[git] GpgOL - branch, async-enc, updated. gpgol-2.0.6-29-g594b9ea
by Andre Heinecke
cvs at cvs.gnupg.org
Wed Feb 14 13:04:33 CET 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG extension for MS Outlook".
The branch, async-enc has been updated
via 594b9eadcc1539e01e5539f51834c085fb477a19 (commit)
via 8adf84384e24e7241068ac4bd3868ac6bc50079e (commit)
via 7e065b097cce4a694e2c59161a2c97040f5d4ba2 (commit)
via 49aa620f7d551976c36d0141fdaeaca5d0e94cd1 (commit)
from 3e1974e6ee4fa457c0953faf5d4770338f8c999a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 594b9eadcc1539e01e5539f51834c085fb477a19
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Wed Feb 14 13:03:28 2018 +0100
Do sign then encrypt for MIME mails again
* src/cryptcontroller.cpp (do_crypto): Do two step dance.
diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp
index 5df1f66..c018f10 100644
--- a/src/cryptcontroller.cpp
+++ b/src/cryptcontroller.cpp
@@ -51,6 +51,11 @@ sink_data_write (sink_t sink, const void *data, size_t datalen)
return 0;
}
+static int
+create_sign_attach (sink_t sink, protocol_t protocol,
+ GpgME::Data &signature,
+ GpgME::Data &signedData,
+ const char *micalg);
/** We have some C Style cruft in here as this was historically how
GpgOL worked directly in the MAPI data objects. To reduce the regression
@@ -494,8 +499,9 @@ CryptController::do_crypto ()
ctx->setTextMode (m_proto == GpgME::OpenPGP);
ctx->setArmor (m_proto == GpgME::OpenPGP);
- if (m_encrypt && m_sign)
+ if (m_encrypt && m_sign && m_inline)
{
+ // Sign encrypt combined
const auto result_pair = ctx->signAndEncrypt (m_recipients,
m_inline ? m_bodyInput : m_input,
m_output,
@@ -516,6 +522,66 @@ CryptController::do_crypto ()
return -2;
}
}
+ else if (m_encrypt && m_sign)
+ {
+ // First sign then encrypt
+ const auto sigResult = ctx->sign (m_input, m_output,
+ GpgME::Detached);
+ if (sigResult.error())
+ {
+ log_error ("%s:%s: Signing error %s.",
+ SRCNAME, __func__, sigResult.error().asString());
+ return -1;
+ }
+ if (sigResult.error().isCanceled())
+ {
+ log_debug ("%s:%s: User cancled",
+ SRCNAME, __func__);
+ return -2;
+ }
+ parse_micalg (sigResult);
+
+ // We now have plaintext in m_input
+ // The detached signature in m_output
+
+ // Set up the sink object to construct the multipart/signed
+ GpgME::Data multipart;
+ struct sink_s sinkmem;
+ sink_t sink = &sinkmem;
+ memset (sink, 0, sizeof *sink);
+ sink->cb_data = &multipart;
+ sink->writefnc = sink_data_write;
+
+ if (create_sign_attach (sink,
+ m_proto == GpgME::CMS ?
+ PROTOCOL_SMIME : PROTOCOL_OPENPGP,
+ m_output, m_input, m_micalg.c_str ()))
+ {
+ TRACEPOINT;
+ return -1;
+ }
+
+ // Now we have the multipart throw away the rest.
+ m_output = GpgME::Data ();
+ m_input = GpgME::Data ();
+ multipart.seek (0, SEEK_SET);
+ const auto encResult = ctx->encrypt (m_recipients, multipart,
+ m_output,
+ GpgME::Context::AlwaysTrust);
+ if (encResult.error())
+ {
+ log_error ("%s:%s: Encryption error %s.",
+ SRCNAME, __func__, encResult.error().asString());
+ return -1;
+ }
+ if (encResult.error().isCanceled())
+ {
+ log_debug ("%s:%s: User cancled",
+ SRCNAME, __func__);
+ return -2;
+ }
+ // Now we have encrypted output just treat it like encrypted.
+ }
else if (m_encrypt)
{
const auto result = ctx->encrypt (m_recipients, m_inline ? m_bodyInput : m_input,
@@ -586,7 +652,7 @@ write_data (sink_t sink, GpgME::Data &data)
return 0;
}
-static int
+int
create_sign_attach (sink_t sink, protocol_t protocol,
GpgME::Data &signature,
GpgME::Data &signedData,
@@ -778,7 +844,6 @@ CryptController::update_mail_mapi ()
int rc = 0;
if (m_sign && m_encrypt)
{
- // FIXME we need some doubling here for S/MIME.
rc = create_encrypt_attach (sink, protocol, m_output);
}
else if (m_encrypt)
commit 8adf84384e24e7241068ac4bd3868ac6bc50079e
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Wed Feb 14 12:42:28 2018 +0100
Take micalg from the created signature
* src/cryptcontroller.cpp (CryptController::parse_micalg): New.
(CryptController::update_mail_mapi): Pass micalg.
(create_sign_attach): Take micalg.
* src/cryptcontroller.h: Update accordingly.
diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp
index cc7b90d..5df1f66 100644
--- a/src/cryptcontroller.cpp
+++ b/src/cryptcontroller.cpp
@@ -551,6 +551,7 @@ CryptController::do_crypto ()
SRCNAME, __func__);
return -2;
}
+ parse_micalg (result);
}
else
{
@@ -588,7 +589,8 @@ write_data (sink_t sink, GpgME::Data &data)
static int
create_sign_attach (sink_t sink, protocol_t protocol,
GpgME::Data &signature,
- GpgME::Data &signedData)
+ GpgME::Data &signedData,
+ const char *micalg)
{
char boundary[BOUNDARYSIZE+1];
char top_header[BOUNDARYSIZE+200];
@@ -598,7 +600,7 @@ create_sign_attach (sink_t sink, protocol_t protocol,
generate_boundary (boundary);
create_top_signing_header (top_header, sizeof top_header,
protocol, 1, boundary,
- protocol == PROTOCOL_SMIME ? "sha1":"pgp-sha1");
+ micalg);
if ((rc = write_string (sink, top_header)))
{
@@ -785,7 +787,7 @@ CryptController::update_mail_mapi ()
}
else if (m_sign)
{
- rc = create_sign_attach (sink, protocol, m_output, m_input);
+ rc = create_sign_attach (sink, protocol, m_output, m_input, m_micalg.c_str ());
}
// Close our attachment
@@ -832,3 +834,38 @@ CryptController::get_inline_data ()
}
return ret;
}
+
+void
+CryptController::parse_micalg (const GpgME::SigningResult &result)
+{
+ if (result.isNull())
+ {
+ TRACEPOINT;
+ return;
+ }
+ const auto signature = result.createdSignature(0);
+ if (signature.isNull())
+ {
+ TRACEPOINT;
+ return;
+ }
+
+ const char *hashAlg = signature.hashAlgorithmAsString ();
+ if (!hashAlg)
+ {
+ TRACEPOINT;
+ return;
+ }
+ if (m_proto == GpgME::OpenPGP)
+ {
+ m_micalg = std::string("pgp-") + hashAlg;
+ }
+ else
+ {
+ m_micalg = hashAlg;
+ }
+ std::transform(m_micalg.begin(), m_micalg.end(), m_micalg.begin(), ::tolower);
+
+ log_debug ("%s:%s: micalg is: '%s'.",
+ SRCNAME, __func__, m_micalg.c_str ());
+}
diff --git a/src/cryptcontroller.h b/src/cryptcontroller.h
index c6d0cbd..1540978 100644
--- a/src/cryptcontroller.h
+++ b/src/cryptcontroller.h
@@ -29,6 +29,11 @@
class Mail;
+namespace GpgME
+{
+ class SigningResult;
+} // namespace GpgME
+
class CryptController
{
public:
@@ -64,9 +69,12 @@ private:
int lookup_fingerprints (const std::string &sigFpr,
const std::vector<std::string> recpFprs);
+ void parse_micalg (const GpgME::SigningResult &sResult);
+
private:
Mail *m_mail;
- GpgME::Data m_input, m_bodyInput, m_smime_intermediate, m_output;
+ GpgME::Data m_input, m_bodyInput, m_signedData, m_output;
+ std::string m_micalg;
bool m_encrypt, m_sign, m_inline, m_crypto_success;
GpgME::Protocol m_proto;
GpgME::Key m_signer_key;
commit 7e065b097cce4a694e2c59161a2c97040f5d4ba2
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Wed Feb 14 12:06:43 2018 +0100
Fix S/MIME Encrypt
* src/cryptcontroller.cpp (create_encrypt_attach): Write binary
as base64.
diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp
index 53aca67..cc7b90d 100644
--- a/src/cryptcontroller.cpp
+++ b/src/cryptcontroller.cpp
@@ -706,7 +706,15 @@ create_encrypt_attach (sink_t sink, protocol_t protocol,
return rc;
}
- rc = write_data (sink, encryptedData);
+ if (protocol == PROTOCOL_OPENPGP)
+ {
+ rc = write_data (sink, encryptedData);
+ }
+ else
+ {
+ const auto encStr = encryptedData.toString();
+ rc = write_b64 (sink, encStr.c_str(), encStr.size());
+ }
if (rc)
{
log_error ("%s:%s: Failed to create top header.",
commit 49aa620f7d551976c36d0141fdaeaca5d0e94cd1
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Wed Feb 14 11:56:03 2018 +0100
Fix S/MIME Signature in new architecture
* src/cryptcontroller.cpp (CryptController::do_crypto):
Set text mode and armor only for PGP
(create_sign_attach): Write signature as base64 for S/MIME.
* src/mimemaker.h, src/mimemaker.cpp (write_b64): Export.
diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp
index 733389f..53aca67 100644
--- a/src/cryptcontroller.cpp
+++ b/src/cryptcontroller.cpp
@@ -491,8 +491,8 @@ CryptController::do_crypto ()
ctx->addSigningKey (m_signer_key);
}
- ctx->setTextMode (true);
- ctx->setArmor (true);
+ ctx->setTextMode (m_proto == GpgME::OpenPGP);
+ ctx->setArmor (m_proto == GpgME::OpenPGP);
if (m_encrypt && m_sign)
{
@@ -659,7 +659,16 @@ create_sign_attach (sink_t sink, protocol_t protocol,
}
// Write the signature data
- if ((rc = write_data (sink, signature)))
+ if (protocol == PROTOCOL_SMIME)
+ {
+ const std::string sigStr = signature.toString();
+ if ((rc = write_b64 (sink, (const void *) sigStr.c_str (), sigStr.size())))
+ {
+ TRACEPOINT;
+ return rc;
+ }
+ }
+ else if ((rc = write_data (sink, signature)))
{
TRACEPOINT;
return rc;
diff --git a/src/mimemaker.cpp b/src/mimemaker.cpp
index 2693f49..449a74e 100644
--- a/src/mimemaker.cpp
+++ b/src/mimemaker.cpp
@@ -318,7 +318,7 @@ write_boundary (sink_t sink, const char *boundary, int lastone)
/* Write DATALEN bytes of DATA to SINK in base64 encoding. This
creates a complete Base64 chunk including the trailing fillers. */
-static int
+int
write_b64 (sink_t sink, const void *data, size_t datalen)
{
int rc;
diff --git a/src/mimemaker.h b/src/mimemaker.h
index 3f29ecc..32415fb 100644
--- a/src/mimemaker.h
+++ b/src/mimemaker.h
@@ -91,6 +91,7 @@ void cancel_mapi_attachment (LPATTACH *attach, sink_t sink);
void create_top_signing_header (char *buffer, size_t buflen, protocol_t protocol,
int first, const char *boundary, const char *micalg);
int write_string (sink_t sink, const char *text);
+int write_b64 (sink_t sink, const void *data, size_t datalen);
#ifdef __cplusplus
}
-----------------------------------------------------------------------
Summary of changes:
src/cryptcontroller.cpp | 139 ++++++++++++++++++++++++++++++++++++++++++++----
src/cryptcontroller.h | 10 +++-
src/mimemaker.cpp | 2 +-
src/mimemaker.h | 1 +
4 files changed, 140 insertions(+), 12 deletions(-)
hooks/post-receive
--
GnuPG extension for MS Outlook
http://git.gnupg.org
More information about the Gnupg-commits
mailing list