2 * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 2001 Werner Koch (dd9jn)
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
38 #include "procheader.h"
44 #include "prefs_common.h"
45 #include "passphrase.h"
46 #include "select-keys.h"
48 #include "alertpanel.h"
50 #define DIM(v) (sizeof(v)/sizeof((v)[0]))
52 static char *content_names[] = {
54 "Content-Disposition",
55 "Content-Transfer-Encoding",
59 static char *mime_version_name[] = {
65 static void dump_mimeinfo (const char *text, MimeInfo *x)
67 debug_print ("MimeInfo[%s] %p level=%d\n",
68 text, x, x? x->level:0 );
72 debug_print (" enc=`%s' enc_type=%d mime_type=%d\n",
73 x->encoding, x->encoding_type, x->mime_type );
74 debug_print (" cont_type=`%s' cs=`%s' name=`%s' bnd=`%s'\n",
75 x->content_type, x->charset, x->name, x->boundary );
76 debug_print (" cont_disp=`%s' fname=`%s' fpos=%ld size=%u, lvl=%d\n",
77 x->content_disposition, x->filename, x->fpos, x->size,
79 dump_mimeinfo (".main", x->main );
80 dump_mimeinfo (".sub", x->sub );
81 dump_mimeinfo (".next", x->next );
82 debug_print ("MimeInfo[.parent] %p\n", x );
83 dump_mimeinfo (".children", x->children );
84 dump_mimeinfo (".plaintext", x->plaintext );
87 static void dump_part ( MimeInfo *mimeinfo, FILE *fp )
89 unsigned int size = mimeinfo->size;
92 if (fseek (fp, mimeinfo->fpos, SEEK_SET)) {
93 debug_print ("dump_part: fseek error\n");
97 debug_print ("--- begin dump_part ----\n");
98 while (size-- && (c = getc (fp)) != EOF)
101 debug_print ("dump_part: read error\n");
102 debug_print ("--- end dump_part ----\n");
107 rfc2015_secure_remove (const char *fname)
111 /* fixme: overwrite the file first */
119 name_cmp(const char *a, const char *b)
121 for( ; *a && *b; a++, b++) {
123 && toupper(*(unsigned char *)a) != toupper(*(unsigned char *)b))
131 headerp(char *p, char **names)
140 if(p2[-1] == ' ' || p2[-1] == '\t') {
149 for(i = 0 ; names[i] != NULL; i++) {
150 if(!name_cmp (names[i], p))
155 return names[i] != NULL;
159 * plain contains an entire mime object.
160 * Encrypt it and return an GpgmeData object with the encrypted version of
161 * the file or NULL in case of error.
164 pgp_encrypt ( GpgmeData plain, GpgmeRecipients rset )
168 GpgmeData cipher = NULL;
170 err = gpgme_new (&ctx);
172 err = gpgme_data_new (&cipher);
174 gpgme_set_armor (ctx, 1);
175 err = gpgme_op_encrypt (ctx, rset, plain, cipher);
179 debug_print ("encryption failed: %s\n", gpgme_strerror (err));
180 gpgme_data_release (cipher);
184 debug_print ("** encryption succeeded\n");
192 * Create and return a list of keys matching a key id
195 GSList *rfc2015_create_signers_list (const char *keyid)
197 GSList *key_list = NULL;
198 GpgmeCtx list_ctx = NULL;
203 err = gpgme_new (&list_ctx);
206 err = gpgme_op_keylist_start (list_ctx, keyid, 1);
209 while ( !(err = gpgme_op_keylist_next (list_ctx, &key)) ) {
210 key_list = g_slist_append (key_list, key);
212 if (err != GPGME_EOF)
215 if (key_list == NULL) {
216 debug_print ("no keys found for keyid \"%s\"\n", keyid);
221 debug_print ("rfc2015_create_signers_list failed: %s\n", gpgme_strerror (err));
222 for (p = key_list; p != NULL; p = p->next)
223 gpgme_key_unref ((GpgmeKey) p->data);
224 g_slist_free (key_list);
227 gpgme_release (list_ctx);
228 return err ? NULL : key_list;
232 * Encrypt the file by extracting all recipients and finding the
233 * encryption keys for all of them. The file content is then replaced
234 * by the encrypted one. */
236 rfc2015_encrypt (const char *file, GSList *recp_list, gboolean ascii_armored,
237 const gchar *out_codeset)
241 int i, clineidx, saved_last;
242 char *clines[3] = {NULL};
244 GpgmeData header = NULL;
245 GpgmeData plain = NULL;
246 GpgmeData cipher = NULL;
247 GpgmeRecipients rset = NULL;
249 int mime_version_seen = 0;
252 boundary = generate_mime_boundary ("Encrypt");
254 /* Create the list of recipients */
255 rset = gpgmegtk_recipient_selection (recp_list);
257 debug_print ("error creating recipient list\n" );
261 /* Open the source file */
262 if ((fp = fopen(file, "rb")) == NULL) {
263 FILE_OP_ERROR(file, "fopen");
267 err = gpgme_data_new (&header);
269 err = gpgme_data_new (&plain);
271 debug_print ("gpgme_data_new failed: %s\n", gpgme_strerror (err));
275 /* get the content header lines from the source */
278 while (!err && fgets(buf, sizeof(buf), fp)) {
279 /* fixme: check for overlong lines */
280 if (headerp (buf, content_names)) {
281 if (clineidx >= DIM (clines)) {
282 debug_print ("rfc2015_encrypt: too many content lines\n");
285 clines[clineidx++] = g_strdup (buf);
291 if (*buf == ' ' || *buf == '\t') {
292 char *last = clines[clineidx - 1];
293 clines[clineidx - 1] = g_strconcat (last, buf, NULL);
300 if (headerp (buf, mime_version_name))
301 mime_version_seen = 1;
303 if (buf[0] == '\r' || buf[0] == '\n')
306 err = gpgme_data_write (header, buf, strlen (buf));
309 FILE_OP_ERROR (file, "fgets");
313 /* write them to the temp data and add the rest of the message */
314 for (i = 0; !err && i < clineidx; i++) {
315 debug_print ("%% %s:%d: cline=`%s'", __FILE__ ,__LINE__, clines[i]);
317 err = gpgme_data_write (plain, clines[i], strlen (clines[i]));
319 if (!err && !ascii_armored)
320 err = gpgme_data_write (plain, "\r\n", 2);
322 while (!err && fgets(buf, sizeof(buf), fp)) {
323 err = gpgme_data_write (plain, buf, strlen (buf));
326 FILE_OP_ERROR (file, "fgets");
330 debug_print ("gpgme_data_write failed: %s\n", gpgme_strerror (err));
334 cipher = pgp_encrypt (plain, rset);
335 gpgme_data_release (plain); plain = NULL;
336 gpgme_recipients_release (rset); rset = NULL;
340 /* we have the encrypted message available in cipher and now we
341 * are going to rewrite the source file. To be sure that file has
342 * been truncated we use an approach which should work everywhere:
343 * close the file and then reopen it for writing. It is important
344 * that this works, otherwise it may happen that parts of the
345 * plaintext are still in the file (The encrypted stuff is, due to
346 * compression, usually shorter than the plaintext).
348 * Yes, there is a race condition here, but everyone, who is so
349 * stupid to store the temp file with the plaintext in a public
350 * directory has to live with this anyway. */
352 FILE_OP_ERROR(file, "fclose");
355 if ((fp = fopen(file, "wb")) == NULL) {
356 FILE_OP_ERROR(file, "fopen");
360 /* Write the header, append new content lines, part 1 and part 2 header */
361 err = gpgme_data_rewind (header);
363 debug_print ("gpgme_data_rewind failed: %s\n", gpgme_strerror (err));
366 while (!(err = gpgme_data_read (header, buf, BUFFSIZE, &nread))) {
367 fwrite (buf, nread, 1, fp);
369 if (err != GPGME_EOF) {
370 debug_print ("gpgme_data_read failed: %s\n", gpgme_strerror (err));
374 FILE_OP_ERROR (file, "fwrite");
377 gpgme_data_release (header); header = NULL;
379 if (!mime_version_seen)
380 fputs ("MIME-Version: 1\r\n", fp);
384 "Content-Type: text/plain; charset=%s\r\n"
385 "Content-Disposition: inline\r\n"
386 "Content-Transfer-Encoding: 8bit\r\n"
387 "\r\n", out_codeset ? out_codeset : CS_US_ASCII);
390 "Content-Type: multipart/encrypted;"
391 " protocol=\"application/pgp-encrypted\";\r\n"
392 " boundary=\"%s\"\r\n"
395 "Content-Type: application/pgp-encrypted\r\n"
400 "Content-Type: application/octet-stream\r\n"
402 boundary, boundary, boundary);
405 /* append the encrypted stuff */
406 err = gpgme_data_rewind (cipher);
408 debug_print ("** gpgme_data_rewind on cipher failed: %s\n",
409 gpgme_strerror (err));
413 while (!(err = gpgme_data_read (cipher, buf, BUFFSIZE, &nread))) {
414 fwrite (buf, nread, 1, fp);
416 if (err != GPGME_EOF) {
417 debug_print ("** gpgme_data_read failed: %s\n", gpgme_strerror (err));
421 /* and the final boundary */
422 if (!ascii_armored) {
430 FILE_OP_ERROR (file, "fwrite");
434 gpgme_data_release (cipher);
440 gpgme_data_release (header);
441 gpgme_data_release (plain);
442 gpgme_data_release (cipher);
443 gpgme_recipients_release (rset);
445 return -1; /* error */
449 * plain contains an entire mime object. Sign it and return an
450 * GpgmeData object with the signature of it or NULL in case of error.
451 * r_siginfo returns an XML object with information about the signature.
454 pgp_sign (GpgmeData plain, GSList *key_list, gboolean clearsign,
460 GpgmeData sig = NULL;
461 struct passphrase_cb_info_s info;
464 memset (&info, 0, sizeof info);
466 err = gpgme_new (&ctx);
469 err = gpgme_data_new (&sig);
473 if (!getenv("GPG_AGENT_INFO")) {
475 gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
477 gpgme_set_textmode (ctx, 1);
478 gpgme_set_armor (ctx, 1);
479 gpgme_signers_clear (ctx);
480 for (p = key_list; p != NULL; p = p->next) {
481 err = gpgme_signers_add (ctx, (GpgmeKey) p->data);
485 for (p = key_list; p != NULL; p = p->next)
486 gpgme_key_unref ((GpgmeKey) p->data);
487 g_slist_free (key_list);
493 clearsign ? GPGME_SIG_MODE_CLEAR : GPGME_SIG_MODE_DETACH);
495 *r_siginfo = gpgme_get_op_info (ctx, 0);
499 gpgmegtk_free_passphrase();
500 debug_print ("signing failed: %s\n", gpgme_strerror (err));
501 gpgme_data_release (sig);
505 debug_print ("signing succeeded\n");
513 * Find TAG in XML and return a pointer into xml set just behind the
514 * closing angle. Return NULL if not found.
517 find_xml_tag (const char *xml, const char *tag)
519 int taglen = strlen (tag);
522 while ( (s = strchr (s, '<')) ) {
524 if (!strncmp (s, tag, taglen)) {
525 const char *s2 = s + taglen;
526 if (*s2 == '>' || isspace (*(const unsigned char*)s2) ) {
528 while (*s2 && *s2 != '>') /* skip attributes */
530 /* fixme: do need to handle angles inside attribute vallues? */
531 return *s2? (s2+1):NULL;
534 while (*s && *s != '>') /* skip to end of tag */
542 * Extract the micalg from an GnupgOperationInfo XML container.
545 extract_micalg (char *xml)
549 s = find_xml_tag (xml, "GnupgOperationInfo");
551 const char *s_end = find_xml_tag (s, "/GnupgOperationInfo");
552 s = find_xml_tag (s, "signature");
553 if (s && s_end && s < s_end) {
554 const char *s_end2 = find_xml_tag (s, "/signature");
555 if (s_end2 && s_end2 < s_end) {
556 s = find_xml_tag (s, "micalg");
557 if (s && s < s_end2) {
558 s_end = strchr (s, '<');
560 char *p = g_malloc (s_end - s + 1);
561 memcpy (p, s, s_end - s);
574 * Sign the file and replace its content with the signed one.
577 rfc2015_sign (const char *file, GSList *key_list)
581 int i, clineidx, saved_last;
582 char *clines[3] = {NULL};
584 GpgmeData header = NULL;
585 GpgmeData plain = NULL;
586 GpgmeData sigdata = NULL;
588 int mime_version_seen = 0;
593 boundary = generate_mime_boundary ("Signature");
595 /* Open the source file */
596 if ((fp = fopen(file, "rb")) == NULL) {
597 FILE_OP_ERROR(file, "fopen");
601 err = gpgme_data_new (&header);
603 err = gpgme_data_new (&plain);
605 debug_print ("gpgme_data_new failed: %s\n", gpgme_strerror (err));
609 /* get the content header lines from the source */
612 while (!err && fgets(buf, sizeof(buf), fp)) {
613 /* fixme: check for overlong lines */
614 if (headerp (buf, content_names)) {
615 if (clineidx >= DIM (clines)) {
616 debug_print ("rfc2015_sign: too many content lines\n");
619 clines[clineidx++] = g_strdup (buf);
624 if (*buf == ' ' || *buf == '\t') {
625 char *last = clines[clineidx - 1];
626 clines[clineidx - 1] = g_strconcat (last, buf, NULL);
633 if (headerp (buf, mime_version_name))
634 mime_version_seen = 1;
636 if (buf[0] == '\r' || buf[0] == '\n')
638 err = gpgme_data_write (header, buf, strlen (buf));
641 FILE_OP_ERROR (file, "fgets");
645 /* write them to the temp data and add the rest of the message */
646 for (i = 0; !err && i < clineidx; i++) {
647 err = gpgme_data_write (plain, clines[i], strlen (clines[i]));
650 err = gpgme_data_write (plain, "\r\n", 2 );
651 while (!err && fgets(buf, sizeof(buf), fp)) {
652 err = gpgme_data_write (plain, buf, strlen (buf));
655 FILE_OP_ERROR (file, "fgets");
659 debug_print ("gpgme_data_write failed: %s\n", gpgme_strerror (err));
663 sigdata = pgp_sign (plain, key_list, FALSE, &siginfo);
665 micalg = extract_micalg (siginfo);
671 /* we have the signed message available in sigdata and now we are
672 * going to rewrite the original file. To be sure that file has
673 * been truncated we use an approach which should work everywhere:
674 * close the file and then reopen it for writing. */
676 FILE_OP_ERROR(file, "fclose");
679 if ((fp = fopen(file, "wb")) == NULL) {
680 FILE_OP_ERROR(file, "fopen");
684 /* Write the rfc822 header and add new content lines */
685 err = gpgme_data_rewind (header);
687 debug_print ("gpgme_data_rewind failed: %s\n", gpgme_strerror (err));
688 while (!(err = gpgme_data_read (header, buf, BUFFSIZE, &nread))) {
689 fwrite (buf, nread, 1, fp);
691 if (err != GPGME_EOF) {
692 debug_print ("gpgme_data_read failed: %s\n", gpgme_strerror (err));
696 FILE_OP_ERROR (file, "fwrite");
699 gpgme_data_release (header);
702 if (!mime_version_seen)
703 fputs ("MIME-Version: 1.0\r\n", fp);
704 fprintf (fp, "Content-Type: multipart/signed; "
705 "protocol=\"application/pgp-signature\";\r\n");
707 fprintf (fp, " micalg=\"%s\";\r\n", micalg);
708 fprintf (fp, " boundary=\"%s\"\r\n", boundary);
710 /* Part 1: signed material */
714 err = gpgme_data_rewind (plain);
716 debug_print ("gpgme_data_rewind on plain failed: %s\n",
717 gpgme_strerror (err));
720 while (!(err = gpgme_data_read (plain, buf, BUFFSIZE, &nread))) {
721 fwrite (buf, nread, 1, fp);
723 if (err != GPGME_EOF) {
724 debug_print ("gpgme_data_read failed: %s\n", gpgme_strerror (err));
728 /* Part 2: signature */
732 fputs ("Content-Type: application/pgp-signature\r\n"
735 err = gpgme_data_rewind (sigdata);
737 debug_print ("gpgme_data_rewind on sigdata failed: %s\n",
738 gpgme_strerror (err));
742 while (!(err = gpgme_data_read (sigdata, buf, BUFFSIZE, &nread))) {
743 fwrite (buf, nread, 1, fp);
745 if (err != GPGME_EOF) {
746 debug_print ("gpgme_data_read failed: %s\n", gpgme_strerror (err));
756 FILE_OP_ERROR (file, "fwrite");
760 gpgme_data_release (header);
761 gpgme_data_release (plain);
762 gpgme_data_release (sigdata);
770 gpgme_data_release (header);
771 gpgme_data_release (plain);
772 gpgme_data_release (sigdata);
775 return -1; /* error */
780 * Sign the file with clear text and replace its content with the signed one.
783 rfc2015_clearsign (const gchar *file, GSList *key_list)
788 GpgmeData text = NULL;
789 GpgmeData sigdata = NULL;
793 if ((fp = fopen(file, "rb")) == NULL) {
794 FILE_OP_ERROR(file, "fopen");
798 err = gpgme_data_new(&text);
800 debug_print("gpgme_data_new failed: %s\n", gpgme_strerror(err));
804 while (!err && fgets(buf, sizeof(buf), fp)) {
805 err = gpgme_data_write(text, buf, strlen(buf));
808 FILE_OP_ERROR(file, "fgets");
812 debug_print("gpgme_data_write failed: %s\n", gpgme_strerror(err));
816 sigdata = pgp_sign(text, key_list, TRUE, &siginfo);
823 if (fclose(fp) == EOF) {
824 FILE_OP_ERROR(file, "fclose");
828 if ((fp = fopen(file, "wb")) == NULL) {
829 FILE_OP_ERROR(file, "fopen");
833 err = gpgme_data_rewind(sigdata);
835 debug_print("gpgme_data_rewind on sigdata failed: %s\n",
836 gpgme_strerror(err));
840 while (!(err = gpgme_data_read(sigdata, buf, sizeof(buf), &nread))) {
841 fwrite(buf, nread, 1, fp);
843 if (err != GPGME_EOF) {
844 debug_print("gpgme_data_read failed: %s\n", gpgme_strerror(err));
848 if (fclose(fp) == EOF) {
849 FILE_OP_ERROR(file, "fclose");
853 gpgme_data_release(text);
854 gpgme_data_release(sigdata);
860 gpgme_data_release(text);
861 gpgme_data_release(sigdata);
865 #endif /* USE_GPGME */