summaryrefslogtreecommitdiff
path: root/pith/smime.c
diff options
context:
space:
mode:
authorEduardo Chappa <echappa@gmx.com>2013-02-03 00:59:38 -0700
committerEduardo Chappa <echappa@gmx.com>2013-02-03 00:59:38 -0700
commit094ca96844842928810f14844413109fc6cdd890 (patch)
treee60efbb980f38ba9308ccb4fb2b77b87bbc115f3 /pith/smime.c
downloadalpine-094ca96844842928810f14844413109fc6cdd890.tar.xz
Initial Alpine Version
Diffstat (limited to 'pith/smime.c')
-rw-r--r--pith/smime.c2377
1 files changed, 2377 insertions, 0 deletions
diff --git a/pith/smime.c b/pith/smime.c
new file mode 100644
index 00000000..dc332a2a
--- /dev/null
+++ b/pith/smime.c
@@ -0,0 +1,2377 @@
+#if !defined(lint) && !defined(DOS)
+static char rcsid[] = "$Id: smime.c 1176 2008-09-29 21:16:42Z hubert@u.washington.edu $";
+#endif
+
+/*
+ * ========================================================================
+ * Copyright 2008 University of Washington
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * ========================================================================
+ */
+
+/*
+ * This is based on a contribution from Jonathan Paisley
+ *
+ * File: smime.c
+ * Author: paisleyj@dcs.gla.ac.uk
+ * Date: 01/2001
+ */
+
+
+#include "../pith/headers.h"
+
+#ifdef SMIME
+
+#include "../pith/osdep/canaccess.h"
+#include "../pith/helptext.h"
+#include "../pith/store.h"
+#include "../pith/status.h"
+#include "../pith/detach.h"
+#include "../pith/conf.h"
+#include "../pith/smkeys.h"
+#include "../pith/smime.h"
+#include "../pith/mailpart.h"
+#include "../pith/reply.h"
+#include "../pith/tempfile.h"
+#include "../pith/readfile.h"
+#include "../pith/remote.h"
+
+#include <openssl/buffer.h>
+
+
+typedef enum {Public, Private, CACert} WhichCerts;
+
+
+/* internal prototypes */
+static void forget_private_keys(void);
+static int app_RAND_load_file(const char *file);
+static void openssl_extra_randomness(void);
+static int app_RAND_write_file(const char *file);
+static void smime_init(void);
+static const char *openssl_error_string(void);
+static void create_local_cache(char *base, BODY *b);
+static BIO *raw_part_to_bio(long msgno, const char *section);
+static long rfc822_output_func(void *b, char *string);
+static int load_private_key(PERSONAL_CERT *pcert);
+static void setup_pkcs7_body_for_signature(BODY *b, char *description,
+ char *type, char *filename);
+static BIO *body_to_bio(BODY *body);
+static BIO *bio_from_store(STORE_S *store);
+static STORE_S *get_part_contents(long msgno, const char *section);
+static PKCS7 *get_pkcs7_from_part(long msgno, const char *section);
+static int do_signature_verify(PKCS7 *p7, BIO *in, BIO *out);
+static int do_detached_signature_verify(BODY *b, long msgno, char *section);
+static PERSONAL_CERT *find_certificate_matching_pkcs7(PKCS7 *p7);
+static int do_decoding(BODY *b, long msgno, const char *section);
+static void free_smime_struct(SMIME_STUFF_S **smime);
+static void setup_storage_locations(void);
+static int copy_dir_to_container(WhichCerts which);
+static int copy_container_to_dir(WhichCerts which);
+
+
+int (*pith_opt_smime_get_passphrase)(void);
+
+
+static X509_STORE *s_cert_store;
+
+/* State management for randomness functions below */
+static int seeded = 0;
+static int egdsocket = 0;
+
+
+/*
+ * Forget any cached private keys
+ */
+static void
+forget_private_keys(void)
+{
+ PERSONAL_CERT *pcert;
+ size_t len;
+ volatile char *p;
+
+ dprint((9, "forget_private_keys()"));
+ if(ps_global->smime){
+ for(pcert=(PERSONAL_CERT *) ps_global->smime->personal_certs;
+ pcert;
+ pcert=pcert->next){
+
+ if(pcert->key){
+ EVP_PKEY_free(pcert->key);
+ pcert->key = NULL;
+ }
+ }
+
+ ps_global->smime->entered_passphrase = 0;
+ len = sizeof(ps_global->smime->passphrase);
+ p = ps_global->smime->passphrase;
+
+ while(len-- > 0)
+ *p++ = '\0';
+ }
+}
+
+
+/*
+ * taken from openssl/apps/app_rand.c
+ */
+static int
+app_RAND_load_file(const char *file)
+{
+ char buffer[200];
+
+ if(file == NULL)
+ file = RAND_file_name(buffer, sizeof buffer);
+ else if(RAND_egd(file) > 0){
+ /* we try if the given filename is an EGD socket.
+ if it is, we don't write anything back to the file. */
+ egdsocket = 1;
+ return 1;
+ }
+
+ if(file == NULL || !RAND_load_file(file, -1)){
+ if(RAND_status() == 0){
+ dprint((1, "unable to load 'random state'\n"));
+ dprint((1, "This means that the random number generator has not been seeded\n"));
+ dprint((1, "with much random data.\n"));
+ }
+
+ return 0;
+ }
+
+ seeded = 1;
+ return 1;
+}
+
+
+/*
+ * copied and fiddled from imap/src/osdep/unix/auth_ssl.c
+ */
+static void
+openssl_extra_randomness(void)
+{
+#if !defined(WIN32)
+ int fd;
+ unsigned long i;
+ char *tf = NULL;
+ char tmp[MAXPATH];
+ struct stat sbuf;
+ /* if system doesn't have /dev/urandom */
+ if(stat ("/dev/urandom", &sbuf)){
+ tmp[0] = '0';
+ tf = temp_nam(NULL, NULL);
+ if(tf){
+ strncpy(tmp, tf, sizeof(tmp));
+ tmp[sizeof(tmp)-1] = '\0';
+ fs_give((void **) &tf);
+ }
+
+ if((fd = open(tmp, O_WRONLY|O_CREAT|O_EXCL, 0600)) < 0)
+ i = (unsigned long) tmp;
+ else{
+ unlink(tmp); /* don't need the file */
+ fstat(fd, &sbuf); /* get information about the file */
+ i = sbuf.st_ino; /* remember its inode */
+ close(fd); /* or its descriptor */
+ }
+ /* not great but it'll have to do */
+ snprintf(tmp+strlen(tmp), sizeof(tmp)-strlen(tmp), "%.80s%lx%lx%lx",
+ tcp_serverhost (),i,
+ (unsigned long) (time (0) ^ gethostid ()),
+ (unsigned long) getpid ());
+ RAND_seed(tmp, strlen(tmp));
+ }
+#endif
+}
+
+
+/* taken from openssl/apps/app_rand.c */
+static int
+app_RAND_write_file(const char *file)
+{
+ char buffer[200];
+
+ if(egdsocket || !seeded)
+ /*
+ * If we did not manage to read the seed file,
+ * we should not write a low-entropy seed file back --
+ * it would suppress a crucial warning the next time
+ * we want to use it.
+ */
+ return 0;
+
+ if(file == NULL)
+ file = RAND_file_name(buffer, sizeof buffer);
+
+ if(file == NULL || !RAND_write_file(file)){
+ dprint((1, "unable to write 'random state'\n"));
+ return 0;
+ }
+
+ return 1;
+}
+
+
+/* Installed as an atexit() handler to save the random data */
+void
+smime_deinit(void)
+{
+ dprint((9, "smime_deinit()"));
+ app_RAND_write_file(NULL);
+ free_smime_struct(&ps_global->smime);
+}
+
+
+/* Initialise openssl stuff if needed */
+static void
+smime_init(void)
+{
+ if(F_OFF(F_DONT_DO_SMIME, ps_global) && !(ps_global->smime && ps_global->smime->inited)){
+
+ dprint((9, "smime_init()"));
+ if(!ps_global->smime)
+ ps_global->smime = new_smime_struct();
+
+ setup_storage_locations();
+
+ s_cert_store = get_ca_store();
+
+ OpenSSL_add_all_algorithms();
+ ERR_load_crypto_strings();
+
+ app_RAND_load_file(NULL);
+
+ openssl_extra_randomness();
+ ps_global->smime->inited = 1;
+ }
+
+ ERR_clear_error();
+}
+
+
+static void
+setup_storage_locations(void)
+{
+ int publiccertcontainer = 0, privatekeycontainer = 0, cacertcontainer = 0;
+ char path[MAXPATH+1], *contents;
+
+ if(!ps_global->smime)
+ return;
+
+#ifdef APPLEKEYCHAIN
+ if(F_ON(F_PUBLICCERTS_IN_KEYCHAIN, ps_global)){
+ ps_global->smime->publictype = Keychain;
+ }
+ else{
+#endif /* APPLEKEYCHAIN */
+ /* Public certificates in a container */
+ if(ps_global->VAR_PUBLICCERT_CONTAINER && ps_global->VAR_PUBLICCERT_CONTAINER[0]){
+
+ publiccertcontainer = 1;
+ contents = NULL;
+ path[0] = '\0';
+ if(!signature_path(ps_global->VAR_PUBLICCERT_CONTAINER, path, MAXPATH))
+ publiccertcontainer = 0;
+
+ if(publiccertcontainer && !IS_REMOTE(path)
+ && ps_global->VAR_OPER_DIR
+ && !in_dir(ps_global->VAR_OPER_DIR, path)){
+ q_status_message2(SM_ORDER | SM_DING, 3, 4,
+ /* TRANSLATORS: First arg is the directory name, second is
+ the file user wants to read but can't. */
+ _("Can't read file outside %s: %s"),
+ ps_global->VAR_OPER_DIR, path);
+ publiccertcontainer = 0;
+ }
+
+ if(publiccertcontainer
+ && (IS_REMOTE(path) || can_access(path, ACCESS_EXISTS) == 0)){
+ if(!(IS_REMOTE(path) && (contents = simple_read_remote_file(path, REMOTE_SMIME_SUBTYPE)))
+ &&
+ !(contents = read_file(path, READ_FROM_LOCALE)))
+ publiccertcontainer = 0;
+ }
+
+ if(publiccertcontainer && path[0]){
+ ps_global->smime->publictype = Container;
+ ps_global->smime->publicpath = cpystr(path);
+
+ if(contents){
+ ps_global->smime->publiccontent = contents;
+ ps_global->smime->publiccertlist = mem_to_certlist(contents);
+ }
+ }
+ }
+
+ /* Public certificates in a directory of files */
+ if(!publiccertcontainer){
+ ps_global->smime->publictype = Directory;
+
+ path[0] = '\0';
+ if(!(signature_path(ps_global->VAR_PUBLICCERT_DIR, path, MAXPATH)
+ && !IS_REMOTE(path)))
+ ps_global->smime->publictype = Nada;
+ else if(can_access(path, ACCESS_EXISTS)){
+ if(our_mkpath(path, 0700)){
+ q_status_message1(SM_ORDER, 3, 3, _("Can't create directory %s"), path);
+ ps_global->smime->publictype = Nada;
+ }
+ }
+
+ if(ps_global->smime->publictype == Directory)
+ ps_global->smime->publicpath = cpystr(path);
+ }
+
+#ifdef APPLEKEYCHAIN
+ }
+#endif /* APPLEKEYCHAIN */
+
+ /* private keys in a container */
+ if(ps_global->VAR_PRIVATEKEY_CONTAINER && ps_global->VAR_PRIVATEKEY_CONTAINER[0]){
+
+ privatekeycontainer = 1;
+ contents = NULL;
+ path[0] = '\0';
+ if(!signature_path(ps_global->VAR_PRIVATEKEY_CONTAINER, path, MAXPATH))
+ privatekeycontainer = 0;
+
+ if(privatekeycontainer && !IS_REMOTE(path)
+ && ps_global->VAR_OPER_DIR
+ && !in_dir(ps_global->VAR_OPER_DIR, path)){
+ q_status_message2(SM_ORDER | SM_DING, 3, 4,
+ /* TRANSLATORS: First arg is the directory name, second is
+ the file user wants to read but can't. */
+ _("Can't read file outside %s: %s"),
+ ps_global->VAR_OPER_DIR, path);
+ privatekeycontainer = 0;
+ }
+
+ if(privatekeycontainer
+ && (IS_REMOTE(path) || can_access(path, ACCESS_EXISTS) == 0)){
+ if(!(IS_REMOTE(path) && (contents = simple_read_remote_file(path, REMOTE_SMIME_SUBTYPE)))
+ &&
+ !(contents = read_file(path, READ_FROM_LOCALE)))
+ privatekeycontainer = 0;
+ }
+
+ if(privatekeycontainer && path[0]){
+ ps_global->smime->privatetype = Container;
+ ps_global->smime->privatepath = cpystr(path);
+
+ if(contents){
+ ps_global->smime->privatecontent = contents;
+ ps_global->smime->personal_certs = mem_to_personal_certs(contents);
+ }
+ }
+ }
+
+ /* private keys in a directory of files */
+ if(!privatekeycontainer){
+ PERSONAL_CERT *result = NULL;
+
+ ps_global->smime->privatetype = Directory;
+
+ path[0] = '\0';
+ if(!(signature_path(ps_global->VAR_PRIVATEKEY_DIR, path, MAXPATH)
+ && !IS_REMOTE(path)))
+ ps_global->smime->privatetype = Nada;
+ else if(can_access(path, ACCESS_EXISTS)){
+ if(our_mkpath(path, 0700)){
+ q_status_message1(SM_ORDER, 3, 3, _("Can't create directory %s"), path);
+ ps_global->smime->privatetype = Nada;
+ }
+ }
+
+ if(ps_global->smime->privatetype == Directory){
+ char buf2[MAXPATH];
+ struct dirent *d;
+ DIR *dirp;
+
+ ps_global->smime->privatepath = cpystr(path);
+ dirp = opendir(path);
+ if(dirp){
+
+ while((d=readdir(dirp)) != NULL){
+ X509 *cert;
+ size_t ll;
+
+ if((ll=strlen(d->d_name)) && ll > 4 && !strcmp(d->d_name+ll-4, ".key")){
+
+ /* copy file name to temp buffer */
+ strncpy(buf2, d->d_name, sizeof(buf2)-1);
+ buf2[sizeof(buf2)-1] = '\0';
+ /* chop off ".key" trailier */
+ buf2[strlen(buf2)-4] = 0;
+ /* Look for certificate */
+ cert = get_cert_for(buf2);
+
+ if(cert){
+ PERSONAL_CERT *pc;
+
+ /* create a new PERSONAL_CERT, fill it in */
+
+ pc = (PERSONAL_CERT *) fs_get(sizeof(*pc));
+ pc->cert = cert;
+ pc->name = cpystr(buf2);
+
+ /* Try to load the key with an empty password */
+ pc->key = load_key(pc, "");
+
+ pc->next = result;
+ result = pc;
+ }
+ }
+ }
+
+ closedir(dirp);
+ }
+ }
+
+ ps_global->smime->personal_certs = result;
+ }
+
+ /* extra cacerts in a container */
+ if(ps_global->VAR_CACERT_CONTAINER && ps_global->VAR_CACERT_CONTAINER[0]){
+
+ cacertcontainer = 1;
+ contents = NULL;
+ path[0] = '\0';
+ if(!signature_path(ps_global->VAR_CACERT_CONTAINER, path, MAXPATH))
+ cacertcontainer = 0;
+
+ if(cacertcontainer && !IS_REMOTE(path)
+ && ps_global->VAR_OPER_DIR
+ && !in_dir(ps_global->VAR_OPER_DIR, path)){
+ q_status_message2(SM_ORDER | SM_DING, 3, 4,
+ /* TRANSLATORS: First arg is the directory name, second is
+ the file user wants to read but can't. */
+ _("Can't read file outside %s: %s"),
+ ps_global->VAR_OPER_DIR, path);
+ cacertcontainer = 0;
+ }
+
+ if(cacertcontainer
+ && (IS_REMOTE(path) || can_access(path, ACCESS_EXISTS) == 0)){
+ if(!(IS_REMOTE(path) && (contents = simple_read_remote_file(path, REMOTE_SMIME_SUBTYPE)))
+ &&
+ !(contents = read_file(path, READ_FROM_LOCALE)))
+ cacertcontainer = 0;
+ }
+
+ if(cacertcontainer && path[0]){
+ ps_global->smime->catype = Container;
+ ps_global->smime->capath = cpystr(path);
+ ps_global->smime->cacontent = contents;
+ }
+ }
+
+ if(!cacertcontainer){
+ ps_global->smime->catype = Directory;
+
+ path[0] = '\0';
+ if(!(signature_path(ps_global->VAR_CACERT_DIR, path, MAXPATH)
+ && !IS_REMOTE(path)))
+ ps_global->smime->catype = Nada;
+ else if(can_access(path, ACCESS_EXISTS)){
+ if(our_mkpath(path, 0700)){
+ q_status_message1(SM_ORDER, 3, 3, _("Can't create directory %s"), path);
+ ps_global->smime->catype = Nada;
+ }
+ }
+
+ if(ps_global->smime->catype == Directory)
+ ps_global->smime->capath = cpystr(path);
+ }
+}
+
+
+int
+copy_publiccert_dir_to_container(void)
+{
+ return(copy_dir_to_container(Public));
+}
+
+
+int
+copy_publiccert_container_to_dir(void)
+{
+ return(copy_container_to_dir(Public));
+}
+
+
+int
+copy_privatecert_dir_to_container(void)
+{
+ return(copy_dir_to_container(Private));
+}
+
+
+int
+copy_privatecert_container_to_dir(void)
+{
+ return(copy_container_to_dir(Private));
+}
+
+
+int
+copy_cacert_dir_to_container(void)
+{
+ return(copy_dir_to_container(CACert));
+}
+
+
+int
+copy_cacert_container_to_dir(void)
+{
+ return(copy_container_to_dir(CACert));
+}
+
+
+/*
+ * returns 0 on success, -1 on failure
+ */
+int
+copy_dir_to_container(WhichCerts which)
+{
+ int ret = 0;
+ BIO *bio_out = NULL, *bio_in = NULL;
+ char srcpath[MAXPATH+1], dstpath[MAXPATH+1], emailaddr[MAXPATH], file[MAXPATH], line[4096];
+ char *tempfile = NULL;
+ DIR *dirp;
+ struct dirent *d;
+ REMDATA_S *rd = NULL;
+ char *configdir = NULL;
+ char *configpath = NULL;
+ char *filesuffix = NULL;
+
+ dprint((9, "copy_dir_to_container(%s)", which==Public ? "Public" : which==Private ? "Private" : which==CACert ? "CACert" : "?"));
+ smime_init();
+
+ srcpath[0] = '\0';
+ dstpath[0] = '\0';
+ file[0] = '\0';
+ emailaddr[0] = '\0';
+
+ if(which == Public){
+ configdir = ps_global->VAR_PUBLICCERT_DIR;
+ configpath = ps_global->smime->publicpath;
+ filesuffix = ".crt";
+ }
+ else if(which == Private){
+ configdir = ps_global->VAR_PRIVATEKEY_DIR;
+ configpath = ps_global->smime->privatepath;
+ filesuffix = ".key";
+ }
+ else if(which == CACert){
+ configdir = ps_global->VAR_CACERT_DIR;
+ configpath = ps_global->smime->capath;
+ filesuffix = ".crt";
+ }
+
+ if(!(configdir && configdir[0])){
+ q_status_message(SM_ORDER, 3, 3, _("Directory not defined"));
+ return -1;
+ }
+
+ if(!(configpath && configpath[0])){
+#ifdef APPLEKEYCHAIN
+ if(which == Public && F_ON(F_PUBLICCERTS_IN_KEYCHAIN, ps_global)){
+ q_status_message(SM_ORDER, 3, 3, _("Turn off the Keychain feature above first"));
+ return -1;
+ }
+#endif /* APPLEKEYCHAIN */
+ q_status_message(SM_ORDER, 3, 3, _("Container path is not defined"));
+ return -1;
+ }
+
+ if(!(filesuffix && strlen(filesuffix) == 4)){
+ return -1;
+ }
+
+
+ /*
+ * If there is a legit directory to read from set up the
+ * container file to write to.
+ */
+ if(signature_path(configdir, srcpath, MAXPATH) && !IS_REMOTE(srcpath)){
+
+ if(IS_REMOTE(configpath)){
+ rd = rd_create_remote(RemImap, configpath, REMOTE_SMIME_SUBTYPE,
+ NULL, "Error: ",
+ _("Can't access remote smime configuration."));
+ if(!rd)
+ return -1;
+
+ (void) rd_read_metadata(rd);
+
+ if(rd->access == MaybeRorW){
+ if(rd->read_status == 'R')
+ rd->access = ReadOnly;
+ else
+ rd->access = ReadWrite;
+ }
+
+ if(rd->access != NoExists){
+
+ rd_check_remvalid(rd, 1L);
+
+ /*
+ * If the cached info says it is readonly but
+ * it looks like it's been fixed now, change it to readwrite.
+ */
+ if(rd->read_status == 'R'){
+ rd_check_readonly_access(rd);
+ if(rd->read_status == 'W'){
+ rd->access = ReadWrite;
+ rd->flags |= REM_OUTOFDATE;
+ }
+ else
+ rd->access = ReadOnly;
+ }
+ }
+
+ if(rd->flags & REM_OUTOFDATE){
+ if(rd_update_local(rd) != 0){
+
+ dprint((1, "copy_dir_to_container: rd_update_local failed\n"));
+ rd_close_remdata(&rd);
+ return -1;
+ }
+ }
+ else
+ rd_open_remote(rd);
+
+ if(rd->access != ReadWrite || rd_remote_is_readonly(rd)){
+ rd_close_remdata(&rd);
+ return -1;
+ }
+
+ rd->flags |= DO_REMTRIM;
+
+ strncpy(dstpath, rd->lf, sizeof(dstpath)-1);
+ dstpath[sizeof(dstpath)-1] = '\0';
+ }
+ else{
+ strncpy(dstpath, configpath, sizeof(dstpath)-1);
+ dstpath[sizeof(dstpath)-1] = '\0';
+ }
+
+ /*
+ * dstpath is either the local Container file or the local cache file
+ * for the remote Container file.
+ */
+ tempfile = tempfile_in_same_dir(dstpath, "az", NULL);
+ }
+
+ /*
+ * If there is a legit directory to read from and a tempfile
+ * to write to we continue.
+ */
+ if(tempfile && (bio_out=BIO_new_file(tempfile, "w")) != NULL){
+
+ dirp = opendir(srcpath);
+ if(dirp){
+
+ while((d=readdir(dirp)) && !ret){
+ size_t ll;
+
+ if((ll=strlen(d->d_name)) && ll > 4 && !strcmp(d->d_name+ll-4, filesuffix)){
+
+ /* copy file name to temp buffer */
+ strncpy(emailaddr, d->d_name, sizeof(emailaddr)-1);
+ emailaddr[sizeof(emailaddr)-1] = '\0';
+ /* chop off suffix trailier */
+ emailaddr[strlen(emailaddr)-4] = 0;
+
+ /*
+ * This is the separator between the contents of
+ * different files.
+ */
+ if(which == CACert){
+ if(!((BIO_puts(bio_out, CACERTSTORELEADER) > 0)
+ && (BIO_puts(bio_out, emailaddr) > 0)
+ && (BIO_puts(bio_out, "\n") > 0)))
+ ret = -1;
+ }
+ else{
+ if(!((BIO_puts(bio_out, EMAILADDRLEADER) > 0)
+ && (BIO_puts(bio_out, emailaddr) > 0)
+ && (BIO_puts(bio_out, "\n") > 0)))
+ ret = -1;
+ }
+
+ /* read then write contents of file */
+ build_path(file, srcpath, d->d_name, sizeof(file));
+ if(!(bio_in = BIO_new_file(file, "r")))
+ ret = -1;
+
+ if(!ret){
+ int good_stuff = 0;
+
+ while(BIO_gets(bio_in, line, sizeof(line)) > 0){
+ if(strncmp("-----BEGIN", line, strlen("-----BEGIN")) == 0)
+ good_stuff = 1;
+
+ if(good_stuff)
+ BIO_puts(bio_out, line);
+
+ if(strncmp("-----END", line, strlen("-----END")) == 0)
+ good_stuff = 0;
+ }
+ }
+
+ BIO_free(bio_in);
+ }
+ }
+
+ closedir(dirp);
+ }
+
+ BIO_free(bio_out);
+
+ if(!ret){
+ if(rename_file(tempfile, dstpath) < 0){
+ q_status_message2(SM_ORDER, 3, 3,
+ _("Can't rename %s to %s"), tempfile, dstpath);
+ ret = -1;
+ }
+
+ /* if the container is remote, copy it */
+ if(!ret && IS_REMOTE(configpath)){
+ int e;
+ char datebuf[200];
+
+ datebuf[0] = '\0';
+
+ if((e = rd_update_remote(rd, datebuf)) != 0){
+ if(e == -1){
+ q_status_message2(SM_ORDER | SM_DING, 3, 5,
+ _("Error opening temporary smime file %s: %s"),
+ rd->lf, error_description(errno));
+ dprint((1,
+ "write_remote_smime: error opening temp file %s\n",
+ rd->lf ? rd->lf : "?"));
+ }
+ else{
+ q_status_message2(SM_ORDER | SM_DING, 3, 5,
+ _("Error copying to %s: %s"),
+ rd->rn, error_description(errno));
+ dprint((1,
+ "write_remote_smime: error copying from %s to %s\n",
+ rd->lf ? rd->lf : "?", rd->rn ? rd->rn : "?"));
+ }
+
+ q_status_message(SM_ORDER | SM_DING, 5, 5,
+ _("Copy of smime key to remote folder failed, NOT saved remotely"));
+ }
+ else{
+ rd_update_metadata(rd, datebuf);
+ rd->read_status = 'W';
+ }
+
+ rd_close_remdata(&rd);
+ }
+ }
+ }
+
+ if(tempfile)
+ fs_give((void **) &tempfile);
+
+ return ret;
+}
+
+
+/*
+ * returns 0 on success, -1 on failure
+ */
+int
+copy_container_to_dir(WhichCerts which)
+{
+ char path[MAXPATH+1], file[MAXPATH+1], buf[MAXPATH+1];
+ char iobuf[4096];
+ char *contents = NULL;
+ char *leader = NULL;
+ char *filesuffix = NULL;
+ char *configdir = NULL;
+ char *configpath = NULL;
+ char *tempfile = NULL;
+ char *p, *q, *line, *name, *certtext, *save_p;
+ int len;
+ BIO *in, *out;
+
+ dprint((9, "copy_container_to_dir(%s)", which==Public ? "Public" : which==Private ? "Private" : which==CACert ? "CACert" : "?"));
+ smime_init();
+
+ path[0] = '\0';
+
+ if(which == Public){
+ leader = EMAILADDRLEADER;
+ contents = ps_global->smime->publiccontent;
+ configdir = ps_global->VAR_PUBLICCERT_DIR;
+ configpath = ps_global->smime->publicpath;
+ filesuffix = ".crt";
+ if(!(configpath && configpath[0])){
+#ifdef APPLEKEYCHAIN
+ if(which == Public && F_ON(F_PUBLICCERTS_IN_KEYCHAIN, ps_global)){
+ q_status_message(SM_ORDER, 3, 3, _("Turn off the Keychain feature above first"));
+ return -1;
+ }
+#endif /* APPLEKEYCHAIN */
+ q_status_message(SM_ORDER, 3, 3, _("Container path is not defined"));
+ return -1;
+ }
+
+ fs_give((void **) &ps_global->smime->publicpath);
+
+ path[0] = '\0';
+ if(!(signature_path(ps_global->VAR_PUBLICCERT_DIR, path, MAXPATH)
+ && !IS_REMOTE(path))){
+ q_status_message(SM_ORDER, 3, 3, _("Directory is not defined"));
+ return -1;
+ }
+
+ if(can_access(path, ACCESS_EXISTS)){
+ if(our_mkpath(path, 0700)){
+ q_status_message1(SM_ORDER, 3, 3, _("Can't create directory %s"), path);
+ return -1;
+ }
+ }
+
+ ps_global->smime->publicpath = cpystr(path);
+ configpath = ps_global->smime->publicpath;
+ }
+ else if(which == Private){
+ leader = EMAILADDRLEADER;
+ contents = ps_global->smime->privatecontent;
+ configdir = ps_global->VAR_PRIVATEKEY_DIR;
+ configpath = ps_global->smime->privatepath;
+ filesuffix = ".key";
+ if(!(configpath && configpath[0])){
+ q_status_message(SM_ORDER, 3, 3, _("Container path is not defined"));
+ return -1;
+ }
+
+ fs_give((void **) &ps_global->smime->privatepath);
+
+ path[0] = '\0';
+ if(!(signature_path(ps_global->VAR_PRIVATEKEY_DIR, path, MAXPATH)
+ && !IS_REMOTE(path))){
+ q_status_message(SM_ORDER, 3, 3, _("Directory is not defined"));
+ return -1;
+ }
+
+ if(can_access(path, ACCESS_EXISTS)){
+ if(our_mkpath(path, 0700)){
+ q_status_message1(SM_ORDER, 3, 3, _("Can't create directory %s"), path);
+ return -1;
+ }
+ }
+
+ ps_global->smime->privatepath = cpystr(path);
+ configpath = ps_global->smime->privatepath;
+ }
+ else if(which == CACert){
+ leader = CACERTSTORELEADER;
+ contents = ps_global->smime->cacontent;
+ configdir = ps_global->VAR_CACERT_DIR;
+ configpath = ps_global->smime->capath;
+ filesuffix = ".crt";
+ if(!(configpath && configpath[0])){
+ q_status_message(SM_ORDER, 3, 3, _("Container path is not defined"));
+ return -1;
+ }
+
+ fs_give((void **) &ps_global->smime->capath);
+
+ path[0] = '\0';
+ if(!(signature_path(ps_global->VAR_CACERT_DIR, path, MAXPATH)
+ && !IS_REMOTE(path))){
+ q_status_message(SM_ORDER, 3, 3, _("Directory is not defined"));
+ return -1;
+ }
+
+ if(can_access(path, ACCESS_EXISTS)){
+ if(our_mkpath(path, 0700)){
+ q_status_message1(SM_ORDER, 3, 3, _("Can't create directory %s"), path);
+ return -1;
+ }
+ }
+
+ ps_global->smime->capath = cpystr(path);
+ configpath = ps_global->smime->capath;
+ }
+
+ if(!(configdir && configdir[0])){
+ q_status_message(SM_ORDER, 3, 3, _("Directory not defined"));
+ return -1;
+ }
+
+ if(!(configpath && configpath[0])){
+ q_status_message(SM_ORDER, 3, 3, _("Container path is not defined"));
+ return -1;
+ }
+
+ if(!(filesuffix && strlen(filesuffix) == 4)){
+ return -1;
+ }
+
+
+ if(contents && *contents){
+ for(p = contents; *p != '\0';){
+ line = p;
+
+ while(*p && *p != '\n')
+ p++;
+
+ save_p = NULL;
+ if(*p == '\n'){
+ save_p = p;
+ *p++ = '\0';
+ }
+
+ if(strncmp(leader, line, strlen(leader)) == 0){
+ name = line + strlen(leader);
+ certtext = p;
+ if(strncmp("-----BEGIN", certtext, strlen("-----BEGIN")) == 0){
+ if((q = strstr(certtext, leader)) != NULL){
+ p = q;
+ }
+ else{ /* end of file */
+ q = certtext + strlen(certtext);
+ p = q;
+ }
+
+ strncpy(buf, name, sizeof(buf)-5);
+ buf[sizeof(buf)-5] = '\0';
+ strncat(buf, filesuffix, 5);
+ build_path(file, configpath, buf, sizeof(file));
+
+ in = BIO_new_mem_buf(certtext, q-certtext);
+ if(in){
+ tempfile = tempfile_in_same_dir(file, "az", NULL);
+ out = NULL;
+ if(tempfile)
+ out = BIO_new_file(tempfile, "w");
+
+ if(out){
+ while((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
+ BIO_write(out, iobuf, len);
+
+ BIO_free(out);
+
+ if(rename_file(tempfile, file) < 0){
+ q_status_message2(SM_ORDER, 3, 3,
+ _("Can't rename %s to %s"),
+ tempfile, file);
+ return -1;
+ }
+
+ fs_give((void **) &tempfile);
+ }
+
+ BIO_free(in);
+ }
+ }
+ }
+
+ if(save_p)
+ *save_p = '\n';
+ }
+ }
+
+ return 0;
+}
+
+
+#ifdef APPLEKEYCHAIN
+
+int
+copy_publiccert_container_to_keychain(void)
+{
+ /* NOT IMPLEMNTED */
+ return -1;
+}
+
+int
+copy_publiccert_keychain_to_container(void)
+{
+ /* NOT IMPLEMNTED */
+ return -1;
+}
+
+#endif /* APPLEKEYCHAIN */
+
+
+/*
+ * Get a pointer to a string describing the most recent OpenSSL error.
+ * It's statically allocated, so don't change or attempt to free it.
+ */
+static const char *
+openssl_error_string(void)
+{
+ char *errs;
+ const char *data = NULL;
+ long errn;
+
+ errn = ERR_peek_error_line_data(NULL, NULL, &data, NULL);
+ errs = (char*) ERR_reason_error_string(errn);
+
+ if(errs)
+ return errs;
+ else if(data)
+ return data;
+
+ return "unknown error";
+}
+
+
+/* Return true if the body looks like a PKCS7 object */
+int
+is_pkcs7_body(BODY *body)
+{
+ int result;
+
+ result = body->type==TYPEAPPLICATION &&
+ body->subtype &&
+ (strucmp(body->subtype,"pkcs7-mime")==0 ||
+ strucmp(body->subtype,"x-pkcs7-mime")==0 ||
+ strucmp(body->subtype,"pkcs7-signature")==0 ||
+ strucmp(body->subtype,"x-pkcs7-signature")==0);
+
+ return result;
+}
+
+
+#ifdef notdef
+/*
+ * Somewhat useful debug utility to dump the contents of a BIO to a file.
+ * Note that a memory BIO will have its contents eliminated after they
+ * are read so this will break the next step.
+ */
+static void
+dump_bio_to_file(BIO *in, char *filename)
+{
+ char iobuf[4096];
+ int len;
+ BIO *out;
+
+ out = BIO_new_file(filename, "w");
+
+ if(out){
+ if(BIO_method_type(in) != BIO_TYPE_MEM)
+ BIO_reset(in);
+
+ while((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
+ BIO_write(out, iobuf, len);
+
+ BIO_free(out);
+ }
+
+ BIO_reset(in);
+}
+#endif
+
+
+/*
+ * Recursively stash a pointer to the decrypted data in our
+ * manufactured body.
+ */
+static void
+create_local_cache(char *base, BODY *b)
+{
+ if(b->type==TYPEMULTIPART){
+ PART *p;
+
+#if 0
+ cpytxt(&b->contents.text, base + b->contents.offset, b->size.bytes);
+#else
+ /*
+ * We don't really want to copy the real body contents. It shouldn't be
+ * used, and in the case of a message with attachments, we'll be
+ * duplicating the files multiple times.
+ */
+ cpytxt(&b->contents.text, "BODY UNAVAILABLE", 16);
+#endif
+
+ for(p=b->nested.part; p; p=p->next)
+ create_local_cache(base, (BODY*) p);
+ }
+ else{
+ cpytxt(&b->contents.text, base + b->contents.offset, b->size.bytes);
+ }
+}
+
+
+static long
+rfc822_output_func(void *b, char *string)
+{
+ BIO *bio = (BIO *) b;
+
+ return((BIO_puts(bio, string) > 0) ? 1L : 0L);
+}
+
+
+/*
+ * Attempt to load the private key for the given PERSONAL_CERT.
+ * This sets the appropriate passphrase globals in order to
+ * interact with the user correctly.
+ */
+static int
+load_private_key(PERSONAL_CERT *pcert)
+{
+ if(!pcert->key){
+
+ /* Try empty password by default */
+ char *password = "";
+
+ if(ps_global->smime
+ && (ps_global->smime->need_passphrase
+ || ps_global->smime->entered_passphrase)){
+ /* We've already been in here and discovered we need a different password */
+
+ if(ps_global->smime->entered_passphrase)
+ password = (char *) ps_global->smime->passphrase; /* already entered */
+ else
+ return 0;
+ }
+
+ ERR_clear_error();
+
+ if(!(pcert->key = load_key(pcert, password))){
+ long err = ERR_get_error();
+
+ /* Couldn't load key... */
+
+ if(ps_global->smime && ps_global->smime->entered_passphrase){
+
+ /* The user got the password wrong maybe? */
+
+ if((ERR_GET_LIB(err)==ERR_LIB_EVP && ERR_GET_REASON(err)==EVP_R_BAD_DECRYPT) ||
+ (ERR_GET_LIB(err)==ERR_LIB_PEM && ERR_GET_REASON(err)==PEM_R_BAD_DECRYPT))
+ q_status_message(SM_ORDER | SM_DING, 4, 4, _("Incorrect passphrase"));
+ else
+ q_status_message1(SM_ORDER, 4, 4, _("Couldn't read key: %s"),(char*)openssl_error_string());
+
+ /* This passphrase is no good; forget it */
+ ps_global->smime->entered_passphrase = 0;
+ }
+
+ /* Indicate to the UI that we need re-entry (see mailcmd.c:process_cmd())*/
+ if(ps_global->smime)
+ ps_global->smime->need_passphrase = 1;
+
+ if(ps_global->smime){
+ if(ps_global->smime->passphrase_emailaddr)
+ fs_give((void **) &ps_global->smime->passphrase_emailaddr);
+
+ ps_global->smime->passphrase_emailaddr = get_x509_subject_email(pcert->cert);
+ }
+
+ return 0;
+ }
+ else{
+ /* This key will be cached, so we won't be called again */
+ if(ps_global->smime){
+ ps_global->smime->entered_passphrase = 0;
+ ps_global->smime->need_passphrase = 0;
+ }
+ }
+
+ return 1;
+ }
+
+ return 0;
+}
+
+
+static void
+setup_pkcs7_body_for_signature(BODY *b, char *description, char *type, char *filename)
+{
+ b->type = TYPEAPPLICATION;
+ b->subtype = cpystr(type);
+ b->encoding = ENCBINARY;
+ b->description = cpystr(description);
+
+ b->disposition.type = cpystr("attachment");
+ set_parameter(&b->disposition.parameter, "filename", filename);
+
+ set_parameter(&b->parameter, "name", filename);
+}
+
+
+/*
+ * Look for a personal certificate matching the
+ * given address
+ */
+PERSONAL_CERT *
+match_personal_cert_to_email(ADDRESS *a)
+{
+ PERSONAL_CERT *pcert = NULL;
+ char buf[MAXPATH];
+ char *email;
+
+ if(!a || !a->mailbox || !a->host)
+ return NULL;
+
+ snprintf(buf, sizeof(buf), "%s@%s", a->mailbox, a->host);
+
+ if(ps_global->smime){
+ for(pcert=(PERSONAL_CERT *) ps_global->smime->personal_certs;
+ pcert;
+ pcert=pcert->next){
+
+ if(!pcert->cert)
+ continue;
+
+ email = get_x509_subject_email(pcert->cert);
+
+ if(email && strucmp(email,buf)==0){
+ fs_give((void**) &email);
+ break;
+ }
+
+ fs_give((void**) &email);
+ }
+ }
+
+ return pcert;
+}
+
+
+/*
+ * Look for a personal certificate matching the from
+ * (or reply_to? in the given envelope)
+ */
+PERSONAL_CERT *
+match_personal_cert(ENVELOPE *env)
+{
+ PERSONAL_CERT *pcert;
+
+ pcert = match_personal_cert_to_email(env->reply_to);
+ if(!pcert)
+ pcert = match_personal_cert_to_email(env->from);
+
+ return pcert;
+}
+
+
+/*
+ * Flatten the given body into its MIME representation.
+ * Return the result in a BIO.
+ */
+static BIO *
+body_to_bio(BODY *body)
+{
+ BIO *bio = NULL;
+ int len;
+
+ bio = BIO_new(BIO_s_mem());
+ if(!bio)
+ return NULL;
+
+ pine_encode_body(body); /* this attaches random boundary strings to multiparts */
+ pine_write_body_header(body, rfc822_output_func, bio);
+ pine_rfc822_output_body(body, rfc822_output_func, bio);
+
+ /*
+ * Now need to truncate by two characters since the above
+ * appends CRLF.
+ */
+ if((len=BIO_ctrl_pending(bio)) > 1){
+ BUF_MEM *biobuf = NULL;
+
+ BIO_get_mem_ptr(bio, &biobuf);
+ if(biobuf){
+ BUF_MEM_grow(biobuf, len-2); /* remove CRLF */
+ }
+ }
+
+ return bio;
+}
+
+
+static BIO *
+bio_from_store(STORE_S *store)
+{
+ BIO *ret = NULL;
+
+ if(store && store->src == BioType && store->txt){
+ ret = (BIO *) store->txt;
+ }
+
+ return(ret);
+}
+
+/*
+ * Encrypt file; given a path (char *) fp, replace the file
+ * by an encrypted version of it. If (char *) text is not null, then
+ * replace the text of (char *) fp by the encrypted version of (char *) text.
+ */
+int
+encrypt_file(char *fp, char *text)
+{
+ const EVP_CIPHER *cipher = NULL;
+ STACK_OF(X509) *encerts = NULL;
+ X509 *cert;
+ PERSONAL_CERT *pcert;
+ BIO *in;
+ PKCS7 *p7 = NULL;
+ FILE *fpp;
+ int rv = 0;
+
+ smime_init();
+ if((pcert = ps_global->smime->personal_certs) == NULL)
+ return 0;
+
+ cipher = EVP_aes_256_cbc();
+ encerts = sk_X509_new_null();
+
+ if((cert = get_cert_for(pcert->name)) != NULL)
+ sk_X509_push(encerts, cert);
+ else
+ goto end;
+
+ if(text){
+ in = BIO_new(BIO_s_mem());
+ if(in == NULL)
+ goto end;
+ (void) BIO_reset(in);
+ BIO_puts(in, text);
+ }
+ else{
+ if(!(in = BIO_new_file(fp, "rb")))
+ goto end;
+
+ BIO_read_filename(in, fp);
+ }
+
+ if((p7 = PKCS7_encrypt(encerts, in, cipher, 0)) == NULL)
+ goto end;
+ BIO_set_close(in, BIO_CLOSE);
+ BIO_free(in);
+ if(!(in = BIO_new_file(fp, "w")))
+ goto end;
+ BIO_reset(in);
+ rv = PEM_write_bio_PKCS7(in, p7);
+ BIO_flush(in);
+
+end:
+ BIO_free(in);
+ PKCS7_free(p7);
+ sk_X509_pop_free(encerts, X509_free);
+
+ return rv;
+}
+
+/*
+ * Encrypt a message on the way out. Called from call_mailer in send.c
+ * The body may be reallocated.
+ */
+int
+encrypt_outgoing_message(METAENV *header, BODY **bodyP)
+{
+ PKCS7 *p7 = NULL;
+ BIO *in = NULL;
+ BIO *out = NULL;
+ const EVP_CIPHER *cipher = NULL;
+ STACK_OF(X509) *encerts = NULL;
+ STORE_S *outs = NULL;
+ PINEFIELD *pf;
+ ADDRESS *a;
+ BODY *body = *bodyP;
+ BODY *newBody = NULL;
+ int result = 0;
+
+ dprint((9, "encrypt_outgoing_message()"));
+ smime_init();
+
+ cipher = EVP_des_cbc();
+
+ encerts = sk_X509_new_null();
+
+ /* Look for a certificate for each of the recipients */
+ for(pf = header->local; pf && pf->name; pf = pf->next)
+ if(pf->type == Address && pf->rcptto && pf->addr && *pf->addr){
+ for(a=*pf->addr; a; a=a->next){
+ X509 *cert;
+ char buf[MAXPATH];
+
+ snprintf(buf, sizeof(buf), "%s@%s", a->mailbox, a->host);
+
+ cert = get_cert_for(buf);
+ if(cert)
+ sk_X509_push(encerts,cert);
+ else{
+ q_status_message2(SM_ORDER, 1, 1,
+ _("Unable to find certificate for <%s@%s>"),
+ a->mailbox, a->host);
+ goto end;
+ }
+ }
+ }
+
+
+ in = body_to_bio(body);
+
+ p7 = PKCS7_encrypt(encerts, in, cipher, 0);
+
+ outs = so_get(BioType, NULL, EDIT_ACCESS);
+ out = bio_from_store(outs);
+
+ i2d_PKCS7_bio(out, p7);
+ (void) BIO_flush(out);
+
+ so_seek(outs, 0, SEEK_SET);
+
+ newBody = mail_newbody();
+
+ newBody->type = TYPEAPPLICATION;
+ newBody->subtype = cpystr("pkcs7-mime");
+ newBody->encoding = ENCBINARY;
+
+ newBody->disposition.type = cpystr("attachment");
+ set_parameter(&newBody->disposition.parameter, "filename", "smime.p7m");
+
+ newBody->description = cpystr("S/MIME Encrypted Message");
+ set_parameter(&newBody->parameter, "smime-type", "enveloped-data");
+ set_parameter(&newBody->parameter, "name", "smime.p7m");
+
+ newBody->contents.text.data = (unsigned char *) outs;
+
+ *bodyP = newBody;
+
+ result = 1;
+
+end:
+
+ BIO_free(in);
+ PKCS7_free(p7);
+ sk_X509_pop_free(encerts, X509_free);
+
+ dprint((9, "encrypt_outgoing_message returns %d", result));
+ return result;
+}
+
+
+/*
+ * Plonk the contents (mime headers and body) of the given
+ * section of a message to a BIO_s_mem BIO object.
+ */
+static BIO *
+raw_part_to_bio(long msgno, const char *section)
+{
+ unsigned long len;
+ char *text;
+ BIO *bio;
+
+ bio = BIO_new(BIO_s_mem());
+
+ if(bio){
+
+ (void) BIO_reset(bio);
+
+ /* First grab headers of the chap */
+ text = mail_fetch_mime(ps_global->mail_stream, msgno, (char*) section, &len, 0);
+
+ if(text){
+ BIO_write(bio, text, len);
+
+ /** Now grab actual body */
+ text = mail_fetch_body (ps_global->mail_stream, msgno, (char*) section, &len, 0);
+ if(text){
+ BIO_write(bio, text, len);
+ }
+ else{
+ BIO_free(bio);
+ bio = NULL;
+ }
+
+ }
+ else{
+ BIO_free(bio);
+ bio = NULL;
+ }
+ }
+
+ return bio;
+}
+
+
+/*
+ Get (and decode) the body of the given section of msg
+ */
+static STORE_S*
+get_part_contents(long msgno, const char *section)
+{
+ long len;
+ gf_io_t pc;
+ STORE_S *store = NULL;
+ char *err;
+
+ store = so_get(CharStar, NULL, EDIT_ACCESS);
+ if(store){
+ gf_set_so_writec(&pc,store);
+
+ err = detach(ps_global->mail_stream, msgno, (char*) section, 0L, &len, pc, NULL, 0L);
+
+ gf_clear_so_writec(store);
+
+ so_seek(store, 0, SEEK_SET);
+
+ if(err)
+ so_give(&store);
+ }
+
+ return store;
+}
+
+
+static PKCS7 *
+get_pkcs7_from_part(long msgno,const char *section)
+{
+ STORE_S *store = NULL;
+ PKCS7 *p7 = NULL;
+ BIO *in = NULL;
+
+ store = get_part_contents(msgno, section);
+
+ if(store){
+ if(store->src == CharStar){
+ int len;
+
+ /*
+ * We're reaching inside the STORE_S structure. We should
+ * probably have a way to get the length, instead.
+ */
+ len = (int) (store->eod - store->dp);
+ in = BIO_new_mem_buf(store->txt, len);
+ }
+ else{ /* just copy it */
+ unsigned char c;
+
+ in = BIO_new(BIO_s_mem());
+ (void) BIO_reset(in);
+
+ so_seek(store, 0L, 0);
+ while(so_readc(&c, store)){
+ BIO_write(in, &c, 1);
+ }
+ }
+
+ if(in){
+/* dump_bio_to_file(in, "/tmp/decoded-signature"); */
+ if((p7=d2i_PKCS7_bio(in,NULL)) == NULL){
+ /* error */
+ }
+
+ BIO_free(in);
+ }
+
+ so_give(&store);
+ }
+
+ return p7;
+}
+
+
+/*
+ * Try to verify a signature.
+ *
+ * p7 - the pkcs7 object to verify
+ * in - the plain data to verify (NULL if not detached)
+ * out - BIO to which to write the opaque data
+ */
+static int
+do_signature_verify(PKCS7 *p7, BIO *in, BIO *out)
+{
+ STACK_OF(X509) *otherCerts = NULL;
+ int result;
+ const char *data;
+ long err;
+
+#if 0
+ dump_bio_to_file(in,"/tmp/verified-data");
+#endif
+
+ if(!s_cert_store){
+ q_status_message(SM_ORDER | SM_DING, 2, 2,
+ _("Couldn't verify S/MIME signature: No CA Certs were loaded"));
+
+ return -1;
+ }
+
+ result = PKCS7_verify(p7, otherCerts, s_cert_store, in, out, 0);
+
+ if(result){
+ q_status_message(SM_ORDER, 1, 1, _("S/MIME signature verified ok"));
+ }
+ else{
+ err = ERR_peek_error_line_data(NULL, NULL, &data, NULL);
+
+ if(out && err==ERR_PACK(ERR_LIB_PKCS7,PKCS7_F_PKCS7_VERIFY,PKCS7_R_CERTIFICATE_VERIFY_ERROR)){
+
+ /* Retry verification so we can get the plain text */
+ /* Might be better to reimplement PKCS7_verify here? */
+
+ PKCS7_verify(p7, otherCerts, s_cert_store, in, out, PKCS7_NOVERIFY);
+ }
+
+ q_status_message1(SM_ORDER | SM_DING, 3, 3,
+ _("Couldn't verify S/MIME signature: %s"), (char*) openssl_error_string());
+ }
+
+ /* now try to extract the certificates of any signers */
+ {
+ STACK_OF(X509) *signers;
+ int i;
+
+ signers = PKCS7_get0_signers(p7, NULL, 0);
+
+ if(signers)
+ for(i=0; i<sk_X509_num(signers); i++){
+ char *email;
+ X509 *x = sk_X509_value(signers,i);
+ X509 *cert;
+
+ if(!x)
+ continue;
+
+ email = get_x509_subject_email(x);
+
+ if(email){
+ cert = get_cert_for(email);
+ if(cert)
+ X509_free(cert);
+ else
+ save_cert_for(email, x);
+
+ fs_give((void**) &email);
+ }
+ }
+
+ sk_X509_free(signers);
+ }
+
+ return result;
+}
+
+
+void
+free_smime_body_sparep(void **sparep)
+{
+ if(sparep && *sparep){
+ PKCS7_free((PKCS7 *) (*sparep));
+ *sparep = NULL;
+ }
+}
+
+
+/*
+ * Given a multipart body of type multipart/signed, attempt to verify it.
+ * Returns non-zero if the body was changed.
+ */
+static int
+do_detached_signature_verify(BODY *b, long msgno, char *section)
+{
+ PKCS7 *p7 = NULL;
+ BIO *in = NULL;
+ PART *p;
+ int result, modified_the_body = 0;
+ char newSec[100];
+ char *what_we_did;
+
+ dprint((9, "do_detached_signature_verify(msgno=%ld type=%d subtype=%s section=%s)", msgno, b->type, b->subtype ? b->subtype : "NULL", (section && *section) ? section : (section != NULL) ? "Top" : "NULL"));
+ smime_init();
+
+ snprintf(newSec, sizeof(newSec), "%s%s1", section ? section : "", (section && *section) ? "." : "");
+ in = raw_part_to_bio(msgno, newSec);
+
+ if(in){
+
+ snprintf(newSec, sizeof(newSec), "%s%s2", section ? section : "", (section && *section) ? "." : "");
+ p7 = get_pkcs7_from_part(msgno, newSec);
+
+ if(!p7)
+ goto end;
+
+ result = do_signature_verify(p7, in, NULL);
+
+ if(b->subtype)
+ fs_give((void**) &b->subtype);
+
+ b->subtype = cpystr(OUR_PKCS7_ENCLOSURE_SUBTYPE);
+ b->encoding = ENC8BIT;
+
+ if(b->description)
+ fs_give ((void**) &b->description);
+
+ what_we_did = result ? _("This message was cryptographically signed.") :
+ _("This message was cryptographically signed but the signature could not be verified.");
+
+ b->description = cpystr(what_we_did);
+
+ b->sparep = p7;
+ p7 = NULL;
+
+ p = b->nested.part;
+
+ /* p is signed plaintext */
+ if(p && p->next)
+ mail_free_body_part(&p->next); /* hide the pkcs7 from the viewer */
+
+ BIO_free(in);
+
+ modified_the_body = 1;
+ }
+
+end:
+ PKCS7_free(p7);
+
+ return modified_the_body;
+}
+
+
+PERSONAL_CERT *
+find_certificate_matching_recip_info(PKCS7_RECIP_INFO *ri)
+{
+ PERSONAL_CERT *x = NULL;
+
+ if(ps_global->smime){
+ for(x = (PERSONAL_CERT *) ps_global->smime->personal_certs; x; x=x->next){
+ X509 *mine;
+
+ mine = x->cert;
+
+ if(!X509_NAME_cmp(ri->issuer_and_serial->issuer,mine->cert_info->issuer) &&
+ !ASN1_INTEGER_cmp(ri->issuer_and_serial->serial,mine->cert_info->serialNumber)){
+ break;
+ }
+ }
+ }
+
+ return x;
+}
+
+
+static PERSONAL_CERT *
+find_certificate_matching_pkcs7(PKCS7 *p7)
+{
+ int i;
+ STACK_OF(PKCS7_RECIP_INFO) *recips;
+ PERSONAL_CERT *x = NULL;
+
+ recips = p7->d.enveloped->recipientinfo;
+
+ for(i=0; i<sk_PKCS7_RECIP_INFO_num(recips); i++){
+ PKCS7_RECIP_INFO *ri;
+
+ ri = sk_PKCS7_RECIP_INFO_value(recips, i);
+
+ if((x=find_certificate_matching_recip_info(ri))!=0){
+ break;
+ }
+ }
+
+ return x;
+}
+
+/* decrypt an encrypted file.
+ Args: fp - the path to the encrypted file.
+ rv - a code that thells the caller what happened inside the function
+ Returns the decoded text allocated in a char *, whose memory must be
+ freed by caller
+ */
+
+char *
+decrypt_file(char *fp, int *rv)
+{
+ PKCS7 *p7 = NULL;
+ char *text, *tmp;
+ BIO *in = NULL, *out = NULL;
+ EVP_PKEY *pkey = NULL, *key = NULL;
+ PERSONAL_CERT *pcert = NULL;
+ X509 *recip, *cert;
+ STORE_S *outs = NULL, *store, *ins;
+ int i, j;
+ long unsigned int len;
+ void *ret;
+
+ smime_init();
+
+ if((text = read_file(fp, 0)) == NULL)
+ return NULL;
+
+ tmp = fs_get(strlen(text) + (strlen(text) << 6) + 1);
+ for(j = 0, i = strlen("-----BEGIN PKCS7-----") + 1; text[i] != '\0'
+ && text[i] != '-'; j++, i++)
+ tmp[j] = text[i];
+ tmp[j] = '\0';
+
+ ret = rfc822_base64(tmp, strlen(tmp), &len);
+
+ if((in = BIO_new_mem_buf((char *)ret, len)) != NULL){
+ p7 = d2i_PKCS7_bio(in, NULL);
+ BIO_free(in);
+ }
+
+ if(text) fs_give((void **)&text);
+ if(ret) fs_give((void **)&ret);
+
+ if((pcert = ps_global->smime->personal_certs) == NULL)
+ goto end;
+
+ if((i = load_private_key(pcert)) == 0
+ && ps_global->smime
+ && ps_global->smime->need_passphrase
+ && !ps_global->smime->already_auto_asked)
+ for(; i == 0;){
+ ps_global->smime->already_auto_asked = 1;
+ if(pith_opt_smime_get_passphrase){
+ switch((*pith_opt_smime_get_passphrase)()){
+ case 0 : i = load_private_key(pcert);
+ break;
+
+ case 1 : i = -1;
+ break;
+
+ default: break; /* repeat until we cancel */
+ }
+ }
+ else
+ i = -2;
+ }
+
+ if(rv) *rv = i;
+
+ if((key = pcert->key) == NULL)
+ goto end;
+
+ recip = get_cert_for(pcert->name);
+ out = BIO_new(BIO_s_mem());
+ (void) BIO_reset(out);
+
+ i = PKCS7_decrypt(p7, key, recip, out, 0);
+
+ if(F_OFF(F_REMEMBER_SMIME_PASSPHRASE,ps_global))
+ forget_private_keys();
+
+ if(i == 0){
+ q_status_message1(SM_ORDER, 1, 1, _("Error decrypting: %s"),
+ (char*) openssl_error_string());
+ goto end;
+ }
+
+ BIO_get_mem_data(out, &tmp);
+
+ text = cpystr(tmp);
+ BIO_free(out);
+
+end:
+ PKCS7_free(p7);
+
+ return text;
+}
+
+/*
+ * Try to decode (decrypt or verify a signature) a PKCS7 body
+ * Returns non-zero if something was changed.
+ */
+static int
+do_decoding(BODY *b, long msgno, const char *section)
+{
+ int modified_the_body = 0;
+ BIO *out = NULL;
+ PKCS7 *p7 = NULL;
+ X509 *recip = NULL;
+ EVP_PKEY *key = NULL;
+ PERSONAL_CERT *pcert = NULL;
+ char *what_we_did = "";
+ char null[1];
+
+ dprint((9, "do_decoding(msgno=%ld type=%d subtype=%s section=%s)", msgno, b->type, b->subtype ? b->subtype : "NULL", (section && *section) ? section : (section != NULL) ? "Top" : "NULL"));
+ null[0] = '\0';
+ smime_init();
+
+ /*
+ * Extract binary data from part to an in-memory store
+ */
+
+ if(b->sparep){ /* already done */
+ p7 = (PKCS7*) b->sparep;
+ }
+ else{
+
+ p7 = get_pkcs7_from_part(msgno, section && *section ? section : "1");
+ if(!p7){
+ q_status_message1(SM_ORDER, 2, 2, "Couldn't load PKCS7 object: %s",
+ (char*) openssl_error_string());
+ goto end;
+ }
+
+ /*
+ * Save the PKCS7 object for later dealings by the user interface.
+ * It will be cleaned up when the body is garbage collected.
+ */
+ b->sparep = p7;
+ }
+
+ if(PKCS7_type_is_signed(p7)){
+ int sigok;
+
+ out = BIO_new(BIO_s_mem());
+ (void) BIO_reset(out);
+ BIO_puts(out, "MIME-Version: 1.0\r\n"); /* needed so rfc822_parse_msg_full believes it's MIME */
+
+ sigok = do_signature_verify(p7, NULL, out);
+
+ /* shouldn't really duplicate these messages */
+ what_we_did = sigok ? _("This message was cryptographically signed.") :
+ _("This message was cryptographically signed but the signature could not be verified.");
+
+ /* make sure it's null terminated */
+ BIO_write(out, null, 1);
+ }
+ else if(!PKCS7_type_is_enveloped(p7)){
+ q_status_message(SM_ORDER, 1, 1, "PKCS7 object not recognised.");
+ goto end;
+ }
+ else{ /* It *is* enveloped */
+ int decrypt_result;
+
+ what_we_did = _("This message was encrypted.");
+
+ /* now need to find a cert that can decrypt this */
+ pcert = find_certificate_matching_pkcs7(p7);
+
+ if(!pcert){
+ q_status_message(SM_ORDER, 3, 3, _("Couldn't find the certificate needed to decrypt."));
+ goto end;
+ }
+
+ recip = pcert->cert;
+
+ if(!load_private_key(pcert)
+ && ps_global->smime
+ && ps_global->smime->need_passphrase
+ && !ps_global->smime->already_auto_asked){
+ /* Couldn't load key with blank password, ask user */
+ ps_global->smime->already_auto_asked = 1;
+ if(pith_opt_smime_get_passphrase){
+ (*pith_opt_smime_get_passphrase)();
+ load_private_key(pcert);
+ }
+ }
+
+ key = pcert->key;
+ if(!key)
+ goto end;
+
+ out = BIO_new(BIO_s_mem());
+ (void) BIO_reset(out);
+ BIO_puts(out, "MIME-Version: 1.0\r\n");
+
+ decrypt_result = PKCS7_decrypt(p7, key, recip, out, 0);
+
+ if(F_OFF(F_REMEMBER_SMIME_PASSPHRASE,ps_global))
+ forget_private_keys();
+
+ if(!decrypt_result){
+ q_status_message1(SM_ORDER, 1, 1, _("Error decrypting: %s"),
+ (char*) openssl_error_string());
+ goto end;
+ }
+
+ BIO_write(out, null, 1);
+ }
+
+ /*
+ * We've now produced a flattened MIME object in BIO out.
+ * It needs to be turned back into a BODY.
+ */
+
+ if(out){
+ BODY *body;
+ ENVELOPE *env;
+ char *h = NULL;
+ char *bstart;
+ STRING s;
+ BUF_MEM *bptr = NULL;
+
+ BIO_get_mem_ptr(out, &bptr);
+ if(bptr)
+ h = bptr->data;
+
+ /* look for start of body */
+ bstart = strstr(h, "\r\n\r\n");
+
+ if(!bstart){
+ q_status_message(SM_ORDER, 3, 3, _("Encrypted data couldn't be parsed."));
+ }
+ else{
+ bstart += 4; /* skip over CRLF*2 */
+
+ INIT(&s, mail_string, bstart, strlen(bstart));
+ rfc822_parse_msg_full(&env, &body, h, bstart-h-2, &s, BADHOST, 0, 0);
+ mail_free_envelope(&env); /* Don't care about this */
+
+ /*
+ * Now convert original body (application/pkcs7-mime)
+ * to a multipart body with one sub-part (the decrypted body).
+ * Note that the sub-part may also be multipart!
+ */
+
+ b->type = TYPEMULTIPART;
+ if(b->subtype)
+ fs_give((void**) &b->subtype);
+
+ /*
+ * This subtype is used in mailview.c to annotate the display of
+ * encrypted or signed messages. We know for sure then that it's a PKCS7
+ * part because the sparep field is set to the PKCS7 object (see above).
+ */
+ b->subtype = cpystr(OUR_PKCS7_ENCLOSURE_SUBTYPE);
+ b->encoding = ENC8BIT;
+
+ if(b->description)
+ fs_give((void**) &b->description);
+
+ b->description = cpystr(what_we_did);
+
+ if(b->disposition.type)
+ fs_give((void **) &b->disposition.type);
+
+ if(b->contents.text.data)
+ fs_give((void **) &b->contents.text.data);
+
+ if(b->parameter)
+ mail_free_body_parameter(&b->parameter);
+
+ /* Allocate mem for the sub-part, and copy over the contents of our parsed body */
+ b->nested.part = fs_get(sizeof(PART));
+ b->nested.part->body = *body;
+ b->nested.part->next = NULL;
+
+ fs_give((void**) &body);
+
+ /*
+ * IMPORTANT BIT: set the body->contents.text.data elements to contain the decrypted
+ * data. Otherwise, it'll try to load it from the original data. Eek.
+ */
+ create_local_cache(bstart, &b->nested.part->body);
+
+ modified_the_body = 1;
+ }
+ }
+
+end:
+ if(out)
+ BIO_free(out);
+
+ return modified_the_body;
+}
+
+
+/*
+ * Recursively handle PKCS7 bodies in our message.
+ *
+ * Returns non-zero if some fiddling was done.
+ */
+static int
+do_fiddle_smime_message(BODY *b, long msgno, char *section)
+{
+ int modified_the_body = 0;
+
+ if(!b)
+ return 0;
+
+ dprint((9, "do_fiddle_smime_message(msgno=%ld type=%d subtype=%s section=%s)", msgno, b->type, b->subtype ? b->subtype : "NULL", (section && *section) ? section : (section != NULL) ? "Top" : "NULL"));
+
+ if(is_pkcs7_body(b)){
+
+ if(do_decoding(b, msgno, section)){
+ /*
+ * b should now be a multipart message:
+ * fiddle it too in case it's been multiply-encrypted!
+ */
+
+ /* fallthru */
+ modified_the_body = 1;
+ }
+ }
+
+ if(b->type==TYPEMULTIPART || MIME_MSG(b->type, b->subtype)){
+
+ PART *p;
+ int partNum;
+ char newSec[100];
+
+ if(MIME_MULT_SIGNED(b->type, b->subtype)){
+
+
+ /*
+ * Ahah. We have a multipart signed entity.
+ *
+ * Multipart/signed
+ * part 1 (signed thing)
+ * part 2 (the pkcs7 signature)
+ *
+ * We're going to convert that to
+ *
+ * Multipart/OUR_PKCS7_ENCLOSURE_SUBTYPE
+ * part 1 (signed thing)
+ * part 2 has been freed
+ *
+ * We also extract the signature from part 2 and save it
+ * in the multipart body->sparep, and we add a description
+ * in the multipart body->description.
+ *
+ *
+ * The results of a decrypted message will be similar. It
+ * will be
+ *
+ * Multipart/OUR_PKCS7_ENCLOSURE_SUBTYPE
+ * part 1 (decrypted thing)
+ */
+
+ modified_the_body += do_detached_signature_verify(b, msgno, section);
+ }
+ else if(MIME_MSG(b->type, b->subtype)){
+ modified_the_body += do_fiddle_smime_message(b->nested.msg->body, msgno, section);
+ }
+ else{
+
+ for(p=b->nested.part,partNum=1; p; p=p->next,partNum++){
+
+ /* Append part number to the section string */
+
+ snprintf(newSec, sizeof(newSec), "%s%s%d", section, *section ? "." : "", partNum);
+
+ modified_the_body += do_fiddle_smime_message(&p->body, msgno, newSec);
+ }
+ }
+ }
+
+ return modified_the_body;
+}
+
+
+/*
+ * Fiddle a message in-place by decrypting/verifying S/MIME entities.
+ * Returns non-zero if something was changed.
+ */
+int
+fiddle_smime_message(BODY *b, long msgno)
+{
+ return do_fiddle_smime_message(b, msgno, "");
+}
+
+
+/********************************************************************************/
+
+
+/*
+ * Output a string in a distinctive style
+ */
+void
+gf_puts_uline(char *txt, gf_io_t pc)
+{
+ pc(TAG_EMBED); pc(TAG_BOLDON);
+ gf_puts(txt, pc);
+ pc(TAG_EMBED); pc(TAG_BOLDOFF);
+}
+
+
+/*
+ * Sign a message. Called from call_mailer in send.c.
+ *
+ * This takes the header for the outgoing message as well as a pointer
+ * to the current body (which may be reallocated).
+ */
+int
+sign_outgoing_message(METAENV *header, BODY **bodyP, int dont_detach)
+{
+ STORE_S *outs = NULL;
+ BODY *body = *bodyP;
+ BODY *newBody = NULL;
+ PART *p1 = NULL;
+ PART *p2 = NULL;
+ PERSONAL_CERT *pcert;
+ BIO *in = NULL;
+ BIO *out = NULL;
+ PKCS7 *p7 = NULL;
+ int result = 0;
+ int flags = dont_detach ? 0 : PKCS7_DETACHED;
+
+ dprint((9, "sign_outgoing_message()"));
+
+ smime_init();
+
+ /* Look for a private key matching the sender address... */
+
+ pcert = match_personal_cert(header->env);
+
+ if(!pcert){
+ q_status_message(SM_ORDER, 3, 3, _("Couldn't find the certificate needed to sign."));
+ goto end;
+ }
+
+ if(!load_private_key(pcert) && ps_global->smime && ps_global->smime->need_passphrase){
+ /* Couldn't load key with blank password, try again */
+ if(pith_opt_smime_get_passphrase){
+ (*pith_opt_smime_get_passphrase)();
+ load_private_key(pcert);
+ }
+ }
+
+ if(!pcert->key)
+ goto end;
+
+ in = body_to_bio(body);
+
+#ifdef notdef
+ dump_bio_to_file(in,"/tmp/signed-data");
+#endif
+
+ p7 = PKCS7_sign(pcert->cert, pcert->key, NULL, in, flags);
+
+ if(F_OFF(F_REMEMBER_SMIME_PASSPHRASE,ps_global))
+ forget_private_keys();
+
+ if(!p7){
+ q_status_message(SM_ORDER, 1, 1, _("Error creating signed object."));
+ goto end;
+ }
+
+ outs = so_get(BioType, NULL, EDIT_ACCESS);
+ out = bio_from_store(outs);
+
+ i2d_PKCS7_bio(out, p7);
+ (void) BIO_flush(out);
+
+ so_seek(outs, 0, SEEK_SET);
+
+ if((flags&PKCS7_DETACHED)==0){
+
+ /* the simple case: the signed data is in the pkcs7 object */
+
+ newBody = mail_newbody();
+
+ setup_pkcs7_body_for_signature(newBody, "S/MIME Cryptographically Signed Message", "pkcs7-mime", "smime.p7m");
+
+ newBody->contents.text.data = (unsigned char *) outs;
+ *bodyP = newBody;
+
+ result = 1;
+ }
+ else{
+
+ /*
+ * OK.
+ * We have to create a new body as follows:
+ *
+ * multipart/signed; blah blah blah
+ * reference to existing body
+ *
+ * pkcs7 object
+ */
+
+ newBody = mail_newbody();
+
+ newBody->type = TYPEMULTIPART;
+ newBody->subtype = cpystr("signed");
+ newBody->encoding = ENC7BIT;
+
+ set_parameter(&newBody->parameter, "protocol", "application/pkcs7-signature");
+ set_parameter(&newBody->parameter, "micalg", "sha1");
+
+ p1 = mail_newbody_part();
+ p2 = mail_newbody_part();
+
+ /*
+ * This is nasty. We're just copying the body in here,
+ * but since our newBody is freed at the end of call_mailer,
+ * we mustn't let this body (the original one) be freed twice.
+ */
+ p1->body = *body; /* ARRGH. This is special cased at the end of call_mailer */
+
+ p1->next = p2;
+
+ setup_pkcs7_body_for_signature(&p2->body, "S/MIME Cryptographic Signature", "pkcs7-signature", "smime.p7s");
+ p2->body.contents.text.data = (unsigned char *) outs;
+
+ newBody->nested.part = p1;
+
+ *bodyP = newBody;
+
+ result = 1;
+ }
+
+end:
+
+ PKCS7_free(p7);
+ BIO_free(in);
+
+ dprint((9, "sign_outgoing_message returns %d", result));
+ return result;
+}
+
+
+SMIME_STUFF_S *
+new_smime_struct(void)
+{
+ SMIME_STUFF_S *ret = NULL;
+
+ ret = (SMIME_STUFF_S *) fs_get(sizeof(*ret));
+ memset((void *) ret, 0, sizeof(*ret));
+ ret->publictype = Nada;
+
+ return ret;
+}
+
+
+static void
+free_smime_struct(SMIME_STUFF_S **smime)
+{
+ if(smime && *smime){
+ if((*smime)->passphrase_emailaddr)
+ fs_give((void **) &(*smime)->passphrase_emailaddr);
+
+ if((*smime)->publicpath)
+ fs_give((void **) &(*smime)->publicpath);
+
+ if((*smime)->publiccertlist)
+ free_certlist(&(*smime)->publiccertlist);
+
+ if((*smime)->publiccontent)
+ fs_give((void **) &(*smime)->publiccontent);
+
+ if((*smime)->privatepath)
+ fs_give((void **) &(*smime)->privatepath);
+
+ if((*smime)->personal_certs){
+ PERSONAL_CERT *pc;
+
+ pc = (PERSONAL_CERT *) (*smime)->personal_certs;
+ free_personal_certs(&pc);
+ (*smime)->personal_certs = NULL;
+ }
+
+ if((*smime)->privatecontent)
+ fs_give((void **) &(*smime)->privatecontent);
+
+ if((*smime)->capath)
+ fs_give((void **) &(*smime)->capath);
+
+ if((*smime)->cacontent)
+ fs_give((void **) &(*smime)->cacontent);
+
+ fs_give((void **) smime);
+ }
+}
+
+#endif /* SMIME */
generated by cgit v1.2.3-54-g00ecf (git 2.44.0) at 2024-07-01 07:18:15 +0000