2 * Copyright (C) 1996-7,2000 Michael R. Elkins <me@mutt.org>
3 * Copyright (C) 1998-2005 Thomas Roessler <roessler@does-not-exist.org>
4 * Copyright (C) 2004 g10 Code GmbH
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
22 * This file contains all of the PGP routines necessary to sign, encrypt,
23 * verify and decrypt PGP messages in either the new PGP/MIME format, or
24 * in the older Application/Pgp format. It also contains some code to
25 * cache the user's passphrase for repeat use when decrypting or signing
34 #include "mutt_curses.h"
51 #ifdef HAVE_SYS_TIME_H
52 # include <sys/time.h>
55 #ifdef HAVE_SYS_RESOURCE_H
56 # include <sys/resource.h>
59 #ifdef CRYPT_BACKEND_CLASSIC_PGP
61 #include "mutt_crypt.h"
62 #include "mutt_menu.h"
65 char PgpPass[LONG_STRING];
66 time_t PgpExptime = 0; /* when does the cached passphrase expire? */
68 void pgp_void_passphrase (void)
70 memset (PgpPass, 0, sizeof (PgpPass));
74 int pgp_valid_passphrase (void)
76 time_t now = time (NULL);
78 if (pgp_use_gpg_agent())
81 return 1; /* handled by gpg-agent */
85 /* Use cached copy. */
88 pgp_void_passphrase ();
90 if (mutt_get_password (_("Enter PGP passphrase:"), PgpPass, sizeof (PgpPass)) == 0)
92 PgpExptime = time (NULL) + PgpTimeout;
101 void pgp_forget_passphrase (void)
103 pgp_void_passphrase ();
104 mutt_message _("PGP passphrase forgotten.");
107 int pgp_use_gpg_agent (void)
111 if (!option (OPTUSEGPGAGENT) || !getenv ("GPG_AGENT_INFO"))
114 if ((tty = ttyname(0)))
115 setenv("GPG_TTY", tty, 0);
120 char *pgp_keyid(pgp_key_t k)
122 if((k->flags & KEYFLAG_SUBKEY) && k->parent && option(OPTPGPIGNORESUB))
125 return _pgp_keyid(k);
128 char *_pgp_keyid(pgp_key_t k)
130 if(option(OPTPGPLONGIDS))
133 return (k->keyid + 8);
136 /* ----------------------------------------------------------------------------
137 * Routines for handing PGP input.
142 /* Copy PGP output messages and look for signs of a good signature */
144 static int pgp_copy_checksig (FILE *fpin, FILE *fpout)
148 if (PgpGoodSign.pattern)
154 while ((line = mutt_read_line (line, &linelen, fpin, &lineno, 0)) != NULL)
156 if (regexec (PgpGoodSign.rx, line, 0, NULL, 0) == 0)
158 dprint (2, (debugfile, "pgp_copy_checksig: \"%s\" matches regexp.\n",
163 dprint (2, (debugfile, "pgp_copy_checksig: \"%s\" doesn't match regexp.\n",
166 if (strncmp (line, "[GNUPG:] ", 9) == 0)
175 dprint (2, (debugfile, "pgp_copy_checksig: No pattern.\n"));
176 mutt_copy_stream (fpin, fpout);
184 * Copy a clearsigned message, and strip the signature and PGP's
187 * XXX - charset handling: We assume that it is safe to do
188 * character set decoding first, dash decoding second here, while
189 * we do it the other way around in the main handler.
191 * (Note that we aren't worse than Outlook &c in this, and also
192 * note that we can successfully handle anything produced by any
193 * existing versions of mutt.)
196 static void pgp_copy_clearsigned (FILE *fpin, STATE *s, char *charset)
198 char buf[HUGE_STRING];
199 short complete, armor_header;
205 /* fromcode comes from the MIME Content-Type charset label. It might
206 * be a wrong label, so we want the ability to do corrections via
207 * charset-hooks. Therefore we set flags to M_ICONV_HOOK_FROM.
209 fc = fgetconv_open (fpin, charset, Charset, M_ICONV_HOOK_FROM);
211 for (complete = 1, armor_header = 1;
212 fgetconvs (buf, sizeof (buf), fc) != NULL;
213 complete = strchr (buf, '\n') != NULL)
222 if (mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n") == 0)
227 char *p = mutt_skip_whitespace (buf);
234 state_puts (s->prefix, s);
236 if (buf[0] == '-' && buf[1] == ' ')
237 state_puts (buf + 2, s);
242 fgetconv_close (&fc);
246 /* Support for the Application/PGP Content Type. */
248 int pgp_application_pgp_handler (BODY *m, STATE *s)
250 int could_not_decrypt = 0;
251 int needpass = -1, pgp_keyblock = 0;
252 int clearsign = 0, rv, rc;
253 int c = 1; /* silence GCC warning */
256 LOFF_T last_pos, offset;
257 char buf[HUGE_STRING];
258 char outfile[_POSIX_PATH_MAX];
259 char tmpfname[_POSIX_PATH_MAX];
260 FILE *pgpout = NULL, *pgpin = NULL, *pgperr = NULL;
264 short maybe_goodsig = 1;
265 short have_any_sigs = 0;
267 char *gpgcharset = NULL;
268 char body_charset[STRING];
269 mutt_get_body_charset (body_charset, sizeof (body_charset), m);
271 rc = 0; /* silence false compiler warning if (s->flags & M_DISPLAY) */
273 fseeko (s->fpin, m->offset, 0);
274 last_pos = m->offset;
276 for (bytes = m->length; bytes > 0;)
278 if (fgets (buf, sizeof (buf), s->fpin) == NULL)
281 offset = ftello (s->fpin);
282 bytes -= (offset - last_pos); /* don't rely on mutt_strlen(buf) */
285 if (mutt_strncmp ("-----BEGIN PGP ", buf, 15) == 0)
288 start_pos = last_pos;
290 if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0)
292 else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0)
297 else if (!mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15))
304 /* XXX - we may wish to recode here */
306 state_puts (s->prefix, s);
311 have_any_sigs = have_any_sigs || (clearsign && (s->flags & M_VERIFY));
313 /* Copy PGP material to temporary file */
314 mutt_mktemp (tmpfname, sizeof (tmpfname));
315 if ((tmpfp = safe_fopen (tmpfname, "w+")) == NULL)
317 mutt_perror (tmpfname);
322 while (bytes > 0 && fgets (buf, sizeof (buf) - 1, s->fpin) != NULL)
324 offset = ftello (s->fpin);
325 bytes -= (offset - last_pos); /* don't rely on mutt_strlen(buf) */
330 if ((needpass && mutt_strcmp ("-----END PGP MESSAGE-----\n", buf) == 0) ||
332 && (mutt_strcmp ("-----END PGP SIGNATURE-----\n", buf) == 0
333 || mutt_strcmp ("-----END PGP PUBLIC KEY BLOCK-----\n",buf) == 0)))
335 /* remember optional Charset: armor header as defined by RfC4880 */
336 if (mutt_strncmp ("Charset: ", buf, 9) == 0)
339 gpgcharset = safe_strdup (buf + 9);
340 if ((l = mutt_strlen (gpgcharset)) > 0 && gpgcharset[l-1] == '\n')
342 if (mutt_check_charset (gpgcharset, 0) < 0)
343 mutt_str_replace (&gpgcharset, "UTF-8");
347 /* leave tmpfp open in case we still need it - but flush it! */
350 /* Invoke PGP if needed */
351 if (!clearsign || (s->flags & M_VERIFY))
353 mutt_mktemp (outfile, sizeof (outfile));
354 if ((pgpout = safe_fopen (outfile, "w+")) == NULL)
356 mutt_perror (tmpfname);
360 if ((thepid = pgp_invoke_decode (&pgpin, NULL, &pgperr, -1,
361 fileno (pgpout), -1, tmpfname,
364 safe_fclose (&pgpout);
368 state_attach_puts (_("[-- Error: unable to create PGP subprocess! --]\n"), s);
370 else /* PGP started successfully */
374 if (!pgp_valid_passphrase ()) pgp_void_passphrase();
375 if (pgp_use_gpg_agent())
377 fprintf (pgpin, "%s\n", PgpPass);
380 safe_fclose (&pgpin);
382 if (s->flags & M_DISPLAY)
384 crypt_current_time (s, "PGP");
385 rc = pgp_copy_checksig (pgperr, s->fpout);
388 safe_fclose (&pgperr);
389 rv = mutt_wait_filter (thepid);
391 if (s->flags & M_DISPLAY)
393 if (rc == 0) have_any_sigs = 1;
396 * gpg_good_sign-pattern did not match || pgp_decode_command returned not 0
397 * Sig _is_ correct if
398 * gpg_good_sign="" && pgp_decode_command returned 0
400 if (rc == -1 || rv) maybe_goodsig = 0;
402 state_attach_puts (_("[-- End of PGP output --]\n\n"), s);
404 if (pgp_use_gpg_agent())
405 mutt_need_hard_redraw ();
408 /* treat empty result as sign of failure */
409 /* TODO: maybe on failure mutt should include the original undecoded text. */
416 if (!clearsign && (!pgpout || c == EOF))
418 could_not_decrypt = 1;
419 pgp_void_passphrase ();
422 if (could_not_decrypt && !(s->flags & M_DISPLAY))
424 mutt_error _("Could not decrypt PGP message");
432 * Now, copy cleartext to the screen.
435 if(s->flags & M_DISPLAY)
438 state_attach_puts (_("[-- BEGIN PGP MESSAGE --]\n\n"), s);
439 else if (pgp_keyblock)
440 state_attach_puts (_("[-- BEGIN PGP PUBLIC KEY BLOCK --]\n"), s);
442 state_attach_puts (_("[-- BEGIN PGP SIGNED MESSAGE --]\n\n"), s);
449 pgp_copy_clearsigned (tmpfp, s, body_charset);
455 char *expected_charset = gpgcharset && *gpgcharset ? gpgcharset : "utf-8";
457 dprint(4,(debugfile,"pgp: recoding inline from [%s] to [%s]\n",
458 expected_charset, Charset));
461 state_set_prefix (s);
462 fc = fgetconv_open (pgpout, expected_charset, Charset, M_ICONV_HOOK_FROM);
463 while ((c = fgetconv (fc)) != EOF)
464 state_prefix_putc (c, s);
465 fgetconv_close (&fc);
468 if (s->flags & M_DISPLAY)
470 state_putc ('\n', s);
473 state_attach_puts (_("[-- END PGP MESSAGE --]\n"), s);
474 if (could_not_decrypt)
475 mutt_error _("Could not decrypt PGP message");
477 mutt_message _("PGP message successfully decrypted.");
479 else if (pgp_keyblock)
480 state_attach_puts (_("[-- END PGP PUBLIC KEY BLOCK --]\n"), s);
482 state_attach_puts (_("[-- END PGP SIGNED MESSAGE --]\n"), s);
487 /* A traditional PGP part may mix signed and unsigned content */
488 /* XXX - we may wish to recode here */
490 state_puts (s->prefix, s);
498 m->goodsig = (maybe_goodsig && have_any_sigs);
502 safe_fclose (&tmpfp);
503 mutt_unlink (tmpfname);
507 safe_fclose (&pgpout);
508 mutt_unlink (outfile);
515 state_attach_puts (_("[-- Error: could not find beginning of PGP message! --]\n\n"), s);
522 static int pgp_check_traditional_one_body (FILE *fp, BODY *b, int tagged_only)
524 char tempfile[_POSIX_PATH_MAX];
525 char buf[HUGE_STRING];
532 if (b->type != TYPETEXT)
535 if (tagged_only && !b->tagged)
538 mutt_mktemp (tempfile, sizeof (tempfile));
539 if (mutt_decode_save_attachment (fp, b, tempfile, 0, 0) != 0)
545 if ((tfp = fopen (tempfile, "r")) == NULL)
551 while (fgets (buf, sizeof (buf), tfp))
553 if (mutt_strncmp ("-----BEGIN PGP ", buf, 15) == 0)
555 if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0)
557 else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0)
559 else if (mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) == 0)
566 if (!enc && !sgn && !key)
569 /* fix the content type */
571 mutt_set_parameter ("format", "fixed", &b->parameter);
573 mutt_set_parameter ("x-action", "pgp-encrypted", &b->parameter);
575 mutt_set_parameter ("x-action", "pgp-signed", &b->parameter);
577 mutt_set_parameter ("x-action", "pgp-keys", &b->parameter);
582 int pgp_check_traditional (FILE *fp, BODY *b, int tagged_only)
586 for (; b; b = b->next)
588 if (is_multipart (b))
589 rv = pgp_check_traditional (fp, b->parts, tagged_only) || rv;
590 else if (b->type == TYPETEXT)
592 if ((r = mutt_is_application_pgp (b)))
595 rv = pgp_check_traditional_one_body (fp, b, tagged_only) || rv;
606 int pgp_verify_one (BODY *sigbdy, STATE *s, const char *tempfile)
608 char sigfile[_POSIX_PATH_MAX], pgperrfile[_POSIX_PATH_MAX];
609 FILE *fp, *pgpout, *pgperr;
614 snprintf (sigfile, sizeof (sigfile), "%s.asc", tempfile);
616 if(!(fp = safe_fopen (sigfile, "w")))
618 mutt_perror(sigfile);
622 fseeko (s->fpin, sigbdy->offset, 0);
623 mutt_copy_bytes (s->fpin, fp, sigbdy->length);
626 mutt_mktemp (pgperrfile, sizeof (pgperrfile));
627 if(!(pgperr = safe_fopen(pgperrfile, "w+")))
629 mutt_perror(pgperrfile);
634 crypt_current_time (s, "PGP");
636 if((thepid = pgp_invoke_verify (NULL, &pgpout, NULL,
637 -1, -1, fileno(pgperr),
638 tempfile, sigfile)) != -1)
640 if (pgp_copy_checksig (pgpout, s->fpout) >= 0)
644 safe_fclose (&pgpout);
648 if (pgp_copy_checksig (pgperr, s->fpout) >= 0)
651 if ((rv = mutt_wait_filter (thepid)))
654 dprint (1, (debugfile, "pgp_verify_one: mutt_wait_filter returned %d.\n", rv));
657 safe_fclose (&pgperr);
659 state_attach_puts (_("[-- End of PGP output --]\n\n"), s);
661 mutt_unlink (sigfile);
662 mutt_unlink (pgperrfile);
664 dprint (1, (debugfile, "pgp_verify_one: returning %d.\n", badsig));
670 /* Extract pgp public keys from messages or attachments */
672 void pgp_extract_keys_from_messages (HEADER *h)
675 char tempfname[_POSIX_PATH_MAX];
680 mutt_parse_mime_message (Context, h);
681 if(h->security & PGPENCRYPT && !pgp_valid_passphrase ())
685 mutt_mktemp (tempfname, sizeof (tempfname));
686 if (!(fpout = safe_fopen (tempfname, "w")))
688 mutt_perror (tempfname);
692 set_option (OPTDONTHANDLEPGPKEYS);
696 for (i = 0; i < Context->vcount; i++)
698 if (Context->hdrs[Context->v2r[i]]->tagged)
700 mutt_parse_mime_message (Context, Context->hdrs[Context->v2r[i]]);
701 if (Context->hdrs[Context->v2r[i]]->security & PGPENCRYPT
702 && !pgp_valid_passphrase())
704 safe_fclose (&fpout);
707 mutt_copy_message (fpout, Context, Context->hdrs[Context->v2r[i]],
708 M_CM_DECODE|M_CM_CHARCONV, 0);
714 mutt_parse_mime_message (Context, h);
715 if (h->security & PGPENCRYPT && !pgp_valid_passphrase())
717 safe_fclose (&fpout);
720 mutt_copy_message (fpout, Context, h, M_CM_DECODE|M_CM_CHARCONV, 0);
723 safe_fclose (&fpout);
725 pgp_invoke_import (tempfname);
726 mutt_any_key_to_continue (NULL);
730 mutt_unlink (tempfname);
731 unset_option (OPTDONTHANDLEPGPKEYS);
735 static void pgp_extract_keys_from_attachment (FILE *fp, BODY *top)
739 char tempfname[_POSIX_PATH_MAX];
741 mutt_mktemp (tempfname, sizeof (tempfname));
742 if (!(tempfp = safe_fopen (tempfname, "w")))
744 mutt_perror (tempfname);
748 memset (&s, 0, sizeof (STATE));
753 mutt_body_handler (top, &s);
755 safe_fclose (&tempfp);
757 pgp_invoke_import (tempfname);
758 mutt_any_key_to_continue (NULL);
760 mutt_unlink (tempfname);
763 void pgp_extract_keys_from_attachment_list (FILE *fp, int tag, BODY *top)
767 mutt_error _("Internal error. Inform <roessler@does-not-exist.org>.");
772 set_option(OPTDONTHANDLEPGPKEYS);
774 for(; top; top = top->next)
776 if(!tag || top->tagged)
777 pgp_extract_keys_from_attachment (fp, top);
783 unset_option(OPTDONTHANDLEPGPKEYS);
786 BODY *pgp_decrypt_part (BODY *a, STATE *s, FILE *fpout, BODY *p)
788 char buf[LONG_STRING];
789 FILE *pgpin, *pgpout, *pgperr, *pgptmp;
793 char pgperrfile[_POSIX_PATH_MAX];
794 char pgptmpfile[_POSIX_PATH_MAX];
798 mutt_mktemp (pgperrfile, sizeof (pgperrfile));
799 if ((pgperr = safe_fopen (pgperrfile, "w+")) == NULL)
801 mutt_perror (pgperrfile);
806 mutt_mktemp (pgptmpfile, sizeof (pgptmpfile));
807 if((pgptmp = safe_fopen (pgptmpfile, "w")) == NULL)
809 mutt_perror (pgptmpfile);
810 safe_fclose (&pgperr);
814 /* Position the stream at the beginning of the body, and send the data to
815 * the temporary file.
818 fseeko (s->fpin, a->offset, 0);
819 mutt_copy_bytes (s->fpin, pgptmp, a->length);
820 safe_fclose (&pgptmp);
822 if ((thepid = pgp_invoke_decrypt (&pgpin, &pgpout, NULL, -1, -1,
823 fileno (pgperr), pgptmpfile)) == -1)
825 safe_fclose (&pgperr);
827 if (s->flags & M_DISPLAY)
828 state_attach_puts (_("[-- Error: could not create a PGP subprocess! --]\n\n"), s);
832 /* send the PGP passphrase to the subprocess. Never do this if the
833 agent is active, because this might lead to a passphrase send as
835 if (!pgp_use_gpg_agent())
836 fputs (PgpPass, pgpin);
838 safe_fclose (&pgpin);
840 /* Read the output from PGP, and make sure to change CRLF to LF, otherwise
841 * read_mime_header has a hard time parsing the message.
843 while (fgets (buf, sizeof (buf) - 1, pgpout) != NULL)
845 len = mutt_strlen (buf);
846 if (len > 1 && buf[len - 2] == '\r')
847 strcpy (buf + len - 2, "\n"); /* __STRCPY_CHECKED__ */
851 safe_fclose (&pgpout);
852 rv = mutt_wait_filter (thepid);
853 mutt_unlink(pgptmpfile);
855 if (s->flags & M_DISPLAY)
859 if (pgp_copy_checksig (pgperr, s->fpout) == 0 && !rv && p)
863 state_attach_puts (_("[-- End of PGP output --]\n\n"), s);
865 safe_fclose (&pgperr);
870 if (pgp_use_gpg_agent())
871 mutt_need_hard_redraw ();
873 if (fgetc (fpout) == EOF)
875 mutt_error _("Decryption failed");
876 pgp_void_passphrase ();
882 if ((tattach = mutt_read_mime_header (fpout, 0)) != NULL)
885 * Need to set the length of this body part.
887 fstat (fileno (fpout), &info);
888 tattach->length = info.st_size - tattach->offset;
890 /* See if we need to recurse on this MIME part. */
892 mutt_parse_part (fpout, tattach);
898 int pgp_decrypt_mime (FILE *fpin, FILE **fpout, BODY *b, BODY **cur)
900 char tempfile[_POSIX_PATH_MAX];
904 if(!mutt_is_multipart_encrypted(b))
907 if(!b->parts || !b->parts->next)
912 memset (&s, 0, sizeof (s));
914 mutt_mktemp (tempfile, sizeof (tempfile));
915 if ((*fpout = safe_fopen (tempfile, "w+")) == NULL)
917 mutt_perror (tempfile);
922 *cur = pgp_decrypt_part (b, &s, *fpout, p);
932 int pgp_encrypted_handler (BODY *a, STATE *s)
934 char tempfile[_POSIX_PATH_MAX];
941 if (!a || a->type != TYPEAPPLICATION || !a->subtype ||
942 ascii_strcasecmp ("pgp-encrypted", a->subtype) != 0 ||
943 !a->next || a->next->type != TYPEAPPLICATION || !a->next->subtype ||
944 ascii_strcasecmp ("octet-stream", a->next->subtype) != 0)
946 if (s->flags & M_DISPLAY)
947 state_attach_puts (_("[-- Error: malformed PGP/MIME message! --]\n\n"), s);
952 * Move forward to the application/pgp-encrypted body.
956 mutt_mktemp (tempfile, sizeof (tempfile));
957 if ((fpout = safe_fopen (tempfile, "w+")) == NULL)
959 if (s->flags & M_DISPLAY)
960 state_attach_puts (_("[-- Error: could not create temporary file! --]\n"), s);
964 if (s->flags & M_DISPLAY) crypt_current_time (s, "PGP");
966 if ((tattach = pgp_decrypt_part (a, s, fpout, p)) != NULL)
968 if (s->flags & M_DISPLAY)
969 state_attach_puts (_("[-- The following data is PGP/MIME encrypted --]\n\n"), s);
973 rc = mutt_body_handler (tattach, s);
977 * if a multipart/signed is the _only_ sub-part of a
978 * multipart/encrypted, cache signature verification
983 if (mutt_is_multipart_signed (tattach) && !tattach->next)
984 p->goodsig |= tattach->goodsig;
986 if (s->flags & M_DISPLAY)
988 state_puts ("\n", s);
989 state_attach_puts (_("[-- End of PGP/MIME encrypted data --]\n"), s);
992 mutt_free_body (&tattach);
993 /* clear 'Invoking...' message, since there's no error */
994 mutt_message _("PGP message successfully decrypted.");
998 mutt_error _("Could not decrypt PGP message");
999 /* void the passphrase, even if it's not necessarily the problem */
1000 pgp_void_passphrase ();
1004 safe_fclose (&fpout);
1005 mutt_unlink(tempfile);
1010 /* ----------------------------------------------------------------------------
1011 * Routines for sending PGP/MIME messages.
1015 BODY *pgp_sign_message (BODY *a)
1018 char buffer[LONG_STRING];
1019 char sigfile[_POSIX_PATH_MAX], signedfile[_POSIX_PATH_MAX];
1020 FILE *pgpin, *pgpout, *pgperr, *fp, *sfp;
1025 convert_to_7bit (a); /* Signed data _must_ be in 7-bit format. */
1027 mutt_mktemp (sigfile, sizeof (sigfile));
1028 if ((fp = safe_fopen (sigfile, "w")) == NULL)
1033 mutt_mktemp (signedfile, sizeof (signedfile));
1034 if ((sfp = safe_fopen(signedfile, "w")) == NULL)
1036 mutt_perror(signedfile);
1042 mutt_write_mime_header (a, sfp);
1044 mutt_write_mime_body (a, sfp);
1047 if ((thepid = pgp_invoke_sign (&pgpin, &pgpout, &pgperr,
1048 -1, -1, -1, signedfile)) == -1)
1050 mutt_perror _("Can't open PGP subprocess!");
1057 if (!pgp_use_gpg_agent())
1058 fputs(PgpPass, pgpin);
1060 safe_fclose (&pgpin);
1063 * Read back the PGP signature. Also, change MESSAGE=>SIGNATURE as
1064 * recommended for future releases of PGP.
1066 while (fgets (buffer, sizeof (buffer) - 1, pgpout) != NULL)
1068 if (mutt_strcmp ("-----BEGIN PGP MESSAGE-----\n", buffer) == 0)
1069 fputs ("-----BEGIN PGP SIGNATURE-----\n", fp);
1070 else if (mutt_strcmp("-----END PGP MESSAGE-----\n", buffer) == 0)
1071 fputs ("-----END PGP SIGNATURE-----\n", fp);
1074 empty = 0; /* got some output, so we're ok */
1077 /* check for errors from PGP */
1079 while (fgets (buffer, sizeof (buffer) - 1, pgperr) != NULL)
1082 fputs (buffer, stdout);
1085 if(mutt_wait_filter (thepid) && option(OPTPGPCHECKEXIT))
1088 safe_fclose (&pgperr);
1089 safe_fclose (&pgpout);
1090 unlink (signedfile);
1092 if (fclose (fp) != 0)
1094 mutt_perror ("fclose");
1100 mutt_any_key_to_continue (NULL);
1104 /* most likely error is a bad passphrase, so automatically forget it */
1105 pgp_void_passphrase ();
1106 return (NULL); /* fatal error while signing */
1109 t = mutt_new_body ();
1110 t->type = TYPEMULTIPART;
1111 t->subtype = safe_strdup ("signed");
1112 t->encoding = ENC7BIT;
1114 t->disposition = DISPINLINE;
1116 mutt_generate_boundary (&t->parameter);
1117 mutt_set_parameter ("protocol", "application/pgp-signature", &t->parameter);
1118 mutt_set_parameter ("micalg", pgp_micalg (sigfile), &t->parameter);
1123 t->parts->next = mutt_new_body ();
1125 t->type = TYPEAPPLICATION;
1126 t->subtype = safe_strdup ("pgp-signature");
1127 t->filename = safe_strdup (sigfile);
1129 t->disposition = DISPNONE;
1130 t->encoding = ENC7BIT;
1131 t->unlink = 1; /* ok to remove this file after sending. */
1136 static short is_numerical_keyid (const char *s)
1138 /* or should we require the "0x"? */
1139 if (strncmp (s, "0x", 2) == 0)
1144 if (strchr ("0123456789ABCDEFabcdef", *s++) == NULL)
1150 /* This routine attempts to find the keyids of the recipients of a message.
1151 * It returns NULL if any of the keys can not be found.
1153 char *pgp_findKeys (ADDRESS *to, ADDRESS *cc, ADDRESS *bcc)
1155 char *keyID, *keylist = NULL;
1156 size_t keylist_size = 0;
1157 size_t keylist_used = 0;
1158 ADDRESS *tmp = NULL, *addr = NULL;
1159 ADDRESS **last = &tmp;
1162 pgp_key_t k_info = NULL, key = NULL;
1164 const char *fqdn = mutt_fqdn (1);
1166 for (i = 0; i < 3; i++)
1170 case 0: p = to; break;
1171 case 1: p = cc; break;
1172 case 2: p = bcc; break;
1176 *last = rfc822_cpy_adr (p, 0);
1178 last = &((*last)->next);
1182 rfc822_qualify (tmp, fqdn);
1184 tmp = mutt_remove_duplicates (tmp);
1186 for (p = tmp; p ; p = p->next)
1188 char buf[LONG_STRING];
1193 if ((keyID = mutt_crypt_hook (p)) != NULL)
1196 snprintf (buf, sizeof (buf), _("Use keyID = \"%s\" for %s?"), keyID, p->mailbox);
1197 if ((r = mutt_yesorno (buf, M_YES)) == M_YES)
1199 if (is_numerical_keyid (keyID))
1201 if (strncmp (keyID, "0x", 2) == 0)
1203 goto bypass_selection; /* you don't see this. */
1206 /* check for e-mail address */
1207 if (strchr (keyID, '@') &&
1208 (addr = rfc822_parse_adrlist (NULL, keyID)))
1210 if (fqdn) rfc822_qualify (addr, fqdn);
1214 k_info = pgp_getkeybystr (keyID, KEYFLAG_CANENCRYPT, PGP_PUBRING);
1219 rfc822_free_address (&tmp);
1220 rfc822_free_address (&addr);
1226 pgp_invoke_getkeys (q);
1228 if (k_info == NULL && (k_info = pgp_getkeybyaddr (q, KEYFLAG_CANENCRYPT, PGP_PUBRING)) == NULL)
1230 snprintf (buf, sizeof (buf), _("Enter keyID for %s: "), q->mailbox);
1232 if ((key = pgp_ask_for_key (buf, q->mailbox,
1233 KEYFLAG_CANENCRYPT, PGP_PUBRING)) == NULL)
1236 rfc822_free_address (&tmp);
1237 rfc822_free_address (&addr);
1244 keyID = pgp_keyid (key);
1247 keylist_size += mutt_strlen (keyID) + 4;
1248 safe_realloc (&keylist, keylist_size);
1249 sprintf (keylist + keylist_used, "%s0x%s", keylist_used ? " " : "", /* __SPRINTF_CHECKED__ */
1251 keylist_used = mutt_strlen (keylist);
1253 pgp_free_key (&key);
1254 rfc822_free_address (&addr);
1257 rfc822_free_address (&tmp);
1261 /* Warning: "a" is no longer freed in this routine, you need
1262 * to free it later. This is necessary for $fcc_attach. */
1264 BODY *pgp_encrypt_message (BODY *a, char *keylist, int sign)
1266 char buf[LONG_STRING];
1267 char tempfile[_POSIX_PATH_MAX], pgperrfile[_POSIX_PATH_MAX];
1268 char pgpinfile[_POSIX_PATH_MAX];
1269 FILE *pgpin, *pgperr, *fpout, *fptmp;
1275 mutt_mktemp (tempfile, sizeof (tempfile));
1276 if ((fpout = safe_fopen (tempfile, "w+")) == NULL)
1278 mutt_perror (tempfile);
1282 mutt_mktemp (pgperrfile, sizeof (pgperrfile));
1283 if ((pgperr = safe_fopen (pgperrfile, "w+")) == NULL)
1285 mutt_perror (pgperrfile);
1287 safe_fclose (&fpout);
1290 unlink (pgperrfile);
1292 mutt_mktemp (pgpinfile, sizeof (pgpinfile));
1293 if((fptmp = safe_fopen(pgpinfile, "w")) == NULL)
1295 mutt_perror(pgpinfile);
1297 safe_fclose (&fpout);
1298 safe_fclose (&pgperr);
1303 convert_to_7bit (a);
1305 mutt_write_mime_header (a, fptmp);
1306 fputc ('\n', fptmp);
1307 mutt_write_mime_body (a, fptmp);
1308 safe_fclose (&fptmp);
1310 if ((thepid = pgp_invoke_encrypt (&pgpin, NULL, NULL, -1,
1311 fileno (fpout), fileno (pgperr),
1312 pgpinfile, keylist, sign)) == -1)
1314 safe_fclose (&pgperr);
1321 if (!pgp_use_gpg_agent())
1322 fputs (PgpPass, pgpin);
1323 fputc ('\n', pgpin);
1325 safe_fclose (&pgpin);
1327 if(mutt_wait_filter (thepid) && option(OPTPGPCHECKEXIT))
1335 empty = (fgetc (fpout) == EOF);
1336 safe_fclose (&fpout);
1340 while (fgets (buf, sizeof (buf) - 1, pgperr) != NULL)
1343 fputs (buf, stdout);
1345 safe_fclose (&pgperr);
1347 /* pause if there is any error output from PGP */
1349 mutt_any_key_to_continue (NULL);
1353 /* fatal error while trying to encrypt message */
1355 pgp_void_passphrase (); /* just in case */
1360 t = mutt_new_body ();
1361 t->type = TYPEMULTIPART;
1362 t->subtype = safe_strdup ("encrypted");
1363 t->encoding = ENC7BIT;
1365 t->disposition = DISPINLINE;
1367 mutt_generate_boundary(&t->parameter);
1368 mutt_set_parameter("protocol", "application/pgp-encrypted", &t->parameter);
1370 t->parts = mutt_new_body ();
1371 t->parts->type = TYPEAPPLICATION;
1372 t->parts->subtype = safe_strdup ("pgp-encrypted");
1373 t->parts->encoding = ENC7BIT;
1375 t->parts->next = mutt_new_body ();
1376 t->parts->next->type = TYPEAPPLICATION;
1377 t->parts->next->subtype = safe_strdup ("octet-stream");
1378 t->parts->next->encoding = ENC7BIT;
1379 t->parts->next->filename = safe_strdup (tempfile);
1380 t->parts->next->use_disp = 1;
1381 t->parts->next->disposition = DISPATTACH;
1382 t->parts->next->unlink = 1; /* delete after sending the message */
1383 t->parts->next->d_filename = safe_strdup ("msg.asc"); /* non pgp/mime can save */
1388 BODY *pgp_traditional_encryptsign (BODY *a, int flags, char *keylist)
1392 char pgpoutfile[_POSIX_PATH_MAX];
1393 char pgperrfile[_POSIX_PATH_MAX];
1394 char pgpinfile[_POSIX_PATH_MAX];
1396 char body_charset[STRING];
1398 const char *send_charset;
1400 FILE *pgpout = NULL, *pgperr = NULL, *pgpin = NULL;
1410 if (a->type != TYPETEXT)
1412 if (ascii_strcasecmp (a->subtype, "plain"))
1415 if ((fp = fopen (a->filename, "r")) == NULL)
1417 mutt_perror (a->filename);
1421 mutt_mktemp (pgpinfile, sizeof (pgpinfile));
1422 if ((pgpin = safe_fopen (pgpinfile, "w")) == NULL)
1424 mutt_perror (pgpinfile);
1429 /* The following code is really correct: If noconv is set,
1430 * a's charset parameter contains the on-disk character set, and
1431 * we have to convert from that to utf-8. If noconv is not set,
1432 * we have to convert from $charset to utf-8.
1435 mutt_get_body_charset (body_charset, sizeof (body_charset), a);
1437 from_charset = body_charset;
1439 from_charset = Charset;
1441 if (!mutt_is_us_ascii (body_charset))
1446 if (flags & ENCRYPT)
1447 send_charset = "us-ascii";
1449 send_charset = "utf-8";
1451 /* fromcode is assumed to be correct: we set flags to 0 */
1452 fc = fgetconv_open (fp, from_charset, "utf-8", 0);
1453 while ((c = fgetconv (fc)) != EOF)
1456 fgetconv_close (&fc);
1460 send_charset = "us-ascii";
1461 mutt_copy_stream (fp, pgpin);
1464 safe_fclose (&pgpin);
1466 mutt_mktemp (pgpoutfile, sizeof (pgpoutfile));
1467 mutt_mktemp (pgperrfile, sizeof (pgperrfile));
1468 if ((pgpout = safe_fopen (pgpoutfile, "w+")) == NULL ||
1469 (pgperr = safe_fopen (pgperrfile, "w+")) == NULL)
1471 mutt_perror (pgpout ? pgperrfile : pgpoutfile);
1475 safe_fclose (&pgpout);
1476 unlink (pgpoutfile);
1481 unlink (pgperrfile);
1483 if ((thepid = pgp_invoke_traditional (&pgpin, NULL, NULL,
1484 -1, fileno (pgpout), fileno (pgperr),
1485 pgpinfile, keylist, flags)) == -1)
1487 mutt_perror _("Can't invoke PGP");
1488 safe_fclose (&pgpout);
1489 safe_fclose (&pgperr);
1490 mutt_unlink (pgpinfile);
1491 unlink (pgpoutfile);
1495 if (pgp_use_gpg_agent())
1498 fprintf (pgpin, "%s\n", PgpPass);
1499 safe_fclose (&pgpin);
1501 if(mutt_wait_filter (thepid) && option(OPTPGPCHECKEXIT))
1504 mutt_unlink (pgpinfile);
1513 empty = (fgetc (pgpout) == EOF);
1514 safe_fclose (&pgpout);
1518 while (fgets (buff, sizeof (buff), pgperr))
1521 fputs (buff, stdout);
1524 safe_fclose (&pgperr);
1527 mutt_any_key_to_continue (NULL);
1532 pgp_void_passphrase (); /* just in case */
1533 unlink (pgpoutfile);
1537 b = mutt_new_body ();
1539 b->encoding = ENC7BIT;
1542 b->subtype = safe_strdup ("plain");
1544 mutt_set_parameter ("x-action", flags & ENCRYPT ? "pgp-encrypted" : "pgp-signed",
1546 mutt_set_parameter ("charset", send_charset, &b->parameter);
1548 b->filename = safe_strdup (pgpoutfile);
1551 /* The following is intended to give a clue to some completely brain-dead
1552 * "mail environments" which are typically used by large corporations.
1555 b->d_filename = safe_strdup ("msg.pgp");
1560 b->disposition = DISPNONE;
1566 if (!(flags & ENCRYPT))
1567 b->encoding = a->encoding;
1572 int pgp_send_menu (HEADER *msg, int *redraw)
1576 if (!(WithCrypto & APPLICATION_PGP))
1577 return msg->security;
1579 /* If autoinline and no crypto options set, then set inline. */
1580 if (option (OPTPGPAUTOINLINE) &&
1581 !((msg->security & APPLICATION_PGP) && (msg->security & (SIGN|ENCRYPT))))
1582 msg->security |= INLINE;
1584 /* When the message is not selected for signing or encryption, the toggle
1585 * between PGP/MIME and Traditional doesn't make sense.
1587 if (msg->security & (ENCRYPT | SIGN))
1589 char prompt[LONG_STRING];
1591 snprintf (prompt, sizeof (prompt),
1592 _("PGP (e)ncrypt, (s)ign, sign (a)s, (b)oth, %s format, or (c)lear? "),
1593 (msg->security & INLINE) ? _("PGP/M(i)ME") : _("(i)nline"));
1595 /* The keys accepted for this prompt *must* match the order in the second
1596 * version in the else clause since the switch statement below depends on
1597 * it. The 'i' key is appended in this version.
1599 choice = mutt_multi_choice (prompt, _("esabfci"));
1603 /* The keys accepted *must* be a prefix of the accepted keys in the "if"
1604 * clause above since the switch statement below depends on it.
1606 choice = mutt_multi_choice(_("PGP (e)ncrypt, (s)ign, sign (a)s, (b)oth, or (c)lear? "),
1612 case 1: /* (e)ncrypt */
1613 msg->security |= ENCRYPT;
1614 msg->security &= ~SIGN;
1617 case 2: /* (s)ign */
1618 msg->security |= SIGN;
1619 msg->security &= ~ENCRYPT;
1622 case 3: /* sign (a)s */
1625 char input_signas[SHORT_STRING];
1627 unset_option(OPTPGPCHECKTRUST);
1629 if ((p = pgp_ask_for_key (_("Sign as: "), NULL, 0, PGP_SECRING)))
1631 snprintf (input_signas, sizeof (input_signas), "0x%s",
1633 mutt_str_replace (&PgpSignAs, input_signas);
1636 msg->security |= SIGN;
1638 crypt_pgp_void_passphrase (); /* probably need a different passphrase */
1643 msg->security &= ~SIGN;
1647 *redraw = REDRAW_FULL;
1650 case 4: /* (b)oth */
1651 msg->security |= (ENCRYPT | SIGN);
1654 case 5: /* (f)orget it */
1655 case 6: /* (c)lear */
1659 case 7: /* toggle (i)nline */
1660 msg->security ^= INLINE;
1666 if (! (msg->security & (ENCRYPT | SIGN)))
1669 msg->security |= APPLICATION_PGP;
1672 return (msg->security);
1676 #endif /* CRYPT_BACKEND_CLASSIC_PGP */
projects / software / mutt-debian.git / blob