Class: Redwood::CryptoManager

Inherits:
Object
  • Object
show all
Includes:
Singleton
Defined in:
lib/sup/crypto.rb

Defined Under Namespace

Classes: Error

Constant Summary collapse

OUTGOING_MESSAGE_OPERATIONS = 
OrderedHash.new(
  [:sign, "Sign"],
  [:sign_and_encrypt, "Sign and encrypt"],
  [:encrypt, "Encrypt only"]
)

Instance Method Summary collapse

Methods included from Singleton

included

Constructor Details

#initializeCryptoManager

Returns a new instance of CryptoManager.



56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
 
# File 'lib/sup/crypto.rb', line 56

def initialize
  @mutex = Mutex.new

  @not_working_reason = nil

  # test if the gpgme gem is available
  @gpgme_present =
    begin
      begin
        begin
          GPGME.check_version({:protocol => GPGME::PROTOCOL_OpenPGP})
        rescue TypeError
          GPGME.check_version(nil)
        end
        true
      rescue GPGME::Error
        false
      rescue ArgumentError
        # gpgme 2.0.0 raises this due to the hash->string conversion
        false
      end
    rescue NameError
      false
    end

  unless @gpgme_present
    @not_working_reason = ['gpgme gem not present',
      'Install the gpgme gem in order to use signed and encrypted emails']
    return
  end

  # if gpg2 is available, it will start gpg-agent if required
  if (bin = `which gpg2`.chomp) =~ /\S/
    if GPGME.respond_to?('set_engine_info')
      GPGME.set_engine_info GPGME::PROTOCOL_OpenPGP, bin, nil
    else
      GPGME.gpgme_set_engine_info GPGME::PROTOCOL_OpenPGP, bin, nil
    end
  else
    # check if the gpg-options hook uses the passphrase_callback
    # if it doesn't then check if gpg agent is present
    gpg_opts = HookManager.run("gpg-options",
                             {:operation => "sign", :options => {}}) || {}
    if gpg_opts[:passphrase_callback].nil?
      if ENV['GPG_AGENT_INFO'].nil?
        @not_working_reason = ["Environment variable 'GPG_AGENT_INFO' not set, is gpg-agent running?",
                           "If gpg-agent is running, try $ export `cat ~/.gpg-agent-info`"]
        return
      end

      gpg_agent_socket_file = ENV['GPG_AGENT_INFO'].split(':')[0]
      unless File.exist?(gpg_agent_socket_file)
        @not_working_reason = ["gpg-agent socket file #{gpg_agent_socket_file} does not exist"]
        return
      end

      s = File.stat(gpg_agent_socket_file)
      unless s.socket?
        @not_working_reason = ["gpg-agent socket file #{gpg_agent_socket_file} is not a socket"]
        return
      end
    end
  end
end

Instance Method Details

#decrypt(payload, armor = false) ⇒ Object

returns decrypted_message, status, desc, lines



282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
 
# File 'lib/sup/crypto.rb', line 282

def decrypt payload, armor=false # a RubyMail::Message object
  return unknown_status(@not_working_reason) unless @not_working_reason.nil?

  gpg_opts = {:protocol => GPGME::PROTOCOL_OpenPGP}
  gpg_opts = HookManager.run("gpg-options",
                             {:operation => "decrypt", :options => gpg_opts}) || gpg_opts
  ctx = GPGME::Ctx.new(gpg_opts)
  cipher_data = GPGME::Data.from_str(format_payload(payload))
  if GPGME::Data.respond_to?('empty')
    plain_data = GPGME::Data.empty
  else
    plain_data = GPGME::Data.empty!
  end
  begin
    ctx.decrypt_verify(cipher_data, plain_data)
  rescue GPGME::Error => exc
    return Chunk::CryptoNotice.new(:invalid, "This message could not be decrypted", gpgme_exc_msg(exc.message))
  end
  begin
    sig = self.verified_ok? ctx.verify_result
  rescue ArgumentError => exc
    sig = unknown_status [gpgme_exc_msg(exc.message)]
  end
  plain_data.seek(0, IO::SEEK_SET)
  output = plain_data.read
  output.transcode(Encoding::ASCII_8BIT, output.encoding)

  ## TODO: test to see if it is still necessary to do a 2nd run if verify
  ## fails.
  #
  ## check for a valid signature in an extra run because gpg aborts if the
  ## signature cannot be verified (but it is still able to decrypt)
  #sigoutput = run_gpg "#{payload_fn.path}"
  #sig = self.old_verified_ok? sigoutput, $?

  if armor
    msg = RMail::Message.new
    # Look for Charset, they are put before the base64 crypted part
    charsets = payload.body.split("\n").grep(/^Charset:/)
    if !charsets.empty? and charsets[0] =~ /^Charset: (.+)$/
      output.transcode($encoding, $1)
    end
    msg.body = output
  else
    # It appears that some clients use Windows new lines - CRLF - but RMail
    # splits the body and header on "\n\n". So to allow the parse below to
    # succeed, we will convert the newlines to what RMail expects
    output = output.gsub(/\r\n/, "\n")
    # This is gross. This decrypted payload could very well be a multipart
    # element itself, as opposed to a simple payload. For example, a
    # multipart/signed element, like those generated by Mutt when encrypting
    # and signing a message (instead of just clearsigning the body).
    # Supposedly, decrypted_payload being a multipart element ought to work
    # out nicely because Message::multipart_encrypted_to_chunks() runs the
    # decrypted message through message_to_chunks() again to get any
    # children. However, it does not work as intended because these inner
    # payloads need not carry a MIME-Version header, yet they are fed to
    # RMail as a top-level message, for which the MIME-Version header is
    # required. This causes for the part not to be detected as multipart,
    # hence being shown as an attachment. If we detect this is happening,
    # we force the decrypted payload to be interpreted as MIME.
    msg = RMail::Parser.read output
    if msg.header.content_type =~ %r{^multipart/} && !msg.multipart?
      output = "MIME-Version: 1.0\n" + output
      output.fix_encoding!
      msg = RMail::Parser.read output
    end
  end
  notice = Chunk::CryptoNotice.new :valid, "This message has been decrypted for display"
  [notice, sig, msg]
end

#encrypt(from, to, payload, sign = false) ⇒ Object 



158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
 
# File 'lib/sup/crypto.rb', line 158

def encrypt from, to, payload, sign=false
  return unknown_status(@not_working_reason) unless @not_working_reason.nil?

  gpg_opts = {:protocol => GPGME::PROTOCOL_OpenPGP, :armor => true, :textmode => true}
  if sign
    gpg_opts.merge!(gen_sign_user_opts(from))
    gpg_opts.merge!({:sign => true})
  end
  gpg_opts = HookManager.run("gpg-options",
                             {:operation => "encrypt", :options => gpg_opts}) || gpg_opts
  recipients = to + [from]
  recipients = HookManager.run("gpg-expand-keys", { :recipients => recipients }) || recipients
  begin
    if GPGME.respond_to?('encrypt')
      cipher = GPGME.encrypt(recipients, format_payload(payload), gpg_opts)
    else
      crypto = GPGME::Crypto.new
      gpg_opts[:recipients] = recipients
      cipher = crypto.encrypt(format_payload(payload), gpg_opts).read
    end
  rescue GPGME::Error => exc
    raise Error, gpgme_exc_msg(exc.message)
  end

  # if the key (or gpg-agent) is not available GPGME does not complain
  # but just returns a zero length string. Let's catch that
  if cipher.length == 0
    raise Error, gpgme_exc_msg("GPG failed to generate cipher text: check that gpg-agent is running and your key is available.")
  end

  encrypted_payload = RMail::Message.new
  encrypted_payload.header["Content-Type"] = "application/octet-stream"
  encrypted_payload.header["Content-Disposition"] = 'inline; filename="msg.asc"'
  encrypted_payload.body = cipher

  control = RMail::Message.new
  control.header["Content-Type"] = "application/pgp-encrypted"
  control.header["Content-Disposition"] = "attachment"
  control.body = "Version: 1\n"

  envelope = RMail::Message.new
  envelope.header["Content-Type"] = 'multipart/encrypted; protocol=application/pgp-encrypted'

  envelope.add_part control
  envelope.add_part encrypted_payload
  envelope
end

#have_crypto?Boolean

Returns:

  • (Boolean) 


121
 
# File 'lib/sup/crypto.rb', line 121

def have_crypto?; @not_working_reason.nil? end

#not_working_reasonObject 



122
 
# File 'lib/sup/crypto.rb', line 122

def not_working_reason; @not_working_reason end

#sign(from, to, payload) ⇒ Object 



124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
 
# File 'lib/sup/crypto.rb', line 124

def sign from, to, payload
  return unknown_status(@not_working_reason) unless @not_working_reason.nil?

  gpg_opts = {:protocol => GPGME::PROTOCOL_OpenPGP, :armor => true, :textmode => true}
  gpg_opts.merge!(gen_sign_user_opts(from))
  gpg_opts = HookManager.run("gpg-options",
                             {:operation => "sign", :options => gpg_opts}) || gpg_opts
  begin
    if GPGME.respond_to?('detach_sign')
      sig = GPGME.detach_sign(format_payload(payload), gpg_opts)
    else
      crypto = GPGME::Crypto.new
      gpg_opts[:mode] = GPGME::SIG_MODE_DETACH
      sig = crypto.sign(format_payload(payload), gpg_opts).read
    end
  rescue GPGME::Error => exc
    raise Error, gpgme_exc_msg(exc.message)
  end

  # if the key (or gpg-agent) is not available GPGME does not complain
  # but just returns a zero length string. Let's catch that
  if sig.length == 0
    raise Error, gpgme_exc_msg("GPG failed to generate signature: check that gpg-agent is running and your key is available.")
  end

  envelope = RMail::Message.new
  envelope.header["Content-Type"] = 'multipart/signed; protocol=application/pgp-signature'

  envelope.add_part payload
  signature = RMail::Message.make_attachment sig, "application/pgp-signature", nil, "signature.asc"
  envelope.add_part signature
  envelope
end

#sign_and_encrypt(from, to, payload) ⇒ Object 



206
207
208
 
# File 'lib/sup/crypto.rb', line 206

def sign_and_encrypt from, to, payload
  encrypt from, to, payload, true
end

#verified_ok?(verify_result) ⇒ Boolean

Returns:

  • (Boolean) 


210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
 
# File 'lib/sup/crypto.rb', line 210

def verified_ok? verify_result
  valid = true
  unknown = false
  all_output_lines = []
  all_trusted = true

  verify_result.signatures.each do |signature|
    output_lines, trusted = sig_output_lines signature
    all_output_lines << output_lines
    all_output_lines.flatten!
    all_trusted &&= trusted

    err_code = GPGME::gpgme_err_code(signature.status)
    if err_code == GPGME::GPG_ERR_BAD_SIGNATURE
      valid = false
    elsif err_code != GPGME::GPG_ERR_NO_ERROR
      valid = false
      unknown = true
    end
  end

  if valid || !unknown
    summary_line = simplify_sig_line(verify_result.signatures[0].to_s, all_trusted)
  end

  if all_output_lines.length == 0
    Chunk::CryptoNotice.new :valid, "Encrypted message wasn't signed", all_output_lines
  elsif valid
    if all_trusted
      Chunk::CryptoNotice.new(:valid, summary_line, all_output_lines)
    else
      Chunk::CryptoNotice.new(:valid_untrusted, summary_line, all_output_lines)
    end
  elsif !unknown
    Chunk::CryptoNotice.new(:invalid, summary_line, all_output_lines)
  else
    unknown_status all_output_lines
  end
end

#verify(payload, signature, detached = true) ⇒ Object

both RubyMail::Message objects



250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
 
# File 'lib/sup/crypto.rb', line 250

def verify payload, signature, detached=true # both RubyMail::Message objects
  return unknown_status(@not_working_reason) unless @not_working_reason.nil?

  gpg_opts = {:protocol => GPGME::PROTOCOL_OpenPGP}
  gpg_opts = HookManager.run("gpg-options",
                             {:operation => "verify", :options => gpg_opts}) || gpg_opts
  ctx = GPGME::Ctx.new(gpg_opts)
  sig_data = GPGME::Data.from_str signature.decode
  if detached
    signed_text_data = GPGME::Data.from_str(format_payload(payload))
    plain_data = nil
  else
    signed_text_data = nil
    if GPGME::Data.respond_to?('empty')
      plain_data = GPGME::Data.empty
    else
      plain_data = GPGME::Data.empty!
    end
  end
  begin
    ctx.verify(sig_data, signed_text_data, plain_data)
  rescue GPGME::Error => exc
    return unknown_status [gpgme_exc_msg(exc.message)]
  end
  begin
    self.verified_ok? ctx.verify_result
  rescue ArgumentError => exc
    return unknown_status [gpgme_exc_msg(exc.message)]
  end
end