aboutsummaryrefslogtreecommitdiffstats
path: root/mail/mail-crypto.c
diff options
context:
space:
mode:
Diffstat (limited to 'mail/mail-crypto.c')
-rw-r--r--mail/mail-crypto.c448
1 files changed, 32 insertions, 416 deletions
diff --git a/mail/mail-crypto.c b/mail/mail-crypto.c
index 51a64cc09d..e77893c4af 100644
--- a/mail/mail-crypto.c
+++ b/mail/mail-crypto.c
@@ -27,105 +27,9 @@
#include <stdlib.h>
#include <string.h>
-#include <camel/camel-mime-filter-from.h>
-
#include "mail-crypto.h"
#include "mail-session.h"
-
-
-/** rfc2015 stuff (aka PGP/MIME) *******************************/
-
-gboolean
-mail_crypto_is_rfc2015_signed (CamelMimePart *mime_part)
-{
- CamelDataWrapper *wrapper;
- CamelMultipart *mp;
- CamelMimePart *part;
- CamelContentType *type;
- const gchar *param, *micalg;
- int nparts;
-
- /* check that we have a multipart/signed */
- type = camel_mime_part_get_content_type (mime_part);
- if (!header_content_type_is (type, "multipart", "signed"))
- return FALSE;
-
- /* check that we have a protocol param with the value: "application/pgp-signed" */
- param = header_content_type_param (type, "protocol");
- if (!param || g_strcasecmp (param, "application/pgp-signature"))
- return FALSE;
-
- /* check that we have a micalg parameter */
- micalg = header_content_type_param (type, "micalg");
- if (!micalg)
- return FALSE;
-
- /* check that we have exactly 2 subparts */
- wrapper = camel_medium_get_content_object (CAMEL_MEDIUM (mime_part));
- mp = CAMEL_MULTIPART (wrapper);
- nparts = camel_multipart_get_number (mp);
- if (nparts != 2)
- return FALSE;
-
- /* The first part may be of any type except for
- * application/pgp-signature - check it. */
- part = camel_multipart_get_part (mp, 0);
- type = camel_mime_part_get_content_type (part);
- if (header_content_type_is (type, "application", "pgp-signature"))
- return FALSE;
-
- /* The second part should be application/pgp-signature. */
- part = camel_multipart_get_part (mp, 1);
- type = camel_mime_part_get_content_type (part);
- if (!header_content_type_is (type, "application", "pgp-signature"))
- return FALSE;
-
- return TRUE;
-}
-
-gboolean
-mail_crypto_is_rfc2015_encrypted (CamelMimePart *mime_part)
-{
- CamelDataWrapper *wrapper;
- CamelMultipart *mp;
- CamelMimePart *part;
- CamelContentType *type;
- const gchar *param;
- int nparts;
-
- /* check that we have a multipart/encrypted */
- type = camel_mime_part_get_content_type (mime_part);
- if (!header_content_type_is (type, "multipart", "encrypted"))
- return FALSE;
-
- /* check that we have a protocol param with the value: "application/pgp-encrypted" */
- param = header_content_type_param (type, "protocol");
- if (!param || g_strcasecmp (param, "application/pgp-encrypted"))
- return FALSE;
-
- /* check that we have at least 2 subparts */
- wrapper = camel_medium_get_content_object (CAMEL_MEDIUM (mime_part));
- mp = CAMEL_MULTIPART (wrapper);
- nparts = camel_multipart_get_number (mp);
- if (nparts < 2)
- return FALSE;
-
- /* The first part should be application/pgp-encrypted */
- part = camel_multipart_get_part (mp, 0);
- type = camel_mime_part_get_content_type (part);
- if (!header_content_type_is (type, "application", "pgp-encrypted"))
- return FALSE;
-
- /* The second part should be application/octet-stream - this
- is the one we care most about */
- part = camel_multipart_get_part (mp, 1);
- type = camel_mime_part_get_content_type (part);
- if (!header_content_type_is (type, "application", "octet-stream"))
- return FALSE;
-
- return TRUE;
-}
-
+#include "mail-config.h"
/** rfc2633 stuff (aka S/MIME v3) ********************************/
@@ -216,68 +120,9 @@ mail_crypto_is_pkcs7_mime (CamelMimePart *mime_part)
return FALSE;
}
-static void
-pgp_mime_part_sign_restore_part (CamelMimePart *mime_part, GSList *encodings)
-{
- CamelDataWrapper *wrapper;
-
- wrapper = camel_medium_get_content_object (CAMEL_MEDIUM (mime_part));
- if (!wrapper)
- return;
-
- if (CAMEL_IS_MULTIPART (wrapper)) {
- int parts, i;
-
- parts = camel_multipart_get_number (CAMEL_MULTIPART (wrapper));
- for (i = 0; i < parts; i++) {
- CamelMimePart *part = camel_multipart_get_part (CAMEL_MULTIPART (wrapper), i);
-
- pgp_mime_part_sign_restore_part (part, encodings);
- encodings = encodings->next;
- }
- } else {
- CamelMimePartEncodingType encoding;
-
- encoding = GPOINTER_TO_INT (encodings->data);
-
- camel_mime_part_set_encoding (mime_part, encoding);
- }
-}
-
-static void
-pgp_mime_part_sign_prepare_part (CamelMimePart *mime_part, GSList **encodings)
-{
- CamelDataWrapper *wrapper;
- int parts, i;
-
- wrapper = camel_medium_get_content_object (CAMEL_MEDIUM (mime_part));
- if (!wrapper)
- return;
-
- if (CAMEL_IS_MULTIPART (wrapper)) {
- parts = camel_multipart_get_number (CAMEL_MULTIPART (wrapper));
- for (i = 0; i < parts; i++) {
- CamelMimePart *part = camel_multipart_get_part (CAMEL_MULTIPART (wrapper), i);
-
- pgp_mime_part_sign_prepare_part (part, encodings);
- }
- } else {
- CamelMimePartEncodingType encoding;
-
- encoding = camel_mime_part_get_encoding (mime_part);
-
- /* FIXME: find the best encoding for this part and use that instead?? */
- /* the encoding should really be QP or Base64 */
- if (encoding != CAMEL_MIME_PART_ENCODING_BASE64)
- camel_mime_part_set_encoding (mime_part, CAMEL_MIME_PART_ENCODING_QUOTEDPRINTABLE);
-
- *encodings = g_slist_append (*encodings, GINT_TO_POINTER (encoding));
- }
-}
-
/**
- * pgp_mime_part_sign:
+ * mail_crypto_pgp_mime_part_sign:
* @mime_part: a MIME part that will be replaced by a pgp signed part
* @userid: userid to sign with
* @hash: one of PGP_HASH_TYPE_MD5 or PGP_HASH_TYPE_SHA1
@@ -288,166 +133,41 @@ pgp_mime_part_sign_prepare_part (CamelMimePart *mime_part, GSList **encodings)
* #ex will be set and #part will remain untouched.
**/
void
-pgp_mime_part_sign (CamelMimePart **mime_part, const gchar *userid, PgpHashType hash, CamelException *ex)
+mail_crypto_pgp_mime_part_sign (CamelMimePart **mime_part, const char *userid, CamelPgpHashType hash, CamelException *ex)
{
- CamelMimePart *part, *signed_part;
- CamelMultipart *multipart;
- CamelContentType *mime_type;
- CamelStreamFilter *filtered_stream;
- CamelMimeFilter *crlf_filter, *from_filter;
- CamelStream *stream;
- GByteArray *content;
- gchar *signature;
- gchar *hash_type = NULL;
- GSList *encodings = NULL;
-
- g_return_if_fail (*mime_part != NULL);
- g_return_if_fail (CAMEL_IS_MIME_PART (*mime_part));
- g_return_if_fail (userid != NULL);
- g_return_if_fail (hash != PGP_HASH_TYPE_NONE);
-
- part = *mime_part;
-
- /* Prepare all the parts for signing... */
- pgp_mime_part_sign_prepare_part (part, &encodings);
-
- /* get the cleartext */
- content = g_byte_array_new ();
- stream = camel_stream_mem_new ();
- camel_stream_mem_set_byte_array (CAMEL_STREAM_MEM (stream), content);
- crlf_filter = camel_mime_filter_crlf_new (CAMEL_MIME_FILTER_CRLF_ENCODE,
- CAMEL_MIME_FILTER_CRLF_MODE_CRLF_ONLY);
- from_filter = CAMEL_MIME_FILTER (camel_mime_filter_from_new ());
- filtered_stream = camel_stream_filter_new_with_stream (stream);
- camel_stream_filter_add (filtered_stream, CAMEL_MIME_FILTER (crlf_filter));
- camel_object_unref (CAMEL_OBJECT (crlf_filter));
- camel_stream_filter_add (filtered_stream, CAMEL_MIME_FILTER (from_filter));
- camel_object_unref (CAMEL_OBJECT (from_filter));
- camel_data_wrapper_write_to_stream (CAMEL_DATA_WRAPPER (part), CAMEL_STREAM (filtered_stream));
- camel_object_unref (CAMEL_OBJECT (filtered_stream));
- camel_object_unref (CAMEL_OBJECT (stream));
-
- /* get the signature */
- signature = openpgp_sign (content->data, content->len, userid, hash, ex);
- g_byte_array_free (content, TRUE);
- if (camel_exception_is_set (ex)) {
- /* restore the original encoding */
- pgp_mime_part_sign_restore_part (part, encodings);
- g_slist_free (encodings);
- return;
- }
-
- /* we don't need these anymore... */
- g_slist_free (encodings);
+ CamelPgpContext *context;
- /* construct the pgp-signature mime part */
- fprintf (stderr, "signature:\n%s\n", signature);
- signed_part = camel_mime_part_new ();
- camel_mime_part_set_content (signed_part, signature, strlen (signature),
- "application/pgp-signature");
- g_free (signature);
-
- /* construct the container multipart/signed */
- switch (hash) {
- case PGP_HASH_TYPE_MD5:
- hash_type = "pgp-md5";
- break;
- case PGP_HASH_TYPE_SHA1:
- hash_type = "pgp-sha1";
- break;
- default:
- g_assert_not_reached ();
- }
-
- multipart = camel_multipart_new ();
-
- mime_type = header_content_type_new ("multipart", "signed");
- header_content_type_set_param (mime_type, "micalg", hash_type);
- header_content_type_set_param (mime_type, "protocol", "application/pgp-signature");
- camel_data_wrapper_set_mime_type_field (CAMEL_DATA_WRAPPER (multipart), mime_type);
- header_content_type_unref (mime_type);
-
- camel_multipart_set_boundary (multipart, NULL);
-
- /* add the parts to the multipart */
- camel_multipart_add_part (multipart, part);
- camel_object_unref (CAMEL_OBJECT (part));
- camel_multipart_add_part (multipart, signed_part);
- camel_object_unref (CAMEL_OBJECT (signed_part));
-
- /* replace the input part with the output part */
- *mime_part = camel_mime_part_new ();
- camel_medium_set_content_object (CAMEL_MEDIUM (*mime_part),
- CAMEL_DATA_WRAPPER (multipart));
- camel_object_unref (CAMEL_OBJECT (multipart));
+ context = camel_pgp_context_new (session, mail_config_get_pgp_type (),
+ mail_config_get_pgp_path ());
+ camel_pgp_mime_part_sign (context, mime_part, userid, hash, ex);
+ camel_object_unref (CAMEL_OBJECT (context));
}
/**
- * pgp_mime_part_verify:
+ * mail_crypto_pgp_mime_part_verify:
* @mime_part: a multipart/signed MIME Part
* @ex: exception
*
* Returns a PgpValidity on success or NULL on fail.
**/
-PgpValidity *
-pgp_mime_part_verify (CamelMimePart *mime_part, CamelException *ex)
+CamelPgpValidity *
+mail_crypto_pgp_mime_part_verify (CamelMimePart *mime_part, CamelException *ex)
{
- CamelDataWrapper *wrapper;
- CamelMultipart *multipart;
- CamelMimePart *part, *sigpart;
- CamelStreamFilter *filtered_stream;
- CamelMimeFilter *crlf_filter, *from_filter;
- CamelStream *stream;
- GByteArray *content, *signature;
- PgpValidity *valid;
-
- g_return_val_if_fail (mime_part != NULL, NULL);
- g_return_val_if_fail (CAMEL_IS_MIME_PART (mime_part), NULL);
+ CamelPgpContext *context;
+ CamelPgpValidity *valid;
- if (!mail_crypto_is_rfc2015_signed (mime_part))
- return NULL;
-
- wrapper = camel_medium_get_content_object (CAMEL_MEDIUM (mime_part));
- multipart = CAMEL_MULTIPART (wrapper);
-
- /* get the plain part */
- part = camel_multipart_get_part (multipart, 0);
- content = g_byte_array_new ();
- stream = camel_stream_mem_new ();
- camel_stream_mem_set_byte_array (CAMEL_STREAM_MEM (stream), content);
- crlf_filter = camel_mime_filter_crlf_new (CAMEL_MIME_FILTER_CRLF_ENCODE, CAMEL_MIME_FILTER_CRLF_MODE_CRLF_ONLY);
- from_filter = CAMEL_MIME_FILTER (camel_mime_filter_from_new ());
- filtered_stream = camel_stream_filter_new_with_stream (stream);
- camel_stream_filter_add (filtered_stream, CAMEL_MIME_FILTER (crlf_filter));
- camel_object_unref (CAMEL_OBJECT (crlf_filter));
- camel_stream_filter_add (filtered_stream, CAMEL_MIME_FILTER (from_filter));
- camel_object_unref (CAMEL_OBJECT (from_filter));
- camel_data_wrapper_write_to_stream (CAMEL_DATA_WRAPPER (part), CAMEL_STREAM (filtered_stream));
- camel_object_unref (CAMEL_OBJECT (filtered_stream));
- camel_object_unref (CAMEL_OBJECT (stream));
-
- /* get the signed part */
- sigpart = camel_multipart_get_part (multipart, 1);
- signature = g_byte_array_new ();
- stream = camel_stream_mem_new ();
- camel_stream_mem_set_byte_array (CAMEL_STREAM_MEM (stream), signature);
- camel_data_wrapper_write_to_stream (camel_medium_get_content_object (CAMEL_MEDIUM (sigpart)), stream);
- camel_object_unref (CAMEL_OBJECT (stream));
-
- /* verify */
- valid = openpgp_verify (content->data, content->len,
- signature->data, signature->len, ex);
-
- g_byte_array_free (content, TRUE);
- g_byte_array_free (signature, TRUE);
+ context = camel_pgp_context_new (session, mail_config_get_pgp_type (),
+ mail_config_get_pgp_path ());
+ valid = camel_pgp_mime_part_verify (context, mime_part, ex);
+ camel_object_unref (CAMEL_OBJECT (context));
return valid;
}
/**
- * pgp_mime_part_encrypt:
+ * mail_crypto_pgp_mime_part_encrypt:
* @mime_part: a MIME part that will be replaced by a pgp encrypted part
* @recipients: list of recipient PGP Key IDs
* @ex: exception which will be set if there are any errors.
@@ -457,138 +177,34 @@ pgp_mime_part_verify (CamelMimePart *mime_part, CamelException *ex)
* #ex will be set and #part will remain untouched.
**/
void
-pgp_mime_part_encrypt (CamelMimePart **mime_part, const GPtrArray *recipients, CamelException *ex)
+mail_crypto_pgp_mime_part_encrypt (CamelMimePart **mime_part, GPtrArray *recipients, CamelException *ex)
{
- CamelMultipart *multipart;
- CamelMimePart *part, *version_part, *encrypted_part;
- CamelContentType *mime_type;
- CamelStreamFilter *filtered_stream;
- CamelMimeFilter *crlf_filter;
- CamelStream *stream;
- GByteArray *content;
- gchar *ciphertext;
-
- g_return_if_fail (*mime_part != NULL);
- g_return_if_fail (CAMEL_IS_MIME_PART (*mime_part));
- g_return_if_fail (recipients != NULL);
-
- part = *mime_part;
-
- /* get the contents */
- content = g_byte_array_new ();
- stream = camel_stream_mem_new ();
- camel_stream_mem_set_byte_array (CAMEL_STREAM_MEM (stream), content);
- crlf_filter = camel_mime_filter_crlf_new (CAMEL_MIME_FILTER_CRLF_ENCODE,
- CAMEL_MIME_FILTER_CRLF_MODE_CRLF_ONLY);
- filtered_stream = camel_stream_filter_new_with_stream (stream);
- camel_stream_filter_add (filtered_stream, CAMEL_MIME_FILTER (crlf_filter));
- camel_object_unref (CAMEL_OBJECT (crlf_filter));
- camel_data_wrapper_write_to_stream (CAMEL_DATA_WRAPPER (part), CAMEL_STREAM (filtered_stream));
- camel_object_unref (CAMEL_OBJECT (filtered_stream));
- camel_object_unref (CAMEL_OBJECT (stream));
+ CamelPgpContext *context;
- /* pgp encrypt */
- ciphertext = openpgp_encrypt (content->data,
- content->len,
- recipients, FALSE, NULL, ex);
- g_byte_array_free (content, TRUE);
- if (camel_exception_is_set (ex))
- return;
-
- /* construct the version part */
- version_part = camel_mime_part_new ();
- camel_mime_part_set_encoding (version_part, CAMEL_MIME_PART_ENCODING_7BIT);
- camel_mime_part_set_content (version_part, "Version: 1", strlen ("Version: 1"),
- "application/pgp-encrypted");
-
- /* construct the pgp-encrypted mime part */
- encrypted_part = camel_mime_part_new ();
- camel_mime_part_set_encoding (encrypted_part, CAMEL_MIME_PART_ENCODING_7BIT);
- camel_mime_part_set_content (encrypted_part, ciphertext, strlen (ciphertext),
- "application/octet-stream");
- g_free (ciphertext);
-
- /* construct the container multipart/signed */
- multipart = camel_multipart_new ();
-
- mime_type = header_content_type_new ("multipart", "encrypted");
- header_content_type_set_param (mime_type, "protocol", "application/pgp-encrypted");
- camel_data_wrapper_set_mime_type_field (CAMEL_DATA_WRAPPER (multipart), mime_type);
- header_content_type_unref (mime_type);
-
- camel_multipart_set_boundary (multipart, NULL);
-
- /* add the parts to the multipart */
- camel_multipart_add_part (multipart, version_part);
- camel_object_unref (CAMEL_OBJECT (version_part));
- camel_multipart_add_part (multipart, encrypted_part);
- camel_object_unref (CAMEL_OBJECT (encrypted_part));
-
- /* replace the input part with the output part */
- camel_object_unref (CAMEL_OBJECT (*mime_part));
- *mime_part = camel_mime_part_new ();
- camel_medium_set_content_object (CAMEL_MEDIUM (*mime_part),
- CAMEL_DATA_WRAPPER (multipart));
- camel_object_unref (CAMEL_OBJECT (multipart));
+ context = camel_pgp_context_new (session, mail_config_get_pgp_type (),
+ mail_config_get_pgp_path ());
+ camel_pgp_mime_part_encrypt (context, mime_part, recipients, ex);
+ camel_object_unref (CAMEL_OBJECT (context));
}
/**
- * pgp_mime_part_decrypt:
+ * mail_crypto_pgp_mime_part_decrypt:
* @mime_part: a multipart/encrypted MIME Part
* @ex: exception
*
* Returns the decrypted MIME Part on success or NULL on fail.
**/
CamelMimePart *
-pgp_mime_part_decrypt (CamelMimePart *mime_part, CamelException *ex)
+mail_crypto_pgp_mime_part_decrypt (CamelMimePart *mime_part, CamelException *ex)
{
- CamelDataWrapper *wrapper;
- CamelMultipart *multipart;
- CamelMimePart *encrypted_part, *part;
- CamelContentType *mime_type;
- CamelStream *stream;
- GByteArray *content;
- gchar *cleartext;
- int clearlen;
-
- g_return_val_if_fail (mime_part != NULL, NULL);
- g_return_val_if_fail (CAMEL_IS_MIME_PART (mime_part), NULL);
-
- /* make sure the mime part is a multipart/encrypted */
- if (!mail_crypto_is_rfc2015_encrypted (mime_part))
- return NULL;
-
- wrapper = camel_medium_get_content_object (CAMEL_MEDIUM (mime_part));
- multipart = CAMEL_MULTIPART (wrapper);
-
- /* get the encrypted part (second part) */
- encrypted_part = camel_multipart_get_part (multipart, 1 /* second part starting at 0 */);
- mime_type = camel_mime_part_get_content_type (encrypted_part);
- if (!header_content_type_is (mime_type, "application", "octet-stream"))
- return NULL;
-
- /* get the ciphertext */
- content = g_byte_array_new ();
- stream = camel_stream_mem_new ();
- camel_stream_mem_set_byte_array (CAMEL_STREAM_MEM (stream), content);
- camel_data_wrapper_write_to_stream (CAMEL_DATA_WRAPPER (encrypted_part), stream);
- camel_object_unref (CAMEL_OBJECT (stream));
-
- /* get the cleartext */
- cleartext = openpgp_decrypt (content->data, content->len, &clearlen, ex);
- g_byte_array_free (content, TRUE);
- if (camel_exception_is_set (ex))
- return NULL;
-
- /* create a stream based on the returned cleartext */
- stream = camel_stream_mem_new_with_buffer (cleartext, clearlen);
- g_free (cleartext);
+ CamelPgpContext *context;
+ CamelMimePart *part;
- /* construct the new decrypted mime part from the stream */
- part = camel_mime_part_new ();
- camel_data_wrapper_construct_from_stream (CAMEL_DATA_WRAPPER (part), stream);
- camel_object_unref (CAMEL_OBJECT (stream));
+ context = camel_pgp_context_new (session, mail_config_get_pgp_type (),
+ mail_config_get_pgp_path ());
+ part = camel_pgp_mime_part_decrypt (context, mime_part, ex);
+ camel_object_unref (CAMEL_OBJECT (context));
return part;
}