static gboolean encrypt_sign_start (SeahorseToolMode *mode, const gchar *uri, gpgme_data_t uridata, SeahorsePGPOperation *pop, GError **err) { gpgme_data_t cipher; gpgme_error_t gerr; gchar *touri; g_assert (mode->recipients && mode->recipients[0]); /* File to encrypt to */ touri = seahorse_util_add_suffix (uri, SEAHORSE_CRYPT_SUFFIX, _("Choose Encrypted File Name for '%s'")); if (!touri) return FALSE; /* Open necessary files, release these with the operation */ cipher = seahorse_vfs_data_create (touri, SEAHORSE_VFS_WRITE | SEAHORSE_VFS_DELAY, err); g_free (touri); if (!cipher) return FALSE; g_object_set_data_full (G_OBJECT (pop), "cipher-data", cipher, (GDestroyNotify)gpgme_data_release); gpgme_set_armor (pop->gctx, seahorse_gconf_get_boolean (ARMOR_KEY)); gpgme_set_textmode (pop->gctx, FALSE); /* Start actual encryption */ gpgme_signers_clear (pop->gctx); if (mode->signer) { gpgme_signers_add (pop->gctx, mode->signer); gerr = gpgme_op_encrypt_sign_start (pop->gctx, mode->recipients, GPGME_ENCRYPT_ALWAYS_TRUST, uridata, cipher); } else { gerr = gpgme_op_encrypt_start (pop->gctx, mode->recipients, GPGME_ENCRYPT_ALWAYS_TRUST, uridata, cipher); } if (gerr != 0) { seahorse_util_gpgme_to_error (gerr, err); return FALSE; } return TRUE; }
/** * crypto: the crypto service (#SeahorseServiceCrypto) * recipients: A list of recipients (keyids "openpgp:B8098FB063E2C811") * Must be empty when symmetric encryption is used. * signer: optional, the keyid of the signer * flags: FLAG_SYMMETRIC to perform symmetric encryption * cleartext: the text to encrypt * clearlength: Length of the cleartext * crypttext: the encrypted text (out) * cryptlength: the length of this text (out) * textmode: TRUE if gpgme should use textmode * ascii_armor: TRUE if GPGME should use ascii armor * error: The Error * * Handles encryption in a generic way. Can be used by several DBus APIs * * Returns TRUE on success **/ static gboolean crypto_encrypt_generic (SeahorseServiceCrypto *crypto, const char **recipients, const char *signer, int flags, const char *cleartext, gsize clearlength, char **crypttext, gsize *cryptlength, gboolean textmode, gboolean ascii_armor, GError **error) { GList *recipkeys = NULL; SeahorseGpgmeOperation *pop; SeahorseObject *signkey = NULL; SeahorseObject *skey; gpgme_key_t *recips; gboolean symmetric = FALSE; gpgme_data_t plain, cipher; gpgme_error_t gerr; gboolean ret = TRUE; GSettings *settings; gchar *keyid; if ((flags & FLAG_SYMMETRIC) == FLAG_SYMMETRIC) symmetric = TRUE; if (symmetric && recipients[0] != NULL) { g_set_error (error, SEAHORSE_DBUS_ERROR, SEAHORSE_DBUS_ERROR_INVALID, _("Recipients specified for symmetric encryption")); return FALSE; } /* The signer */ if (signer && signer[0]) { signkey = seahorse_context_object_from_dbus (SCTX_APP (), signer); if (!signkey) { g_set_error (error, SEAHORSE_DBUS_ERROR, SEAHORSE_DBUS_ERROR_INVALID, _("Invalid or unrecognized signer: %s"), signer); return FALSE; } if (!SEAHORSE_IS_GPGME_KEY (signkey) || !(seahorse_object_get_flags (signkey) & SEAHORSE_FLAG_CAN_SIGN)) { g_set_error (error, SEAHORSE_DBUS_ERROR, SEAHORSE_DBUS_ERROR_INVALID, _("Key is not valid for signing: %s"), signer); return FALSE; } } if (!symmetric) { /* The recipients */ for( ; recipients[0]; recipients++) { skey = seahorse_context_object_from_dbus (SCTX_APP (), recipients[0]); if (!skey) { g_list_free (recipkeys); g_set_error (error, SEAHORSE_DBUS_ERROR, SEAHORSE_DBUS_ERROR_INVALID, _("Invalid or unrecognized recipient: %s"), recipients[0]); return FALSE; } if (!SEAHORSE_IS_GPGME_KEY (skey) || !(seahorse_object_get_flags (skey) & SEAHORSE_FLAG_CAN_ENCRYPT)) { g_list_free (recipkeys); g_set_error (error, SEAHORSE_DBUS_ERROR, SEAHORSE_DBUS_ERROR_INVALID, _("Key is not a valid recipient for encryption: %s"), recipients[0]); return FALSE; } recipkeys = g_list_prepend (recipkeys, SEAHORSE_PGP_KEY (skey)); } if (!recipkeys) { g_set_error (error, SEAHORSE_DBUS_ERROR, SEAHORSE_DBUS_ERROR_INVALID, _("No recipients specified")); return FALSE; } } pop = seahorse_gpgme_operation_new (NULL); /* new data form text */ gerr = gpgme_data_new_from_mem (&plain, cleartext, clearlength, FALSE); g_return_val_if_fail (GPG_IS_OK (gerr), FALSE); gerr = gpgme_data_new (&cipher); g_return_val_if_fail (GPG_IS_OK (gerr), FALSE); /* encrypt with armor */ gpgme_set_textmode (pop->gctx, textmode); gpgme_set_armor (pop->gctx, ascii_armor); if (symmetric) { /* gpgme_op_encrypt{_sign,}_start() will perform symmetric encryption * when no recipients are specified. */ recips = NULL; } else { /* Add the default key if set and necessary */ settings = g_settings_new ("org.gnome.crypto.pgp"); if (g_settings_get_boolean (settings, "encrypt-to-self")) { keyid = g_settings_get_string (settings, "default-key"); if (keyid && keyid[0]) { skey = seahorse_context_find_object (NULL, g_quark_from_string (keyid), SEAHORSE_LOCATION_LOCAL); if (SEAHORSE_IS_PGP_KEY (skey)) recipkeys = g_list_append (recipkeys, skey); } g_free (keyid); } g_object_unref (settings); /* Make keys into the right format for GPGME */ recips = keylist_to_keys (recipkeys); g_list_free (recipkeys); } /* Do the encryption */ if (signkey) { gpgme_signers_add (pop->gctx, seahorse_gpgme_key_get_private (SEAHORSE_GPGME_KEY (signkey))); gerr = gpgme_op_encrypt_sign_start (pop->gctx, recips, GPGME_ENCRYPT_ALWAYS_TRUST, plain, cipher); } else { gerr = gpgme_op_encrypt_start (pop->gctx, recips, GPGME_ENCRYPT_ALWAYS_TRUST, plain, cipher); } free_keys (recips); /* Frees cipher */ ret = process_crypto_result (pop, gerr, cipher, crypttext, cryptlength, error); g_object_unref (pop); gpgme_data_release (plain); return ret; }
/** * crypto: the crypto service (#SeahorseServiceCrypto) * recipients: A list of recipients (keyids "openpgp:B8098FB063E2C811") * signer: optional, the keyid of the signer * flags: 0, not used * cleartext: the text to encrypt * clearlength: Length of the cleartext * crypttext: the encrypted text (out) * cryptlength: the length of this text (out) * textmode: TRUE if gpgme should use textmode * ascii_armor: TRUE if GPGME should use ascii armor * error: The Error * * Handles encryption in a generic way. Can be used by several DBus APIs * * Returns TRUE on success **/ static gboolean crypto_encrypt_generic (SeahorseServiceCrypto *crypto, const char **recipients, const char *signer, int flags, const char *cleartext, gsize clearlength, char **crypttext, gsize *cryptlength, gboolean textmode, gboolean ascii_armor, GError **error) { GList *recipkeys = NULL; SeahorseGpgmeOperation *pop; SeahorseObject *signkey = NULL; SeahorseObject *skey; gpgme_key_t *recips; gpgme_data_t plain, cipher; gpgme_error_t gerr; gboolean ret = TRUE; /* * TODO: Once we support different kinds of keys that support encryption * then all this logic will need to change. */ /* The signer */ if (signer && signer[0]) { signkey = seahorse_context_object_from_dbus (SCTX_APP (), signer); if (!signkey) { g_set_error (error, SEAHORSE_DBUS_ERROR, SEAHORSE_DBUS_ERROR_INVALID, _("Invalid or unrecognized signer: %s"), signer); return FALSE; } if (!SEAHORSE_IS_GPGME_KEY (signkey) || !(seahorse_object_get_flags (signkey) & SEAHORSE_FLAG_CAN_SIGN)) { g_set_error (error, SEAHORSE_DBUS_ERROR, SEAHORSE_DBUS_ERROR_INVALID, _("Key is not valid for signing: %s"), signer); return FALSE; } } /* The recipients */ for( ; recipients[0]; recipients++) { skey = seahorse_context_object_from_dbus (SCTX_APP (), recipients[0]); if (!skey) { g_list_free (recipkeys); g_set_error (error, SEAHORSE_DBUS_ERROR, SEAHORSE_DBUS_ERROR_INVALID, _("Invalid or unrecognized recipient: %s"), recipients[0]); return FALSE; } if (!SEAHORSE_IS_GPGME_KEY (skey) || !(seahorse_object_get_flags (skey) & SEAHORSE_FLAG_CAN_ENCRYPT)) { g_list_free (recipkeys); g_set_error (error, SEAHORSE_DBUS_ERROR, SEAHORSE_DBUS_ERROR_INVALID, _("Key is not a valid recipient for encryption: %s"), recipients[0]); return FALSE; } recipkeys = g_list_prepend (recipkeys, SEAHORSE_PGP_KEY (skey)); } if (!recipkeys) { g_set_error (error, SEAHORSE_DBUS_ERROR, SEAHORSE_DBUS_ERROR_INVALID, _("No recipients specified")); return FALSE; } pop = seahorse_gpgme_operation_new (NULL); /* new data form text */ gerr = gpgme_data_new_from_mem (&plain, cleartext, clearlength, FALSE); g_return_val_if_fail (GPG_IS_OK (gerr), FALSE); gerr = gpgme_data_new (&cipher); g_return_val_if_fail (GPG_IS_OK (gerr), FALSE); /* encrypt with armor */ gpgme_set_textmode (pop->gctx, textmode); gpgme_set_armor (pop->gctx, ascii_armor); /* Add the default key if set and necessary */ if (seahorse_gconf_get_boolean (ENCRYPTSELF_KEY)) { skey = SEAHORSE_OBJECT (seahorse_context_get_default_key (SCTX_APP ())); if (SEAHORSE_IS_PGP_KEY (skey)) recipkeys = g_list_append (recipkeys, skey); } /* Make keys into the right format for GPGME */ recips = keylist_to_keys (recipkeys); g_list_free (recipkeys); /* Do the encryption */ if (signkey) { gpgme_signers_add (pop->gctx, seahorse_gpgme_key_get_private (SEAHORSE_GPGME_KEY (signkey))); gerr = gpgme_op_encrypt_sign_start (pop->gctx, recips, GPGME_ENCRYPT_ALWAYS_TRUST, plain, cipher); } else { gerr = gpgme_op_encrypt_start (pop->gctx, recips, GPGME_ENCRYPT_ALWAYS_TRUST, plain, cipher); } free_keys (recips); /* Frees cipher */ ret = process_crypto_result (pop, gerr, cipher, crypttext, cryptlength, error); g_object_unref (pop); gpgme_data_release (plain); return ret; }