//note: passphrase callback seems broken for keygen
SEXP R_gpg_keygen(SEXP params){
void * cb = NULL;
gpgme_get_passphrase_cb(ctx, NULL, &cb);
gpgme_set_passphrase_cb(ctx, NULL, NULL);
const char * par = Rf_length(params) ? CHAR(STRING_ELT(params, 0)) : NULL;
bail(gpgme_op_genkey(ctx, par, NULL, NULL), "generate key");
gpgme_genkey_result_t res = gpgme_op_genkey_result(ctx);
gpgme_key_t key;
bail(gpgme_get_key(ctx, res->fpr, &key, 0), "get new key");
gpgme_set_passphrase_cb(ctx, pwprompt, cb);
return mkString(key->subkeys->keyid);
}
/**
* g_mime_pkcs7_context_new:
* @request_passwd: a #GMimePasswordRequestFunc
*
* Creates a new pkcs7 crypto context object.
*
* Returns: (transfer full): a new pkcs7 crypto context object.
**/
GMimeCryptoContext *
g_mime_pkcs7_context_new (GMimePasswordRequestFunc request_passwd)
{
#ifdef ENABLE_SMIME
GMimeCryptoContext *crypto;
GMimePkcs7Context *pkcs7;
gpgme_ctx_t ctx;
/* make sure GpgMe supports the CMS protocols */
if (gpgme_engine_check_version (GPGME_PROTOCOL_CMS) != GPG_ERR_NO_ERROR)
return NULL;
/* create the GpgMe context */
if (gpgme_new (&ctx) != GPG_ERR_NO_ERROR)
return NULL;
pkcs7 = g_object_newv (GMIME_TYPE_PKCS7_CONTEXT, 0, NULL);
gpgme_set_passphrase_cb (ctx, pkcs7_passphrase_cb, pkcs7);
gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
pkcs7->priv->ctx = ctx;
crypto = (GMimeCryptoContext *) pkcs7;
crypto->request_passwd = request_passwd;
return crypto;
#else
return NULL;
#endif /* ENABLE_SMIME */
}
/*
* create a GpgME context for the passed protocol
*/
static gpgme_error_t
gpgme_new_with_protocol(gpgme_ctx_t * ctx, gpgme_protocol_t protocol,
GtkWindow * parent, GError ** error)
{
gpgme_error_t err;
/* create the GpgME context */
if ((err = gpgme_new(ctx)) != GPG_ERR_NO_ERROR) {
g_set_error_from_gpgme(error, err, _("could not create context"));
} else {
if ((err = gpgme_set_protocol(*ctx, protocol)) != GPG_ERR_NO_ERROR) {
gchar *errmsg =
g_strdup_printf(_("could not set protocol '%s'"),
gpgme_get_protocol_name(protocol));
g_set_error_from_gpgme(error, err, errmsg);
g_free(errmsg);
gpgme_release(*ctx);
} else {
if (protocol == GPGME_PROTOCOL_OpenPGP)
gpgme_set_passphrase_cb(*ctx, gpgme_passphrase_cb, parent);
}
}
return err;
}
char *gpg_decrypt_msg(const char *data, long *plain_size) {
gpgme_ctx_t ctx;
gpgme_error_t err;
size_t n = 0;
char *temp, *str, *msg;
gpgme_data_t plain, cipher;
msg = add_gpg_headers(data);
if (!msg) {
return 0;
}
err = gpgme_new(&ctx);
if (err) {
return 0;
}
gpgme_set_protocol(ctx, GPGME_PROTOCOL_OpenPGP);
gpgme_set_armor(ctx, 1);
// char *p = getenv("GPG_AGENT_INFO");
// if (p) {
// log_write("GPG_AGENT_INFO: %s\n", p);
// } else {
// setenv("GPG_AGENT_INFO", "/tmp/gpg-3FhMq6/S.gpg-agent:22765:1", 1);
// log_write("NO GPG AGENT INFO FOUND\n");
// }
gpgme_set_passphrase_cb(ctx, &passphrase_cb, 0);
gpgme_data_new_from_mem(&cipher, msg, strlen(msg), 0);
gpgme_data_new(&plain);
err = gpgme_op_decrypt(ctx, cipher, plain);
gpgme_decrypt_result_t res = gpgme_op_decrypt_result(ctx);
gpgme_recipient_t recipient = res->recipients;
while (recipient) {
log_write(">>> recipient keyid: %s\n", recipient->keyid);
recipient = recipient->next;
}
gpgme_data_release(cipher);
free(msg);
if (err) {
log_write("gpgme_op_decrypt error: %s\n", gpgme_strerror(err));
gpgme_data_release(plain);
gpgme_release(ctx);
return 0;
}
temp = gpgme_data_release_and_get_mem(plain, &n);
if (!temp) {
gpgme_release(ctx);
return 0;
}
*plain_size = n;
str = strndup(temp, n);
free(temp);
gpgme_release(ctx);
return str;
}
/* Created a detached signature for INDATA and write it to OUTDATA.
On termination of the signing command engine_private_finished() is
called with FILTER as the first argument. */
int
op_gpgme_sign (protocol_t protocol,
gpgme_data_t indata, gpgme_data_t outdata,
engine_filter_t filter, void *hwnd)
{
gpg_error_t err;
closure_data_t cld;
gpgme_ctx_t ctx = NULL;
gpgme_key_t sign_key = NULL;
(void)hwnd;
if (signer_dialog_box (&sign_key, NULL, 0) == -1)
{
log_debug ("%s:%s: leave (dialog failed)\n", SRCNAME, __func__);
return gpg_error (GPG_ERR_CANCELED);
}
cld = xcalloc (1, sizeof *cld);
cld->closure = sign_closure;
cld->filter = filter;
err = gpgme_new (&ctx);
if (err)
goto leave;
gpgme_set_progress_cb (ctx, NULL, cld);
switch (protocol)
{
case PROTOCOL_OPENPGP: /* Gpgme's default. */
break;
case PROTOCOL_SMIME:
err = gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
break;
default:
err = gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL);
break;
}
if (err)
goto leave;
gpgme_set_armor (ctx, 1);
gpgme_set_passphrase_cb (ctx, passphrase_callback_box, &cld->pw_cb);
cld->pw_cb.ctx = ctx;
cld->pw_cb.ttl = opt.passwd_ttl;
err = gpgme_signers_add (ctx, sign_key);
if (!err)
err = gpgme_op_sign_start (ctx, indata, outdata, GPGME_SIG_MODE_DETACH);
leave:
if (err)
{
xfree (cld);
gpgme_release (ctx);
}
else
engine_private_set_cancel (filter, ctx);
gpgme_key_unref (sign_key);
return err;
}
/* Decrypt data from INDATA to OUTDATE. If WITH_VERIFY is set, a
signature of PGP/MIME combined message is also verified the same
way as with op_gpgme_verify. */
int
op_gpgme_decrypt (protocol_t protocol,
gpgme_data_t indata, gpgme_data_t outdata,
engine_filter_t filter, void *hwnd,
int with_verify)
{
gpgme_error_t err;
closure_data_t cld;
gpgme_ctx_t ctx = NULL;
(void)hwnd;
cld = xcalloc (1, sizeof *cld);
cld->closure = decrypt_closure;
cld->filter = filter;
cld->with_verify = with_verify;
err = gpgme_new (&ctx);
if (err)
goto leave;
gpgme_set_progress_cb (ctx, NULL, cld);
switch (protocol)
{
case PROTOCOL_OPENPGP: /* Gpgme's default. */
break;
case PROTOCOL_SMIME:
err = gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
break;
default:
err = gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL);
break;
}
if (err)
goto leave;
/* Note: We do no error checking for the next call because some
backends may not implement a command hanler at all. */
gpgme_set_passphrase_cb (ctx, passphrase_callback_box, &cld->pw_cb);
cld->pw_cb.ctx = ctx;
if (with_verify)
err = gpgme_op_decrypt_verify_start (ctx, indata, outdata);
else
err = gpgme_op_decrypt_start (ctx, indata, outdata);
leave:
if (err)
{
xfree (cld);
gpgme_release (ctx);
}
else
engine_private_set_cancel (filter, ctx);
return err;
}
void KGpgMe::setPassphraseCb()
{
bool agent = false;
QString agent_info;
agent_info = qgetenv("GPG_AGENT_INFO");
if (m_useGnuPGAgent) {
if (agent_info.indexOf(':'))
agent = true;
if (agent_info.startsWith(QLatin1String("disable:")))
setenv("GPG_AGENT_INFO", agent_info.mid(8).toAscii(), 1);
} else {
if (!agent_info.startsWith(QLatin1String("disable:")))
setenv("GPG_AGENT_INFO", "disable:" + agent_info.toAscii(), 1);
}
if (agent)
gpgme_set_passphrase_cb(m_ctx, 0, 0);
else
gpgme_set_passphrase_cb(m_ctx, passphraseCb, this);
}
int
main (int argc, char *argv[])
{
gpgme_ctx_t ctx;
gpgme_error_t err;
gpgme_data_t in, out;
gpgme_verify_result_t result;
char *agent_info;
int i;
init_gpgme (GPGME_PROTOCOL_OpenPGP);
err = gpgme_new (&ctx);
fail_if_err (err);
agent_info = getenv ("GPG_AGENT_INFO");
if (!(agent_info && strchr (agent_info, ':')))
gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL);
err = gpgme_data_new_from_mem (&in, "Hallo Leute\n", 12, 0);
fail_if_err (err);
err = gpgme_data_new (&out);
fail_if_err (err);
for (i = 0; i < sizeof (expected_notations) / sizeof (expected_notations[0]);
i++)
{
err = gpgme_sig_notation_add (ctx, expected_notations[i].name,
expected_notations[i].value,
expected_notations[i].flags);
fail_if_err (err);
}
err = gpgme_op_sign (ctx, in, out, GPGME_SIG_MODE_NORMAL);
fail_if_err (err);
gpgme_data_release (in);
err = gpgme_data_new (&in);
fail_if_err (err);
gpgme_data_seek (out, 0, SEEK_SET);
err = gpgme_op_verify (ctx, out, NULL, in);
fail_if_err (err);
result = gpgme_op_verify_result (ctx);
check_result (result);
gpgme_data_release (in);
gpgme_data_release (out);
gpgme_release (ctx);
return 0;
}
void crypto_asym::build_context()
{
#if GPGME_SUPPORT
gpgme_error_t err = gpgme_new(&context);
if(gpgme_err_code(err) != GPG_ERR_NO_ERROR)
throw Erange("crypto_asym::crypto_asym", string(gettext("Failed creating GPGME context: ")) + tools_gpgme_strerror_r(err));
err = gpgme_set_protocol(context, GPGME_PROTOCOL_OpenPGP);
if(gpgme_err_code(err) != GPG_ERR_NO_ERROR)
throw Erange("crypto_asym::crypto_asym", string(gettext("Failed setting GPGME context with OpenPGP protocol: ")) + tools_gpgme_strerror_r(err));
gpgme_set_passphrase_cb(context, read_passphrase, (void *)this);
#endif
}
static int
pygpgme_context_set_passphrase_cb(PyGpgmeContext *self, PyObject *value)
{
gpgme_passphrase_cb_t passphrase_cb;
PyObject *callback;
/* free the passphrase callback */
gpgme_get_passphrase_cb(self->ctx, &passphrase_cb, (void **)&callback);
if (passphrase_cb == pygpgme_passphrase_cb) {
Py_DECREF(callback);
}
/* callback of None == unset */
if (value == Py_None)
value = NULL;
if (value != NULL) {
Py_INCREF(value);
gpgme_set_passphrase_cb(self->ctx, pygpgme_passphrase_cb, value);
} else {
gpgme_set_passphrase_cb(self->ctx, NULL, NULL);
}
return 0;
}
void geanypg_encrypt_cb(GtkMenuItem * menuitem, gpointer user_data)
{
int sign;
encrypt_data ed;
gpgme_error_t err;
geanypg_init_ed(&ed);
err = gpgme_new(&ed.ctx);
if (err && geanypg_show_err_msg(err))
return;
gpgme_set_armor(ed.ctx, 1);
gpgme_set_passphrase_cb(ed.ctx, geanypg_passphrase_cb, NULL);
if (geanypg_get_keys(&ed) && geanypg_get_secret_keys(&ed))
{
gpgme_key_t * recp = NULL;
if (geanypg_encrypt_selection_dialog(&ed, &recp, &sign))
{
int flags = 0;
int stop = 0;
gpgme_key_t * key = recp;
while (*key)
{
if ((*key)->owner_trust != GPGME_VALIDITY_ULTIMATE &&
(*key)->owner_trust != GPGME_VALIDITY_FULL &&
(*key)->owner_trust != GPGME_VALIDITY_MARGINAL)
{
if (dialogs_show_question(_("The key with user ID \"%s\" has validity \"%s\".\n\n"
"WARNING: It is NOT certain that the key belongs to the person named in the user ID.\n\n"
"Are you *really* sure you want to use this key anyway?"),
(*key)->uids->uid, geanypg_validity((*key)->owner_trust)))
flags = GPGME_ENCRYPT_ALWAYS_TRUST;
else
stop = 1;
}
++key;
}
if (*recp && !stop)
geanypg_encrypt(&ed, recp, sign, flags);
else if (!stop && dialogs_show_question(_("No recipients were selected,\nuse symmetric cipher?")))
geanypg_encrypt(&ed, NULL, sign, flags);
}
if (recp)
free(recp);
}
geanypg_release_keys(&ed);
gpgme_release(ed.ctx);
}
int
main (int argc, char *argv[])
{
gpgme_ctx_t ctx;
gpgme_error_t err;
gpgme_data_t in, out;
gpgme_decrypt_result_t decrypt_result;
gpgme_verify_result_t verify_result;
char *cipher_2_asc = make_filename ("cipher-2.asc");
char *agent_info;
init_gpgme (GPGME_PROTOCOL_OpenPGP);
err = gpgme_new (&ctx);
fail_if_err (err);
agent_info = getenv("GPG_AGENT_INFO");
if (!(agent_info && strchr (agent_info, ':')))
gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL);
err = gpgme_data_new_from_file (&in, cipher_2_asc, 1);
free (cipher_2_asc);
fail_if_err (err);
err = gpgme_data_new (&out);
fail_if_err (err);
err = gpgme_op_decrypt_verify (ctx, in, out);
fail_if_err (err);
decrypt_result = gpgme_op_decrypt_result (ctx);
if (decrypt_result->unsupported_algorithm)
{
fprintf (stderr, "%s:%i: unsupported algorithm: %s\n",
__FILE__, __LINE__, decrypt_result->unsupported_algorithm);
exit (1);
}
print_data (out);
verify_result = gpgme_op_verify_result (ctx);
check_verify_result (verify_result, 0,
"A0FF4590BB6122EDEF6E3C542D727CC768697734",
GPG_ERR_NO_ERROR);
gpgme_data_release (in);
gpgme_data_release (out);
gpgme_release (ctx);
return 0;
}
int
main (int argc, char *argv[])
{
gpgme_ctx_t ctx;
gpgme_error_t err;
gpgme_data_t in, out;
gpgme_decrypt_result_t result;
char *cipher_1_asc = make_filename ("cipher-1.asc");
char *agent_info;
init_gpgme (GPGME_PROTOCOL_OpenPGP);
err = gpgme_new (&ctx);
fail_if_err (err);
agent_info = getenv("GPG_AGENT_INFO");
if (!(agent_info && strchr (agent_info, ':')))
gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL);
err = gpgme_data_new_from_file (&in, cipher_1_asc, 1);
free (cipher_1_asc);
fail_if_err (err);
err = gpgme_data_new (&out);
fail_if_err (err);
err = gpgme_op_decrypt (ctx, in, out);
fail_if_err (err);
result = gpgme_op_decrypt_result (ctx);
if (result->unsupported_algorithm)
{
fprintf (stderr, "%s:%i: unsupported algorithm: %s\n",
__FILE__, __LINE__, result->unsupported_algorithm);
exit (1);
}
print_data (out);
gpgme_data_release (in);
gpgme_data_release (out);
gpgme_release (ctx);
return 0;
}
/* Release the edit parameters needed for changing the passphrase. The
* prototype is that of a GpaContext's "done" signal handler.
*/
static void
gpa_gpgme_edit_passwd_parms_release (GpaContext *ctx, gpg_error_t err,
struct edit_parms_s* parms)
{
struct passwd_parms_s *passwd_parms = parms->opaque;
gpgme_data_release (parms->out);
/* Make sure the normal passphrase callback is used */
if (!cms_hack)
gpgme_set_passphrase_cb (ctx->ctx,
passwd_parms->func, passwd_parms->opaque);
if (parms->signal_id != 0)
{
/* Don't run this signal handler again if the context is reused */
g_signal_handler_disconnect (ctx, parms->signal_id);
}
g_free (parms);
g_free (parms->opaque);
}
void CGPGHelper::Start()
{
#ifdef HAVE_LIBGPGME
char buf[MAX_LINE_LEN];
snprintf(buf, MAX_LINE_LEN, "%s/licq_gpg.conf", BASE_DIR);
mKeysIni.LoadFile(buf);
mKeysIni.SetSection("gpg");
mKeysIni.ReadStr("passphrase", buf); mGPGPassphrase = strdup(buf);
const char *gpgme_ver = gpgme_check_version(0);
gLog.Info("%s[GPG] gpgme library found: %s\n", L_INITxSTR, gpgme_ver);
if (gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP) != GPG_ERR_NO_ERROR)
gLog.Error("%s[GPG] gpgme engine OpenPGP not found!\n", L_ERRORxSTR);
gpgme_new(&mCtx);
gpgme_set_protocol(mCtx, GPGME_PROTOCOL_OpenPGP);
gpgme_set_armor(mCtx, 1);
gpgme_set_passphrase_cb(mCtx, PassphraseCallback, 0);
#endif
}
retvalue signature_init(bool allowpassphrase){
#ifdef HAVE_LIBGPGME
gpg_error_t err;
if (context != NULL)
return RET_NOTHING;
gpgme_check_version(NULL);
err = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
if (err != 0)
return gpgerror(err);
err = gpgme_new(&context);
if (err != 0)
return gpgerror(err);
err = gpgme_set_protocol(context, GPGME_PROTOCOL_OpenPGP);
if (err != 0)
return gpgerror(err);
if (allowpassphrase)
gpgme_set_passphrase_cb(context, signature_getpassphrase,
NULL);
gpgme_set_armor(context, 1);
#endif /* HAVE_LIBGPGME */
return RET_OK;
}
gpg_error_t
gpa_gpgme_edit_passwd_start (GpaContext *ctx, gpgme_key_t key)
{
struct edit_parms_s *parms;
gpg_error_t err;
gpgme_data_t out;
err = gpgme_data_new (&out);
if (gpg_err_code (err) != GPG_ERR_NO_ERROR)
{
return err;
}
parms = gpa_gpgme_edit_passwd_parms_new (ctx, out);
/* Use our own passphrase callback: The data are the actual edit
parms. */
if (!cms_hack)
gpgme_set_passphrase_cb (ctx->ctx, passwd_passphrase_cb, parms);
err = gpgme_op_edit_start (ctx->ctx, key, edit_fnc, parms, out);
return err;
}
/* #############################################################################
*
* Description encrypt the given buffer and return the encrypted data with
* an updated size information
* Author Harry Brueckner
* Date 2005-03-31
* Arguments char* buffer - buffer to encrypt
* int size - size of the buffer
* char** newbuffer - pointer to the new buffer which holds the
* encrypted data
* int* newsize - size of the returned buffer
* PASSPHRASE_FN password_cb - callback function pointer used
* to get the current passphrase
* SHOWERROR_FN showerror_cb - callback function pointer used
* to display errors
* Return 0 if ok, otherwise 1
*/
int gpgEncrypt(char* buffer, int size, char** newbuffer, int* newsize,
PASSPHRASE_FN password_cb, SHOWERROR_FN showerror_cb)
{
gpgme_ctx_t context;
gpgme_data_t input,
output;
gpgme_encrypt_result_t result;
gpgme_error_t error;
gpgme_key_t* key = NULL;
gpgme_key_t tkey = NULL;
gpgme_sign_result_t sign_result;
int i,
keys = 0,
showerror = 1;
char* agent;
char* fpr;
char* tmpbuffer = NULL;
TRACE(99, "gpgEncrypt()", NULL);
/* we set our passphrase callback function */
passphrase_callback = password_cb;
/* we initialize the external size data */
newsize[0] = 0;
error = gpgme_new(&context);
if (!error)
{
gpgme_set_textmode(context, 1);
gpgme_set_armor(context, 1);
/* Flawfinder: ignore */
agent = getenv("GPG_AGENT_INFO");
if (!(agent && strchr(agent, ':')))
{
retries = 0;
gpgme_set_passphrase_cb(context, gpgRequestPassphrase, NULL);
}
}
if (!error)
{ error = gpgme_data_new_from_mem(&input, buffer, size, 0); }
if (!error)
{ error = gpgme_data_new(&output); }
if (!error)
{ gpgme_signers_clear(context); }
if (!error)
{
/* allocate the keys */
keys = keyCount();
key = memAlloc(__FILE__, __LINE__, sizeof(gpgme_key_t) * (keys + 1));
key[keys] = NULL;
signers = 0;
for (i = 0; i < keys && !error; i++)
{ /* add all keys */
fpr = gpgGetFingerprint(keyGet(i), LIST_SECRET);
if (fpr)
{
error = gpgme_get_key(context, fpr, &tkey, LIST_SECRET);
if (tkey -> secret);
{
error = gpgme_signers_add(context, tkey);
signers++;
}
memFreeString(__FILE__, __LINE__, fpr);
}
fpr = gpgGetFingerprint(keyGet(i), LIST_ALL);
if (fpr)
{
error = gpgme_get_key(context, fpr, &key[i], LIST_ALL);
memFreeString(__FILE__, __LINE__, fpr);
}
}
}
if (signers > 1)
{ /* as soon as we get two signers, we must no longer cache anything */
config -> keeppassphrase = 0;
clearPassphrase(1);
}
/* encrypt and sign the data */
if (!error)
{
error = gpgme_op_encrypt_sign(context, key, GPGME_ENCRYPT_ALWAYS_TRUST,
input, output);
}
/* we don't need the passphrase any longer */
clearPassphrase(0);
if (!error)
{ result = gpgme_op_encrypt_result(context); }
if (!error &&
result -> invalid_recipients)
{
tmpbuffer = memAlloc(__FILE__, __LINE__, STDBUFFERLENGTH);
snprintf(tmpbuffer, STDBUFFERLENGTH,
_("Invalid recipient encountered: %s"),
result -> invalid_recipients -> fpr);
(showerror_cb)(_("GpgMe error"), tmpbuffer);
memFree(__FILE__, __LINE__, tmpbuffer, STDBUFFERLENGTH);
showerror = 0;
error = 1;
}
if (!error)
{
sign_result = gpgme_op_sign_result(context);
error = gpgCheckSignResult(showerror_cb, sign_result,
GPGME_SIG_MODE_NORMAL);
showerror = !error;
}
if (!error)
{ tmpbuffer = gpgData2Char(output, newsize); }
/* free the keys again */
i = 0;
while (key && keys && key[i])
{ gpgme_key_unref(key[i++]); }
memFree(__FILE__, __LINE__, key, sizeof(gpgme_key_t) * (keys + 1));
gpgme_data_release(input);
gpgme_data_release(output);
gpgme_release(context);
*newbuffer = tmpbuffer;
if (error)
{
if (showerror)
{ (showerror_cb)(_("GpgMe encrypt error"), gpgme_strerror(error)); }
return 1;
}
else
return 0;
}
gpgme_data_t sgpgme_decrypt_verify(gpgme_data_t cipher, gpgme_verify_result_t *status, gpgme_ctx_t ctx)
{
struct passphrase_cb_info_s info;
gpgme_data_t plain;
gpgme_error_t err;
memset (&info, 0, sizeof info);
if ((err = gpgme_data_new(&plain)) != GPG_ERR_NO_ERROR) {
gpgme_release(ctx);
privacy_set_error(_("Couldn't initialize data, %s"), gpgme_strerror(err));
return NULL;
}
if (gpgme_get_protocol(ctx) == GPGME_PROTOCOL_OpenPGP) {
prefs_gpg_enable_agent(prefs_gpg_get_config()->use_gpg_agent);
if (!getenv("GPG_AGENT_INFO") || !prefs_gpg_get_config()->use_gpg_agent) {
info.c = ctx;
gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
}
} else {
prefs_gpg_enable_agent(TRUE);
info.c = ctx;
gpgme_set_passphrase_cb (ctx, NULL, &info);
}
if (gpgme_get_protocol(ctx) == GPGME_PROTOCOL_OpenPGP) {
err = gpgme_op_decrypt_verify(ctx, cipher, plain);
if (err != GPG_ERR_NO_ERROR) {
debug_print("can't decrypt (%s)\n", gpgme_strerror(err));
privacy_set_error("%s", gpgme_strerror(err));
gpgmegtk_free_passphrase();
gpgme_data_release(plain);
return NULL;
}
err = cm_gpgme_data_rewind(plain);
if (err) {
debug_print("can't seek (%d %d %s)\n", err, errno, strerror(errno));
}
debug_print("decrypted.\n");
*status = gpgme_op_verify_result (ctx);
} else {
err = gpgme_op_decrypt(ctx, cipher, plain);
if (err != GPG_ERR_NO_ERROR) {
debug_print("can't decrypt (%s)\n", gpgme_strerror(err));
privacy_set_error("%s", gpgme_strerror(err));
gpgmegtk_free_passphrase();
gpgme_data_release(plain);
return NULL;
}
err = cm_gpgme_data_rewind(plain);
if (err) {
debug_print("can't seek (%d %d %s)\n", err, errno, strerror(errno));
}
debug_print("decrypted.\n");
*status = gpgme_op_verify_result (ctx);
}
return plain;
}
static gboolean pgpinline_sign(MimeInfo *mimeinfo, PrefsAccount *account, const gchar *from_addr)
{
MimeInfo *msgcontent;
gchar *textstr, *tmp;
FILE *fp;
gchar *sigcontent;
gpgme_ctx_t ctx;
gpgme_data_t gpgtext, gpgsig;
size_t len;
gpgme_error_t err;
struct passphrase_cb_info_s info;
gpgme_sign_result_t result = NULL;
memset (&info, 0, sizeof info);
/* get content node from message */
msgcontent = (MimeInfo *) mimeinfo->node->children->data;
if (msgcontent->type == MIMETYPE_MULTIPART) {
if (!msgcontent->node->children) {
debug_print("msgcontent->node->children NULL, bailing\n");
privacy_set_error(_("Malformed message"));
return FALSE;
}
msgcontent = (MimeInfo *) msgcontent->node->children->data;
}
/* get rid of quoted-printable or anything */
procmime_decode_content(msgcontent);
fp = my_tmpfile();
if (fp == NULL) {
perror("my_tmpfile");
privacy_set_error(_("Couldn't create temporary file."));
return FALSE;
}
procmime_write_mimeinfo(msgcontent, fp);
rewind(fp);
/* read temporary file into memory */
textstr = fp_read_noconv(fp);
fclose(fp);
gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
gpgme_data_new(&gpgsig);
if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
debug_print(("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
return FALSE;
}
gpgme_set_textmode(ctx, 1);
gpgme_set_armor(ctx, 1);
if (!sgpgme_setup_signers(ctx, account, from_addr)) {
gpgme_release(ctx);
return FALSE;
}
prefs_gpg_enable_agent(prefs_gpg_get_config()->use_gpg_agent);
if (!getenv("GPG_AGENT_INFO") || !prefs_gpg_get_config()->use_gpg_agent) {
info.c = ctx;
gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
}
err = gpgme_op_sign(ctx, gpgtext, gpgsig, GPGME_SIG_MODE_CLEAR);
if (err != GPG_ERR_NO_ERROR) {
if (err == GPG_ERR_CANCELED) {
/* ignore cancelled signing */
privacy_reset_error();
debug_print("gpgme_op_sign cancelled\n");
} else {
privacy_set_error(_("Data signing failed, %s"), gpgme_strerror(err));
debug_print("gpgme_op_sign error : %x\n", err);
}
gpgme_release(ctx);
return FALSE;
}
result = gpgme_op_sign_result(ctx);
if (result && result->signatures) {
gpgme_new_signature_t sig = result->signatures;
while (sig) {
debug_print("valid signature: %s\n", sig->fpr);
sig = sig->next;
}
} else if (result && result->invalid_signers) {
gpgme_invalid_key_t invalid = result->invalid_signers;
while (invalid) {
g_warning("invalid signer: %s (%s)", invalid->fpr,
gpgme_strerror(invalid->reason));
privacy_set_error(_("Data signing failed due to invalid signer: %s"),
gpgme_strerror(invalid->reason));
invalid = invalid->next;
}
gpgme_release(ctx);
return FALSE;
} else {
/* can't get result (maybe no signing key?) */
debug_print("gpgme_op_sign_result error\n");
privacy_set_error(_("Data signing failed, no results."));
gpgme_release(ctx);
return FALSE;
}
sigcontent = sgpgme_data_release_and_get_mem(gpgsig, &len);
if (sigcontent == NULL || len <= 0) {
g_warning("sgpgme_data_release_and_get_mem failed");
privacy_set_error(_("Data signing failed, no contents."));
gpgme_data_release(gpgtext);
g_free(textstr);
g_free(sigcontent);
gpgme_release(ctx);
return FALSE;
}
tmp = g_malloc(len+1);
g_memmove(tmp, sigcontent, len+1);
tmp[len] = '\0';
gpgme_data_release(gpgtext);
g_free(textstr);
g_free(sigcontent);
if (msgcontent->content == MIMECONTENT_FILE &&
msgcontent->data.filename != NULL) {
if (msgcontent->tmp == TRUE)
claws_unlink(msgcontent->data.filename);
g_free(msgcontent->data.filename);
}
msgcontent->data.mem = g_strdup(tmp);
msgcontent->content = MIMECONTENT_MEM;
g_free(tmp);
/* avoid all sorts of clear-signing problems with non ascii
* chars
*/
procmime_encode_content(msgcontent, ENC_BASE64);
gpgme_release(ctx);
return TRUE;
}
/* #############################################################################
*
* Description encrypt the given buffer and return the encrypted data with
* an updated size information
* Author Harry Brueckner
* Date 2005-03-31
* Arguments char* buffer - buffer to encrypt
* int size - size of the buffer
* char** newbuffer - pointer to the new buffer which holds the
* encrypted data
* int* newsize - size of the returned buffer
* PASSPHRASE_FN password_cb - callback function pointer used
* to get the current passphrase
* SHOWERROR_FN showerror_cb - callback function pointer used
* to display errors
* Return 0 if ok, otherwise 1
*/
int gpgDecrypt(char* buffer, int size, char** newbuffer, int* newsize,
PASSPHRASE_FN password_cb, SHOWERROR_FN showerror_cb)
{
gpgme_ctx_t context;
gpgme_error_t error;
gpgme_data_t input,
output;
gpgme_decrypt_result_t decrypt_result = NULL;
gpgme_verify_result_t verify_result;
int showerror = 1;
char* agent;
char* tmpbuffer = NULL;
TRACE(99, "gpgDecrypt()", NULL);
/* we set our passphrase callback function */
passphrase_callback = password_cb;
*newbuffer = NULL;
*newsize = 0;
error = gpgme_new(&context);
if (error)
{
(showerror_cb)(_("GpgMe context error"), gpgme_strerror(error));
return 1;
}
else
{ /* we got a context, we set the passphrase callback */
/* Flawfinder: ignore */
agent = getenv("GPG_AGENT_INFO");
if (!(agent && strchr(agent, ':')))
{
retries = 0;
gpgme_set_passphrase_cb(context, gpgRequestPassphrase, NULL);
}
}
if (!error)
{ error = gpgme_data_new_from_mem(&input, buffer, size, 0); }
if (!error)
{ error = gpgme_data_new(&output); }
if (!error)
{ error = gpgme_op_decrypt_verify(context, input, output); }
if (!error)
{ decrypt_result = gpgme_op_decrypt_result(context); }
if (!error &&
decrypt_result &&
decrypt_result -> unsupported_algorithm)
{
tmpbuffer = memAlloc(__FILE__, __LINE__, STDBUFFERLENGTH);
snprintf(tmpbuffer, STDBUFFERLENGTH, _("unsupported algorithm: %s\n"),
decrypt_result -> unsupported_algorithm);
(showerror_cb)(_("GpgMe error"), tmpbuffer);
memFree(__FILE__, __LINE__, tmpbuffer, STDBUFFERLENGTH);
showerror = 0;
error = 1;
}
if (!error)
{
verify_result = gpgme_op_verify_result(context);
error = gpgCheckVerifyResult(showerror_cb, verify_result,
GPG_ERR_NO_ERROR);
showerror = !error;
}
/* we don't need the passphrase any longer */
clearPassphrase(0);
if (!error)
{ tmpbuffer = gpgData2Char(output, newsize); }
#ifdef GPGME_HAS_RECIPIENT
/* we get the recipients of the message for the further re-encryption of
* the file
*/
if (!error &&
decrypt_result &&
decrypt_result -> recipients)
{
error = gpgGetRecipients(decrypt_result -> recipients, showerror_cb);
showerror = 0;
}
#endif
gpgme_data_release(input);
gpgme_data_release(output);
gpgme_release(context);
*newbuffer = tmpbuffer;
if (error)
{
if (showerror)
{ (showerror_cb)(_("GpgMe decrypt error"), gpgme_strerror(error)); }
return 1;
}
else
return 0;
}
/* The main GPG encryption routine for libfko.
*/
int
gpgme_encrypt(fko_ctx_t fko_ctx, unsigned char *indata, size_t in_len,
const char *pw, unsigned char **out, size_t *out_len)
{
char *tmp_buf;
int res;
gpgme_ctx_t gpg_ctx = NULL;
gpgme_data_t cipher = NULL;
gpgme_data_t plaintext = NULL;
gpgme_key_t key[2] = { NULL, NULL };
gpgme_error_t err;
/* Initialize gpgme
*/
res = init_gpgme(fko_ctx);
if(res != FKO_SUCCESS)
return(res);
gpg_ctx = fko_ctx->gpg_ctx;
/* Initialize the plaintext data (place into gpgme_data object)
*/
err = gpgme_data_new_from_mem(&plaintext, (char*)indata, in_len, 1);
if(gpg_err_code(err) != GPG_ERR_NO_ERROR)
{
gpgme_release(gpg_ctx);
fko_ctx->gpg_ctx = NULL;
fko_ctx->gpg_err = err;
return(FKO_ERROR_GPGME_PLAINTEXT_DATA_OBJ);
}
/* Set protocol
*/
err = gpgme_set_protocol(gpg_ctx, GPGME_PROTOCOL_OpenPGP);
if(gpg_err_code(err) != GPG_ERR_NO_ERROR)
{
gpgme_data_release(plaintext);
gpgme_release(gpg_ctx);
fko_ctx->gpg_ctx = NULL;
fko_ctx->gpg_err = err;
return(FKO_ERROR_GPGME_SET_PROTOCOL);
}
/* Set ascii-armor off (we will be base64-encoding the encrypted data
* ourselves.
*/
gpgme_set_armor(gpg_ctx, 0);
/* The gpgme_encrypt.... functions take a recipient key array, so we add
* our single key here.
*/
key[0] = fko_ctx->recipient_key;
/* Create the buffer for our encrypted data.
*/
err = gpgme_data_new(&cipher);
if(gpg_err_code(err) != GPG_ERR_NO_ERROR)
{
gpgme_data_release(plaintext);
gpgme_release(gpg_ctx);
fko_ctx->gpg_ctx = NULL;
fko_ctx->gpg_err = err;
return(FKO_ERROR_GPGME_CIPHER_DATA_OBJ);
}
/* Here we add the signer to the gpgme context if there is one.
*/
if(fko_ctx->gpg_signer != NULL) {
gpgme_signers_clear(gpg_ctx);
err = gpgme_signers_add(gpg_ctx, fko_ctx->signer_key);
if(gpg_err_code(err) != GPG_ERR_NO_ERROR)
{
gpgme_data_release(plaintext);
gpgme_data_release(cipher);
gpgme_release(gpg_ctx);
fko_ctx->gpg_ctx = NULL;
fko_ctx->gpg_err = err;
return(FKO_ERROR_GPGME_ADD_SIGNER);
}
}
/* Set the passphrase callback.
*/
gpgme_set_passphrase_cb(gpg_ctx, my_passphrase_cb, (void*)pw);
/* Encrypt and sign (if a sig was provided) the SPA data.
*/
if(fko_ctx->gpg_signer == NULL)
err = gpgme_op_encrypt(
gpg_ctx, key, GPGME_ENCRYPT_ALWAYS_TRUST, plaintext, cipher
);
else
err = gpgme_op_encrypt_sign(
gpg_ctx, key, GPGME_ENCRYPT_ALWAYS_TRUST, plaintext, cipher
);
if(gpg_err_code(err) != GPG_ERR_NO_ERROR)
{
gpgme_data_release(plaintext);
gpgme_data_release(cipher);
gpgme_release(gpg_ctx);
fko_ctx->gpg_ctx = NULL;
fko_ctx->gpg_err = err;
if(gpgme_err_code(err) == GPG_ERR_CANCELED)
return(FKO_ERROR_GPGME_BAD_PASSPHRASE);
return(FKO_ERROR_GPGME_ENCRYPT_SIGN);
}
/* Done with the plaintext.
*/
gpgme_data_release(plaintext);
/* Get the encrypted data and its length from the gpgme data object.
* BTW, this does free the memory used by cipher.
*/
tmp_buf = gpgme_data_release_and_get_mem(cipher, out_len);
*out = malloc(*out_len); /* This is freed upon fko_ctx destruction. */
if(*out == NULL)
res = FKO_ERROR_MEMORY_ALLOCATION;
else
{
memcpy(*out, tmp_buf, *out_len);
res = FKO_SUCCESS;
}
gpgme_free(tmp_buf);
return(res);
}
/* The main GPG decryption routine for libfko.
*/
int
gpgme_decrypt(fko_ctx_t fko_ctx, unsigned char *indata,
size_t in_len, const char *pw, unsigned char **out, size_t *out_len)
{
char *tmp_buf;
int res;
gpgme_ctx_t gpg_ctx = NULL;
gpgme_data_t cipher = NULL;
gpgme_data_t plaintext = NULL;
gpgme_error_t err;
gpgme_decrypt_result_t decrypt_res;
gpgme_verify_result_t verify_res;
/* Initialize gpgme
*/
res = init_gpgme(fko_ctx);
if(res != FKO_SUCCESS)
return(res);
gpg_ctx = fko_ctx->gpg_ctx;
err = gpgme_data_new(&plaintext);
if(gpg_err_code(err) != GPG_ERR_NO_ERROR)
{
gpgme_release(gpg_ctx);
fko_ctx->gpg_ctx = NULL;
fko_ctx->gpg_err = err;
return(FKO_ERROR_GPGME_PLAINTEXT_DATA_OBJ);
}
/* Initialize the cipher data (place into gpgme_data object)
*/
err = gpgme_data_new_from_mem(&cipher, (char*)indata, in_len, 0);
if(gpg_err_code(err) != GPG_ERR_NO_ERROR)
{
gpgme_data_release(plaintext);
gpgme_release(gpg_ctx);
fko_ctx->gpg_ctx = NULL;
fko_ctx->gpg_err = err;
return(FKO_ERROR_GPGME_CIPHER_DATA_OBJ);
}
/* Set the passphrase callback.
*/
gpgme_set_passphrase_cb(gpg_ctx, my_passphrase_cb, (void*)pw);
/* Now decrypt and verify.
*/
err = gpgme_op_decrypt_verify(gpg_ctx, cipher, plaintext);
if(gpg_err_code(err) != GPG_ERR_NO_ERROR)
{
gpgme_data_release(plaintext);
gpgme_data_release(cipher);
gpgme_release(gpg_ctx);
fko_ctx->gpg_ctx = NULL;
fko_ctx->gpg_err = err;
return(FKO_ERROR_GPGME_DECRYPT_FAILED);
}
/* Done with the cipher text.
*/
gpgme_data_release(cipher);
/* We check the "usupported_algorithm" flag in the decrypt result.
*/
decrypt_res = gpgme_op_decrypt_result(gpg_ctx);
if(decrypt_res->unsupported_algorithm)
{
gpgme_data_release(plaintext);
gpgme_release(gpg_ctx);
fko_ctx->gpg_ctx = NULL;
return(FKO_ERROR_GPGME_DECRYPT_UNSUPPORTED_ALGORITHM);
}
/* Now verify the signatures if so configured.
*/
if(fko_ctx->verify_gpg_sigs)
{
verify_res = gpgme_op_verify_result(gpg_ctx);
res = process_sigs(fko_ctx, verify_res);
if(res != FKO_SUCCESS)
{
gpgme_data_release(plaintext);
gpgme_release(gpg_ctx);
fko_ctx->gpg_ctx = NULL;
return(res);
}
}
/* Get the encrypted data and its length from the gpgme data object.
*/
tmp_buf = gpgme_data_release_and_get_mem(plaintext, out_len);
/* Use calloc here with an extra byte because I am not sure if all systems
* will include the terminating NULL with the decrypted data (which is
* expected to be a string).
*/
*out = calloc(1, *out_len+1); /* This is freed upon fko_ctx destruction. */
if(*out == NULL)
res = FKO_ERROR_MEMORY_ALLOCATION;
else
{
memcpy(*out, tmp_buf, *out_len);
res = FKO_SUCCESS;
}
gpgme_free(tmp_buf);
return(res);
}
QString QalfCrypto::sign(QString &message, QString &key) {
gpgme_key_t gpgkey ;
gpgme_data_t signature ;
gpgme_data_t msg ;
gpgme_verify_result_t verification ;
gpgme_signature_t signatures ;
gpgme_error_t result ;
char * buffer ;
gpgme_set_passphrase_cb(context,&passphrase_callback,NULL) ;
result = gpgme_set_protocol(context,GPGME_PROTOCOL_OpenPGP) ;
Q_ASSERT(gpgme_err_code(result) == GPG_ERR_NO_ERROR) ;
gpgme_set_armor(context,1) ;
gpgme_set_textmode(context,1) ;
gpgme_signers_clear(context) ;
result = gpgme_set_keylist_mode(context,GPGME_KEYLIST_MODE_LOCAL) ;
// retrieving key
result = gpgme_get_key(context, key.toAscii().data(),&gpgkey,1) ;
Q_ASSERT(result == GPG_ERR_NO_ERROR) ;
Q_ASSERT(gpgkey != 0) ;
// signing
result = gpgme_signers_add(context,gpgkey) ;
Q_ASSERT(result == GPG_ERR_NO_ERROR) ;
result = gpgme_data_new(&signature);
Q_ASSERT(result == GPG_ERR_NO_ERROR) ;
int message_length = message.toAscii().size() ;
char * message_char = (char *) calloc(message_length+1,sizeof(char)) ;
memcpy(message_char,message.toAscii().data(),message_length) ;
// printf("memcmp : %d\n",memcmp(message_char,"1fc36e1d41a93c1d79f6872198f426129320d287",message_length+1)) ;
result = gpgme_data_new_from_mem(&msg,message_char,message_length,0) ;
gpgme_data_seek(signature,0,SEEK_SET) ;
gpgme_data_seek(msg,0,SEEK_SET) ;
result = gpgme_op_sign(context, msg,signature, GPGME_SIG_MODE_DETACH) ;
Q_ASSERT(gpgme_err_code(result) == GPG_ERR_NO_ERROR || gpgme_err_code(result) == GPG_ERR_BAD_PASSPHRASE || gpgme_err_code(result) == GPG_ERR_CANCELED) ;
// gpgme_data_seek(signature,0,SEEK_SET) ;
// gpgme_data_seek(msg,0,SEEK_SET) ;
//
// result = gpgme_op_verify (context, signature, msg , 0) ;
// Q_ASSERT(gpgme_err_code(result) != GPG_ERR_INV_VALUE) ;
// Q_ASSERT(gpgme_err_code(result) != GPG_ERR_NO_DATA) ;
// Q_ASSERT(result == GPG_ERR_NO_ERROR) ;
//
// verification = gpgme_op_verify_result(context) ;
// Q_ASSERT(verification != 0) ;
//
// signatures = verification->signatures ;
// Q_ASSERT(verification->signatures != 0) ;
// result = signatures->status ;
// printf("status : %d\n",gpgme_err_code(result)) ;
// printf("signature summary : %d\n",signatures->summary) ;
// Q_ASSERT(signatures->summary == GPGME_SIGSUM_VALID | GPGME_SIGSUM_GREEN) ;
//
QString signatureStr ;
buffer = (char *) calloc(2048,sizeof(char)) ;
gpgme_data_seek(signature,0,SEEK_SET) ;
gpgme_data_read(signature,buffer,2048) ;
signatureStr += buffer ;
qDebug() << "signature" << signatureStr ;
gpgme_data_release(signature) ;
gpgme_key_unref(gpgkey) ;
gpgme_data_release(msg) ;
return signatureStr ;
}
QByteArray GPGME::decryptFile(const QString & filename, QString & keyId, QWidget * parent)
{
setError(GPG_ERR_NO_ERROR); // clear error
CallbackData cbData;
cbData.parent = parent;
qDebug() << "ERERR" << gpg_err_source(GPG_ERR_CODE_DIM+1);
gpgme_set_passphrase_cb(p->context, passphraseCallback, &cbData);
qDebug() << "decrypting file" << filename;
gpgme_data_t data;
gpgme_error_t err;
QFile file(filename);
if (!file.exists()) {
setError(GPGME_WRAPPER_ERR_FILE_NOT_FOUND, true);
return QByteArray();
}
if (!file.open(QIODevice::ReadOnly)) {
setError(GPGME_WRAPPER_ERR_CANNOT_OPEN_FILE, true);
return QByteArray();
}
if (file.size() > FILESIZE_HARD_LIMIT) {
setError(GPGME_WRAPPER_ERR_FILE_TOO_LARGE, true);
return QByteArray();
}
err = gpgme_data_new_from_fd(&data, file.handle());
if (err != GPG_ERR_NO_ERROR) {
setError(err);
return QByteArray();
}
// process data (it's cipher)
gpgme_data_t plain;
gpgme_data_new(&plain);
err = gpgme_op_decrypt(p->context, data, plain);
// unset passphrase callback
gpgme_set_passphrase_cb(p->context, 0, 0);
if (err != GPG_ERR_NO_ERROR) {
gpgme_data_release(data);
gpgme_data_release(plain);
setError(err);
return QByteArray();
}
// decryption is successful so load plain data
QByteArray resBytes;
const int bufSize = 1000;
int read;
char buf[bufSize];
gpgme_data_seek(plain, 0, SEEK_SET);
while (true) {
read = gpgme_data_read(plain, (void*)buf, bufSize);
if (read == 0) {
break;
}
if (read == -1) {
// error, ignore for now
break;
}
resBytes.append(buf, read);
}
gpgme_decrypt_result_t decrypt_res = gpgme_op_decrypt_result(p->context);
gpgme_recipient_t recipient;
if (decrypt_res) {
recipient = decrypt_res->recipients;
while (recipient) {
keyId = recipient->keyid;
recipient = recipient->next;
break; // just ignore the other recipients
}
}
return resBytes;
}
char*
p_gpg_sign(const char *const str, const char *const fp)
{
gpgme_ctx_t ctx;
gpgme_error_t error = gpgme_new(&ctx);
if (error) {
log_error("GPG: Failed to create gpgme context. %s %s", gpgme_strsource(error), gpgme_strerror(error));
return NULL;
}
gpgme_set_passphrase_cb(ctx, (gpgme_passphrase_cb_t)_p_gpg_passphrase_cb, NULL);
gpgme_key_t key = NULL;
error = gpgme_get_key(ctx, fp, &key, 1);
if (error || key == NULL) {
log_error("GPG: Failed to get key. %s %s", gpgme_strsource(error), gpgme_strerror(error));
gpgme_release(ctx);
return NULL;
}
gpgme_signers_clear(ctx);
error = gpgme_signers_add(ctx, key);
gpgme_key_unref(key);
if (error) {
log_error("GPG: Failed to load signer. %s %s", gpgme_strsource(error), gpgme_strerror(error));
gpgme_release(ctx);
return NULL;
}
char *str_or_empty = NULL;
if (str) {
str_or_empty = strdup(str);
} else {
str_or_empty = strdup("");
}
gpgme_data_t str_data;
gpgme_data_new_from_mem(&str_data, str_or_empty, strlen(str_or_empty), 1);
free(str_or_empty);
gpgme_data_t signed_data;
gpgme_data_new(&signed_data);
gpgme_set_armor(ctx,1);
error = gpgme_op_sign(ctx, str_data, signed_data, GPGME_SIG_MODE_DETACH);
gpgme_data_release(str_data);
gpgme_release(ctx);
if (error) {
log_error("GPG: Failed to sign string. %s %s", gpgme_strsource(error), gpgme_strerror(error));
gpgme_data_release(signed_data);
return NULL;
}
char *result = NULL;
size_t len = 0;
char *signed_str = gpgme_data_release_and_get_mem(signed_data, &len);
if (signed_str) {
GString *signed_gstr = g_string_new("");
g_string_append_len(signed_gstr, signed_str, len);
result = _remove_header_footer(signed_gstr->str, PGP_SIGNATURE_FOOTER);
g_string_free(signed_gstr, TRUE);
gpgme_free(signed_str);
}
if (passphrase_attempt) {
passphrase = strdup(passphrase_attempt);
}
return result;
}
char*
p_gpg_decrypt(const char *const cipher)
{
gpgme_ctx_t ctx;
gpgme_error_t error = gpgme_new(&ctx);
if (error) {
log_error("GPG: Failed to create gpgme context. %s %s", gpgme_strsource(error), gpgme_strerror(error));
return NULL;
}
gpgme_set_passphrase_cb(ctx, (gpgme_passphrase_cb_t)_p_gpg_passphrase_cb, NULL);
char *cipher_with_headers = _add_header_footer(cipher, PGP_MESSAGE_HEADER, PGP_MESSAGE_FOOTER);
gpgme_data_t cipher_data;
gpgme_data_new_from_mem(&cipher_data, cipher_with_headers, strlen(cipher_with_headers), 1);
free(cipher_with_headers);
gpgme_data_t plain_data;
gpgme_data_new(&plain_data);
error = gpgme_op_decrypt(ctx, cipher_data, plain_data);
gpgme_data_release(cipher_data);
if (error) {
log_error("GPG: Failed to encrypt message. %s %s", gpgme_strsource(error), gpgme_strerror(error));
gpgme_data_release(plain_data);
gpgme_release(ctx);
return NULL;
}
gpgme_decrypt_result_t res = gpgme_op_decrypt_result(ctx);
if (res) {
GString *recipients_str = g_string_new("");
gpgme_recipient_t recipient = res->recipients;
while (recipient) {
gpgme_key_t key;
error = gpgme_get_key(ctx, recipient->keyid, &key, 1);
if (!error && key) {
const char *addr = gpgme_key_get_string_attr(key, GPGME_ATTR_EMAIL, NULL, 0);
if (addr) {
g_string_append(recipients_str, addr);
}
gpgme_key_unref(key);
}
if (recipient->next) {
g_string_append(recipients_str, ", ");
}
recipient = recipient->next;
}
log_debug("GPG: Decrypted message for recipients: %s", recipients_str->str);
g_string_free(recipients_str, TRUE);
}
gpgme_release(ctx);
size_t len = 0;
char *plain_str = gpgme_data_release_and_get_mem(plain_data, &len);
char *result = NULL;
if (plain_str) {
plain_str[len] = 0;
result = g_strdup(plain_str);
}
gpgme_free(plain_str);
if (passphrase_attempt) {
passphrase = strdup(passphrase_attempt);
}
return result;
}
gboolean pgpmime_sign(MimeInfo *mimeinfo, PrefsAccount *account, const gchar *from_addr)
{
MimeInfo *msgcontent, *sigmultipart, *newinfo;
gchar *textstr, *micalg = NULL;
FILE *fp;
gchar *boundary = NULL;
gchar *sigcontent;
gpgme_ctx_t ctx;
gpgme_data_t gpgtext, gpgsig;
gpgme_error_t err;
size_t len;
struct passphrase_cb_info_s info;
gpgme_sign_result_t result = NULL;
gchar *test_msg;
fp = my_tmpfile();
if (fp == NULL) {
perror("my_tmpfile");
privacy_set_error(_("Couldn't create temporary file: %s"), g_strerror(errno));
return FALSE;
}
procmime_write_mimeinfo(mimeinfo, fp);
rewind(fp);
/* read temporary file into memory */
test_msg = file_read_stream_to_str(fp);
claws_fclose(fp);
memset (&info, 0, sizeof info);
/* remove content node from message */
msgcontent = (MimeInfo *) mimeinfo->node->children->data;
g_node_unlink(msgcontent->node);
/* create temporary multipart for content */
sigmultipart = procmime_mimeinfo_new();
sigmultipart->type = MIMETYPE_MULTIPART;
sigmultipart->subtype = g_strdup("signed");
do {
g_free(boundary);
boundary = generate_mime_boundary("Sig");
} while (strstr(test_msg, boundary) != NULL);
g_free(test_msg);
g_hash_table_insert(sigmultipart->typeparameters, g_strdup("boundary"),
g_strdup(boundary));
g_hash_table_insert(sigmultipart->typeparameters, g_strdup("protocol"),
g_strdup("application/pgp-signature"));
g_node_append(sigmultipart->node, msgcontent->node);
g_node_append(mimeinfo->node, sigmultipart->node);
/* write message content to temporary file */
fp = my_tmpfile();
if (fp == NULL) {
perror("my_tmpfile");
privacy_set_error(_("Couldn't create temporary file: %s"), g_strerror(errno));
return FALSE;
}
procmime_write_mimeinfo(sigmultipart, fp);
rewind(fp);
/* read temporary file into memory */
textstr = get_canonical_content(fp, boundary);
g_free(boundary);
claws_fclose(fp);
gpgme_data_new_from_mem(&gpgtext, textstr, (size_t)strlen(textstr), 0);
gpgme_data_new(&gpgsig);
if ((err = gpgme_new(&ctx)) != GPG_ERR_NO_ERROR) {
debug_print(("Couldn't initialize GPG context, %s\n"), gpgme_strerror(err));
privacy_set_error(_("Couldn't initialize GPG context, %s"), gpgme_strerror(err));
return FALSE;
}
gpgme_set_textmode(ctx, 1);
gpgme_set_armor(ctx, 1);
gpgme_signers_clear (ctx);
if (!sgpgme_setup_signers(ctx, account, from_addr)) {
gpgme_release(ctx);
return FALSE;
}
prefs_gpg_enable_agent(prefs_gpg_get_config()->use_gpg_agent);
if (g_getenv("GPG_AGENT_INFO") && prefs_gpg_get_config()->use_gpg_agent) {
debug_print("GPG_AGENT_INFO environment defined, running without passphrase callback\n");
} else {
info.c = ctx;
gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
}
err = gpgme_op_sign(ctx, gpgtext, gpgsig, GPGME_SIG_MODE_DETACH);
if (err != GPG_ERR_NO_ERROR) {
if (err == GPG_ERR_CANCELED) {
/* ignore cancelled signing */
privacy_reset_error();
debug_print("gpgme_op_sign cancelled\n");
} else {
privacy_set_error(_("Data signing failed, %s"), gpgme_strerror(err));
debug_print("gpgme_op_sign error : %x\n", err);
}
gpgme_release(ctx);
return FALSE;
}
result = gpgme_op_sign_result(ctx);
if (result && result->signatures) {
gpgme_new_signature_t sig = result->signatures;
if (gpgme_get_protocol(ctx) == GPGME_PROTOCOL_OpenPGP) {
gchar *down_algo = g_ascii_strdown(gpgme_hash_algo_name(
result->signatures->hash_algo), -1);
micalg = g_strdup_printf("pgp-%s", down_algo);
g_free(down_algo);
} else {
micalg = g_strdup(gpgme_hash_algo_name(
result->signatures->hash_algo));
}
while (sig) {
debug_print("valid signature: %s\n", sig->fpr);
sig = sig->next;
}
} else if (result && result->invalid_signers) {
gpgme_invalid_key_t invalid = result->invalid_signers;
while (invalid) {
g_warning("invalid signer: %s (%s)", invalid->fpr,
gpgme_strerror(invalid->reason));
privacy_set_error(_("Data signing failed due to invalid signer: %s"),
gpgme_strerror(invalid->reason));
invalid = invalid->next;
}
gpgme_release(ctx);
return FALSE;
} else {
/* can't get result (maybe no signing key?) */
debug_print("gpgme_op_sign_result error\n");
privacy_set_error(_("Data signing failed, no results."));
gpgme_release(ctx);
return FALSE;
}
sigcontent = sgpgme_data_release_and_get_mem(gpgsig, &len);
gpgme_data_release(gpgtext);
g_free(textstr);
if (sigcontent == NULL || len <= 0) {
g_warning("sgpgme_data_release_and_get_mem failed");
privacy_set_error(_("Data signing failed, no contents."));
g_free(micalg);
g_free(sigcontent);
return FALSE;
}
/* add signature */
g_hash_table_insert(sigmultipart->typeparameters, g_strdup("micalg"),
micalg);
newinfo = procmime_mimeinfo_new();
newinfo->type = MIMETYPE_APPLICATION;
newinfo->subtype = g_strdup("pgp-signature");
newinfo->description = g_strdup(_("OpenPGP digital signature"));
newinfo->content = MIMECONTENT_MEM;
newinfo->data.mem = g_malloc(len + 1);
g_memmove(newinfo->data.mem, sigcontent, len);
newinfo->data.mem[len] = '\0';
g_node_append(sigmultipart->node, newinfo->node);
g_free(sigcontent);
gpgme_release(ctx);
return TRUE;
}
