2 * Claws Mail -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 1999-2016 Colin Leroy and the Claws Mail team
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "claws-features.h"
28 #include <glib/gi18n.h>
31 #include <file-utils.h>
36 #include "pgpinline.h"
37 #include <plugins/pgpcore/sgpgme.h>
38 #include <plugins/pgpcore/prefs_gpg.h>
39 #include <plugins/pgpcore/passphrase.h>
40 #include <plugins/pgpcore/pgp_utils.h>
41 #include "quoted-printable.h"
45 extern struct GPGConfig prefs_gpg;
47 typedef struct _PrivacyDataPGP PrivacyDataPGP;
49 struct _PrivacyDataPGP
53 gboolean done_sigtest;
55 gpgme_verify_result_t sigstatus;
59 static PrivacySystem pgpinline_system;
61 static gint pgpinline_check_signature(MimeInfo *mimeinfo);
63 static PrivacyDataPGP *pgpinline_new_privacydata()
68 data = g_new0(PrivacyDataPGP, 1);
69 data->data.system = &pgpinline_system;
70 data->done_sigtest = FALSE;
71 data->is_signed = FALSE;
72 data->sigstatus = NULL;
73 if ((err = gpgme_new(&data->ctx)) != GPG_ERR_NO_ERROR) {
74 debug_print(("Couldn't initialize GPG context, %s\n"), gpgme_strerror(err));
81 static void pgpinline_free_privacydata(PrivacyData *_data)
83 PrivacyDataPGP *data = (PrivacyDataPGP *) _data;
84 gpgme_release(data->ctx);
88 static gboolean pgpinline_is_signed(MimeInfo *mimeinfo)
90 PrivacyDataPGP *data = NULL;
91 const gchar *sig_indicator = "-----BEGIN PGP SIGNED MESSAGE-----";
92 gchar *textdata, *sigpos;
94 cm_return_val_if_fail(mimeinfo != NULL, FALSE);
96 if (procmime_mimeinfo_parent(mimeinfo) == NULL)
97 return FALSE; /* not parent */
99 if (mimeinfo->type != MIMETYPE_TEXT &&
100 (mimeinfo->type != MIMETYPE_APPLICATION ||
101 g_ascii_strcasecmp(mimeinfo->subtype, "pgp")))
104 /* Seal the deal. This has to be text/plain through and through. */
105 if (mimeinfo->type == MIMETYPE_APPLICATION)
107 mimeinfo->type = MIMETYPE_TEXT;
108 g_free(mimeinfo->subtype);
109 mimeinfo->subtype = g_strdup("plain");
112 if (mimeinfo->privacy != NULL) {
113 data = (PrivacyDataPGP *) mimeinfo->privacy;
114 if (data->done_sigtest)
115 return data->is_signed;
118 textdata = get_part_as_string(mimeinfo);
122 if ((sigpos = strstr(textdata, sig_indicator)) == NULL) {
127 if (!(sigpos == textdata) && !(sigpos[-1] == '\n')) {
135 data = pgpinline_new_privacydata();
136 mimeinfo->privacy = (PrivacyData *) data;
139 data->done_sigtest = TRUE;
140 data->is_signed = TRUE;
146 static gint pgpinline_check_signature(MimeInfo *mimeinfo)
148 PrivacyDataPGP *data = NULL;
149 gchar *textdata = NULL, *tmp = NULL;
150 gpgme_data_t plain = NULL, cipher = NULL;
153 cm_return_val_if_fail(mimeinfo != NULL, 0);
155 if (procmime_mimeinfo_parent(mimeinfo) == NULL) {
156 privacy_set_error(_("Incorrect part"));
157 return 0; /* not parent */
159 if (mimeinfo->type != MIMETYPE_TEXT) {
160 privacy_set_error(_("Not a text part"));
161 debug_print("type %d\n", mimeinfo->type);
164 cm_return_val_if_fail(mimeinfo->privacy != NULL, 0);
165 data = (PrivacyDataPGP *) mimeinfo->privacy;
167 textdata = get_part_as_string(mimeinfo);
171 privacy_set_error(_("Couldn't get text data."));
175 /* gtk2: convert back from utf8 */
176 tmp = conv_codeset_strdup(textdata, CS_UTF_8,
177 procmime_mimeinfo_get_parameter(mimeinfo, "charset"));
179 tmp = conv_codeset_strdup(textdata, CS_UTF_8,
180 conv_get_locale_charset_str_no_utf8());
183 g_warning("Can't convert charset to anything sane");
184 tmp = conv_codeset_strdup(textdata, CS_UTF_8, CS_US_ASCII);
189 privacy_set_error(_("Couldn't convert text data to any sane charset."));
192 textdata = g_strdup(tmp);
195 if ((err = gpgme_new(&data->ctx)) != GPG_ERR_NO_ERROR) {
196 debug_print(("Couldn't initialize GPG context, %s\n"), gpgme_strerror(err));
197 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
201 gpgme_set_textmode(data->ctx, 1);
202 gpgme_set_armor(data->ctx, 1);
204 gpgme_data_new_from_mem(&plain, textdata, (size_t)strlen(textdata), 1);
205 gpgme_data_new(&cipher);
207 data->sigstatus = sgpgme_verify_signature(data->ctx, plain, NULL, cipher);
209 gpgme_data_release(plain);
210 gpgme_data_release(cipher);
217 static SignatureStatus pgpinline_get_sig_status(MimeInfo *mimeinfo)
219 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
221 cm_return_val_if_fail(data != NULL, SIGNATURE_INVALID);
223 return sgpgme_sigstat_gpgme_to_privacy(data->ctx, data->sigstatus);
226 static gchar *pgpinline_get_sig_info_short(MimeInfo *mimeinfo)
228 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
230 cm_return_val_if_fail(data != NULL, g_strdup("Error"));
232 return sgpgme_sigstat_info_short(data->ctx, data->sigstatus);
235 static gchar *pgpinline_get_sig_info_full(MimeInfo *mimeinfo)
237 PrivacyDataPGP *data = (PrivacyDataPGP *) mimeinfo->privacy;
239 cm_return_val_if_fail(data != NULL, g_strdup("Error"));
241 return sgpgme_sigstat_info_full(data->ctx, data->sigstatus);
244 static gboolean pgpinline_is_encrypted(MimeInfo *mimeinfo)
246 const gchar *begin_indicator = "-----BEGIN PGP MESSAGE-----";
247 const gchar *end_indicator = "-----END PGP MESSAGE-----";
250 cm_return_val_if_fail(mimeinfo != NULL, FALSE);
252 if (procmime_mimeinfo_parent(mimeinfo) == NULL)
253 return FALSE; /* not parent */
255 if (mimeinfo->type != MIMETYPE_TEXT &&
256 (mimeinfo->type != MIMETYPE_APPLICATION ||
257 g_ascii_strcasecmp(mimeinfo->subtype, "pgp")))
260 /* Seal the deal. This has to be text/plain through and through. */
261 if (mimeinfo->type == MIMETYPE_APPLICATION)
263 mimeinfo->type = MIMETYPE_TEXT;
264 g_free(mimeinfo->subtype);
265 mimeinfo->subtype = g_strdup("plain");
268 textdata = get_part_as_string(mimeinfo);
272 if (!pgp_locate_armor_header(textdata, begin_indicator)) {
276 if (!pgp_locate_armor_header(textdata, end_indicator)) {
286 static MimeInfo *pgpinline_decrypt(MimeInfo *mimeinfo)
288 MimeInfo *decinfo, *parseinfo;
289 gpgme_data_t cipher, plain;
292 gchar *textdata = NULL;
294 const gchar *src_codeset = NULL;
295 gpgme_verify_result_t sigstat = 0;
296 PrivacyDataPGP *data = NULL;
300 const gchar *begin_indicator = "-----BEGIN PGP MESSAGE-----";
301 const gchar *end_indicator = "-----END PGP MESSAGE-----";
304 if (gpgme_new(&ctx) != GPG_ERR_NO_ERROR)
307 gpgme_set_textmode(ctx, 1);
308 gpgme_set_armor(ctx, 1);
310 cm_return_val_if_fail(mimeinfo != NULL, NULL);
311 cm_return_val_if_fail(pgpinline_is_encrypted(mimeinfo), NULL);
313 if (procmime_mimeinfo_parent(mimeinfo) == NULL ||
314 mimeinfo->type != MIMETYPE_TEXT) {
316 privacy_set_error(_("Couldn't parse mime part."));
320 textdata = get_part_as_string(mimeinfo);
323 privacy_set_error(_("Couldn't get text data."));
327 debug_print("decrypting '%s'\n", textdata);
328 gpgme_data_new_from_mem(&cipher, textdata, (size_t)strlen(textdata), 1);
330 plain = sgpgme_decrypt_verify(cipher, &sigstat, ctx);
331 if (sigstat && !sigstat->signatures)
334 gpgme_data_release(cipher);
341 fname = g_strdup_printf("%s%cplaintext.%08x",
342 get_mime_tmp_dir(), G_DIR_SEPARATOR, ++id);
344 if ((dstfp = claws_fopen(fname, "wb")) == NULL) {
345 FILE_OP_ERROR(fname, "claws_fopen");
346 privacy_set_error(_("Couldn't open decrypted file %s"), fname);
348 gpgme_data_release(plain);
353 src_codeset = procmime_mimeinfo_get_parameter(mimeinfo, "charset");
354 if (src_codeset == NULL)
355 src_codeset = CS_ISO_8859_1;
357 if (fprintf(dstfp, "MIME-Version: 1.0\r\n"
358 "Content-Type: text/plain; charset=%s\r\n"
359 "Content-Transfer-Encoding: 8bit\r\n"
362 FILE_OP_ERROR(fname, "fprintf");
363 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
367 /* Store any part before encrypted text */
368 pos = pgp_locate_armor_header(textdata, begin_indicator);
369 if (pos != NULL && (pos - textdata) > 0) {
370 if (claws_fwrite(textdata, 1, pos - textdata, dstfp) < pos - textdata) {
371 FILE_OP_ERROR(fname, "claws_fwrite");
372 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
377 if (claws_fwrite(_("\n--- Start of PGP/Inline encrypted data ---\n"), 1,
378 strlen(_("\n--- Start of PGP/Inline encrypted data ---\n")),
379 dstfp) < strlen(_("\n--- Start of PGP/Inline encrypted data ---\n"))) {
380 FILE_OP_ERROR(fname, "claws_fwrite");
381 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
384 chars = sgpgme_data_release_and_get_mem(plain, &len);
386 if (claws_fwrite(chars, 1, len, dstfp) < len) {
387 FILE_OP_ERROR(fname, "claws_fwrite");
389 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
394 /* Store any part after encrypted text */
395 if (claws_fwrite(_("--- End of PGP/Inline encrypted data ---\n"), 1,
396 strlen(_("--- End of PGP/Inline encrypted data ---\n")),
397 dstfp) < strlen(_("--- End of PGP/Inline encrypted data ---\n"))) {
398 FILE_OP_ERROR(fname, "claws_fwrite");
399 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
403 pos = pgp_locate_armor_header(pos, end_indicator);
404 if (pos != NULL && *pos != '\0') {
405 pos += strlen(end_indicator);
406 if (claws_fwrite(pos, 1, strlen(pos), dstfp) < strlen(pos)) {
407 FILE_OP_ERROR(fname, "claws_fwrite");
408 privacy_set_error(_("Couldn't write to decrypted file %s"), fname);
414 if (claws_safe_fclose(dstfp) == EOF) {
415 FILE_OP_ERROR(fname, "claws_fclose");
416 privacy_set_error(_("Couldn't close decrypted file %s"), fname);
418 gpgme_data_release(plain);
423 parseinfo = procmime_scan_file(fname);
426 if (parseinfo == NULL) {
428 privacy_set_error(_("Couldn't scan decrypted file."));
431 decinfo = g_node_first_child(parseinfo->node) != NULL ?
432 g_node_first_child(parseinfo->node)->data : NULL;
434 if (decinfo == NULL) {
436 privacy_set_error(_("Couldn't scan decrypted file parts."));
440 g_node_unlink(decinfo->node);
441 procmime_mimeinfo_free_all(&parseinfo);
445 if (sigstat != GPGME_SIG_STAT_NONE) {
446 if (decinfo->privacy != NULL) {
447 data = (PrivacyDataPGP *) decinfo->privacy;
449 data = pgpinline_new_privacydata();
450 decinfo->privacy = (PrivacyData *) data;
453 data->done_sigtest = TRUE;
454 data->is_signed = TRUE;
455 data->sigstatus = sigstat;
457 gpgme_release(data->ctx);
468 gpgme_data_release(plain);
473 static gboolean pgpinline_sign(MimeInfo *mimeinfo, PrefsAccount *account, const gchar *from_addr)
475 MimeInfo *msgcontent;
476 gchar *textstr, *tmp;
480 gpgme_data_t gpgtext, gpgsig;
483 struct passphrase_cb_info_s info;
484 gpgme_sign_result_t result = NULL;
486 memset (&info, 0, sizeof info);
488 /* get content node from message */
489 msgcontent = (MimeInfo *) mimeinfo->node->children->data;
490 if (msgcontent->type == MIMETYPE_MULTIPART) {
491 if (!msgcontent->node->children) {
492 debug_print("msgcontent->node->children NULL, bailing\n");
493 privacy_set_error(_("Malformed message"));
496 msgcontent = (MimeInfo *) msgcontent->node->children->data;
498 /* get rid of quoted-printable or anything */
499 procmime_decode_content(msgcontent);
503 perror("my_tmpfile");
504 privacy_set_error(_("Couldn't create temporary file, %s"), g_strerror(errno));
507 procmime_write_mimeinfo(msgcontent, fp);
510 /* read temporary file into memory */
511 textstr = fp_read_noconv(fp);
515 gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
516 gpgme_data_new(&gpgsig);
517 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
518 debug_print(("Couldn't initialize GPG context, %s\n"), gpgme_strerror(err));
519 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
522 gpgme_set_textmode(ctx, 1);
523 gpgme_set_armor(ctx, 1);
525 if (!sgpgme_setup_signers(ctx, account, from_addr)) {
530 prefs_gpg_enable_agent(prefs_gpg_get_config()->use_gpg_agent);
531 if (!g_getenv("GPG_AGENT_INFO") || !prefs_gpg_get_config()->use_gpg_agent) {
533 gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
536 err = gpgme_op_sign(ctx, gpgtext, gpgsig, GPGME_SIG_MODE_CLEAR);
537 if (err != GPG_ERR_NO_ERROR) {
538 if (err == GPG_ERR_CANCELED) {
539 /* ignore cancelled signing */
540 privacy_reset_error();
541 debug_print("gpgme_op_sign cancelled\n");
543 privacy_set_error(_("Data signing failed, %s"), gpgme_strerror(err));
544 debug_print("gpgme_op_sign error : %x\n", err);
549 result = gpgme_op_sign_result(ctx);
550 if (result && result->signatures) {
551 gpgme_new_signature_t sig = result->signatures;
553 debug_print("valid signature: %s\n", sig->fpr);
556 } else if (result && result->invalid_signers) {
557 gpgme_invalid_key_t invalid = result->invalid_signers;
559 g_warning("invalid signer: %s (%s)", invalid->fpr,
560 gpgme_strerror(invalid->reason));
561 privacy_set_error(_("Data signing failed due to invalid signer: %s"),
562 gpgme_strerror(invalid->reason));
563 invalid = invalid->next;
568 /* can't get result (maybe no signing key?) */
569 debug_print("gpgme_op_sign_result error\n");
570 privacy_set_error(_("Data signing failed, no results."));
576 sigcontent = sgpgme_data_release_and_get_mem(gpgsig, &len);
578 if (sigcontent == NULL || len <= 0) {
579 g_warning("sgpgme_data_release_and_get_mem failed");
580 privacy_set_error(_("Data signing failed, no contents."));
581 gpgme_data_release(gpgtext);
588 tmp = g_malloc(len+1);
589 g_memmove(tmp, sigcontent, len+1);
591 gpgme_data_release(gpgtext);
595 if (msgcontent->content == MIMECONTENT_FILE &&
596 msgcontent->data.filename != NULL) {
597 if (msgcontent->tmp == TRUE)
598 claws_unlink(msgcontent->data.filename);
599 g_free(msgcontent->data.filename);
601 msgcontent->data.mem = g_strdup(tmp);
602 msgcontent->content = MIMECONTENT_MEM;
605 /* avoid all sorts of clear-signing problems with non ascii
608 procmime_encode_content(msgcontent, ENC_BASE64);
614 static gchar *pgpinline_get_encrypt_data(GSList *recp_names)
616 return sgpgme_get_encrypt_data(recp_names, GPGME_PROTOCOL_OpenPGP);
619 static const gchar *pgpinline_get_encrypt_warning(void)
621 if (prefs_gpg_should_skip_encryption_warning(pgpinline_system.id))
624 return _("Please note that attachments are not encrypted by "
625 "the PGP/Inline system, nor are email headers, like Subject.");
628 static void pgpinline_inhibit_encrypt_warning(gboolean inhibit)
631 prefs_gpg_add_skip_encryption_warning(pgpinline_system.id);
633 prefs_gpg_remove_skip_encryption_warning(pgpinline_system.id);
636 static gboolean pgpinline_encrypt(MimeInfo *mimeinfo, const gchar *encrypt_data)
638 MimeInfo *msgcontent;
642 gchar *textstr, *tmp;
643 gpgme_data_t gpgtext, gpgenc;
645 gpgme_key_t *kset = NULL;
646 gchar **fprs = g_strsplit(encrypt_data, " ", -1);
650 while (fprs[i] && strlen(fprs[i])) {
654 kset = g_malloc(sizeof(gpgme_key_t)*(i+1));
655 memset(kset, 0, sizeof(gpgme_key_t)*(i+1));
656 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
657 debug_print(("Couldn't initialize GPG context, %s\n"), gpgme_strerror(err));
658 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
663 while (fprs[i] && strlen(fprs[i])) {
665 err = gpgme_get_key(ctx, fprs[i], &key, 0);
667 debug_print("can't add key '%s'[%d] (%s)\n", fprs[i],i, gpgme_strerror(err));
668 privacy_set_error(_("Couldn't add GPG key %s, %s"), fprs[i], gpgme_strerror(err));
672 debug_print("found %s at %d\n", fprs[i], i);
678 debug_print("Encrypting message content\n");
680 /* get content node from message */
681 msgcontent = (MimeInfo *) mimeinfo->node->children->data;
682 if (msgcontent->type == MIMETYPE_MULTIPART) {
683 if (!msgcontent->node->children) {
684 debug_print("msgcontent->node->children NULL, bailing\n");
685 privacy_set_error(_("Malformed message"));
689 msgcontent = (MimeInfo *) msgcontent->node->children->data;
691 /* get rid of quoted-printable or anything */
692 procmime_decode_content(msgcontent);
696 privacy_set_error(_("Couldn't create temporary file, %s"), g_strerror(errno));
697 perror("my_tmpfile");
701 procmime_write_mimeinfo(msgcontent, fp);
704 /* read temporary file into memory */
705 textstr = fp_read_noconv(fp);
710 gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
711 gpgme_data_new(&gpgenc);
712 if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
713 debug_print(("Couldn't initialize GPG context, %s\n"), gpgme_strerror(err));
714 privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
718 gpgme_set_armor(ctx, 1);
720 err = gpgme_op_encrypt(ctx, kset, GPGME_ENCRYPT_ALWAYS_TRUST, gpgtext, gpgenc);
722 enccontent = sgpgme_data_release_and_get_mem(gpgenc, &len);
725 if (enccontent == NULL || len <= 0) {
726 g_warning("sgpgme_data_release_and_get_mem failed");
727 privacy_set_error(_("Encryption failed, %s"), gpgme_strerror(err));
728 gpgme_data_release(gpgtext);
735 tmp = g_malloc(len+1);
736 g_memmove(tmp, enccontent, len+1);
740 gpgme_data_release(gpgtext);
743 if (msgcontent->content == MIMECONTENT_FILE &&
744 msgcontent->data.filename != NULL) {
745 if (msgcontent->tmp == TRUE)
746 claws_unlink(msgcontent->data.filename);
747 g_free(msgcontent->data.filename);
749 msgcontent->data.mem = g_strdup(tmp);
750 msgcontent->content = MIMECONTENT_MEM;
757 static PrivacySystem pgpinline_system = {
758 "pgpinline", /* id */
759 "PGP Inline", /* name */
761 pgpinline_free_privacydata, /* free_privacydata */
763 pgpinline_is_signed, /* is_signed(MimeInfo *) */
764 pgpinline_check_signature, /* check_signature(MimeInfo *) */
765 pgpinline_get_sig_status, /* get_sig_status(MimeInfo *) */
766 pgpinline_get_sig_info_short, /* get_sig_info_short(MimeInfo *) */
767 pgpinline_get_sig_info_full, /* get_sig_info_full(MimeInfo *) */
769 pgpinline_is_encrypted, /* is_encrypted(MimeInfo *) */
770 pgpinline_decrypt, /* decrypt(MimeInfo *) */
776 pgpinline_get_encrypt_data,
778 pgpinline_get_encrypt_warning,
779 pgpinline_inhibit_encrypt_warning,
780 prefs_gpg_auto_check_signatures,
783 void pgpinline_init()
785 privacy_register_system(&pgpinline_system);
788 void pgpinline_done()
790 privacy_unregister_system(&pgpinline_system);
793 struct PluginFeature *plugin_provides(void)
795 static struct PluginFeature features[] =
796 { {PLUGIN_PRIVACY, N_("PGP/Inline")},
797 {PLUGIN_NOTHING, NULL}};
800 #endif /* USE_GPGME */