Page Menu
Home
Phorge
Search
Configure Global Search
Log In
Files
F2529087
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Flag For Later
Award Token
Size
137 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/plugins/enigma/README b/plugins/enigma/README
index 0566069ff..2ccd0474f 100644
--- a/plugins/enigma/README
+++ b/plugins/enigma/README
@@ -1,66 +1,63 @@
Enigma Plugin for Roundcube
This plugin adds support for viewing and sending of signed and encrypted
messages in PGP (RFC 2440) and PGP/MIME (RFC 3156) format.
The plugin uses gpg binary on the server and stores all keys
(including private keys of the users) on the server.
Encryption/decryption is done server-side. So, this plugin
is for users that trust the server.
WARNING! The plugin is in very early state. See below for a list
of missing features and known issues.
Implemented features:
---------------------
+ PGP: signatures verification
+ PGP: messages decryption
+ PGP: Sending of encrypted/signed messages
+ PGP: keys management UI (keys import and delete)
+ Handling of PGP keys attached to incoming messages
+ User preferences to disable plugin features
TODO (must have):
-----------------
- Keys export to file
-- Disable Reply/Forward options when viewing encrypted messages
- until they are decrypted successfully
-- Handling of replying/forwarding of encrypted/signed messages
- Client-side keys generation (with OpenPGP.js?)
TODO (later):
-------------
- Handling of big messages with temp files
- Server-side keys generation (warning: no-entropy issue, max_execution_time issue)
- Key info in contact details page (optional)
- Extended key management:
- disable,
- revoke,
- change expiration date, change passphrase, add photo,
- manage user IDs
- Generate revocation certs
- Search filter to see invalid/expired keys
- Key server(s) support (search, import, upload, refresh)
- Attaching public keys to email
- Mark keys as trusted/untrasted, display appropriate message in verify/decrypt status
- Change attachment icon on messages list for encrypted messages (like vcard_attachment plugin does)
- Support for multi-server installations (store keys in sql database?)
- Per-Identity settings (including keys/certs)
- Performance improvements:
- cache decrypted message key id so we can skip decryption if we have no password in session
- cache (last or successful only?) sig verification status to not verify on every msg preview (optional)
- S/MIME: Certs generation
- S/MIME: Certs management
- S/MIME: signed messages verification
- S/MIME: encrypted messages decryption
- S/MIME: Sending signed/encrypted messages
- S/MIME: Handling of certs attached to incoming messages
- S/MIME: Certificate info in Contacts details page (optional)
Known issues:
-------------
1. There are Crypt_GPG issues when using gnupg >= 2.0
- http://pear.php.net/bugs/bug.php?id=19914
- http://pear.php.net/bugs/bug.php?id=20453
- http://pear.php.net/bugs/bug.php?id=20527
diff --git a/plugins/enigma/enigma.js b/plugins/enigma/enigma.js
index 4048d8d85..21551e38e 100644
--- a/plugins/enigma/enigma.js
+++ b/plugins/enigma/enigma.js
@@ -1,386 +1,389 @@
/* Enigma Plugin */
window.rcmail && rcmail.addEventListener('init', function(evt) {
if (rcmail.env.task == 'settings') {
rcmail.register_command('plugin.enigma', function() { rcmail.goto_url('plugin.enigma') }, true);
rcmail.register_command('plugin.enigma-key-import', function() { rcmail.enigma_key_import() }, true);
// rcmail.register_command('plugin.enigma-key-export', function() { rcmail.enigma_key_export() }, true);
rcmail.register_command('plugin.enigma-key-delete', function(props) { return rcmail.enigma_key_delete(); });
if (rcmail.gui_objects.keyslist) {
rcmail.keys_list = new rcube_list_widget(rcmail.gui_objects.keyslist,
{multiselect:false, draggable:false, keyboard:false});
rcmail.keys_list
.addEventListener('select', function(o) { rcmail.enigma_keylist_select(o); })
.addEventListener('keypress', function(o) { rcmail.enigma_keylist_keypress(o); })
.init()
.focus();
rcmail.enigma_list();
rcmail.register_command('firstpage', function(props) { return rcmail.enigma_list_page('first'); });
rcmail.register_command('previouspage', function(props) { return rcmail.enigma_list_page('previous'); });
rcmail.register_command('nextpage', function(props) { return rcmail.enigma_list_page('next'); });
rcmail.register_command('lastpage', function(props) { return rcmail.enigma_list_page('last'); });
}
if (rcmail.env.action == 'plugin.enigmakeys') {
rcmail.register_command('search', function(props) {return rcmail.enigma_search(props); }, true);
rcmail.register_command('reset-search', function(props) {return rcmail.enigma_search_reset(props); }, true);
rcmail.register_command('plugin.enigma-import', function() { rcmail.enigma_import(); }, true);
// rcmail.register_command('plugin.enigma-export', function() { rcmail.enigma_export(); }, true);
}
}
else if (rcmail.env.task == 'mail') {
if (rcmail.env.action == 'compose') {
rcmail.addEventListener('beforesend', function(props) { rcmail.enigma_beforesend_handler(props); })
.addEventListener('beforesavedraft', function(props) { rcmail.enigma_beforesavedraft_handler(props); });
$('input,label', $('#enigmamenu')).mouseup(function(e) {
// don't close the menu on mouse click inside
e.stopPropagation();
});
}
- else if (rcmail.env.action == 'show' || rcmail.env.action == 'preview') {
- if (rcmail.env.enigma_password_request) {
- rcmail.enigma_password_request(rcmail.env.enigma_password_request);
- }
+
+ if (rcmail.env.enigma_password_request) {
+ rcmail.enigma_password_request(rcmail.env.enigma_password_request);
}
}
});
/*********************************************************/
/********* Enigma Settings/Keys/Certs UI *********/
/*********************************************************/
// Display key(s) import form
rcube_webmail.prototype.enigma_key_import = function()
{
this.enigma_loadframe('&_action=plugin.enigmakeys&_a=import');
};
// Delete key(s)
rcube_webmail.prototype.enigma_key_delete = function()
{
var keys = this.keys_list.get_selection();
if (!keys.length || !confirm(this.get_label('enigma.keyremoveconfirm')))
return;
var lock = this.display_message(this.get_label('enigma.keyremoving'), 'loading'),
post = {_a: 'delete', _keys: keys};
// send request to server
this.http_post('plugin.enigmakeys', post, lock);
};
// Submit key(s) import form
rcube_webmail.prototype.enigma_import = function()
{
var form, file;
if (form = this.gui_objects.importform) {
file = document.getElementById('rcmimportfile');
if (file && !file.value) {
alert(this.get_label('selectimportfile'));
return;
}
var lock = this.set_busy(true, 'importwait');
form.action = this.add_url(form.action, '_unlock', lock);
form.submit();
this.lock_form(form, true);
}
};
// list row selection handler
rcube_webmail.prototype.enigma_keylist_select = function(list)
{
var id;
if (id = list.get_single_selection())
this.enigma_loadframe('&_action=plugin.enigmakeys&_a=info&_id=' + id);
this.enable_command('plugin.enigma-key-delete', list.selection.length > 0);
};
rcube_webmail.prototype.enigma_keylist_keypress = function(list)
{
if (list.modkey == CONTROL_KEY)
return;
if (list.key_pressed == list.DELETE_KEY || list.key_pressed == list.BACKSPACE_KEY)
this.command('plugin.enigma-key-delete');
else if (list.key_pressed == 33)
this.command('previouspage');
else if (list.key_pressed == 34)
this.command('nextpage');
};
// load key frame
rcube_webmail.prototype.enigma_loadframe = function(url)
{
var frm, win;
if (this.env.contentframe && window.frames && (frm = window.frames[this.env.contentframe])) {
if (!url && (win = window.frames[this.env.contentframe])) {
if (win.location && win.location.href.indexOf(this.env.blankpage) < 0)
win.location.href = this.env.blankpage;
return;
}
this.set_busy(true);
frm.location.href = this.env.comm_path + '&_framed=1' + url;
}
};
// Search keys/certs
rcube_webmail.prototype.enigma_search = function(props)
{
if (!props && this.gui_objects.qsearchbox)
props = this.gui_objects.qsearchbox.value;
if (props || this.env.search_request) {
var params = {'_a': 'search', '_q': urlencode(props)},
lock = this.set_busy(true, 'searching');
// if (this.gui_objects.search_filter)
// addurl += '&_filter=' + this.gui_objects.search_filter.value;
this.env.current_page = 1;
this.enigma_loadframe();
this.enigma_clear_list();
this.http_post('plugin.enigmakeys', params, lock);
}
return false;
}
// Reset search filter and the list
rcube_webmail.prototype.enigma_search_reset = function(props)
{
var s = this.env.search_request;
this.reset_qsearch();
if (s) {
this.enigma_loadframe();
this.enigma_clear_list();
// refresh the list
this.enigma_list();
}
return false;
}
// Keys/certs listing
rcube_webmail.prototype.enigma_list = function(page)
{
var params = {'_a': 'list'},
lock = this.set_busy(true, 'loading');
this.env.current_page = page ? page : 1;
if (this.env.search_request)
params._q = this.env.search_request;
if (page)
params._p = page;
this.enigma_clear_list();
this.http_post('plugin.enigmakeys', params, lock);
}
// Change list page
rcube_webmail.prototype.enigma_list_page = function(page)
{
if (page == 'next')
page = this.env.current_page + 1;
else if (page == 'last')
page = this.env.pagecount;
else if (page == 'prev' && this.env.current_page > 1)
page = this.env.current_page - 1;
else if (page == 'first' && this.env.current_page > 1)
page = 1;
this.enigma_list(page);
}
// Remove list rows
rcube_webmail.prototype.enigma_clear_list = function()
{
this.enigma_loadframe();
if (this.keys_list)
this.keys_list.clear(true);
}
// Adds a row to the list
rcube_webmail.prototype.enigma_add_list_row = function(r)
{
if (!this.gui_objects.keyslist || !this.keys_list)
return false;
var list = this.keys_list,
tbody = this.gui_objects.keyslist.tBodies[0],
rowcount = tbody.rows.length,
even = rowcount%2,
css_class = 'message'
+ (even ? ' even' : ' odd'),
// for performance use DOM instead of jQuery here
row = document.createElement('tr'),
col = document.createElement('td');
row.id = 'rcmrow' + r.id;
row.className = css_class;
col.innerHTML = r.name;
row.appendChild(col);
list.insert_row(row);
}
/*********************************************************/
/********* Enigma Message methods *********/
/*********************************************************/
// handle message send/save action
rcube_webmail.prototype.enigma_beforesend_handler = function(props)
{
this.env.last_action = 'send';
this.enigma_compose_handler(props);
}
rcube_webmail.prototype.enigma_beforesavedraft_handler = function(props)
{
this.env.last_action = 'savedraft';
this.enigma_compose_handler(props);
}
rcube_webmail.prototype.enigma_compose_handler = function(props)
{
var form = this.gui_objects.messageform;
// copy inputs from enigma menu to the form
$('#enigmamenu input').each(function() {
var id = this.id + '_cpy', input = $('#' + id);
if (!input.length) {
input = $(this).clone();
input.prop({id: id, type: 'hidden'}).appendTo(form);
}
input.val(this.checked ? '1' : '');
});
// disable signing when saving drafts
if (this.env.last_action == 'savedraft') {
$('input[name="_enigma_sign"]', form).val(0);
}
}
// Import attached keys/certs file
rcube_webmail.prototype.enigma_import_attachment = function(mime_id)
{
var lock = this.set_busy(true, 'loading'),
post = {_uid: this.env.uid, _mbox: this.env.mailbox, _part: mime_id};
this.http_post('plugin.enigmaimport', post, lock);
return false;
}
// password request popup
rcube_webmail.prototype.enigma_password_request = function(data)
{
if (!data || !data.keyid) {
return;
}
var ref = this,
msg = this.get_label('enigma.enterkeypass'),
myprompt = $('<div class="prompt">'),
myprompt_content = $('<div class="message">')
.appendTo(myprompt),
myprompt_input = $('<input>').attr({type: 'password', size: 30})
.keypress(function(e) {
if (e.which == 13)
(ref.is_framed() ? window.parent.$ : $)('.ui-dialog-buttonpane button.mainaction:visible').click();
})
.appendTo(myprompt);
data.key = data.keyid;
if (data.keyid.length > 8)
data.keyid = data.keyid.substr(data.keyid.length - 8);
$.each(['keyid', 'user'], function() {
msg = msg.replace('$' + this, data[this]);
});
myprompt_content.text(msg);
this.show_popup_dialog(myprompt, this.get_label('enigma.enterkeypasstitle'),
[{
text: this.get_label('save'),
'class': 'mainaction',
click: function(e) {
e.stopPropagation();
- var jq = ref.is_framed() ? window.parent.$ : $,
- pass = myprompt_input.val();
+ var jq = ref.is_framed() ? window.parent.$ : $;
- if (!pass) {
+ data.password = myprompt_input.val();
+
+ if (!data.password) {
myprompt_input.focus();
return;
}
- ref.enigma_password_submit(data.key, pass);
+ ref.enigma_password_submit(data);
jq(this).remove();
}
},
{
text: this.get_label('cancel'),
click: function(e) {
var jq = ref.is_framed() ? window.parent.$ : $;
e.stopPropagation();
jq(this).remove();
}
}], {width: 400});
if (this.is_framed() && parent.rcmail.message_list) {
// this fixes bug when pressing Enter on "Save" button in the dialog
parent.rcmail.message_list.blur();
}
}
// submit entered password
-rcube_webmail.prototype.enigma_password_submit = function(keyid, password)
+rcube_webmail.prototype.enigma_password_submit = function(data)
{
- if (this.env.action == 'compose') {
- return this.enigma_password_compose_submit(keyid, password);
+ if (this.env.action == 'compose' && !data['compose-init']) {
+ return this.enigma_password_compose_submit(data);
}
+ var lock = this.set_busy(true, 'loading');
+
// message preview
var form = $('<form>').attr({method: 'post', action: location.href, style: 'display:none'})
- .append($('<input>').attr({type: 'hidden', name: '_keyid', value: keyid}))
- .append($('<input>').attr({type: 'hidden', name: '_passwd', value: password}))
+ .append($('<input>').attr({type: 'hidden', name: '_keyid', value: data.key}))
+ .append($('<input>').attr({type: 'hidden', name: '_passwd', value: data.password}))
.append($('<input>').attr({type: 'hidden', name: '_token', value: this.env.request_token}))
+ .append($('<input>').attr({type: 'hidden', name: '_unlock', value: lock}))
.appendTo(document.body);
form.submit();
}
// submit entered password - in mail compose page
-rcube_webmail.prototype.enigma_password_compose_submit = function(keyid, password)
+rcube_webmail.prototype.enigma_password_compose_submit = function(data)
{
var form = this.gui_objects.messageform;
if (!$('input[name="_keyid"]', form).length) {
- $(form).append($('<input>').attr({type: 'hidden', name: '_keyid', value: keyid}))
- .append($('<input>').attr({type: 'hidden', name: '_passwd', value: password}));
+ $(form).append($('<input>').attr({type: 'hidden', name: '_keyid', value: data.key}))
+ .append($('<input>').attr({type: 'hidden', name: '_passwd', value: data.password}));
}
else {
- $('input[name="_keyid"]', form).val(keyid);
- $('input[name="_passwd"]', form).val(password);
+ $('input[name="_keyid"]', form).val(data.key);
+ $('input[name="_passwd"]', form).val(data.password);
}
this.submit_messageform(this.env.last_action == 'savedraft');
}
diff --git a/plugins/enigma/enigma.php b/plugins/enigma/enigma.php
index 3b9aa0bb9..1ac619c62 100644
--- a/plugins/enigma/enigma.php
+++ b/plugins/enigma/enigma.php
@@ -1,451 +1,463 @@
<?php
-/*
+
+/**
+-------------------------------------------------------------------------+
| Enigma Plugin for Roundcube |
| |
| Copyright (C) 2010-2015 The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
+-------------------------------------------------------------------------+
| Author: Aleksander Machniak <alec@alec.pl> |
+-------------------------------------------------------------------------+
*/
-/*
- This class contains only hooks and action handlers.
- Most plugin logic is placed in enigma_engine and enigma_ui classes.
-*/
-
+/**
+ * This class contains only hooks and action handlers.
+ * Most plugin logic is placed in enigma_engine and enigma_ui classes.
+ */
class enigma extends rcube_plugin
{
public $task = 'mail|settings';
public $rc;
public $engine;
public $ui;
- private $env_loaded = false;
+ private $env_loaded = false;
/**
* Plugin initialization.
*/
function init()
{
$this->rc = rcube::get_instance();
if ($this->rc->task == 'mail') {
// message parse/display hooks
$this->add_hook('message_part_structure', array($this, 'part_structure'));
$this->add_hook('message_part_body', array($this, 'part_body'));
$this->add_hook('message_body_prefix', array($this, 'status_message'));
$this->register_action('plugin.enigmaimport', array($this, 'import_file'));
// message displaying
if ($this->rc->action == 'show' || $this->rc->action == 'preview') {
$this->add_hook('message_load', array($this, 'message_load'));
$this->add_hook('template_object_messagebody', array($this, 'message_output'));
}
// message composing
else if ($this->rc->action == 'compose') {
+ $this->add_hook('message_compose_body', array($this, 'message_compose'));
+
$this->load_ui();
$this->ui->init();
}
// message sending (and draft storing)
else if ($this->rc->action == 'send') {
$this->add_hook('message_ready', array($this, 'message_ready'));
}
$this->password_handler();
}
else if ($this->rc->task == 'settings') {
// add hooks for Enigma settings
$this->add_hook('settings_actions', array($this, 'settings_actions'));
$this->add_hook('preferences_sections_list', array($this, 'preferences_sections_list'));
$this->add_hook('preferences_list', array($this, 'preferences_list'));
$this->add_hook('preferences_save', array($this, 'preferences_save'));
// register handler for keys/certs management
$this->register_action('plugin.enigmakeys', array($this, 'preferences_ui'));
// $this->register_action('plugin.enigmacerts', array($this, 'preferences_ui'));
$this->load_ui();
$this->ui->add_css();
}
$this->add_hook('refresh', array($this, 'refresh'));
}
/**
* Plugin environment initialization.
*/
function load_env()
{
if ($this->env_loaded) {
return;
}
$this->env_loaded = true;
// Add include path for Enigma classes and drivers
$include_path = $this->home . '/lib' . PATH_SEPARATOR;
$include_path .= ini_get('include_path');
set_include_path($include_path);
// load the Enigma plugin configuration
$this->load_config();
// include localization (if wasn't included before)
$this->add_texts('localization/');
}
/**
* Plugin UI initialization.
*/
function load_ui($all = false)
{
if (!$this->ui) {
// load config/localization
$this->load_env();
// Load UI
$this->ui = new enigma_ui($this, $this->home);
}
if ($all) {
$this->ui->add_css();
$this->ui->add_js();
}
}
/**
* Plugin engine initialization.
*/
function load_engine()
{
if ($this->engine) {
return $this->engine;
}
// load config/localization
$this->load_env();
return $this->engine = new enigma_engine($this);
}
/**
* Handler for message_part_structure hook.
* Called for every part of the message.
*
* @param array Original parameters
*
* @return array Modified parameters
*/
function part_structure($p)
{
$this->load_engine();
return $this->engine->part_structure($p);
}
/**
* Handler for message_part_body hook.
* Called to get body of a message part.
*
* @param array Original parameters
*
* @return array Modified parameters
*/
function part_body($p)
{
$this->load_engine();
return $this->engine->part_body($p);
}
/**
* Handler for settings_actions hook.
* Adds Enigma settings section into preferences.
*
* @param array Original parameters
*
* @return array Modified parameters
*/
function settings_actions($args)
{
// add labels
$this->add_texts('localization/');
// register as settings action
$args['actions'][] = array(
'action' => 'plugin.enigmakeys',
'class' => 'enigma keys',
'label' => 'enigmakeys',
'title' => 'enigmakeys',
'domain' => 'enigma',
);
/*
$args['actions'][] = array(
'action' => 'plugin.enigmacerts',
'class' => 'enigma certs',
'label' => 'enigmacerts',
'title' => 'enigmacerts',
'domain' => 'enigma',
);
*/
return $args;
}
/**
* Handler for preferences_sections_list hook.
* Adds Encryption settings section into preferences sections list.
*
* @param array Original parameters
*
* @return array Modified parameters
*/
function preferences_sections_list($p)
{
$p['list']['enigma'] = array(
'id' => 'enigma', 'section' => $this->gettext('encryption'),
);
return $p;
}
/**
* Handler for preferences_list hook.
* Adds options blocks into Enigma settings sections in Preferences.
*
* @param array Original parameters
*
* @return array Modified parameters
*/
function preferences_list($p)
{
if ($p['section'] != 'enigma') {
return $p;
}
$no_override = array_flip((array)$this->rc->config->get('dont_override'));
$p['blocks']['main']['name'] = $this->gettext('mainoptions');
if (!isset($no_override['enigma_signatures'])) {
if (!$p['current']) {
$p['blocks']['main']['content'] = true;
return $p;
}
$field_id = 'rcmfd_enigma_signatures';
$input = new html_checkbox(array(
'name' => '_enigma_signatures',
'id' => $field_id,
'value' => 1,
));
$p['blocks']['main']['options']['enigma_signatures'] = array(
'title' => html::label($field_id, $this->gettext('supportsignatures')),
'content' => $input->show(intval($this->rc->config->get('enigma_signatures'))),
);
}
if (!isset($no_override['enigma_decryption'])) {
if (!$p['current']) {
$p['blocks']['main']['content'] = true;
return $p;
}
$field_id = 'rcmfd_enigma_decryption';
$input = new html_checkbox(array(
'name' => '_enigma_decryption',
'id' => $field_id,
'value' => 1,
));
$p['blocks']['main']['options']['enigma_decryption'] = array(
'title' => html::label($field_id, $this->gettext('supportdecryption')),
'content' => $input->show(intval($this->rc->config->get('enigma_decryption'))),
);
}
if (!isset($no_override['enigma_sign_all'])) {
if (!$p['current']) {
$p['blocks']['main']['content'] = true;
return $p;
}
$field_id = 'rcmfd_enigma_sign_all';
$input = new html_checkbox(array(
'name' => '_enigma_sign_all',
'id' => $field_id,
'value' => 1,
));
$p['blocks']['main']['options']['enigma_sign_all'] = array(
'title' => html::label($field_id, $this->gettext('signdefault')),
'content' => $input->show($this->rc->config->get('enigma_sign_all') ? 1 : 0),
);
}
if (!isset($no_override['enigma_encrypt_all'])) {
if (!$p['current']) {
$p['blocks']['main']['content'] = true;
return $p;
}
$field_id = 'rcmfd_enigma_encrypt_all';
$input = new html_checkbox(array(
'name' => '_enigma_encrypt_all',
'id' => $field_id,
'value' => 1,
));
$p['blocks']['main']['options']['enigma_encrypt_all'] = array(
'title' => html::label($field_id, $this->gettext('encryptdefault')),
'content' => $input->show($this->rc->config->get('enigma_encrypt_all') ? 1 : 0),
);
}
if (!isset($no_override['enigma_password_time'])) {
if (!$p['current']) {
$p['blocks']['main']['content'] = true;
return $p;
}
$field_id = 'rcmfd_enigma_password_time';
$select = new html_select(array('name' => '_enigma_password_time', 'id' => $field_id));
foreach (array(1, 5, 10, 15, 30) as $m) {
$label = $this->gettext(array('name' => 'nminutes', 'vars' => array('m' => $m)));
$select->add($label, $m);
}
$select->add($this->gettext('wholesession'), 0);
$p['blocks']['main']['options']['enigma_password_time'] = array(
'title' => html::label($field_id, $this->gettext('passwordtime')),
'content' => $select->show(intval($this->rc->config->get('enigma_password_time'))),
);
}
return $p;
}
/**
* Handler for preferences_save hook.
* Executed on Enigma settings form submit.
*
* @param array Original parameters
*
* @return array Modified parameters
*/
function preferences_save($p)
{
if ($p['section'] == 'enigma') {
$p['prefs'] = array(
'enigma_signatures' => (bool) rcube_utils::get_input_value('_enigma_signatures', rcube_utils::INPUT_POST),
'enigma_decryption' => (bool) rcube_utils::get_input_value('_enigma_decryption', rcube_utils::INPUT_POST),
'enigma_sign_all' => intval(rcube_utils::get_input_value('_enigma_sign_all', rcube_utils::INPUT_POST)),
'enigma_encrypt_all' => intval(rcube_utils::get_input_value('_enigma_encrypt_all', rcube_utils::INPUT_POST)),
'enigma_password_time' => intval(rcube_utils::get_input_value('_enigma_password_time', rcube_utils::INPUT_POST)),
);
}
return $p;
}
/**
* Handler for keys/certs management UI template.
*/
function preferences_ui()
{
$this->load_ui();
$this->ui->init();
}
/**
* Handler for message_body_prefix hook.
* Called for every displayed (content) part of the message.
* Adds infobox about signature verification and/or decryption
* status above the body.
*
* @param array Original parameters
*
* @return array Modified parameters
*/
function status_message($p)
{
$this->load_ui();
return $this->ui->status_message($p);
}
/**
* Handler for message_load hook.
* Check message bodies and attachments for keys/certs.
*/
function message_load($p)
{
$this->load_ui();
return $this->ui->message_load($p);
}
/**
* Handler for template_object_messagebody hook.
* This callback function adds a box below the message content
* if there is a key/cert attachment available
*/
function message_output($p)
{
$this->load_ui();
return $this->ui->message_output($p);
}
/**
* Handler for attached keys/certs import
*/
function import_file()
{
$this->load_engine();
$this->engine->import_file();
}
/**
* Handle password submissions
*/
function password_handler()
{
$this->load_engine();
$this->engine->password_handler();
}
/**
* Handle message_ready hook (encryption/signing)
*/
function message_ready($p)
{
$this->load_ui();
return $this->ui->message_ready($p);
}
+ /**
+ * Handle message_compose_body hook
+ */
+ function message_compose($p)
+ {
+ $this->load_ui();
+
+ return $this->ui->message_compose($p);
+ }
+
/**
* Handler for refresh hook.
*/
function refresh($p)
{
// calling enigma_engine constructor to remove passwords
// stored in session after expiration time
$this->load_engine();
return $p;
}
}
diff --git a/plugins/enigma/lib/enigma_driver.php b/plugins/enigma/lib/enigma_driver.php
index 49208b39d..4c8340e08 100644
--- a/plugins/enigma/lib/enigma_driver.php
+++ b/plugins/enigma/lib/enigma_driver.php
@@ -1,103 +1,103 @@
<?php
-/*
+/**
+-------------------------------------------------------------------------+
| Abstract driver for the Enigma Plugin |
| |
| Copyright (C) 2010-2015 The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
+-------------------------------------------------------------------------+
| Author: Aleksander Machniak <alec@alec.pl> |
+-------------------------------------------------------------------------+
*/
abstract class enigma_driver
{
/**
* Class constructor.
*
* @param string User name (email address)
*/
abstract function __construct($user);
/**
* Driver initialization.
*
* @return mixed NULL on success, enigma_error on failure
*/
abstract function init();
/**
* Encryption.
*/
abstract function encrypt($text, $keys);
/**
* Decryption..
*
* @param string Encrypted message
* @param array List of key-password mapping
*/
abstract function decrypt($text, $keys = array());
/**
* Signing.
*/
abstract function sign($text, $key, $passwd, $mode = null);
/**
* Signature verification.
*
* @param string Message body
* @param string Signature, if message is of type PGP/MIME and body doesn't contain it
*
* @return mixed Signature information (enigma_signature) or enigma_error
*/
abstract function verify($text, $signature);
/**
* Key/Cert file import.
*
* @param string File name or file content
* @param bollean True if first argument is a filename
*
* @return mixed Import status array or enigma_error
*/
abstract function import($content, $isfile=false);
/**
* Keys listing.
*
* @param string Optional pattern for key ID, user ID or fingerprint
*
* @return mixed Array of enigma_key objects or enigma_error
*/
abstract function list_keys($pattern='');
/**
* Single key information.
*
* @param string Key ID, user ID or fingerprint
*
* @return mixed Key (enigma_key) object or enigma_error
*/
abstract function get_key($keyid);
/**
* Key pair generation.
*
* @param array Key/User data
*
* @return mixed Key (enigma_key) object or enigma_error
*/
abstract function gen_key($data);
/**
* Key deletion.
*/
abstract function delete_key($keyid);
}
diff --git a/plugins/enigma/lib/enigma_driver_gnupg.php b/plugins/enigma/lib/enigma_driver_gnupg.php
index 52a0ad66c..d0b854c21 100644
--- a/plugins/enigma/lib/enigma_driver_gnupg.php
+++ b/plugins/enigma/lib/enigma_driver_gnupg.php
@@ -1,326 +1,327 @@
<?php
-/*
+
+/**
+-------------------------------------------------------------------------+
| GnuPG (PGP) driver for the Enigma Plugin |
| |
| Copyright (C) 2010-2015 The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
+-------------------------------------------------------------------------+
| Author: Aleksander Machniak <alec@alec.pl> |
+-------------------------------------------------------------------------+
*/
require_once 'Crypt/GPG.php';
class enigma_driver_gnupg extends enigma_driver
{
private $rc;
private $gpg;
private $homedir;
private $user;
function __construct($user)
{
$this->rc = rcmail::get_instance();
$this->user = $user;
}
/**
* Driver initialization and environment checking.
* Should only return critical errors.
*
* @return mixed NULL on success, enigma_error on failure
*/
function init()
{
$homedir = $this->rc->config->get('enigma_pgp_homedir', INSTALL_PATH . 'plugins/enigma/home');
if (!$homedir)
return new enigma_error(enigma_error::E_INTERNAL,
"Option 'enigma_pgp_homedir' not specified");
// check if homedir exists (create it if not) and is readable
if (!file_exists($homedir))
return new enigma_error(enigma_error::E_INTERNAL,
"Keys directory doesn't exists: $homedir");
if (!is_writable($homedir))
return new enigma_error(enigma_error::E_INTERNAL,
"Keys directory isn't writeable: $homedir");
$homedir = $homedir . '/' . $this->user;
// check if user's homedir exists (create it if not) and is readable
if (!file_exists($homedir))
mkdir($homedir, 0700);
if (!file_exists($homedir))
return new enigma_error(enigma_error::E_INTERNAL,
"Unable to create keys directory: $homedir");
if (!is_writable($homedir))
return new enigma_error(enigma_error::E_INTERNAL,
"Unable to write to keys directory: $homedir");
$this->homedir = $homedir;
// Create Crypt_GPG object
try {
$this->gpg = new Crypt_GPG(array(
'homedir' => $this->homedir,
// 'binary' => '/usr/bin/gpg2',
// 'debug' => true,
));
}
catch (Exception $e) {
return $this->get_error_from_exception($e);
}
}
/**
* Encrypt a message
*
* @param string The message
* @param array List of keys
*/
function encrypt($text, $keys)
{
try {
foreach ($keys as $key) {
$this->gpg->addEncryptKey($key);
}
$dec = $this->gpg->encrypt($text, true);
return $dec;
}
catch (Exception $e) {
return $this->get_error_from_exception($e);
}
}
/**
* Decrypt a message
*
* @param string Encrypted message
* @param array List of key-password mapping
*/
function decrypt($text, $keys = array())
{
try {
foreach ($keys as $key => $password) {
$this->gpg->addDecryptKey($key, $password);
}
$dec = $this->gpg->decrypt($text);
return $dec;
}
catch (Exception $e) {
return $this->get_error_from_exception($e);
}
}
function sign($text, $key, $passwd, $mode = null)
{
try {
$this->gpg->addSignKey($key, $passwd);
return $this->gpg->sign($text, $mode, CRYPT_GPG::ARMOR_ASCII, true);
}
catch (Exception $e) {
return $this->get_error_from_exception($e);
}
}
function verify($text, $signature)
{
try {
$verified = $this->gpg->verify($text, $signature);
return $this->parse_signature($verified[0]);
}
catch (Exception $e) {
return $this->get_error_from_exception($e);
}
}
public function import($content, $isfile=false)
{
try {
if ($isfile)
return $this->gpg->importKeyFile($content);
else
return $this->gpg->importKey($content);
}
catch (Exception $e) {
return $this->get_error_from_exception($e);
}
}
public function list_keys($pattern='')
{
try {
$keys = $this->gpg->getKeys($pattern);
$result = array();
foreach ($keys as $idx => $key) {
$result[] = $this->parse_key($key);
unset($keys[$idx]);
}
return $result;
}
catch (Exception $e) {
return $this->get_error_from_exception($e);
}
}
public function get_key($keyid)
{
$list = $this->list_keys($keyid);
if (is_array($list))
return array_shift($list);
// error
return $list;
}
public function gen_key($data)
{
}
public function delete_key($keyid)
{
// delete public key
$result = $this->delete_pubkey($keyid);
// if not found, delete private key
if ($result !== true && $result->getCode() == enigma_error::E_KEYNOTFOUND) {
$result = $this->delete_privkey($keyid);
}
return $result;
}
public function delete_privkey($keyid)
{
try {
$this->gpg->deletePrivateKey($keyid);
return true;
}
catch (Exception $e) {
return $this->get_error_from_exception($e);
}
}
public function delete_pubkey($keyid)
{
try {
$this->gpg->deletePublicKey($keyid);
return true;
}
catch (Exception $e) {
return $this->get_error_from_exception($e);
}
}
/**
* Converts Crypt_GPG exception into Enigma's error object
*
* @param mixed Exception object
*
* @return enigma_error Error object
*/
private function get_error_from_exception($e)
{
$data = array();
if ($e instanceof Crypt_GPG_KeyNotFoundException) {
$error = enigma_error::E_KEYNOTFOUND;
$data['id'] = $e->getKeyId();
}
else if ($e instanceof Crypt_GPG_BadPassphraseException) {
$error = enigma_error::E_BADPASS;
$data['bad'] = $e->getBadPassphrases();
$data['missing'] = $e->getMissingPassphrases();
}
else if ($e instanceof Crypt_GPG_NoDataException)
$error = enigma_error::E_NODATA;
else if ($e instanceof Crypt_GPG_DeletePrivateKeyException)
$error = enigma_error::E_DELKEY;
else
$error = enigma_error::E_INTERNAL;
$msg = $e->getMessage();
return new enigma_error($error, $msg, $data);
}
/**
* Converts Crypt_GPG_Signature object into Enigma's signature object
*
* @param Crypt_GPG_Signature Signature object
*
* @return enigma_signature Signature object
*/
private function parse_signature($sig)
{
$user = $sig->getUserId();
$data = new enigma_signature();
$data->id = $sig->getId();
$data->valid = $sig->isValid();
$data->fingerprint = $sig->getKeyFingerprint();
$data->created = $sig->getCreationDate();
$data->expires = $sig->getExpirationDate();
$data->name = $user->getName();
$data->comment = $user->getComment();
$data->email = $user->getEmail();
return $data;
}
/**
* Converts Crypt_GPG_Key object into Enigma's key object
*
* @param Crypt_GPG_Key Key object
*
* @return enigma_key Key object
*/
private function parse_key($key)
{
$ekey = new enigma_key();
foreach ($key->getUserIds() as $idx => $user) {
$id = new enigma_userid();
$id->name = $user->getName();
$id->comment = $user->getComment();
$id->email = $user->getEmail();
$id->valid = $user->isValid();
$id->revoked = $user->isRevoked();
$ekey->users[$idx] = $id;
}
$ekey->name = trim($ekey->users[0]->name . ' <' . $ekey->users[0]->email . '>');
foreach ($key->getSubKeys() as $idx => $subkey) {
$skey = new enigma_subkey();
$skey->id = $subkey->getId();
$skey->revoked = $subkey->isRevoked();
$skey->created = $subkey->getCreationDate();
$skey->expires = $subkey->getExpirationDate();
$skey->fingerprint = $subkey->getFingerprint();
$skey->has_private = $subkey->hasPrivate();
$skey->can_sign = $subkey->canSign();
$skey->can_encrypt = $subkey->canEncrypt();
$ekey->subkeys[$idx] = $skey;
};
$ekey->id = $ekey->subkeys[0]->id;
return $ekey;
}
}
diff --git a/plugins/enigma/lib/enigma_driver_phpssl.php b/plugins/enigma/lib/enigma_driver_phpssl.php
index 0250893d2..a2d73f4cb 100644
--- a/plugins/enigma/lib/enigma_driver_phpssl.php
+++ b/plugins/enigma/lib/enigma_driver_phpssl.php
@@ -1,230 +1,231 @@
<?php
-/*
+
+/**
+-------------------------------------------------------------------------+
| S/MIME driver for the Enigma Plugin |
| |
| Copyright (C) 2010-2015 The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
+-------------------------------------------------------------------------+
| Author: Aleksander Machniak <alec@alec.pl> |
+-------------------------------------------------------------------------+
*/
class enigma_driver_phpssl extends enigma_driver
{
private $rc;
private $homedir;
private $user;
function __construct($user)
{
$rcmail = rcmail::get_instance();
$this->rc = $rcmail;
$this->user = $user;
}
/**
* Driver initialization and environment checking.
* Should only return critical errors.
*
* @return mixed NULL on success, enigma_error on failure
*/
function init()
{
$homedir = $this->rc->config->get('enigma_smime_homedir', INSTALL_PATH . '/plugins/enigma/home');
if (!$homedir)
return new enigma_error(enigma_error::E_INTERNAL,
"Option 'enigma_smime_homedir' not specified");
// check if homedir exists (create it if not) and is readable
if (!file_exists($homedir))
return new enigma_error(enigma_error::E_INTERNAL,
"Keys directory doesn't exists: $homedir");
if (!is_writable($homedir))
return new enigma_error(enigma_error::E_INTERNAL,
"Keys directory isn't writeable: $homedir");
$homedir = $homedir . '/' . $this->user;
// check if user's homedir exists (create it if not) and is readable
if (!file_exists($homedir))
mkdir($homedir, 0700);
if (!file_exists($homedir))
return new enigma_error(enigma_error::E_INTERNAL,
"Unable to create keys directory: $homedir");
if (!is_writable($homedir))
return new enigma_error(enigma_error::E_INTERNAL,
"Unable to write to keys directory: $homedir");
$this->homedir = $homedir;
}
function encrypt($text, $keys)
{
}
function decrypt($text, $keys = array())
{
}
function sign($text, $key, $passwd, $mode = null)
{
}
function verify($struct, $message)
{
// use common temp dir
$temp_dir = $this->rc->config->get('temp_dir');
$msg_file = tempnam($temp_dir, 'rcmMsg');
$cert_file = tempnam($temp_dir, 'rcmCert');
$fh = fopen($msg_file, "w");
if ($struct->mime_id) {
$message->get_part_body($struct->mime_id, false, 0, $fh);
}
else {
$this->rc->storage->get_raw_body($message->uid, $fh);
}
fclose($fh);
// @TODO: use stored certificates
// try with certificate verification
$sig = openssl_pkcs7_verify($msg_file, 0, $cert_file);
$validity = true;
if ($sig !== true) {
// try without certificate verification
$sig = openssl_pkcs7_verify($msg_file, PKCS7_NOVERIFY, $cert_file);
$validity = enigma_error::E_UNVERIFIED;
}
if ($sig === true) {
$sig = $this->parse_sig_cert($cert_file, $validity);
}
else {
$errorstr = $this->get_openssl_error();
$sig = new enigma_error(enigma_error::E_INTERNAL, $errorstr);
}
// remove temp files
@unlink($msg_file);
@unlink($cert_file);
return $sig;
}
public function import($content, $isfile=false)
{
}
public function list_keys($pattern='')
{
}
public function get_key($keyid)
{
}
public function gen_key($data)
{
}
public function delete_key($keyid)
{
}
public function delete_privkey($keyid)
{
}
public function delete_pubkey($keyid)
{
}
/**
* Converts Crypt_GPG_Key object into Enigma's key object
*
* @param Crypt_GPG_Key Key object
*
* @return enigma_key Key object
*/
private function parse_key($key)
{
/*
$ekey = new enigma_key();
foreach ($key->getUserIds() as $idx => $user) {
$id = new enigma_userid();
$id->name = $user->getName();
$id->comment = $user->getComment();
$id->email = $user->getEmail();
$id->valid = $user->isValid();
$id->revoked = $user->isRevoked();
$ekey->users[$idx] = $id;
}
$ekey->name = trim($ekey->users[0]->name . ' <' . $ekey->users[0]->email . '>');
foreach ($key->getSubKeys() as $idx => $subkey) {
$skey = new enigma_subkey();
$skey->id = $subkey->getId();
$skey->revoked = $subkey->isRevoked();
$skey->created = $subkey->getCreationDate();
$skey->expires = $subkey->getExpirationDate();
$skey->fingerprint = $subkey->getFingerprint();
$skey->has_private = $subkey->hasPrivate();
$skey->can_sign = $subkey->canSign();
$skey->can_encrypt = $subkey->canEncrypt();
$ekey->subkeys[$idx] = $skey;
};
$ekey->id = $ekey->subkeys[0]->id;
return $ekey;
*/
}
private function get_openssl_error()
{
$tmp = array();
while ($errorstr = openssl_error_string()) {
$tmp[] = $errorstr;
}
return join("\n", array_values($tmp));
}
private function parse_sig_cert($file, $validity)
{
$cert = openssl_x509_parse(file_get_contents($file));
if (empty($cert) || empty($cert['subject'])) {
$errorstr = $this->get_openssl_error();
return new enigma_error(enigm_error::E_INTERNAL, $errorstr);
}
$data = new enigma_signature();
$data->id = $cert['hash']; //?
$data->valid = $validity;
$data->fingerprint = $cert['serialNumber'];
$data->created = $cert['validFrom_time_t'];
$data->expires = $cert['validTo_time_t'];
$data->name = $cert['subject']['CN'];
// $data->comment = '';
$data->email = $cert['subject']['emailAddress'];
return $data;
}
}
diff --git a/plugins/enigma/lib/enigma_engine.php b/plugins/enigma/lib/enigma_engine.php
index 0111d9388..85c2882d3 100644
--- a/plugins/enigma/lib/enigma_engine.php
+++ b/plugins/enigma/lib/enigma_engine.php
@@ -1,1137 +1,1149 @@
<?php
-/*
+
+/**
+-------------------------------------------------------------------------+
| Engine of the Enigma Plugin |
| |
| Copyright (C) 2010-2015 The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
+-------------------------------------------------------------------------+
| Author: Aleksander Machniak <alec@alec.pl> |
+-------------------------------------------------------------------------+
*/
-/*
- RFC2440: OpenPGP Message Format
- RFC3156: MIME Security with OpenPGP
- RFC3851: S/MIME
-*/
-
+/**
+ * Enigma plugin engine.
+ *
+ * RFC2440: OpenPGP Message Format
+ * RFC3156: MIME Security with OpenPGP
+ * RFC3851: S/MIME
+ */
class enigma_engine
{
private $rc;
private $enigma;
private $pgp_driver;
private $smime_driver;
private $password_time;
public $decryptions = array();
public $signatures = array();
public $signed_parts = array();
public $encrypted_parts = array();
const SIGN_MODE_BODY = 1;
const SIGN_MODE_SEPARATE = 2;
const SIGN_MODE_MIME = 3;
const ENCRYPT_MODE_BODY = 1;
const ENCRYPT_MODE_MIME = 2;
/**
* Plugin initialization.
*/
function __construct($enigma)
{
$this->rc = rcmail::get_instance();
$this->enigma = $enigma;
- $this->password_time = $this->rc->config->get('enigma_password_time');
+ $this->password_time = $this->rc->config->get('enigma_password_time') * 60;
// this will remove passwords from session after some time
if ($this->password_time) {
$this->get_passwords();
}
}
/**
* PGP driver initialization.
*/
function load_pgp_driver()
{
if ($this->pgp_driver) {
return;
}
$driver = 'enigma_driver_' . $this->rc->config->get('enigma_pgp_driver', 'gnupg');
$username = $this->rc->user->get_username();
// Load driver
$this->pgp_driver = new $driver($username);
if (!$this->pgp_driver) {
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Enigma plugin: Unable to load PGP driver: $driver"
), true, true);
}
// Initialise driver
$result = $this->pgp_driver->init();
if ($result instanceof enigma_error) {
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Enigma plugin: ".$result->getMessage()
), true, true);
}
}
/**
* S/MIME driver initialization.
*/
function load_smime_driver()
{
if ($this->smime_driver) {
return;
}
$driver = 'enigma_driver_' . $this->rc->config->get('enigma_smime_driver', 'phpssl');
$username = $this->rc->user->get_username();
// Load driver
$this->smime_driver = new $driver($username);
if (!$this->smime_driver) {
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Enigma plugin: Unable to load S/MIME driver: $driver"
), true, true);
}
// Initialise driver
$result = $this->smime_driver->init();
if ($result instanceof enigma_error) {
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Enigma plugin: ".$result->getMessage()
), true, true);
}
}
/**
* Handler for message signing
*
* @param Mail_mime Original message
* @param int Encryption mode
*
* @return enigma_error On error returns error object
*/
function sign_message(&$message, $mode = null)
{
$mime = new enigma_mime_message($message, enigma_mime_message::PGP_SIGNED);
$from = $mime->getFromAddress();
// find private key
$key = $this->find_key($from, true);
if (empty($key)) {
return new enigma_error(enigma_error::E_KEYNOTFOUND);
}
// check if we have password for this key
$passwords = $this->get_passwords();
$pass = $passwords[$key->id];
if ($pass === null) {
// ask for password
$error = array('missing' => array($key->id => $key->name));
return new enigma_error(enigma_error::E_BADPASS, '', $error);
}
// select mode
switch ($mode) {
case self::SIGN_MODE_BODY:
$pgp_mode = Crypt_GPG::SIGN_MODE_CLEAR;
break;
case self::SIGN_MODE_MIME:
$pgp_mode = Crypt_GPG::SIGN_MODE_DETACHED;
break;
/*
case self::SIGN_MODE_SEPARATE:
$pgp_mode = Crypt_GPG::SIGN_MODE_NORMAL;
break;
*/
default:
if ($mime->isMultipart()) {
$pgp_mode = Crypt_GPG::SIGN_MODE_DETACHED;
}
else {
$pgp_mode = Crypt_GPG::SIGN_MODE_CLEAR;
}
}
// get message body
if ($pgp_mode == Crypt_GPG::SIGN_MODE_CLEAR) {
// in this mode we'll replace text part
// with the one containing signature
$body = $message->getTXTBody();
}
else {
// here we'll build PGP/MIME message
$body = $mime->getOrigBody();
}
// sign the body
$result = $this->pgp_sign($body, $key->id, $pass, $pgp_mode);
if ($result !== true) {
if ($result->getCode() == enigma_error::E_BADPASS) {
// ask for password
$error = array('missing' => array($key->id => $key->name));
return new enigma_error(enigma_error::E_BADPASS, '', $error);
}
return $result;
}
// replace message body
if ($pgp_mode == Crypt_GPG::SIGN_MODE_CLEAR) {
$message->setTXTBody($body);
}
else {
$mime->addPGPSignature($body);
$message = $mime;
}
}
/**
* Handler for message encryption
*
* @param Mail_mime Original message
* @param int Encryption mode
* @param bool Is draft-save action - use only sender's key for encryption
*
* @return enigma_error On error returns error object
*/
function encrypt_message(&$message, $mode = null, $is_draft = false)
{
$mime = new enigma_mime_message($message, enigma_mime_message::PGP_ENCRYPTED);
// always use sender's key
$recipients = array($mime->getFromAddress());
// if it's not a draft we add all recipients' keys
if (!$is_draft) {
$recipients = array_merge($recipients, $mime->getRecipients());
}
if (empty($recipients)) {
return new enigma_error(enigma_error::E_KEYNOTFOUND);
}
$recipients = array_unique($recipients);
// find recipient public keys
foreach ((array) $recipients as $email) {
$key = $this->find_key($email);
if (empty($key)) {
return new enigma_error(enigma_error::E_KEYNOTFOUND, '', array(
'missing' => $email
));
}
$keys[] = $key->id;
}
// select mode
switch ($mode) {
case self::ENCRYPT_MODE_BODY:
$encrypt_mode = $mode;
break;
case self::ENCRYPT_MODE_MIME:
$encrypt_mode = $mode;
break;
default:
$encrypt_mode = $mime->isMultipart() ? self::ENCRYPT_MODE_MIME : self::ENCRYPT_MODE_BODY;
}
// get message body
if ($encrypt_mode == self::ENCRYPT_MODE_BODY) {
// in this mode we'll replace text part
// with the one containing encrypted message
$body = $message->getTXTBody();
}
else {
// here we'll build PGP/MIME message
$body = $mime->getOrigBody();
}
// sign the body
$result = $this->pgp_encrypt($body, $keys);
if ($result !== true) {
return $result;
}
// replace message body
if ($encrypt_mode == self::ENCRYPT_MODE_BODY) {
$message->setTXTBody($body);
}
else {
$mime->setPGPEncryptedBody($body);
$message = $mime;
}
}
/**
* Handler for message_part_structure hook.
* Called for every part of the message.
*
* @param array Original parameters
*
* @return array Modified parameters
*/
function part_structure($p)
{
if ($p['mimetype'] == 'text/plain' || $p['mimetype'] == 'application/pgp') {
$this->parse_plain($p);
}
else if ($p['mimetype'] == 'multipart/signed') {
$this->parse_signed($p);
}
else if ($p['mimetype'] == 'multipart/encrypted') {
$this->parse_encrypted($p);
}
else if ($p['mimetype'] == 'application/pkcs7-mime') {
$this->parse_encrypted($p);
}
return $p;
}
/**
* Handler for message_part_body hook.
*
* @param array Original parameters
*
* @return array Modified parameters
*/
function part_body($p)
{
// encrypted attachment, see parse_plain_encrypted()
if ($p['part']->need_decryption && $p['part']->body === null) {
$this->load_pgp_driver();
$storage = $this->rc->get_storage();
$body = $storage->get_message_part($p['object']->uid, $p['part']->mime_id, $p['part'], null, null, true, 0, false);
$result = $this->pgp_decrypt($body);
// @TODO: what to do on error?
if ($result === true) {
$p['part']->body = $body;
$p['part']->size = strlen($body);
$p['part']->body_modified = true;
}
}
return $p;
}
/**
* Handler for plain/text message.
*
* @param array Reference to hook's parameters
*/
function parse_plain(&$p)
{
$part = $p['structure'];
// exit, if we're already inside a decrypted message
if (in_array($part->mime_id, $this->encrypted_parts)) {
return;
}
// Get message body from IMAP server
$body = $this->get_part_body($p['object'], $part->mime_id);
// @TODO: big message body could be a file resource
// PGP signed message
if (preg_match('/^-----BEGIN PGP SIGNED MESSAGE-----/', $body)) {
$this->parse_plain_signed($p, $body);
}
// PGP encrypted message
else if (preg_match('/^-----BEGIN PGP MESSAGE-----/', $body)) {
$this->parse_plain_encrypted($p, $body);
}
}
/**
* Handler for multipart/signed message.
*
* @param array Reference to hook's parameters
*/
function parse_signed(&$p)
{
$struct = $p['structure'];
// S/MIME
if ($struct->parts[1] && $struct->parts[1]->mimetype == 'application/pkcs7-signature') {
$this->parse_smime_signed($p);
}
// PGP/MIME: RFC3156
// The multipart/signed body MUST consist of exactly two parts.
// The first part contains the signed data in MIME canonical format,
// including a set of appropriate content headers describing the data.
// The second body MUST contain the PGP digital signature. It MUST be
// labeled with a content type of "application/pgp-signature".
else if ($struct->ctype_parameters['protocol'] == 'application/pgp-signature'
&& count($struct->parts) == 2
&& $struct->parts[1] && $struct->parts[1]->mimetype == 'application/pgp-signature'
) {
$this->parse_pgp_signed($p);
}
}
/**
* Handler for multipart/encrypted message.
*
* @param array Reference to hook's parameters
*/
function parse_encrypted(&$p)
{
$struct = $p['structure'];
// S/MIME
if ($struct->mimetype == 'application/pkcs7-mime') {
$this->parse_smime_encrypted($p);
}
// PGP/MIME: RFC3156
// The multipart/encrypted MUST consist of exactly two parts. The first
// MIME body part must have a content type of "application/pgp-encrypted".
// This body contains the control information.
// The second MIME body part MUST contain the actual encrypted data. It
// must be labeled with a content type of "application/octet-stream".
else if ($struct->ctype_parameters['protocol'] == 'application/pgp-encrypted'
&& count($struct->parts) == 2
&& $struct->parts[0] && $struct->parts[0]->mimetype == 'application/pgp-encrypted'
&& $struct->parts[1] && $struct->parts[1]->mimetype == 'application/octet-stream'
) {
$this->parse_pgp_encrypted($p);
}
}
/**
* Handler for plain signed message.
* Excludes message and signature bodies and verifies signature.
*
* @param array Reference to hook's parameters
* @param string Message (part) body
*/
private function parse_plain_signed(&$p, $body)
{
$this->load_pgp_driver();
$part = $p['structure'];
// Verify signature
if ($this->rc->action == 'show' || $this->rc->action == 'preview') {
if ($this->rc->config->get('enigma_signatures', true)) {
$sig = $this->pgp_verify($body);
}
}
// @TODO: Handle big bodies using (temp) files
// In this way we can use fgets on string as on file handle
$fh = fopen('php://memory', 'br+');
// @TODO: fopen/fwrite errors handling
if ($fh) {
fwrite($fh, $body);
rewind($fh);
}
$body = $part->body = null;
$part->body_modified = true;
// Extract body (and signature?)
while (!feof($fh)) {
$line = fgets($fh, 1024);
if ($part->body === null)
$part->body = '';
else if (preg_match('/^-----BEGIN PGP SIGNATURE-----/', $line))
break;
else
$part->body .= $line;
}
// Remove "Hash" Armor Headers
$part->body = preg_replace('/^.*\r*\n\r*\n/', '', $part->body);
// de-Dash-Escape (RFC2440)
$part->body = preg_replace('/(^|\n)- -/', '\\1-', $part->body);
// Store signature data for display
if (!empty($sig)) {
$this->signed_parts[$part->mime_id] = $part->mime_id;
- $this->signatures[$part->mime_id] = $sig;
+ $this->signatures[$part->mime_id] = $sig;
}
fclose($fh);
}
/**
* Handler for PGP/MIME signed message.
* Verifies signature.
*
- * @param array Reference to hook's parameters
+ * @param array Reference to hook's parameters
*/
private function parse_pgp_signed(&$p)
{
if (!$this->rc->config->get('enigma_signatures', true)) {
return;
}
- // Verify signature
- if ($this->rc->action == 'show' || $this->rc->action == 'preview') {
- $this->load_pgp_driver();
- $struct = $p['structure'];
+ if ($this->rc->action != 'show' && $this->rc->action != 'preview') {
+ return;
+ }
- $msg_part = $struct->parts[0];
- $sig_part = $struct->parts[1];
+ $this->load_pgp_driver();
+ $struct = $p['structure'];
- // Get bodies
- // Note: The first part body need to be full part body with headers
- // it also cannot be decoded
- $msg_body = $this->get_part_body($p['object'], $msg_part->mime_id, true);
- $sig_body = $this->get_part_body($p['object'], $sig_part->mime_id);
+ $msg_part = $struct->parts[0];
+ $sig_part = $struct->parts[1];
- // Verify
- $sig = $this->pgp_verify($msg_body, $sig_body);
+ // Get bodies
+ // Note: The first part body need to be full part body with headers
+ // it also cannot be decoded
+ $msg_body = $this->get_part_body($p['object'], $msg_part->mime_id, true);
+ $sig_body = $this->get_part_body($p['object'], $sig_part->mime_id);
- // Store signature data for display
- $this->signatures[$struct->mime_id] = $sig;
+ // Verify
+ $sig = $this->pgp_verify($msg_body, $sig_body);
- // Message can be multipart (assign signature to each subpart)
- if (!empty($msg_part->parts)) {
- foreach ($msg_part->parts as $part)
- $this->signed_parts[$part->mime_id] = $struct->mime_id;
- }
- else {
- $this->signed_parts[$msg_part->mime_id] = $struct->mime_id;
- }
+ // Store signature data for display
+ $this->signatures[$struct->mime_id] = $sig;
+
+ // Message can be multipart (assign signature to each subpart)
+ if (!empty($msg_part->parts)) {
+ foreach ($msg_part->parts as $part)
+ $this->signed_parts[$part->mime_id] = $struct->mime_id;
+ }
+ else {
+ $this->signed_parts[$msg_part->mime_id] = $struct->mime_id;
}
}
/**
* Handler for S/MIME signed message.
* Verifies signature.
*
* @param array Reference to hook's parameters
*/
private function parse_smime_signed(&$p)
{
return; // @TODO
if (!$this->rc->config->get('enigma_signatures', true)) {
return;
}
// Verify signature
if ($this->rc->action == 'show' || $this->rc->action == 'preview') {
$this->load_smime_driver();
$struct = $p['structure'];
$msg_part = $struct->parts[0];
// Verify
$sig = $this->smime_driver->verify($struct, $p['object']);
// Store signature data for display
$this->signatures[$struct->mime_id] = $sig;
// Message can be multipart (assign signature to each subpart)
if (!empty($msg_part->parts)) {
foreach ($msg_part->parts as $part)
$this->signed_parts[$part->mime_id] = $struct->mime_id;
}
else {
$this->signed_parts[$msg_part->mime_id] = $struct->mime_id;
}
}
}
/**
* Handler for plain encrypted message.
*
* @param array Reference to hook's parameters
* @param string Message (part) body
*/
private function parse_plain_encrypted(&$p, $body)
{
if (!$this->rc->config->get('enigma_decryption', true)) {
return;
}
$this->load_pgp_driver();
$part = $p['structure'];
// Decrypt
$result = $this->pgp_decrypt($body);
// Store decryption status
$this->decryptions[$part->mime_id] = $result;
// find parent part ID
if (strpos($part->mime_id, '.')) {
$items = explode('.', $part->mime_id);
array_pop($items);
$parent = implode('.', $items);
}
else {
$parent = 0;
}
// Parse decrypted message
if ($result === true) {
$part->body = $body;
$part->body_modified = true;
// Remember it was decrypted
$this->encrypted_parts[] = $part->mime_id;
// PGP signed inside? verify signature
if (preg_match('/^-----BEGIN PGP SIGNED MESSAGE-----/', $body)) {
$this->parse_plain_signed($p, $body);
}
// Encrypted plain message may contain encrypted attachments
// in such case attachments have .pgp extension and type application/octet-stream.
// This is what happens when you select "Encrypt each attachment separately
// and send the message using inline PGP" in Thunderbird's Enigmail.
if ($p['object']->mime_parts[$parent]) {
foreach ((array)$p['object']->mime_parts[$parent]->parts as $p) {
if ($p->disposition == 'attachment' && $p->mimetype == 'application/octet-stream'
&& preg_match('/^(.*)\.pgp$/i', $p->filename, $m)
) {
// modify filename
$p->filename = $m[1];
// flag the part, it will be decrypted when needed
$p->need_decryption = true;
// disable caching
$p->body_modified = true;
}
}
}
}
// decryption failed, but the message may have already
// been cached with the modified parts (see above),
// let's bring the original state back
else if ($p['object']->mime_parts[$parent]) {
foreach ((array)$p['object']->mime_parts[$parent]->parts as $p) {
if ($p->need_decryption && !preg_match('/^(.*)\.pgp$/i', $p->filename, $m)) {
// modify filename
$p->filename .= '.pgp';
// flag the part, it will be decrypted when needed
unset($p->need_decryption);
}
}
}
}
/**
* Handler for PGP/MIME encrypted message.
*
* @param array Reference to hook's parameters
*/
private function parse_pgp_encrypted(&$p)
{
if (!$this->rc->config->get('enigma_decryption', true)) {
return;
}
$this->load_pgp_driver();
$struct = $p['structure'];
$part = $struct->parts[1];
// Get body
$body = $this->get_part_body($p['object'], $part->mime_id);
// Decrypt
$result = $this->pgp_decrypt($body);
if ($result === true) {
// Parse decrypted message
$struct = $this->parse_body($body);
// Modify original message structure
$this->modify_structure($p, $struct);
// Attach the decryption message to all parts
$this->decryptions[$struct->mime_id] = $result;
foreach ((array) $struct->parts as $sp) {
$this->decryptions[$sp->mime_id] = $result;
}
}
else {
$this->decryptions[$part->mime_id] = $result;
// Make sure decryption status message will be displayed
$part->type = 'content';
$p['object']->parts[] = $part;
}
}
/**
* Handler for S/MIME encrypted message.
*
* @param array Reference to hook's parameters
*/
private function parse_smime_encrypted(&$p)
{
if (!$this->rc->config->get('enigma_decryption', true)) {
return;
}
// $this->load_smime_driver();
}
/**
* PGP signature verification.
*
* @param mixed Message body
* @param mixed Signature body (for MIME messages)
*
* @return mixed enigma_signature or enigma_error
*/
private function pgp_verify(&$msg_body, $sig_body=null)
{
// @TODO: Handle big bodies using (temp) files
$sig = $this->pgp_driver->verify($msg_body, $sig_body);
if (($sig instanceof enigma_error) && $sig->getCode() != enigma_error::E_KEYNOTFOUND)
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Enigma plugin: " . $sig->getMessage()
), true, false);
return $sig;
}
/**
* PGP message decryption.
*
* @param mixed Message body
*
* @return mixed True or enigma_error
*/
private function pgp_decrypt(&$msg_body)
{
// @TODO: Handle big bodies using (temp) files
$keys = $this->get_passwords();
$result = $this->pgp_driver->decrypt($msg_body, $keys);
if ($result instanceof enigma_error) {
$err_code = $result->getCode();
if (!in_array($err_code, array(enigma_error::E_KEYNOTFOUND, enigma_error::E_BADPASS)))
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Enigma plugin: " . $result->getMessage()
), true, false);
return $result;
}
$msg_body = $result;
return true;
}
/**
* PGP message signing
*
* @param mixed Message body
* @param string Key ID
* @param string Key passphrase
* @param int Signing mode
*
* @return mixed True or enigma_error
*/
private function pgp_sign(&$msg_body, $keyid, $password, $mode = null)
{
// @TODO: Handle big bodies using (temp) files
$result = $this->pgp_driver->sign($msg_body, $keyid, $password, $mode);
if ($result instanceof enigma_error) {
$err_code = $result->getCode();
if (!in_array($err_code, array(enigma_error::E_KEYNOTFOUND, enigma_error::E_BADPASS)))
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Enigma plugin: " . $result->getMessage()
), true, false);
return $result;
}
$msg_body = $result;
return true;
}
/**
* PGP message encrypting
*
* @param mixed Message body
* @param array Keys
*
* @return mixed True or enigma_error
*/
private function pgp_encrypt(&$msg_body, $keys)
{
// @TODO: Handle big bodies using (temp) files
$result = $this->pgp_driver->encrypt($msg_body, $keys);
if ($result instanceof enigma_error) {
$err_code = $result->getCode();
if (!in_array($err_code, array(enigma_error::E_KEYNOTFOUND, enigma_error::E_BADPASS)))
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Enigma plugin: " . $result->getMessage()
), true, false);
return $result;
}
$msg_body = $result;
return true;
}
/**
* PGP keys listing.
*
* @param mixed Key ID/Name pattern
*
* @return mixed Array of keys or enigma_error
*/
function list_keys($pattern = '')
{
$this->load_pgp_driver();
$result = $this->pgp_driver->list_keys($pattern);
if ($result instanceof enigma_error) {
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Enigma plugin: " . $result->getMessage()
), true, false);
}
return $result;
}
/**
* Find PGP private/public key
*
* @param string E-mail address
* @param bool Need a key for signing?
*
* @return enigma_key The key
*/
function find_key($email, $can_sign = false)
{
$this->load_pgp_driver();
$result = $this->pgp_driver->list_keys($email);
if ($result instanceof enigma_error) {
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Enigma plugin: " . $result->getMessage()
), true, false);
return;
}
$mode = $can_sign ? enigma_key::CAN_SIGN : enigma_key::CAN_ENCRYPT;
// check key validity and type
foreach ($result as $key) {
if ($keyid = $key->find_subkey($email, $mode)) {
return $key;
}
}
}
/**
* PGP key details.
*
* @param mixed Key ID
*
* @return mixed enigma_key or enigma_error
*/
function get_key($keyid)
{
$this->load_pgp_driver();
$result = $this->pgp_driver->get_key($keyid);
if ($result instanceof enigma_error) {
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Enigma plugin: " . $result->getMessage()
), true, false);
}
return $result;
}
/**
* PGP key delete.
*
* @param string Key ID
*
* @return enigma_error|bool True on success
*/
function delete_key($keyid)
{
$this->load_pgp_driver();
$result = $this->pgp_driver->delete_key($keyid);
if ($result instanceof enigma_error) {
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Enigma plugin: " . $result->getMessage()
), true, false);
}
return $result;
}
/**
* PGP keys/certs importing.
*
* @param mixed Import file name or content
* @param boolean True if first argument is a filename
*
* @return mixed Import status data array or enigma_error
*/
function import_key($content, $isfile=false)
{
$this->load_pgp_driver();
$result = $this->pgp_driver->import($content, $isfile);
if ($result instanceof enigma_error) {
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Enigma plugin: " . $result->getMessage()
), true, false);
}
else {
$result['imported'] = $result['public_imported'] + $result['private_imported'];
$result['unchanged'] = $result['public_unchanged'] + $result['private_unchanged'];
}
return $result;
}
/**
* Handler for keys/certs import request action
*/
function import_file()
{
$uid = rcube_utils::get_input_value('_uid', rcube_utils::INPUT_POST);
$mbox = rcube_utils::get_input_value('_mbox', rcube_utils::INPUT_POST);
$mime_id = rcube_utils::get_input_value('_part', rcube_utils::INPUT_POST);
$storage = $this->rc->get_storage();
if ($uid && $mime_id) {
$storage->set_folder($mbox);
$part = $storage->get_message_part($uid, $mime_id);
}
if ($part && is_array($result = $this->import_key($part))) {
$this->rc->output->show_message('enigma.keysimportsuccess', 'confirmation',
array('new' => $result['imported'], 'old' => $result['unchanged']));
}
else
$this->rc->output->show_message('enigma.keysimportfailed', 'error');
$this->rc->output->send();
}
+ /**
+ * Registers password for specified key/cert sent by the password prompt.
+ */
function password_handler()
{
$keyid = rcube_utils::get_input_value('_keyid', rcube_utils::INPUT_POST);
$passwd = rcube_utils::get_input_value('_passwd', rcube_utils::INPUT_POST, true);
if ($keyid && $passwd !== null && strlen($passwd)) {
$this->save_password($keyid, $passwd);
}
}
+ /**
+ * Saves key/cert password in user session
+ */
function save_password($keyid, $password)
{
// we store passwords in session for specified time
if ($config = $_SESSION['enigma_pass']) {
$config = $this->rc->decrypt($config);
$config = @unserialize($config);
}
$config[$keyid] = array($password, time());
$_SESSION['enigma_pass'] = $this->rc->encrypt(serialize($config));
}
+ /**
+ * Returns currently stored passwords
+ */
function get_passwords()
{
if ($config = $_SESSION['enigma_pass']) {
$config = $this->rc->decrypt($config);
$config = @unserialize($config);
}
$threshold = time() - $this->password_time;
$keys = array();
// delete expired passwords
foreach ((array) $config as $key => $value) {
- if ($pass_time && $value[1] < $threshold) {
+ if ($threshold && $value[1] < $threshold) {
unset($config[$key]);
$modified = true;
}
else {
$keys[$key] = $value[0];
}
}
if ($modified) {
$_SESSION['enigma_pass'] = $this->rc->encrypt(serialize($config));
}
return $keys;
}
/**
* Get message part body.
*
* @param rcube_message Message object
* @param string Message part ID
* @param bool Return raw body with headers
*/
private function get_part_body($msg, $part_id, $full = false)
{
// @TODO: Handle big bodies using file handles
if ($full) {
$storage = $this->rc->get_storage();
$body = $storage->get_raw_headers($msg->uid, $part_id);
$body .= $storage->get_raw_body($msg->uid, null, $part_id);
}
else {
$body = $msg->get_part_body($part_id, false);
}
return $body;
}
/**
* Parse decrypted message body into structure
*
* @param string Message body
*
* @return array Message structure
*/
private function parse_body(&$body)
{
// Mail_mimeDecode need \r\n end-line, but gpg may return \n
$body = preg_replace('/\r?\n/', "\r\n", $body);
// parse the body into structure
$struct = rcube_mime::parse_message($body);
return $struct;
}
/**
* Replace message encrypted structure with decrypted message structure
*
* @param array
* @param rcube_message_part
*/
private function modify_structure(&$p, $struct)
{
// modify mime_parts property of the message object
$old_id = $p['structure']->mime_id;
foreach (array_keys($p['object']->mime_parts) as $idx) {
if (!$old_id || $idx == $old_id || strpos($idx, $old_id . '.') === 0) {
unset($p['object']->mime_parts[$idx]);
}
}
// modify the new structure to be correctly handled by Roundcube
$this->modify_structure_part($struct, $p['object'], $old_id);
// replace old structure with the new one
$p['structure'] = $struct;
$p['mimetype'] = $struct->mimetype;
}
/**
* Modify decrypted message part
*
* @param rcube_message_part
* @param rcube_message
*/
private function modify_structure_part($part, $msg, $old_id)
{
// never cache the body
$part->body_modified = true;
$part->encoding = 'stream';
// modify part identifier
if ($old_id) {
$part->mime_id = !$part->mime_id ? $old_id : ($old_id . '.' . $part->mime_id);
}
// Cache the fact it was decrypted
$this->encrypted_parts[] = $part->mime_id;
$msg->mime_parts[$part->mime_id] = $part;
// modify sub-parts
foreach ((array) $part->parts as $p) {
$this->modify_structure_part($p, $msg, $old_id);
}
}
/**
* Checks if specified message part is a PGP-key or S/MIME cert data
*
* @param rcube_message_part Part object
*
* @return boolean True if part is a key/cert
*/
public function is_keys_part($part)
{
// @TODO: S/MIME
return (
// Content-Type: application/pgp-keys
$part->mimetype == 'application/pgp-keys'
);
}
}
diff --git a/plugins/enigma/lib/enigma_error.php b/plugins/enigma/lib/enigma_error.php
index 1717a7c46..91c281f46 100644
--- a/plugins/enigma/lib/enigma_error.php
+++ b/plugins/enigma/lib/enigma_error.php
@@ -1,60 +1,61 @@
<?php
-/*
+
+/**
+-------------------------------------------------------------------------+
| Error class for the Enigma Plugin |
| |
| Copyright (C) 2010-2015 The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
+-------------------------------------------------------------------------+
| Author: Aleksander Machniak <alec@alec.pl> |
+-------------------------------------------------------------------------+
*/
class enigma_error
{
private $code;
private $message;
private $data = array();
// error codes
const E_OK = 0;
const E_INTERNAL = 1;
const E_NODATA = 2;
const E_KEYNOTFOUND = 3;
const E_DELKEY = 4;
const E_BADPASS = 5;
const E_EXPIRED = 6;
const E_UNVERIFIED = 7;
function __construct($code = null, $message = '', $data = array())
{
$this->code = $code;
$this->message = $message;
$this->data = $data;
}
function getCode()
{
return $this->code;
}
function getMessage()
{
return $this->message;
}
function getData($name)
{
if ($name) {
return $this->data[$name];
}
else {
return $this->data;
}
}
}
diff --git a/plugins/enigma/lib/enigma_key.php b/plugins/enigma/lib/enigma_key.php
index 8c61cbd99..734cbb8c7 100644
--- a/plugins/enigma/lib/enigma_key.php
+++ b/plugins/enigma/lib/enigma_key.php
@@ -1,150 +1,151 @@
<?php
-/*
+
+/**
+-------------------------------------------------------------------------+
| Key class for the Enigma Plugin |
| |
| Copyright (C) 2010-2015 The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
+-------------------------------------------------------------------------+
| Author: Aleksander Machniak <alec@alec.pl> |
+-------------------------------------------------------------------------+
*/
class enigma_key
{
public $id;
public $name;
public $users = array();
public $subkeys = array();
const TYPE_UNKNOWN = 0;
const TYPE_KEYPAIR = 1;
const TYPE_PUBLIC = 2;
const CAN_SIGN = 1;
const CAN_ENCRYPT = 2;
/**
* Keys list sorting callback for usort()
*/
static function cmp($a, $b)
{
return strcmp($a->name, $b->name);
}
/**
* Returns key type
*/
function get_type()
{
if ($this->subkeys[0]->has_private)
return enigma_key::TYPE_KEYPAIR;
else if (!empty($this->subkeys[0]))
return enigma_key::TYPE_PUBLIC;
return enigma_key::TYPE_UNKNOWN;
}
/**
* Returns true if all user IDs are revoked
*/
function is_revoked()
{
foreach ($this->subkeys as $subkey)
if (!$subkey->revoked)
return false;
return true;
}
/**
* Returns true if any user ID is valid
*/
function is_valid()
{
foreach ($this->users as $user)
if ($user->valid)
return true;
return false;
}
/**
* Returns true if any of subkeys is not expired
*/
function is_expired()
{
$now = time();
foreach ($this->subkeys as $subkey)
if (!$subkey->expires || $subkey->expires > $now)
return true;
return false;
}
/**
* Get key ID by user email
*/
function find_subkey($email, $mode)
{
$now = time();
foreach ($this->users as $user) {
if ($user->email === $email && $user->valid && !$user->revoked) {
foreach ($this->subkeys as $subkey) {
if (!$subkey->revoked && (!$subkey->expires || $subkey->expires > $now)) {
if (($mode == self::CAN_ENCRYPT && $subkey->can_encrypt)
|| ($mode == self::CAN_SIGN && $subkey->has_private)
) {
return $subkey;
}
}
}
}
}
}
/**
* Converts long ID or Fingerprint to short ID
* Crypt_GPG uses internal, but e.g. Thunderbird's Enigmail displays short ID
*
* @param string Key ID or fingerprint
* @return string Key short ID
*/
static function format_id($id)
{
// E.g. 04622F2089E037A5 => 89E037A5
return substr($id, -8);
}
/**
* Formats fingerprint string
*
* @param string Key fingerprint
*
* @return string Formatted fingerprint (with spaces)
*/
static function format_fingerprint($fingerprint)
{
if (!$fingerprint) {
return '';
}
$result = '';
for ($i=0; $i<40; $i++) {
if ($i % 4 == 0) {
$result .= ' ';
}
$result .= $fingerprint[$i];
}
return $result;
}
}
diff --git a/plugins/enigma/lib/enigma_mime_message.php b/plugins/enigma/lib/enigma_mime_message.php
index feed78e03..eae8cb7a1 100644
--- a/plugins/enigma/lib/enigma_mime_message.php
+++ b/plugins/enigma/lib/enigma_mime_message.php
@@ -1,299 +1,300 @@
<?php
-/*
+
+/**
+-------------------------------------------------------------------------+
| Mail_mime wrapper for the Enigma Plugin |
| |
| Copyright (C) 2010-2015 The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
+-------------------------------------------------------------------------+
| Author: Aleksander Machniak <alec@alec.pl> |
+-------------------------------------------------------------------------+
*/
class enigma_mime_message extends Mail_mime
{
const PGP_SIGNED = 1;
const PGP_ENCRYPTED = 2;
protected $_type;
protected $_message;
protected $_body;
protected $_signature;
protected $_encrypted;
/**
* Object constructor
*
* @param Mail_mime Original message
* @param int Output message type
*/
function __construct($message, $type)
{
$this->_message = $message;
$this->_type = $type;
// clone parameters
foreach (array_keys($this->_build_params) as $param) {
$this->_build_params[$param] = $message->getParam($param);
}
// clone headers
$this->_headers = $message->_headers;
/*
if ($message->getParam('delay_file_io')) {
// use common temp dir
$temp_dir = $this->config->get('temp_dir');
$body_file = tempnam($temp_dir, 'rcmMsg');
$mime_result = $message->saveMessageBody($body_file);
if (is_a($mime_result, 'PEAR_Error')) {
self::raise_error(array('code' => 650, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
'message' => "Could not create message: ".$mime_result->getMessage()),
true, false);
return false;
}
$msg_body = fopen($body_file, 'r');
}
else {
*/
// \r\n is must-have here
$this->_body = $message->get() . "\r\n";
/*
}
*/
}
/**
* Check if the message is multipart (requires PGP/MIME)
*
* @return bool True if it is multipart, otherwise False
*/
function isMultipart()
{
return $this->_message instanceof enigma_mime_message
|| !empty($this->_message->_parts) || $this->_message->getHTMLBody();
}
/**
* Get e-mail address of message sender
*
* @return string Sender address
*/
function getFromAddress()
{
// get sender address
$headers = $this->_message->headers();
$from = rcube_mime::decode_address_list($headers['From'], 1, false, null, true);
$from = $from[1];
return $from;
}
/**
* Get recipients' e-mail addresses
*
* @return array Recipients' addresses
*/
function getRecipients()
{
// get sender address
$headers = $this->_message->headers();
$to = rcube_mime::decode_address_list($headers['To'], null, false, null, true);
$cc = rcube_mime::decode_address_list($headers['Cc'], null, false, null, true);
$bcc = rcube_mime::decode_address_list($headers['Bcc'], null, false, null, true);
$recipients = array_unique(array_merge($to, $cc, $bcc));
$recipients = array_diff($recipients, array('undisclosed-recipients:'));
return $recipients;
}
/**
* Get original message body, to be encrypted/signed
*
* @return string Message body
*/
function getOrigBody()
{
$_headers = $this->_message->headers();
$headers = array();
if ($_headers['Content-Transfer-Encoding']) {
$headers[] = 'Content-Transfer-Encoding: ' . $_headers['Content-Transfer-Encoding'];
}
$headers[] = 'Content-Type: ' . $_headers['Content-Type'];
return implode("\r\n", $headers) . "\r\n\r\n" . $this->_body;
}
/**
* Register signature attachment
*
* @param string Signature body
*/
function addPGPSignature($body)
{
$this->_signature = $body;
}
/**
* Register encrypted body
*
* @param string Encrypted body
*/
function setPGPEncryptedBody($body)
{
$this->_encrypted = $body;
}
/**
* Builds the multipart message.
*
* @param array $params Build parameters that change the way the email
* is built. Should be associative. See $_build_params.
* @param resource $filename Output file where to save the message instead of
* returning it
* @param boolean $skip_head True if you want to return/save only the message
* without headers
*
* @return mixed The MIME message content string, null or PEAR error object
* @access public
*/
function get($params = null, $filename = null, $skip_head = false)
{
if (isset($params)) {
while (list($key, $value) = each($params)) {
$this->_build_params[$key] = $value;
}
}
$this->_checkParams();
if ($this->_type == self::PGP_SIGNED) {
$body = "This is an OpenPGP/MIME signed message (RFC 4880 and 3156)";
$params = array(
'content_type' => "multipart/signed; micalg=pgp-sha1; protocol=\"application/pgp-signature\"",
'eol' => $this->_build_params['eol'],
);
$message = new Mail_mimePart($body, $params);
if (!empty($this->_body)) {
$headers = $this->_message->headers();
$params = array('content_type' => $headers['Content-Type']);
if ($headers['Content-Transfer-Encoding']) {
$params['encoding'] = $headers['Content-Transfer-Encoding'];
}
$message->addSubpart($this->_body, $params);
}
if (!empty($this->_signature)) {
$message->addSubpart($this->_signature, array(
'filename' => 'signature.asc',
'content_type' => 'application/pgp-signature',
'disposition' => 'attachment',
'description' => 'OpenPGP digital signature',
));
}
}
else if ($this->_type == self::PGP_ENCRYPTED) {
$body = "This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)";
$params = array(
'content_type' => "multipart/encrypted; protocol=\"application/pgp-encrypted\"",
'eol' => $this->_build_params['eol'],
);
$message = new Mail_mimePart($body, $params);
$message->addSubpart('Version: 1', array(
'content_type' => 'application/pgp-encrypted',
'description' => 'PGP/MIME version identification',
));
$message->addSubpart($this->_encrypted, array(
'content_type' => 'application/octet-stream',
'description' => 'PGP/MIME encrypted message',
'disposition' => 'inline',
'filename' => 'encrypted.asc',
));
}
// Use saved boundary
if (!empty($this->_build_params['boundary'])) {
$boundary = $this->_build_params['boundary'];
}
else {
$boundary = null;
}
// Write output to file
if ($filename) {
// Append mimePart message headers and body into file
$headers = $message->encodeToFile($filename, $boundary, $skip_head);
if ($this->_isError($headers)) {
return $headers;
}
$this->_headers = array_merge($this->_headers, $headers);
return null;
}
else {
$output = $message->encode($boundary, $skip_head);
if ($this->_isError($output)) {
return $output;
}
$this->_headers = array_merge($this->_headers, $output['headers']);
return $output['body'];
}
}
/**
* Get Content-Type and Content-Transfer-Encoding headers of the message
*
* @return array Headers array
* @access private
*/
function _contentHeaders()
{
$this->_checkParams();
$eol = !empty($this->_build_params['eol']) ? $this->_build_params['eol'] : "\r\n";
// multipart message: and boundary
if (!empty($this->_build_params['boundary'])) {
$boundary = $this->_build_params['boundary'];
}
else if (!empty($this->_headers['Content-Type'])
&& preg_match('/boundary="([^"]+)"/', $this->_headers['Content-Type'], $m)
) {
$boundary = $m[1];
}
else {
$boundary = '=_' . md5(rand() . microtime());
}
$this->_build_params['boundary'] = $boundary;
if ($this->_type == self::PGP_SIGNED) {
$headers['Content-Type'] = "multipart/signed; micalg=pgp-sha1;$eol"
." protocol=\"application/pgp-signature\";$eol"
." boundary=\"$boundary\"";
}
else if ($this->_type == self::PGP_ENCRYPTED) {
$headers['Content-Type'] = "multipart/encrypted;$eol"
." protocol=\"application/pgp-encrypted\";$eol"
." boundary=\"$boundary\"";
}
return $headers;
}
}
diff --git a/plugins/enigma/lib/enigma_signature.php b/plugins/enigma/lib/enigma_signature.php
index 2e63a80f4..42074357c 100644
--- a/plugins/enigma/lib/enigma_signature.php
+++ b/plugins/enigma/lib/enigma_signature.php
@@ -1,27 +1,28 @@
<?php
-/*
+
+/**
+-------------------------------------------------------------------------+
| Signature class for the Enigma Plugin |
| |
| Copyright (C) 2010-2015 The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
+-------------------------------------------------------------------------+
| Author: Aleksander Machniak <alec@alec.pl> |
+-------------------------------------------------------------------------+
*/
class enigma_signature
{
public $id;
public $valid;
public $fingerprint;
public $created;
public $expires;
public $name;
public $comment;
public $email;
}
diff --git a/plugins/enigma/lib/enigma_subkey.php b/plugins/enigma/lib/enigma_subkey.php
index cd57611c0..7604473fa 100644
--- a/plugins/enigma/lib/enigma_subkey.php
+++ b/plugins/enigma/lib/enigma_subkey.php
@@ -1,50 +1,51 @@
<?php
-/*
+
+/**
+-------------------------------------------------------------------------+
| SubKey class for the Enigma Plugin |
| |
| Copyright (C) 2010-2015 The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
+-------------------------------------------------------------------------+
| Author: Aleksander Machniak <alec@alec.pl> |
+-------------------------------------------------------------------------+
*/
class enigma_subkey
{
public $id;
public $fingerprint;
public $expires;
public $created;
public $revoked;
public $has_private;
public $can_sign;
public $can_encrypt;
/**
* Converts internal ID to short ID
* Crypt_GPG uses internal, but e.g. Thunderbird's Enigmail displays short ID
*
* @return string Key ID
*/
function get_short_id()
{
// E.g. 04622F2089E037A5 => 89E037A5
return enigma_key::format_id($this->id);
}
/**
* Getter for formatted fingerprint
*
* @return string Formatted fingerprint
*/
function get_fingerprint()
{
return enigma_key::format_fingerprint($this->fingerprint);
}
}
diff --git a/plugins/enigma/lib/enigma_ui.php b/plugins/enigma/lib/enigma_ui.php
index e866ba335..c76583eb8 100644
--- a/plugins/enigma/lib/enigma_ui.php
+++ b/plugins/enigma/lib/enigma_ui.php
@@ -1,749 +1,796 @@
<?php
-/*
+
+/**
+-------------------------------------------------------------------------+
| User Interface for the Enigma Plugin |
| |
| Copyright (C) 2010-2015 The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
+-------------------------------------------------------------------------+
| Author: Aleksander Machniak <alec@alec.pl> |
+-------------------------------------------------------------------------+
*/
class enigma_ui
{
private $rc;
private $enigma;
private $home;
private $css_loaded;
private $js_loaded;
private $data;
private $keys_parts = array();
private $keys_bodies = array();
function __construct($enigma_plugin, $home='')
{
$this->enigma = $enigma_plugin;
$this->rc = $enigma_plugin->rc;
$this->home = $home; // we cannot use $enigma_plugin->home here
}
/**
* UI initialization and requests handlers.
*
* @param string Preferences section
*/
function init()
{
$this->add_js();
$action = rcube_utils::get_input_value('_a', rcube_utils::INPUT_GPC);
if ($this->rc->action == 'plugin.enigmakeys') {
switch ($action) {
case 'delete':
$this->key_delete();
break;
/*
case 'edit':
$this->key_edit();
break;
*/
case 'import':
$this->key_import();
break;
case 'search':
case 'list':
$this->key_list();
break;
case 'info':
$this->key_info();
break;
}
$this->rc->output->add_handlers(array(
'keyslist' => array($this, 'tpl_keys_list'),
'keyframe' => array($this, 'tpl_key_frame'),
'countdisplay' => array($this, 'tpl_keys_rowcount'),
'searchform' => array($this->rc->output, 'search_form'),
));
$this->rc->output->set_pagetitle($this->enigma->gettext('enigmakeys'));
$this->rc->output->send('enigma.keys');
}
/*
// Preferences UI
else if ($this->rc->action == 'plugin.enigmacerts') {
$this->rc->output->add_handlers(array(
'keyslist' => array($this, 'tpl_certs_list'),
'keyframe' => array($this, 'tpl_cert_frame'),
'countdisplay' => array($this, 'tpl_certs_rowcount'),
'searchform' => array($this->rc->output, 'search_form'),
));
$this->rc->output->set_pagetitle($this->enigma->gettext('enigmacerts'));
$this->rc->output->send('enigma.certs');
}
*/
// Message composing UI
else if ($this->rc->action == 'compose') {
$this->compose_ui();
}
}
/**
* Adds CSS style file to the page header.
*/
function add_css()
{
if ($this->css_loaded)
return;
$skin_path = $this->enigma->local_skin_path();
if (is_file($this->home . "/$skin_path/enigma.css")) {
$this->enigma->include_stylesheet("$skin_path/enigma.css");
}
$this->css_loaded = true;
}
/**
* Adds javascript file to the page header.
*/
function add_js()
{
if ($this->js_loaded) {
return;
}
$this->enigma->include_script('enigma.js');
$this->js_loaded = true;
}
/**
* Initializes key password prompt
*
- * @param enigma_error Error object with key info
+ * @param enigma_error $status Error object with key info
+ * @param array $params Optional prompt parameters
*/
- function password_prompt($status)
+ function password_prompt($status, $params = array())
{
$data = $status->getData('missing');
if (empty($data)) {
$data = $status->getData('bad');
}
$data = array('keyid' => key($data), 'user' => $data[key($data)]);
+ if (!empty($params)) {
+ $data = array_merge($params, $data);
+ }
+
if ($this->rc->action == 'send') {
$this->rc->output->command('enigma_password_request', $data);
}
else {
$this->rc->output->set_env('enigma_password_request', $data);
}
// add some labels to client
$this->rc->output->add_label('enigma.enterkeypasstitle', 'enigma.enterkeypass',
'save', 'cancel');
$this->add_css();
$this->add_js();
}
/**
* Template object for key info/edit frame.
*
* @param array Object attributes
*
* @return string HTML output
*/
function tpl_key_frame($attrib)
{
if (!$attrib['id']) {
$attrib['id'] = 'rcmkeysframe';
}
$attrib['name'] = $attrib['id'];
$this->rc->output->set_env('contentframe', $attrib['name']);
$this->rc->output->set_env('blankpage', $attrib['src'] ?
$this->rc->output->abs_url($attrib['src']) : 'program/resources/blank.gif');
return $this->rc->output->frame($attrib);
}
/**
* Template object for list of keys.
*
* @param array Object attributes
*
* @return string HTML content
*/
function tpl_keys_list($attrib)
{
// add id to message list table if not specified
if (!strlen($attrib['id'])) {
$attrib['id'] = 'rcmenigmakeyslist';
}
// define list of cols to be displayed
$a_show_cols = array('name');
// create XHTML table
$out = $this->rc->table_output($attrib, array(), $a_show_cols, 'id');
// set client env
$this->rc->output->add_gui_object('keyslist', $attrib['id']);
$this->rc->output->include_script('list.js');
// add some labels to client
$this->rc->output->add_label('enigma.keyremoveconfirm', 'enigma.keyremoving');
return $out;
}
/**
* Key listing (and searching) request handler
*/
private function key_list()
{
$this->enigma->load_engine();
$pagesize = $this->rc->config->get('pagesize', 100);
$page = max(intval(rcube_utils::get_input_value('_p', rcube_utils::INPUT_GPC)), 1);
$search = rcube_utils::get_input_value('_q', rcube_utils::INPUT_GPC);
// Get the list
$list = $this->enigma->engine->list_keys($search);
if ($list && ($list instanceof enigma_error))
$this->rc->output->show_message('enigma.keylisterror', 'error');
else if (empty($list))
$this->rc->output->show_message('enigma.nokeysfound', 'notice');
else if (is_array($list)) {
// Save the size
$listsize = count($list);
// Sort the list by key (user) name
usort($list, array('enigma_key', 'cmp'));
// Slice current page
$list = array_slice($list, ($page - 1) * $pagesize, $pagesize);
$size = count($list);
// Add rows
foreach ($list as $key) {
$this->rc->output->command('enigma_add_list_row',
array('name' => rcube::Q($key->name), 'id' => $key->id));
}
}
$this->rc->output->set_env('search_request', $search);
$this->rc->output->set_env('pagecount', ceil($listsize/$pagesize));
$this->rc->output->set_env('current_page', $page);
$this->rc->output->command('set_rowcount',
$this->get_rowcount_text($listsize, $size, $page));
$this->rc->output->send();
}
/**
* Template object for list records counter.
*
* @param array Object attributes
*
* @return string HTML output
*/
function tpl_keys_rowcount($attrib)
{
if (!$attrib['id'])
$attrib['id'] = 'rcmcountdisplay';
$this->rc->output->add_gui_object('countdisplay', $attrib['id']);
return html::span($attrib, $this->get_rowcount_text());
}
/**
* Returns text representation of list records counter
*/
private function get_rowcount_text($all=0, $curr_count=0, $page=1)
{
if (!$curr_count) {
$out = $this->enigma->gettext('nokeysfound');
}
else {
$pagesize = $this->rc->config->get('pagesize', 100);
$first = ($page - 1) * $pagesize;
$out = $this->enigma->gettext(array(
'name' => 'keysfromto',
'vars' => array(
'from' => $first + 1,
'to' => $first + $curr_count,
'count' => $all)
));
}
return $out;
}
/**
* Key information page handler
*/
private function key_info()
{
$this->enigma->load_engine();
$id = rcube_utils::get_input_value('_id', rcube_utils::INPUT_GET);
$res = $this->enigma->engine->get_key($id);
if ($res instanceof enigma_key) {
$this->data = $res;
}
else { // error
$this->rc->output->show_message('enigma.keyopenerror', 'error');
$this->rc->output->command('parent.enigma_loadframe');
$this->rc->output->send('iframe');
}
$this->rc->output->add_handlers(array(
'keyname' => array($this, 'tpl_key_name'),
'keydata' => array($this, 'tpl_key_data'),
));
$this->rc->output->set_pagetitle($this->enigma->gettext('keyinfo'));
$this->rc->output->send('enigma.keyinfo');
}
/**
* Template object for key name
*/
function tpl_key_name($attrib)
{
return rcube::Q($this->data->name);
}
/**
* Template object for key information page content
*/
function tpl_key_data($attrib)
{
- $out = '';
+ $out = '';
$table = new html_table(array('cols' => 2));
// Key user ID
$table->add('title', $this->enigma->gettext('keyuserid'));
$table->add(null, rcube::Q($this->data->name));
+
// Key ID
$table->add('title', $this->enigma->gettext('keyid'));
$table->add(null, $this->data->subkeys[0]->get_short_id());
+
// Key type
$keytype = $this->data->get_type();
- if ($keytype == enigma_key::TYPE_KEYPAIR)
+ if ($keytype == enigma_key::TYPE_KEYPAIR) {
$type = $this->enigma->gettext('typekeypair');
- else if ($keytype == enigma_key::TYPE_PUBLIC)
+ }
+ else if ($keytype == enigma_key::TYPE_PUBLIC) {
$type = $this->enigma->gettext('typepublickey');
+ }
$table->add('title', $this->enigma->gettext('keytype'));
$table->add(null, $type);
+
// Key fingerprint
$table->add('title', $this->enigma->gettext('fingerprint'));
$table->add(null, $this->data->subkeys[0]->get_fingerprint());
$out .= html::tag('fieldset', null,
html::tag('legend', null,
$this->enigma->gettext('basicinfo')) . $table->show($attrib));
/*
// Subkeys
$table = new html_table(array('cols' => 6));
// Columns: Type, ID, Algorithm, Size, Created, Expires
$out .= html::tag('fieldset', null,
html::tag('legend', null,
$this->enigma->gettext('subkeys')) . $table->show($attrib));
// Additional user IDs
$table = new html_table(array('cols' => 2));
// Columns: User ID, Validity
$out .= html::tag('fieldset', null,
html::tag('legend', null,
$this->enigma->gettext('userids')) . $table->show($attrib));
*/
return $out;
}
/**
* Key import page handler
*/
private function key_import()
{
// Import process
if ($_FILES['_file']['tmp_name'] && is_uploaded_file($_FILES['_file']['tmp_name'])) {
$this->enigma->load_engine();
$result = $this->enigma->engine->import_key($_FILES['_file']['tmp_name'], true);
if (is_array($result)) {
// reload list if any keys has been added
if ($result['imported']) {
$this->rc->output->command('parent.enigma_list', 1);
}
else
$this->rc->output->command('parent.enigma_loadframe');
$this->rc->output->show_message('enigma.keysimportsuccess', 'confirmation',
array('new' => $result['imported'], 'old' => $result['unchanged']));
$this->rc->output->send('iframe');
}
else {
$this->rc->output->show_message('enigma.keysimportfailed', 'error');
}
}
else if ($err = $_FILES['_file']['error']) {
if ($err == UPLOAD_ERR_INI_SIZE || $err == UPLOAD_ERR_FORM_SIZE) {
$this->rc->output->show_message('filesizeerror', 'error',
array('size' => $this->rc->show_bytes(parse_bytes(ini_get('upload_max_filesize')))));
} else {
$this->rc->output->show_message('fileuploaderror', 'error');
}
}
$this->rc->output->add_handlers(array(
'importform' => array($this, 'tpl_key_import_form'),
));
$this->rc->output->set_pagetitle($this->enigma->gettext('keyimport'));
$this->rc->output->send('enigma.keyimport');
}
/**
* Template object for key import (upload) form
*/
function tpl_key_import_form($attrib)
{
$attrib += array('id' => 'rcmKeyImportForm');
$upload = new html_inputfield(array('type' => 'file', 'name' => '_file',
'id' => 'rcmimportfile', 'size' => 30));
$form = html::p(null,
rcube::Q($this->enigma->gettext('keyimporttext'), 'show')
. html::br() . html::br() . $upload->show()
);
$this->rc->output->add_label('selectimportfile', 'importwait');
$this->rc->output->add_gui_object('importform', $attrib['id']);
$out = $this->rc->output->form_tag(array(
'action' => $this->rc->url(array('action' => $this->rc->action, 'a' => 'import')),
'method' => 'post',
'enctype' => 'multipart/form-data') + $attrib,
$form);
return $out;
}
/**
* Key deleting
*/
private function key_delete()
{
$keys = rcube_utils::get_input_value('_keys', rcube_utils::INPUT_POST);
$this->enigma->load_engine();
foreach ((array)$keys as $key) {
$res = $this->enigma->engine->delete_key($key);
if ($res !== true) {
$this->rc->output->show_message('enigma.keyremoveerror', 'error');
$this->rc->output->command('enigma_list');
$this->rc->output->send();
}
}
$this->rc->output->command('enigma_list');
$this->rc->output->show_message('enigma.keyremovesuccess', 'confirmation');
$this->rc->output->send();
}
+ /**
+ * Init compose UI (add task button and the menu)
+ */
private function compose_ui()
{
$this->add_css();
// Options menu button
$this->enigma->add_button(array(
'type' => 'link',
'command' => 'plugin.enigma',
'onclick' => "rcmail.command('menu-open', 'enigmamenu', event.target, event)",
'class' => 'button enigma',
'title' => 'encryptionoptions',
'label' => 'encryption',
'domain' => $this->enigma->ID,
'width' => 32,
'height' => 32
), 'toolbar');
- // Options menu contents
- $this->enigma->add_hook('render_page', array($this, 'compose_menu'));
- }
-
- function compose_menu($p)
- {
$menu = new html_table(array('cols' => 2));
$chbox = new html_checkbox(array('value' => 1));
$menu->add(null, html::label(array('for' => 'enigmasignopt'),
rcube::Q($this->enigma->gettext('signmsg'))));
$menu->add(null, $chbox->show($this->rc->config->get('enigma_sign_all') ? 1 : 0,
array('name' => '_enigma_sign', 'id' => 'enigmasignopt')));
$menu->add(null, html::label(array('for' => 'enigmaencryptopt'),
rcube::Q($this->enigma->gettext('encryptmsg'))));
$menu->add(null, $chbox->show($this->rc->config->get('enigma_encrypt_all') ? 1 : 0,
array('name' => '_enigma_encrypt', 'id' => 'enigmaencryptopt')));
- $menu = html::div(array('id' => 'enigmamenu', 'class' => 'popupmenu'),
- $menu->show());
+ $menu = html::div(array('id' => 'enigmamenu', 'class' => 'popupmenu'), $menu->show());
- $p['content'] .= $menu;
-
- return $p;
+ // Options menu contents
+ $this->rc->output->add_footer($menu);
}
/**
* Handler for message_body_prefix hook.
* Called for every displayed (content) part of the message.
* Adds infobox about signature verification and/or decryption
* status above the body.
*
* @param array Original parameters
*
* @return array Modified parameters
*/
function status_message($p)
{
// skip: not a message part
if ($p['part'] instanceof rcube_message) {
return $p;
}
// skip: message has no signed/encoded content
if (!$this->enigma->engine) {
return $p;
}
$engine = $this->enigma->engine;
$part_id = $p['part']->mime_id;
// Decryption status
if (isset($engine->decryptions[$part_id])) {
$attach_scripts = true;
// get decryption status
$status = $engine->decryptions[$part_id];
// display status info
$attrib['id'] = 'enigma-message';
if ($status instanceof enigma_error) {
$attrib['class'] = 'enigmaerror';
$code = $status->getCode();
if ($code == enigma_error::E_KEYNOTFOUND) {
$msg = rcube::Q(str_replace('$keyid', enigma_key::format_id($status->getData('id')),
$this->enigma->gettext('decryptnokey')));
}
else if ($code == enigma_error::E_BADPASS) {
$msg = rcube::Q($this->enigma->gettext('decryptbadpass'));
$this->password_prompt($status);
}
else {
$msg = rcube::Q($this->enigma->gettext('decrypterror'));
}
}
else {
$attrib['class'] = 'enigmanotice';
$msg = rcube::Q($this->enigma->gettext('decryptok'));
}
$p['prefix'] .= html::div($attrib, $msg);
}
// Signature verification status
if (isset($engine->signed_parts[$part_id])
&& ($sig = $engine->signatures[$engine->signed_parts[$part_id]])
) {
$attach_scripts = true;
// display status info
$attrib['id'] = 'enigma-message';
if ($sig instanceof enigma_signature) {
$sender = ($sig->name ? $sig->name . ' ' : '') . '<' . $sig->email . '>';
if ($sig->valid === enigma_error::E_UNVERIFIED) {
$attrib['class'] = 'enigmawarning';
$msg = str_replace('$sender', $sender, $this->enigma->gettext('sigunverified'));
$msg = str_replace('$keyid', $sig->id, $msg);
$msg = rcube::Q($msg);
}
else if ($sig->valid) {
$attrib['class'] = 'enigmanotice';
$msg = rcube::Q(str_replace('$sender', $sender, $this->enigma->gettext('sigvalid')));
}
else {
$attrib['class'] = 'enigmawarning';
$msg = rcube::Q(str_replace('$sender', $sender, $this->enigma->gettext('siginvalid')));
}
}
else if ($sig && $sig->getCode() == enigma_error::E_KEYNOTFOUND) {
$attrib['class'] = 'enigmawarning';
$msg = rcube::Q(str_replace('$keyid', enigma_key::format_id($sig->getData('id')),
$this->enigma->gettext('signokey')));
}
else {
$attrib['class'] = 'enigmaerror';
$msg = rcube::Q($this->enigma->gettext('sigerror'));
}
/*
$msg .= ' ' . html::a(array('href' => "#sigdetails",
'onclick' => rcmail_output::JS_OBJECT_NAME.".command('enigma-sig-details')"),
rcube::Q($this->enigma->gettext('showdetails')));
*/
// test
// $msg .= '<br /><pre>'.$sig->body.'</pre>';
$p['prefix'] .= html::div($attrib, $msg);
// Display each signature message only once
unset($engine->signatures[$engine->signed_parts[$part_id]]);
}
if ($attach_scripts) {
// add css and js script
$this->add_css();
$this->add_js();
}
return $p;
}
/**
* Handler for message_load hook.
* Check message bodies and attachments for keys/certs.
*/
function message_load($p)
{
$engine = $this->enigma->load_engine();
- // handle attachments vcard attachments
+ // handle keys/certs in attachments
foreach ((array) $p['object']->attachments as $attachment) {
if ($engine->is_keys_part($attachment)) {
$this->keys_parts[] = $attachment->mime_id;
}
}
// the same with message bodies
foreach ((array) $p['object']->parts as $part) {
if ($engine->is_keys_part($part)) {
$this->keys_parts[] = $part->mime_id;
$this->keys_bodies[] = $part->mime_id;
}
}
// @TODO: inline PGP keys
if ($this->keys_parts) {
$this->enigma->add_texts('localization');
}
return $p;
}
/**
* Handler for template_object_messagebody hook.
* This callback function adds a box below the message content
* if there is a key/cert attachment available
*/
function message_output($p)
{
foreach ($this->keys_parts as $part) {
// remove part's body
if (in_array($part, $this->keys_bodies)) {
$p['content'] = '';
}
// add box below message body
$p['content'] .= html::p(array('class' => 'enigmaattachment'),
html::a(array(
'href' => "#",
'onclick' => "return ".rcmail_output::JS_OBJECT_NAME.".enigma_import_attachment('".rcube::JQ($part)."')",
'title' => $this->enigma->gettext('keyattimport')),
html::span(null, $this->enigma->gettext('keyattfound'))));
$attach_scripts = true;
}
if ($attach_scripts) {
// add css and js script
$this->add_css();
$this->add_js();
}
return $p;
}
/**
* Handle message_ready hook (encryption/signing)
*/
function message_ready($p)
{
$savedraft = !empty($_POST['_draft']) && empty($_GET['_saveonly']);
if (!$savedraft && rcube_utils::get_input_value('_enigma_sign', rcube_utils::INPUT_POST)) {
$this->enigma->load_engine();
$status = $this->enigma->engine->sign_message($p['message']);
$mode = 'sign';
}
if ((!$status instanceof enigma_error) && rcube_utils::get_input_value('_enigma_encrypt', rcube_utils::INPUT_POST)) {
$this->enigma->load_engine();
$status = $this->enigma->engine->encrypt_message($p['message'], null, $savedraft);
$mode = 'encrypt';
}
if ($mode && ($status instanceof enigma_error)) {
$code = $status->getCode();
if ($code == enigma_error::E_KEYNOTFOUND) {
$vars = array('email' => $status->getData('missing'));
$msg = 'enigma.' . $mode . 'nokey';
}
else if ($code == enigma_error::E_BADPASS) {
$msg = 'enigma.' . $mode . 'badpass';
$type = 'warning';
$this->password_prompt($status);
}
else {
$msg = 'enigma.' . $mode . 'error';
}
$this->rc->output->show_message($msg, $type ?: 'error', $vars);
$this->rc->output->send('iframe');
}
return $p;
}
+ /**
+ * Handler for message_compose_body hook
+ * Display error when the message cannot be encrypted
+ * and provide a way to try again with a password.
+ */
+ function message_compose($p)
+ {
+ $engine = $this->enigma->load_engine();
+
+ // skip: message has no signed/encoded content
+ if (!$this->enigma->engine) {
+ return $p;
+ }
+
+ $engine = $this->enigma->engine;
+
+ // Decryption status
+ foreach ($engine->decryptions as $status) {
+ if ($status instanceof enigma_error) {
+ $code = $status->getCode();
+
+ if ($code == enigma_error::E_KEYNOTFOUND) {
+ $msg = rcube::Q(str_replace('$keyid', enigma_key::format_id($status->getData('id')),
+ $this->enigma->gettext('decryptnokey')));
+ }
+ else if ($code == enigma_error::E_BADPASS) {
+ $this->password_prompt($status, array('compose-init' => true));
+ return $p;
+ }
+ else {
+ $msg = rcube::Q($this->enigma->gettext('decrypterror'));
+ }
+ }
+ }
+
+ if ($msg) {
+ $this->rc->output->show_message($msg, 'error');
+ }
+
+ return $p;
+ }
}
diff --git a/plugins/enigma/lib/enigma_userid.php b/plugins/enigma/lib/enigma_userid.php
index da0358445..11baef4db 100644
--- a/plugins/enigma/lib/enigma_userid.php
+++ b/plugins/enigma/lib/enigma_userid.php
@@ -1,24 +1,25 @@
<?php
-/*
+
+/**
+-------------------------------------------------------------------------+
| User ID class for the Enigma Plugin |
| |
| Copyright (C) 2010-2015 The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
+-------------------------------------------------------------------------+
| Author: Aleksander Machniak <alec@alec.pl> |
+-------------------------------------------------------------------------+
*/
class enigma_userid
{
public $revoked;
public $valid;
public $name;
public $comment;
public $email;
}
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Mon, Feb 2, 7:54 AM (1 d, 19 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
426820
Default Alt Text
(137 KB)
Attached To
Mode
R3 roundcubemail
Attached
Detach File
Event Timeline
Log In to Comment