GPGWrapperDecryptedData GPGWrapper::decrypt(const std::string& message)
{
init();
ScopedGPGData clear_text, sign_text, encrypted_text;
gpgme_error_t error = encrypted_text.init(message.c_str(), message.length());
fail_if_err(error, L"Nie uda³o siê zainicjowaæ danych do odszyfrowania (encrypted_text).");
error = sign_text.init();
fail_if_err(error, L"Nie uda³o siê zainicjowaæ danych do odszyfrowania (sign_text).");
error = gpgme_op_decrypt(context, encrypted_text.get(), sign_text.get());
fail_if_err(error, L"Nie uda³o siê odszyfrowaæ wiadomoœci.");
error = gpgme_data_rewind(sign_text.get());
fail_if_err(error, L"Nie uda³o siê przewin¹æ na pocz¹tek podpisanego strumienia, aby go póŸniej zweryfikowaæ.");
error = clear_text.init();
fail_if_err(error, L"Nie uda³o siê zainicjowaæ danych do odszyfrowania (clear_text).");
error = gpgme_op_verify(context, sign_text.get(), NULL, clear_text.get());
fail_if_err(error, L"Nie powiod³a siê próba potwierdzenia podpisu nadawcy.");
GPGWrapperDecryptedData result;
gpgme_verify_result_t verifyResult = gpgme_op_verify_result(context);
if (verifyResult != NULL && verifyResult->signatures != NULL && verifyResult->signatures->summary & GPGME_SIGSUM_VALID)
result.isSignValid = true;
result.data = copyData(clear_text.get());
return result;
}
static PyObject *
pygpgme_context_decrypt(PyGpgmeContext *self, PyObject *args)
{
PyObject *py_cipher, *py_plain;
gpgme_data_t cipher, plain;
gpgme_error_t err;
if (!PyArg_ParseTuple(args, "OO", &py_cipher, &py_plain))
return NULL;
if (pygpgme_data_new(&cipher, py_cipher)) {
return NULL;
}
if (pygpgme_data_new(&plain, py_plain)) {
gpgme_data_release(cipher);
return NULL;
}
Py_BEGIN_ALLOW_THREADS;
err = gpgme_op_decrypt(self->ctx, cipher, plain);
Py_END_ALLOW_THREADS;
gpgme_data_release(cipher);
gpgme_data_release(plain);
if (pygpgme_check_error(err)) {
decode_decrypt_result(self);
return NULL;
}
Py_RETURN_NONE;
}
char *gpg_decrypt_msg(const char *data, long *plain_size) {
gpgme_ctx_t ctx;
gpgme_error_t err;
size_t n = 0;
char *temp, *str, *msg;
gpgme_data_t plain, cipher;
msg = add_gpg_headers(data);
if (!msg) {
return 0;
}
err = gpgme_new(&ctx);
if (err) {
return 0;
}
gpgme_set_protocol(ctx, GPGME_PROTOCOL_OpenPGP);
gpgme_set_armor(ctx, 1);
// char *p = getenv("GPG_AGENT_INFO");
// if (p) {
// log_write("GPG_AGENT_INFO: %s\n", p);
// } else {
// setenv("GPG_AGENT_INFO", "/tmp/gpg-3FhMq6/S.gpg-agent:22765:1", 1);
// log_write("NO GPG AGENT INFO FOUND\n");
// }
gpgme_set_passphrase_cb(ctx, &passphrase_cb, 0);
gpgme_data_new_from_mem(&cipher, msg, strlen(msg), 0);
gpgme_data_new(&plain);
err = gpgme_op_decrypt(ctx, cipher, plain);
gpgme_decrypt_result_t res = gpgme_op_decrypt_result(ctx);
gpgme_recipient_t recipient = res->recipients;
while (recipient) {
log_write(">>> recipient keyid: %s\n", recipient->keyid);
recipient = recipient->next;
}
gpgme_data_release(cipher);
free(msg);
if (err) {
log_write("gpgme_op_decrypt error: %s\n", gpgme_strerror(err));
gpgme_data_release(plain);
gpgme_release(ctx);
return 0;
}
temp = gpgme_data_release_and_get_mem(plain, &n);
if (!temp) {
gpgme_release(ctx);
return 0;
}
*plain_size = n;
str = strndup(temp, n);
free(temp);
gpgme_release(ctx);
return str;
}
/* ------------------
* decrypt a plain string with the key found with fingerprint fpr
* FREE MEMORY AFTER USAGE OF RETURN VALUE
* ------------------ */
static char* decrypt(char* cipher_str)
{
gpgme_error_t error;
gpgme_ctx_t ctx;
gpgme_data_t plain,cipher;
size_t len = 0;
char* plain_str = NULL;
char* plain_str_dup = NULL;
char* armored_buffer;
// add header and footer:
armored_buffer = str_armor(cipher_str);
// connect to gpgme
gpgme_check_version (NULL);
error = gpgme_new(&ctx);
if (error)
{
purple_debug_error(PLUGIN_ID,"gpgme_new failed: %s %s\n",gpgme_strsource (error), gpgme_strerror (error));
return NULL;
}
// create data containers
gpgme_data_new_from_mem (&cipher, armored_buffer,strlen(armored_buffer),1);
gpgme_data_new(&plain);
// decrypt
error = gpgme_op_decrypt(ctx,cipher,plain);
if (error)
{
purple_debug_error(PLUGIN_ID,"gpgme_op_decrypt failed: %s %s\n",gpgme_strsource (error), gpgme_strerror (error));
gpgme_release (ctx);
return NULL;
}
// release memory for data containers
gpgme_data_release(cipher);
plain_str = gpgme_data_release_and_get_mem(plain,&len);
if (plain_str != NULL)
{
plain_str[len] = 0;
plain_str_dup = g_strdup(plain_str);
}
gpgme_free(plain_str);
// close gpgme connection
gpgme_release (ctx);
return plain_str_dup;
}
int
main (int argc, char *argv[])
{
gpgme_ctx_t ctx;
gpgme_error_t err;
gpgme_data_t in, out;
gpgme_decrypt_result_t result;
char *cipher_1_asc = make_filename ("cipher-1.asc");
char *agent_info;
init_gpgme (GPGME_PROTOCOL_OpenPGP);
err = gpgme_new (&ctx);
fail_if_err (err);
agent_info = getenv("GPG_AGENT_INFO");
if (!(agent_info && strchr (agent_info, ':')))
gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL);
err = gpgme_data_new_from_file (&in, cipher_1_asc, 1);
free (cipher_1_asc);
fail_if_err (err);
err = gpgme_data_new (&out);
fail_if_err (err);
err = gpgme_op_decrypt (ctx, in, out);
fail_if_err (err);
result = gpgme_op_decrypt_result (ctx);
if (result->unsupported_algorithm)
{
fprintf (stderr, "%s:%i: unsupported algorithm: %s\n",
__FILE__, __LINE__, result->unsupported_algorithm);
exit (1);
}
print_data (out);
gpgme_data_release (in);
gpgme_data_release (out);
gpgme_release (ctx);
return 0;
}
bool KGpgMe::decrypt(const QByteArray& inBuffer, QByteArray* outBuffer)
{
gpgme_error_t err = 0;
gpgme_data_t in = 0, out = 0;
gpgme_decrypt_result_t result = 0;
outBuffer->resize(0);
if(m_ctx) {
err = gpgme_data_new_from_mem(&in, inBuffer.data(), inBuffer.size(), 1);
if(!err) {
err = gpgme_data_new(&out);
if(!err) {
err = gpgme_op_decrypt(m_ctx, in, out);
if(!err) {
result = gpgme_op_decrypt_result(m_ctx);
if(result->unsupported_algorithm) {
KMessageBox::error(kapp->activeWindow(), QString("%1: %2")
.arg(i18n("Unsupported algorithm"))
.arg(result->unsupported_algorithm));
}
else {
err = readToBuffer(out, outBuffer);
}
}
}
}
}
if(err != GPG_ERR_NO_ERROR && err != GPG_ERR_CANCELED) {
KMessageBox::error(kapp->activeWindow(), QString("%1: %2")
.arg(gpgme_strsource(err)).arg(gpgme_strerror(err)));
}
if(err != GPG_ERR_NO_ERROR)
clearCache();
if(in)
gpgme_data_release(in);
if(out)
gpgme_data_release(out);
return (err == GPG_ERR_NO_ERROR);
}
char *CGPGHelper::Decrypt(const char *szCipher)
{
#ifdef HAVE_LIBGPGME
if (!mCtx) return 0;
size_t nRead = 0;
gpgme_data_t cipher, plain;
CGPGMEMutex mutex;
if (!mutex.Lock()) return 0;
if (gpgme_data_new(&cipher) != GPG_ERR_NO_ERROR) return 0;
char *buf = strdup(szCipher);
gpgme_error_t err;
gpgme_data_write(cipher, buf, strlen(buf));
free(buf);
if (gpgme_data_new(&plain) != GPG_ERR_NO_ERROR)
{
gpgme_data_release(cipher);
return 0;
}
gpgme_data_seek(cipher, 0, SEEK_SET);
if ((err = gpgme_op_decrypt(mCtx, cipher, plain)) != GPG_ERR_NO_ERROR)
gLog.Warn("%s[GPG] gpgme message decryption failed: %s\n", L_WARNxSTR, gpgme_strerror(err));
gpgme_data_release(cipher);
buf = gpgme_data_release_and_get_mem(plain, &nRead);
if (!buf) return 0;
buf = (char *)realloc(buf, nRead+1);
buf[nRead] = 0;
return buf;
#else
return 0;
#endif
}
gpgme_data_t sgpgme_decrypt_verify(gpgme_data_t cipher, gpgme_verify_result_t *status, gpgme_ctx_t ctx)
{
struct passphrase_cb_info_s info;
gpgme_data_t plain;
gpgme_error_t err;
memset (&info, 0, sizeof info);
if ((err = gpgme_data_new(&plain)) != GPG_ERR_NO_ERROR) {
gpgme_release(ctx);
privacy_set_error(_("Couldn't initialize data, %s"), gpgme_strerror(err));
return NULL;
}
if (gpgme_get_protocol(ctx) == GPGME_PROTOCOL_OpenPGP) {
prefs_gpg_enable_agent(prefs_gpg_get_config()->use_gpg_agent);
if (!getenv("GPG_AGENT_INFO") || !prefs_gpg_get_config()->use_gpg_agent) {
info.c = ctx;
gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
}
} else {
prefs_gpg_enable_agent(TRUE);
info.c = ctx;
gpgme_set_passphrase_cb (ctx, NULL, &info);
}
if (gpgme_get_protocol(ctx) == GPGME_PROTOCOL_OpenPGP) {
err = gpgme_op_decrypt_verify(ctx, cipher, plain);
if (err != GPG_ERR_NO_ERROR) {
debug_print("can't decrypt (%s)\n", gpgme_strerror(err));
privacy_set_error("%s", gpgme_strerror(err));
gpgmegtk_free_passphrase();
gpgme_data_release(plain);
return NULL;
}
err = cm_gpgme_data_rewind(plain);
if (err) {
debug_print("can't seek (%d %d %s)\n", err, errno, strerror(errno));
}
debug_print("decrypted.\n");
*status = gpgme_op_verify_result (ctx);
} else {
err = gpgme_op_decrypt(ctx, cipher, plain);
if (err != GPG_ERR_NO_ERROR) {
debug_print("can't decrypt (%s)\n", gpgme_strerror(err));
privacy_set_error("%s", gpgme_strerror(err));
gpgmegtk_free_passphrase();
gpgme_data_release(plain);
return NULL;
}
err = cm_gpgme_data_rewind(plain);
if (err) {
debug_print("can't seek (%d %d %s)\n", err, errno, strerror(errno));
}
debug_print("decrypted.\n");
*status = gpgme_op_verify_result (ctx);
}
return plain;
}
char*
p_gpg_decrypt(const char *const cipher)
{
gpgme_ctx_t ctx;
gpgme_error_t error = gpgme_new(&ctx);
if (error) {
log_error("GPG: Failed to create gpgme context. %s %s", gpgme_strsource(error), gpgme_strerror(error));
return NULL;
}
gpgme_set_passphrase_cb(ctx, (gpgme_passphrase_cb_t)_p_gpg_passphrase_cb, NULL);
char *cipher_with_headers = _add_header_footer(cipher, PGP_MESSAGE_HEADER, PGP_MESSAGE_FOOTER);
gpgme_data_t cipher_data;
gpgme_data_new_from_mem(&cipher_data, cipher_with_headers, strlen(cipher_with_headers), 1);
free(cipher_with_headers);
gpgme_data_t plain_data;
gpgme_data_new(&plain_data);
error = gpgme_op_decrypt(ctx, cipher_data, plain_data);
gpgme_data_release(cipher_data);
if (error) {
log_error("GPG: Failed to encrypt message. %s %s", gpgme_strsource(error), gpgme_strerror(error));
gpgme_data_release(plain_data);
gpgme_release(ctx);
return NULL;
}
gpgme_decrypt_result_t res = gpgme_op_decrypt_result(ctx);
if (res) {
GString *recipients_str = g_string_new("");
gpgme_recipient_t recipient = res->recipients;
while (recipient) {
gpgme_key_t key;
error = gpgme_get_key(ctx, recipient->keyid, &key, 1);
if (!error && key) {
const char *addr = gpgme_key_get_string_attr(key, GPGME_ATTR_EMAIL, NULL, 0);
if (addr) {
g_string_append(recipients_str, addr);
}
gpgme_key_unref(key);
}
if (recipient->next) {
g_string_append(recipients_str, ", ");
}
recipient = recipient->next;
}
log_debug("GPG: Decrypted message for recipients: %s", recipients_str->str);
g_string_free(recipients_str, TRUE);
}
gpgme_release(ctx);
size_t len = 0;
char *plain_str = gpgme_data_release_and_get_mem(plain_data, &len);
char *result = NULL;
if (plain_str) {
plain_str[len] = 0;
result = g_strdup(plain_str);
}
gpgme_free(plain_str);
if (passphrase_attempt) {
passphrase = strdup(passphrase_attempt);
}
return result;
}
int main()
{
int fd;
gpgme_ctx_t g_context;
gpgme_engine_info_t enginfo;
gpgme_data_t data;
gpgme_error_t gerr;
gpg_err_code_t gpg_err;
gpgme_data_t g_plain;
gpgme_data_t g_plain_recv;
gpgme_data_t g_encrypt;
gpgme_data_t g_encrypt_send;
gpgme_key_t g_recipient[MAX_RCP+1];
char *p;
char b_encrypt[BIGBUF+1];
char msg[EOF_L_MESSAGE];
char msg_in[EOF_L_MESSAGE];
int i, tmp;
for(i=0;i<EOF_L_MESSAGE; i++) msg_in[i] = 0;
for(i=0;i<EOF_L_MESSAGE; i++) msg[i] = 0;
for(i=0;i<=BIGBUF; i++) b_encrypt[i] = 0;
gpgme_check_version(NULL);
gerr = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
if(gerr != GPG_ERR_NO_ERROR) return 10;
p = (char *) gpgme_get_protocol_name(GPGME_PROTOCOL_OpenPGP);
printf("Version: %s\n",p);
gerr = gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP, NULL, home);
if(gerr == GPG_ERR_NO_ERROR) {
printf("gpgme_set_engine_info: ok\n");
} else {
printf("gpgme_set_engine_info: err\n");
}
/* get engine information */
gerr = gpgme_get_engine_info(&enginfo);
if(gerr != GPG_ERR_NO_ERROR) return 3;
printf("file=%s, home=%s\n",enginfo->file_name,enginfo->home_dir);
/* create our own context */
gerr = gpgme_new(&g_context);
if(gerr != GPG_ERR_NO_ERROR) return 1;
/* FIXME: both needed? */
/* FIXME: why is the path (FILE_NAME) needed? */
/* FIXME: /usr/bin/gpg must be changed to ~/.ceof/gpg/binary or similar */
gerr = gpgme_ctx_set_engine_info (g_context, GPGME_PROTOCOL_OpenPGP,
"/usr/bin/gpg",home);
if(gerr != GPG_ERR_NO_ERROR) return 4;
/* do not ascii armor data; use 1 for testing */
//gpgme_set_armor(g_context, 0);
gpgme_set_armor(g_context, 1);
/* create buffers */
gerr = gpgme_data_new(&data);
if(gerr != GPG_ERR_NO_ERROR) return 12;
gerr = gpgme_data_new(&g_plain_recv);
if(gerr != GPG_ERR_NO_ERROR) return 20;
gerr = gpgme_data_new(&g_encrypt);
if(gerr != GPG_ERR_NO_ERROR) return 14;
gerr = gpgme_data_new(&g_encrypt_send);
if(gerr != GPG_ERR_NO_ERROR) return 24;
/* fill buffers */
/* gerr = gpgme_data_new(&g_plain);
if(gerr != GPG_ERR_NO_ERROR) return 13;
printf("strlen(%s) = %d\n",msg,i);
i -= gpgme_data_write(g_plain, msg, i);
if(i) {
printf("size mismatch\n");
return 12;
} */
strncpy(msg, "==> Erste Nachricht\n\n", EOF_L_MESSAGE);
i = strlen(msg);
gerr = gpgme_data_new_from_mem (&g_plain, msg, i, 0);
/* setup recipient */
gerr = gpgme_op_keylist_start(g_context, "nico schottelius", 0);
if(gerr != GPG_ERR_NO_ERROR) return 11;
i=0;
gerr = gpgme_op_keylist_next(g_context, &g_recipient[0]);
while((gpg_err = gpg_err_code(gerr)) != GPG_ERR_EOF) {
/* for testing: one call of gpgme_op_keylist_next is enough */
break;
if(gerr == GPG_ERR_INV_VALUE) {
printf("invalid pointer\n");
return 15;
} else if(gerr == GPG_ERR_ENOMEM) {
printf("no mem\n");
return 16;
}
printf ("%s: %s <%s> (%d)\n", g_recipient[0]->subkeys->keyid, g_recipient[0]->uids->name, g_recipient[0]->uids->email, i);
i++;
/* FIXME: this resets the good filled buffer ... */
gerr = gpgme_op_keylist_next(g_context, &g_recipient[0]);
}
g_recipient[1] = NULL;
/* all above seems to be wrong ... */
gerr = gpgme_get_key(g_context,"775506B45998BF57D0D4AFF27C6E747C38616ADC", &g_recipient[0], 0);
if(gerr != GPG_ERR_NO_ERROR) return 32;
/* en/decrypt message */
//gerr = gpgme_op_encrypt_sign(g_context, g_recipient, 0, g_plain, g_encrypt);
gerr = gpgme_op_encrypt(g_context, g_recipient, 0, g_plain, g_encrypt);
if(gerr != GPG_ERR_NO_ERROR) {
printf("gerr=%d\n",gerr);
return 18;
}
/* transfer the data into our own buffer,
* so the data is saved; you cannot
* reuse the gpgme buffers directly as in
* gerr = gpgme_op_decrypt(g_context, g_encrypt, g_plain_recv);
*
*/
i = gpgme_data_seek(g_encrypt, 0, SEEK_END);
if(i > BIGBUF) return 22;
printf("buflen: %d\n",i);
/* reset to the beginning */
gpgme_data_seek(g_encrypt, 0, SEEK_SET);
if(gpgme_data_read(g_encrypt, b_encrypt, i) == -1) {
perror("pgme_data_read");
return 23;
}
printf("crypt:\n%s\n", b_encrypt);
fd = open("testcrypt",O_RDWR|O_CREAT);
if(fd == -1) return 40;
if(write_all(fd, b_encrypt, BIGBUF) <= 0) return 41;
close(fd);
/* until here it works, testcrypt contains
* data and can be decrypted ...
*
* perhaps the context needs some reset?
*/
if((tmp = gpgme_data_write(g_encrypt_send, b_encrypt, i)) == -1) {
perror("pgme_data_write");
return 23;
}
printf("crypt-wrote:%d\n", tmp);
/* look for contexts */
gerr = gpgme_op_decrypt(g_context, g_encrypt_send, g_plain_recv);
if(gerr != GPG_ERR_NO_ERROR) {
printf("gerr=%d\n",gerr);
return 19;
}
/* open communication channel: netcat */
/* listen for input from:
* stdin
* communication channel
*/
/* de/encode data from comm channel */
return 1;
}
QByteArray GPGME::decryptFile(const QString & filename, QString & keyId, QWidget * parent)
{
setError(GPG_ERR_NO_ERROR); // clear error
CallbackData cbData;
cbData.parent = parent;
qDebug() << "ERERR" << gpg_err_source(GPG_ERR_CODE_DIM+1);
gpgme_set_passphrase_cb(p->context, passphraseCallback, &cbData);
qDebug() << "decrypting file" << filename;
gpgme_data_t data;
gpgme_error_t err;
QFile file(filename);
if (!file.exists()) {
setError(GPGME_WRAPPER_ERR_FILE_NOT_FOUND, true);
return QByteArray();
}
if (!file.open(QIODevice::ReadOnly)) {
setError(GPGME_WRAPPER_ERR_CANNOT_OPEN_FILE, true);
return QByteArray();
}
if (file.size() > FILESIZE_HARD_LIMIT) {
setError(GPGME_WRAPPER_ERR_FILE_TOO_LARGE, true);
return QByteArray();
}
err = gpgme_data_new_from_fd(&data, file.handle());
if (err != GPG_ERR_NO_ERROR) {
setError(err);
return QByteArray();
}
// process data (it's cipher)
gpgme_data_t plain;
gpgme_data_new(&plain);
err = gpgme_op_decrypt(p->context, data, plain);
// unset passphrase callback
gpgme_set_passphrase_cb(p->context, 0, 0);
if (err != GPG_ERR_NO_ERROR) {
gpgme_data_release(data);
gpgme_data_release(plain);
setError(err);
return QByteArray();
}
// decryption is successful so load plain data
QByteArray resBytes;
const int bufSize = 1000;
int read;
char buf[bufSize];
gpgme_data_seek(plain, 0, SEEK_SET);
while (true) {
read = gpgme_data_read(plain, (void*)buf, bufSize);
if (read == 0) {
break;
}
if (read == -1) {
// error, ignore for now
break;
}
resBytes.append(buf, read);
}
gpgme_decrypt_result_t decrypt_res = gpgme_op_decrypt_result(p->context);
gpgme_recipient_t recipient;
if (decrypt_res) {
recipient = decrypt_res->recipients;
while (recipient) {
keyId = recipient->keyid;
recipient = recipient->next;
break; // just ignore the other recipients
}
}
return resBytes;
}
