diff options
Diffstat (limited to 'camel/camel-pgp-mime.c')
-rw-r--r-- | camel/camel-pgp-mime.c | 504 |
1 files changed, 25 insertions, 479 deletions
diff --git a/camel/camel-pgp-mime.c b/camel/camel-pgp-mime.c index 51b3d91994..f9d0ea80a9 100644 --- a/camel/camel-pgp-mime.c +++ b/camel/camel-pgp-mime.c @@ -25,28 +25,24 @@ #include <config.h> #endif -#include "camel-pgp-mime.h" -#include "camel-mime-message.h" -#include "camel-mime-filter-from.h" -#include "camel-mime-filter-bestenc.h" -#include "camel-mime-filter-crlf.h" -#include "camel-mime-filter-charset.h" -#include "camel-mime-filter-chomp.h" -#include "camel-stream-filter.h" -#include "camel-stream-null.h" -#include "camel-stream-mem.h" -#include "camel-stream-fs.h" - #include <stdio.h> #include <stdlib.h> #include <string.h> -#define PGPMIME_DEBUG - -#define d(x) x +#include "camel-pgp-mime.h" +#include "camel-mime-message.h" -/** rfc2015/rfc3156 stuff (aka PGP/MIME) *******************************/ +/** + * camel_pgp_mime_is_rfc2015_signed: + * @mime_part: MIME part + * + * Checks that this part is a multipart/signed part following the + * rfc2015 and/or rfc3156 PGP/MIME specifications. + * + * Returns %TRUE if this looks to be a valid PGP/MIME multipart/signed + * part or %FALSE otherwise. + **/ gboolean camel_pgp_mime_is_rfc2015_signed (CamelMimePart *mime_part) { @@ -63,7 +59,7 @@ camel_pgp_mime_is_rfc2015_signed (CamelMimePart *mime_part) type = camel_mime_part_get_content_type (mime_part); if (!header_content_type_is (type, "multipart", "signed")) return FALSE; - + #ifdef ENABLE_PEDANTIC_PGPMIME /* check that we have a protocol param with the value: "application/pgp-signature" */ param = header_content_type_param (type, "protocol"); @@ -99,6 +95,17 @@ camel_pgp_mime_is_rfc2015_signed (CamelMimePart *mime_part) return TRUE; } + +/** + * camel_pgp_mime_is_rfc2015_encrypted: + * @mime_part: MIME part + * + * Checks that this part is a multipart/encrypted part following the + * rfc2015 and/or rfc3156 PGP/MIME specifications. + * + * Returns %TRUE if this looks to be a valid PGP/MIME + * multipart/encrypted part or %FALSE otherwise. + **/ gboolean camel_pgp_mime_is_rfc2015_encrypted (CamelMimePart *mime_part) { @@ -115,7 +122,7 @@ camel_pgp_mime_is_rfc2015_encrypted (CamelMimePart *mime_part) type = camel_mime_part_get_content_type (mime_part); if (!header_content_type_is (type, "multipart", "encrypted")) return FALSE; - + #ifdef ENABLE_PEDANTIC_PGPMIME /* check that we have a protocol param with the value: "application/pgp-encrypted" */ param = header_content_type_param (type, "protocol"); @@ -145,464 +152,3 @@ camel_pgp_mime_is_rfc2015_encrypted (CamelMimePart *mime_part) return TRUE; } - - -static void -pgp_mime_part_sign_restore_part (CamelMimePart *mime_part, GSList **encodings) -{ - CamelDataWrapper *wrapper; - - wrapper = camel_medium_get_content_object (CAMEL_MEDIUM (mime_part)); - if (!wrapper) - return; - - if (CAMEL_IS_MULTIPART (wrapper)) { - int parts, i; - - parts = camel_multipart_get_number (CAMEL_MULTIPART (wrapper)); - for (i = 0; i < parts; i++) { - CamelMimePart *part = camel_multipart_get_part (CAMEL_MULTIPART (wrapper), i); - - pgp_mime_part_sign_restore_part (part, encodings); - } - } else { - CamelMimePartEncodingType encoding; - - if (CAMEL_IS_MIME_MESSAGE (wrapper)) { - /* restore the message parts' subparts */ - pgp_mime_part_sign_restore_part (CAMEL_MIME_PART (wrapper), encodings); - } else { - encoding = GPOINTER_TO_INT ((*encodings)->data); - - camel_mime_part_set_encoding (mime_part, encoding); - - *encodings = (*encodings)->next; - } - } -} - -static void -pgp_mime_part_sign_prepare_part (CamelMimePart *mime_part, GSList **encodings) -{ - CamelDataWrapper *wrapper; - int parts, i; - - wrapper = camel_medium_get_content_object (CAMEL_MEDIUM (mime_part)); - if (!wrapper) - return; - - if (CAMEL_IS_MULTIPART (wrapper)) { - parts = camel_multipart_get_number (CAMEL_MULTIPART (wrapper)); - for (i = 0; i < parts; i++) { - CamelMimePart *part = camel_multipart_get_part (CAMEL_MULTIPART (wrapper), i); - - pgp_mime_part_sign_prepare_part (part, encodings); - } - } else { - CamelMimePartEncodingType encoding, best; - CamelStream *stream, *filtered_stream; - CamelMimeFilterBestenc *bestenc; - guint32 flags; - - if (CAMEL_IS_MIME_MESSAGE (wrapper)) { - /* prepare the message parts' subparts */ - pgp_mime_part_sign_prepare_part (CAMEL_MIME_PART (wrapper), encodings); - } else { - encoding = camel_mime_part_get_encoding (mime_part); - - if (encoding != CAMEL_MIME_PART_ENCODING_BASE64) { - flags = CAMEL_BESTENC_GET_ENCODING; - - stream = camel_stream_null_new (); - filtered_stream = (CamelStream *) camel_stream_filter_new_with_stream (stream); - camel_object_unref (CAMEL_OBJECT (stream)); - bestenc = camel_mime_filter_bestenc_new (flags); - camel_stream_filter_add (CAMEL_STREAM_FILTER (filtered_stream), - CAMEL_MIME_FILTER (bestenc)); - - camel_data_wrapper_write_to_stream (wrapper, filtered_stream); - - best = camel_mime_filter_bestenc_get_best_encoding (bestenc, CAMEL_BESTENC_7BIT); - - camel_object_unref (CAMEL_OBJECT (filtered_stream)); - camel_object_unref (CAMEL_OBJECT (bestenc)); - - if (encoding != best) { - camel_mime_part_set_encoding (mime_part, best); - - *encodings = g_slist_append (*encodings, GINT_TO_POINTER (encoding)); - } - } - } - } -} - - -/** - * camel_pgp_mime_part_sign: - * @cipher: PGP Cipher Context - * @mime_part: a MIME part that will be replaced by a pgp signed part - * @userid: userid to sign with - * @hash: one of CAMEL_PGP_HASH_TYPE_MD5 or CAMEL_PGP_HASH_TYPE_SHA1 - * @ex: exception which will be set if there are any errors. - * - * Constructs a PGP/MIME multipart in compliance with rfc2015 and - * replaces @part with the generated multipart/signed. On failure, - * @ex will be set and #part will remain untouched. - **/ -void -camel_pgp_mime_part_sign (CamelCipherContext *cipher, CamelMimePart **mime_part, const char *userid, - CamelCipherHash hash, CamelException *ex) -{ - CamelMimePart *part, *signed_part; - CamelMultipart *multipart; - CamelContentType *mime_type; - CamelStreamFilter *filtered_stream; - CamelMimeFilter *crlf_filter, *from_filter, *chomp_filter; - CamelStream *stream, *sigstream; - GSList *encodings = NULL; - char *hash_type = NULL; - - g_return_if_fail (*mime_part != NULL); - g_return_if_fail (CAMEL_IS_MIME_PART (*mime_part)); - g_return_if_fail (userid != NULL); - - part = *mime_part; - - /* Prepare all the parts for signing... */ - pgp_mime_part_sign_prepare_part (part, &encodings); - - /* get the cleartext */ - stream = camel_stream_mem_new (); - filtered_stream = camel_stream_filter_new_with_stream (stream); - - /* Note: see rfc3156, section 3 - second note */ - from_filter = CAMEL_MIME_FILTER (camel_mime_filter_from_new ()); - camel_stream_filter_add (filtered_stream, CAMEL_MIME_FILTER (from_filter)); - camel_object_unref (CAMEL_OBJECT (from_filter)); - - /* Note: see rfc3156, section 5.4 (this is the big thing that changed between rfc2015 and rfc3156) */ - chomp_filter = camel_mime_filter_chomp_new (); - camel_stream_filter_add (filtered_stream, CAMEL_MIME_FILTER (chomp_filter)); - camel_object_unref (CAMEL_OBJECT (chomp_filter)); - - /* Note: see rfc2015 or rfc3156, section 5.1 */ - crlf_filter = camel_mime_filter_crlf_new (CAMEL_MIME_FILTER_CRLF_ENCODE, - CAMEL_MIME_FILTER_CRLF_MODE_CRLF_ONLY); - camel_stream_filter_add (filtered_stream, CAMEL_MIME_FILTER (crlf_filter)); - camel_object_unref (CAMEL_OBJECT (crlf_filter)); - - camel_data_wrapper_write_to_stream (CAMEL_DATA_WRAPPER (part), CAMEL_STREAM (filtered_stream)); - camel_stream_flush (CAMEL_STREAM (filtered_stream)); - camel_object_unref (CAMEL_OBJECT (filtered_stream)); - - /* reset the stream */ - camel_stream_reset (stream); - - d(printf ("attempting to sign data:\n----- BEGIN SIGNED PART -----\n%.*s----- END SIGNED PART -----\n", - CAMEL_STREAM_MEM (stream)->buffer->len, CAMEL_STREAM_MEM (stream)->buffer->data)); - - /* construct the signature stream */ - sigstream = camel_stream_mem_new (); - - switch (hash) { - case CAMEL_CIPHER_HASH_MD2: - /* this is a new addition with rfc3156 */ - hash_type = "pgp-md2"; - break; - case CAMEL_CIPHER_HASH_MD5: - hash_type = "pgp-md5"; - break; - case CAMEL_CIPHER_HASH_SHA1: - hash_type = "pgp-sha1"; - break; - case CAMEL_CIPHER_HASH_RIPEMD160: - hash_type = "pgp-ripemd160"; - break; - default: - /* set a reasonable default */ - hash = CAMEL_CIPHER_HASH_SHA1; - hash_type = "pgp-sha1"; - break; - } - - /* get the signature */ - if (camel_cipher_sign (cipher, userid, hash, stream, sigstream, ex) == -1) { - GSList *list; - - camel_object_unref (CAMEL_OBJECT (stream)); - camel_object_unref (CAMEL_OBJECT (sigstream)); - - /* restore the original encoding */ - list = encodings; - pgp_mime_part_sign_restore_part (part, &list); - g_slist_free (encodings); - return; - } - - camel_object_unref (CAMEL_OBJECT (stream)); - camel_stream_reset (sigstream); - - /* we don't need these anymore... */ - g_slist_free (encodings); - - /* construct the pgp-signature mime part */ - signed_part = camel_mime_part_new (); - camel_mime_part_set_content (signed_part, CAMEL_STREAM_MEM (sigstream)->buffer->data, - CAMEL_STREAM_MEM (sigstream)->buffer->len, - "application/pgp-signature; name=signature.asc"); - camel_mime_part_set_description (signed_part, _("This is a digitally signed message part")); - camel_object_unref (CAMEL_OBJECT (sigstream)); - - /* construct the container multipart/signed */ - multipart = camel_multipart_new (); - - mime_type = header_content_type_new ("multipart", "signed"); - header_content_type_set_param (mime_type, "micalg", hash_type); - header_content_type_set_param (mime_type, "protocol", "application/pgp-signature"); - camel_data_wrapper_set_mime_type_field (CAMEL_DATA_WRAPPER (multipart), mime_type); - header_content_type_unref (mime_type); - - camel_multipart_set_boundary (multipart, NULL); - - /* add the parts to the multipart */ - camel_multipart_add_part (multipart, part); - camel_object_unref (CAMEL_OBJECT (part)); - camel_multipart_add_part (multipart, signed_part); - camel_object_unref (CAMEL_OBJECT (signed_part)); - - /* replace the input part with the output part */ - *mime_part = camel_mime_part_new (); - camel_medium_set_content_object (CAMEL_MEDIUM (*mime_part), - CAMEL_DATA_WRAPPER (multipart)); - camel_object_unref (CAMEL_OBJECT (multipart)); -} - - -/** - * camel_pgp_mime_part_verify: - * @cipher: PGP Cipher Context - * @mime_part: a multipart/signed MIME Part - * @ex: exception - * - * Returns a CamelCipherValidity on success or NULL on fail. - **/ -CamelCipherValidity * -camel_pgp_mime_part_verify (CamelCipherContext *cipher, CamelMimePart *mime_part, CamelException *ex) -{ - CamelDataWrapper *wrapper; - CamelMultipart *multipart; - CamelMimePart *part, *sigpart; - CamelStreamFilter *filtered_stream; - CamelMimeFilter *crlf_filter, *chomp_filter; - CamelStream *stream, *sigstream; - CamelCipherValidity *valid; - - g_return_val_if_fail (mime_part != NULL, NULL); - g_return_val_if_fail (CAMEL_IS_MIME_PART (mime_part), NULL); - - if (!camel_pgp_mime_is_rfc2015_signed (mime_part)) - return NULL; - - wrapper = camel_medium_get_content_object (CAMEL_MEDIUM (mime_part)); - multipart = CAMEL_MULTIPART (wrapper); - - /* get the plain part */ - part = camel_multipart_get_part (multipart, 0); - stream = camel_stream_mem_new (); - filtered_stream = camel_stream_filter_new_with_stream (stream); - - /* Note: see rfc3156, section 5.4 (this is the big thing that changed between rfc2015 and rfc3156) */ - chomp_filter = camel_mime_filter_chomp_new (); - camel_stream_filter_add (filtered_stream, CAMEL_MIME_FILTER (chomp_filter)); - camel_object_unref (CAMEL_OBJECT (chomp_filter)); - - /* Note: see rfc2015 or rfc3156, section 5.1 */ - crlf_filter = camel_mime_filter_crlf_new (CAMEL_MIME_FILTER_CRLF_ENCODE, - CAMEL_MIME_FILTER_CRLF_MODE_CRLF_ONLY); - camel_stream_filter_add (filtered_stream, CAMEL_MIME_FILTER (crlf_filter)); - camel_object_unref (CAMEL_OBJECT (crlf_filter)); - - wrapper = CAMEL_DATA_WRAPPER (part); - camel_data_wrapper_write_to_stream (wrapper, CAMEL_STREAM (filtered_stream)); - camel_stream_flush (CAMEL_STREAM (filtered_stream)); - camel_object_unref (CAMEL_OBJECT (filtered_stream)); - camel_stream_reset (stream); - - /* get the signed part */ - sigpart = camel_multipart_get_part (multipart, 1); - sigstream = camel_stream_mem_new (); - camel_data_wrapper_write_to_stream (camel_medium_get_content_object (CAMEL_MEDIUM (sigpart)), - sigstream); - camel_stream_reset (sigstream); - - /* verify */ - valid = camel_cipher_verify (cipher, CAMEL_CIPHER_HASH_DEFAULT, stream, sigstream, ex); - - d(printf ("attempted to verify data:\n----- BEGIN SIGNED PART -----\n%.*s----- END SIGNED PART -----\n", - CAMEL_STREAM_MEM (stream)->buffer->len, CAMEL_STREAM_MEM (stream)->buffer->data)); - - camel_object_unref (CAMEL_OBJECT (sigstream)); - camel_object_unref (CAMEL_OBJECT (stream)); - - return valid; -} - - -/** - * camel_pgp_mime_part_encrypt: - * @cipher: PGP Cipher Context - * @mime_part: a MIME part that will be replaced by a pgp encrypted part - * @recipients: list of recipient PGP Key IDs - * @ex: exception which will be set if there are any errors. - * - * Constructs a PGP/MIME multipart in compliance with rfc2015 and - * replaces #mime_part with the generated multipart/signed. On failure, - * #ex will be set and #part will remain untouched. - **/ -void -camel_pgp_mime_part_encrypt (CamelCipherContext *cipher, CamelMimePart **mime_part, - GPtrArray *recipients, CamelException *ex) -{ - CamelMultipart *multipart; - CamelMimePart *part, *version_part, *encrypted_part; - CamelContentType *mime_type; - CamelStreamFilter *filtered_stream; - CamelMimeFilter *crlf_filter; - CamelStream *stream, *ciphertext; - - g_return_if_fail (*mime_part != NULL); - g_return_if_fail (CAMEL_IS_MIME_PART (*mime_part)); - g_return_if_fail (recipients != NULL); - - part = *mime_part; - - /* get the contents */ - stream = camel_stream_mem_new (); - crlf_filter = camel_mime_filter_crlf_new (CAMEL_MIME_FILTER_CRLF_ENCODE, - CAMEL_MIME_FILTER_CRLF_MODE_CRLF_ONLY); - filtered_stream = camel_stream_filter_new_with_stream (stream); - camel_stream_filter_add (filtered_stream, CAMEL_MIME_FILTER (crlf_filter)); - camel_object_unref (CAMEL_OBJECT (crlf_filter)); - camel_data_wrapper_write_to_stream (CAMEL_DATA_WRAPPER (part), CAMEL_STREAM (filtered_stream)); - camel_stream_flush (CAMEL_STREAM (filtered_stream)); - camel_object_unref (CAMEL_OBJECT (filtered_stream)); - camel_stream_reset (stream); - - /* pgp encrypt */ - ciphertext = camel_stream_mem_new (); - if (camel_cipher_encrypt (cipher, FALSE, NULL, recipients, stream, ciphertext, ex) == -1) { - camel_object_unref (CAMEL_OBJECT (stream)); - camel_object_unref (CAMEL_OBJECT (ciphertext)); - return; - } - - camel_object_unref (CAMEL_OBJECT (stream)); - camel_stream_reset (ciphertext); - - /* construct the version part */ - version_part = camel_mime_part_new (); - camel_mime_part_set_encoding (version_part, CAMEL_MIME_PART_ENCODING_7BIT); - camel_mime_part_set_content (version_part, "Version: 1", strlen ("Version: 1"), - "application/pgp-encrypted"); - - /* construct the pgp-encrypted mime part */ - encrypted_part = camel_mime_part_new (); - camel_mime_part_set_content (encrypted_part, CAMEL_STREAM_MEM (ciphertext)->buffer->data, - CAMEL_STREAM_MEM (ciphertext)->buffer->len, - "application/octet-stream; name=encrypted.asc"); - camel_object_unref (CAMEL_OBJECT (ciphertext)); - camel_mime_part_set_encoding (encrypted_part, CAMEL_MIME_PART_ENCODING_7BIT); - - /* construct the container multipart/encrypted */ - multipart = camel_multipart_new (); - - mime_type = header_content_type_new ("multipart", "encrypted"); - header_content_type_set_param (mime_type, "protocol", "application/pgp-encrypted"); - camel_data_wrapper_set_mime_type_field (CAMEL_DATA_WRAPPER (multipart), mime_type); - header_content_type_unref (mime_type); - - camel_multipart_set_boundary (multipart, NULL); - - /* add the parts to the multipart */ - camel_multipart_add_part (multipart, version_part); - camel_object_unref (CAMEL_OBJECT (version_part)); - camel_multipart_add_part (multipart, encrypted_part); - camel_object_unref (CAMEL_OBJECT (encrypted_part)); - - /* replace the input part with the output part */ - camel_object_unref (CAMEL_OBJECT (*mime_part)); - *mime_part = camel_mime_part_new (); - camel_medium_set_content_object (CAMEL_MEDIUM (*mime_part), - CAMEL_DATA_WRAPPER (multipart)); - camel_object_unref (CAMEL_OBJECT (multipart)); -} - - -/** - * camel_pgp_mime_part_decrypt: - * @cipher: PGP Cipher Context - * @mime_part: a multipart/encrypted MIME Part - * @ex: exception - * - * Returns the decrypted MIME Part on success or NULL on fail. - **/ -CamelMimePart * -camel_pgp_mime_part_decrypt (CamelCipherContext *cipher, CamelMimePart *mime_part, CamelException *ex) -{ - CamelDataWrapper *wrapper; - CamelMultipart *multipart; - CamelMimePart *encrypted_part, *part; - CamelContentType *mime_type; - CamelStream *stream, *ciphertext; - CamelStreamFilter *filtered_stream; - CamelMimeFilter *crlf_filter; - - g_return_val_if_fail (mime_part != NULL, NULL); - g_return_val_if_fail (CAMEL_IS_MIME_PART (mime_part), NULL); - - /* make sure the mime part is a multipart/encrypted */ - if (!camel_pgp_mime_is_rfc2015_encrypted (mime_part)) - return NULL; - - wrapper = camel_medium_get_content_object (CAMEL_MEDIUM (mime_part)); - multipart = CAMEL_MULTIPART (wrapper); - - /* get the encrypted part (second part) */ - encrypted_part = camel_multipart_get_part (multipart, 1 /* second part starting at 0 */); - mime_type = camel_mime_part_get_content_type (encrypted_part); - if (!header_content_type_is (mime_type, "application", "octet-stream")) - return NULL; - - /* get the ciphertext */ - ciphertext = camel_stream_mem_new (); - camel_data_wrapper_write_to_stream (CAMEL_DATA_WRAPPER (encrypted_part), ciphertext); - camel_stream_reset (ciphertext); - - /* get the cleartext */ - stream = camel_stream_mem_new (); - if (camel_cipher_decrypt (cipher, ciphertext, stream, ex) == -1) { - camel_object_unref (CAMEL_OBJECT (ciphertext)); - camel_object_unref (CAMEL_OBJECT (stream)); - return NULL; - } - - camel_object_unref (CAMEL_OBJECT (ciphertext)); - camel_stream_reset (stream); - - /* construct the new decrypted mime part from the stream */ - part = camel_mime_part_new (); - - crlf_filter = camel_mime_filter_crlf_new (CAMEL_MIME_FILTER_CRLF_DECODE, - CAMEL_MIME_FILTER_CRLF_MODE_CRLF_ONLY); - filtered_stream = camel_stream_filter_new_with_stream (stream); - camel_object_unref (CAMEL_OBJECT (stream)); - camel_stream_filter_add (filtered_stream, CAMEL_MIME_FILTER (crlf_filter)); - camel_object_unref (CAMEL_OBJECT (crlf_filter)); - - camel_data_wrapper_construct_from_stream (CAMEL_DATA_WRAPPER (part), CAMEL_STREAM (filtered_stream)); - - camel_object_unref (CAMEL_OBJECT (filtered_stream)); - - return part; -} |