeInfo *mimeinfo)
219 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
221 cm_return_val_if_fail(data != NULL, SIGNATURE_INVALID);
223 if (data->sigstatus == NULL &&
224 prefs_gpg_get_config()->auto_check_signatures)
225 pgpinline_check_signature(mimeinfo);
227 return sgpgme_sigstat_gpgme_to_privacy(data->ctx, data->sigstatus);
230 static gchar *pgpinline_get_sig_info_short(MimeInfo *mimeinfo)
232 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
234 cm_return_val_if_fail(data != NULL, g_strdup("Error"));
236 if (data->sigstatus == NULL &&
237 prefs_gpg_get_config()->auto_check_signatures)
238 pgpinline_check_signature(mimeinfo);
240 return sgpgme_sigstat_info_short(data->ctx, data->sigstatus);
243 static gchar *pgpinline_get_sig_info_full(MimeInfo *mimeinfo)
245 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
247 cm_return_val_if_fail(data != NULL, g_strdup("Error"));
249 return sgpgme_sigstat_info_full(data->ctx, data->sigstatus);
252 static gboolean pgpinline_is_encrypted(MimeInfo *mimeinfo)
254 const gchar *begin_indicator = "-----BEGIN PGP MESSAGE-----";
255 const gchar *end_indicator = "-----END PGP MESSAGE-----";
258 cm_return_val_if_fail(mimeinfo != NULL, FALSE);
260 if (procmime_mimeinfo_parent(mimeinfo) == NULL)
261 return FALSE; /* not parent */
263 if (mimeinfo->type != MIMETYPE_TEXT &&
264 (mimeinfo->type != MIMETYPE_APPLICATION ||
265 g_ascii_strcasecmp(mimeinfo->subtype, "pgp")))
268 /* Seal the deal. This has to be text/plain through and through. */
269 if (mimeinfo->type == MIMETYPE_APPLICATION)
271 mimeinfo->type = MIMETYPE_TEXT;
272 g_free(mimeinfo->subtype);
273 mimeinfo->subtype = g_strdup("plain");
276 textdata = get_part_as_string(mimeinfo);
280 if (!pgp_locate_armor_header(textdata, begin_indicator)) {
284 if (!pgp_locate_armor_header(textdata, end_indicator)) {
294 static MimeInfo *pgpinline_decrypt(MimeInfo *mimeinfo)
296 MimeInfo *decinfo, *parseinfo;
297 gpgme_data_t cipher, plain;
300 gchar *textdata = NULL;
302 const gchar *src_codeset = NULL;
303 gpgme_verify_result_t sigstat = 0;
304 PrivacyDataPGP *data = NULL;
308 const gchar *begin_indicator = "-----BEGIN PGP MESSAGE-----";
309 const gchar *end_indicator = "-----END PGP MESSAGE-----";
312 if (gpgme_new(&ctx) != GPG_ERR_NO_ERROR)
315 gpgme_set_textmode(ctx, 1);
316 gpgme_set_armor(ctx, 1);
318 cm_return_val_if_fail(mimeinfo != NULL, NULL);
319 cm_return_val_if_fail(pgpinline_is_encrypted(mimeinfo), NULL);
321 if (procmime_mimeinfo_parent(mimeinfo) == NULL ||
322 mimeinfo->type != MIMETYPE_TEXT) {
324 privacy_set_error(_("Couldn't parse mime part."));
328 textdata = get_part_as_string(mimeinfo);
331 privacy_set_error(_("Couldn't get text data."));
335 debug_print("decrypting '%s'\n", textdata);
336 gpgme_data_new_from_mem(&cipher, textdata, (size_t)strlen(textdata), 1);
338 plain = sgpgme_decrypt_verify(cipher, &sigstat, ctx);
339 if (sigstat && !sigstat->signatures)
342 gpgme_data_release(cipher);
349 fname = g_strdup_printf("%s%cplaintext.%08x",
350 get_mime_tmp_dir(), G_DIR_SEPARATOR, ++id);
352 if ((dstfp = g_fopen(fname, "wb")) == NULL) {
353 FILE_OP_ERROR(fname, "fopen");
354 privacy_set_error(_("Couldn't open decrypted file %s"), fname);
356 gpgme_data_release(plain);
361 src_codeset = procmime_mimeinfo_get_parameter(mimeinfo, "charset");
362 if (src_codeset == NULL)
363 src_codeset = CS_ISO_8859_1;
365 if (fprintf(dstfp, "MIME-Version: 1.0\r\n"
366 "Content-Type: text/plain; charset=%s\r\n"
367 "Content-Transfer-Encoding: 8bit\r\n"
370 FILE_OP_ERROR(fname, "fprintf");
371 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
375 /* Store any part before encrypted text */
376 pos = pgp_locate_armor_header(textdata, begin_indicator);
377 if (pos != NULL && (pos - textdata) > 0) {
378 if (fwrite(textdata, 1, pos - textdata, dstfp) < pos - textdata) {
379 FILE_OP_ERROR(fname, "fwrite");
380 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
385 if (fwrite(_("\n--- Start of PGP/Inline encrypted data ---\n"), 1,
386 strlen(_("\n--- Start of PGP/Inline encrypted data ---\n")),
387 dstfp) < strlen(_("\n--- Start of PGP/Inline encrypted data ---\n"))) {
388 FILE_OP_ERROR(fname, "fwrite");
389 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
392 chars = sgpgme_data_release_and_get_mem(plain, &len);
394 if (fwrite(chars, 1, len, dstfp) < len) {
395 FILE_OP_ERROR(fname, "fwrite");
397 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
402 /* Store any part after encrypted text */
403 if (fwrite(_("--- End of PGP/Inline encrypted data ---\n"), 1,
404 strlen(_("--- End of PGP/Inline encrypted data ---\n")),
405 dstfp) < strlen(_("--- End of PGP/Inline encrypted data ---\n"))) {
406 FILE_OP_ERROR(fname, "fwrite");
407 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
411 pos = pgp_locate_armor_header(pos, end_indicator);
412 if (pos != NULL && *pos != '\0') {
413 pos += strlen(end_indicator);
414 if (fwrite(pos, 1, strlen(pos), dstfp) < strlen(pos)) {
415 FILE_OP_ERROR(fname, "fwrite");
416 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
422 if (fclose(dstfp) == EOF) {
423 FILE_OP_ERROR(fname, "fclose");
424 privacy_set_error(_("Couldn't close decrypted file %s"), fname);
426 gpgme_data_release(plain);
431 parseinfo = procmime_scan_file(fname);
434 if (parseinfo == NULL) {
436 privacy_set_error(_("Couldn't scan decrypted file."));
439 decinfo = g_node_first_child(parseinfo->node) != NULL ?
440 g_node_first_child(parseinfo->node)->data : NULL;
442 if (decinfo == NULL) {
444 privacy_set_error(_("Couldn't scan decrypted file parts."));
448 g_node_unlink(decinfo->node);
449 procmime_mimeinfo_free_all(parseinfo);
453 if (sigstat != GPGME_SIG_STAT_NONE) {
454 if (decinfo->privacy != NULL) {
455 data = (PrivacyDataPGP *) decinfo->privacy;
457 data = pgpinline_new_privacydata();
458 decinfo->privacy = (PrivacyData *) data;
460 data->done_sigtest = TRUE;
461 data->is_signed = TRUE;
462 data->sigstatus = sigstat;
464 gpgme_release(data->ctx);
474 gpgme_data_release(plain);
479 static gboolean pgpinline_sign(MimeInfo *mimeinfo, PrefsAccount *account, const gchar *from_addr)
481 MimeInfo *msgcontent;
482 gchar *textstr, *tmp;
486 gpgme_data_t gpgtext, gpgsig;
489 struct passphrase_cb_info_s info;
490 gpgme_sign_result_t result = NULL;
492 memset (&info, 0, sizeof info);
494 /* get content node from message */
495 msgcontent = (MimeInfo *) mimeinfo->node->children->data;
496 if (msgcontent->type == MIMETYPE_MULTIPART) {
497 if (!msgcontent->node->children) {
498 debug_print("msgcontent->node->children NULL, bailing\n");
499 privacy_set_error(_("Malformed message"));
502 msgcontent = (MimeInfo *) msgcontent->node->children->data;
504 /* get rid of quoted-printable or anything */
505 procmime_decode_content(msgcontent);
509 perror("my_tmpfile");
510 privacy_set_error(_("Couldn't create temporary file."));
513 procmime_write_mimeinfo(msgcontent, fp);
516 /* read temporary file into memory */
517 textstr = fp_read_noconv(fp);
521 gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
522 gpgme_data_new(&gpgsig);
523 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
524 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
525 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
528 gpgme_set_textmode(ctx, 1);
529 gpgme_set_armor(ctx, 1);
531 if (!sgpgme_setup_signers(ctx, account, from_addr)) {
536 prefs_gpg_enable_agent(prefs_gpg_get_config()->use_gpg_agent);
537 if (!getenv("GPG_AGENT_INFO") || !prefs_gpg_get_config()->use_gpg_agent) {
539 gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
542 err = gpgme_op_sign(ctx, gpgtext, gpgsig, GPGME_SIG_MODE_CLEAR);
543 if (err != GPG_ERR_NO_ERROR) {
544 if (err == GPG_ERR_CANCELED) {
545 /* ignore cancelled signing */
546 privacy_reset_error();
547 debug_print("gpgme_op_sign cancelled\n");
549 privacy_set_error(_("Data signing failed, %s"), gpgme_strerror(err));
550 debug_print("gpgme_op_sign error : %x\n", err);
555 result = gpgme_op_sign_result(ctx);
556 if (result && result->signatures) {
557 gpgme_new_signature_t sig = result->signatures;
559 debug_print("valid signature: %s\n", sig->fpr);
562 } else if (result && result->invalid_signers) {
563 gpgme_invalid_key_t invalid = result->invalid_signers;
565 g_warning("invalid signer: %s (%s)", invalid->fpr,
566 gpgme_strerror(invalid->reason));
567 privacy_set_error(_("Data signing failed due to invalid signer: %s"),
568 gpgme_strerror(invalid->reason));
569 invalid = invalid->next;
574 /* can't get result (maybe no signing key?) */
575 debug_print("gpgme_op_sign_result error\n");
576 privacy_set_error(_("Data signing failed, no results."));
582 sigcontent = sgpgme_data_release_and_get_mem(gpgsig, &len);
584 if (sigcontent == NULL || len <= 0) {
585 g_warning("sgpgme_data_release_and_get_mem failed");
586 privacy_set_error(_("Data signing failed, no contents."));
587 gpgme_data_release(gpgtext);
594 tmp = g_malloc(len+1);
595 g_memmove(tmp, sigcontent, len+1);
597 gpgme_data_release(gpgtext);
601 if (msgcontent->content == MIMECONTENT_FILE &&
602 msgcontent->data.filename != NULL) {
603 if (msgcontent->tmp == TRUE)
604 claws_unlink(msgcontent->data.filename);
605 g_free(msgcontent->data.filename);
607 msgcontent->data.mem = g_strdup(tmp);
608 msgcontent->content = MIMECONTENT_MEM;
611 /* avoid all sorts of clear-signing problems with non ascii
614 procmime_encode_content(msgcontent, ENC_BASE64);
620 static gchar *pgpinline_get_encrypt_data(GSList *recp_names)
622 return sgpgme_get_encrypt_data(recp_names, GPGME_PROTOCOL_OpenPGP);
625 static const gchar *pgpinline_get_encrypt_warning(void)
627 if (prefs_gpg_should_skip_encryption_warning(pgpinline_system.id))
630 return _("Please note that attachments are not encrypted by "
631 "the PGP/Inline system, nor are email headers, like Subject.");
634 static void pgpinline_inhibit_encrypt_warning(gboolean inhibit)
637 prefs_gpg_add_skip_encryption_warning(pgpinline_system.id);
639 prefs_gpg_remove_skip_encryption_warning(pgpinline_system.id);
642 static gboolean pgpinline_encrypt(MimeInfo *mimeinfo, const gchar *encrypt_data)
644 MimeInfo *msgcontent;
648 gchar *textstr, *tmp;
649 gpgme_data_t gpgtext, gpgenc;
651 gpgme_key_t *kset = NULL;
652 gchar **fprs = g_strsplit(encrypt_data, " ", -1);
656 while (fprs[i] && strlen(fprs[i])) {
660 kset = g_malloc(sizeof(gpgme_key_t)*(i+1));
661 memset(kset, 0, sizeof(gpgme_key_t)*(i+1));
662 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
663 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
664 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
669 while (fprs[i] && strlen(fprs[i])) {
671 err = gpgme_get_key(ctx, fprs[i], &key, 0);
673 debug_print("can't add key '%s'[%d] (%s)\n", fprs[i],i, gpgme_strerror(err));
674 privacy_set_error(_("Couldn't add GPG key %s, %s"), fprs[i], gpgme_strerror(err));
678 debug_print("found %s at %d\n", fprs[i], i);
684 debug_print("Encrypting message content\n");
686 /* get content node from message */
687 msgcontent = (MimeInfo *) mimeinfo->node->children->data;
688 if (msgcontent->type == MIMETYPE_MULTIPART) {
689 if (!msgcontent->node->children) {
690 debug_print("msgcontent->node->children NULL, bailing\n");
691 privacy_set_error(_("Malformed message"));
695 msgcontent = (MimeInfo *) msgcontent->node->children->data;
697 /* get rid of quoted-printable or anything */
698 procmime_decode_content(msgcontent);
702 privacy_set_error(_("Couldn't create temporary file, %s"), strerror(errno));
703 perror("my_tmpfile");
707 procmime_write_mimeinfo(msgcontent, fp);
710 /* read temporary file into memory */
711 textstr = fp_read_noconv(fp);
716 gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
717 gpgme_data_new(&gpgenc);
718 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
719 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
720 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
724 gpgme_set_armor(ctx, 1);
726 err = gpgme_op_encrypt(ctx, kset, GPGME_ENCRYPT_ALWAYS_TRUST, gpgtext, gpgenc);
728 enccontent = sgpgme_data_release_and_get_mem(gpgenc, &len);
731 if (enccontent == NULL || len <= 0) {
732 g_warning("sgpgme_data_release_and_get_mem failed");
733 privacy_set_error(_("Encryption failed, %s"), gpgme_strerror(err));
734 gpgme_data_release(gpgtext);
740 tmp = g_malloc(len+1);
741 g_memmove(tmp, enccontent, len+1);
745 gpgme_data_release(gpgtext);
748 if (msgcontent->content == MIMECONTENT_FILE &&
749 msgcontent->data.filename != NULL) {
750 if (msgcontent->tmp == TRUE)
751 claws_unlink(msgcontent->data.filename);
752 g_free(msgcontent->data.filename);
754 msgcontent->data.mem = g_strdup(tmp);
755 msgcontent->content = MIMECONTENT_MEM;
762 static PrivacySystem pgpinline_system = {
763 "pgpinline", /* id */
764 "PGP Inline", /* name */
766 pgpinline_free_privacydata, /* free_privacydata */
768 pgpinline_is_signed, /* is_signed(MimeInfo *) */
769 pgpinline_check_signature, /* check_signature(MimeInfo *) */
770 pgpinline_get_sig_status, /* get_sig_status(MimeInfo *) */
771 pgpinline_get_sig_info_short, /* get_sig_info_short(MimeInfo *) */
772 pgpinline_get_sig_info_full, /* get_sig_info_full(MimeInfo *) */
774 pgpinline_is_encrypted, /* is_encrypted(MimeInfo *) */
775 pgpinline_decrypt, /* decrypt(MimeInfo *) */
781 pgpinline_get_encrypt_data,
783 pgpinline_get_encrypt_warning,
784 pgpinline_inhibit_encrypt_warning,
787 void pgpinline_init()
789 privacy_register_system(&pgpinline_system);
792 void pgpinline_done()
794 privacy_unregister_system(&pgpinline_system);
797 struct PluginFeature *plugin_provides(void)
799 static struct PluginFeature features[] =
800 { {PLUGIN_PRIVACY, N_("PGP/Inline")},
801 {PLUGIN_NOTHING, NULL}};
804 #endif /* USE_GPGME */