30 #include <gpg-error.h>
41 #define G_LOG_DOMAIN "util gpgme"
57 log_gpgme (GLogLevelFlags level, gpg_error_t err,
const char *fmt, ...)
62 va_start (arg_ptr, fmt);
63 msg = g_strdup_vprintf (fmt, arg_ptr);
65 if (err && gpg_err_source (err) != GPG_ERR_SOURCE_ANY && gpg_err_source (err))
66 g_log (
G_LOG_DOMAIN, level,
"%s: %s <%s>", msg, gpg_strerror (err),
69 g_log (
G_LOG_DOMAIN, level,
"%s: %s", msg, gpg_strerror (err));
102 gpgme_engine_info_t info;
104 if (!gpgme_check_version (NULL))
106 g_critical (
"gpgme library could not be initialized.");
109 gpgme_set_locale (NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL));
111 gpgme_set_locale (NULL, LC_MESSAGES, setlocale (LC_MESSAGES, NULL));
115 g_message (
"Setting GnuPG dir to '%s'", dir);
118 if (access (dir, F_OK))
120 err = gpg_error_from_syserror ();
124 if (mkdir (dir, 0700) == 0)
127 g_message (
"Created GnuPG dir '%s'", dir);
134 err = gpgme_set_engine_info (GPGME_PROTOCOL_OpenPGP, NULL, dir);
138 log_gpgme (G_LOG_LEVEL_WARNING, err,
"Setting GnuPG dir failed");
143 if (!gpgme_get_engine_info (&info))
145 while (info && info->protocol != GPGME_PROTOCOL_OpenPGP)
151 g_message (
"Using OpenPGP engine version '%s'",
152 info && info->version ? info->version :
"[?]");
161 err = gpgme_new (&ctx);
163 log_gpgme (G_LOG_LEVEL_WARNING, err,
"Creating GPGME context failed");
185 gpgme_data_t key_data;
187 gpgme_data_type_t given_key_type;
188 gpgme_import_result_t import_result;
191 gpgme_data_new_from_mem (
192 &key_data, key_str, (key_len >= 0 ? key_len : (ssize_t) strlen (key_str)),
195 given_key_type = gpgme_data_identify (key_data, 0);
197 if (given_key_type == GPGME_DATA_TYPE_INVALID)
200 g_warning (
"%s: key_str is invalid", __FUNCTION__);
205 for (index = 0; index < key_types->len; index++)
207 if (g_array_index (key_types, gpgme_data_type_t, index)
212 if (index >= key_types->len)
215 GString *expected_buffer = g_string_new (
"");
216 for (index = 0; index < key_types->len; index++)
219 g_string_append (expected_buffer,
" or ");
220 g_string_append_printf (expected_buffer,
222 g_array_index (key_types,
226 g_warning (
"%s: key_str is not the expected type: "
227 " expected: %s, got %d",
228 __FUNCTION__, expected_buffer->str, given_key_type);
229 g_string_free (expected_buffer, TRUE);
235 gpgme_data_release (key_data);
239 err = gpgme_op_import (ctx, key_data);
240 gpgme_data_release (key_data);
243 g_warning (
"%s: Import failed: %s", __FUNCTION__, gpgme_strerror (err));
247 import_result = gpgme_op_import_result (ctx);
248 g_debug (
"%s: %d imported, %d not imported", __FUNCTION__,
249 import_result->imported, import_result->not_imported);
251 gpgme_import_status_t status;
252 status = import_result->imports;
255 if (status->result != GPG_ERR_NO_ERROR)
256 g_warning (
"%s: '%s' could not be imported: %s", __FUNCTION__,
257 status->fpr, gpgme_strerror (status->result));
259 g_debug (
"%s: Imported '%s'", __FUNCTION__, status->fpr);
261 status = status->next;
264 if (import_result->not_imported)
283 ssize_t key_len, gpgme_data_type_t key_type)
286 GArray *key_types = g_array_sized_new (FALSE,
288 sizeof (gpgme_data_type_t),
290 g_array_insert_val (key_types, 0, key_type);
293 g_array_free (key_types, TRUE);
308 gchar *bracket_email;
310 gboolean recipient_found = FALSE;
312 if (uid_email == NULL)
315 bracket_email = g_strdup_printf (
"<%s>", uid_email);
317 gpgme_op_keylist_start (ctx, NULL, 0);
318 gpgme_op_keylist_next (ctx, &key);
319 while (key && recipient_found == FALSE)
321 if (key->can_encrypt)
323 g_debug (
"%s: key '%s' OK for encryption", __FUNCTION__,
328 while (uid && recipient_found == FALSE)
330 g_debug (
"%s: UID email: %s", __FUNCTION__, uid->email);
332 if (strcmp (uid->email, uid_email) == 0
333 || strstr (uid->email, bracket_email))
335 g_message (
"%s: Found matching UID for %s", __FUNCTION__,
337 recipient_found = TRUE;
344 g_debug (
"%s: key '%s' cannot be used for encryption", __FUNCTION__,
348 if (recipient_found == FALSE)
349 gpgme_op_keylist_next (ctx, &key);
356 g_warning (
"%s: No suitable key found for %s", __FUNCTION__, uid_email);
378 const char *key_str, ssize_t key_len,
379 const char *uid_email, gpgme_protocol_t protocol,
382 char gpg_temp_dir[] =
"/tmp/gvmd-gpg-XXXXXX";
384 gpgme_data_t plain_data, encrypted_data;
386 gpgme_key_t keys[2] = {NULL, NULL};
388 gpgme_encrypt_flags_t encrypt_flags;
389 const char *key_type_str;
391 if (uid_email == NULL || strcmp (uid_email,
"") == 0)
393 g_warning (
"%s: No email address for user identification given",
398 if (protocol == GPGME_PROTOCOL_CMS)
399 key_type_str =
"certificate";
401 key_type_str =
"public key";
404 if (mkdtemp (gpg_temp_dir) == NULL)
406 g_warning (
"%s: mkdtemp failed\n", __FUNCTION__);
412 if (protocol == GPGME_PROTOCOL_CMS)
413 gpgme_set_armor (ctx, 0);
415 gpgme_set_armor (ctx, 1);
417 gpgme_ctx_set_engine_info (ctx, protocol, NULL, gpg_temp_dir);
418 gpgme_set_protocol (ctx, protocol);
419 encrypt_flags = GPGME_ENCRYPT_ALWAYS_TRUST | GPGME_ENCRYPT_NO_COMPRESS;
424 g_warning (
"%s: Import of %s failed", __FUNCTION__, key_type_str);
434 g_warning (
"%s: Could not find %s for encryption", __FUNCTION__,
443 gpgme_data_new_from_stream (&plain_data, plain_file);
444 gpgme_data_new_from_stream (&encrypted_data, encrypted_file);
446 if (protocol == GPGME_PROTOCOL_CMS)
447 gpgme_data_set_encoding (encrypted_data, GPGME_DATA_ENCODING_BASE64);
450 err = gpgme_op_encrypt (ctx, keys, encrypt_flags, plain_data, encrypted_data);
454 g_warning (
"%s: Encryption failed: %s", __FUNCTION__,
455 gpgme_strerror (err));
456 gpgme_data_release (plain_data);
457 gpgme_data_release (encrypted_data);
463 gpgme_data_release (plain_data);
464 gpgme_data_release (encrypted_data);
486 const char *uid_email,
487 const char *public_key_str,
488 ssize_t public_key_len)
491 const gpgme_data_type_t types_ptr[1] = {GPGME_DATA_TYPE_PGP_KEY};
492 GArray *key_types = g_array_new (FALSE, FALSE,
sizeof (gpgme_data_type_t));
494 g_array_append_vals (key_types, types_ptr, 1);
496 plain_file, encrypted_file, public_key_str, public_key_len, uid_email,
497 GPGME_PROTOCOL_OpenPGP, key_types);
498 g_array_free (key_types, TRUE);
518 const char *uid_email,
const char *certificate_str,
519 ssize_t certificate_len)
522 const gpgme_data_type_t types_ptr[2] = {GPGME_DATA_TYPE_X509_CERT,
523 GPGME_DATA_TYPE_CMS_OTHER};
524 GArray *key_types = g_array_new (FALSE, FALSE,
sizeof (gpgme_data_type_t));
526 g_array_append_vals (key_types, types_ptr, 2);
528 plain_file, encrypted_file, certificate_str, certificate_len, uid_email,
529 GPGME_PROTOCOL_CMS, key_types);
530 g_array_free (key_types, TRUE);