2 * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 2001 Werner Koch (dd9jn)
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
38 #include "procheader.h"
44 #include "prefs_common.h"
45 #include "passphrase.h"
46 #include "select-keys.h"
47 #include "sigstatus.h"
49 #include "alertpanel.h"
51 #define DIM(v) (sizeof(v)/sizeof((v)[0]))
53 static char *content_names[] = {
55 "Content-Disposition",
56 "Content-Transfer-Encoding",
60 static char *mime_version_name[] = {
66 static void dump_mimeinfo (const char *text, MimeInfo *x)
68 debug_print ("MimeInfo[%s] %p level=%d\n",
69 text, x, x? x->level:0 );
73 debug_print (" enc=`%s' enc_type=%d mime_type=%d\n",
74 x->encoding, x->encoding_type, x->mime_type );
75 debug_print (" cont_type=`%s' cs=`%s' name=`%s' bnd=`%s'\n",
76 x->content_type, x->charset, x->name, x->boundary );
77 debug_print (" cont_disp=`%s' fname=`%s' fpos=%ld size=%u, lvl=%d\n",
78 x->content_disposition, x->filename, x->fpos, x->size,
80 dump_mimeinfo (".main", x->main );
81 dump_mimeinfo (".sub", x->sub );
82 dump_mimeinfo (".next", x->next );
83 debug_print ("MimeInfo[.parent] %p\n", x );
84 dump_mimeinfo (".children", x->children );
85 dump_mimeinfo (".plaintext", x->plaintext );
88 static void dump_part ( MimeInfo *mimeinfo, FILE *fp )
90 unsigned int size = mimeinfo->size;
93 if (fseek (fp, mimeinfo->fpos, SEEK_SET)) {
94 debug_print ("dump_part: fseek error\n");
98 debug_print ("--- begin dump_part ----\n");
99 while (size-- && (c = getc (fp)) != EOF)
102 debug_print ("dump_part: read error\n");
103 debug_print ("--- end dump_part ----\n");
108 rfc2015_secure_remove (const char *fname)
112 /* fixme: overwrite the file first */
120 name_cmp(const char *a, const char *b)
122 for( ; *a && *b; a++, b++) {
124 && toupper(*(unsigned char *)a) != toupper(*(unsigned char *)b))
132 headerp(char *p, char **names)
141 if(p2[-1] == ' ' || p2[-1] == '\t') {
150 for(i = 0 ; names[i] != NULL; i++) {
151 if(!name_cmp (names[i], p))
156 return names[i] != NULL;
160 * plain contains an entire mime object.
161 * Encrypt it and return an GpgmeData object with the encrypted version of
162 * the file or NULL in case of error.
165 pgp_encrypt ( GpgmeData plain, GpgmeRecipients rset )
169 GpgmeData cipher = NULL;
171 err = gpgme_new (&ctx);
173 err = gpgme_data_new (&cipher);
175 gpgme_set_armor (ctx, 1);
176 err = gpgme_op_encrypt (ctx, rset, plain, cipher);
180 debug_print ("encryption failed: %s\n", gpgme_strerror (err));
181 gpgme_data_release (cipher);
185 debug_print ("** encryption succeeded\n");
193 * Create and return a list of keys matching a key id
196 GSList *rfc2015_create_signers_list (const char *keyid)
198 GSList *key_list = NULL;
199 GpgmeCtx list_ctx = NULL;
204 err = gpgme_new (&list_ctx);
207 err = gpgme_op_keylist_start (list_ctx, keyid, 1);
210 while ( !(err = gpgme_op_keylist_next (list_ctx, &key)) ) {
211 key_list = g_slist_append (key_list, key);
213 if (err != GPGME_EOF)
216 if (key_list == NULL) {
217 debug_print ("no keys found for keyid \"%s\"\n", keyid);
222 debug_print ("rfc2015_create_signers_list failed: %s\n", gpgme_strerror (err));
223 for (p = key_list; p != NULL; p = p->next)
224 gpgme_key_unref ((GpgmeKey) p->data);
225 g_slist_free (key_list);
228 gpgme_release (list_ctx);
229 return err ? NULL : key_list;
233 * Encrypt the file by extracting all recipients and finding the
234 * encryption keys for all of them. The file content is then replaced
235 * by the encrypted one. */
237 rfc2015_encrypt (const char *file, GSList *recp_list, gboolean ascii_armored)
241 int i, clineidx, saved_last;
242 char *clines[3] = {NULL};
244 GpgmeData header = NULL;
245 GpgmeData plain = NULL;
246 GpgmeData cipher = NULL;
247 GpgmeRecipients rset = NULL;
249 int mime_version_seen = 0;
252 boundary = generate_mime_boundary ("Encrypt");
254 /* Create the list of recipients */
255 rset = gpgmegtk_recipient_selection (recp_list);
257 debug_print ("error creating recipient list\n" );
261 /* Open the source file */
262 if ((fp = fopen(file, "rb")) == NULL) {
263 FILE_OP_ERROR(file, "fopen");
267 err = gpgme_data_new (&header);
269 err = gpgme_data_new (&plain);
271 debug_print ("gpgme_data_new failed: %s\n", gpgme_strerror (err));
275 /* get the content header lines from the source */
278 while (!err && fgets(buf, sizeof(buf), fp)) {
279 /* fixme: check for overlong lines */
280 if (headerp (buf, content_names)) {
281 if (clineidx >= DIM (clines)) {
282 debug_print ("rfc2015_encrypt: too many content lines\n");
285 clines[clineidx++] = g_strdup (buf);
290 if (*buf == ' ' || *buf == '\t') {
291 char *last = clines[clineidx - 1];
292 clines[clineidx - 1] = g_strconcat (last, buf, NULL);
299 if (headerp (buf, mime_version_name))
300 mime_version_seen = 1;
302 if (buf[0] == '\r' || buf[0] == '\n')
304 err = gpgme_data_write (header, buf, strlen (buf));
307 FILE_OP_ERROR (file, "fgets");
311 /* write them to the temp data and add the rest of the message */
312 for (i = 0; !err && i < clineidx; i++) {
313 debug_print ("%% %s:%d: cline=`%s'", __FILE__ ,__LINE__, clines[i]);
314 err = gpgme_data_write (plain, clines[i], strlen (clines[i]));
317 err = gpgme_data_write (plain, "\r\n", 2);
318 while (!err && fgets(buf, sizeof(buf), fp)) {
319 err = gpgme_data_write (plain, buf, strlen (buf));
322 FILE_OP_ERROR (file, "fgets");
326 debug_print ("gpgme_data_write failed: %s\n", gpgme_strerror (err));
330 cipher = pgp_encrypt (plain, rset);
331 gpgme_data_release (plain); plain = NULL;
332 gpgme_recipients_release (rset); rset = NULL;
336 /* we have the encrypted message available in cipher and now we
337 * are going to rewrite the source file. To be sure that file has
338 * been truncated we use an approach which should work everywhere:
339 * close the file and then reopen it for writing. It is important
340 * that this works, otherwise it may happen that parts of the
341 * plaintext are still in the file (The encrypted stuff is, due to
342 * compression, usually shorter than the plaintext).
344 * Yes, there is a race condition here, but everyone, who is so
345 * stupid to store the temp file with the plaintext in a public
346 * directory has to live with this anyway. */
348 FILE_OP_ERROR(file, "fclose");
351 if ((fp = fopen(file, "wb")) == NULL) {
352 FILE_OP_ERROR(file, "fopen");
356 /* Write the header, append new content lines, part 1 and part 2 header */
357 err = gpgme_data_rewind (header);
359 debug_print ("gpgme_data_rewind failed: %s\n", gpgme_strerror (err));
362 while (!(err = gpgme_data_read (header, buf, BUFFSIZE, &nread))) {
363 fwrite (buf, nread, 1, fp);
365 if (err != GPGME_EOF) {
366 debug_print ("gpgme_data_read failed: %s\n", gpgme_strerror (err));
370 FILE_OP_ERROR (file, "fwrite");
373 gpgme_data_release (header); header = NULL;
375 if (!mime_version_seen)
376 fputs ("MIME-Version: 1\r\n", fp);
380 "Content-Type: text/plain; charset=US-ASCII\r\n"
381 "Content-Transfer-Encoding: 7bit\r\n"
385 "Content-Type: multipart/encrypted;"
386 " protocol=\"application/pgp-encrypted\";\r\n"
387 " boundary=\"%s\"\r\n"
390 "Content-Type: application/pgp-encrypted\r\n"
395 "Content-Type: application/octet-stream\r\n"
397 boundary, boundary, boundary);
400 /* append the encrypted stuff */
401 err = gpgme_data_rewind (cipher);
403 debug_print ("** gpgme_data_rewind on cipher failed: %s\n",
404 gpgme_strerror (err));
408 while (!(err = gpgme_data_read (cipher, buf, BUFFSIZE, &nread))) {
409 fwrite (buf, nread, 1, fp);
411 if (err != GPGME_EOF) {
412 debug_print ("** gpgme_data_read failed: %s\n", gpgme_strerror (err));
416 /* and the final boundary */
417 if (!ascii_armored) {
425 FILE_OP_ERROR (file, "fwrite");
429 gpgme_data_release (cipher);
435 gpgme_data_release (header);
436 gpgme_data_release (plain);
437 gpgme_data_release (cipher);
438 gpgme_recipients_release (rset);
440 return -1; /* error */
444 * plain contains an entire mime object. Sign it and return an
445 * GpgmeData object with the signature of it or NULL in case of error.
446 * r_siginfo returns an XML object with information about the signature.
449 pgp_sign (GpgmeData plain, GSList *key_list, gboolean clearsign,
455 GpgmeData sig = NULL;
456 struct passphrase_cb_info_s info;
459 memset (&info, 0, sizeof info);
461 err = gpgme_new (&ctx);
464 err = gpgme_data_new (&sig);
468 if (!getenv("GPG_AGENT_INFO")) {
470 gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
472 gpgme_set_textmode (ctx, 1);
473 gpgme_set_armor (ctx, 1);
474 gpgme_signers_clear (ctx);
475 for (p = key_list; p != NULL; p = p->next) {
476 err = gpgme_signers_add (ctx, (GpgmeKey) p->data);
480 for (p = key_list; p != NULL; p = p->next)
481 gpgme_key_unref ((GpgmeKey) p->data);
482 g_slist_free (key_list);
488 clearsign ? GPGME_SIG_MODE_CLEAR : GPGME_SIG_MODE_DETACH);
490 *r_siginfo = gpgme_get_op_info (ctx, 0);
494 gpgmegtk_free_passphrase();
495 debug_print ("signing failed: %s\n", gpgme_strerror (err));
496 gpgme_data_release (sig);
500 debug_print ("signing succeeded\n");
508 * Find TAG in XML and return a pointer into xml set just behind the
509 * closing angle. Return NULL if not found.
512 find_xml_tag (const char *xml, const char *tag)
514 int taglen = strlen (tag);
517 while ( (s = strchr (s, '<')) ) {
519 if (!strncmp (s, tag, taglen)) {
520 const char *s2 = s + taglen;
521 if (*s2 == '>' || isspace (*(const unsigned char*)s2) ) {
523 while (*s2 && *s2 != '>') /* skip attributes */
525 /* fixme: do need to handle angles inside attribute vallues? */
526 return *s2? (s2+1):NULL;
529 while (*s && *s != '>') /* skip to end of tag */
537 * Extract the micalg from an GnupgOperationInfo XML container.
540 extract_micalg (char *xml)
544 s = find_xml_tag (xml, "GnupgOperationInfo");
546 const char *s_end = find_xml_tag (s, "/GnupgOperationInfo");
547 s = find_xml_tag (s, "signature");
548 if (s && s_end && s < s_end) {
549 const char *s_end2 = find_xml_tag (s, "/signature");
550 if (s_end2 && s_end2 < s_end) {
551 s = find_xml_tag (s, "micalg");
552 if (s && s < s_end2) {
553 s_end = strchr (s, '<');
555 char *p = g_malloc (s_end - s + 1);
556 memcpy (p, s, s_end - s);
569 * Sign the file and replace its content with the signed one.
572 rfc2015_sign (const char *file, GSList *key_list)
576 int i, clineidx, saved_last;
577 char *clines[3] = {NULL};
579 GpgmeData header = NULL;
580 GpgmeData plain = NULL;
581 GpgmeData sigdata = NULL;
583 int mime_version_seen = 0;
588 boundary = generate_mime_boundary ("Signature");
590 /* Open the source file */
591 if ((fp = fopen(file, "rb")) == NULL) {
592 FILE_OP_ERROR(file, "fopen");
596 err = gpgme_data_new (&header);
598 err = gpgme_data_new (&plain);
600 debug_print ("gpgme_data_new failed: %s\n", gpgme_strerror (err));
604 /* get the content header lines from the source */
607 while (!err && fgets(buf, sizeof(buf), fp)) {
608 /* fixme: check for overlong lines */
609 if (headerp (buf, content_names)) {
610 if (clineidx >= DIM (clines)) {
611 debug_print ("rfc2015_sign: too many content lines\n");
614 clines[clineidx++] = g_strdup (buf);
619 if (*buf == ' ' || *buf == '\t') {
620 char *last = clines[clineidx - 1];
621 clines[clineidx - 1] = g_strconcat (last, buf, NULL);
628 if (headerp (buf, mime_version_name))
629 mime_version_seen = 1;
631 if (buf[0] == '\r' || buf[0] == '\n')
633 err = gpgme_data_write (header, buf, strlen (buf));
636 FILE_OP_ERROR (file, "fgets");
640 /* write them to the temp data and add the rest of the message */
641 for (i = 0; !err && i < clineidx; i++) {
642 err = gpgme_data_write (plain, clines[i], strlen (clines[i]));
645 err = gpgme_data_write (plain, "\r\n", 2 );
646 while (!err && fgets(buf, sizeof(buf), fp)) {
647 err = gpgme_data_write (plain, buf, strlen (buf));
650 FILE_OP_ERROR (file, "fgets");
654 debug_print ("gpgme_data_write failed: %s\n", gpgme_strerror (err));
658 sigdata = pgp_sign (plain, key_list, FALSE, &siginfo);
660 micalg = extract_micalg (siginfo);
666 /* we have the signed message available in sigdata and now we are
667 * going to rewrite the original file. To be sure that file has
668 * been truncated we use an approach which should work everywhere:
669 * close the file and then reopen it for writing. */
671 FILE_OP_ERROR(file, "fclose");
674 if ((fp = fopen(file, "wb")) == NULL) {
675 FILE_OP_ERROR(file, "fopen");
679 /* Write the rfc822 header and add new content lines */
680 err = gpgme_data_rewind (header);
682 debug_print ("gpgme_data_rewind failed: %s\n", gpgme_strerror (err));
683 while (!(err = gpgme_data_read (header, buf, BUFFSIZE, &nread))) {
684 fwrite (buf, nread, 1, fp);
686 if (err != GPGME_EOF) {
687 debug_print ("gpgme_data_read failed: %s\n", gpgme_strerror (err));
691 FILE_OP_ERROR (file, "fwrite");
694 gpgme_data_release (header);
697 if (!mime_version_seen)
698 fputs ("MIME-Version: 1.0\r\n", fp);
699 fprintf (fp, "Content-Type: multipart/signed; "
700 "protocol=\"application/pgp-signature\";\r\n");
702 fprintf (fp, " micalg=\"%s\";\r\n", micalg);
703 fprintf (fp, " boundary=\"%s\"\r\n", boundary);
705 /* Part 1: signed material */
709 err = gpgme_data_rewind (plain);
711 debug_print ("gpgme_data_rewind on plain failed: %s\n",
712 gpgme_strerror (err));
715 while (!(err = gpgme_data_read (plain, buf, BUFFSIZE, &nread))) {
716 fwrite (buf, nread, 1, fp);
718 if (err != GPGME_EOF) {
719 debug_print ("gpgme_data_read failed: %s\n", gpgme_strerror (err));
723 /* Part 2: signature */
727 fputs ("Content-Type: application/pgp-signature\r\n"
730 err = gpgme_data_rewind (sigdata);
732 debug_print ("gpgme_data_rewind on sigdata failed: %s\n",
733 gpgme_strerror (err));
737 while (!(err = gpgme_data_read (sigdata, buf, BUFFSIZE, &nread))) {
738 fwrite (buf, nread, 1, fp);
740 if (err != GPGME_EOF) {
741 debug_print ("gpgme_data_read failed: %s\n", gpgme_strerror (err));
751 FILE_OP_ERROR (file, "fwrite");
755 gpgme_data_release (header);
756 gpgme_data_release (plain);
757 gpgme_data_release (sigdata);
765 gpgme_data_release (header);
766 gpgme_data_release (plain);
767 gpgme_data_release (sigdata);
770 return -1; /* error */
775 * Sign the file with clear text and replace its content with the signed one.
778 rfc2015_clearsign (const gchar *file, GSList *key_list)
783 GpgmeData text = NULL;
784 GpgmeData sigdata = NULL;
788 if ((fp = fopen(file, "rb")) == NULL) {
789 FILE_OP_ERROR(file, "fopen");
793 err = gpgme_data_new(&text);
795 debug_print("gpgme_data_new failed: %s\n", gpgme_strerror(err));
799 while (!err && fgets(buf, sizeof(buf), fp)) {
800 err = gpgme_data_write(text, buf, strlen(buf));
803 FILE_OP_ERROR(file, "fgets");
807 debug_print("gpgme_data_write failed: %s\n", gpgme_strerror(err));
811 sigdata = pgp_sign(text, key_list, TRUE, &siginfo);
818 if (fclose(fp) == EOF) {
819 FILE_OP_ERROR(file, "fclose");
823 if ((fp = fopen(file, "wb")) == NULL) {
824 FILE_OP_ERROR(file, "fopen");
828 err = gpgme_data_rewind(sigdata);
830 debug_print("gpgme_data_rewind on sigdata failed: %s\n",
831 gpgme_strerror(err));
835 while (!(err = gpgme_data_read(sigdata, buf, sizeof(buf), &nread))) {
836 fwrite(buf, nread, 1, fp);
838 if (err != GPGME_EOF) {
839 debug_print("gpgme_data_read failed: %s\n", gpgme_strerror(err));
843 if (fclose(fp) == EOF) {
844 FILE_OP_ERROR(file, "fclose");
848 gpgme_data_release(text);
849 gpgme_data_release(sigdata);
855 gpgme_data_release(text);
856 gpgme_data_release(sigdata);
860 #endif /* USE_GPGME */