1/*!
2 * @file openpgp.c
3 *
4 * vim: expandtab:ts=2:sts=2:sw=2
5 *
6 * @authors
7 * Copyright (C) 2020 Anoxinon e.V.
8 *
9 * @copyright
10 * This file is part of xmppc.
11 *
12 * xmppc is free software: you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation, either version 3 of the License, or
15 * (at your option) any later version.
16 *
17 * xmppc is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
24 *
25 * German
26 *
27 * Diese Datei ist Teil von xmppc.
28 *
29 * xmppc ist Freie Software: Sie können es unter den Bedingungen
30 * der GNU General Public License, wie von der Free Software Foundation,
31 * Version 3 der Lizenz oder (nach Ihrer Wahl) jeder neueren
32 * veröffentlichten Version, weiter verteilen und/oder modifizieren.
33 *
34 * xmppc wird in der Hoffnung, dass es nützlich sein wird, aber
35 * OHNE JEDE GEWÄHRLEISTUNG, bereitgestellt; sogar ohne die implizite
36 * Gewährleistung der MARKTFÄHIGKEIT oder EIGNUNG FÜR EINEN BESTIMMTEN ZWECK.
37 * Siehe die GNU General Public License für weitere Details.
38 *
39 * Sie sollten eine Kopie der GNU General Public License zusammen mit diesem
40 * Programm erhalten haben. Wenn nicht, siehe <https://www.gnu.org/licenses/>.
41 */
42
43#define _GNU_SOURCE
44
45#include "openpgp.h"
46#include "string.h"
47
48#include <locale.h>
49#include <stdlib.h>
50#include <glib.h>
51#include <gpgme.h>
52
53static void _openpgp_send_text(xmppc_t *xmppc, char* to, char* text);
54static xmpp_stanza_t* _openpgp_signcrypt(xmppc_t *xmppc, char* to, char* text);
55static char* _openpgp_gpg_signcrypt(xmppc_t *xmppc, char* recipient, char* message);
56static gpgme_error_t _openpgp_lookup_key(xmppc_t *xmppc, char* name, gpgme_ctx_t* ctx, gpgme_key_t* key);
57
58void openpgp_execute_command(xmppc_t *xmppc, int argc, char *argv[]) {
59 if(argc > 0) {
60 if(strcmp("signcrypt", argv[0]) == 0) {
61 _openpgp_send_text(xmppc, argv[1], argv[2]);
62 } else {
63 logError(xmppc, "Unbekanner Befehl: %s\n", argv[0]);
64 }
65 }
66 sleep(10);
67 xmpp_disconnect(xmppc->conn);
68}
69
70void _openpgp_send_text(xmppc_t *xmppc, char* to, char* text) {
71 xmpp_conn_t *conn = xmppc->conn;
72 xmpp_stanza_t *message;
73 char* id = xmpp_uuid_gen(xmppc->ctx);
74 message = xmpp_message_new(xmpp_conn_get_context(conn), NULL, to, id);
75 xmpp_message_set_body(message, "This message is *encrypted* with OpenPGP (See :XEP:`0373`)");
76 xmpp_stanza_t *openpgp = xmpp_stanza_new(xmppc->ctx);
77 xmpp_stanza_set_name(openpgp, "openpgp");
78 xmpp_stanza_set_ns(openpgp, "urn:xmpp:openpgp:0");
79
80 xmpp_stanza_t * signcrypt = _openpgp_signcrypt(xmppc, to, text);
81 char* c;
82 size_t s;
83 xmpp_stanza_to_text(signcrypt, &c,&s);
84 char* signcrypt_e = _openpgp_gpg_signcrypt(xmppc,to, c);
85 if( signcrypt_e == NULL ) {
86 logError(xmppc, "Message not signcrypted.\n");
87 return;
88 }
89 // BASE64_OPENPGP_MESSAGE
90 xmpp_stanza_t* base64_openpgp_message = xmpp_stanza_new(xmppc->ctx);
91 xmpp_stanza_set_text(base64_openpgp_message,signcrypt_e);
92 xmpp_stanza_add_child(openpgp, base64_openpgp_message);
93 xmpp_stanza_add_child(message, openpgp);
94
95 xmpp_stanza_to_text(message, &c,&s);
96
97 xmpp_send(conn, message);
98
99}
100
101xmpp_stanza_t* _openpgp_signcrypt(xmppc_t *xmppc, char* to, char* text) {
102
103 time_t now = time(NULL);
104 struct tm* tm = localtime(&now);
105 char buf[255];
106 strftime(buf, sizeof(buf), "%FT%T%z", tm);
107 int randnr = rand() % 5;
108 char rpad_data[randnr];
109 for(int i = 0; i < randnr-1; i++) {
110 rpad_data[i] = 'c';
111 }
112 rpad_data[randnr-1] = '\0';
113
114 // signcrypt
115 xmpp_stanza_t *signcrypt = xmpp_stanza_new(xmppc->ctx);
116 xmpp_stanza_set_name(signcrypt, "signcrypt");
117 xmpp_stanza_set_ns(signcrypt, "urn:xmpp:openpgp:0");
118 // to
119 xmpp_stanza_t *s_to = xmpp_stanza_new(xmppc->ctx);
120 xmpp_stanza_set_name(s_to, "to");
121 xmpp_stanza_set_attribute(s_to, "jid", to);
122 // time
123 xmpp_stanza_t *time = xmpp_stanza_new(xmppc->ctx);
124 xmpp_stanza_set_name(time, "time");
125 xmpp_stanza_set_attribute(time, "stamp", buf);
126 xmpp_stanza_set_name(time, "time");
127 // rpad
128 xmpp_stanza_t *rpad = xmpp_stanza_new(xmppc->ctx);
129 xmpp_stanza_set_name(rpad, "rpad");
130 xmpp_stanza_t *rpad_text = xmpp_stanza_new(xmppc->ctx);
131 xmpp_stanza_set_text(rpad_text, rpad_data);
132 // payload
133 xmpp_stanza_t *payload= xmpp_stanza_new(xmppc->ctx);
134 xmpp_stanza_set_name(payload, "payload");
135 // body
136 xmpp_stanza_t *body = xmpp_stanza_new(xmppc->ctx);
137 xmpp_stanza_set_name(body, "body");
138 xmpp_stanza_set_ns(body, "jabber:client");
139 // text
140 xmpp_stanza_t *body_text = xmpp_stanza_new(xmppc->ctx);
141 xmpp_stanza_set_text(body_text, text);
142 xmpp_stanza_add_child(signcrypt,s_to);
143 xmpp_stanza_add_child(signcrypt,time);
144 xmpp_stanza_add_child(signcrypt,rpad);
145 xmpp_stanza_add_child(rpad,rpad_text);
146 xmpp_stanza_add_child(signcrypt,payload);
147 xmpp_stanza_add_child(payload, body);
148 xmpp_stanza_add_child(body, body_text);
149
150 return signcrypt;
151}
152
153char* _openpgp_gpg_signcrypt(xmppc_t *xmppc, char* recipient, char* message) {
154 setlocale (LC_ALL, "");
155 gpgme_check_version (NULL);
156 gpgme_set_locale (NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL));
157 gpgme_ctx_t ctx;
158 gpgme_error_t error = gpgme_new (&ctx);
159 if(GPG_ERR_NO_ERROR != error ) {
160 printf("gpgme_new: %d\n", error);
161 return NULL;
162 }
163 error = gpgme_set_protocol(ctx, GPGME_PROTOCOL_OPENPGP);
164 if(error != 0) {
165 logError(xmppc,"GpgME Error: %s\n", gpgme_strerror(error));
166 }
167 gpgme_set_armor(ctx,0);
168 gpgme_set_textmode(ctx,0);
169 gpgme_set_offline(ctx,1);
170 gpgme_set_keylist_mode(ctx, GPGME_KEYLIST_MODE_LOCAL);
171 if(error != 0) {
172 logError(xmppc,"GpgME Error: %s\n", gpgme_strerror(error));
173 }
174
175 gpgme_key_t recp[3];
176 recp[0] = NULL,
177 recp[1] = NULL;
178 const char *jid = xmpp_conn_get_jid(xmppc->conn);
179
180 char* xmpp_jid_me = alloca( (strlen(jid)+6) * sizeof(char) );
181 char* xmpp_jid_recipient = alloca( (strlen(recipient)+6) * sizeof(char) );
182
183 strcpy(xmpp_jid_me, "xmpp:");
184 strcpy(xmpp_jid_recipient, "xmpp:");
185 strcat(xmpp_jid_me, jid);
186 strcat(xmpp_jid_recipient,recipient);
187
188 gpgme_signers_clear(ctx);
189
190 // lookup own key
191 error = _openpgp_lookup_key(xmppc,xmpp_jid_me, &ctx, &recp[0]);
192 if(error != 0) {
193 logError(xmppc,"Key not found for %s. GpgME Error: %s\n", xmpp_jid_me, gpgme_strerror(error));
194 return NULL;
195 }
196
197 error = gpgme_signers_add(ctx,recp[0]);
198 if(error != 0) {
199 logError(xmppc,"gpgme_signers_add %s. GpgME Error: %s\n", xmpp_jid_me, gpgme_strerror(error));
200 return NULL;
201 }
202
203
204 // lookup key of recipient
205 error = _openpgp_lookup_key(xmppc,xmpp_jid_recipient, &ctx, &recp[1]);
206 if(error != 0) {
207 logError(xmppc,"Key not found for %s. GpgME Error: %s\n", xmpp_jid_recipient, gpgme_strerror(error));
208 return NULL;
209 }
210 recp[2] = NULL;
211 logInfo(xmppc, "%s <%s>\n", recp[0]->uids->name, recp[0]->uids->email);
212 logInfo(xmppc, "%s <%s>\n", recp[1]->uids->name, recp[1]->uids->email);
213
214#ifdef XMPPC_DEVELOPMENT
215 gpgme_encrypt_flags_t flags = GPGME_ENCRYPT_ALWAYS_TRUST;
216#else
217 gpgme_encrypt_flags_t flags = 0;
218#endif
219
220 gpgme_data_t plain;
221 gpgme_data_t cipher;
222
223 error = gpgme_data_new (&plain);
224 if(error != 0) {
225 logError(xmppc,"GpgME Error: %s\n", gpgme_strerror(error));
226 return NULL;
227 }
228
229 error = gpgme_data_new_from_mem(&plain, message, strlen(message),0);
230 if(error != 0) {
231 logError(xmppc,"GpgME Error: %s\n", gpgme_strerror(error));
232 return NULL;
233 }
234 error = gpgme_data_new (&cipher);
235 if(error != 0) {
236 logError(xmppc,"GpgME Error: %s\n", gpgme_strerror(error));
237 return NULL;
238 }
239
240 error = gpgme_op_encrypt_sign ( ctx, recp, flags, plain, cipher);
241 if(error != 0) {
242 logError(xmppc,"GpgME Error: %s\n", gpgme_strerror(error));
243 return NULL;
244 }
245
246 size_t len;
247 char *cipher_str = gpgme_data_release_and_get_mem(cipher, &len);
248 char* result = g_base64_encode( (unsigned char*) cipher_str,len);
249 gpgme_key_release (recp[0]);
250 gpgme_key_release (recp[1]);
251 gpgme_release (ctx);
252 return result;
253}
254
255gpgme_error_t _openpgp_lookup_key(xmppc_t *xmppc,char* name, gpgme_ctx_t* ctx, gpgme_key_t* key) {
256 logDebug(xmppc, "Looking for key: %s ...\n", name);
257 gpgme_error_t error = gpgme_op_keylist_start (*ctx, NULL, 0);
258 while (!error) {
259 error = gpgme_op_keylist_next (*ctx, key);
260 if(!error) {
261 gpgme_user_id_t uids = (*key)->uids;
262 while (uids) {
263 if(strcmp(uids->name, name) == 0) {
264 logDebug(xmppc, "Key found: %s ...\n", uids->name);
265 return error;
266 }
267 uids=uids->next;
268 }
269 } else {
270 gpgme_key_release((*key));
271 }
272 }
273 return error;
274}
275