1 /**
2 * @file
3 * Wrapper around crypto functions
4 *
5 * @authors
6 * Copyright (C) 2003 Werner Koch <wk@gnupg.org>
7 * Copyright (C) 2004 g10 Code GmbH
8 * Copyright (C) 2019 Pietro Cerutti <gahr@gahr.ch>
9 *
10 * @copyright
11 * This program is free software: you can redistribute it and/or modify it under
12 * the terms of the GNU General Public License as published by the Free Software
13 * Foundation, either version 2 of the License, or (at your option) any later
14 * version.
15 *
16 * This program is distributed in the hope that it will be useful, but WITHOUT
17 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
18 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
19 * details.
20 *
21 * You should have received a copy of the GNU General Public License along with
22 * this program. If not, see <http://www.gnu.org/licenses/>.
23 */
24
25 /**
26 * @page crypt_cryptglue Wrapper around crypto functions
27 *
28 * This file dispatches the generic crypto functions to the implemented
29 * backend or provides dummy stubs.
30 *
31 * @note Some generic functions are handled in crypt.c
32 *
33 * @note This file has been changed to make use of the new module system.
34 * Consequently there's a 1:1 mapping between the functions contained in this
35 * file and the functions implemented by the crypto modules.
36 */
37
38 #include "config.h"
39 #include <stdbool.h>
40 #include <stdio.h>
41 #include "mutt/lib.h"
42 #include "core/lib.h"
43 #include "cryptglue.h"
44 #include "lib.h"
45 #include "crypt_mod.h"
46 #ifndef CRYPT_BACKEND_GPGME
47 #include "gui/lib.h"
48 #endif
49 #if defined(CRYPT_BACKEND_GPGME) || defined(USE_AUTOCRYPT)
50 #include "config/lib.h"
51 #endif
52 #ifdef USE_AUTOCRYPT
53 #include "email/lib.h"
54 #include "autocrypt/lib.h"
55 #include "crypt_gpgme.h"
56 #include "options.h"
57 #else
58 struct Envelope;
59 #endif
60
61 struct Address;
62 struct AddressList;
63
64 #ifdef CRYPT_BACKEND_CLASSIC_PGP
65 extern struct CryptModuleSpecs CryptModPgpClassic;
66 #endif
67
68 #ifdef CRYPT_BACKEND_CLASSIC_SMIME
69 extern struct CryptModuleSpecs CryptModSmimeClassic;
70 #endif
71
72 #ifdef CRYPT_BACKEND_GPGME
73 extern struct CryptModuleSpecs CryptModPgpGpgme;
74 extern struct CryptModuleSpecs CryptModSmimeGpgme;
75 #endif
76
77 /* If the crypto module identifier by IDENTIFIER has been registered,
78 * call its function FUNC. Do nothing else. This may be used as an
79 * expression. */
80 #define CRYPT_MOD_CALL_CHECK(identifier, func) \
81 (crypto_module_lookup(APPLICATION_##identifier) && \
82 (crypto_module_lookup(APPLICATION_##identifier))->func)
83
84 /* Call the function FUNC in the crypto module identified by
85 * IDENTIFIER. This may be used as an expression. */
86 #define CRYPT_MOD_CALL(identifier, func) \
87 (*(crypto_module_lookup(APPLICATION_##identifier))->func)
88
89 /**
90 * crypt_init - Initialise the crypto backends
91 *
92 * This calls CryptModuleSpecs::init()
93 */
crypt_init(void)94 void crypt_init(void)
95 {
96 #ifdef CRYPT_BACKEND_GPGME
97 const bool c_crypt_use_gpgme =
98 cs_subset_bool(NeoMutt->sub, "crypt_use_gpgme");
99 #endif
100 #ifdef CRYPT_BACKEND_CLASSIC_PGP
101 if (
102 #ifdef CRYPT_BACKEND_GPGME
103 (!c_crypt_use_gpgme)
104 #else
105 1
106 #endif
107 )
108 crypto_module_register(&CryptModPgpClassic);
109 #endif
110
111 #ifdef CRYPT_BACKEND_CLASSIC_SMIME
112 if (
113 #ifdef CRYPT_BACKEND_GPGME
114 (!c_crypt_use_gpgme)
115 #else
116 1
117 #endif
118 )
119 crypto_module_register(&CryptModSmimeClassic);
120 #endif
121
122 #ifdef CRYPT_BACKEND_GPGME
123 if (c_crypt_use_gpgme)
124 {
125 crypto_module_register(&CryptModPgpGpgme);
126 crypto_module_register(&CryptModSmimeGpgme);
127 }
128 #endif
129
130 #if defined(CRYPT_BACKEND_CLASSIC_PGP) || \
131 defined(CRYPT_BACKEND_CLASSIC_SMIME) || defined(CRYPT_BACKEND_GPGME)
132 if (CRYPT_MOD_CALL_CHECK(PGP, init))
133 CRYPT_MOD_CALL(PGP, init)();
134
135 if (CRYPT_MOD_CALL_CHECK(SMIME, init))
136 CRYPT_MOD_CALL(SMIME, init)();
137 #endif
138 }
139
140 /**
141 * crypt_cleanup - Clean up backend
142 */
crypt_cleanup(void)143 void crypt_cleanup(void)
144 {
145 if (CRYPT_MOD_CALL_CHECK(PGP, cleanup))
146 (CRYPT_MOD_CALL(PGP, cleanup))();
147
148 if (CRYPT_MOD_CALL_CHECK(SMIME, cleanup))
149 (CRYPT_MOD_CALL(SMIME, cleanup))();
150 }
151
152 /**
153 * crypt_invoke_message - Display an informative message
154 * @param type Crypto type, see #SecurityFlags
155 *
156 * Show a message that a backend will be invoked.
157 */
crypt_invoke_message(SecurityFlags type)158 void crypt_invoke_message(SecurityFlags type)
159 {
160 if (((WithCrypto & APPLICATION_PGP) != 0) && (type & APPLICATION_PGP))
161 mutt_message(_("Invoking PGP..."));
162 else if (((WithCrypto & APPLICATION_SMIME) != 0) && (type & APPLICATION_SMIME))
163 mutt_message(_("Invoking S/MIME..."));
164 }
165
166 /**
167 * crypt_has_module_backend - Is there a crypto backend for a given type?
168 * @param type Crypto type, see #SecurityFlags
169 * @retval true Backend is present
170 * @retval false Backend is not present
171 */
crypt_has_module_backend(SecurityFlags type)172 bool crypt_has_module_backend(SecurityFlags type)
173 {
174 if (((WithCrypto & APPLICATION_PGP) != 0) && (type & APPLICATION_PGP) &&
175 crypto_module_lookup(APPLICATION_PGP))
176 {
177 return true;
178 }
179
180 if (((WithCrypto & APPLICATION_SMIME) != 0) && (type & APPLICATION_SMIME) &&
181 crypto_module_lookup(APPLICATION_SMIME))
182 {
183 return true;
184 }
185
186 return false;
187 }
188
189 /**
190 * crypt_pgp_void_passphrase - Wrapper for CryptModuleSpecs::void_passphrase()
191 */
crypt_pgp_void_passphrase(void)192 void crypt_pgp_void_passphrase(void)
193 {
194 if (CRYPT_MOD_CALL_CHECK(PGP, void_passphrase))
195 CRYPT_MOD_CALL(PGP, void_passphrase)();
196 }
197
198 /**
199 * crypt_pgp_valid_passphrase - Wrapper for CryptModuleSpecs::valid_passphrase()
200 */
crypt_pgp_valid_passphrase(void)201 bool crypt_pgp_valid_passphrase(void)
202 {
203 if (CRYPT_MOD_CALL_CHECK(PGP, valid_passphrase))
204 return CRYPT_MOD_CALL(PGP, valid_passphrase)();
205
206 return false;
207 }
208
209 /**
210 * crypt_pgp_decrypt_mime - Wrapper for CryptModuleSpecs::decrypt_mime()
211 */
crypt_pgp_decrypt_mime(FILE * fp_in,FILE ** fp_out,struct Body * b,struct Body ** cur)212 int crypt_pgp_decrypt_mime(FILE *fp_in, FILE **fp_out, struct Body *b, struct Body **cur)
213 {
214 #ifdef USE_AUTOCRYPT
215 const bool c_autocrypt = cs_subset_bool(NeoMutt->sub, "autocrypt");
216 if (c_autocrypt)
217 {
218 OptAutocryptGpgme = true;
219 int result = pgp_gpgme_decrypt_mime(fp_in, fp_out, b, cur);
220 OptAutocryptGpgme = false;
221 if (result == 0)
222 {
223 b->is_autocrypt = true;
224 return result;
225 }
226 }
227 #endif
228
229 if (CRYPT_MOD_CALL_CHECK(PGP, decrypt_mime))
230 return CRYPT_MOD_CALL(PGP, decrypt_mime)(fp_in, fp_out, b, cur);
231
232 return -1;
233 }
234
235 /**
236 * crypt_pgp_application_handler - Wrapper for CryptModuleSpecs::application_handler() - Implements ::handler_t - @ingroup handler_api
237 */
crypt_pgp_application_handler(struct Body * b,struct State * s)238 int crypt_pgp_application_handler(struct Body *b, struct State *s)
239 {
240 if (CRYPT_MOD_CALL_CHECK(PGP, application_handler))
241 return CRYPT_MOD_CALL(PGP, application_handler)(b, s);
242
243 return -1;
244 }
245
246 /**
247 * crypt_pgp_encrypted_handler - Wrapper for CryptModuleSpecs::encrypted_handler() - Implements ::handler_t - @ingroup handler_api
248 */
crypt_pgp_encrypted_handler(struct Body * b,struct State * s)249 int crypt_pgp_encrypted_handler(struct Body *b, struct State *s)
250 {
251 #ifdef USE_AUTOCRYPT
252 const bool c_autocrypt = cs_subset_bool(NeoMutt->sub, "autocrypt");
253 if (c_autocrypt)
254 {
255 OptAutocryptGpgme = true;
256 int result = pgp_gpgme_encrypted_handler(b, s);
257 OptAutocryptGpgme = false;
258 if (result == 0)
259 {
260 b->is_autocrypt = true;
261 return result;
262 }
263 }
264 #endif
265
266 if (CRYPT_MOD_CALL_CHECK(PGP, encrypted_handler))
267 return CRYPT_MOD_CALL(PGP, encrypted_handler)(b, s);
268
269 return -1;
270 }
271
272 /**
273 * crypt_pgp_invoke_getkeys - Wrapper for CryptModuleSpecs::pgp_invoke_getkeys()
274 */
crypt_pgp_invoke_getkeys(struct Address * addr)275 void crypt_pgp_invoke_getkeys(struct Address *addr)
276 {
277 if (CRYPT_MOD_CALL_CHECK(PGP, pgp_invoke_getkeys))
278 CRYPT_MOD_CALL(PGP, pgp_invoke_getkeys)(addr);
279 }
280
281 /**
282 * crypt_pgp_check_traditional - Wrapper for CryptModuleSpecs::pgp_check_traditional()
283 */
crypt_pgp_check_traditional(FILE * fp,struct Body * b,bool just_one)284 bool crypt_pgp_check_traditional(FILE *fp, struct Body *b, bool just_one)
285 {
286 if (CRYPT_MOD_CALL_CHECK(PGP, pgp_check_traditional))
287 return CRYPT_MOD_CALL(PGP, pgp_check_traditional)(fp, b, just_one);
288
289 return false;
290 }
291
292 /**
293 * crypt_pgp_traditional_encryptsign - Wrapper for CryptModuleSpecs::pgp_traditional_encryptsign()
294 */
crypt_pgp_traditional_encryptsign(struct Body * a,SecurityFlags flags,char * keylist)295 struct Body *crypt_pgp_traditional_encryptsign(struct Body *a, SecurityFlags flags, char *keylist)
296 {
297 if (CRYPT_MOD_CALL_CHECK(PGP, pgp_traditional_encryptsign))
298 return CRYPT_MOD_CALL(PGP, pgp_traditional_encryptsign)(a, flags, keylist);
299
300 return NULL;
301 }
302
303 /**
304 * crypt_pgp_make_key_attachment - Wrapper for CryptModuleSpecs::pgp_make_key_attachment()
305 */
crypt_pgp_make_key_attachment(void)306 struct Body *crypt_pgp_make_key_attachment(void)
307 {
308 if (CRYPT_MOD_CALL_CHECK(PGP, pgp_make_key_attachment))
309 return CRYPT_MOD_CALL(PGP, pgp_make_key_attachment)();
310
311 return NULL;
312 }
313
314 /**
315 * crypt_pgp_find_keys - Wrapper for CryptModuleSpecs::find_keys()
316 */
crypt_pgp_find_keys(struct AddressList * addrlist,bool oppenc_mode)317 char *crypt_pgp_find_keys(struct AddressList *addrlist, bool oppenc_mode)
318 {
319 if (CRYPT_MOD_CALL_CHECK(PGP, find_keys))
320 return CRYPT_MOD_CALL(PGP, find_keys)(addrlist, oppenc_mode);
321
322 return NULL;
323 }
324
325 /**
326 * crypt_pgp_sign_message - Wrapper for CryptModuleSpecs::sign_message()
327 */
crypt_pgp_sign_message(struct Body * a,const struct AddressList * from)328 struct Body *crypt_pgp_sign_message(struct Body *a, const struct AddressList *from)
329 {
330 if (CRYPT_MOD_CALL_CHECK(PGP, sign_message))
331 return CRYPT_MOD_CALL(PGP, sign_message)(a, from);
332
333 return NULL;
334 }
335
336 /**
337 * crypt_pgp_encrypt_message - Wrapper for CryptModuleSpecs::pgp_encrypt_message()
338 */
crypt_pgp_encrypt_message(struct Email * e,struct Body * a,char * keylist,int sign,const struct AddressList * from)339 struct Body *crypt_pgp_encrypt_message(struct Email *e, struct Body *a, char *keylist,
340 int sign, const struct AddressList *from)
341 {
342 #ifdef USE_AUTOCRYPT
343 if (e->security & SEC_AUTOCRYPT)
344 {
345 if (mutt_autocrypt_set_sign_as_default_key(e))
346 return NULL;
347
348 OptAutocryptGpgme = true;
349 struct Body *result = pgp_gpgme_encrypt_message(a, keylist, sign, from);
350 OptAutocryptGpgme = false;
351
352 return result;
353 }
354 #endif
355
356 if (CRYPT_MOD_CALL_CHECK(PGP, pgp_encrypt_message))
357 return CRYPT_MOD_CALL(PGP, pgp_encrypt_message)(a, keylist, sign, from);
358
359 return NULL;
360 }
361
362 /**
363 * crypt_pgp_invoke_import - Wrapper for CryptModuleSpecs::pgp_invoke_import()
364 */
crypt_pgp_invoke_import(const char * fname)365 void crypt_pgp_invoke_import(const char *fname)
366 {
367 if (CRYPT_MOD_CALL_CHECK(PGP, pgp_invoke_import))
368 CRYPT_MOD_CALL(PGP, pgp_invoke_import)(fname);
369 }
370
371 /**
372 * crypt_pgp_verify_one - Wrapper for CryptModuleSpecs::verify_one()
373 */
crypt_pgp_verify_one(struct Body * sigbdy,struct State * s,const char * tempf)374 int crypt_pgp_verify_one(struct Body *sigbdy, struct State *s, const char *tempf)
375 {
376 if (CRYPT_MOD_CALL_CHECK(PGP, verify_one))
377 return CRYPT_MOD_CALL(PGP, verify_one)(sigbdy, s, tempf);
378
379 return -1;
380 }
381
382 /**
383 * crypt_pgp_send_menu - Wrapper for CryptModuleSpecs::send_menu()
384 */
crypt_pgp_send_menu(struct Email * e)385 SecurityFlags crypt_pgp_send_menu(struct Email *e)
386 {
387 if (CRYPT_MOD_CALL_CHECK(PGP, send_menu))
388 return CRYPT_MOD_CALL(PGP, send_menu)(e);
389
390 return 0;
391 }
392
393 /**
394 * crypt_pgp_extract_key_from_attachment - Wrapper for CryptModuleSpecs::pgp_extract_key_from_attachment()
395 */
crypt_pgp_extract_key_from_attachment(FILE * fp,struct Body * top)396 void crypt_pgp_extract_key_from_attachment(FILE *fp, struct Body *top)
397 {
398 if (CRYPT_MOD_CALL_CHECK(PGP, pgp_extract_key_from_attachment))
399 CRYPT_MOD_CALL(PGP, pgp_extract_key_from_attachment)(fp, top);
400 }
401
402 /**
403 * crypt_pgp_set_sender - Wrapper for CryptModuleSpecs::set_sender()
404 */
crypt_pgp_set_sender(const char * sender)405 void crypt_pgp_set_sender(const char *sender)
406 {
407 if (CRYPT_MOD_CALL_CHECK(PGP, set_sender))
408 CRYPT_MOD_CALL(PGP, set_sender)(sender);
409 }
410
411 /**
412 * crypt_smime_void_passphrase - Wrapper for CryptModuleSpecs::void_passphrase()
413 */
crypt_smime_void_passphrase(void)414 void crypt_smime_void_passphrase(void)
415 {
416 if (CRYPT_MOD_CALL_CHECK(SMIME, void_passphrase))
417 CRYPT_MOD_CALL(SMIME, void_passphrase)();
418 }
419
420 /**
421 * crypt_smime_valid_passphrase - Wrapper for CryptModuleSpecs::valid_passphrase()
422 */
crypt_smime_valid_passphrase(void)423 bool crypt_smime_valid_passphrase(void)
424 {
425 if (CRYPT_MOD_CALL_CHECK(SMIME, valid_passphrase))
426 return CRYPT_MOD_CALL(SMIME, valid_passphrase)();
427
428 return false;
429 }
430
431 /**
432 * crypt_smime_decrypt_mime - Wrapper for CryptModuleSpecs::decrypt_mime()
433 */
crypt_smime_decrypt_mime(FILE * fp_in,FILE ** fp_out,struct Body * b,struct Body ** cur)434 int crypt_smime_decrypt_mime(FILE *fp_in, FILE **fp_out, struct Body *b, struct Body **cur)
435 {
436 if (CRYPT_MOD_CALL_CHECK(SMIME, decrypt_mime))
437 return CRYPT_MOD_CALL(SMIME, decrypt_mime)(fp_in, fp_out, b, cur);
438
439 return -1;
440 }
441
442 /**
443 * crypt_smime_application_handler - Wrapper for CryptModuleSpecs::application_handler() - Implements ::handler_t - @ingroup handler_api
444 */
crypt_smime_application_handler(struct Body * b,struct State * s)445 int crypt_smime_application_handler(struct Body *b, struct State *s)
446 {
447 if (CRYPT_MOD_CALL_CHECK(SMIME, application_handler))
448 return CRYPT_MOD_CALL(SMIME, application_handler)(b, s);
449
450 return -1;
451 }
452
453 /**
454 * crypt_smime_getkeys - Wrapper for CryptModuleSpecs::smime_getkeys()
455 */
crypt_smime_getkeys(struct Envelope * env)456 void crypt_smime_getkeys(struct Envelope *env)
457 {
458 if (CRYPT_MOD_CALL_CHECK(SMIME, smime_getkeys))
459 CRYPT_MOD_CALL(SMIME, smime_getkeys)(env);
460 }
461
462 /**
463 * crypt_smime_verify_sender - Wrapper for CryptModuleSpecs::smime_verify_sender()
464 */
crypt_smime_verify_sender(struct Email * e,struct Message * msg)465 int crypt_smime_verify_sender(struct Email *e, struct Message *msg)
466 {
467 if (CRYPT_MOD_CALL_CHECK(SMIME, smime_verify_sender))
468 return CRYPT_MOD_CALL(SMIME, smime_verify_sender)(e, msg);
469
470 return 1;
471 }
472
473 /**
474 * crypt_smime_find_keys - Wrapper for CryptModuleSpecs::find_keys()
475 */
crypt_smime_find_keys(struct AddressList * addrlist,bool oppenc_mode)476 char *crypt_smime_find_keys(struct AddressList *addrlist, bool oppenc_mode)
477 {
478 if (CRYPT_MOD_CALL_CHECK(SMIME, find_keys))
479 return CRYPT_MOD_CALL(SMIME, find_keys)(addrlist, oppenc_mode);
480
481 return NULL;
482 }
483
484 /**
485 * crypt_smime_sign_message - Wrapper for CryptModuleSpecs::sign_message()
486 */
crypt_smime_sign_message(struct Body * a,const struct AddressList * from)487 struct Body *crypt_smime_sign_message(struct Body *a, const struct AddressList *from)
488 {
489 if (CRYPT_MOD_CALL_CHECK(SMIME, sign_message))
490 return CRYPT_MOD_CALL(SMIME, sign_message)(a, from);
491
492 return NULL;
493 }
494
495 /**
496 * crypt_smime_build_smime_entity - Wrapper for CryptModuleSpecs::smime_build_smime_entity()
497 */
crypt_smime_build_smime_entity(struct Body * a,char * certlist)498 struct Body *crypt_smime_build_smime_entity(struct Body *a, char *certlist)
499 {
500 if (CRYPT_MOD_CALL_CHECK(SMIME, smime_build_smime_entity))
501 return CRYPT_MOD_CALL(SMIME, smime_build_smime_entity)(a, certlist);
502
503 return NULL;
504 }
505
506 /**
507 * crypt_smime_invoke_import - Wrapper for CryptModuleSpecs::smime_invoke_import()
508 */
crypt_smime_invoke_import(const char * infile,const char * mailbox)509 void crypt_smime_invoke_import(const char *infile, const char *mailbox)
510 {
511 if (CRYPT_MOD_CALL_CHECK(SMIME, smime_invoke_import))
512 CRYPT_MOD_CALL(SMIME, smime_invoke_import)(infile, mailbox);
513 }
514
515 /**
516 * crypt_smime_verify_one - Wrapper for CryptModuleSpecs::verify_one()
517 */
crypt_smime_verify_one(struct Body * sigbdy,struct State * s,const char * tempf)518 int crypt_smime_verify_one(struct Body *sigbdy, struct State *s, const char *tempf)
519 {
520 if (CRYPT_MOD_CALL_CHECK(SMIME, verify_one))
521 return CRYPT_MOD_CALL(SMIME, verify_one)(sigbdy, s, tempf);
522
523 return -1;
524 }
525
526 /**
527 * crypt_smime_send_menu - Wrapper for CryptModuleSpecs::send_menu()
528 */
crypt_smime_send_menu(struct Email * e)529 SecurityFlags crypt_smime_send_menu(struct Email *e)
530 {
531 if (CRYPT_MOD_CALL_CHECK(SMIME, send_menu))
532 return CRYPT_MOD_CALL(SMIME, send_menu)(e);
533
534 return 0;
535 }
536
537 /**
538 * crypt_smime_set_sender - Wrapper for CryptModuleSpecs::set_sender()
539 */
crypt_smime_set_sender(const char * sender)540 void crypt_smime_set_sender(const char *sender)
541 {
542 if (CRYPT_MOD_CALL_CHECK(SMIME, set_sender))
543 CRYPT_MOD_CALL(SMIME, set_sender)(sender);
544 }
545