stowing changes ENGINE-74
authorKrista Grothoff <krista@pep-project.org>
Tue, 15 Nov 2016 18:16:58 +0100
branchENGINE-74
changeset 13970a64816a6e37
parent 1396 26ae3f0cea22
child 1398 b1c1c1db2754
stowing changes
src/bloblist.c
src/cryptotech.h
src/message_api.c
src/pEpEngine.c
src/pEpEngine.h
src/pgp_gpg.c
src/pgp_gpg.h
test/pEpEngineTest.cc
     1.1 --- a/src/bloblist.c	Mon Nov 14 13:32:35 2016 +0100
     1.2 +++ b/src/bloblist.c	Tue Nov 15 18:16:58 2016 +0100
     1.3 @@ -176,4 +176,6 @@
     1.4      free(bloblist_head->mime_type);
     1.5      free(bloblist_head->filename);
     1.6      free(bloblist_head);
     1.7 +    
     1.8 +    return next;
     1.9  }
     2.1 --- a/src/cryptotech.h	Mon Nov 14 13:32:35 2016 +0100
     2.2 +++ b/src/cryptotech.h	Tue Nov 15 18:16:58 2016 +0100
     2.3 @@ -1,6 +1,7 @@
     2.4  #pragma once
     2.5  
     2.6  #include "pEpEngine.h"
     2.7 +#include "bloblist.h"
     2.8  
     2.9  typedef enum _PEP_cryptotech {
    2.10      PEP_crypt_none = 0,
    2.11 @@ -14,6 +15,7 @@
    2.12  
    2.13  typedef PEP_STATUS (*decrypt_and_verify_t)(
    2.14          PEP_SESSION session, const char *ctext, size_t csize,
    2.15 +        const char *dsigtext, size_t dsigsize,
    2.16          char **ptext, size_t *psize, stringlist_t **keylist
    2.17      );
    2.18  
     3.1 --- a/src/message_api.c	Mon Nov 14 13:32:35 2016 +0100
     3.2 +++ b/src/message_api.c	Tue Nov 15 18:16:58 2016 +0100
     3.3 @@ -1357,6 +1357,24 @@
     3.4      return PEP_ILLEGAL_VALUE;
     3.5  }
     3.6  
     3.7 +
     3.8 +PEP_STATUS _get_detached_signature(message* msg, bloblist_t** signature_blob) {
     3.9 +    bloblist_t* attach_curr = msg->attachments;
    3.10 +    
    3.11 +    while (attach_curr) {
    3.12 +        if (strcasecmp(attach_curr->mime_type, "application/pgp-signature")) {
    3.13 +            // TODO: deal with filenames. Is that sending-client-specific?
    3.14 +            // In any event, presume the first one signs the plaintext. Hopefully
    3.15 +            // that's sufficient?
    3.16 +            *signature_blob = attach_curr;
    3.17 +            break;
    3.18 +        }
    3.19 +        attach_curr = attach_curr->next;
    3.20 +    }
    3.21 +    
    3.22 +    return PEP_STATUS_OK;
    3.23 +}
    3.24 +
    3.25  DYNAMIC_API PEP_STATUS _decrypt_message(
    3.26          PEP_SESSION session,
    3.27          message *src,
    3.28 @@ -1397,9 +1415,11 @@
    3.29      if(status != PEP_STATUS_OK)
    3.30          return status;
    3.31  
    3.32 +    // IF longmsg and longmsg_formatted are empty, we MAY have an encrypted body
    3.33 +    // that's an attachment instead.
    3.34      // Check for encryption stuck in the first 2 attachments instead of the body
    3.35      // (This is currently based on AppleMail and a couple of other things
    3.36 -    //  which are broken for us - we may find a more general case to deal with)
    3.37 +    //  which were broken for us - we may find a more general case to deal with)
    3.38      if (!src->longmsg && !src->longmsg_formatted) {
    3.39          bloblist_t* attached_head = src->attachments;
    3.40          if (attached_head && strcasecmp(attached_head->mime_type, "application/pgp-encrypted")) {
    3.41 @@ -1415,7 +1435,7 @@
    3.42                  
    3.43                  src->longmsg = newlongmsg;
    3.44                  
    3.45 -                // TODO: delete attachments here
    3.46 +                // delete attachments here
    3.47                  src->attachments = enc_att_txt->next;
    3.48                  consume_bloblist_head(attached_head);
    3.49                  consume_bloblist_head(attached_head);
    3.50 @@ -1423,6 +1443,16 @@
    3.51          }
    3.52      }
    3.53      
    3.54 +    // Get detached signature, if any
    3.55 +    bloblist_t* detached_sig = NULL;
    3.56 +    char* dsig_text = NULL;
    3.57 +    size_t dsig_size = 0;
    3.58 +    status = _get_detached_signature(src, &detached_sig);
    3.59 +    if (detached_sig) {
    3.60 +        dsig_text = detached_sig->value;
    3.61 +        dsig_size = detached_sig->size;
    3.62 +    }
    3.63 +    
    3.64      PEP_cryptotech crypto = determine_encryption_format(src);
    3.65  
    3.66      *dst = NULL;
    3.67 @@ -1464,7 +1494,8 @@
    3.68              NOT_IMPLEMENTED
    3.69      }
    3.70      status = cryptotech[crypto].decrypt_and_verify(session, ctext,
    3.71 -                                                   csize, &ptext, &psize, &_keylist);
    3.72 +                                                   csize, dsig_text, dsig_size, 
    3.73 +                                                   &ptext, &psize, &_keylist);
    3.74      if (status > PEP_CANNOT_DECRYPT_UNKNOWN){
    3.75          goto pep_error;
    3.76      }
    3.77 @@ -1519,8 +1550,10 @@
    3.78                          free(ptext);
    3.79                          ptext = NULL;
    3.80  
    3.81 +                        // FIXME: What about attachments with separate sigs???
    3.82                          status = decrypt_and_verify(session, attctext, attcsize,
    3.83 -                                &ptext, &psize, &_keylist);
    3.84 +                                                    NULL, 0,
    3.85 +                                                    &ptext, &psize, &_keylist);
    3.86                          free_stringlist(_keylist);
    3.87  
    3.88                          if (ptext) {
    3.89 @@ -1650,7 +1683,7 @@
    3.90              _keylist = NULL;
    3.91  
    3.92              status = cryptotech[crypto].decrypt_and_verify(session, ctext,
    3.93 -                csize, &re_ptext, &re_psize, &_keylist);
    3.94 +                csize, dsig_text, dsig_size, &re_ptext, &re_psize, &_keylist);
    3.95              
    3.96              free(re_ptext);
    3.97              
     4.1 --- a/src/pEpEngine.c	Mon Nov 14 13:32:35 2016 +0100
     4.2 +++ b/src/pEpEngine.c	Tue Nov 15 18:16:58 2016 +0100
     4.3 @@ -1378,6 +1378,7 @@
     4.4  
     4.5  DYNAMIC_API PEP_STATUS decrypt_and_verify(
     4.6      PEP_SESSION session, const char *ctext, size_t csize,
     4.7 +    const char *dsigtext, size_t dsigsize,
     4.8      char **ptext, size_t *psize, stringlist_t **keylist
     4.9      )
    4.10  {
    4.11 @@ -1392,7 +1393,7 @@
    4.12          return PEP_ILLEGAL_VALUE;
    4.13  
    4.14      return session->cryptotech[PEP_crypt_OpenPGP].decrypt_and_verify(
    4.15 -            session, ctext, csize, ptext, psize, keylist);
    4.16 +            session, ctext, csize, dsigtext, dsigsize, ptext, psize, keylist);
    4.17  }
    4.18  
    4.19  DYNAMIC_API PEP_STATUS encrypt_and_sign(
     5.1 --- a/src/pEpEngine.h	Mon Nov 14 13:32:35 2016 +0100
     5.2 +++ b/src/pEpEngine.h	Tue Nov 15 18:16:58 2016 +0100
     5.3 @@ -185,6 +185,10 @@
     5.4  //        session (in)    session handle
     5.5  //        ctext (in)      cipher text to decrypt and/or verify
     5.6  //        csize (in)      size of cipher text
     5.7 +//        dsigtext (in)   if extant, *detached* signature text for this
     5.8 +//                        message (or NULL if not)
     5.9 +//        dsize (in)      size of *detached* signature text for this
    5.10 +//                        message (0, if no detached sig exists)
    5.11  //        ptext (out)     pointer to internal buffer with plain text
    5.12  //        psize (out)     size of plain text
    5.13  //        keylist (out)   list of key ids which where used to encrypt
    5.14 @@ -208,6 +212,7 @@
    5.15  
    5.16  DYNAMIC_API PEP_STATUS decrypt_and_verify(
    5.17          PEP_SESSION session, const char *ctext, size_t csize,
    5.18 +        const char *dsigtext, size_t dsigsize,
    5.19          char **ptext, size_t *psize, stringlist_t **keylist
    5.20      );
    5.21  
     6.1 --- a/src/pgp_gpg.c	Mon Nov 14 13:32:35 2016 +0100
     6.2 +++ b/src/pgp_gpg.c	Tue Nov 15 18:16:58 2016 +0100
     6.3 @@ -384,6 +384,7 @@
     6.4  
     6.5  PEP_STATUS pgp_decrypt_and_verify(
     6.6      PEP_SESSION session, const char *ctext, size_t csize,
     6.7 +    const char *dsigtext, size_t dsigsize,
     6.8      char **ptext, size_t *psize, stringlist_t **keylist
     6.9      )
    6.10  {
    6.11 @@ -464,11 +465,29 @@
    6.12                  reading = gpg.gpgme_data_read(plain, _buffer, length);
    6.13                  assert(length == reading);
    6.14  
    6.15 +//                 if (detached_sig) {  // Is this safe to do?
    6.16 +//                     gpgme_data_t sigdata;
    6.17 +//                     gpg.gpgme_data_new_from_mem(&sigdata, detached_sig->value,
    6.18 +//                                                 detached_sig->size, 0);
    6.19 +//                     gpgme_op_verify(session->ctx, sigdata, plain, NULL);
    6.20 +//                 }
    6.21 +                
    6.22                  gpgme_verify_result =
    6.23                      gpg.gpgme_op_verify_result(session->ctx);
    6.24                  assert(gpgme_verify_result);
    6.25                  gpgme_signature = gpgme_verify_result->signatures;
    6.26  
    6.27 +                if (!gpgme_signature && dsigtext) {
    6.28 +                    gpgme_data_t sigdata;
    6.29 +                    gpg.gpgme_data_new_from_mem(&sigdata, dsigtext,
    6.30 +                                                dsigsize, 0);
    6.31 +                    gpgme_op_verify(session->ctx, sigdata, plain, NULL);
    6.32 +                    gpgme_verify_result =
    6.33 +                        gpg.gpgme_op_verify_result(session->ctx);
    6.34 +                    assert(gpgme_verify_result);
    6.35 +                    gpgme_signature = gpgme_verify_result->signatures;
    6.36 +                }
    6.37 +                
    6.38                  if (gpgme_signature) {
    6.39                      stringlist_t *k;
    6.40                      _keylist = new_stringlist(NULL);
     7.1 --- a/src/pgp_gpg.h	Mon Nov 14 13:32:35 2016 +0100
     7.2 +++ b/src/pgp_gpg.h	Tue Nov 15 18:16:58 2016 +0100
     7.3 @@ -7,6 +7,7 @@
     7.4  
     7.5  PEP_STATUS pgp_decrypt_and_verify(
     7.6          PEP_SESSION session, const char *ctext, size_t csize,
     7.7 +        const char *dsigtext, size_t dsigsize,
     7.8          char **ptext, size_t *psize, stringlist_t **keylist
     7.9      );
    7.10  
     8.1 --- a/test/pEpEngineTest.cc	Mon Nov 14 13:32:35 2016 +0100
     8.2 +++ b/test/pEpEngineTest.cc	Tue Nov 15 18:16:58 2016 +0100
     8.3 @@ -120,7 +120,7 @@
     8.4      stringlist_t *keylist;
     8.5  
     8.6      cout << "calling decrypt_and_verify()\n";
     8.7 -    PEP_STATUS decrypt_result = decrypt_and_verify(session, cipher_buffer.data(), cipher_buffer.size(), &buf_text, &buf_size, &keylist);
     8.8 +    PEP_STATUS decrypt_result = decrypt_and_verify(session, cipher_buffer.data(), cipher_buffer.size(), NULL, 0, &buf_text, &buf_size, &keylist);
     8.9  
    8.10      cout << "returning from decrypt_and_verify() with result == 0x" << std::hex << decrypt_result << "\n";
    8.11      assert(decrypt_result == PEP_DECRYPTED_AND_VERIFIED);