diff --git a/src/gpafiledecryptop.c b/src/gpafiledecryptop.c index 362d15d..64aa719 100644 --- a/src/gpafiledecryptop.c +++ b/src/gpafiledecryptop.c @@ -1,537 +1,543 @@ /* gpafiledecryptop.c - The GpaOperation object. * Copyright (C) 2003 Miguel Coca. - * Copyright (C) 2008 g10 Code GmbH. + * Copyright (C) 2008, 2015 g10 Code GmbH. * * This file is part of GPA * * GPA is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * GPA is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ #include #include #include #ifdef G_OS_UNIX #include #include #include #else #include #endif #include "gpa.h" #include "gtktools.h" #include "gpgmetools.h" #include "filetype.h" #include "gpafiledecryptop.h" #include "verifydlg.h" /* Internal functions */ static gboolean gpa_file_decrypt_operation_idle_cb (gpointer data); static void gpa_file_decrypt_operation_done_cb (GpaContext *context, gpg_error_t err, GpaFileDecryptOperation *op); static void gpa_file_decrypt_operation_done_error_cb (GpaContext *context, gpg_error_t err, GpaFileDecryptOperation *op); /* GObject */ static GObjectClass *parent_class = NULL; /* Properties */ enum { PROP_0, PROP_VERIFY }; static void gpa_file_decrypt_operation_get_property (GObject *object, guint prop_id, GValue *value, GParamSpec *pspec) { GpaFileDecryptOperation *op = GPA_FILE_DECRYPT_OPERATION (object); switch (prop_id) { case PROP_VERIFY: g_value_set_boolean (value, op->verify); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; } } static void gpa_file_decrypt_operation_set_property (GObject *object, guint prop_id, const GValue *value, GParamSpec *pspec) { GpaFileDecryptOperation *op = GPA_FILE_DECRYPT_OPERATION (object); switch (prop_id) { case PROP_VERIFY: op->verify = g_value_get_boolean (value); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; } } static void gpa_file_decrypt_operation_finalize (GObject *object) { GpaFileDecryptOperation *op = GPA_FILE_DECRYPT_OPERATION (object); if (op->dialog) gtk_widget_destroy (op->dialog); G_OBJECT_CLASS (parent_class)->finalize (object); } static void gpa_file_decrypt_operation_init (GpaFileDecryptOperation *op) { op->cipher_fd = -1; op->plain_fd = -1; op->cipher = NULL; op->plain = NULL; } static void gpa_file_decrypt_operation_response_cb (GtkDialog *dialog, gint response, gpointer user_data) { GpaFileDecryptOperation *op = GPA_FILE_DECRYPT_OPERATION (user_data); g_signal_emit_by_name (GPA_OPERATION (op), "completed", op->err); } static GObject* gpa_file_decrypt_operation_constructor (GType type, guint n_construct_properties, GObjectConstructParam *construct_properties) { GObject *object; GpaFileDecryptOperation *op; /* Invoke parent's constructor */ object = parent_class->constructor (type, n_construct_properties, construct_properties); op = GPA_FILE_DECRYPT_OPERATION (object); /* Initialize */ /* Start with the first file after going back into the main loop */ g_idle_add (gpa_file_decrypt_operation_idle_cb, op); /* Connect to the "done" signal */ g_signal_connect (G_OBJECT (GPA_OPERATION (op)->context), "done", G_CALLBACK (gpa_file_decrypt_operation_done_error_cb), op); g_signal_connect (G_OBJECT (GPA_OPERATION (op)->context), "done", G_CALLBACK (gpa_file_decrypt_operation_done_cb), op); /* Give a title to the progress dialog */ gtk_window_set_title (GTK_WINDOW (GPA_FILE_OPERATION (op)->progress_dialog), _("Decrypting...")); if (op->verify) { /* Create the verification dialog */ op->dialog = gpa_file_verify_dialog_new (GPA_OPERATION (op)->window); g_signal_connect (G_OBJECT (op->dialog), "response", G_CALLBACK (gpa_file_decrypt_operation_response_cb), op); } return object; } static void gpa_file_decrypt_operation_class_init (GpaFileDecryptOperationClass *klass) { GObjectClass *object_class = G_OBJECT_CLASS (klass); parent_class = g_type_class_peek_parent (klass); object_class->constructor = gpa_file_decrypt_operation_constructor; object_class->finalize = gpa_file_decrypt_operation_finalize; object_class->set_property = gpa_file_decrypt_operation_set_property; object_class->get_property = gpa_file_decrypt_operation_get_property; /* Properties */ g_object_class_install_property (object_class, PROP_VERIFY, g_param_spec_boolean ("verify", "Verify", "Verify", FALSE, G_PARAM_WRITABLE | G_PARAM_CONSTRUCT_ONLY)); } GType gpa_file_decrypt_operation_get_type (void) { static GType file_decrypt_operation_type = 0; if (!file_decrypt_operation_type) { static const GTypeInfo file_decrypt_operation_info = { sizeof (GpaFileDecryptOperationClass), (GBaseInitFunc) NULL, (GBaseFinalizeFunc) NULL, (GClassInitFunc) gpa_file_decrypt_operation_class_init, NULL, /* class_finalize */ NULL, /* class_data */ sizeof (GpaFileDecryptOperation), 0, /* n_preallocs */ (GInstanceInitFunc) gpa_file_decrypt_operation_init, }; file_decrypt_operation_type = g_type_register_static (GPA_FILE_OPERATION_TYPE, "GpaFileDecryptOperation", &file_decrypt_operation_info, 0); } return file_decrypt_operation_type; } /* API */ GpaFileDecryptOperation* gpa_file_decrypt_operation_new (GtkWidget *window, GList *files) { GpaFileDecryptOperation *op; op = g_object_new (GPA_FILE_DECRYPT_OPERATION_TYPE, "window", window, "input_files", files, NULL); return op; } GpaFileDecryptOperation* gpa_file_decrypt_verify_operation_new (GtkWidget *window, GList *files) { GpaFileDecryptOperation *op; op = g_object_new (GPA_FILE_DECRYPT_OPERATION_TYPE, "window", window, "input_files", files, "verify", TRUE, NULL); return op; } /* Internal */ static gchar * destination_filename (const gchar *filename) { gchar *extension, *plain_filename; /* Find out the destination file */ extension = g_strrstr (filename, "."); if (extension && (g_str_equal (extension, ".asc") || g_str_equal (extension, ".gpg") || g_str_equal (extension, ".pgp"))) { /* Remove the extension */ plain_filename = g_strdup (filename); *(plain_filename + (extension-filename)) = '\0'; } else { plain_filename = g_strconcat (filename, ".txt", NULL); } return plain_filename; } static gpg_error_t gpa_file_decrypt_operation_start (GpaFileDecryptOperation *op, gpa_file_item_t file_item) { gpg_error_t err; if (file_item->direct_in) { /* No copy is made. */ err = gpgme_data_new_from_mem (&op->cipher, file_item->direct_in, file_item->direct_in_len, 0); if (err) { gpa_gpgme_warning (err); return err; } err = gpgme_data_new (&op->plain); if (err) { gpa_gpgme_warning (err); gpgme_data_release (op->cipher); op->plain = NULL; return err; } gpgme_set_protocol (GPA_OPERATION (op)->context->ctx, is_cms_data (file_item->direct_in, file_item->direct_in_len) ? GPGME_PROTOCOL_CMS : GPGME_PROTOCOL_OpenPGP); } else { gchar *cipher_filename = file_item->filename_in; + char *filename_used; file_item->filename_out = destination_filename (cipher_filename); /* Open the files */ op->cipher_fd = gpa_open_input (cipher_filename, &op->cipher, GPA_OPERATION (op)->window); if (op->cipher_fd == -1) /* FIXME: Error value. */ return gpg_error (GPG_ERR_GENERAL); op->plain_fd = gpa_open_output (file_item->filename_out, &op->plain, - GPA_OPERATION (op)->window); + GPA_OPERATION (op)->window, + &filename_used); if (op->plain_fd == -1) { gpgme_data_release (op->cipher); close (op->cipher_fd); + xfree (filename_used); /* FIXME: Error value. */ return gpg_error (GPG_ERR_GENERAL); } + xfree (file_item->filename_out); + file_item->filename_out = filename_used; + gpgme_set_protocol (GPA_OPERATION (op)->context->ctx, is_cms_file (cipher_filename) ? GPGME_PROTOCOL_CMS : GPGME_PROTOCOL_OpenPGP); } /* Start the operation. */ err = gpgme_op_decrypt_verify_start (GPA_OPERATION (op)->context->ctx, op->cipher, op->plain); if (err) { gpa_gpgme_warning (err); gpgme_data_release (op->plain); op->plain = NULL; close (op->plain_fd); op->plain_fd = -1; gpgme_data_release (op->cipher); op->cipher = NULL; close (op->cipher_fd); op->cipher_fd = -1; return err; } /* Show and update the progress dialog. */ gtk_widget_show_all (GPA_FILE_OPERATION (op)->progress_dialog); gpa_progress_dialog_set_label (GPA_PROGRESS_DIALOG (GPA_FILE_OPERATION (op)->progress_dialog), file_item->direct_name ? file_item->direct_name : file_item->filename_in); return 0; } static void gpa_file_decrypt_operation_next (GpaFileDecryptOperation *op) { gpg_error_t err; if (! GPA_FILE_OPERATION (op)->current) { if (op->verify && op->signed_files) { op->err = 0; gtk_widget_show_all (op->dialog); } else g_signal_emit_by_name (GPA_OPERATION (op), "completed", 0); return; } err = gpa_file_decrypt_operation_start (op, GPA_FILE_OPERATION (op)->current->data); if (err) { if (op->verify && op->signed_files) { /* All files have been verified: show the results dialog */ op->err = err; gtk_widget_show_all (op->dialog); } else g_signal_emit_by_name (GPA_OPERATION (op), "completed", err); } } static void gpa_file_decrypt_operation_done_cb (GpaContext *context, gpg_error_t err, GpaFileDecryptOperation *op) { gpa_file_item_t file_item = GPA_FILE_OPERATION (op)->current->data; if (file_item->direct_in) { size_t len; char *plain_gpgme = gpgme_data_release_and_get_mem (op->plain, &len); op->plain = NULL; /* Do the memory allocation dance. */ if (plain_gpgme) { /* Conveniently make ASCII stuff into a string. */ file_item->direct_out = g_malloc (len + 1); memcpy (file_item->direct_out, plain_gpgme, len); gpgme_free (plain_gpgme); file_item->direct_out[len] = '\0'; /* Yep, excluding the trailing zero. */ file_item->direct_out_len = len; } else { file_item->direct_out = NULL; file_item->direct_out_len = 0; } } /* Do clean up on the operation */ gpgme_data_release (op->plain); op->plain = NULL; close (op->plain_fd); op->plain_fd = -1; gpgme_data_release (op->cipher); op->cipher = NULL; close (op->cipher_fd); op->cipher_fd = -1; gtk_widget_hide (GPA_FILE_OPERATION (op)->progress_dialog); if (err) { if (! file_item->direct_in) { /* If an error happened, (or the user canceled) delete the created file and abort further decryptions. */ g_unlink (file_item->filename_out); g_free (file_item->filename_out); file_item->filename_out = NULL; } /* FIXME:CLIPBOARD: Server finish? */ g_signal_emit_by_name (GPA_OPERATION (op), "completed", err); } else { /* We've just created a file */ g_signal_emit_by_name (GPA_OPERATION (op), "created_file", file_item); if (op->verify) { gpgme_verify_result_t result; result = gpgme_op_verify_result (GPA_OPERATION (op)->context->ctx); if (result->signatures) { /* Add the file to the result dialog. FIXME: Maybe we should use the filename without the directory. */ gpa_file_verify_dialog_add_file (GPA_FILE_VERIFY_DIALOG (op->dialog), file_item->direct_name ? file_item->direct_name : file_item->filename_in, NULL, NULL, result->signatures); op->signed_files++; } } /* Go to the next file in the list and decrypt it */ GPA_FILE_OPERATION (op)->current = g_list_next (GPA_FILE_OPERATION (op)->current); gpa_file_decrypt_operation_next (op); } } static gboolean gpa_file_decrypt_operation_idle_cb (gpointer data) { GpaFileDecryptOperation *op = data; gpa_file_decrypt_operation_next (op); return FALSE; } static void gpa_file_decrypt_operation_done_error_cb (GpaContext *context, gpg_error_t err, GpaFileDecryptOperation *op) { gpa_file_item_t file_item = GPA_FILE_OPERATION (op)->current->data; gchar *message; switch (gpg_err_code (err)) { case GPG_ERR_NO_ERROR: case GPG_ERR_CANCELED: /* Ignore these */ break; case GPG_ERR_NO_DATA: message = g_strdup_printf (file_item->direct_name ? _("\"%s\" contained no OpenPGP data.") : _("The file \"%s\" contained no OpenPGP" "data."), file_item->direct_name ? file_item->direct_name : file_item->filename_in); gpa_window_error (message, GPA_OPERATION (op)->window); g_free (message); break; case GPG_ERR_DECRYPT_FAILED: message = g_strdup_printf (file_item->direct_name ? _("\"%s\" contained no valid " "encrypted data.") : _("The file \"%s\" contained no valid" "encrypted data."), file_item->direct_name ? file_item->direct_name : file_item->filename_in); gpa_window_error (message, GPA_OPERATION (op)->window); g_free (message); break; case GPG_ERR_BAD_PASSPHRASE: gpa_window_error (_("Wrong passphrase!"), GPA_OPERATION (op)->window); break; default: gpa_gpgme_warning (err); break; } } diff --git a/src/gpafileencryptop.c b/src/gpafileencryptop.c index 4731fda..4e22446 100644 --- a/src/gpafileencryptop.c +++ b/src/gpafileencryptop.c @@ -1,774 +1,780 @@ /* gpafiledecryptop.c - The GpaOperation object. * Copyright (C) 2003 Miguel Coca. - * Copyright (C) 2008 g10 Code GmbH. + * Copyright (C) 2008, 2015 g10 Code GmbH. * * This file is part of GPA * * GPA is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * GPA is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ #include #include #include #ifdef G_OS_UNIX #include #include #include #else #include #endif #include "gpa.h" #include "gtktools.h" #include "convert.h" #include "gpgmetools.h" #include "gpafileencryptop.h" #include "encryptdlg.h" #include "gpawidgets.h" /* Internal functions */ static void gpa_file_encrypt_operation_done_error_cb (GpaContext *context, gpg_error_t err, GpaFileEncryptOperation *op); static void gpa_file_encrypt_operation_done_cb (GpaContext *context, gpg_error_t err, GpaFileEncryptOperation *op); static void gpa_file_encrypt_operation_response_cb (GtkDialog *dialog, gint response, gpointer user_data); /* GObject */ static GObjectClass *parent_class = NULL; /* Properties */ enum { PROP_0, PROP_FORCE_ARMOR }; static void gpa_file_encrypt_operation_get_property (GObject *object, guint prop_id, GValue *value, GParamSpec *pspec) { GpaFileEncryptOperation *op = GPA_FILE_ENCRYPT_OPERATION (object); switch (prop_id) { case PROP_FORCE_ARMOR: g_value_set_boolean (value, op->force_armor); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; } } static void gpa_file_encrypt_operation_set_property (GObject *object, guint prop_id, const GValue *value, GParamSpec *pspec) { GpaFileEncryptOperation *op = GPA_FILE_ENCRYPT_OPERATION (object); switch (prop_id) { case PROP_FORCE_ARMOR: op->force_armor = g_value_get_boolean (value); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; } } static void gpa_file_encrypt_operation_finalize (GObject *object) { GpaFileEncryptOperation *op = GPA_FILE_ENCRYPT_OPERATION (object); /* FIXME: The use of RSET is messed up. There is no clear concept on who owns the key. This should be fixed by refing the keys object. I doubt that the keys are at all released. */ g_free (op->rset); op->rset = NULL; G_OBJECT_CLASS (parent_class)->finalize (object); } static void gpa_file_encrypt_operation_init (GpaFileEncryptOperation *op) { op->rset = NULL; op->cipher_fd = -1; op->plain_fd = -1; op->cipher = NULL; op->plain = NULL; op->encrypt_dialog = NULL; op->force_armor = FALSE; } static GObject* gpa_file_encrypt_operation_constructor (GType type, guint n_construct_properties, GObjectConstructParam *construct_properties) { GObject *object; GpaFileEncryptOperation *op; /* Invoke parent's constructor */ object = parent_class->constructor (type, n_construct_properties, construct_properties); op = GPA_FILE_ENCRYPT_OPERATION (object); /* Initialize */ /* Create the "Encrypt" dialog */ op->encrypt_dialog = gpa_file_encrypt_dialog_new (GPA_OPERATION (op)->window, op->force_armor); g_signal_connect (G_OBJECT (op->encrypt_dialog), "response", G_CALLBACK (gpa_file_encrypt_operation_response_cb), op); /* Connect to the "done" signal */ g_signal_connect (G_OBJECT (GPA_OPERATION (op)->context), "done", G_CALLBACK (gpa_file_encrypt_operation_done_error_cb), op); g_signal_connect (G_OBJECT (GPA_OPERATION (op)->context), "done", G_CALLBACK (gpa_file_encrypt_operation_done_cb), op); /* Give a title to the progress dialog */ gtk_window_set_title (GTK_WINDOW (GPA_FILE_OPERATION (op)->progress_dialog), _("Encrypting...")); /* Here we go... */ gtk_widget_show_all (op->encrypt_dialog); return object; } static void gpa_file_encrypt_operation_class_init (GpaFileEncryptOperationClass *klass) { GObjectClass *object_class = G_OBJECT_CLASS (klass); parent_class = g_type_class_peek_parent (klass); object_class->constructor = gpa_file_encrypt_operation_constructor; object_class->finalize = gpa_file_encrypt_operation_finalize; object_class->set_property = gpa_file_encrypt_operation_set_property; object_class->get_property = gpa_file_encrypt_operation_get_property; g_object_class_install_property (object_class, PROP_FORCE_ARMOR, g_param_spec_boolean ("force-armor", "Force armor", "Force armor mode", FALSE, G_PARAM_WRITABLE | G_PARAM_CONSTRUCT_ONLY)); } GType gpa_file_encrypt_operation_get_type (void) { static GType file_encrypt_operation_type = 0; if (!file_encrypt_operation_type) { static const GTypeInfo file_encrypt_operation_info = { sizeof (GpaFileEncryptOperationClass), (GBaseInitFunc) NULL, (GBaseFinalizeFunc) NULL, (GClassInitFunc) gpa_file_encrypt_operation_class_init, NULL, /* class_finalize */ NULL, /* class_data */ sizeof (GpaFileEncryptOperation), 0, /* n_preallocs */ (GInstanceInitFunc) gpa_file_encrypt_operation_init, }; file_encrypt_operation_type = g_type_register_static (GPA_FILE_OPERATION_TYPE, "GpaFileEncryptOperation", &file_encrypt_operation_info, 0); } return file_encrypt_operation_type; } /* API */ GpaFileEncryptOperation* gpa_file_encrypt_operation_new (GtkWidget *window, GList *files, gboolean force_armor) { GpaFileEncryptOperation *op; op = g_object_new (GPA_FILE_ENCRYPT_OPERATION_TYPE, "window", window, "input_files", files, "force-armor", force_armor, NULL); return op; } GpaFileEncryptOperation* gpa_file_encrypt_sign_operation_new (GtkWidget *window, GList *files, gboolean force_armor) { GpaFileEncryptOperation *op; op = g_object_new (GPA_FILE_ENCRYPT_OPERATION_TYPE, "window", window, "input_files", files, "force-armor", force_armor, NULL); gpa_file_encrypt_dialog_set_sign (GPA_FILE_ENCRYPT_DIALOG (op->encrypt_dialog), TRUE); return op; } GpaFileEncryptOperation* gpa_file_encrypt_operation_new_for_server (GList *files, void *server_ctx) { GpaFileEncryptOperation *op; op = g_object_new (GPA_FILE_ENCRYPT_OPERATION_TYPE, "input_files", files, "server-ctx", server_ctx, NULL); return op; } /* Internal */ static gchar* destination_filename (const gchar *filename, gboolean armor) { const gchar *extension; gchar *cipher_filename; if (!armor) { extension = ".gpg"; } else { extension = ".asc"; } cipher_filename = g_strconcat (filename, extension, NULL); return cipher_filename; } static gpg_error_t gpa_file_encrypt_operation_start (GpaFileEncryptOperation *op, gpa_file_item_t file_item) { gpg_error_t err; if (file_item->direct_in) { /* No copy is made. */ err = gpgme_data_new_from_mem (&op->plain, file_item->direct_in, file_item->direct_in_len, 0); if (err) { gpa_gpgme_warning (err); return err; } err = gpgme_data_new (&op->cipher); if (err) { gpa_gpgme_warning (err); gpgme_data_release (op->plain); op->plain = NULL; return err; } } else { gchar *plain_filename = file_item->filename_in; + char *filename_used; file_item->filename_out = destination_filename (plain_filename, gpgme_get_armor (GPA_OPERATION (op)->context->ctx)); /* Open the files */ op->plain_fd = gpa_open_input (plain_filename, &op->plain, GPA_OPERATION (op)->window); if (op->plain_fd == -1) /* FIXME: Error value. */ return gpg_error (GPG_ERR_GENERAL); op->cipher_fd = gpa_open_output (file_item->filename_out, &op->cipher, - GPA_OPERATION (op)->window); + GPA_OPERATION (op)->window, + &filename_used); if (op->cipher_fd == -1) { gpgme_data_release (op->plain); close (op->plain_fd); op->plain_fd = -1; + xfree (filename_used); /* FIXME: Error value. */ return gpg_error (GPG_ERR_GENERAL); } + + xfree (file_item->filename_out); + file_item->filename_out = filename_used; } /* Start the operation. */ /* Always trust keys, because any untrusted keys were already confirmed by the user. */ if (gpa_file_encrypt_dialog_get_sign (GPA_FILE_ENCRYPT_DIALOG (op->encrypt_dialog))) err = gpgme_op_encrypt_sign_start (GPA_OPERATION (op)->context->ctx, op->rset, GPGME_ENCRYPT_ALWAYS_TRUST, op->plain, op->cipher); else err = gpgme_op_encrypt_start (GPA_OPERATION (op)->context->ctx, op->rset, GPGME_ENCRYPT_ALWAYS_TRUST, op->plain, op->cipher); if (err) { gpa_gpgme_warning (err); gpgme_data_release (op->plain); op->plain = NULL; close (op->plain_fd); op->plain_fd = -1; gpgme_data_release (op->cipher); op->cipher = NULL; close (op->cipher_fd); op->cipher_fd = -1; return err; } /* Show and update the progress dialog. */ gtk_widget_show_all (GPA_FILE_OPERATION (op)->progress_dialog); gpa_progress_dialog_set_label (GPA_PROGRESS_DIALOG (GPA_FILE_OPERATION (op)->progress_dialog), file_item->direct_name ? file_item->direct_name : file_item->filename_in); return 0; } static void gpa_file_encrypt_operation_next (GpaFileEncryptOperation *op) { gpg_error_t err; if (! GPA_FILE_OPERATION (op)->current) { g_signal_emit_by_name (GPA_OPERATION (op), "completed", 0); return; } err = gpa_file_encrypt_operation_start (op, GPA_FILE_OPERATION (op)->current->data); if (err) g_signal_emit_by_name (GPA_OPERATION (op), "completed", err); } static void gpa_file_encrypt_operation_done_cb (GpaContext *context, gpg_error_t err, GpaFileEncryptOperation *op) { gpa_file_item_t file_item = GPA_FILE_OPERATION (op)->current->data; if (file_item->direct_in) { size_t len; char *cipher_gpgme = gpgme_data_release_and_get_mem (op->cipher, &len); op->cipher = NULL; /* Do the memory allocation dance. */ if (cipher_gpgme) { /* Conveniently make ASCII stuff into a string. */ file_item->direct_out = g_malloc (len + 1); memcpy (file_item->direct_out, cipher_gpgme, len); gpgme_free (cipher_gpgme); file_item->direct_out[len] = '\0'; /* Yep, excluding the trailing zero. */ file_item->direct_out_len = len; } else { file_item->direct_out = NULL; file_item->direct_out_len = 0; } } /* Do clean up on the operation */ gpgme_data_release (op->plain); op->plain = NULL; close (op->plain_fd); op->plain_fd = -1; gpgme_data_release (op->cipher); op->cipher = NULL; close (op->cipher_fd); op->cipher_fd = -1; gtk_widget_hide (GPA_FILE_OPERATION (op)->progress_dialog); if (err) { if (! file_item->direct_in) { /* If an error happened, (or the user canceled) delete the created file and abort further encryptions. */ g_unlink (file_item->filename_out); g_free (file_item->filename_out); file_item->filename_out = NULL; } g_signal_emit_by_name (GPA_OPERATION (op), "completed", err); } else { /* We've just created a file */ g_signal_emit_by_name (GPA_OPERATION (op), "created_file", file_item); /* Go to the next file in the list and encrypt it */ GPA_FILE_OPERATION (op)->current = g_list_next (GPA_FILE_OPERATION (op)->current); gpa_file_encrypt_operation_next (op); } } /* * Setting the recipients for the context. */ static GtkResponseType ignore_key_trust (gpgme_key_t key, GtkWidget *parent) { GtkWidget *dialog; GtkWidget *key_info; GtkWidget *vbox; GtkWidget *hbox; GtkWidget *label; GtkWidget *image; GtkResponseType response; dialog = gtk_dialog_new_with_buttons (_("Unknown Key"), GTK_WINDOW(parent), GTK_DIALOG_MODAL, _("_Yes"), GTK_RESPONSE_YES, _("_No"), GTK_RESPONSE_NO, NULL); gtk_dialog_set_default_response (GTK_DIALOG (dialog), GTK_RESPONSE_YES); gtk_container_set_border_width (GTK_CONTAINER (dialog), 5); hbox = gtk_hbox_new (FALSE, 6); image = gtk_image_new_from_stock (GTK_STOCK_DIALOG_WARNING, GTK_ICON_SIZE_DIALOG); gtk_box_pack_start (GTK_BOX (hbox), image, FALSE, TRUE, 0); vbox = gtk_vbox_new (FALSE, 6); gtk_box_pack_start (GTK_BOX (hbox), vbox, TRUE, TRUE, 0); gtk_box_pack_start_defaults (GTK_BOX (GTK_DIALOG (dialog)->vbox), hbox); label = gtk_label_new (_("You are going to encrypt a document using " "the following key:")); gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.5); gtk_box_pack_start (GTK_BOX (vbox), label, FALSE, TRUE, 5); key_info = gpa_key_info_new (key); gtk_box_pack_start (GTK_BOX (vbox), key_info, FALSE, TRUE, 5); label = gtk_label_new (_("However, it is not certain that the key belongs " "to that person.")); gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.5); gtk_box_pack_start (GTK_BOX (vbox), label, FALSE, TRUE, 5); label = gtk_label_new (NULL); gtk_label_set_markup (GTK_LABEL (label), _("Do you really want to use this key?")); gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.5); gtk_box_pack_start (GTK_BOX (vbox), label, FALSE, TRUE, 5); gtk_widget_show_all (dialog); response = gtk_dialog_run (GTK_DIALOG (dialog)); gtk_widget_destroy (dialog); return response; } static void revoked_key (gpgme_key_t key, GtkWidget *parent) { GtkWidget *dialog; GtkWidget *key_info; GtkWidget *vbox; GtkWidget *hbox; GtkWidget *label; GtkWidget *image; dialog = gtk_dialog_new_with_buttons (_("Revoked Key"), GTK_WINDOW(parent), GTK_DIALOG_MODAL, _("_Close"), GTK_RESPONSE_CLOSE, NULL); gtk_dialog_set_default_response (GTK_DIALOG (dialog), GTK_RESPONSE_CLOSE); gtk_container_set_border_width (GTK_CONTAINER (dialog), 5); hbox = gtk_hbox_new (FALSE, 6); image = gtk_image_new_from_stock (GTK_STOCK_DIALOG_ERROR, GTK_ICON_SIZE_DIALOG); gtk_box_pack_start (GTK_BOX (hbox), image, FALSE, TRUE, 0); vbox = gtk_vbox_new (FALSE, 6); gtk_box_pack_start (GTK_BOX (hbox), vbox, TRUE, TRUE, 0); gtk_box_pack_start_defaults (GTK_BOX (GTK_DIALOG (dialog)->vbox), hbox); label = gtk_label_new (_("The following key has been revoked by its owner:")); gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.5); gtk_box_pack_start (GTK_BOX (vbox), label, FALSE, TRUE, 5); key_info = gpa_key_info_new (key); gtk_box_pack_start (GTK_BOX (vbox), key_info, FALSE, TRUE, 5); label = gtk_label_new (_("And can not be used for encryption.")); gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.5); gtk_box_pack_start (GTK_BOX (vbox), label, FALSE, TRUE, 5); gtk_widget_show_all (dialog); gtk_dialog_run (GTK_DIALOG (dialog)); gtk_widget_destroy (dialog); } static void expired_key (gpgme_key_t key, GtkWidget *parent) { GtkWidget *dialog; GtkWidget *key_info; GtkWidget *vbox; GtkWidget *hbox; GtkWidget *label; GtkWidget *image; gchar *message; dialog = gtk_dialog_new_with_buttons (_("Revoked Key"), GTK_WINDOW(parent), GTK_DIALOG_MODAL, _("_Close"), GTK_RESPONSE_CLOSE, NULL); gtk_dialog_set_default_response (GTK_DIALOG (dialog), GTK_RESPONSE_CLOSE); gtk_container_set_border_width (GTK_CONTAINER (dialog), 5); hbox = gtk_hbox_new (FALSE, 6); image = gtk_image_new_from_stock (GTK_STOCK_DIALOG_ERROR, GTK_ICON_SIZE_DIALOG); gtk_box_pack_start (GTK_BOX (hbox), image, FALSE, TRUE, 0); vbox = gtk_vbox_new (FALSE, 6); gtk_box_pack_start (GTK_BOX (hbox), vbox, TRUE, TRUE, 0); gtk_box_pack_start_defaults (GTK_BOX (GTK_DIALOG (dialog)->vbox), hbox); message = g_strdup_printf (_("The following key expired on %s:"), gpa_expiry_date_string (key->subkeys->expires)); label = gtk_label_new (message); gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.5); gtk_box_pack_start (GTK_BOX (vbox), label, FALSE, TRUE, 5); key_info = gpa_key_info_new (key); gtk_box_pack_start (GTK_BOX (vbox), key_info, FALSE, TRUE, 5); label = gtk_label_new (_("And can not be used for encryption.")); gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.5); gtk_box_pack_start (GTK_BOX (vbox), label, FALSE, TRUE, 5); gtk_widget_show_all (dialog); gtk_dialog_run (GTK_DIALOG (dialog)); gtk_widget_destroy (dialog); } static gboolean set_recipients (GpaFileEncryptOperation *op, GList *recipients) { GList *cur; int i; gpgme_protocol_t protocol = GPGME_PROTOCOL_UNKNOWN; g_free (op->rset); op->rset = g_malloc0 (sizeof(gpgme_key_t)*(g_list_length(recipients)+1)); /* Figure out the the protocol to use. */ for (cur = recipients, i = 0; cur; cur = g_list_next (cur), i++) { gpgme_key_t key = cur->data; if (protocol == GPGME_PROTOCOL_UNKNOWN) protocol = key->protocol; else if (key->protocol != protocol) { /* Should not happen either because the selection dialog should have not allowed to select differet keys. */ gpa_window_error (_("The selected certificates are not all of the same type." " That is, you mixed OpenPGP and X.509 certificates." " Please make sure to select only certificates of the" " same type."), GPA_OPERATION (op)->window); return FALSE; } } /* Perform validity checks. */ for (cur = recipients, i = 0; cur; cur = g_list_next (cur), i++) { /* Check that all recipients are valid */ gpgme_key_t key = cur->data; gpgme_validity_t valid; valid = key->uids->validity; /* First, make sure the key is usable (not revoked or unusable) */ if (key->revoked) { revoked_key (key, GPA_OPERATION (op)->window); return FALSE; } else if (key->expired) { expired_key (key, GPA_OPERATION (op)->window); return FALSE; } /* Now, check it's validity. X.509 keys are always considered valid becuase the backend will chekc this. FIXME: It would be better to ask the backend to check the validity of the key instead of letting it fail later. */ else if (valid == GPGME_VALIDITY_FULL || valid == GPGME_VALIDITY_ULTIMATE || key->protocol == GPGME_PROTOCOL_CMS) { op->rset[i] = key; } else { /* If an untrusted key is found ask the user what to do */ GtkResponseType response; response = ignore_key_trust (key, GPA_OPERATION (op)->window); if (response == GTK_RESPONSE_YES) { op->rset[i] = key; } else { /* Abort the encryption */ g_free (op->rset); op->rset = NULL; return FALSE; } } } gpgme_set_protocol (GPA_OPERATION (op)->context->ctx, protocol); return TRUE; } /* * Setting the signers for the context. */ static gboolean set_signers (GpaFileEncryptOperation *op, GList *signers) { GList *cur; gpg_error_t err; gpgme_signers_clear (GPA_OPERATION (op)->context->ctx); if (!signers) { /* Can't happen */ gpa_window_error (_("You didn't select any key for signing"), GPA_OPERATION (op)->window); return FALSE; } for (cur = signers; cur; cur = g_list_next (cur)) { gpgme_key_t key = cur->data; err = gpgme_signers_add (GPA_OPERATION (op)->context->ctx, key); if (err) gpa_gpgme_error (err); } return TRUE; } /* * The key selection dialog has returned. */ static void gpa_file_encrypt_operation_response_cb (GtkDialog *dialog, gint response, gpointer user_data) { GpaFileEncryptOperation *op = user_data; gtk_widget_hide (GTK_WIDGET (dialog)); if (response == GTK_RESPONSE_OK) { gboolean success = TRUE; gboolean armor = gpa_file_encrypt_dialog_get_armor (GPA_FILE_ENCRYPT_DIALOG (op->encrypt_dialog)); GList *signers = gpa_file_encrypt_dialog_signers (GPA_FILE_ENCRYPT_DIALOG (op->encrypt_dialog)); GList *recipients = gpa_file_encrypt_dialog_recipients (GPA_FILE_ENCRYPT_DIALOG (op->encrypt_dialog)); /* Set the armor value */ gpgme_set_armor (GPA_OPERATION (op)->context->ctx, armor); /* Set the signers for the context. */ if (gpa_file_encrypt_dialog_get_sign (GPA_FILE_ENCRYPT_DIALOG (op->encrypt_dialog))) success = set_signers (op, signers); /* Set the recipients for the context. */ if (success) success = set_recipients (op, recipients); /* Actually run the operation or abort. */ if (success) gpa_file_encrypt_operation_next (op); else g_signal_emit_by_name (GPA_OPERATION (op), "completed", gpg_error (GPG_ERR_GENERAL)); g_list_free (signers); g_list_free (recipients); } else { /* The dialog was canceled, so we do nothing and complete the operation */ g_signal_emit_by_name (GPA_OPERATION (op), "completed", gpg_error (GPG_ERR_CANCELED)); } } static void gpa_file_encrypt_operation_done_error_cb (GpaContext *context, gpg_error_t err, GpaFileEncryptOperation *op) { switch (gpg_err_code (err)) { case GPG_ERR_NO_ERROR: case GPG_ERR_CANCELED: /* Ignore these */ break; case GPG_ERR_BAD_PASSPHRASE: gpa_window_error (_("Wrong passphrase!"), GPA_OPERATION (op)->window); break; default: gpa_gpgme_warning (err); break; } } diff --git a/src/gpafilesignop.c b/src/gpafilesignop.c index 5ecef78..b926d17 100644 --- a/src/gpafilesignop.c +++ b/src/gpafilesignop.c @@ -1,528 +1,534 @@ /* gpafiledecryptop.c - The GpaOperation object. * Copyright (C) 2003 Miguel Coca. - * Copyright (C) 2008 g10 Code GmbH. + * Copyright (C) 2008, 2015 g10 Code GmbH. * * This file is part of GPA * * GPA is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * GPA is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ #include #include #include #ifdef G_OS_UNIX #include #include #include #else #include #endif #include "gpa.h" #include "gtktools.h" #include "gpgmetools.h" #include "gpafilesignop.h" #include "filesigndlg.h" #include "gpawidgets.h" /* Internal functions */ static void gpa_file_sign_operation_done_error_cb (GpaContext *context, gpg_error_t err, GpaFileSignOperation *op); static void gpa_file_sign_operation_done_cb (GpaContext *context, gpg_error_t err, GpaFileSignOperation *op); static void gpa_file_sign_operation_response_cb (GtkDialog *dialog, gint response, gpointer user_data); /* GObject */ static GObjectClass *parent_class = NULL; /* Properties */ enum { PROP_0, PROP_FORCE_ARMOR }; static void gpa_file_sign_operation_get_property (GObject *object, guint prop_id, GValue *value, GParamSpec *pspec) { GpaFileSignOperation *op = GPA_FILE_SIGN_OPERATION (object); switch (prop_id) { case PROP_FORCE_ARMOR: g_value_set_boolean (value, op->force_armor); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; } } static void gpa_file_sign_operation_set_property (GObject *object, guint prop_id, const GValue *value, GParamSpec *pspec) { GpaFileSignOperation *op = GPA_FILE_SIGN_OPERATION (object); switch (prop_id) { case PROP_FORCE_ARMOR: op->force_armor = g_value_get_boolean (value); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; } } static void gpa_file_sign_operation_finalize (GObject *object) { G_OBJECT_CLASS (parent_class)->finalize (object); } static void gpa_file_sign_operation_init (GpaFileSignOperation *op) { op->sign_dialog = NULL; op->sign_type = GPGME_SIG_MODE_NORMAL; op->sig_fd = -1; op->plain_fd = -1; op->sig = NULL; op->plain = NULL; op->sig_filename = NULL; op->force_armor = FALSE; } static GObject* gpa_file_sign_operation_constructor (GType type, guint n_construct_properties, GObjectConstructParam *construct_properties) { GObject *object; GpaFileSignOperation *op; /* Invoke parent's constructor */ object = parent_class->constructor (type, n_construct_properties, construct_properties); op = GPA_FILE_SIGN_OPERATION (object); /* Initialize */ /* Create the "Sign" dialog */ op->sign_dialog = gpa_file_sign_dialog_new (GPA_OPERATION (op)->window); if (op->force_armor) { /* FIXME: Currently, force_armor means also force cleartext sig mode. */ GpaFileSignDialog *dialog = GPA_FILE_SIGN_DIALOG (op->sign_dialog); gpa_file_sign_dialog_set_armor (dialog, TRUE); gpa_file_sign_dialog_set_force_armor (dialog, TRUE); gpa_file_sign_dialog_set_sig_mode (dialog, GPGME_SIG_MODE_CLEAR); gpa_file_sign_dialog_set_force_sig_mode (dialog, TRUE); } g_signal_connect (G_OBJECT (op->sign_dialog), "response", G_CALLBACK (gpa_file_sign_operation_response_cb), op); /* Connect to the "done" signal */ g_signal_connect (G_OBJECT (GPA_OPERATION (op)->context), "done", G_CALLBACK (gpa_file_sign_operation_done_error_cb), op); g_signal_connect (G_OBJECT (GPA_OPERATION (op)->context), "done", G_CALLBACK (gpa_file_sign_operation_done_cb), op); /* Give a title to the progress dialog */ gtk_window_set_title (GTK_WINDOW (GPA_FILE_OPERATION (op)->progress_dialog), _("Signing...")); /* Here we go... */ gtk_widget_show_all (op->sign_dialog); return object; } static void gpa_file_sign_operation_class_init (GpaFileSignOperationClass *klass) { GObjectClass *object_class = G_OBJECT_CLASS (klass); parent_class = g_type_class_peek_parent (klass); object_class->constructor = gpa_file_sign_operation_constructor; object_class->finalize = gpa_file_sign_operation_finalize; object_class->set_property = gpa_file_sign_operation_set_property; object_class->get_property = gpa_file_sign_operation_get_property; /* Properties */ g_object_class_install_property (object_class, PROP_FORCE_ARMOR, g_param_spec_boolean ("force-armor", "Force armor", "Force armor mode", FALSE, G_PARAM_WRITABLE | G_PARAM_CONSTRUCT_ONLY)); } GType gpa_file_sign_operation_get_type (void) { static GType file_sign_operation_type = 0; if (!file_sign_operation_type) { static const GTypeInfo file_sign_operation_info = { sizeof (GpaFileSignOperationClass), (GBaseInitFunc) NULL, (GBaseFinalizeFunc) NULL, (GClassInitFunc) gpa_file_sign_operation_class_init, NULL, /* class_finalize */ NULL, /* class_data */ sizeof (GpaFileSignOperation), 0, /* n_preallocs */ (GInstanceInitFunc) gpa_file_sign_operation_init, }; file_sign_operation_type = g_type_register_static (GPA_FILE_OPERATION_TYPE, "GpaFileSignOperation", &file_sign_operation_info, 0); } return file_sign_operation_type; } /* API */ GpaFileSignOperation* gpa_file_sign_operation_new (GtkWidget *window, GList *files, gboolean force_armor) { GpaFileSignOperation *op; op = g_object_new (GPA_FILE_SIGN_OPERATION_TYPE, "window", window, "input_files", files, "force-armor", force_armor, NULL); return op; } /* Internal */ static gchar* destination_filename (const gchar *filename, gboolean armor, gpgme_protocol_t protocol, gpgme_sig_mode_t sign_type) { const gchar *extension; gchar *signature_filename; if (protocol == GPGME_PROTOCOL_CMS && armor && sign_type != GPGME_SIG_MODE_DETACH) extension = ".pem"; else if (protocol == GPGME_PROTOCOL_CMS) extension = ".p7s"; else if (sign_type == GPGME_SIG_MODE_DETACH) extension = (armor && protocol == GPGME_PROTOCOL_OPENPGP)? ".asc" : ".sig"; else if (sign_type == GPGME_SIG_MODE_CLEAR) extension = ".asc"; else extension = ".gpg"; signature_filename = g_strconcat (filename, extension, NULL); return signature_filename; } static gpg_error_t gpa_file_sign_operation_start (GpaFileSignOperation *op, gpa_file_item_t file_item) { gpg_error_t err; if (file_item->direct_in) { /* No copy is made. */ err = gpgme_data_new_from_mem (&op->plain, file_item->direct_in, file_item->direct_in_len, 0); if (err) { gpa_gpgme_warning (err); return err; } err = gpgme_data_new (&op->sig); if (err) { gpa_gpgme_warning (err); gpgme_data_release (op->plain); op->plain = NULL; return err; } } else { gchar *plain_filename = file_item->filename_in; + char *filename_used; file_item->filename_out = destination_filename (plain_filename, gpgme_get_armor (GPA_OPERATION (op)->context->ctx), gpgme_get_protocol (GPA_OPERATION (op)->context->ctx), op->sign_type); /* Open the files */ op->plain_fd = gpa_open_input (plain_filename, &op->plain, GPA_OPERATION (op)->window); if (op->plain_fd == -1) /* FIXME: Error value. */ return gpg_error (GPG_ERR_GENERAL); op->sig_fd = gpa_open_output (file_item->filename_out, &op->sig, - GPA_OPERATION (op)->window); + GPA_OPERATION (op)->window, + &filename_used); if (op->sig_fd == -1) { gpgme_data_release (op->plain); close (op->plain_fd); + xfree (filename_used); /* FIXME: Error value. */ return gpg_error (GPG_ERR_GENERAL); } + + xfree (file_item->filename_out); + file_item->filename_out = filename_used; } /* Start the operation */ err = gpgme_op_sign_start (GPA_OPERATION (op)->context->ctx, op->plain, op->sig, op->sign_type); if (err) { gpa_gpgme_warning (err); return err; } /* Show and update the progress dialog */ gtk_widget_show_all (GPA_FILE_OPERATION (op)->progress_dialog); gpa_progress_dialog_set_label (GPA_PROGRESS_DIALOG (GPA_FILE_OPERATION (op)->progress_dialog), file_item->direct_name ? file_item->direct_name : file_item->filename_in); return 0; } static void gpa_file_sign_operation_next (GpaFileSignOperation *op) { gpg_error_t err; if (! GPA_FILE_OPERATION (op)->current) { g_signal_emit_by_name (GPA_OPERATION (op), "completed", 0); return; } err = gpa_file_sign_operation_start (op, GPA_FILE_OPERATION (op)->current->data); if (err) g_signal_emit_by_name (GPA_OPERATION (op), "completed", err); } static void gpa_file_sign_operation_done_cb (GpaContext *context, gpg_error_t err, GpaFileSignOperation *op) { gpa_file_item_t file_item = GPA_FILE_OPERATION (op)->current->data; if (file_item->direct_in) { size_t len; char *sig_gpgme = gpgme_data_release_and_get_mem (op->sig, &len); op->sig = NULL; /* Do the memory allocation dance. */ if (sig_gpgme) { /* Conveniently make ASCII stuff into a string. */ file_item->direct_out = g_malloc (len + 1); memcpy (file_item->direct_out, sig_gpgme, len); gpgme_free (sig_gpgme); file_item->direct_out[len] = '\0'; /* Yep, excluding the trailing zero. */ file_item->direct_out_len = len; } else { file_item->direct_out = NULL; file_item->direct_out_len = 0; } } /* Do clean up on the operation */ gpgme_data_release (op->plain); op->plain = NULL; close (op->plain_fd); op->plain_fd = -1; gpgme_data_release (op->sig); op->sig = NULL; close (op->sig_fd); op->sig_fd = -1; gtk_widget_hide (GPA_FILE_OPERATION (op)->progress_dialog); if (err) { if (! file_item->direct_in) { /* If an error happened, (or the user canceled) delete the created file and abort further signions. */ g_unlink (op->sig_filename); g_free (op->sig_filename); } g_signal_emit_by_name (GPA_OPERATION (op), "completed", err); } else { /* We've just created a file */ g_signal_emit_by_name (GPA_OPERATION (op), "created_file", file_item); /* Go to the next file in the list and sign it */ GPA_FILE_OPERATION (op)->current = g_list_next (GPA_FILE_OPERATION (op)->current); gpa_file_sign_operation_next (op); } } /* * Setting the signers and the protocol for the context. The protocol * to use is derived from the keys. An errro will be displayed if the * selected keys are not all of one protocol. */ static gboolean set_signers (GpaFileSignOperation *op, GList *signers) { GList *cur; gpg_error_t err; gpgme_protocol_t protocol = GPGME_PROTOCOL_UNKNOWN; gpgme_signers_clear (GPA_OPERATION (op)->context->ctx); if (!signers) { /* Can't happen */ gpa_window_error (_("You didn't select any key for signing"), GPA_OPERATION (op)->window); return FALSE; } for (cur = signers; cur; cur = g_list_next (cur)) { gpgme_key_t key = cur->data; if (protocol == GPGME_PROTOCOL_UNKNOWN) protocol = key->protocol; else if (key->protocol != protocol) { /* Should not happen because the selection dialog should have not allowed to select different key types. */ gpa_window_error (_("The selected certificates are not all of the same type." " That is, you mixed OpenPGP and X.509 certificates." " Please make sure to select only certificates of the" " same type."), GPA_OPERATION (op)->window); return FALSE; } } gpgme_set_protocol (GPA_OPERATION (op)->context->ctx, protocol); for (cur = signers; cur; cur = g_list_next (cur)) { gpgme_key_t key = cur->data; err = gpgme_signers_add (GPA_OPERATION (op)->context->ctx, key); if (err) gpa_gpgme_error (err); } return TRUE; } /* * The key selection dialog has returned. */ static void gpa_file_sign_operation_response_cb (GtkDialog *dialog, gint response, gpointer user_data) { GpaFileSignOperation *op = user_data; gtk_widget_hide (GTK_WIDGET (dialog)); if (response == GTK_RESPONSE_OK) { gboolean success = TRUE; gboolean armor = gpa_file_sign_dialog_get_armor (GPA_FILE_SIGN_DIALOG (op->sign_dialog)); GList *signers = gpa_file_sign_dialog_signers (GPA_FILE_SIGN_DIALOG (op->sign_dialog)); op->sign_type = gpa_file_sign_dialog_get_sig_mode (GPA_FILE_SIGN_DIALOG (op->sign_dialog)); /* Set the armor value */ gpgme_set_armor (GPA_OPERATION (op)->context->ctx, armor); /* Set the signers for the context */ success = set_signers (op, signers); /* Actually run the operation or abort. */ if (success) gpa_file_sign_operation_next (op); else g_signal_emit_by_name (GPA_OPERATION (op), "completed", gpg_error (GPG_ERR_GENERAL)); g_list_free (signers); } else /* The dialog was canceled, so we do nothing and complete the * operation */ g_signal_emit_by_name (GPA_OPERATION (op), "completed", gpg_error (GPG_ERR_CANCELED)); } static void gpa_file_sign_operation_done_error_cb (GpaContext *context, gpg_error_t err, GpaFileSignOperation *op) { switch (gpg_err_code (err)) { case GPG_ERR_NO_ERROR: case GPG_ERR_CANCELED: /* Ignore these */ break; case GPG_ERR_BAD_PASSPHRASE: gpa_window_error (_("Wrong passphrase!"), GPA_OPERATION (op)->window); break; default: gpa_gpgme_warning (err); break; } } diff --git a/src/gpgmetools.c b/src/gpgmetools.c index 83c4a69..cc45052 100644 --- a/src/gpgmetools.c +++ b/src/gpgmetools.c @@ -1,1790 +1,1823 @@ /* gpgmetools.h - Additional gpgme support functions for GPA. Copyright (C) 2002 Miguel Coca. - Copyright (C) 2005, 2008, 2009, 2012, 2014 g10 Code GmbH. + Copyright (C) 2005, 2008, 2009, 2012, 2014, 2015 g10 Code GmbH. This file is part of GPA GPA is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. GPA is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, see . */ /* A set of auxiliary functions for common tasks related to GPGME */ #include #include #include #include #include "gpa.h" #include "gtktools.h" #include "gpgmetools.h" #include #ifdef G_OS_UNIX #include #include #include #include #else #include #endif #ifdef G_OS_WIN32 #include #endif #include #ifndef O_BINARY #ifdef _O_BINARY #define O_BINARY _O_BINARY #else #define O_BINARY 0 #endif #endif /* Helper to strip the path from a source file name. This helps to avoid showing long filenames in case of VPATH builds. */ static const char * strip_path (const char *file) { const char *s = strrchr (file, '/'); return s? s+1:file; } /* Report an unexpected error in GPGME and quit the application. */ void _gpa_gpgme_error (gpg_error_t err, const char *file, int line) { gchar *message = g_strdup_printf (_("Fatal Error in GPGME library\n" "(invoked from file %s, line %i):\n\n" "\t%s\n\n" "The application will be terminated"), strip_path (file), line, gpgme_strerror (err)); gpa_window_error (message, NULL); g_free (message); exit (EXIT_FAILURE); } /* (Please use the gpa_gpgme_warning macros). */ void _gpa_gpgme_warning (gpg_error_t err, const char *desc, const char *file, int line) { char *argbuf = NULL; const char *arg; char *message; if (desc && (!err || gpg_err_code (err) == GPG_ERR_GENERAL)) arg = desc; else if (desc) { argbuf = g_strdup_printf ("%s (%s)", gpgme_strerror (err), desc); arg = argbuf; } else arg = gpgme_strerror (err); message = g_strdup_printf (_("The GPGME library returned an unexpected\n" "error at %s:%d. The error was:\n\n" "\t%s\n\n" "This is either an installation problem or a bug in %s.\n" "%s will now try to recover from this error."), strip_path (file), line, arg, GPA_NAME, GPA_NAME); g_free (argbuf); gpa_window_error (message, NULL); g_free (message); } /* Initialize a gpgme_ctx_t for use with GPA. */ gpgme_ctx_t gpa_gpgme_new (void) { gpgme_ctx_t ctx; gpg_error_t err; /* g_assert (!"using gpa_gpgme_new"); */ err = gpgme_new (&ctx); if (gpg_err_code (err) != GPG_ERR_NO_ERROR) gpa_gpgme_error (err); if (! cms_hack) gpgme_set_passphrase_cb (ctx, gpa_passphrase_cb, NULL); return ctx; } /* Write the contents of the gpgme_data_t object to the file. Receives a filehandle instead of the filename, so that the caller can make sure the file is accesible before putting anything into data. This is only used for a TMP file, thus it is okay to terminate the application on error. */ void dump_data_to_file (gpgme_data_t data, FILE *file) { char buffer[128]; int nread; nread = gpgme_data_seek (data, 0, SEEK_SET); if (nread == -1) { gpa_window_error (strerror (errno), NULL); exit (EXIT_FAILURE); } while ((nread = gpgme_data_read (data, buffer, sizeof (buffer))) > 0) fwrite (buffer, nread, 1, file); if (nread == -1) { gpa_window_error (strerror (errno), NULL); exit (EXIT_FAILURE); } return; } -static gboolean +static char * check_overwriting (const char *filename, GtkWidget *parent) { - /* If the file exists, ask before overwriting. */ - if (g_file_test (filename, G_FILE_TEST_EXISTS)) - { - GtkWidget *msgbox = gtk_message_dialog_new - (GTK_WINDOW(parent), GTK_DIALOG_MODAL, - GTK_MESSAGE_WARNING, GTK_BUTTONS_NONE, - _("The file %s already exists.\n" - "Do you want to overwrite it?"), filename); - gtk_dialog_add_buttons (GTK_DIALOG (msgbox), - _("_Yes"), GTK_RESPONSE_YES, - _("_No"), GTK_RESPONSE_NO, NULL); - if (gtk_dialog_run (GTK_DIALOG (msgbox)) != GTK_RESPONSE_YES) - { - gtk_widget_destroy (msgbox); - return FALSE; - } - gtk_widget_destroy (msgbox); + GtkWidget *dialog; + int response; + GtkFileChooserAction action = GTK_FILE_CHOOSER_ACTION_SAVE; + char *filename_used = xstrdup (filename); + + while (1) + { + /* If the file exists, ask before overwriting. */ + if (! g_file_test (filename_used, G_FILE_TEST_EXISTS)) + return filename_used; + + dialog = gtk_message_dialog_new + (GTK_WINDOW (parent), GTK_DIALOG_MODAL, + GTK_MESSAGE_WARNING, GTK_BUTTONS_NONE, + _("The file %s already exists.\n" + "Do you want to overwrite it?"), filename_used); + gtk_dialog_add_buttons (GTK_DIALOG (dialog), + _("_Yes"), GTK_RESPONSE_YES, + _("_No"), GTK_RESPONSE_NO, + _("_Use a different filename"), 1, + NULL); + + response = gtk_dialog_run (GTK_DIALOG (dialog)); + gtk_widget_destroy (dialog); + if (response == GTK_RESPONSE_YES) + return filename_used; + if (response == GTK_RESPONSE_NO) + { + xfree (filename_used); + return NULL; + } + + /* Use a different filename. */ + dialog = gtk_file_chooser_dialog_new + ("Open File", GTK_WINDOW (parent), action, + _("_Cancel"), GTK_RESPONSE_CANCEL, + _("_Open"), GTK_RESPONSE_ACCEPT, + NULL); + response = gtk_dialog_run (GTK_DIALOG (dialog)); + if (response == GTK_RESPONSE_ACCEPT) + { + GtkFileChooser *chooser = GTK_FILE_CHOOSER (dialog); + filename_used = gtk_file_chooser_get_filename (chooser); + } + + gtk_widget_destroy (dialog); } - return TRUE; } /* Not really a gpgme function, but needed in most places dump_data_to_file is used. Opens a file for writing, asking the user to overwrite if it exists and reporting any errors. Returns NULL on failure, but you can assume the user has been informed of the error (or maybe he just didn't want to overwrite!). */ FILE * -gpa_fopen (const char *filename, GtkWidget *parent) +gpa_fopen (const char *filename, GtkWidget *parent, char **filename_used) { FILE *target; - if (!check_overwriting (filename, parent)) + *filename_used = check_overwriting (filename, parent); + if (! *filename_used) return NULL; - target = g_fopen (filename, "w"); + target = g_fopen (*filename_used, "w"); if (!target) { gchar *message; - message = g_strdup_printf ("%s: %s", filename, strerror(errno)); + message = g_strdup_printf ("%s: %s", *filename_used, strerror(errno)); gpa_window_error (message, parent); g_free (message); - return NULL; } return target; } int gpa_open_output_direct (const char *filename, gpgme_data_t *data, GtkWidget *parent) { int target = -1; gpg_error_t err; target = g_open (filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0666); if (target == -1) { gchar *message; message = g_strdup_printf ("%s: %s", filename, strerror(errno)); gpa_window_error (message, parent); g_free (message); } err = gpgme_data_new_from_fd (data, target); if (gpg_err_code (err) != GPG_ERR_NO_ERROR) { close (target); target = -1; } return target; } int -gpa_open_output (const char *filename, gpgme_data_t *data, GtkWidget *parent) +gpa_open_output (const char *filename, gpgme_data_t *data, GtkWidget *parent, + char **filename_used) { - if (! check_overwriting (filename, parent)) + int res; + + *filename_used = check_overwriting (filename, parent); + if (! *filename_used) return -1; - return gpa_open_output_direct (filename, data, parent); + res = gpa_open_output_direct (*filename_used, data, parent); + return res; } int gpa_open_input (const char *filename, gpgme_data_t *data, GtkWidget *parent) { gpg_error_t err; int target = -1; target = g_open (filename, O_RDONLY | O_BINARY, 0); if (target == -1) { gchar *message; message = g_strdup_printf ("%s: %s", filename, strerror(errno)); gpa_window_error (message, parent); g_free (message); } err = gpgme_data_new_from_fd (data, target); if (gpg_err_code (err) != GPG_ERR_NO_ERROR) { close (target); target = -1; } return target; } /* Do a gpgme_data_new_from_file and report any GPGME_File_Error to the user. */ gpg_error_t gpa_gpgme_data_new_from_file (gpgme_data_t *data, const char *filename, GtkWidget *parent) { gpg_error_t err; err = gpgme_data_new_from_file (data, filename, 1); if (gpg_err_code_to_errno (err) != 0) { gchar *message; message = g_strdup_printf ("%s: %s", filename, strerror(errno)); gpa_window_error (message, NULL); g_free (message); } return err; } /* Write the contents of the gpgme_data_t into the clipboard. Assumes that the data is ASCII. Return 0 on success. */ int dump_data_to_clipboard (gpgme_data_t data, GtkClipboard *clipboard) { char buffer[512]; int nread; gchar *text = NULL; size_t len = 0; nread = gpgme_data_seek (data, 0, SEEK_SET); if (nread == -1) { gpa_window_error (strerror (errno), NULL); return -1; } while ((nread = gpgme_data_read (data, buffer, sizeof (buffer))) > 0) { text = g_realloc (text, len + nread + 1); strncpy (text + len, buffer, nread); len += nread; } if (nread == -1) { gpa_window_error (strerror (errno), NULL); return -1; } gtk_clipboard_set_text (clipboard, text, (int)len); g_free (text); return 0; } /* Assemble the parameter string for gpgme_op_genkey for GnuPG. We don't need worry about the user ID being UTF-8 as long as we are using GTK+2, because all user input is UTF-8 in it. */ static gchar * build_genkey_parms (gpa_keygen_para_t *params) { gchar *string; const char *key_algo; gchar *subkeys = NULL; gchar *name = NULL; gchar *email = NULL; gchar *comment = NULL; gchar *expire = NULL; /* Choose which keys and subkeys to generate. */ switch (params->algo) { case GPA_KEYGEN_ALGO_RSA_RSA: key_algo = "RSA"; subkeys = g_strdup_printf ("Subkey-Type: RSA\n" "Subkey-Length: %d\n" "Subkey-Usage: encrypt\n", params->keysize); break; case GPA_KEYGEN_ALGO_RSA_ELGAMAL: key_algo = "RSA"; subkeys = g_strdup_printf ("Subkey-Type: ELG-E\n" "Subkey-Length: %d\n" "Subkey-Usage: encrypt\n", params->keysize); break; case GPA_KEYGEN_ALGO_RSA: key_algo = "RSA"; break; case GPA_KEYGEN_ALGO_DSA_ELGAMAL: key_algo = "DSA"; subkeys = g_strdup_printf ("Subkey-Type: ELG-E\n" "Subkey-Length: %i\n" "Subkey-Usage: encrypt\n", params->keysize); break; case GPA_KEYGEN_ALGO_DSA: key_algo = "DSA"; break; default: /* Can't happen */ return NULL; } /* Construct the user ID. */ if (params->name && params->name[0]) name = g_strdup_printf ("Name-Real: %s\n", params->name); if (params->email && params->email[0]) email = g_strdup_printf ("Name-Email: %s\n", params->email); if (params->comment && params->comment[0]) comment = g_strdup_printf ("Name-Comment: %s\n", params->comment); /* Build the expiration date string if needed */ if (g_date_valid (¶ms->expire)) expire = g_strdup_printf ("Expire-Date: %04d-%02d-%02d\n", g_date_get_year (¶ms->expire), g_date_get_month (¶ms->expire), g_date_get_day (¶ms->expire)); /* Assemble the final parameter string */ string = g_strdup_printf ("\n" "Key-Type: %s\n" "Key-Length: %i\n" "Key-Usage: sign\n" "%s" /* Subkeys */ "%s" /* Name */ "%s" /* Email */ "%s" /* Comment */ "%s" /* Expiration date */ "%%ask-passphrase\n" "\n", key_algo, params->keysize, subkeys? subkeys : "", name? name:"", email? email : "", comment? comment : "", expire? expire : ""); /* Free auxiliary strings if they are not empty */ g_free (subkeys); g_free (name); g_free (email); g_free (comment); g_free (expire); return string; } /* Begin generation of a key with the given parameters. It prepares the parameters required by GPGME and returns whatever gpgme_op_genkey_start returns. */ gpg_error_t gpa_generate_key_start (gpgme_ctx_t ctx, gpa_keygen_para_t *params) { gchar *parm_string; gpg_error_t err; parm_string = build_genkey_parms (params); err = gpgme_op_genkey_start (ctx, parm_string, NULL, NULL); g_free (parm_string); return err; } /* Retrieve the path to the GPG executable. */ static const gchar * get_gpg_path (void) { gpgme_engine_info_t engine; gpgme_get_engine_info (&engine); while (engine) { if (engine->protocol == GPGME_PROTOCOL_OpenPGP) return engine->file_name; engine = engine->next; } return NULL; } /* Retrieve the path to the GPGSM executable. */ static const gchar * get_gpgsm_path (void) { gpgme_engine_info_t engine; gpgme_get_engine_info (&engine); while (engine) { if (engine->protocol == GPGME_PROTOCOL_CMS) return engine->file_name; engine = engine->next; } return NULL; } /* Retrieve the path to the GPGCONF executable. */ static const gchar * get_gpgconf_path (void) { gpgme_engine_info_t engine; gpgme_get_engine_info (&engine); while (engine) { if (engine->protocol == GPGME_PROTOCOL_GPGCONF) return engine->file_name; engine = engine->next; } return NULL; } /* Retrieve the path to the GPG-CONNECT-AGENT executable. Note that the caller must free the returned string. */ static char * get_gpg_connect_agent_path (void) { const char *gpgconf; char *fname, *p; gpgconf = get_gpgconf_path (); if (!gpgconf) return NULL; #ifdef G_OS_WIN32 # define NEWNAME "gpg-connect-agent.exe" #else # define NEWNAME "gpg-connect-agent" #endif fname = g_malloc (strlen (gpgconf) + strlen (NEWNAME) + 1); strcpy (fname, gpgconf); #ifdef G_OS_WIN32 for (p=fname; *p; p++) if (*p == '\\') *p = '/'; #endif /*G_OS_WIN32*/ p = strrchr (fname, '/'); if (p) p++; else p = fname; strcpy (p, NEWNAME); #undef NEWNAME return fname; } /* Backup a key. It exports both the public and secret keys to a file. IS_X509 tells the function that the fingerprint is from an X.509 key. Returns TRUE on success and FALSE on error. It displays errors to the user. */ gboolean gpa_backup_key (const gchar *fpr, const char *filename, int is_x509) { const char *header_argv[] = { "", "--batch", "--no-tty", "--fingerprint", (char*) fpr, NULL }; const char *pub_argv[] = { "", "--batch", "--no-tty", "--armor", "--export", (char*) fpr, NULL }; const char *sec_argv[] = { "", "--batch", "--no-tty", "--armor", "--export-secret-key", (char*) fpr, NULL }; const char *seccms_argv[] = { "", "--batch", "--no-tty", "--armor", "--export-secret-key-p12", (char*) fpr, NULL }; gpg_error_t err; FILE *fp; gpgme_data_t dfp = NULL; const char *pgm; gpgme_ctx_t ctx = NULL; int result = FALSE; /* Get the gpg path. */ if (is_x509) pgm = get_gpgsm_path (); else pgm = get_gpg_path (); g_return_val_if_fail (pgm && *pgm, FALSE); /* Open the file */ { mode_t mask = umask (0077); fp = g_fopen (filename, "w"); umask (mask); } if (!fp) { gchar message[256]; g_snprintf (message, sizeof(message), "%s: %s", filename, strerror(errno)); gpa_window_error (message, NULL); return FALSE; } fputs (_( "************************************************************************\n" "* WARNING: This file is a backup of your secret key. Please keep it in *\n" "* a safe place. *\n" "************************************************************************\n" "\n"), fp); fputs (_("The key backed up in this file is:\n\n"), fp); fflush (fp); err = gpgme_data_new_from_stream (&dfp, fp); if (err) { g_message ("error creating data object '%s': %s", filename, gpg_strerror (err)); goto leave; } ctx = gpa_gpgme_new (); gpgme_set_protocol (ctx, GPGME_PROTOCOL_SPAWN); err = gpgme_op_spawn (ctx, pgm, header_argv, NULL, dfp, NULL, GPGME_SPAWN_DETACHED|GPGME_SPAWN_ALLOW_SET_FG); if (err) { g_message ("error running '%s' (1): %s", pgm, gpg_strerror (err)); goto leave; } gpgme_data_write (dfp, "\n", 1); err = gpgme_op_spawn (ctx, pgm, pub_argv, NULL, dfp, NULL, GPGME_SPAWN_DETACHED|GPGME_SPAWN_ALLOW_SET_FG); if (err) { g_message ("error running '%s' (2): %s", pgm, gpg_strerror (err)); goto leave; } gpgme_data_write (dfp, "\n", 1); err = gpgme_op_spawn (ctx, pgm, is_x509? seccms_argv : sec_argv, NULL, dfp, NULL, GPGME_SPAWN_DETACHED|GPGME_SPAWN_ALLOW_SET_FG); if (err) { g_message ("error running '%s' (3): %s", pgm, gpg_strerror (err)); goto leave; } result = TRUE; leave: gpgme_release (ctx); gpgme_data_release (dfp); fclose (fp); return result; } void gpa_keygen_para_free (gpa_keygen_para_t *params) { if (params) { g_free (params->name); g_free (params->email); g_free (params->comment); g_free (params->r_error_desc); g_free (params); } } gpa_keygen_para_t * gpa_keygen_para_new (void) { gpa_keygen_para_t *params = xcalloc (1, sizeof *params); g_date_clear (¶ms->expire, 1); return params; } /* Ownertrust strings. */ const gchar * gpa_key_ownertrust_string (gpgme_key_t key) { if (key->protocol == GPGME_PROTOCOL_CMS) return ""; switch (key->owner_trust) { case GPGME_VALIDITY_UNKNOWN: case GPGME_VALIDITY_UNDEFINED: default: return _("Unknown"); break; case GPGME_VALIDITY_NEVER: return _("Never"); break; case GPGME_VALIDITY_MARGINAL: return _("Marginal"); break; case GPGME_VALIDITY_FULL: return _("Full"); break; case GPGME_VALIDITY_ULTIMATE: return _("Ultimate"); break; } } /* Key validity strings. */ const gchar * gpa_key_validity_string (gpgme_key_t key) { if (!key->uids) return _("Unknown"); switch (key->uids->validity) { case GPGME_VALIDITY_UNKNOWN: case GPGME_VALIDITY_UNDEFINED: case GPGME_VALIDITY_NEVER: case GPGME_VALIDITY_MARGINAL: default: if (key->subkeys->revoked) return _("Revoked"); else if (key->subkeys->expired) return _("Expired"); else if (key->subkeys->disabled) return _("Disabled"); else if (key->subkeys->invalid) return _("Incomplete"); else return _("Unknown"); break; case GPGME_VALIDITY_FULL: case GPGME_VALIDITY_ULTIMATE: return _("Fully Valid"); } } static GtkWidget * passphrase_question_label (const char *uid_hint, const char *passphrase_info, int prev_was_bad) { GtkWidget *label; gchar *input; gchar *text; gchar *keyid, *userid; gint i; /* Just in case this is called without a user id hint we return a simple text to avoid a crash. */ if (!uid_hint) return gtk_label_new ("Passphrase?"); input = g_strdup (uid_hint); /* The first word in the hint is the key ID */ keyid = input; for (i = 0; input[i] != ' '; i++) { } input[i++] = '\0'; /* The rest of the hint is the user ID */ userid = input+i; /* Build the label widget */ if (!prev_was_bad) { text = g_strdup_printf ("%s\n\n%s %s\n%s %s", _("Please enter the passphrase for" " the following key:"), _("User Name:"), userid, _("Key ID:"), keyid); } else { text = g_strdup_printf ("%s\n\n%s %s\n%s %s", _("Wrong passphrase, please try again:"), _("User Name:"), userid, _("Key ID:"), keyid); } label = gtk_label_new (text); g_free (input); g_free (text); return label; } /* This is the function called by GPGME when it wants a passphrase. */ gpg_error_t gpa_passphrase_cb (void *hook, const char *uid_hint, const char *passphrase_info, int prev_was_bad, int fd) { GtkWidget * dialog; GtkWidget * hbox; GtkWidget * vbox; GtkWidget * entry; GtkWidget * pixmap; GtkResponseType response; gchar *passphrase; dialog = gtk_dialog_new_with_buttons (_("Enter Passphrase"), NULL, GTK_DIALOG_MODAL, GTK_STOCK_CANCEL, GTK_RESPONSE_CANCEL, GTK_STOCK_OK, GTK_RESPONSE_OK, NULL); gtk_dialog_set_alternative_button_order (GTK_DIALOG (dialog), GTK_RESPONSE_OK, GTK_RESPONSE_CANCEL, -1); hbox = gtk_hbox_new (FALSE, 0); gtk_box_pack_start (GTK_BOX (GTK_DIALOG (dialog)->vbox), hbox, TRUE, FALSE, 10); pixmap = gtk_image_new_from_stock (GTK_STOCK_DIALOG_QUESTION, GTK_ICON_SIZE_DIALOG); gtk_box_pack_start (GTK_BOX (hbox), pixmap, TRUE, FALSE, 10); vbox = gtk_vbox_new (TRUE, 0); gtk_box_pack_start (GTK_BOX (hbox), vbox, TRUE, FALSE, 10); /* The default button is OK */ gtk_dialog_set_default_response (GTK_DIALOG (dialog), GTK_RESPONSE_OK); /* Set the contents of the dialog */ gtk_box_pack_start_defaults (GTK_BOX (vbox), passphrase_question_label (uid_hint, passphrase_info, prev_was_bad)); entry = gtk_entry_new (); gtk_entry_set_visibility (GTK_ENTRY (entry), FALSE); gtk_entry_set_activates_default (GTK_ENTRY (entry), TRUE); gtk_box_pack_start (GTK_BOX (vbox), entry, TRUE, FALSE, 10); gtk_widget_grab_focus (entry); /* Run the dialog */ gtk_widget_show_all (dialog); response = gtk_dialog_run (GTK_DIALOG (dialog)); passphrase = g_strdup_printf ("%s\n", gtk_entry_get_text (GTK_ENTRY (entry))); gtk_widget_destroy (dialog); if (response == GTK_RESPONSE_OK) { int passphrase_len = strlen (passphrase); #ifdef G_OS_WIN32 DWORD res; if (WriteFile ((HANDLE) _get_osfhandle (fd), passphrase, passphrase_len, &res, NULL) == 0 || res < passphrase_len) { g_free (passphrase); return gpg_error (gpg_err_code_from_errno (EIO)); } else return gpg_error (GPG_ERR_NO_ERROR); #else int res; res = write (fd, passphrase, passphrase_len); g_free (passphrase); if (res == -1) return gpg_error (gpg_err_code_from_errno (errno)); else if (res < passphrase_len) return gpg_error (gpg_err_code_from_errno (EIO)); else return gpg_error (GPG_ERR_NO_ERROR); #endif } else { g_free (passphrase); return gpg_error (GPG_ERR_CANCELED); } } /* Convenience functions to access key attributes, which need to be filtered before being displayed to the user. */ /* Return the user ID, making sure it is properly UTF-8 encoded. Allocates a new string, which must be freed with g_free (). */ static gchar * string_to_utf8 (const gchar *string) { const char *s; if (!string) return NULL; /* Due to a bug in old and not so old PGP versions user IDs have been copied verbatim into the key. Thus many users with Umlauts et al. in their name will see their names garbled. Although this is not an issue for me (;-)), I have a couple of friends with Umlauts in their name, so let's try to make their life easier by detecting invalid encodings and convert that to Latin-1. We use this even for X.509 because it may make things even better given all the invalid encodings often found in X.509 certificates. */ for (s = string; *s && !(*s & 0x80); s++) ; if (*s && ((s[1] & 0xc0) == 0x80) && ( ((*s & 0xe0) == 0xc0) || ((*s & 0xf0) == 0xe0) || ((*s & 0xf8) == 0xf0) || ((*s & 0xfc) == 0xf8) || ((*s & 0xfe) == 0xfc)) ) { /* Possible utf-8 character followed by continuation byte. Although this might still be Latin-1 we better assume that it is valid utf-8. */ return g_strdup (string); } else if (*s && !strchr (string, 0xc3)) { /* No 0xC3 character in the string; assume that it is Latin-1. */ return g_convert (string, -1, "UTF-8", "ISO-8859-1", NULL, NULL, NULL); } else { /* Everything else is assumed to be UTF-8. We do this even that we know the encoding is not valid. However as we only test the first non-ascii character, valid encodings might follow. */ return g_strdup (string); } } gchar * gpa_gpgme_key_get_userid (gpgme_user_id_t uid) { gchar *uid_utf8; if (!uid) return g_strdup (_("[None]")); uid_utf8 = string_to_utf8 (uid->uid); /* Tag revoked UID's*/ if (uid->revoked) { /* FIXME: I think, this code should be simply disabled. Even if the uid U is revoked, it is "U", not "[Revoked] U". Side note: adding this prefix obviously breaks sorting by uid. -moritz */ gchar *tmp = g_strdup_printf ("[%s] %s", _("Revoked"), uid_utf8); g_free (uid_utf8); uid_utf8 = tmp; } return uid_utf8; } /* Return the key fingerprint, properly formatted according to the key version. Allocates a new string, which must be freed with g_free(). This is based on code from GPAPA's extract_fingerprint. */ gchar * gpa_gpgme_key_format_fingerprint (const char *fpraw) { if (strlen (fpraw) == 32 ) /* v3 */ { char *fp = g_malloc (strlen (fpraw) + 16 + 1); const char *r = fpraw; char *q = fp; gint c = 0; while (*r) { *q++ = *r++; c++; if (c < 32) { if (c % 2 == 0) *q++ = ' '; if (c % 16 == 0) *q++ = ' '; } } *q = 0; return fp; } else { char *fp = g_malloc (strlen (fpraw) + 10 + 1); const char *r = fpraw; char *q = fp; gint c = 0; while (*r) { *q++ = *r++; c++; if (c < 40) { if (c % 4 == 0) *q++ = ' '; if (c % 20 == 0) *q++ = ' '; } } *q = 0; return fp; } } /* Return the short key ID of the indicated key. The returned string is valid as long as the key is valid. */ const gchar * gpa_gpgme_key_get_short_keyid (gpgme_key_t key) { const char *keyid = key->subkeys->keyid; if (!keyid) return NULL; else return keyid + 8; } /* Convenience function to access key signature attibutes, much like the previous ones. */ /* Return the user ID, making sure it is properly UTF-8 encoded. Allocates a new string, which must be freed with g_free(). */ gchar * gpa_gpgme_key_sig_get_userid (gpgme_key_sig_t sig) { if (!sig->uid || !*sig->uid) /* Duplicate it to make sure it can be g_free'd. */ return g_strdup (_("[Unknown user ID]")); else return string_to_utf8 (sig->uid); } /* Return the short key ID of the indicated key. The returned string is valid as long as the key is valid. */ const gchar * gpa_gpgme_key_sig_get_short_keyid (gpgme_key_sig_t sig) { return sig->keyid + 8; } /* Return a string with the status of the key signature. */ const gchar * gpa_gpgme_key_sig_get_sig_status (gpgme_key_sig_t sig, GHashTable *revoked) { const gchar *status; switch (sig->status) { case GPGME_SIG_STAT_GOOD: status = _("Valid"); break; case GPGME_SIG_STAT_BAD: status = _("Bad"); default: status = _("Unknown"); } if (sig->expired) { status = _("Expired"); } else if (g_hash_table_lookup (revoked, sig->keyid)) { status = _("Revoked"); } return status; } /* Return a string with the level of the key signature. */ const gchar * gpa_gpgme_key_sig_get_level (gpgme_key_sig_t sig) { switch (sig->sig_class) { case 0x10: return _("Generic"); break; case 0x11: return _("Persona"); break; case 0x12: return _("Casual"); break; case 0x13: return _("Positive"); break; default: return _("Unknown"); break; } } /* Return a human readable string with the status of the signature SIG. If R_KEYDESC is not NULL, the description of the key (e.g.. the user ID) will be stored as a malloced string at that address; if no key is known, NULL will be stored. If R_KEY is not NULL, a key object will be stored at that address; NULL if no key is known. CTX is used as helper to figure out the key description. */ char * gpa_gpgme_get_signature_desc (gpgme_ctx_t ctx, gpgme_signature_t sig, char **r_keydesc, gpgme_key_t *r_key) { gpgme_key_t key = NULL; char *keydesc = NULL; char *sigdesc; const char *sigstatus; sigstatus = sig->status? gpg_strerror (sig->status) : ""; if (sig->fpr && ctx) { gpgme_get_key (ctx, sig->fpr, &key, 0); if (key) keydesc = gpa_gpgme_key_get_userid (key->uids); } if (sig->summary & GPGME_SIGSUM_RED) { if (keydesc && *sigstatus) sigdesc = g_strdup_printf (_("Bad signature by %s: %s"), keydesc, sigstatus); else if (keydesc) sigdesc = g_strdup_printf (_("Bad signature by %s"), keydesc); else if (sig->fpr && *sigstatus) sigdesc = g_strdup_printf (_("Bad signature by unknown key " "%s: %s"), sig->fpr, sigstatus); else if (sig->fpr) sigdesc = g_strdup_printf (_("Bad signature by unknown key " "%s"), sig->fpr); else if (*sigstatus) sigdesc = g_strdup_printf (_("Bad signature by unknown key: " "%s"), sigstatus); else sigdesc = g_strdup_printf (_("Bad signature by unknown key")); } else if (sig->summary & GPGME_SIGSUM_VALID) { if (keydesc && *sigstatus) sigdesc = g_strdup_printf (_("Good signature by %s: %s"), keydesc, sigstatus); else if (keydesc) sigdesc = g_strdup_printf (_("Good signature by %s"), keydesc); else if (sig->fpr && *sigstatus) sigdesc = g_strdup_printf (_("Good signature by unknown key " "%s: %s"), sig->fpr, sigstatus); else if (sig->fpr) sigdesc = g_strdup_printf (_("Good signature by unknown key " "%s"), sig->fpr); else if (*sigstatus) sigdesc = g_strdup_printf (_("Good signature by unknown key: " "%s"), sigstatus); else sigdesc = g_strdup_printf (_("Good signature by unknown key")); } else { if (keydesc && *sigstatus) sigdesc = g_strdup_printf (_("Uncertain signature by %s: %s"), keydesc, sigstatus); else if (keydesc) sigdesc = g_strdup_printf (_("Uncertain signature by %s"), keydesc); else if (sig->fpr && *sigstatus) sigdesc = g_strdup_printf (_("Uncertain signature by unknown key " "%s: %s"), sig->fpr, sigstatus); else if (sig->fpr) sigdesc = g_strdup_printf (_("Uncertain signature by unknown key " "%s"), sig->fpr); else if (*sigstatus) sigdesc = g_strdup_printf (_("Uncertain signature by unknown " "key: %s"), sigstatus); else sigdesc = g_strdup_printf (_("Uncertain signature by unknown " "key")); } if (r_keydesc) *r_keydesc = keydesc; else g_free (keydesc); if (r_key) *r_key = key; else gpgme_key_unref (key); return sigdesc; } /* Return a string listing the capabilities of a key. */ const gchar * gpa_get_key_capabilities_text (gpgme_key_t key) { if (key->can_certify) { if (key->can_sign) { if (key->can_encrypt) return _("The key can be used for certification, signing " "and encryption."); else return _("The key can be used for certification and " "signing, but not for encryption."); } else { if (key->can_encrypt) return _("The key can be used for certification and " "encryption."); else return _("The key can be used only for certification."); } } else { if (key->can_sign) { if (key->can_encrypt) return _("The key can be used only for signing and " "encryption, but not for certification."); else return _("The key can be used only for signing."); } else { if (key->can_encrypt) return _("The key can be used only for encryption."); else /* Can't happen, even for subkeys. */ return _("This key is useless."); } } } /* Update the result structure RESULT using the gpgme result INFO and the FILES and BAD_FILES counter. */ void gpa_gpgme_update_import_results (gpa_import_result_t result, unsigned int files, unsigned int bad_files, gpgme_import_result_t info) { result->files += files; result->bad_files += bad_files; if (info) { result->considered += info->considered; result->imported += info->imported; result->unchanged += info->unchanged; result->secret_read += info->secret_read; result->secret_imported += info->secret_imported; result->secret_unchanged += info->secret_unchanged; } } void gpa_gpgme_show_import_results (GtkWidget *parent, gpa_import_result_t result) { char *buf1, *buf2; if (result->files) buf2 = g_strdup_printf (_("%u file(s) read\n" "%u file(s) with errors"), result->files, result->bad_files); else buf2 = NULL; if (!result->considered) gpa_show_warning (parent, "%s%s%s", _("No keys were found."), buf2? "\n":"", buf2? buf2:""); else { buf1 = g_strdup_printf (_("%i public keys read\n" "%i public keys imported\n" "%i public keys unchanged\n" "%i secret keys read\n" "%i secret keys imported\n" "%i secret keys unchanged"), result->considered, result->imported, result->unchanged, result->secret_read, result->secret_imported, result->secret_unchanged); gpa_show_info (parent, "%s%s%s", buf1, buf2? "\n":"", buf2? buf2:""); g_free (buf1); } g_free (buf2); } /* Return a copy of the key array. */ gpgme_key_t * gpa_gpgme_copy_keyarray (gpgme_key_t *keys) { gpgme_key_t *newarray; int idx; if (!keys) return NULL; for (idx=0; keys[idx]; idx++) ; idx++; newarray = g_new (gpgme_key_t, idx); for (idx=0; keys[idx]; idx++) { gpgme_key_ref (keys[idx]); newarray[idx] = keys[idx]; } newarray[idx] = NULL; return newarray; } /* Release all keys in the array KEYS as well as ARRAY itself. */ void gpa_gpgme_release_keyarray (gpgme_key_t *keys) { if (keys) { int idx; for (idx=0; keys[idx]; idx++) gpgme_key_unref (keys[idx]); g_free (keys); } } /* Read the next number in the version string STR and return it in *NUMBER. Return a pointer to the tail of STR after parsing, or *NULL if the version string was invalid. */ static const char * parse_version_number (const char *str, int *number) { #define MAXVAL ((INT_MAX - 10) / 10) int val = 0; /* Leading zeros are not allowed. */ if (*str == '0' && isascii (str[1]) && isdigit (str[1])) return NULL; while (isascii (*str) && isdigit (*str) && val <= MAXVAL) { val *= 10; val += *(str++) - '0'; } *number = val; return val > MAXVAL ? NULL : str; #undef MAXVAL } /* Parse the version string STR in the format MAJOR.MINOR.MICRO (for example, 9.3.2) and return the components in MAJOR, MINOR and MICRO as integers. The function returns the tail of the string that follows the version number. This might be te empty string if there is nothing following the version number, or a patchlevel. The function returns NULL if the version string is not valid. */ static const char * parse_version_string (const char *str, int *major, int *minor, int *micro) { str = parse_version_number (str, major); if (!str || *str != '.') return NULL; str++; str = parse_version_number (str, minor); if (!str || *str != '.') return NULL; str++; str = parse_version_number (str, micro); if (!str) return NULL; /* A patchlevel might follow. */ return str; } /* Return true if MY_VERSION is at least REQ_VERSION, and false otherwise. */ static int compare_version_strings (const char *my_version, const char *rq_version) { int my_major, my_minor, my_micro; int rq_major, rq_minor, rq_micro; const char *my_plvl, *rq_plvl; if (!rq_version) return 1; if (!my_version) return 0; my_plvl = parse_version_string (my_version, &my_major, &my_minor, &my_micro); if (!my_plvl) return 0; rq_plvl = parse_version_string (rq_version, &rq_major, &rq_minor, &rq_micro); if (!rq_plvl) return 0; if (my_major > rq_major || (my_major == rq_major && my_minor > rq_minor) || (my_major == rq_major && my_minor == rq_minor && my_micro > rq_micro) || (my_major == rq_major && my_minor == rq_minor && my_micro == rq_micro && strcmp (my_plvl, rq_plvl) >= 0)) return 1; return 0; } /* Try switching to the gpg2 backend or the one given by filename. */ /* Return 1 if the gpg engine has at least version NEED_VERSION, otherwise 0. */ int is_gpg_version_at_least (const char *need_version) { gpgme_engine_info_t engine; gpgme_get_engine_info (&engine); while (engine) { if (engine->protocol == GPGME_PROTOCOL_OpenPGP) return !!compare_version_strings (engine->version, need_version); engine = engine->next; } return 0; /* No gpg-engine available. */ } /* Structure used to communicate with gpg_simple_stdio_cb. */ struct gpg_simple_stdio_parm_s { gboolean (*cb)(void *opaque, char *line); void *cb_arg; GString *string; int only_status_lines; }; /* Helper for gpa_start_simple_gpg_command. */ static gboolean gpg_simple_stdio_cb (GIOChannel *channel, GIOCondition condition, void *user_data) { struct gpg_simple_stdio_parm_s *parm = user_data; GIOStatus status; char *line, *p; if ((condition & G_IO_IN)) { /* We don't use a while but an if because that allows to update progress bars nicely. A bit slower, but no real problem. */ if ((status = g_io_channel_read_line_string (channel, parm->string, NULL, NULL)) == G_IO_STATUS_NORMAL) { line = parm->string->str; /* Strip line terminator. */ p = strchr (line, '\n'); if (p) { if (p > line && p[-1] == '\r') p[-1] = 0; else *p = 0; } /* We care only about status lines. */ if (parm->only_status_lines && !strncmp (line, "[GNUPG:] ", 9)) { line += 9; /* Call user callback. */ if (parm->cb && !parm->cb (parm->cb_arg, line)) { /* User requested EOF. */ goto cleanup; } /* Return direct so that we do not run into the G_IO_HUP check. This is required to read all buffered input. */ return TRUE; /* Keep on watching this channel. */ } else if (!parm->only_status_lines) { /* Call user callback. */ if (parm->cb && !parm->cb (parm->cb_arg, line)) { /* User requested EOF. */ goto cleanup; } return TRUE; /* Keep on watching this channel. */ } } if (status != G_IO_STATUS_NORMAL && status != G_IO_STATUS_AGAIN ) { /* Error or EOF. */ goto cleanup; } } if ((condition & G_IO_HUP)) { goto cleanup; } return TRUE; /* Keep on watching this channel. */ cleanup: if (parm->cb) parm->cb (parm->cb_arg, NULL); /* Tell user about EOF. */ g_string_free (parm->string, TRUE); xfree (parm); g_io_channel_unref (channel); /* Close channel. */ return FALSE; /* Remove us from the watch list. */ } /* Run gpg asynchronously with the given arguments and return a gpg error code on error. The list of arguments are all of type (const char*) and end with a NULL argument (FIRST_ARG may already be NULL, but that does not make any sense). STDIN and STDOUT are connected to /dev/null. No more than 20 arguments may be given. Because the protocol GPGME_PROTOCOL_ASSUAN makes no sense here, it is used to call gpg-connect-agent. If the function returns success the provided callback CB is called for each line received on stdout (respective stderr if USE_STADERR is true). EOF is send to this callback by passing a LINE as NULL. The callback may use this for cleanup. If the callback returns FALSE, an EOF is forced so that the callback is called once more with LINE set to NULL. This function is used to run gpgsm --learn-card gpg-connect-agent NOP /bye The problem is that under Windows g_spawn does not allow to specify flags for the underlying CreateProcess. Thus it is not possible to create a detached process (i.e. without a console); the result is that a console window pops up. I can see two solutions: (1) Use a wrapper process to start them detached, or (2) move the required function into GPGME and use that new API. */ gpg_error_t gpa_start_simple_gpg_command (gboolean (*cb)(void *opaque, char *line), void *cb_arg, gpgme_protocol_t protocol, int use_stderr, const char *first_arg, ...) { char *argv[24]; int argc; int fd_stdio; GIOChannel *channel; struct gpg_simple_stdio_parm_s *parm = NULL; char *freeme = NULL; if (protocol == GPGME_PROTOCOL_OpenPGP) argv[0] = (char*)get_gpg_path (); else if (protocol == GPGME_PROTOCOL_CMS) argv[0] = (char*)get_gpgsm_path (); else if (protocol == GPGME_PROTOCOL_GPGCONF) argv[0] = (char*)get_gpgconf_path (); else if (protocol == GPGME_PROTOCOL_ASSUAN) argv[0] = freeme = get_gpg_connect_agent_path (); else argv[0] = NULL; if (!argv[0]) { gpa_window_error (_("A required engine component is not installed."), NULL); return gpg_error (GPG_ERR_INV_ARG); } argc = 1; if (protocol != GPGME_PROTOCOL_GPGCONF && protocol != GPGME_PROTOCOL_ASSUAN) { argv[argc++] = (char*)"--status-fd"; argv[argc++] = (char*)"2"; } argv[argc++] = (char*)first_arg; if (first_arg) { va_list arg_ptr; const char *s; va_start (arg_ptr, first_arg); while (argc < DIM (argv)-1 && (s=va_arg (arg_ptr, const char *))) argv[argc++] = (char*)s; va_end (arg_ptr); argv[argc] = NULL; g_return_val_if_fail (argc < DIM (argv), gpg_error (GPG_ERR_INV_ARG)); } parm = g_try_malloc (sizeof *parm); if (!parm) return gpg_error_from_syserror (); parm->cb = cb; parm->cb_arg = cb_arg; parm->string = g_string_sized_new (200); parm->only_status_lines = use_stderr; if (!g_spawn_async_with_pipes (NULL, argv, NULL, (use_stderr ? G_SPAWN_STDOUT_TO_DEV_NULL : G_SPAWN_STDERR_TO_DEV_NULL), NULL, NULL, NULL, NULL, use_stderr? NULL : &fd_stdio, use_stderr? &fd_stdio : NULL, NULL)) { gpa_window_error (_("Calling the crypto engine program failed."), NULL); xfree (parm); g_free (freeme); return gpg_error (GPG_ERR_GENERAL); } g_free (freeme); #ifdef G_OS_WIN32 channel = g_io_channel_win32_new_fd (fd_stdio); #else channel = g_io_channel_unix_new (fd_stdio); #endif g_io_channel_set_encoding (channel, NULL, NULL); /* Note that we need a buffered channel, so that we can use the read line function. */ g_io_channel_set_close_on_unref (channel, TRUE); /* Create a watch for the channel. */ if (!g_io_add_watch (channel, (G_IO_IN|G_IO_HUP), gpg_simple_stdio_cb, parm)) { g_debug ("error creating watch for gpg command"); g_io_channel_unref (channel); xfree (parm); return gpg_error (GPG_ERR_GENERAL); } return 0; } /* Try to start the gpg-agent if it has not yet been started. Starting the agent works in the background. Thus if the function returns, it is not sure that the agent is now running. */ void gpa_start_agent (void) { gpg_error_t err; gpgme_ctx_t ctx; char *pgm; const char *argv[3]; pgm = get_gpg_connect_agent_path (); if (!pgm) { g_message ("tool to start the agent is not available"); return; } ctx = gpa_gpgme_new (); gpgme_set_protocol (ctx, GPGME_PROTOCOL_SPAWN); argv[0] = ""; /* Auto-insert the basename. */ argv[1] = "NOP"; argv[2] = NULL; err = gpgme_op_spawn (ctx, pgm, argv, NULL, NULL, NULL, GPGME_SPAWN_DETACHED); if (err) g_message ("error running '%s': %s", pgm, gpg_strerror (err)); g_free (pgm); gpgme_release (ctx); } /* Fucntions matching the user id verification isn gpg's key generation. */ const char * gpa_validate_gpg_name (const char *name) { const char *result = NULL; if (!name || !*name) result = _("You must enter a name."); else if (strpbrk (name, "<>")) result = _("Invalid character in name."); else if (g_ascii_isdigit (*name)) result = _("Name may not start with a digit."); else if (g_utf8_strlen (name, -1) < 5) result = _("Name is too short."); return result; } /* Check whether the string has characters not valid in an RFC-822 address. To cope with OpenPGP we allow non-ascii characters so that for example umlauts are legal in an email address. An OpenPGP user ID must be utf-8 encoded but there is no strict requirement for RFC-822. Thus to avoid IDNA encoding we put the address verbatim as utf-8 into the user ID under the assumption that mail programs handle IDNA at a lower level and take OpenPGP user IDs as utf-8. */ static int has_invalid_email_chars (const char *s) { int at_seen = 0; const char *valid_chars= "01234567890_-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; for ( ; *s; s++ ) { if ((*s & 0x80)) continue; /* We only care about ASCII. */ if (*s == '@') at_seen=1; else if (!at_seen && !( !!strchr( valid_chars, *s ) || *s == '+' )) return 1; else if (at_seen && !strchr (valid_chars, *s)) return 1; } return 0; } static int string_count_chr (const char *string, int c) { int count; for (count=0; *string; string++ ) if ( *string == c ) count++; return count; } /* Check whether NAME represents a valid mailbox according to RFC822 except for non-ascii utf-8 characters. Returns true if so. */ static int is_valid_mailbox (const char *name) { return !( !name || !*name || has_invalid_email_chars (name) || string_count_chr (name,'@') != 1 || *name == '@' || name[strlen(name)-1] == '@' || name[strlen(name)-1] == '.' || strstr (name, "..") ); } const char * gpa_validate_gpg_email (const char *email) { const char *result = NULL; if (!email || !*email) ; else if (!is_valid_mailbox (email)) result = _("Email address is not valid."); return result; } const char * gpa_validate_gpg_comment (const char *comment) { const char *result = NULL; if (!comment || !*comment) ; else if (strpbrk (comment, "()")) result = _("Invalid character in comments."); return result; } diff --git a/src/gpgmetools.h b/src/gpgmetools.h index 1320f88..1cfeb3a 100644 --- a/src/gpgmetools.h +++ b/src/gpgmetools.h @@ -1,254 +1,264 @@ /* gpgmetools.h - additional gpgme support functions for GPA. Copyright (C) 2002, Miguel Coca. Copyright (C) 2005, 2008 g10 Code GmbH. + Copyright (C) 2015 g10 Code GmbH. This file is part of GPA GPA is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. GPA is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, see . */ /* A set of auxiliary functions for common tasks related to GPGME. */ #ifndef GPGMETOOLS_H #define GPGMETOOLS_H #include #include /* Internal algorithm identifiers, describing which keys to create. */ typedef enum { GPA_KEYGEN_ALGO_RSA_RSA, GPA_KEYGEN_ALGO_RSA_ELGAMAL, GPA_KEYGEN_ALGO_RSA, GPA_KEYGEN_ALGO_DSA_ELGAMAL, GPA_KEYGEN_ALGO_DSA, GPA_KEYGEN_ALGO_VIA_CARD } gpa_keygen_algo_t; typedef struct { /* User ID. */ gchar *name; gchar *email; gchar *comment; /* Algorithm. */ gpa_keygen_algo_t algo; /* Key size. */ gint keysize; /* The password to use. */ gchar *password; /* Epiration date. It is only used if it is valid. */ GDate expire; /* True if the encryption key is created with an backup file. */ gboolean backup; /* Used to return an error description. */ char *r_error_desc; } gpa_keygen_para_t; /* An object to collect information about key imports. */ struct gpa_import_result_s { unsigned int files; /* # of files imported. */ unsigned int bad_files; /* # of files with errors. */ /* To avoid breaking translated strings the variables below are int and not unsigned int as they should be for counters. */ int considered; int imported; int unchanged; int secret_read; int secret_imported; int secret_unchanged; }; typedef struct gpa_import_result_s *gpa_import_result_t; /* Report an unexpected error in GPGME and quit the application. Better to use the macro instead of the function. */ #define gpa_gpgme_error(err) \ do { _gpa_gpgme_error (err, __FILE__, __LINE__); } while (0) void _gpa_gpgme_error (gpg_error_t err, const char *file, int line) G_GNUC_NORETURN; /* The same as gpa_gpgme_error, without quitting. */ #define gpa_gpgme_warning_ext(err,desc) \ do { _gpa_gpgme_warning (err, desc, __FILE__, __LINE__); } while (0) #define gpa_gpgme_warning(err) \ do { _gpa_gpgme_warning (err, NULL, __FILE__, __LINE__); } while (0) void _gpa_gpgme_warning (gpg_error_t err, const char *desc, const char *file, int line); /* Initialize a gpgme_ctx_t for use with GPA. */ gpgme_ctx_t gpa_gpgme_new (void); /* Write the contents of the gpgme_data_t object to the file. Receives a filehandle instead of the filename, so that the caller can make sure the file is accesible before putting anything into data. */ void dump_data_to_file (gpgme_data_t data, FILE *file); /* Not really a gpgme function, but needed in most places dump_data_to_file is used. Opens a file for writing, asking the user to overwrite if it exists and reporting any errors. Returns NULL on failure, but you can assume the user has been informed of - the error (or maybe he just didn't want to overwrite!). */ -FILE *gpa_fopen (const char *filename, GtkWidget *parent); + the error (or maybe he just didn't want to overwrite!). The + filename of the file that is actually open (if FILENAME already + exists, then the user can choose a different file) is saved in + *FILENAME_USED. It must be xfreed. This is set even if this + function returns NULL! */ +FILE *gpa_fopen (const char *filename, GtkWidget *parent, + char **filename_used); /* Do a gpgme_data_new_from_file and report any GPG_ERR_File_Error to the user. */ gpg_error_t gpa_gpgme_data_new_from_file (gpgme_data_t *data, const char *filename, GtkWidget *parent); /* Create a new gpgme_data_t from a file for writing, and return the file descriptor for the file. Always reports all errors to the - user. The _direct variant does not check for overwriting. */ + user. The _direct variant does not check for overwriting. The + filename of the file that is actually open (if FILENAME already + exists, then the user can choose a different file) is saved in + *FILENAME_USED. It must be xfreed. This is set even if this + function returns NULL! */ int gpa_open_output_direct (const char *filename, gpgme_data_t *data, GtkWidget *parent); int gpa_open_output (const char *filename, gpgme_data_t *data, - GtkWidget *parent); + GtkWidget *parent, char **filename_used); /* Create a new gpgme_data_t from a file for reading, and return the file descriptor for the file. Always reports all errors to the user. */ int gpa_open_input (const char *filename, gpgme_data_t *data, GtkWidget *parent); /* Write the contents of the gpgme_data_t into the clipboard. */ int dump_data_to_clipboard (gpgme_data_t data, GtkClipboard *clipboard); /* Begin generation of a key with the given parameters. It prepares the parameters required by Gpgme and returns whatever gpgme_op_genkey_start returns. */ gpg_error_t gpa_generate_key_start (gpgme_ctx_t ctx, gpa_keygen_para_t *params); /* Backup a key. It exports both the public and secret keys to a file. IS_X509 tells the function that the fingerprint is from an X.509 key. Returns TRUE on success and FALSE on error. It displays errors to the user. */ gboolean gpa_backup_key (const gchar *fpr, const char *filename, int is_x509); gpa_keygen_para_t *gpa_keygen_para_new (void); void gpa_keygen_para_free (gpa_keygen_para_t *params); /* Ownertrust strings. */ const gchar *gpa_key_ownertrust_string (gpgme_key_t key); /* Key validity strings. */ const gchar *gpa_key_validity_string (gpgme_key_t key); /* Function to manage import results. */ void gpa_gpgme_update_import_results (gpa_import_result_t result, unsigned int files, unsigned int bad_files, gpgme_import_result_t info); void gpa_gpgme_show_import_results (GtkWidget *parent, gpa_import_result_t result); /* This is the function called by GPGME when it wants a passphrase. */ gpg_error_t gpa_passphrase_cb (void *hook, const char *uid_hint, const char *passphrase_info, int prev_was_bad, int fd); /* Convenience functions to access key attributes, which need to be filtered before being displayed to the user. */ /* Return the user ID string, making sure it is properly UTF-8 encoded. Allocates a new string, which must be freed with g_free(). */ gchar *gpa_gpgme_key_get_userid (gpgme_user_id_t key); /* Return the key fingerprint, properly formatted according to the key version. Allocates a new string, which must be freed with g_free(). This is based on code from GPAPA's extract_fingerprint. */ gchar *gpa_gpgme_key_format_fingerprint (const char *fpraw); /* Return the short key ID of the indicated key. The returned string is valid as long as the key is valid. */ const gchar *gpa_gpgme_key_get_short_keyid (gpgme_key_t key); /* Convenience function to access key signature attibutes, much like the previous ones. */ /* Return the user ID, making sure it is properly UTF-8 encoded. Allocates a new string, which must be freed with g_free(). */ gchar *gpa_gpgme_key_sig_get_userid (gpgme_key_sig_t sig); /* Return the short key ID of the indicated key. The returned string is valid as long as the key is valid. */ const gchar *gpa_gpgme_key_sig_get_short_keyid (gpgme_key_sig_t sig); /* Return a string with the status of the key signature. */ const gchar *gpa_gpgme_key_sig_get_sig_status (gpgme_key_sig_t sig, GHashTable *revoked); /* Return a string with the level of the key signature. */ const gchar *gpa_gpgme_key_sig_get_level (gpgme_key_sig_t sig); /* Return a human readable string with the status of the signature SIG. */ char *gpa_gpgme_get_signature_desc (gpgme_ctx_t ctx, gpgme_signature_t sig, char **r_keydesc, gpgme_key_t *r_key); /* Return a string listing the capabilities of a key. */ const gchar *gpa_get_key_capabilities_text (gpgme_key_t key); /* Return a copy of the key array. */ gpgme_key_t *gpa_gpgme_copy_keyarray (gpgme_key_t *keys); /* Release all keys in the array KEYS as weel as ARRY itself. */ void gpa_gpgme_release_keyarray (gpgme_key_t *keys); /* Try switching to the gpg2 backend. */ void gpa_switch_to_gpg2 (const char *gpg_binary, const char *gpgsm_binary); /* Return true if the gpg engine has at least version NEED_VERSION. */ int is_gpg_version_at_least (const char *need_version); /* Run a simple gpg command. */ gpg_error_t gpa_start_simple_gpg_command (gboolean (*cb) (void *opaque, char *line), void *cb_arg, gpgme_protocol_t protocol, int use_stderr, const char *first_arg, ... ) G_GNUC_NULL_TERMINATED; void gpa_start_agent (void); /* Funtions to check user inputs in the same way gpg does. */ const char *gpa_validate_gpg_name (const char *name); const char *gpa_validate_gpg_email (const char *email); const char *gpa_validate_gpg_comment (const char *comment); #endif /*GPGMETOOLS_H*/