3 +-------------------------------------------------------------------------+
4 | Engine of the Enigma Plugin |
6 | This program is free software; you can redistribute it and/or modify |
7 | it under the terms of the GNU General Public License version 2 |
8 | as published by the Free Software Foundation. |
10 | This program is distributed in the hope that it will be useful, |
11 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
13 | GNU General Public License for more details. |
15 | You should have received a copy of the GNU General Public License along |
16 | with this program; if not, write to the Free Software Foundation, Inc., |
17 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
19 +-------------------------------------------------------------------------+
20 | Author: Aleksander Machniak <alec@alec.pl> |
21 +-------------------------------------------------------------------------+
26 RFC2440: OpenPGP Message Format
27 RFC3156: MIME Security with OpenPGP
36 private $smime_driver;
38 public $decryptions = array();
39 public $signatures = array();
40 public $signed_parts = array();
44 * Plugin initialization.
46 function __construct($enigma)
48 $rcmail = rcmail::get_instance();
50 $this->enigma = $enigma;
54 * PGP driver initialization.
56 function load_pgp_driver()
58 if ($this->pgp_driver)
61 $driver = 'enigma_driver_' . $this->rc->config->get('enigma_pgp_driver', 'gnupg');
62 $username = $this->rc->user->get_username();
65 $this->pgp_driver = new $driver($username);
67 if (!$this->pgp_driver) {
69 'code' => 600, 'type' => 'php',
70 'file' => __FILE__, 'line' => __LINE__,
71 'message' => "Enigma plugin: Unable to load PGP driver: $driver"
76 $result = $this->pgp_driver->init();
78 if ($result instanceof enigma_error) {
80 'code' => 600, 'type' => 'php',
81 'file' => __FILE__, 'line' => __LINE__,
82 'message' => "Enigma plugin: ".$result->getMessage()
88 * S/MIME driver initialization.
90 function load_smime_driver()
92 if ($this->smime_driver)
98 $driver = 'enigma_driver_' . $this->rc->config->get('enigma_smime_driver', 'phpssl');
99 $username = $this->rc->user->get_username();
102 $this->smime_driver = new $driver($username);
104 if (!$this->smime_driver) {
106 'code' => 600, 'type' => 'php',
107 'file' => __FILE__, 'line' => __LINE__,
108 'message' => "Enigma plugin: Unable to load S/MIME driver: $driver"
113 $result = $this->smime_driver->init();
115 if ($result instanceof enigma_error) {
117 'code' => 600, 'type' => 'php',
118 'file' => __FILE__, 'line' => __LINE__,
119 'message' => "Enigma plugin: ".$result->getMessage()
125 * Handler for plain/text message.
127 * @param array Reference to hook's parameters
129 function parse_plain(&$p)
131 $part = $p['structure'];
133 // Get message body from IMAP server
134 $this->set_part_body($part, $p['object']->uid);
136 // @TODO: big message body can be a file resource
137 // PGP signed message
138 if (preg_match('/^-----BEGIN PGP SIGNED MESSAGE-----/', $part->body)) {
139 $this->parse_plain_signed($p);
141 // PGP encrypted message
142 else if (preg_match('/^-----BEGIN PGP MESSAGE-----/', $part->body)) {
143 $this->parse_plain_encrypted($p);
148 * Handler for multipart/signed message.
150 * @param array Reference to hook's parameters
152 function parse_signed(&$p)
154 $struct = $p['structure'];
157 if ($struct->parts[1] && $struct->parts[1]->mimetype == 'application/pkcs7-signature') {
158 $this->parse_smime_signed($p);
161 // The multipart/signed body MUST consist of exactly two parts.
162 // The first part contains the signed data in MIME canonical format,
163 // including a set of appropriate content headers describing the data.
164 // The second body MUST contain the PGP digital signature. It MUST be
165 // labeled with a content type of "application/pgp-signature".
166 else if ($struct->parts[1] && $struct->parts[1]->mimetype == 'application/pgp-signature') {
167 $this->parse_pgp_signed($p);
172 * Handler for multipart/encrypted message.
174 * @param array Reference to hook's parameters
176 function parse_encrypted(&$p)
178 $struct = $p['structure'];
181 if ($struct->mimetype == 'application/pkcs7-mime') {
182 $this->parse_smime_encrypted($p);
185 // The multipart/encrypted MUST consist of exactly two parts. The first
186 // MIME body part must have a content type of "application/pgp-encrypted".
187 // This body contains the control information.
188 // The second MIME body part MUST contain the actual encrypted data. It
189 // must be labeled with a content type of "application/octet-stream".
190 else if ($struct->parts[0] && $struct->parts[0]->mimetype == 'application/pgp-encrypted' &&
191 $struct->parts[1] && $struct->parts[1]->mimetype == 'application/octet-stream'
193 $this->parse_pgp_encrypted($p);
198 * Handler for plain signed message.
199 * Excludes message and signature bodies and verifies signature.
201 * @param array Reference to hook's parameters
203 private function parse_plain_signed(&$p)
205 $this->load_pgp_driver();
206 $part = $p['structure'];
209 if ($this->rc->action == 'show' || $this->rc->action == 'preview') {
210 $sig = $this->pgp_verify($part->body);
213 // @TODO: Handle big bodies using (temp) files
215 // In this way we can use fgets on string as on file handle
216 $fh = fopen('php://memory', 'br+');
217 // @TODO: fopen/fwrite errors handling
219 fwrite($fh, $part->body);
224 // Extract body (and signature?)
226 $line = fgets($fh, 1024);
228 if ($part->body === null)
230 else if (preg_match('/^-----BEGIN PGP SIGNATURE-----/', $line))
233 $part->body .= $line;
236 // Remove "Hash" Armor Headers
237 $part->body = preg_replace('/^.*\r*\n\r*\n/', '', $part->body);
238 // de-Dash-Escape (RFC2440)
239 $part->body = preg_replace('/(^|\n)- -/', '\\1-', $part->body);
241 // Store signature data for display
243 $this->signed_parts[$part->mime_id] = $part->mime_id;
244 $this->signatures[$part->mime_id] = $sig;
251 * Handler for PGP/MIME signed message.
252 * Verifies signature.
254 * @param array Reference to hook's parameters
256 private function parse_pgp_signed(&$p)
258 $this->load_pgp_driver();
259 $struct = $p['structure'];
262 if ($this->rc->action == 'show' || $this->rc->action == 'preview') {
263 $msg_part = $struct->parts[0];
264 $sig_part = $struct->parts[1];
267 $this->set_part_body($msg_part, $p['object']->uid);
268 $this->set_part_body($sig_part, $p['object']->uid);
271 $sig = $this->pgp_verify($msg_part->body, $sig_part->body);
273 // Store signature data for display
274 $this->signatures[$struct->mime_id] = $sig;
276 // Message can be multipart (assign signature to each subpart)
277 if (!empty($msg_part->parts)) {
278 foreach ($msg_part->parts as $part)
279 $this->signed_parts[$part->mime_id] = $struct->mime_id;
282 $this->signed_parts[$msg_part->mime_id] = $struct->mime_id;
284 // Remove signature file from attachments list
285 unset($struct->parts[1]);
290 * Handler for S/MIME signed message.
291 * Verifies signature.
293 * @param array Reference to hook's parameters
295 private function parse_smime_signed(&$p)
297 $this->load_smime_driver();
301 * Handler for plain encrypted message.
303 * @param array Reference to hook's parameters
305 private function parse_plain_encrypted(&$p)
307 $this->load_pgp_driver();
308 $part = $p['structure'];
311 $this->set_part_body($part, $p['object']->uid);
314 $result = $this->pgp_decrypt($part->body);
316 // Store decryption status
317 $this->decryptions[$part->mime_id] = $result;
319 // Parse decrypted message
320 if ($result === true) {
326 * Handler for PGP/MIME encrypted message.
328 * @param array Reference to hook's parameters
330 private function parse_pgp_encrypted(&$p)
332 $this->load_pgp_driver();
333 $struct = $p['structure'];
334 $part = $struct->parts[1];
337 $this->set_part_body($part, $p['object']->uid);
340 $result = $this->pgp_decrypt($part->body);
342 $this->decryptions[$part->mime_id] = $result;
344 // Parse decrypted message
345 if ($result === true) {
349 // Make sure decryption status message will be displayed
350 $part->type = 'content';
351 $p['object']->parts[] = $part;
356 * Handler for S/MIME encrypted message.
358 * @param array Reference to hook's parameters
360 private function parse_smime_encrypted(&$p)
362 $this->load_smime_driver();
366 * PGP signature verification.
368 * @param mixed Message body
369 * @param mixed Signature body (for MIME messages)
371 * @return mixed enigma_signature or enigma_error
373 private function pgp_verify(&$msg_body, $sig_body=null)
375 // @TODO: Handle big bodies using (temp) files
376 // @TODO: caching of verification result
378 $sig = $this->pgp_driver->verify($msg_body, $sig_body);
380 if (($sig instanceof enigma_error) && $sig->getCode() != enigma_error::E_KEYNOTFOUND)
382 'code' => 600, 'type' => 'php',
383 'file' => __FILE__, 'line' => __LINE__,
384 'message' => "Enigma plugin: " . $error->getMessage()
392 * PGP message decryption.
394 * @param mixed Message body
396 * @return mixed True or enigma_error
398 private function pgp_decrypt(&$msg_body)
400 // @TODO: Handle big bodies using (temp) files
401 // @TODO: caching of verification result
403 $result = $this->pgp_driver->decrypt($msg_body, $key, $pass);
407 if ($result instanceof enigma_error) {
408 $err_code = $result->getCode();
409 if (!in_array($err_code, array(enigma_error::E_KEYNOTFOUND, enigma_error::E_BADPASS)))
411 'code' => 600, 'type' => 'php',
412 'file' => __FILE__, 'line' => __LINE__,
413 'message' => "Enigma plugin: " . $result->getMessage()
418 // $msg_body = $result;
425 * @param mixed Key ID/Name pattern
427 * @return mixed Array of keys or enigma_error
429 function list_keys($pattern='')
431 $this->load_pgp_driver();
432 $result = $this->pgp_driver->list_keys($pattern);
434 if ($result instanceof enigma_error) {
436 'code' => 600, 'type' => 'php',
437 'file' => __FILE__, 'line' => __LINE__,
438 'message' => "Enigma plugin: " . $result->getMessage()
448 * @param mixed Key ID
450 * @return mixed enigma_key or enigma_error
452 function get_key($keyid)
454 $this->load_pgp_driver();
455 $result = $this->pgp_driver->get_key($keyid);
457 if ($result instanceof enigma_error) {
459 'code' => 600, 'type' => 'php',
460 'file' => __FILE__, 'line' => __LINE__,
461 'message' => "Enigma plugin: " . $result->getMessage()
469 * PGP keys/certs importing.
471 * @param mixed Import file name or content
472 * @param boolean True if first argument is a filename
474 * @return mixed Import status data array or enigma_error
476 function import_key($content, $isfile=false)
478 $this->load_pgp_driver();
479 $result = $this->pgp_driver->import($content, $isfile);
481 if ($result instanceof enigma_error) {
483 'code' => 600, 'type' => 'php',
484 'file' => __FILE__, 'line' => __LINE__,
485 'message' => "Enigma plugin: " . $result->getMessage()
489 $result['imported'] = $result['public_imported'] + $result['private_imported'];
490 $result['unchanged'] = $result['public_unchanged'] + $result['private_unchanged'];
497 * Handler for keys/certs import request action
499 function import_file()
501 $uid = get_input_value('_uid', RCUBE_INPUT_POST);
502 $mbox = get_input_value('_mbox', RCUBE_INPUT_POST);
503 $mime_id = get_input_value('_part', RCUBE_INPUT_POST);
505 if ($uid && $mime_id) {
506 $part = $this->rc->imap->get_message_part($uid, $mime_id);
509 if ($part && is_array($result = $this->import_key($part))) {
510 $this->rc->output->show_message('enigma.keysimportsuccess', 'confirmation',
511 array('new' => $result['imported'], 'old' => $result['unchanged']));
514 $this->rc->output->show_message('enigma.keysimportfailed', 'error');
516 $this->rc->output->send();
520 * Checks if specified message part contains body data.
521 * If body is not set it will be fetched from IMAP server.
523 * @param rcube_message_part Message part object
524 * @param integer Message UID
526 private function set_part_body($part, $uid)
528 // @TODO: Create such function in core
529 // @TODO: Handle big bodies using file handles
530 if (!isset($part->body)) {
531 $part->body = $this->rc->imap->get_message_part(
532 $uid, $part->mime_id, $part);
537 * Adds CSS style file to the page header.
539 private function add_css()
541 $skin = $this->rc->config->get('skin');
542 if (!file_exists($this->home . "/skins/$skin/enigma.css"))
545 $this->include_stylesheet("skins/$skin/enigma.css");