2 * Claws Mail -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 1999-2015 Colin Leroy <colin@colino.net> and
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "claws-features.h"
30 #include <glib/gi18n.h>
37 #include "pgpinline.h"
38 #include <plugins/pgpcore/sgpgme.h>
39 #include <plugins/pgpcore/prefs_gpg.h>
40 #include <plugins/pgpcore/passphrase.h>
41 #include <plugins/pgpcore/pgp_utils.h>
42 #include "quoted-printable.h"
46 extern struct GPGConfig prefs_gpg;
48 typedef struct _PrivacyDataPGP PrivacyDataPGP;
50 struct _PrivacyDataPGP
54 gboolean done_sigtest;
56 gpgme_verify_result_t sigstatus;
60 static PrivacySystem pgpinline_system;
62 static gint pgpinline_check_signature(MimeInfo *mimeinfo);
64 static PrivacyDataPGP *pgpinline_new_privacydata()
69 data = g_new0(PrivacyDataPGP, 1);
70 data->data.system = &pgpinline_system;
71 data->done_sigtest = FALSE;
72 data->is_signed = FALSE;
73 data->sigstatus = NULL;
74 if ((err = gpgme_new(&data->ctx)) != GPG_ERR_NO_ERROR) {
75 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
82 static void pgpinline_free_privacydata(PrivacyData *_data)
84 PrivacyDataPGP *data = (PrivacyDataPGP *) _data;
85 gpgme_release(data->ctx);
89 static gboolean pgpinline_is_signed(MimeInfo *mimeinfo)
91 PrivacyDataPGP *data = NULL;
92 const gchar *sig_indicator = "-----BEGIN PGP SIGNED MESSAGE-----";
93 gchar *textdata, *sigpos;
95 cm_return_val_if_fail(mimeinfo != NULL, FALSE);
97 if (procmime_mimeinfo_parent(mimeinfo) == NULL)
98 return FALSE; /* not parent */
100 if (mimeinfo->type != MIMETYPE_TEXT &&
101 (mimeinfo->type != MIMETYPE_APPLICATION ||
102 g_ascii_strcasecmp(mimeinfo->subtype, "pgp")))
105 /* Seal the deal. This has to be text/plain through and through. */
106 if (mimeinfo->type == MIMETYPE_APPLICATION)
108 mimeinfo->type = MIMETYPE_TEXT;
109 g_free(mimeinfo->subtype);
110 mimeinfo->subtype = g_strdup("plain");
113 if (mimeinfo->privacy != NULL) {
114 data = (PrivacyDataPGP *) mimeinfo->privacy;
115 if (data->done_sigtest)
116 return data->is_signed;
119 textdata = get_part_as_string(mimeinfo);
123 if ((sigpos = strstr(textdata, sig_indicator)) == NULL) {
128 if (!(sigpos == textdata) && !(sigpos[-1] == '\n')) {
136 data = pgpinline_new_privacydata();
137 mimeinfo->privacy = (PrivacyData *) data;
140 data->done_sigtest = TRUE;
141 data->is_signed = TRUE;
147 static gint pgpinline_check_signature(MimeInfo *mimeinfo)
149 PrivacyDataPGP *data = NULL;
150 gchar *textdata = NULL, *tmp = NULL;
151 gpgme_data_t plain = NULL, cipher = NULL;
154 cm_return_val_if_fail(mimeinfo != NULL, 0);
156 if (procmime_mimeinfo_parent(mimeinfo) == NULL) {
157 privacy_set_error(_("Incorrect part"));
158 return 0; /* not parent */
160 if (mimeinfo->type != MIMETYPE_TEXT) {
161 privacy_set_error(_("Not a text part"));
162 debug_print("type %d\n", mimeinfo->type);
165 cm_return_val_if_fail(mimeinfo->privacy != NULL, 0);
166 data = (PrivacyDataPGP *) mimeinfo->privacy;
168 textdata = get_part_as_string(mimeinfo);
172 privacy_set_error(_("Couldn't get text data."));
176 /* gtk2: convert back from utf8 */
177 tmp = conv_codeset_strdup(textdata, CS_UTF_8,
178 procmime_mimeinfo_get_parameter(mimeinfo, "charset"));
180 tmp = conv_codeset_strdup(textdata, CS_UTF_8,
181 conv_get_locale_charset_str_no_utf8());
184 g_warning("Can't convert charset to anything sane\n");
185 tmp = conv_codeset_strdup(textdata, CS_UTF_8, CS_US_ASCII);
190 privacy_set_error(_("Couldn't convert text data to any sane charset."));
193 textdata = g_strdup(tmp);
196 if ((err = gpgme_new(&data->ctx)) != GPG_ERR_NO_ERROR) {
197 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
198 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
202 gpgme_set_textmode(data->ctx, 1);
203 gpgme_set_armor(data->ctx, 1);
205 gpgme_data_new_from_mem(&plain, textdata, (size_t)strlen(textdata), 1);
206 gpgme_data_new(&cipher);
208 data->sigstatus = sgpgme_verify_signature(data->ctx, plain, NULL, cipher);
210 gpgme_data_release(plain);
211 gpgme_data_release(cipher);
218 static SignatureStatus pgpinline_get_sig_status(MimeInfo *mimeinfo)
220 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
222 cm_return_val_if_fail(data != NULL, SIGNATURE_INVALID);
224 return sgpgme_sigstat_gpgme_to_privacy(data->ctx, data->sigstatus);
227 static gchar *pgpinline_get_sig_info_short(MimeInfo *mimeinfo)
229 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
231 cm_return_val_if_fail(data != NULL, g_strdup("Error"));
233 return sgpgme_sigstat_info_short(data->ctx, data->sigstatus);
236 static gchar *pgpinline_get_sig_info_full(MimeInfo *mimeinfo)
238 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
240 cm_return_val_if_fail(data != NULL, g_strdup("Error"));
242 return sgpgme_sigstat_info_full(data->ctx, data->sigstatus);
245 static gboolean pgpinline_is_encrypted(MimeInfo *mimeinfo)
247 const gchar *begin_indicator = "-----BEGIN PGP MESSAGE-----";
248 const gchar *end_indicator = "-----END PGP MESSAGE-----";
251 cm_return_val_if_fail(mimeinfo != NULL, FALSE);
253 if (procmime_mimeinfo_parent(mimeinfo) == NULL)
254 return FALSE; /* not parent */
256 if (mimeinfo->type != MIMETYPE_TEXT &&
257 (mimeinfo->type != MIMETYPE_APPLICATION ||
258 g_ascii_strcasecmp(mimeinfo->subtype, "pgp")))
261 /* Seal the deal. This has to be text/plain through and through. */
262 if (mimeinfo->type == MIMETYPE_APPLICATION)
264 mimeinfo->type = MIMETYPE_TEXT;
265 g_free(mimeinfo->subtype);
266 mimeinfo->subtype = g_strdup("plain");
269 textdata = get_part_as_string(mimeinfo);
273 if (!pgp_locate_armor_header(textdata, begin_indicator)) {
277 if (!pgp_locate_armor_header(textdata, end_indicator)) {
287 static MimeInfo *pgpinline_decrypt(MimeInfo *mimeinfo)
289 MimeInfo *decinfo, *parseinfo;
290 gpgme_data_t cipher, plain;
293 gchar *textdata = NULL;
295 const gchar *src_codeset = NULL;
296 gpgme_verify_result_t sigstat = 0;
297 PrivacyDataPGP *data = NULL;
301 const gchar *begin_indicator = "-----BEGIN PGP MESSAGE-----";
302 const gchar *end_indicator = "-----END PGP MESSAGE-----";
305 if (gpgme_new(&ctx) != GPG_ERR_NO_ERROR)
308 gpgme_set_textmode(ctx, 1);
309 gpgme_set_armor(ctx, 1);
311 cm_return_val_if_fail(mimeinfo != NULL, NULL);
312 cm_return_val_if_fail(pgpinline_is_encrypted(mimeinfo), NULL);
314 if (procmime_mimeinfo_parent(mimeinfo) == NULL ||
315 mimeinfo->type != MIMETYPE_TEXT) {
317 privacy_set_error(_("Couldn't parse mime part."));
321 textdata = get_part_as_string(mimeinfo);
324 privacy_set_error(_("Couldn't get text data."));
328 debug_print("decrypting '%s'\n", textdata);
329 gpgme_data_new_from_mem(&cipher, textdata, (size_t)strlen(textdata), 1);
331 plain = sgpgme_decrypt_verify(cipher, &sigstat, ctx);
332 if (sigstat && !sigstat->signatures)
335 gpgme_data_release(cipher);
342 fname = g_strdup_printf("%s%cplaintext.%08x",
343 get_mime_tmp_dir(), G_DIR_SEPARATOR, ++id);
345 if ((dstfp = g_fopen(fname, "wb")) == NULL) {
346 FILE_OP_ERROR(fname, "fopen");
347 privacy_set_error(_("Couldn't open decrypted file %s"), fname);
349 gpgme_data_release(plain);
354 src_codeset = procmime_mimeinfo_get_parameter(mimeinfo, "charset");
355 if (src_codeset == NULL)
356 src_codeset = CS_ISO_8859_1;
358 if (fprintf(dstfp, "MIME-Version: 1.0\r\n"
359 "Content-Type: text/plain; charset=%s\r\n"
360 "Content-Transfer-Encoding: 8bit\r\n"
363 FILE_OP_ERROR(fname, "fprintf");
364 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
368 /* Store any part before encrypted text */
369 pos = pgp_locate_armor_header(textdata, begin_indicator);
370 if (pos != NULL && (pos - textdata) > 0) {
371 if (fwrite(textdata, 1, pos - textdata, dstfp) < pos - textdata) {
372 FILE_OP_ERROR(fname, "fwrite");
373 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
378 if (fwrite(_("\n--- Start of PGP/Inline encrypted data ---\n"), 1,
379 strlen(_("\n--- Start of PGP/Inline encrypted data ---\n")),
380 dstfp) < strlen(_("\n--- Start of PGP/Inline encrypted data ---\n"))) {
381 FILE_OP_ERROR(fname, "fwrite");
382 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
385 chars = sgpgme_data_release_and_get_mem(plain, &len);
387 if (fwrite(chars, 1, len, dstfp) < len) {
388 FILE_OP_ERROR(fname, "fwrite");
390 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
395 /* Store any part after encrypted text */
396 if (fwrite(_("--- End of PGP/Inline encrypted data ---\n"), 1,
397 strlen(_("--- End of PGP/Inline encrypted data ---\n")),
398 dstfp) < strlen(_("--- End of PGP/Inline encrypted data ---\n"))) {
399 FILE_OP_ERROR(fname, "fwrite");
400 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
404 pos = pgp_locate_armor_header(pos, end_indicator);
405 if (pos != NULL && *pos != '\0') {
406 pos += strlen(end_indicator);
407 if (fwrite(pos, 1, strlen(pos), dstfp) < strlen(pos)) {
408 FILE_OP_ERROR(fname, "fwrite");
409 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
415 if (fclose(dstfp) == EOF) {
416 FILE_OP_ERROR(fname, "fclose");
417 privacy_set_error(_("Couldn't close decrypted file %s"), fname);
419 gpgme_data_release(plain);
424 parseinfo = procmime_scan_file(fname);
427 if (parseinfo == NULL) {
429 privacy_set_error(_("Couldn't scan decrypted file."));
432 decinfo = g_node_first_child(parseinfo->node) != NULL ?
433 g_node_first_child(parseinfo->node)->data : NULL;
435 if (decinfo == NULL) {
437 privacy_set_error(_("Couldn't scan decrypted file parts."));
441 g_node_unlink(decinfo->node);
442 procmime_mimeinfo_free_all(parseinfo);
446 if (sigstat != GPGME_SIG_STAT_NONE) {
447 if (decinfo->privacy != NULL) {
448 data = (PrivacyDataPGP *) decinfo->privacy;
450 data = pgpinline_new_privacydata();
451 decinfo->privacy = (PrivacyData *) data;
454 data->done_sigtest = TRUE;
455 data->is_signed = TRUE;
456 data->sigstatus = sigstat;
458 gpgme_release(data->ctx);
469 gpgme_data_release(plain);
474 static gboolean pgpinline_sign(MimeInfo *mimeinfo, PrefsAccount *account, const gchar *from_addr)
476 MimeInfo *msgcontent;
477 gchar *textstr, *tmp;
481 gpgme_data_t gpgtext, gpgsig;
484 struct passphrase_cb_info_s info;
485 gpgme_sign_result_t result = NULL;
487 memset (&info, 0, sizeof info);
489 /* get content node from message */
490 msgcontent = (MimeInfo *) mimeinfo->node->children->data;
491 if (msgcontent->type == MIMETYPE_MULTIPART) {
492 if (!msgcontent->node->children) {
493 debug_print("msgcontent->node->children NULL, bailing\n");
494 privacy_set_error(_("Malformed message"));
497 msgcontent = (MimeInfo *) msgcontent->node->children->data;
499 /* get rid of quoted-printable or anything */
500 procmime_decode_content(msgcontent);
504 perror("my_tmpfile");
505 privacy_set_error(_("Couldn't create temporary file."));
508 procmime_write_mimeinfo(msgcontent, fp);
511 /* read temporary file into memory */
512 textstr = fp_read_noconv(fp);
516 gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
517 gpgme_data_new(&gpgsig);
518 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
519 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
520 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
523 gpgme_set_textmode(ctx, 1);
524 gpgme_set_armor(ctx, 1);
526 if (!sgpgme_setup_signers(ctx, account, from_addr)) {
531 prefs_gpg_enable_agent(prefs_gpg_get_config()->use_gpg_agent);
532 if (!getenv("GPG_AGENT_INFO") || !prefs_gpg_get_config()->use_gpg_agent) {
534 gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
537 err = gpgme_op_sign(ctx, gpgtext, gpgsig, GPGME_SIG_MODE_CLEAR);
538 if (err != GPG_ERR_NO_ERROR) {
539 if (err == GPG_ERR_CANCELED) {
540 /* ignore cancelled signing */
541 privacy_reset_error();
542 debug_print("gpgme_op_sign cancelled\n");
544 privacy_set_error(_("Data signing failed, %s"), gpgme_strerror(err));
545 debug_print("gpgme_op_sign error : %x\n", err);
550 result = gpgme_op_sign_result(ctx);
551 if (result && result->signatures) {
552 gpgme_new_signature_t sig = result->signatures;
554 debug_print("valid signature: %s\n", sig->fpr);
557 } else if (result && result->invalid_signers) {
558 gpgme_invalid_key_t invalid = result->invalid_signers;
560 g_warning("invalid signer: %s (%s)", invalid->fpr,
561 gpgme_strerror(invalid->reason));
562 privacy_set_error(_("Data signing failed due to invalid signer: %s"),
563 gpgme_strerror(invalid->reason));
564 invalid = invalid->next;
569 /* can't get result (maybe no signing key?) */
570 debug_print("gpgme_op_sign_result error\n");
571 privacy_set_error(_("Data signing failed, no results."));
577 sigcontent = sgpgme_data_release_and_get_mem(gpgsig, &len);
579 if (sigcontent == NULL || len <= 0) {
580 g_warning("sgpgme_data_release_and_get_mem failed");
581 privacy_set_error(_("Data signing failed, no contents."));
582 gpgme_data_release(gpgtext);
589 tmp = g_malloc(len+1);
590 g_memmove(tmp, sigcontent, len+1);
592 gpgme_data_release(gpgtext);
596 if (msgcontent->content == MIMECONTENT_FILE &&
597 msgcontent->data.filename != NULL) {
598 if (msgcontent->tmp == TRUE)
599 claws_unlink(msgcontent->data.filename);
600 g_free(msgcontent->data.filename);
602 msgcontent->data.mem = g_strdup(tmp);
603 msgcontent->content = MIMECONTENT_MEM;
606 /* avoid all sorts of clear-signing problems with non ascii
609 procmime_encode_content(msgcontent, ENC_BASE64);
615 static gchar *pgpinline_get_encrypt_data(GSList *recp_names)
617 return sgpgme_get_encrypt_data(recp_names, GPGME_PROTOCOL_OpenPGP);
620 static const gchar *pgpinline_get_encrypt_warning(void)
622 if (prefs_gpg_should_skip_encryption_warning(pgpinline_system.id))
625 return _("Please note that attachments are not encrypted by "
626 "the PGP/Inline system, nor are email headers, like Subject.");
629 static void pgpinline_inhibit_encrypt_warning(gboolean inhibit)
632 prefs_gpg_add_skip_encryption_warning(pgpinline_system.id);
634 prefs_gpg_remove_skip_encryption_warning(pgpinline_system.id);
637 static gboolean pgpinline_encrypt(MimeInfo *mimeinfo, const gchar *encrypt_data)
639 MimeInfo *msgcontent;
643 gchar *textstr, *tmp;
644 gpgme_data_t gpgtext, gpgenc;
646 gpgme_key_t *kset = NULL;
647 gchar **fprs = g_strsplit(encrypt_data, " ", -1);
651 while (fprs[i] && strlen(fprs[i])) {
655 kset = g_malloc(sizeof(gpgme_key_t)*(i+1));
656 memset(kset, 0, sizeof(gpgme_key_t)*(i+1));
657 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
658 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
659 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
664 while (fprs[i] && strlen(fprs[i])) {
666 err = gpgme_get_key(ctx, fprs[i], &key, 0);
668 debug_print("can't add key '%s'[%d] (%s)\n", fprs[i],i, gpgme_strerror(err));
669 privacy_set_error(_("Couldn't add GPG key %s, %s"), fprs[i], gpgme_strerror(err));
673 debug_print("found %s at %d\n", fprs[i], i);
679 debug_print("Encrypting message content\n");
681 /* get content node from message */
682 msgcontent = (MimeInfo *) mimeinfo->node->children->data;
683 if (msgcontent->type == MIMETYPE_MULTIPART) {
684 if (!msgcontent->node->children) {
685 debug_print("msgcontent->node->children NULL, bailing\n");
686 privacy_set_error(_("Malformed message"));
690 msgcontent = (MimeInfo *) msgcontent->node->children->data;
692 /* get rid of quoted-printable or anything */
693 procmime_decode_content(msgcontent);
697 privacy_set_error(_("Couldn't create temporary file, %s"), g_strerror(errno));
698 perror("my_tmpfile");
702 procmime_write_mimeinfo(msgcontent, fp);
705 /* read temporary file into memory */
706 textstr = fp_read_noconv(fp);
711 gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
712 gpgme_data_new(&gpgenc);
713 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
714 debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
715 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
719 gpgme_set_armor(ctx, 1);
721 err = gpgme_op_encrypt(ctx, kset, GPGME_ENCRYPT_ALWAYS_TRUST, gpgtext, gpgenc);
723 enccontent = sgpgme_data_release_and_get_mem(gpgenc, &len);
726 if (enccontent == NULL || len <= 0) {
727 g_warning("sgpgme_data_release_and_get_mem failed");
728 privacy_set_error(_("Encryption failed, %s"), gpgme_strerror(err));
729 gpgme_data_release(gpgtext);
736 tmp = g_malloc(len+1);
737 g_memmove(tmp, enccontent, len+1);
741 gpgme_data_release(gpgtext);
744 if (msgcontent->content == MIMECONTENT_FILE &&
745 msgcontent->data.filename != NULL) {
746 if (msgcontent->tmp == TRUE)
747 claws_unlink(msgcontent->data.filename);
748 g_free(msgcontent->data.filename);
750 msgcontent->data.mem = g_strdup(tmp);
751 msgcontent->content = MIMECONTENT_MEM;
758 static PrivacySystem pgpinline_system = {
759 "pgpinline", /* id */
760 "PGP Inline", /* name */
762 pgpinline_free_privacydata, /* free_privacydata */
764 pgpinline_is_signed, /* is_signed(MimeInfo *) */
765 pgpinline_check_signature, /* check_signature(MimeInfo *) */
766 pgpinline_get_sig_status, /* get_sig_status(MimeInfo *) */
767 pgpinline_get_sig_info_short, /* get_sig_info_short(MimeInfo *) */
768 pgpinline_get_sig_info_full, /* get_sig_info_full(MimeInfo *) */
770 pgpinline_is_encrypted, /* is_encrypted(MimeInfo *) */
771 pgpinline_decrypt, /* decrypt(MimeInfo *) */
777 pgpinline_get_encrypt_data,
779 pgpinline_get_encrypt_warning,
780 pgpinline_inhibit_encrypt_warning,
781 prefs_gpg_auto_check_signatures,
784 void pgpinline_init()
786 privacy_register_system(&pgpinline_system);
789 void pgpinline_done()
791 privacy_unregister_system(&pgpinline_system);
794 struct PluginFeature *plugin_provides(void)
796 static struct PluginFeature features[] =
797 { {PLUGIN_PRIVACY, N_("PGP/Inline")},
798 {PLUGIN_NOTHING, NULL}};
801 #endif /* USE_GPGME */