static void i_stream_decrypt_destroy(struct iostream_private *stream) { struct decrypt_istream *dstream = (struct decrypt_istream *)stream; if (dstream->buf != NULL) buffer_free(&dstream->buf); if (dstream->iv != NULL) i_free_and_null(dstream->iv); if (dstream->ctx_sym != NULL) dcrypt_ctx_sym_destroy(&(dstream->ctx_sym)); if (dstream->ctx_mac != NULL) dcrypt_ctx_hmac_destroy(&(dstream->ctx_mac)); if (dstream->priv_key != NULL) dcrypt_key_unref_private(&(dstream->priv_key)); i_stream_unref(&(dstream->istream.parent)); }
static int mail_crypt_mail_save_begin(struct mail_save_context *ctx, struct istream *input) { const char *pubid; struct mailbox *box = ctx->transaction->box; struct mail_crypt_mailbox *mbox = MAIL_CRYPT_CONTEXT(box); struct mail_crypt_user *muser = MAIL_CRYPT_USER_CONTEXT(box->storage->user); i_assert(muser != NULL); enum io_stream_encrypt_flags enc_flags; if (muser->save_version == 1) { enc_flags = IO_STREAM_ENC_VERSION_1; } else if (muser->save_version == 2) { enc_flags = IO_STREAM_ENC_INTEGRITY_AEAD; } else { i_assert(muser->save_version == 0); i_panic("mail_crypt_mail_save_begin not supposed to be called" "when mail_crypt_save_version is 0"); } if (mbox->module_ctx.super.save_begin(ctx, input) < 0) return -1; struct dcrypt_public_key *pub_key; if (muser->global_keys.public_key != NULL) pub_key = muser->global_keys.public_key; else if (mbox->pub_key != NULL) pub_key = mbox->pub_key; else { const char *error; int ret; if ((ret = mail_crypt_box_get_public_key(box, &pub_key, &error)) <= 0) { struct dcrypt_keypair pair; if (ret < 0) { mail_storage_set_error(box->storage, MAIL_ERROR_PARAMS, t_strdup_printf("get_public_key(%s) failed: %s", mailbox_get_vname(box), error)); return ret; } if (muser->save_version < 2) { mail_storage_set_error(box->storage, MAIL_ERROR_PARAMS, t_strdup_printf("generate_keypair(%s) failed: " "unsupported save_version=%d", mailbox_get_vname(box), muser->save_version)); return -1; } if (mail_crypt_box_generate_keypair(box, &pair, NULL, &pubid, &error) < 0) { mail_storage_set_error(box->storage, MAIL_ERROR_PARAMS, t_strdup_printf("generate_keypair(%s) failed: %s", mailbox_get_vname(box), error)); return -1; } pub_key = pair.pub; dcrypt_key_unref_private(&pair.priv); } mbox->pub_key = pub_key; } /* encryption is the outermost layer (zlib etc. are inside) */ struct ostream *output = o_stream_create_encrypt(ctx->data.output, MAIL_CRYPT_ENC_ALGORITHM, pub_key, enc_flags); o_stream_unref(&ctx->data.output); ctx->data.output = output; o_stream_cork(ctx->data.output); return 0; }