Class: Redwood::CryptoManager

Inherits:
Object
  • Object
show all
Includes:
Singleton
Defined in:
lib/sup/crypto.rb

Defined Under Namespace

Classes: Error

Constant Summary collapse

OUTGOING_MESSAGE_OPERATIONS = 
OrderedHash.new(
  [:sign, "Sign"],
  [:sign_and_encrypt, "Sign and encrypt"],
  [:encrypt, "Encrypt only"]
)

Instance Method Summary collapse

Methods included from Singleton

included

Constructor Details

#initializeCryptoManager

Returns a new instance of CryptoManager.



58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
 
# File 'lib/sup/crypto.rb', line 58

def initialize
  @mutex = Mutex.new

  @not_working_reason = nil

  # test if the gpgme gem is available
  @gpgme_present =
    begin
      begin
        GPGME.check_version({:protocol => GPGME::PROTOCOL_OpenPGP})
        true
      rescue GPGME::Error
        false
      end
    rescue NameError
      false
    end

  unless @gpgme_present
    @not_working_reason = ['gpgme gem not present', 
      'Install the gpgme gem in order to use signed and encrypted emails']
    return
  end

  # if gpg2 is available, it will start gpg-agent if required
  if (bin = `which gpg2`.chomp) =~ /\S/
    GPGME.set_engine_info GPGME::PROTOCOL_OpenPGP, bin, nil
  else
    # check if the gpg-options hook uses the passphrase_callback
    # if it doesn't then check if gpg agent is present
    gpg_opts = HookManager.run("gpg-options", 
                             {:operation => "sign", :options => {}}) || {}
    if gpg_opts[:passphrase_callback].nil?
      if ENV['GPG_AGENT_INFO'].nil?
        @not_working_reason = ["Environment variable 'GPG_AGENT_INFO' not set, is gpg-agent running?",
                           "If gpg-agent is running, try $ export `cat ~/.gpg-agent-info`"]
        return
      end

      gpg_agent_socket_file = ENV['GPG_AGENT_INFO'].split(':')[0]
      unless File.exist?(gpg_agent_socket_file)
        @not_working_reason = ["gpg-agent socket file #{gpg_agent_socket_file} does not exist"]
        return
      end

      s = File.stat(gpg_agent_socket_file)
      unless s.socket?
        @not_working_reason = ["gpg-agent socket file #{gpg_agent_socket_file} is not a socket"]
        return
      end
    end
  end
end

Instance Method Details

#decrypt(payload, armor = false) ⇒ Object

returns decrypted_message, status, desc, lines



257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
 
# File 'lib/sup/crypto.rb', line 257

def decrypt payload, armor=false # a RubyMail::Message object
  return unknown_status(@not_working_reason) unless @not_working_reason.nil?

  gpg_opts = {:protocol => GPGME::PROTOCOL_OpenPGP}
  gpg_opts = HookManager.run("gpg-options",
                             {:operation => "decrypt", :options => gpg_opts}) || gpg_opts
  ctx = GPGME::Ctx.new(gpg_opts)
  cipher_data = GPGME::Data.from_str(format_payload(payload))
  plain_data = GPGME::Data.empty
  begin
    ctx.decrypt_verify(cipher_data, plain_data)
  rescue GPGME::Error => exc
    return Chunk::CryptoNotice.new(:invalid, "This message could not be decrypted", gpgme_exc_msg(exc.message))
  end
  begin
    sig = self.verified_ok? ctx.verify_result
  rescue ArgumentError => exc
    sig = unknown_status [gpgme_exc_msg(exc.message)]
  end
  plain_data.seek(0, IO::SEEK_SET)
  output = plain_data.read
  output.force_encoding Encoding::ASCII_8BIT if output.respond_to? :force_encoding

  ## TODO: test to see if it is still necessary to do a 2nd run if verify
  ## fails.
  #
  ## check for a valid signature in an extra run because gpg aborts if the
  ## signature cannot be verified (but it is still able to decrypt)
  #sigoutput = run_gpg "#{payload_fn.path}"
  #sig = self.old_verified_ok? sigoutput, $?

  if armor
    msg = RMail::Message.new
    # Look for Charset, they are put before the base64 crypted part
    charsets = payload.body.split("\n").grep(/^Charset:/)
    if !charsets.empty? and charsets[0] =~ /^Charset: (.+)$/
      output = Iconv.easy_decode($encoding, $1, output)
    end
    msg.body = output
  else
    # It appears that some clients use Windows new lines - CRLF - but RMail
    # splits the body and header on "\n\n". So to allow the parse below to
    # succeed, we will convert the newlines to what RMail expects
    output = output.gsub(/\r\n/, "\n")
    # This is gross. This decrypted payload could very well be a multipart
    # element itself, as opposed to a simple payload. For example, a
    # multipart/signed element, like those generated by Mutt when encrypting
    # and signing a message (instead of just clearsigning the body).
    # Supposedly, decrypted_payload being a multipart element ought to work
    # out nicely because Message::multipart_encrypted_to_chunks() runs the
    # decrypted message through message_to_chunks() again to get any
    # children. However, it does not work as intended because these inner
    # payloads need not carry a MIME-Version header, yet they are fed to
    # RMail as a top-level message, for which the MIME-Version header is
    # required. This causes for the part not to be detected as multipart,
    # hence being shown as an attachment. If we detect this is happening,
    # we force the decrypted payload to be interpreted as MIME.
    msg = RMail::Parser.read output
    if msg.header.content_type =~ %r{^multipart/} && !msg.multipart?
      output = "MIME-Version: 1.0\n" + output
      output.force_encoding Encoding::ASCII_8BIT if output.respond_to? :force_encoding
      msg = RMail::Parser.read output
    end
  end
  notice = Chunk::CryptoNotice.new :valid, "This message has been decrypted for display"
  [notice, sig, msg]
end

#encrypt(from, to, payload, sign = false) ⇒ Object 



143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
 
# File 'lib/sup/crypto.rb', line 143

def encrypt from, to, payload, sign=false
  return unknown_status(@not_working_reason) unless @not_working_reason.nil?

  gpg_opts = {:protocol => GPGME::PROTOCOL_OpenPGP, :armor => true, :textmode => true}
  if sign
    gpg_opts.merge!(gen_sign_user_opts(from)) 
    gpg_opts.merge!({:sign => true})
  end
  gpg_opts = HookManager.run("gpg-options",
                             {:operation => "encrypt", :options => gpg_opts}) || gpg_opts
  recipients = to + [from]
  recipients = HookManager.run("gpg-expand-keys", { :recipients => recipients }) || recipients
  begin
    cipher = GPGME.encrypt(recipients, format_payload(payload), gpg_opts)
  rescue GPGME::Error => exc
    raise Error, gpgme_exc_msg(exc.message)
  end

  # if the key (or gpg-agent) is not available GPGME does not complain 
  # but just returns a zero length string. Let's catch that
  if cipher.length == 0
    raise Error, gpgme_exc_msg("GPG failed to generate cipher text: check that gpg-agent is running and your key is available.")
  end

  encrypted_payload = RMail::Message.new
  encrypted_payload.header["Content-Type"] = "application/octet-stream"
  encrypted_payload.header["Content-Disposition"] = 'inline; filename="msg.asc"'
  encrypted_payload.body = cipher

  control = RMail::Message.new
  control.header["Content-Type"] = "application/pgp-encrypted"
  control.header["Content-Disposition"] = "attachment"
  control.body = "Version: 1\n"

  envelope = RMail::Message.new
  envelope.header["Content-Type"] = 'multipart/encrypted; protocol=application/pgp-encrypted'

  envelope.add_part control
  envelope.add_part encrypted_payload
  envelope
end

#have_crypto?Boolean

Returns:

  • (Boolean) 


112
 
# File 'lib/sup/crypto.rb', line 112

def have_crypto?; @not_working_reason.nil? end

#sign(from, to, payload) ⇒ Object 



114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
 
# File 'lib/sup/crypto.rb', line 114

def sign from, to, payload
  return unknown_status(@not_working_reason) unless @not_working_reason.nil?

  gpg_opts = {:protocol => GPGME::PROTOCOL_OpenPGP, :armor => true, :textmode => true}
  gpg_opts.merge!(gen_sign_user_opts(from))
  gpg_opts = HookManager.run("gpg-options", 
                             {:operation => "sign", :options => gpg_opts}) || gpg_opts

  begin
    sig = GPGME.detach_sign(format_payload(payload), gpg_opts)
  rescue GPGME::Error => exc
    raise Error, gpgme_exc_msg(exc.message)
  end

  # if the key (or gpg-agent) is not available GPGME does not complain 
  # but just returns a zero length string. Let's catch that
  if sig.length == 0
    raise Error, gpgme_exc_msg("GPG failed to generate signature: check that gpg-agent is running and your key is available.")
  end

  envelope = RMail::Message.new
  envelope.header["Content-Type"] = 'multipart/signed; protocol=application/pgp-signature'

  envelope.add_part payload
  signature = RMail::Message.make_attachment sig, "application/pgp-signature", nil, "signature.asc"
  envelope.add_part signature
  envelope
end

#sign_and_encrypt(from, to, payload) ⇒ Object 



185
186
187
 
# File 'lib/sup/crypto.rb', line 185

def sign_and_encrypt from, to, payload
  encrypt from, to, payload, true
end

#verified_ok?(verify_result) ⇒ Boolean

Returns:

  • (Boolean) 


189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
 
# File 'lib/sup/crypto.rb', line 189

def verified_ok? verify_result
  valid = true
  unknown = false
  all_output_lines = []
  all_trusted = true

  verify_result.signatures.each do |signature|
    output_lines, trusted = sig_output_lines signature
    all_output_lines << output_lines
    all_output_lines.flatten!
    all_trusted &&= trusted

    err_code = GPGME::gpgme_err_code(signature.status)
    if err_code == GPGME::GPG_ERR_BAD_SIGNATURE
      valid = false
    elsif err_code != GPGME::GPG_ERR_NO_ERROR
      valid = false
      unknown = true
    end
  end

  if valid || !unknown
    summary_line = simplify_sig_line(verify_result.signatures[0].to_s, all_trusted)
  end

  if all_output_lines.length == 0
    Chunk::CryptoNotice.new :valid, "Encrypted message wasn't signed", all_output_lines
  elsif valid
    if all_trusted
      Chunk::CryptoNotice.new(:valid, summary_line, all_output_lines)
    else
      Chunk::CryptoNotice.new(:valid_untrusted, summary_line, all_output_lines)
    end
  elsif !unknown
    Chunk::CryptoNotice.new(:invalid, summary_line, all_output_lines)
  else
    unknown_status all_output_lines
  end
end

#verify(payload, signature, detached = true) ⇒ Object

both RubyMail::Message objects



229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
 
# File 'lib/sup/crypto.rb', line 229

def verify payload, signature, detached=true # both RubyMail::Message objects
  return unknown_status(@not_working_reason) unless @not_working_reason.nil?

  gpg_opts = {:protocol => GPGME::PROTOCOL_OpenPGP}
  gpg_opts = HookManager.run("gpg-options",
                             {:operation => "verify", :options => gpg_opts}) || gpg_opts
  ctx = GPGME::Ctx.new(gpg_opts)
  sig_data = GPGME::Data.from_str signature.decode
  if detached
    signed_text_data = GPGME::Data.from_str(format_payload(payload))
    plain_data = nil
  else
    signed_text_data = nil
    plain_data = GPGME::Data.empty
  end
  begin
    ctx.verify(sig_data, signed_text_data, plain_data)
  rescue GPGME::Error => exc
    return unknown_status [gpgme_exc_msg(exc.message)]
  end
  begin
    self.verified_ok? ctx.verify_result
  rescue ArgumentError => exc
    return unknown_status [gpgme_exc_msg(exc.message)]
  end
end