pgp.rs | searchcode

/src/components/mail/pgp.rs

https://github.com/meli/meli · Rust · 179 lines · 150 code · 8 blank · 21 comment · 2 complexity · 81c0a402c68300a5c5a498ce3092a3d9 MD5 · raw file

/*
 * meli
 *
 * Copyright 2019 Manos Pitsidianakis
 *
 * This file is part of meli.
 *
 * meli is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * meli is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with meli. If not, see <http://www.gnu.org/licenses/>.
 */

use super::*;
use melib::email::pgp as melib_pgp;
use std::io::Write;
use std::process::{Command, Stdio};

pub fn verify_signature(a: &Attachment, context: &mut Context) -> Result<Vec<u8>> {
    let (bytes, sig) =
        melib_pgp::verify_signature(a).chain_err_summary(|| "Could not verify signature.")?;
    let bytes_file = create_temp_file(&bytes, None, None, true);
    let signature_file = create_temp_file(sig, None, None, true);
    let binary = context
        .settings
        .pgp
        .gpg_binary
        .as_ref()
        .map(String::as_str)
        .unwrap_or("gpg2");
    Ok(Command::new(binary)
        .args(&[
            "--output",
            "-",
            "--verify",
            signature_file.path.to_str().unwrap(),
            bytes_file.path.to_str().unwrap(),
        ])
        .stdin(Stdio::piped())
        .stderr(Stdio::piped())
        .spawn()
        .and_then(|gpg| gpg.wait_with_output())
        .map(|gpg| gpg.stderr)
        .chain_err_summary(|| {
            format!(
                "Failed to launch {} to verify PGP signature",
                context
                    .settings
                    .pgp
                    .gpg_binary
                    .as_ref()
                    .map(String::as_str)
                    .unwrap_or("gpg2"),
            )
        })?)
}

/// Returns multipart/signed
pub fn sign(
    a: AttachmentBuilder,
    gpg_binary: Option<&str>,
    pgp_key: Option<&str>,
) -> Result<AttachmentBuilder> {
    let binary = gpg_binary.unwrap_or("gpg2");
    let mut command = Command::new(binary);
    command.args(&[
        "--digest-algo",
        "sha512",
        "--output",
        "-",
        "--detach-sig",
        "--armor",
    ]);
    if let Some(key) = pgp_key {
        command.args(&["--local-user", key]);
    }
    let a: Attachment = a.into();

    let sig_attachment = command
        .stdin(Stdio::piped())
        .stdout(Stdio::piped())
        .stderr(Stdio::null())
        .spawn()
        .and_then(|mut gpg| {
            gpg.stdin
                .as_mut()
                .expect("Could not get gpg stdin")
                .write_all(&melib_pgp::convert_attachment_to_rfc_spec(
                    a.into_raw().as_bytes(),
                ))?;
            let gpg = gpg.wait_with_output()?;
            Ok(Attachment::new(
                ContentType::PGPSignature,
                Default::default(),
                gpg.stdout,
            ))
        })
        .chain_err_summary(|| format!("Failed to launch {} to verify PGP signature", binary))?;

    let a: AttachmentBuilder = a.into();
    let parts = vec![a, sig_attachment.into()];
    let boundary = ContentType::make_boundary(&parts);
    Ok(Attachment::new(
        ContentType::Multipart {
            boundary: boundary.into_bytes(),
            kind: MultipartType::Signed,
            parts: parts.into_iter().map(|a| a.into()).collect::<Vec<_>>(),
        },
        Default::default(),
        Vec::new(),
    )
    .into())
}

pub async fn decrypt(
    raw: Vec<u8>,
    gpg_binary: Option<String>,
    decrypt_key: Option<String>,
) -> Result<(melib_pgp::DecryptionMetadata, Vec<u8>)> {
    let bin = gpg_binary.as_ref().map(|s| s.as_str()).unwrap_or("gpg2");
    let mut command = Command::new(bin);
    command.args(&["--digest-algo", "sha512", "--output", "-"]);
    if let Some(ref key) = decrypt_key {
        command.args(&["--local-user", key]);
    }

    let stdout = command
        .args(&["--decrypt"])
        .stdin(Stdio::piped())
        .stdout(Stdio::piped())
        .stderr(Stdio::piped())
        .spawn()
        .and_then(|mut gpg| {
            gpg.stdin
                .as_mut()
                .expect("Could not get gpg stdin")
                .write_all(&raw)?;
            let gpg = gpg.wait_with_output()?;
            Ok(gpg.stdout)
        })
        .chain_err_summary(|| format!("Failed to launch {} to verify PGP signature", bin))?;
    Ok((melib_pgp::DecryptionMetadata::default(), stdout))
}

pub async fn verify(a: Attachment, gpg_binary: Option<String>) -> Result<Vec<u8>> {
    let (bytes, sig) =
        melib_pgp::verify_signature(&a).chain_err_summary(|| "Could not verify signature.")?;
    let bytes_file = create_temp_file(&bytes, None, None, true);
    let signature_file = create_temp_file(sig, None, None, true);
    Ok(
        Command::new(gpg_binary.as_ref().map(String::as_str).unwrap_or("gpg2"))
            .args(&[
                "--output",
                "-",
                "--verify",
                signature_file.path.to_str().unwrap(),
                bytes_file.path.to_str().unwrap(),
            ])
            .stdin(Stdio::piped())
            .stderr(Stdio::piped())
            .spawn()
            .and_then(|gpg| gpg.wait_with_output())
            .map(|gpg| gpg.stderr)
            .chain_err_summary(|| {
                format!(
                    "Failed to launch {} to verify PGP signature",
                    gpg_binary.as_ref().map(String::as_str).unwrap_or("gpg2"),
                )
            })?,
    )
}