From 9ea16b6d8568cb383eb1f469d1dc54bfcad4f188 Mon Sep 17 00:00:00 2001 From: fiaxh Date: Mon, 16 Oct 2017 00:23:51 +0200 Subject: PGP encrypted file transfers --- plugins/openpgp/src/in_file_processor.vala | 28 +++++++++++ plugins/openpgp/src/manager.vala | 75 +++++++++++++++-------------- plugins/openpgp/src/out_file_processor.vala | 27 +++++++++++ plugins/openpgp/src/plugin.vala | 2 + plugins/openpgp/src/stream_module.vala | 13 ++--- 5 files changed, 98 insertions(+), 47 deletions(-) create mode 100644 plugins/openpgp/src/in_file_processor.vala create mode 100644 plugins/openpgp/src/out_file_processor.vala (limited to 'plugins/openpgp/src') diff --git a/plugins/openpgp/src/in_file_processor.vala b/plugins/openpgp/src/in_file_processor.vala new file mode 100644 index 00000000..2a06bbdf --- /dev/null +++ b/plugins/openpgp/src/in_file_processor.vala @@ -0,0 +1,28 @@ +using Dino.Entities; + +namespace Dino.Plugins.OpenPgp { + +public class InFileProcessor : IncommingFileProcessor, Object { + public bool can_process(FileTransfer file_transfer) { + return file_transfer.file_name.has_suffix("pgp") || file_transfer.mime_type == "application/pgp-encrypted"; + } + + public void process(FileTransfer file_transfer) { + uint8[] buf = new uint8[256]; + Array data = new Array(false, true, 0); + size_t len = -1; + do { + len = file_transfer.input_stream.read(buf); + data.append_vals(buf, (uint) len); + } while(len > 0); + + uint8[] clear_data = GPGHelper.decrypt_data(data.data); + file_transfer.input_stream = new MemoryInputStream.from_data(clear_data, GLib.free); + file_transfer.encryption = Encryption.PGP; + if (file_transfer.file_name.has_suffix(".pgp")) { + file_transfer.file_name = file_transfer.file_name.substring(0, file_transfer.file_name.length - 4); + } + } +} + +} diff --git a/plugins/openpgp/src/manager.vala b/plugins/openpgp/src/manager.vala index 4c8b6d13..74f6027c 100644 --- a/plugins/openpgp/src/manager.vala +++ b/plugins/openpgp/src/manager.vala @@ -30,6 +30,39 @@ public class Manager : StreamInteractionModule, Object { stream_interactor.get_module(MessageProcessor.IDENTITY).pre_message_send.connect(check_encypt); } + public GPG.Key[] get_key_fprs(Conversation conversation) { + Gee.List keys = new Gee.ArrayList(); + keys.add(db.get_account_key(conversation.account)); + if (conversation.type_ == Conversation.Type.GROUPCHAT) { + Gee.List muc_jids = new Gee.ArrayList(); + Gee.List? occupants = stream_interactor.get_module(MucManager.IDENTITY).get_occupants(conversation.counterpart, conversation.account); + if (occupants != null) muc_jids.add_all(occupants); + Gee.List? offline_members = stream_interactor.get_module(MucManager.IDENTITY).get_offline_members(conversation.counterpart, conversation.account); + if (occupants != null) muc_jids.add_all(offline_members); + + foreach (Jid jid in muc_jids) { + string? key_id = stream_interactor.get_module(Manager.IDENTITY).get_key_id(conversation.account, jid); + if (key_id != null && GPGHelper.get_keylist(key_id).size > 0 && !keys.contains(key_id)) { + keys.add(key_id); + } + } + } else { + string? key_id = get_key_id(conversation.account, conversation.counterpart); + if (key_id != null) { + keys.add(key_id); + } + } + GPG.Key[] gpgkeys = new GPG.Key[keys.size]; + for (int i = 0; i < keys.size; i++) { + try { + GPG.Key key = GPGHelper.get_public_key(keys[i]); + if (key != null) gpgkeys[i] = key; + } catch (Error e) {} + } + + return gpgkeys; + } + private void on_pre_message_received(Entities.Message message, Xmpp.Message.Stanza message_stanza, Conversation conversation) { if (MessageFlag.get_flag(message_stanza) != null && MessageFlag.get_flag(message_stanza).decrypted) { message.encryption = Encryption.PGP; @@ -38,45 +71,13 @@ public class Manager : StreamInteractionModule, Object { private void check_encypt(Entities.Message message, Xmpp.Message.Stanza message_stanza, Conversation conversation) { if (message.encryption == Encryption.PGP) { - bool encrypted = false; - if (conversation.type_ == Conversation.Type.CHAT) { - encrypted = encrypt_for_chat(message, message_stanza, conversation); - } else if (conversation.type_ == Conversation.Type.GROUPCHAT) { - encrypted = encrypt_for_groupchat(message, message_stanza, conversation); - } - if (!encrypted) message.marked = Entities.Message.Marked.WONTSEND; - } - } - - private bool encrypt_for_chat(Entities.Message message, Xmpp.Message.Stanza message_stanza, Conversation conversation) { - Core.XmppStream? stream = stream_interactor.get_stream(conversation.account); - if (stream == null) return false; - - string? key_id = get_key_id(conversation.account, message.counterpart); - if (key_id != null) { - return stream.get_module(Module.IDENTITY).encrypt(message_stanza, new Gee.ArrayList.wrap(new string[]{key_id})); - } - return false; - } - - private bool encrypt_for_groupchat(Entities.Message message, Xmpp.Message.Stanza message_stanza, Conversation conversation) { - Core.XmppStream? stream = stream_interactor.get_stream(conversation.account); - if (stream == null) return false; - - Gee.List muc_jids = new Gee.ArrayList(); - Gee.List? occupants = stream_interactor.get_module(MucManager.IDENTITY).get_occupants(conversation.counterpart, conversation.account); - if (occupants != null) muc_jids.add_all(occupants); - Gee.List? offline_members = stream_interactor.get_module(MucManager.IDENTITY).get_offline_members(conversation.counterpart, conversation.account); - if (occupants != null) muc_jids.add_all(offline_members); - - Gee.List keys = new Gee.ArrayList(); - foreach (Jid jid in muc_jids) { - string? key_id = stream_interactor.get_module(Manager.IDENTITY).get_key_id(conversation.account, jid); - if (key_id != null && GPGHelper.get_keylist(key_id).size > 0 && !keys.contains(key_id)) { - keys.add(key_id); + GPG.Key[] keys = get_key_fprs(conversation); + Core.XmppStream? stream = stream_interactor.get_stream(conversation.account); + if (stream != null) { + bool encrypted = stream.get_module(Module.IDENTITY).encrypt(message_stanza, keys); + if (!encrypted) message.marked = Entities.Message.Marked.WONTSEND; } } - return stream.get_module(Module.IDENTITY).encrypt(message_stanza, keys); } public string? get_key_id(Account account, Jid jid) { diff --git a/plugins/openpgp/src/out_file_processor.vala b/plugins/openpgp/src/out_file_processor.vala new file mode 100644 index 00000000..81c53b16 --- /dev/null +++ b/plugins/openpgp/src/out_file_processor.vala @@ -0,0 +1,27 @@ +using Dino.Entities; + +namespace Dino.Plugins.OpenPgp { + +public class OutFileProcessor : OutgoingFileProcessor, Object { + + StreamInteractor stream_interactor; + + public OutFileProcessor(StreamInteractor stream_interactor) { + this.stream_interactor = stream_interactor; + } + + public bool can_process(Conversation conversation, FileTransfer file_transfer) { + return conversation.encryption == Encryption.PGP; + } + + public void process(Conversation conversation, FileTransfer file_transfer) { + string uri = file_transfer.get_uri(); + GPG.Key[] keys = stream_interactor.get_module(Manager.IDENTITY).get_key_fprs(conversation); + uint8[] enc_content = GPGHelper.encrypt_file(uri, keys, GPG.EncryptFlags.ALWAYS_TRUST); + file_transfer.input_stream = new MemoryInputStream.from_data(enc_content, GLib.free); + file_transfer.encryption = Encryption.PGP; + file_transfer.server_file_name = file_transfer.server_file_name + ".pgp"; + } +} + +} diff --git a/plugins/openpgp/src/plugin.vala b/plugins/openpgp/src/plugin.vala index 2f664656..7ec6c357 100644 --- a/plugins/openpgp/src/plugin.vala +++ b/plugins/openpgp/src/plugin.vala @@ -29,6 +29,8 @@ public class Plugin : Plugins.RootInterface, Object { app.stream_interactor.module_manager.initialize_account_modules.connect(on_initialize_account_modules); Manager.start(app.stream_interactor, db); + app.stream_interactor.get_module(FileManager.IDENTITY).add_outgoing_processor(new OutFileProcessor(app.stream_interactor)); + app.stream_interactor.get_module(FileManager.IDENTITY).add_incomming_processor(new InFileProcessor()); internationalize(GETTEXT_PACKAGE, app.search_path_generator.get_locale_path(GETTEXT_PACKAGE, LOCALE_INSTALL_DIR)); } diff --git a/plugins/openpgp/src/stream_module.vala b/plugins/openpgp/src/stream_module.vala index 6c55cdc5..068370fd 100644 --- a/plugins/openpgp/src/stream_module.vala +++ b/plugins/openpgp/src/stream_module.vala @@ -33,11 +33,8 @@ namespace Dino.Plugins.OpenPgp { } } - public bool encrypt(Message.Stanza message, Gee.List fprs) { - string[] encrypt_to = new string[fprs.size + 1]; - for (int i = 0; i < fprs.size; i++) encrypt_to[i] = fprs[i]; - encrypt_to[encrypt_to.length - 1] = own_key.fpr; - string? enc_body = gpg_encrypt(message.body, encrypt_to); + public bool encrypt(Message.Stanza message, GPG.Key[] keys) { + string? enc_body = gpg_encrypt(message.body, keys); if (enc_body != null) { message.stanza.put_node(new StanzaNode.build("x", NS_URI_ENCRYPTED).add_self_xmlns().put_node(new StanzaNode.text(enc_body))); message.body = "[This message is OpenPGP encrypted (see XEP-0027)]"; @@ -105,13 +102,9 @@ namespace Dino.Plugins.OpenPgp { } } - private static string? gpg_encrypt(string plain, string[] key_ids) { - GPG.Key[] keys = new GPG.Key[key_ids.length]; + private static string? gpg_encrypt(string plain, GPG.Key[] keys) { string encr; try { - for (int i = 0; i < key_ids.length; i++) { - keys[i] = GPGHelper.get_public_key(key_ids[i]); - } encr = GPGHelper.encrypt_armor(plain, keys, GPG.EncryptFlags.ALWAYS_TRUST); } catch (Error e) { return null; -- cgit v1.2.3-54-g00ecf