diff options
Diffstat (limited to 'plugins/enigma')
35 files changed, 4945 insertions, 0 deletions
diff --git a/plugins/enigma/README b/plugins/enigma/README new file mode 100644 index 000000000..0566069ff --- /dev/null +++ b/plugins/enigma/README @@ -0,0 +1,66 @@ +Enigma Plugin for Roundcube + +This plugin adds support for viewing and sending of signed and encrypted +messages in PGP (RFC 2440) and PGP/MIME (RFC 3156) format. + +The plugin uses gpg binary on the server and stores all keys +(including private keys of the users) on the server. +Encryption/decryption is done server-side. So, this plugin +is for users that trust the server. + +WARNING! The plugin is in very early state. See below for a list +of missing features and known issues. + + +Implemented features: +--------------------- ++ PGP: signatures verification ++ PGP: messages decryption ++ PGP: Sending of encrypted/signed messages ++ PGP: keys management UI (keys import and delete) ++ Handling of PGP keys attached to incoming messages ++ User preferences to disable plugin features + +TODO (must have): +----------------- +- Keys export to file +- Disable Reply/Forward options when viewing encrypted messages + until they are decrypted successfully +- Handling of replying/forwarding of encrypted/signed messages +- Client-side keys generation (with OpenPGP.js?) + +TODO (later): +------------- +- Handling of big messages with temp files +- Server-side keys generation (warning: no-entropy issue, max_execution_time issue) +- Key info in contact details page (optional) +- Extended key management: + - disable, + - revoke, + - change expiration date, change passphrase, add photo, + - manage user IDs +- Generate revocation certs +- Search filter to see invalid/expired keys +- Key server(s) support (search, import, upload, refresh) +- Attaching public keys to email +- Mark keys as trusted/untrasted, display appropriate message in verify/decrypt status +- Change attachment icon on messages list for encrypted messages (like vcard_attachment plugin does) +- Support for multi-server installations (store keys in sql database?) +- Per-Identity settings (including keys/certs) +- Performance improvements: + - cache decrypted message key id so we can skip decryption if we have no password in session + - cache (last or successful only?) sig verification status to not verify on every msg preview (optional) +- S/MIME: Certs generation +- S/MIME: Certs management +- S/MIME: signed messages verification +- S/MIME: encrypted messages decryption +- S/MIME: Sending signed/encrypted messages +- S/MIME: Handling of certs attached to incoming messages +- S/MIME: Certificate info in Contacts details page (optional) + +Known issues: +------------- +1. There are Crypt_GPG issues when using gnupg >= 2.0 + - http://pear.php.net/bugs/bug.php?id=19914 + - http://pear.php.net/bugs/bug.php?id=20453 + - http://pear.php.net/bugs/bug.php?id=20527 diff --git a/plugins/enigma/composer.json b/plugins/enigma/composer.json new file mode 100644 index 000000000..8e28d64a0 --- /dev/null +++ b/plugins/enigma/composer.json @@ -0,0 +1,29 @@ +{ + "name": "roundcube/enigma", + "type": "roundcube-plugin", + "description": "PGP Encryption for Roundcube", + "license": "GPLv3+", + "version": "0.1", + "authors": [ + { + "name": "Aleksander Machniak", + "email": "alec@alec.pl", + "role": "Lead" + } + ], + "repositories": [ + { + "type": "pear", + "url": "http://pear.php.net/" + }, + { + "type": "composer", + "url": "http://plugins.roundcube.net" + } + ], + "require": { + "php": ">=5.3.0", + "roundcube/plugin-installer": ">=0.1.3", + "pear-pear.php.net/crypt_gpg": "*" + } +} diff --git a/plugins/enigma/config.inc.php.dist b/plugins/enigma/config.inc.php.dist new file mode 100644 index 000000000..832f355b1 --- /dev/null +++ b/plugins/enigma/config.inc.php.dist @@ -0,0 +1,30 @@ +<?php + +// Enigma Plugin options +// -------------------- + +// A driver to use for PGP. Default: "gnupg". +$config['enigma_pgp_driver'] = 'gnupg'; + +// A driver to use for S/MIME. Default: "phpssl". +$config['enigma_smime_driver'] = 'phpssl'; + +// Keys directory for all users. Default 'enigma/home'. +// Must be writeable by PHP process +$config['enigma_pgp_homedir'] = null; + +// Enables signatures verification feature. +$config['enigma_signatures'] = true; + +// Enables messages decryption feature. +$config['enigma_decryption'] = true; + +// Enable signing all messages by default +$config['enigma_sign_all'] = false; + +// Enable encrypting all messages by default +$config['enigma_encrypt_all'] = false; + +// Default for how long to store private key passwords (in minutes). +// When set to 0 passwords will be stored for the whole session. +$config['enigma_password_time'] = 5; diff --git a/plugins/enigma/enigma.js b/plugins/enigma/enigma.js new file mode 100644 index 000000000..4048d8d85 --- /dev/null +++ b/plugins/enigma/enigma.js @@ -0,0 +1,386 @@ +/* Enigma Plugin */ + +window.rcmail && rcmail.addEventListener('init', function(evt) { + if (rcmail.env.task == 'settings') { + rcmail.register_command('plugin.enigma', function() { rcmail.goto_url('plugin.enigma') }, true); + rcmail.register_command('plugin.enigma-key-import', function() { rcmail.enigma_key_import() }, true); +// rcmail.register_command('plugin.enigma-key-export', function() { rcmail.enigma_key_export() }, true); + rcmail.register_command('plugin.enigma-key-delete', function(props) { return rcmail.enigma_key_delete(); }); + + if (rcmail.gui_objects.keyslist) { + rcmail.keys_list = new rcube_list_widget(rcmail.gui_objects.keyslist, + {multiselect:false, draggable:false, keyboard:false}); + rcmail.keys_list + .addEventListener('select', function(o) { rcmail.enigma_keylist_select(o); }) + .addEventListener('keypress', function(o) { rcmail.enigma_keylist_keypress(o); }) + .init() + .focus(); + + rcmail.enigma_list(); + + rcmail.register_command('firstpage', function(props) { return rcmail.enigma_list_page('first'); }); + rcmail.register_command('previouspage', function(props) { return rcmail.enigma_list_page('previous'); }); + rcmail.register_command('nextpage', function(props) { return rcmail.enigma_list_page('next'); }); + rcmail.register_command('lastpage', function(props) { return rcmail.enigma_list_page('last'); }); + } + + if (rcmail.env.action == 'plugin.enigmakeys') { + rcmail.register_command('search', function(props) {return rcmail.enigma_search(props); }, true); + rcmail.register_command('reset-search', function(props) {return rcmail.enigma_search_reset(props); }, true); + rcmail.register_command('plugin.enigma-import', function() { rcmail.enigma_import(); }, true); +// rcmail.register_command('plugin.enigma-export', function() { rcmail.enigma_export(); }, true); + } + } + else if (rcmail.env.task == 'mail') { + if (rcmail.env.action == 'compose') { + rcmail.addEventListener('beforesend', function(props) { rcmail.enigma_beforesend_handler(props); }) + .addEventListener('beforesavedraft', function(props) { rcmail.enigma_beforesavedraft_handler(props); }); + + $('input,label', $('#enigmamenu')).mouseup(function(e) { + // don't close the menu on mouse click inside + e.stopPropagation(); + }); + } + else if (rcmail.env.action == 'show' || rcmail.env.action == 'preview') { + if (rcmail.env.enigma_password_request) { + rcmail.enigma_password_request(rcmail.env.enigma_password_request); + } + } + } +}); + + +/*********************************************************/ +/********* Enigma Settings/Keys/Certs UI *********/ +/*********************************************************/ + +// Display key(s) import form +rcube_webmail.prototype.enigma_key_import = function() +{ + this.enigma_loadframe('&_action=plugin.enigmakeys&_a=import'); +}; + +// Delete key(s) +rcube_webmail.prototype.enigma_key_delete = function() +{ + var keys = this.keys_list.get_selection(); + + if (!keys.length || !confirm(this.get_label('enigma.keyremoveconfirm'))) + return; + + var lock = this.display_message(this.get_label('enigma.keyremoving'), 'loading'), + post = {_a: 'delete', _keys: keys}; + + // send request to server + this.http_post('plugin.enigmakeys', post, lock); +}; + +// Submit key(s) import form +rcube_webmail.prototype.enigma_import = function() +{ + var form, file; + + if (form = this.gui_objects.importform) { + file = document.getElementById('rcmimportfile'); + if (file && !file.value) { + alert(this.get_label('selectimportfile')); + return; + } + + var lock = this.set_busy(true, 'importwait'); + + form.action = this.add_url(form.action, '_unlock', lock); + form.submit(); + + this.lock_form(form, true); + } +}; + +// list row selection handler +rcube_webmail.prototype.enigma_keylist_select = function(list) +{ + var id; + if (id = list.get_single_selection()) + this.enigma_loadframe('&_action=plugin.enigmakeys&_a=info&_id=' + id); + + this.enable_command('plugin.enigma-key-delete', list.selection.length > 0); +}; + +rcube_webmail.prototype.enigma_keylist_keypress = function(list) +{ + if (list.modkey == CONTROL_KEY) + return; + + if (list.key_pressed == list.DELETE_KEY || list.key_pressed == list.BACKSPACE_KEY) + this.command('plugin.enigma-key-delete'); + else if (list.key_pressed == 33) + this.command('previouspage'); + else if (list.key_pressed == 34) + this.command('nextpage'); +}; + +// load key frame +rcube_webmail.prototype.enigma_loadframe = function(url) +{ + var frm, win; + + if (this.env.contentframe && window.frames && (frm = window.frames[this.env.contentframe])) { + if (!url && (win = window.frames[this.env.contentframe])) { + if (win.location && win.location.href.indexOf(this.env.blankpage) < 0) + win.location.href = this.env.blankpage; + return; + } + + this.set_busy(true); + frm.location.href = this.env.comm_path + '&_framed=1' + url; + } +}; + +// Search keys/certs +rcube_webmail.prototype.enigma_search = function(props) +{ + if (!props && this.gui_objects.qsearchbox) + props = this.gui_objects.qsearchbox.value; + + if (props || this.env.search_request) { + var params = {'_a': 'search', '_q': urlencode(props)}, + lock = this.set_busy(true, 'searching'); +// if (this.gui_objects.search_filter) + // addurl += '&_filter=' + this.gui_objects.search_filter.value; + this.env.current_page = 1; + this.enigma_loadframe(); + this.enigma_clear_list(); + this.http_post('plugin.enigmakeys', params, lock); + } + + return false; +} + +// Reset search filter and the list +rcube_webmail.prototype.enigma_search_reset = function(props) +{ + var s = this.env.search_request; + this.reset_qsearch(); + + if (s) { + this.enigma_loadframe(); + this.enigma_clear_list(); + + // refresh the list + this.enigma_list(); + } + + return false; +} + +// Keys/certs listing +rcube_webmail.prototype.enigma_list = function(page) +{ + var params = {'_a': 'list'}, + lock = this.set_busy(true, 'loading'); + + this.env.current_page = page ? page : 1; + + if (this.env.search_request) + params._q = this.env.search_request; + if (page) + params._p = page; + + this.enigma_clear_list(); + this.http_post('plugin.enigmakeys', params, lock); +} + +// Change list page +rcube_webmail.prototype.enigma_list_page = function(page) +{ + if (page == 'next') + page = this.env.current_page + 1; + else if (page == 'last') + page = this.env.pagecount; + else if (page == 'prev' && this.env.current_page > 1) + page = this.env.current_page - 1; + else if (page == 'first' && this.env.current_page > 1) + page = 1; + + this.enigma_list(page); +} + +// Remove list rows +rcube_webmail.prototype.enigma_clear_list = function() +{ + this.enigma_loadframe(); + if (this.keys_list) + this.keys_list.clear(true); +} + +// Adds a row to the list +rcube_webmail.prototype.enigma_add_list_row = function(r) +{ + if (!this.gui_objects.keyslist || !this.keys_list) + return false; + + var list = this.keys_list, + tbody = this.gui_objects.keyslist.tBodies[0], + rowcount = tbody.rows.length, + even = rowcount%2, + css_class = 'message' + + (even ? ' even' : ' odd'), + // for performance use DOM instead of jQuery here + row = document.createElement('tr'), + col = document.createElement('td'); + + row.id = 'rcmrow' + r.id; + row.className = css_class; + + col.innerHTML = r.name; + row.appendChild(col); + list.insert_row(row); +} + + +/*********************************************************/ +/********* Enigma Message methods *********/ +/*********************************************************/ + +// handle message send/save action +rcube_webmail.prototype.enigma_beforesend_handler = function(props) +{ + this.env.last_action = 'send'; + this.enigma_compose_handler(props); +} + +rcube_webmail.prototype.enigma_beforesavedraft_handler = function(props) +{ + this.env.last_action = 'savedraft'; + this.enigma_compose_handler(props); +} + +rcube_webmail.prototype.enigma_compose_handler = function(props) +{ + var form = this.gui_objects.messageform; + + // copy inputs from enigma menu to the form + $('#enigmamenu input').each(function() { + var id = this.id + '_cpy', input = $('#' + id); + + if (!input.length) { + input = $(this).clone(); + input.prop({id: id, type: 'hidden'}).appendTo(form); + } + + input.val(this.checked ? '1' : ''); + }); + + // disable signing when saving drafts + if (this.env.last_action == 'savedraft') { + $('input[name="_enigma_sign"]', form).val(0); + } +} + +// Import attached keys/certs file +rcube_webmail.prototype.enigma_import_attachment = function(mime_id) +{ + var lock = this.set_busy(true, 'loading'), + post = {_uid: this.env.uid, _mbox: this.env.mailbox, _part: mime_id}; + + this.http_post('plugin.enigmaimport', post, lock); + + return false; +} + +// password request popup +rcube_webmail.prototype.enigma_password_request = function(data) +{ + if (!data || !data.keyid) { + return; + } + + var ref = this, + msg = this.get_label('enigma.enterkeypass'), + myprompt = $('<div class="prompt">'), + myprompt_content = $('<div class="message">') + .appendTo(myprompt), + myprompt_input = $('<input>').attr({type: 'password', size: 30}) + .keypress(function(e) { + if (e.which == 13) + (ref.is_framed() ? window.parent.$ : $)('.ui-dialog-buttonpane button.mainaction:visible').click(); + }) + .appendTo(myprompt); + + data.key = data.keyid; + if (data.keyid.length > 8) + data.keyid = data.keyid.substr(data.keyid.length - 8); + + $.each(['keyid', 'user'], function() { + msg = msg.replace('$' + this, data[this]); + }); + + myprompt_content.text(msg); + + this.show_popup_dialog(myprompt, this.get_label('enigma.enterkeypasstitle'), + [{ + text: this.get_label('save'), + 'class': 'mainaction', + click: function(e) { + e.stopPropagation(); + + var jq = ref.is_framed() ? window.parent.$ : $, + pass = myprompt_input.val(); + + if (!pass) { + myprompt_input.focus(); + return; + } + + ref.enigma_password_submit(data.key, pass); + jq(this).remove(); + } + }, + { + text: this.get_label('cancel'), + click: function(e) { + var jq = ref.is_framed() ? window.parent.$ : $; + e.stopPropagation(); + jq(this).remove(); + } + }], {width: 400}); + + if (this.is_framed() && parent.rcmail.message_list) { + // this fixes bug when pressing Enter on "Save" button in the dialog + parent.rcmail.message_list.blur(); + } +} + +// submit entered password +rcube_webmail.prototype.enigma_password_submit = function(keyid, password) +{ + if (this.env.action == 'compose') { + return this.enigma_password_compose_submit(keyid, password); + } + + // message preview + var form = $('<form>').attr({method: 'post', action: location.href, style: 'display:none'}) + .append($('<input>').attr({type: 'hidden', name: '_keyid', value: keyid})) + .append($('<input>').attr({type: 'hidden', name: '_passwd', value: password})) + .append($('<input>').attr({type: 'hidden', name: '_token', value: this.env.request_token})) + .appendTo(document.body); + + form.submit(); +} + +// submit entered password - in mail compose page +rcube_webmail.prototype.enigma_password_compose_submit = function(keyid, password) +{ + var form = this.gui_objects.messageform; + + if (!$('input[name="_keyid"]', form).length) { + $(form).append($('<input>').attr({type: 'hidden', name: '_keyid', value: keyid})) + .append($('<input>').attr({type: 'hidden', name: '_passwd', value: password})); + } + else { + $('input[name="_keyid"]', form).val(keyid); + $('input[name="_passwd"]', form).val(password); + } + + this.submit_messageform(this.env.last_action == 'savedraft'); +} diff --git a/plugins/enigma/enigma.php b/plugins/enigma/enigma.php new file mode 100644 index 000000000..3b9aa0bb9 --- /dev/null +++ b/plugins/enigma/enigma.php @@ -0,0 +1,451 @@ +<?php +/* + +-------------------------------------------------------------------------+ + | Enigma Plugin for Roundcube | + | | + | Copyright (C) 2010-2015 The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + +-------------------------------------------------------------------------+ + | Author: Aleksander Machniak <alec@alec.pl> | + +-------------------------------------------------------------------------+ +*/ + +/* + This class contains only hooks and action handlers. + Most plugin logic is placed in enigma_engine and enigma_ui classes. +*/ + +class enigma extends rcube_plugin +{ + public $task = 'mail|settings'; + public $rc; + public $engine; + public $ui; + + private $env_loaded = false; + + + /** + * Plugin initialization. + */ + function init() + { + $this->rc = rcube::get_instance(); + + if ($this->rc->task == 'mail') { + // message parse/display hooks + $this->add_hook('message_part_structure', array($this, 'part_structure')); + $this->add_hook('message_part_body', array($this, 'part_body')); + $this->add_hook('message_body_prefix', array($this, 'status_message')); + + $this->register_action('plugin.enigmaimport', array($this, 'import_file')); + + // message displaying + if ($this->rc->action == 'show' || $this->rc->action == 'preview') { + $this->add_hook('message_load', array($this, 'message_load')); + $this->add_hook('template_object_messagebody', array($this, 'message_output')); + } + // message composing + else if ($this->rc->action == 'compose') { + $this->load_ui(); + $this->ui->init(); + } + // message sending (and draft storing) + else if ($this->rc->action == 'send') { + $this->add_hook('message_ready', array($this, 'message_ready')); + } + + $this->password_handler(); + } + else if ($this->rc->task == 'settings') { + // add hooks for Enigma settings + $this->add_hook('settings_actions', array($this, 'settings_actions')); + $this->add_hook('preferences_sections_list', array($this, 'preferences_sections_list')); + $this->add_hook('preferences_list', array($this, 'preferences_list')); + $this->add_hook('preferences_save', array($this, 'preferences_save')); + + // register handler for keys/certs management + $this->register_action('plugin.enigmakeys', array($this, 'preferences_ui')); +// $this->register_action('plugin.enigmacerts', array($this, 'preferences_ui')); + + $this->load_ui(); + $this->ui->add_css(); + } + + $this->add_hook('refresh', array($this, 'refresh')); + } + + /** + * Plugin environment initialization. + */ + function load_env() + { + if ($this->env_loaded) { + return; + } + + $this->env_loaded = true; + + // Add include path for Enigma classes and drivers + $include_path = $this->home . '/lib' . PATH_SEPARATOR; + $include_path .= ini_get('include_path'); + set_include_path($include_path); + + // load the Enigma plugin configuration + $this->load_config(); + + // include localization (if wasn't included before) + $this->add_texts('localization/'); + } + + /** + * Plugin UI initialization. + */ + function load_ui($all = false) + { + if (!$this->ui) { + // load config/localization + $this->load_env(); + + // Load UI + $this->ui = new enigma_ui($this, $this->home); + } + + if ($all) { + $this->ui->add_css(); + $this->ui->add_js(); + } + } + + /** + * Plugin engine initialization. + */ + function load_engine() + { + if ($this->engine) { + return $this->engine; + } + + // load config/localization + $this->load_env(); + + return $this->engine = new enigma_engine($this); + } + + /** + * Handler for message_part_structure hook. + * Called for every part of the message. + * + * @param array Original parameters + * + * @return array Modified parameters + */ + function part_structure($p) + { + $this->load_engine(); + + return $this->engine->part_structure($p); + } + + /** + * Handler for message_part_body hook. + * Called to get body of a message part. + * + * @param array Original parameters + * + * @return array Modified parameters + */ + function part_body($p) + { + $this->load_engine(); + + return $this->engine->part_body($p); + } + + /** + * Handler for settings_actions hook. + * Adds Enigma settings section into preferences. + * + * @param array Original parameters + * + * @return array Modified parameters + */ + function settings_actions($args) + { + // add labels + $this->add_texts('localization/'); + + // register as settings action + $args['actions'][] = array( + 'action' => 'plugin.enigmakeys', + 'class' => 'enigma keys', + 'label' => 'enigmakeys', + 'title' => 'enigmakeys', + 'domain' => 'enigma', + ); +/* + $args['actions'][] = array( + 'action' => 'plugin.enigmacerts', + 'class' => 'enigma certs', + 'label' => 'enigmacerts', + 'title' => 'enigmacerts', + 'domain' => 'enigma', + ); +*/ + return $args; + } + + /** + * Handler for preferences_sections_list hook. + * Adds Encryption settings section into preferences sections list. + * + * @param array Original parameters + * + * @return array Modified parameters + */ + function preferences_sections_list($p) + { + $p['list']['enigma'] = array( + 'id' => 'enigma', 'section' => $this->gettext('encryption'), + ); + + return $p; + } + + /** + * Handler for preferences_list hook. + * Adds options blocks into Enigma settings sections in Preferences. + * + * @param array Original parameters + * + * @return array Modified parameters + */ + function preferences_list($p) + { + if ($p['section'] != 'enigma') { + return $p; + } + + $no_override = array_flip((array)$this->rc->config->get('dont_override')); + + $p['blocks']['main']['name'] = $this->gettext('mainoptions'); + + if (!isset($no_override['enigma_signatures'])) { + if (!$p['current']) { + $p['blocks']['main']['content'] = true; + return $p; + } + + $field_id = 'rcmfd_enigma_signatures'; + $input = new html_checkbox(array( + 'name' => '_enigma_signatures', + 'id' => $field_id, + 'value' => 1, + )); + + $p['blocks']['main']['options']['enigma_signatures'] = array( + 'title' => html::label($field_id, $this->gettext('supportsignatures')), + 'content' => $input->show(intval($this->rc->config->get('enigma_signatures'))), + ); + } + + if (!isset($no_override['enigma_decryption'])) { + if (!$p['current']) { + $p['blocks']['main']['content'] = true; + return $p; + } + + $field_id = 'rcmfd_enigma_decryption'; + $input = new html_checkbox(array( + 'name' => '_enigma_decryption', + 'id' => $field_id, + 'value' => 1, + )); + + $p['blocks']['main']['options']['enigma_decryption'] = array( + 'title' => html::label($field_id, $this->gettext('supportdecryption')), + 'content' => $input->show(intval($this->rc->config->get('enigma_decryption'))), + ); + } + + if (!isset($no_override['enigma_sign_all'])) { + if (!$p['current']) { + $p['blocks']['main']['content'] = true; + return $p; + } + + $field_id = 'rcmfd_enigma_sign_all'; + $input = new html_checkbox(array( + 'name' => '_enigma_sign_all', + 'id' => $field_id, + 'value' => 1, + )); + + $p['blocks']['main']['options']['enigma_sign_all'] = array( + 'title' => html::label($field_id, $this->gettext('signdefault')), + 'content' => $input->show($this->rc->config->get('enigma_sign_all') ? 1 : 0), + ); + } + + if (!isset($no_override['enigma_encrypt_all'])) { + if (!$p['current']) { + $p['blocks']['main']['content'] = true; + return $p; + } + + $field_id = 'rcmfd_enigma_encrypt_all'; + $input = new html_checkbox(array( + 'name' => '_enigma_encrypt_all', + 'id' => $field_id, + 'value' => 1, + )); + + $p['blocks']['main']['options']['enigma_encrypt_all'] = array( + 'title' => html::label($field_id, $this->gettext('encryptdefault')), + 'content' => $input->show($this->rc->config->get('enigma_encrypt_all') ? 1 : 0), + ); + } + + if (!isset($no_override['enigma_password_time'])) { + if (!$p['current']) { + $p['blocks']['main']['content'] = true; + return $p; + } + + $field_id = 'rcmfd_enigma_password_time'; + $select = new html_select(array('name' => '_enigma_password_time', 'id' => $field_id)); + + foreach (array(1, 5, 10, 15, 30) as $m) { + $label = $this->gettext(array('name' => 'nminutes', 'vars' => array('m' => $m))); + $select->add($label, $m); + } + $select->add($this->gettext('wholesession'), 0); + + $p['blocks']['main']['options']['enigma_password_time'] = array( + 'title' => html::label($field_id, $this->gettext('passwordtime')), + 'content' => $select->show(intval($this->rc->config->get('enigma_password_time'))), + ); + } + + return $p; + } + + /** + * Handler for preferences_save hook. + * Executed on Enigma settings form submit. + * + * @param array Original parameters + * + * @return array Modified parameters + */ + function preferences_save($p) + { + if ($p['section'] == 'enigma') { + $p['prefs'] = array( + 'enigma_signatures' => (bool) rcube_utils::get_input_value('_enigma_signatures', rcube_utils::INPUT_POST), + 'enigma_decryption' => (bool) rcube_utils::get_input_value('_enigma_decryption', rcube_utils::INPUT_POST), + 'enigma_sign_all' => intval(rcube_utils::get_input_value('_enigma_sign_all', rcube_utils::INPUT_POST)), + 'enigma_encrypt_all' => intval(rcube_utils::get_input_value('_enigma_encrypt_all', rcube_utils::INPUT_POST)), + 'enigma_password_time' => intval(rcube_utils::get_input_value('_enigma_password_time', rcube_utils::INPUT_POST)), + ); + } + + return $p; + } + + /** + * Handler for keys/certs management UI template. + */ + function preferences_ui() + { + $this->load_ui(); + + $this->ui->init(); + } + + /** + * Handler for message_body_prefix hook. + * Called for every displayed (content) part of the message. + * Adds infobox about signature verification and/or decryption + * status above the body. + * + * @param array Original parameters + * + * @return array Modified parameters + */ + function status_message($p) + { + $this->load_ui(); + + return $this->ui->status_message($p); + } + + /** + * Handler for message_load hook. + * Check message bodies and attachments for keys/certs. + */ + function message_load($p) + { + $this->load_ui(); + + return $this->ui->message_load($p); + } + + /** + * Handler for template_object_messagebody hook. + * This callback function adds a box below the message content + * if there is a key/cert attachment available + */ + function message_output($p) + { + $this->load_ui(); + + return $this->ui->message_output($p); + } + + /** + * Handler for attached keys/certs import + */ + function import_file() + { + $this->load_engine(); + + $this->engine->import_file(); + } + + /** + * Handle password submissions + */ + function password_handler() + { + $this->load_engine(); + + $this->engine->password_handler(); + } + + /** + * Handle message_ready hook (encryption/signing) + */ + function message_ready($p) + { + $this->load_ui(); + + return $this->ui->message_ready($p); + } + + /** + * Handler for refresh hook. + */ + function refresh($p) + { + // calling enigma_engine constructor to remove passwords + // stored in session after expiration time + $this->load_engine(); + + return $p; + } +} diff --git a/plugins/enigma/home/.htaccess b/plugins/enigma/home/.htaccess new file mode 100644 index 000000000..8e6a345dc --- /dev/null +++ b/plugins/enigma/home/.htaccess @@ -0,0 +1,2 @@ +Order allow,deny +Deny from all
\ No newline at end of file diff --git a/plugins/enigma/lib/enigma_driver.php b/plugins/enigma/lib/enigma_driver.php new file mode 100644 index 000000000..49208b39d --- /dev/null +++ b/plugins/enigma/lib/enigma_driver.php @@ -0,0 +1,103 @@ +<?php + +/* + +-------------------------------------------------------------------------+ + | Abstract driver for the Enigma Plugin | + | | + | Copyright (C) 2010-2015 The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + +-------------------------------------------------------------------------+ + | Author: Aleksander Machniak <alec@alec.pl> | + +-------------------------------------------------------------------------+ +*/ + +abstract class enigma_driver +{ + /** + * Class constructor. + * + * @param string User name (email address) + */ + abstract function __construct($user); + + /** + * Driver initialization. + * + * @return mixed NULL on success, enigma_error on failure + */ + abstract function init(); + + /** + * Encryption. + */ + abstract function encrypt($text, $keys); + + /** + * Decryption.. + * + * @param string Encrypted message + * @param array List of key-password mapping + */ + abstract function decrypt($text, $keys = array()); + + /** + * Signing. + */ + abstract function sign($text, $key, $passwd, $mode = null); + + /** + * Signature verification. + * + * @param string Message body + * @param string Signature, if message is of type PGP/MIME and body doesn't contain it + * + * @return mixed Signature information (enigma_signature) or enigma_error + */ + abstract function verify($text, $signature); + + /** + * Key/Cert file import. + * + * @param string File name or file content + * @param bollean True if first argument is a filename + * + * @return mixed Import status array or enigma_error + */ + abstract function import($content, $isfile=false); + + /** + * Keys listing. + * + * @param string Optional pattern for key ID, user ID or fingerprint + * + * @return mixed Array of enigma_key objects or enigma_error + */ + abstract function list_keys($pattern=''); + + /** + * Single key information. + * + * @param string Key ID, user ID or fingerprint + * + * @return mixed Key (enigma_key) object or enigma_error + */ + abstract function get_key($keyid); + + /** + * Key pair generation. + * + * @param array Key/User data + * + * @return mixed Key (enigma_key) object or enigma_error + */ + abstract function gen_key($data); + + /** + * Key deletion. + */ + abstract function delete_key($keyid); +} diff --git a/plugins/enigma/lib/enigma_driver_gnupg.php b/plugins/enigma/lib/enigma_driver_gnupg.php new file mode 100644 index 000000000..52a0ad66c --- /dev/null +++ b/plugins/enigma/lib/enigma_driver_gnupg.php @@ -0,0 +1,326 @@ +<?php +/* + +-------------------------------------------------------------------------+ + | GnuPG (PGP) driver for the Enigma Plugin | + | | + | Copyright (C) 2010-2015 The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + +-------------------------------------------------------------------------+ + | Author: Aleksander Machniak <alec@alec.pl> | + +-------------------------------------------------------------------------+ +*/ + +require_once 'Crypt/GPG.php'; + +class enigma_driver_gnupg extends enigma_driver +{ + private $rc; + private $gpg; + private $homedir; + private $user; + + + function __construct($user) + { + $this->rc = rcmail::get_instance(); + $this->user = $user; + } + + /** + * Driver initialization and environment checking. + * Should only return critical errors. + * + * @return mixed NULL on success, enigma_error on failure + */ + function init() + { + $homedir = $this->rc->config->get('enigma_pgp_homedir', INSTALL_PATH . 'plugins/enigma/home'); + + if (!$homedir) + return new enigma_error(enigma_error::E_INTERNAL, + "Option 'enigma_pgp_homedir' not specified"); + + // check if homedir exists (create it if not) and is readable + if (!file_exists($homedir)) + return new enigma_error(enigma_error::E_INTERNAL, + "Keys directory doesn't exists: $homedir"); + if (!is_writable($homedir)) + return new enigma_error(enigma_error::E_INTERNAL, + "Keys directory isn't writeable: $homedir"); + + $homedir = $homedir . '/' . $this->user; + + // check if user's homedir exists (create it if not) and is readable + if (!file_exists($homedir)) + mkdir($homedir, 0700); + + if (!file_exists($homedir)) + return new enigma_error(enigma_error::E_INTERNAL, + "Unable to create keys directory: $homedir"); + if (!is_writable($homedir)) + return new enigma_error(enigma_error::E_INTERNAL, + "Unable to write to keys directory: $homedir"); + + $this->homedir = $homedir; + + // Create Crypt_GPG object + try { + $this->gpg = new Crypt_GPG(array( + 'homedir' => $this->homedir, + // 'binary' => '/usr/bin/gpg2', + // 'debug' => true, + )); + } + catch (Exception $e) { + return $this->get_error_from_exception($e); + } + } + + /** + * Encrypt a message + * + * @param string The message + * @param array List of keys + */ + function encrypt($text, $keys) + { + try { + foreach ($keys as $key) { + $this->gpg->addEncryptKey($key); + } + + $dec = $this->gpg->encrypt($text, true); + return $dec; + } + catch (Exception $e) { + return $this->get_error_from_exception($e); + } + } + + /** + * Decrypt a message + * + * @param string Encrypted message + * @param array List of key-password mapping + */ + function decrypt($text, $keys = array()) + { + try { + foreach ($keys as $key => $password) { + $this->gpg->addDecryptKey($key, $password); + } + + $dec = $this->gpg->decrypt($text); + return $dec; + } + catch (Exception $e) { + return $this->get_error_from_exception($e); + } + } + + function sign($text, $key, $passwd, $mode = null) + { + try { + $this->gpg->addSignKey($key, $passwd); + return $this->gpg->sign($text, $mode, CRYPT_GPG::ARMOR_ASCII, true); + } + catch (Exception $e) { + return $this->get_error_from_exception($e); + } + } + + function verify($text, $signature) + { + try { + $verified = $this->gpg->verify($text, $signature); + return $this->parse_signature($verified[0]); + } + catch (Exception $e) { + return $this->get_error_from_exception($e); + } + } + + public function import($content, $isfile=false) + { + try { + if ($isfile) + return $this->gpg->importKeyFile($content); + else + return $this->gpg->importKey($content); + } + catch (Exception $e) { + return $this->get_error_from_exception($e); + } + } + + public function list_keys($pattern='') + { + try { + $keys = $this->gpg->getKeys($pattern); + $result = array(); + + foreach ($keys as $idx => $key) { + $result[] = $this->parse_key($key); + unset($keys[$idx]); + } + + return $result; + } + catch (Exception $e) { + return $this->get_error_from_exception($e); + } + } + + public function get_key($keyid) + { + $list = $this->list_keys($keyid); + + if (is_array($list)) + return array_shift($list); + + // error + return $list; + } + + public function gen_key($data) + { + } + + public function delete_key($keyid) + { + // delete public key + $result = $this->delete_pubkey($keyid); + + // if not found, delete private key + if ($result !== true && $result->getCode() == enigma_error::E_KEYNOTFOUND) { + $result = $this->delete_privkey($keyid); + } + + return $result; + } + + public function delete_privkey($keyid) + { + try { + $this->gpg->deletePrivateKey($keyid); + return true; + } + catch (Exception $e) { + return $this->get_error_from_exception($e); + } + } + + public function delete_pubkey($keyid) + { + try { + $this->gpg->deletePublicKey($keyid); + return true; + } + catch (Exception $e) { + return $this->get_error_from_exception($e); + } + } + + /** + * Converts Crypt_GPG exception into Enigma's error object + * + * @param mixed Exception object + * + * @return enigma_error Error object + */ + private function get_error_from_exception($e) + { + $data = array(); + + if ($e instanceof Crypt_GPG_KeyNotFoundException) { + $error = enigma_error::E_KEYNOTFOUND; + $data['id'] = $e->getKeyId(); + } + else if ($e instanceof Crypt_GPG_BadPassphraseException) { + $error = enigma_error::E_BADPASS; + $data['bad'] = $e->getBadPassphrases(); + $data['missing'] = $e->getMissingPassphrases(); + } + else if ($e instanceof Crypt_GPG_NoDataException) + $error = enigma_error::E_NODATA; + else if ($e instanceof Crypt_GPG_DeletePrivateKeyException) + $error = enigma_error::E_DELKEY; + else + $error = enigma_error::E_INTERNAL; + + $msg = $e->getMessage(); + + return new enigma_error($error, $msg, $data); + } + + /** + * Converts Crypt_GPG_Signature object into Enigma's signature object + * + * @param Crypt_GPG_Signature Signature object + * + * @return enigma_signature Signature object + */ + private function parse_signature($sig) + { + $user = $sig->getUserId(); + + $data = new enigma_signature(); + $data->id = $sig->getId(); + $data->valid = $sig->isValid(); + $data->fingerprint = $sig->getKeyFingerprint(); + $data->created = $sig->getCreationDate(); + $data->expires = $sig->getExpirationDate(); + $data->name = $user->getName(); + $data->comment = $user->getComment(); + $data->email = $user->getEmail(); + + return $data; + } + + /** + * Converts Crypt_GPG_Key object into Enigma's key object + * + * @param Crypt_GPG_Key Key object + * + * @return enigma_key Key object + */ + private function parse_key($key) + { + $ekey = new enigma_key(); + + foreach ($key->getUserIds() as $idx => $user) { + $id = new enigma_userid(); + $id->name = $user->getName(); + $id->comment = $user->getComment(); + $id->email = $user->getEmail(); + $id->valid = $user->isValid(); + $id->revoked = $user->isRevoked(); + + $ekey->users[$idx] = $id; + } + + $ekey->name = trim($ekey->users[0]->name . ' <' . $ekey->users[0]->email . '>'); + + foreach ($key->getSubKeys() as $idx => $subkey) { + $skey = new enigma_subkey(); + $skey->id = $subkey->getId(); + $skey->revoked = $subkey->isRevoked(); + $skey->created = $subkey->getCreationDate(); + $skey->expires = $subkey->getExpirationDate(); + $skey->fingerprint = $subkey->getFingerprint(); + $skey->has_private = $subkey->hasPrivate(); + $skey->can_sign = $subkey->canSign(); + $skey->can_encrypt = $subkey->canEncrypt(); + + $ekey->subkeys[$idx] = $skey; + }; + + $ekey->id = $ekey->subkeys[0]->id; + + return $ekey; + } +} diff --git a/plugins/enigma/lib/enigma_driver_phpssl.php b/plugins/enigma/lib/enigma_driver_phpssl.php new file mode 100644 index 000000000..0250893d2 --- /dev/null +++ b/plugins/enigma/lib/enigma_driver_phpssl.php @@ -0,0 +1,230 @@ +<?php +/* + +-------------------------------------------------------------------------+ + | S/MIME driver for the Enigma Plugin | + | | + | Copyright (C) 2010-2015 The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + +-------------------------------------------------------------------------+ + | Author: Aleksander Machniak <alec@alec.pl> | + +-------------------------------------------------------------------------+ +*/ + +class enigma_driver_phpssl extends enigma_driver +{ + private $rc; + private $homedir; + private $user; + + function __construct($user) + { + $rcmail = rcmail::get_instance(); + $this->rc = $rcmail; + $this->user = $user; + } + + /** + * Driver initialization and environment checking. + * Should only return critical errors. + * + * @return mixed NULL on success, enigma_error on failure + */ + function init() + { + $homedir = $this->rc->config->get('enigma_smime_homedir', INSTALL_PATH . '/plugins/enigma/home'); + + if (!$homedir) + return new enigma_error(enigma_error::E_INTERNAL, + "Option 'enigma_smime_homedir' not specified"); + + // check if homedir exists (create it if not) and is readable + if (!file_exists($homedir)) + return new enigma_error(enigma_error::E_INTERNAL, + "Keys directory doesn't exists: $homedir"); + if (!is_writable($homedir)) + return new enigma_error(enigma_error::E_INTERNAL, + "Keys directory isn't writeable: $homedir"); + + $homedir = $homedir . '/' . $this->user; + + // check if user's homedir exists (create it if not) and is readable + if (!file_exists($homedir)) + mkdir($homedir, 0700); + + if (!file_exists($homedir)) + return new enigma_error(enigma_error::E_INTERNAL, + "Unable to create keys directory: $homedir"); + if (!is_writable($homedir)) + return new enigma_error(enigma_error::E_INTERNAL, + "Unable to write to keys directory: $homedir"); + + $this->homedir = $homedir; + + } + + function encrypt($text, $keys) + { + } + + function decrypt($text, $keys = array()) + { + } + + function sign($text, $key, $passwd, $mode = null) + { + } + + function verify($struct, $message) + { + // use common temp dir + $temp_dir = $this->rc->config->get('temp_dir'); + $msg_file = tempnam($temp_dir, 'rcmMsg'); + $cert_file = tempnam($temp_dir, 'rcmCert'); + + $fh = fopen($msg_file, "w"); + if ($struct->mime_id) { + $message->get_part_body($struct->mime_id, false, 0, $fh); + } + else { + $this->rc->storage->get_raw_body($message->uid, $fh); + } + fclose($fh); + + // @TODO: use stored certificates + + // try with certificate verification + $sig = openssl_pkcs7_verify($msg_file, 0, $cert_file); + $validity = true; + + if ($sig !== true) { + // try without certificate verification + $sig = openssl_pkcs7_verify($msg_file, PKCS7_NOVERIFY, $cert_file); + $validity = enigma_error::E_UNVERIFIED; + } + + if ($sig === true) { + $sig = $this->parse_sig_cert($cert_file, $validity); + } + else { + $errorstr = $this->get_openssl_error(); + $sig = new enigma_error(enigma_error::E_INTERNAL, $errorstr); + } + + // remove temp files + @unlink($msg_file); + @unlink($cert_file); + + return $sig; + } + + public function import($content, $isfile=false) + { + } + + public function list_keys($pattern='') + { + } + + public function get_key($keyid) + { + } + + public function gen_key($data) + { + } + + public function delete_key($keyid) + { + } + + public function delete_privkey($keyid) + { + } + + public function delete_pubkey($keyid) + { + } + + /** + * Converts Crypt_GPG_Key object into Enigma's key object + * + * @param Crypt_GPG_Key Key object + * + * @return enigma_key Key object + */ + private function parse_key($key) + { +/* + $ekey = new enigma_key(); + + foreach ($key->getUserIds() as $idx => $user) { + $id = new enigma_userid(); + $id->name = $user->getName(); + $id->comment = $user->getComment(); + $id->email = $user->getEmail(); + $id->valid = $user->isValid(); + $id->revoked = $user->isRevoked(); + + $ekey->users[$idx] = $id; + } + + $ekey->name = trim($ekey->users[0]->name . ' <' . $ekey->users[0]->email . '>'); + + foreach ($key->getSubKeys() as $idx => $subkey) { + $skey = new enigma_subkey(); + $skey->id = $subkey->getId(); + $skey->revoked = $subkey->isRevoked(); + $skey->created = $subkey->getCreationDate(); + $skey->expires = $subkey->getExpirationDate(); + $skey->fingerprint = $subkey->getFingerprint(); + $skey->has_private = $subkey->hasPrivate(); + $skey->can_sign = $subkey->canSign(); + $skey->can_encrypt = $subkey->canEncrypt(); + + $ekey->subkeys[$idx] = $skey; + }; + + $ekey->id = $ekey->subkeys[0]->id; + + return $ekey; +*/ + } + + private function get_openssl_error() + { + $tmp = array(); + while ($errorstr = openssl_error_string()) { + $tmp[] = $errorstr; + } + + return join("\n", array_values($tmp)); + } + + private function parse_sig_cert($file, $validity) + { + $cert = openssl_x509_parse(file_get_contents($file)); + + if (empty($cert) || empty($cert['subject'])) { + $errorstr = $this->get_openssl_error(); + return new enigma_error(enigm_error::E_INTERNAL, $errorstr); + } + + $data = new enigma_signature(); + + $data->id = $cert['hash']; //? + $data->valid = $validity; + $data->fingerprint = $cert['serialNumber']; + $data->created = $cert['validFrom_time_t']; + $data->expires = $cert['validTo_time_t']; + $data->name = $cert['subject']['CN']; +// $data->comment = ''; + $data->email = $cert['subject']['emailAddress']; + + return $data; + } + +} diff --git a/plugins/enigma/lib/enigma_engine.php b/plugins/enigma/lib/enigma_engine.php new file mode 100644 index 000000000..0111d9388 --- /dev/null +++ b/plugins/enigma/lib/enigma_engine.php @@ -0,0 +1,1137 @@ +<?php +/* + +-------------------------------------------------------------------------+ + | Engine of the Enigma Plugin | + | | + | Copyright (C) 2010-2015 The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + +-------------------------------------------------------------------------+ + | Author: Aleksander Machniak <alec@alec.pl> | + +-------------------------------------------------------------------------+ +*/ + +/* + RFC2440: OpenPGP Message Format + RFC3156: MIME Security with OpenPGP + RFC3851: S/MIME +*/ + +class enigma_engine +{ + private $rc; + private $enigma; + private $pgp_driver; + private $smime_driver; + private $password_time; + + public $decryptions = array(); + public $signatures = array(); + public $signed_parts = array(); + public $encrypted_parts = array(); + + const SIGN_MODE_BODY = 1; + const SIGN_MODE_SEPARATE = 2; + const SIGN_MODE_MIME = 3; + + const ENCRYPT_MODE_BODY = 1; + const ENCRYPT_MODE_MIME = 2; + + + /** + * Plugin initialization. + */ + function __construct($enigma) + { + $this->rc = rcmail::get_instance(); + $this->enigma = $enigma; + + $this->password_time = $this->rc->config->get('enigma_password_time'); + + // this will remove passwords from session after some time + if ($this->password_time) { + $this->get_passwords(); + } + } + + /** + * PGP driver initialization. + */ + function load_pgp_driver() + { + if ($this->pgp_driver) { + return; + } + + $driver = 'enigma_driver_' . $this->rc->config->get('enigma_pgp_driver', 'gnupg'); + $username = $this->rc->user->get_username(); + + // Load driver + $this->pgp_driver = new $driver($username); + + if (!$this->pgp_driver) { + rcube::raise_error(array( + 'code' => 600, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Enigma plugin: Unable to load PGP driver: $driver" + ), true, true); + } + + // Initialise driver + $result = $this->pgp_driver->init(); + + if ($result instanceof enigma_error) { + rcube::raise_error(array( + 'code' => 600, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Enigma plugin: ".$result->getMessage() + ), true, true); + } + } + + /** + * S/MIME driver initialization. + */ + function load_smime_driver() + { + if ($this->smime_driver) { + return; + } + + $driver = 'enigma_driver_' . $this->rc->config->get('enigma_smime_driver', 'phpssl'); + $username = $this->rc->user->get_username(); + + // Load driver + $this->smime_driver = new $driver($username); + + if (!$this->smime_driver) { + rcube::raise_error(array( + 'code' => 600, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Enigma plugin: Unable to load S/MIME driver: $driver" + ), true, true); + } + + // Initialise driver + $result = $this->smime_driver->init(); + + if ($result instanceof enigma_error) { + rcube::raise_error(array( + 'code' => 600, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Enigma plugin: ".$result->getMessage() + ), true, true); + } + } + + /** + * Handler for message signing + * + * @param Mail_mime Original message + * @param int Encryption mode + * + * @return enigma_error On error returns error object + */ + function sign_message(&$message, $mode = null) + { + $mime = new enigma_mime_message($message, enigma_mime_message::PGP_SIGNED); + $from = $mime->getFromAddress(); + + // find private key + $key = $this->find_key($from, true); + + if (empty($key)) { + return new enigma_error(enigma_error::E_KEYNOTFOUND); + } + + // check if we have password for this key + $passwords = $this->get_passwords(); + $pass = $passwords[$key->id]; + + if ($pass === null) { + // ask for password + $error = array('missing' => array($key->id => $key->name)); + return new enigma_error(enigma_error::E_BADPASS, '', $error); + } + + // select mode + switch ($mode) { + case self::SIGN_MODE_BODY: + $pgp_mode = Crypt_GPG::SIGN_MODE_CLEAR; + break; + + case self::SIGN_MODE_MIME: + $pgp_mode = Crypt_GPG::SIGN_MODE_DETACHED; + break; +/* + case self::SIGN_MODE_SEPARATE: + $pgp_mode = Crypt_GPG::SIGN_MODE_NORMAL; + break; +*/ + default: + if ($mime->isMultipart()) { + $pgp_mode = Crypt_GPG::SIGN_MODE_DETACHED; + } + else { + $pgp_mode = Crypt_GPG::SIGN_MODE_CLEAR; + } + } + + // get message body + if ($pgp_mode == Crypt_GPG::SIGN_MODE_CLEAR) { + // in this mode we'll replace text part + // with the one containing signature + $body = $message->getTXTBody(); + } + else { + // here we'll build PGP/MIME message + $body = $mime->getOrigBody(); + } + + // sign the body + $result = $this->pgp_sign($body, $key->id, $pass, $pgp_mode); + + if ($result !== true) { + if ($result->getCode() == enigma_error::E_BADPASS) { + // ask for password + $error = array('missing' => array($key->id => $key->name)); + return new enigma_error(enigma_error::E_BADPASS, '', $error); + } + + return $result; + } + + // replace message body + if ($pgp_mode == Crypt_GPG::SIGN_MODE_CLEAR) { + $message->setTXTBody($body); + } + else { + $mime->addPGPSignature($body); + $message = $mime; + } + } + + /** + * Handler for message encryption + * + * @param Mail_mime Original message + * @param int Encryption mode + * @param bool Is draft-save action - use only sender's key for encryption + * + * @return enigma_error On error returns error object + */ + function encrypt_message(&$message, $mode = null, $is_draft = false) + { + $mime = new enigma_mime_message($message, enigma_mime_message::PGP_ENCRYPTED); + + // always use sender's key + $recipients = array($mime->getFromAddress()); + + // if it's not a draft we add all recipients' keys + if (!$is_draft) { + $recipients = array_merge($recipients, $mime->getRecipients()); + } + + if (empty($recipients)) { + return new enigma_error(enigma_error::E_KEYNOTFOUND); + } + + $recipients = array_unique($recipients); + + // find recipient public keys + foreach ((array) $recipients as $email) { + $key = $this->find_key($email); + + if (empty($key)) { + return new enigma_error(enigma_error::E_KEYNOTFOUND, '', array( + 'missing' => $email + )); + } + + $keys[] = $key->id; + } + + // select mode + switch ($mode) { + case self::ENCRYPT_MODE_BODY: + $encrypt_mode = $mode; + break; + + case self::ENCRYPT_MODE_MIME: + $encrypt_mode = $mode; + break; + + default: + $encrypt_mode = $mime->isMultipart() ? self::ENCRYPT_MODE_MIME : self::ENCRYPT_MODE_BODY; + } + + // get message body + if ($encrypt_mode == self::ENCRYPT_MODE_BODY) { + // in this mode we'll replace text part + // with the one containing encrypted message + $body = $message->getTXTBody(); + } + else { + // here we'll build PGP/MIME message + $body = $mime->getOrigBody(); + } + + // sign the body + $result = $this->pgp_encrypt($body, $keys); + + if ($result !== true) { + return $result; + } + + // replace message body + if ($encrypt_mode == self::ENCRYPT_MODE_BODY) { + $message->setTXTBody($body); + } + else { + $mime->setPGPEncryptedBody($body); + $message = $mime; + } + } + + /** + * Handler for message_part_structure hook. + * Called for every part of the message. + * + * @param array Original parameters + * + * @return array Modified parameters + */ + function part_structure($p) + { + if ($p['mimetype'] == 'text/plain' || $p['mimetype'] == 'application/pgp') { + $this->parse_plain($p); + } + else if ($p['mimetype'] == 'multipart/signed') { + $this->parse_signed($p); + } + else if ($p['mimetype'] == 'multipart/encrypted') { + $this->parse_encrypted($p); + } + else if ($p['mimetype'] == 'application/pkcs7-mime') { + $this->parse_encrypted($p); + } + + return $p; + } + + /** + * Handler for message_part_body hook. + * + * @param array Original parameters + * + * @return array Modified parameters + */ + function part_body($p) + { + // encrypted attachment, see parse_plain_encrypted() + if ($p['part']->need_decryption && $p['part']->body === null) { + $this->load_pgp_driver(); + + $storage = $this->rc->get_storage(); + $body = $storage->get_message_part($p['object']->uid, $p['part']->mime_id, $p['part'], null, null, true, 0, false); + $result = $this->pgp_decrypt($body); + + // @TODO: what to do on error? + if ($result === true) { + $p['part']->body = $body; + $p['part']->size = strlen($body); + $p['part']->body_modified = true; + } + } + + return $p; + } + + /** + * Handler for plain/text message. + * + * @param array Reference to hook's parameters + */ + function parse_plain(&$p) + { + $part = $p['structure']; + + // exit, if we're already inside a decrypted message + if (in_array($part->mime_id, $this->encrypted_parts)) { + return; + } + + // Get message body from IMAP server + $body = $this->get_part_body($p['object'], $part->mime_id); + + // @TODO: big message body could be a file resource + // PGP signed message + if (preg_match('/^-----BEGIN PGP SIGNED MESSAGE-----/', $body)) { + $this->parse_plain_signed($p, $body); + } + // PGP encrypted message + else if (preg_match('/^-----BEGIN PGP MESSAGE-----/', $body)) { + $this->parse_plain_encrypted($p, $body); + } + } + + /** + * Handler for multipart/signed message. + * + * @param array Reference to hook's parameters + */ + function parse_signed(&$p) + { + $struct = $p['structure']; + + // S/MIME + if ($struct->parts[1] && $struct->parts[1]->mimetype == 'application/pkcs7-signature') { + $this->parse_smime_signed($p); + } + // PGP/MIME: RFC3156 + // The multipart/signed body MUST consist of exactly two parts. + // The first part contains the signed data in MIME canonical format, + // including a set of appropriate content headers describing the data. + // The second body MUST contain the PGP digital signature. It MUST be + // labeled with a content type of "application/pgp-signature". + else if ($struct->ctype_parameters['protocol'] == 'application/pgp-signature' + && count($struct->parts) == 2 + && $struct->parts[1] && $struct->parts[1]->mimetype == 'application/pgp-signature' + ) { + $this->parse_pgp_signed($p); + } + } + + /** + * Handler for multipart/encrypted message. + * + * @param array Reference to hook's parameters + */ + function parse_encrypted(&$p) + { + $struct = $p['structure']; + + // S/MIME + if ($struct->mimetype == 'application/pkcs7-mime') { + $this->parse_smime_encrypted($p); + } + // PGP/MIME: RFC3156 + // The multipart/encrypted MUST consist of exactly two parts. The first + // MIME body part must have a content type of "application/pgp-encrypted". + // This body contains the control information. + // The second MIME body part MUST contain the actual encrypted data. It + // must be labeled with a content type of "application/octet-stream". + else if ($struct->ctype_parameters['protocol'] == 'application/pgp-encrypted' + && count($struct->parts) == 2 + && $struct->parts[0] && $struct->parts[0]->mimetype == 'application/pgp-encrypted' + && $struct->parts[1] && $struct->parts[1]->mimetype == 'application/octet-stream' + ) { + $this->parse_pgp_encrypted($p); + } + } + + /** + * Handler for plain signed message. + * Excludes message and signature bodies and verifies signature. + * + * @param array Reference to hook's parameters + * @param string Message (part) body + */ + private function parse_plain_signed(&$p, $body) + { + $this->load_pgp_driver(); + $part = $p['structure']; + + // Verify signature + if ($this->rc->action == 'show' || $this->rc->action == 'preview') { + if ($this->rc->config->get('enigma_signatures', true)) { + $sig = $this->pgp_verify($body); + } + } + + // @TODO: Handle big bodies using (temp) files + + // In this way we can use fgets on string as on file handle + $fh = fopen('php://memory', 'br+'); + // @TODO: fopen/fwrite errors handling + if ($fh) { + fwrite($fh, $body); + rewind($fh); + } + + $body = $part->body = null; + $part->body_modified = true; + + // Extract body (and signature?) + while (!feof($fh)) { + $line = fgets($fh, 1024); + + if ($part->body === null) + $part->body = ''; + else if (preg_match('/^-----BEGIN PGP SIGNATURE-----/', $line)) + break; + else + $part->body .= $line; + } + + // Remove "Hash" Armor Headers + $part->body = preg_replace('/^.*\r*\n\r*\n/', '', $part->body); + // de-Dash-Escape (RFC2440) + $part->body = preg_replace('/(^|\n)- -/', '\\1-', $part->body); + + // Store signature data for display + if (!empty($sig)) { + $this->signed_parts[$part->mime_id] = $part->mime_id; + $this->signatures[$part->mime_id] = $sig; + } + + fclose($fh); + } + + /** + * Handler for PGP/MIME signed message. + * Verifies signature. + * + * @param array Reference to hook's parameters + */ + private function parse_pgp_signed(&$p) + { + if (!$this->rc->config->get('enigma_signatures', true)) { + return; + } + + // Verify signature + if ($this->rc->action == 'show' || $this->rc->action == 'preview') { + $this->load_pgp_driver(); + $struct = $p['structure']; + + $msg_part = $struct->parts[0]; + $sig_part = $struct->parts[1]; + + // Get bodies + // Note: The first part body need to be full part body with headers + // it also cannot be decoded + $msg_body = $this->get_part_body($p['object'], $msg_part->mime_id, true); + $sig_body = $this->get_part_body($p['object'], $sig_part->mime_id); + + // Verify + $sig = $this->pgp_verify($msg_body, $sig_body); + + // Store signature data for display + $this->signatures[$struct->mime_id] = $sig; + + // Message can be multipart (assign signature to each subpart) + if (!empty($msg_part->parts)) { + foreach ($msg_part->parts as $part) + $this->signed_parts[$part->mime_id] = $struct->mime_id; + } + else { + $this->signed_parts[$msg_part->mime_id] = $struct->mime_id; + } + } + } + + /** + * Handler for S/MIME signed message. + * Verifies signature. + * + * @param array Reference to hook's parameters + */ + private function parse_smime_signed(&$p) + { + return; // @TODO + + if (!$this->rc->config->get('enigma_signatures', true)) { + return; + } + + // Verify signature + if ($this->rc->action == 'show' || $this->rc->action == 'preview') { + $this->load_smime_driver(); + + $struct = $p['structure']; + $msg_part = $struct->parts[0]; + + // Verify + $sig = $this->smime_driver->verify($struct, $p['object']); + + // Store signature data for display + $this->signatures[$struct->mime_id] = $sig; + + // Message can be multipart (assign signature to each subpart) + if (!empty($msg_part->parts)) { + foreach ($msg_part->parts as $part) + $this->signed_parts[$part->mime_id] = $struct->mime_id; + } + else { + $this->signed_parts[$msg_part->mime_id] = $struct->mime_id; + } + } + } + + /** + * Handler for plain encrypted message. + * + * @param array Reference to hook's parameters + * @param string Message (part) body + */ + private function parse_plain_encrypted(&$p, $body) + { + if (!$this->rc->config->get('enigma_decryption', true)) { + return; + } + + $this->load_pgp_driver(); + $part = $p['structure']; + + // Decrypt + $result = $this->pgp_decrypt($body); + + // Store decryption status + $this->decryptions[$part->mime_id] = $result; + + // find parent part ID + if (strpos($part->mime_id, '.')) { + $items = explode('.', $part->mime_id); + array_pop($items); + $parent = implode('.', $items); + } + else { + $parent = 0; + } + + // Parse decrypted message + if ($result === true) { + $part->body = $body; + $part->body_modified = true; + + // Remember it was decrypted + $this->encrypted_parts[] = $part->mime_id; + + // PGP signed inside? verify signature + if (preg_match('/^-----BEGIN PGP SIGNED MESSAGE-----/', $body)) { + $this->parse_plain_signed($p, $body); + } + + // Encrypted plain message may contain encrypted attachments + // in such case attachments have .pgp extension and type application/octet-stream. + // This is what happens when you select "Encrypt each attachment separately + // and send the message using inline PGP" in Thunderbird's Enigmail. + + if ($p['object']->mime_parts[$parent]) { + foreach ((array)$p['object']->mime_parts[$parent]->parts as $p) { + if ($p->disposition == 'attachment' && $p->mimetype == 'application/octet-stream' + && preg_match('/^(.*)\.pgp$/i', $p->filename, $m) + ) { + // modify filename + $p->filename = $m[1]; + // flag the part, it will be decrypted when needed + $p->need_decryption = true; + // disable caching + $p->body_modified = true; + } + } + } + } + // decryption failed, but the message may have already + // been cached with the modified parts (see above), + // let's bring the original state back + else if ($p['object']->mime_parts[$parent]) { + foreach ((array)$p['object']->mime_parts[$parent]->parts as $p) { + if ($p->need_decryption && !preg_match('/^(.*)\.pgp$/i', $p->filename, $m)) { + // modify filename + $p->filename .= '.pgp'; + // flag the part, it will be decrypted when needed + unset($p->need_decryption); + } + } + } + } + + /** + * Handler for PGP/MIME encrypted message. + * + * @param array Reference to hook's parameters + */ + private function parse_pgp_encrypted(&$p) + { + if (!$this->rc->config->get('enigma_decryption', true)) { + return; + } + + $this->load_pgp_driver(); + + $struct = $p['structure']; + $part = $struct->parts[1]; + + // Get body + $body = $this->get_part_body($p['object'], $part->mime_id); + + // Decrypt + $result = $this->pgp_decrypt($body); + + if ($result === true) { + // Parse decrypted message + $struct = $this->parse_body($body); + + // Modify original message structure + $this->modify_structure($p, $struct); + + // Attach the decryption message to all parts + $this->decryptions[$struct->mime_id] = $result; + foreach ((array) $struct->parts as $sp) { + $this->decryptions[$sp->mime_id] = $result; + } + } + else { + $this->decryptions[$part->mime_id] = $result; + + // Make sure decryption status message will be displayed + $part->type = 'content'; + $p['object']->parts[] = $part; + } + } + + /** + * Handler for S/MIME encrypted message. + * + * @param array Reference to hook's parameters + */ + private function parse_smime_encrypted(&$p) + { + if (!$this->rc->config->get('enigma_decryption', true)) { + return; + } + +// $this->load_smime_driver(); + } + + /** + * PGP signature verification. + * + * @param mixed Message body + * @param mixed Signature body (for MIME messages) + * + * @return mixed enigma_signature or enigma_error + */ + private function pgp_verify(&$msg_body, $sig_body=null) + { + // @TODO: Handle big bodies using (temp) files + $sig = $this->pgp_driver->verify($msg_body, $sig_body); + + if (($sig instanceof enigma_error) && $sig->getCode() != enigma_error::E_KEYNOTFOUND) + rcube::raise_error(array( + 'code' => 600, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Enigma plugin: " . $sig->getMessage() + ), true, false); + + return $sig; + } + + /** + * PGP message decryption. + * + * @param mixed Message body + * + * @return mixed True or enigma_error + */ + private function pgp_decrypt(&$msg_body) + { + // @TODO: Handle big bodies using (temp) files + $keys = $this->get_passwords(); + $result = $this->pgp_driver->decrypt($msg_body, $keys); + + if ($result instanceof enigma_error) { + $err_code = $result->getCode(); + if (!in_array($err_code, array(enigma_error::E_KEYNOTFOUND, enigma_error::E_BADPASS))) + rcube::raise_error(array( + 'code' => 600, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Enigma plugin: " . $result->getMessage() + ), true, false); + return $result; + } + + $msg_body = $result; + + return true; + } + + /** + * PGP message signing + * + * @param mixed Message body + * @param string Key ID + * @param string Key passphrase + * @param int Signing mode + * + * @return mixed True or enigma_error + */ + private function pgp_sign(&$msg_body, $keyid, $password, $mode = null) + { + // @TODO: Handle big bodies using (temp) files + $result = $this->pgp_driver->sign($msg_body, $keyid, $password, $mode); + + if ($result instanceof enigma_error) { + $err_code = $result->getCode(); + if (!in_array($err_code, array(enigma_error::E_KEYNOTFOUND, enigma_error::E_BADPASS))) + rcube::raise_error(array( + 'code' => 600, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Enigma plugin: " . $result->getMessage() + ), true, false); + return $result; + } + + $msg_body = $result; + + return true; + } + + /** + * PGP message encrypting + * + * @param mixed Message body + * @param array Keys + * + * @return mixed True or enigma_error + */ + private function pgp_encrypt(&$msg_body, $keys) + { + // @TODO: Handle big bodies using (temp) files + $result = $this->pgp_driver->encrypt($msg_body, $keys); + + if ($result instanceof enigma_error) { + $err_code = $result->getCode(); + if (!in_array($err_code, array(enigma_error::E_KEYNOTFOUND, enigma_error::E_BADPASS))) + rcube::raise_error(array( + 'code' => 600, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Enigma plugin: " . $result->getMessage() + ), true, false); + return $result; + } + + $msg_body = $result; + + return true; + } + + /** + * PGP keys listing. + * + * @param mixed Key ID/Name pattern + * + * @return mixed Array of keys or enigma_error + */ + function list_keys($pattern = '') + { + $this->load_pgp_driver(); + $result = $this->pgp_driver->list_keys($pattern); + + if ($result instanceof enigma_error) { + rcube::raise_error(array( + 'code' => 600, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Enigma plugin: " . $result->getMessage() + ), true, false); + } + + return $result; + } + + /** + * Find PGP private/public key + * + * @param string E-mail address + * @param bool Need a key for signing? + * + * @return enigma_key The key + */ + function find_key($email, $can_sign = false) + { + $this->load_pgp_driver(); + $result = $this->pgp_driver->list_keys($email); + + if ($result instanceof enigma_error) { + rcube::raise_error(array( + 'code' => 600, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Enigma plugin: " . $result->getMessage() + ), true, false); + + return; + } + + $mode = $can_sign ? enigma_key::CAN_SIGN : enigma_key::CAN_ENCRYPT; + + // check key validity and type + foreach ($result as $key) { + if ($keyid = $key->find_subkey($email, $mode)) { + return $key; + } + } + } + + /** + * PGP key details. + * + * @param mixed Key ID + * + * @return mixed enigma_key or enigma_error + */ + function get_key($keyid) + { + $this->load_pgp_driver(); + $result = $this->pgp_driver->get_key($keyid); + + if ($result instanceof enigma_error) { + rcube::raise_error(array( + 'code' => 600, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Enigma plugin: " . $result->getMessage() + ), true, false); + } + + return $result; + } + + /** + * PGP key delete. + * + * @param string Key ID + * + * @return enigma_error|bool True on success + */ + function delete_key($keyid) + { + $this->load_pgp_driver(); + $result = $this->pgp_driver->delete_key($keyid); + + if ($result instanceof enigma_error) { + rcube::raise_error(array( + 'code' => 600, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Enigma plugin: " . $result->getMessage() + ), true, false); + } + + return $result; + } + + /** + * PGP keys/certs importing. + * + * @param mixed Import file name or content + * @param boolean True if first argument is a filename + * + * @return mixed Import status data array or enigma_error + */ + function import_key($content, $isfile=false) + { + $this->load_pgp_driver(); + $result = $this->pgp_driver->import($content, $isfile); + + if ($result instanceof enigma_error) { + rcube::raise_error(array( + 'code' => 600, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Enigma plugin: " . $result->getMessage() + ), true, false); + } + else { + $result['imported'] = $result['public_imported'] + $result['private_imported']; + $result['unchanged'] = $result['public_unchanged'] + $result['private_unchanged']; + } + + return $result; + } + + /** + * Handler for keys/certs import request action + */ + function import_file() + { + $uid = rcube_utils::get_input_value('_uid', rcube_utils::INPUT_POST); + $mbox = rcube_utils::get_input_value('_mbox', rcube_utils::INPUT_POST); + $mime_id = rcube_utils::get_input_value('_part', rcube_utils::INPUT_POST); + $storage = $this->rc->get_storage(); + + if ($uid && $mime_id) { + $storage->set_folder($mbox); + $part = $storage->get_message_part($uid, $mime_id); + } + + if ($part && is_array($result = $this->import_key($part))) { + $this->rc->output->show_message('enigma.keysimportsuccess', 'confirmation', + array('new' => $result['imported'], 'old' => $result['unchanged'])); + } + else + $this->rc->output->show_message('enigma.keysimportfailed', 'error'); + + $this->rc->output->send(); + } + + function password_handler() + { + $keyid = rcube_utils::get_input_value('_keyid', rcube_utils::INPUT_POST); + $passwd = rcube_utils::get_input_value('_passwd', rcube_utils::INPUT_POST, true); + + if ($keyid && $passwd !== null && strlen($passwd)) { + $this->save_password($keyid, $passwd); + } + } + + function save_password($keyid, $password) + { + // we store passwords in session for specified time + if ($config = $_SESSION['enigma_pass']) { + $config = $this->rc->decrypt($config); + $config = @unserialize($config); + } + + $config[$keyid] = array($password, time()); + + $_SESSION['enigma_pass'] = $this->rc->encrypt(serialize($config)); + } + + function get_passwords() + { + if ($config = $_SESSION['enigma_pass']) { + $config = $this->rc->decrypt($config); + $config = @unserialize($config); + } + + $threshold = time() - $this->password_time; + $keys = array(); + + // delete expired passwords + foreach ((array) $config as $key => $value) { + if ($pass_time && $value[1] < $threshold) { + unset($config[$key]); + $modified = true; + } + else { + $keys[$key] = $value[0]; + } + } + + if ($modified) { + $_SESSION['enigma_pass'] = $this->rc->encrypt(serialize($config)); + } + + return $keys; + } + + /** + * Get message part body. + * + * @param rcube_message Message object + * @param string Message part ID + * @param bool Return raw body with headers + */ + private function get_part_body($msg, $part_id, $full = false) + { + // @TODO: Handle big bodies using file handles + if ($full) { + $storage = $this->rc->get_storage(); + $body = $storage->get_raw_headers($msg->uid, $part_id); + $body .= $storage->get_raw_body($msg->uid, null, $part_id); + } + else { + $body = $msg->get_part_body($part_id, false); + } + + return $body; + } + + /** + * Parse decrypted message body into structure + * + * @param string Message body + * + * @return array Message structure + */ + private function parse_body(&$body) + { + // Mail_mimeDecode need \r\n end-line, but gpg may return \n + $body = preg_replace('/\r?\n/', "\r\n", $body); + + // parse the body into structure + $struct = rcube_mime::parse_message($body); + + return $struct; + } + + /** + * Replace message encrypted structure with decrypted message structure + * + * @param array + * @param rcube_message_part + */ + private function modify_structure(&$p, $struct) + { + // modify mime_parts property of the message object + $old_id = $p['structure']->mime_id; + foreach (array_keys($p['object']->mime_parts) as $idx) { + if (!$old_id || $idx == $old_id || strpos($idx, $old_id . '.') === 0) { + unset($p['object']->mime_parts[$idx]); + } + } + + // modify the new structure to be correctly handled by Roundcube + $this->modify_structure_part($struct, $p['object'], $old_id); + + // replace old structure with the new one + $p['structure'] = $struct; + $p['mimetype'] = $struct->mimetype; + } + + /** + * Modify decrypted message part + * + * @param rcube_message_part + * @param rcube_message + */ + private function modify_structure_part($part, $msg, $old_id) + { + // never cache the body + $part->body_modified = true; + $part->encoding = 'stream'; + + // modify part identifier + if ($old_id) { + $part->mime_id = !$part->mime_id ? $old_id : ($old_id . '.' . $part->mime_id); + } + + // Cache the fact it was decrypted + $this->encrypted_parts[] = $part->mime_id; + + $msg->mime_parts[$part->mime_id] = $part; + + // modify sub-parts + foreach ((array) $part->parts as $p) { + $this->modify_structure_part($p, $msg, $old_id); + } + } + + /** + * Checks if specified message part is a PGP-key or S/MIME cert data + * + * @param rcube_message_part Part object + * + * @return boolean True if part is a key/cert + */ + public function is_keys_part($part) + { + // @TODO: S/MIME + return ( + // Content-Type: application/pgp-keys + $part->mimetype == 'application/pgp-keys' + ); + } +} diff --git a/plugins/enigma/lib/enigma_error.php b/plugins/enigma/lib/enigma_error.php new file mode 100644 index 000000000..1717a7c46 --- /dev/null +++ b/plugins/enigma/lib/enigma_error.php @@ -0,0 +1,60 @@ +<?php +/* + +-------------------------------------------------------------------------+ + | Error class for the Enigma Plugin | + | | + | Copyright (C) 2010-2015 The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + +-------------------------------------------------------------------------+ + | Author: Aleksander Machniak <alec@alec.pl> | + +-------------------------------------------------------------------------+ +*/ + +class enigma_error +{ + private $code; + private $message; + private $data = array(); + + // error codes + const E_OK = 0; + const E_INTERNAL = 1; + const E_NODATA = 2; + const E_KEYNOTFOUND = 3; + const E_DELKEY = 4; + const E_BADPASS = 5; + const E_EXPIRED = 6; + const E_UNVERIFIED = 7; + + + function __construct($code = null, $message = '', $data = array()) + { + $this->code = $code; + $this->message = $message; + $this->data = $data; + } + + function getCode() + { + return $this->code; + } + + function getMessage() + { + return $this->message; + } + + function getData($name) + { + if ($name) { + return $this->data[$name]; + } + else { + return $this->data; + } + } +} diff --git a/plugins/enigma/lib/enigma_key.php b/plugins/enigma/lib/enigma_key.php new file mode 100644 index 000000000..8c61cbd99 --- /dev/null +++ b/plugins/enigma/lib/enigma_key.php @@ -0,0 +1,150 @@ +<?php +/* + +-------------------------------------------------------------------------+ + | Key class for the Enigma Plugin | + | | + | Copyright (C) 2010-2015 The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + +-------------------------------------------------------------------------+ + | Author: Aleksander Machniak <alec@alec.pl> | + +-------------------------------------------------------------------------+ +*/ + +class enigma_key +{ + public $id; + public $name; + public $users = array(); + public $subkeys = array(); + + const TYPE_UNKNOWN = 0; + const TYPE_KEYPAIR = 1; + const TYPE_PUBLIC = 2; + + const CAN_SIGN = 1; + const CAN_ENCRYPT = 2; + + /** + * Keys list sorting callback for usort() + */ + static function cmp($a, $b) + { + return strcmp($a->name, $b->name); + } + + /** + * Returns key type + */ + function get_type() + { + if ($this->subkeys[0]->has_private) + return enigma_key::TYPE_KEYPAIR; + else if (!empty($this->subkeys[0])) + return enigma_key::TYPE_PUBLIC; + + return enigma_key::TYPE_UNKNOWN; + } + + /** + * Returns true if all user IDs are revoked + */ + function is_revoked() + { + foreach ($this->subkeys as $subkey) + if (!$subkey->revoked) + return false; + + return true; + } + + /** + * Returns true if any user ID is valid + */ + function is_valid() + { + foreach ($this->users as $user) + if ($user->valid) + return true; + + return false; + } + + /** + * Returns true if any of subkeys is not expired + */ + function is_expired() + { + $now = time(); + + foreach ($this->subkeys as $subkey) + if (!$subkey->expires || $subkey->expires > $now) + return true; + + return false; + } + + /** + * Get key ID by user email + */ + function find_subkey($email, $mode) + { + $now = time(); + + foreach ($this->users as $user) { + if ($user->email === $email && $user->valid && !$user->revoked) { + foreach ($this->subkeys as $subkey) { + if (!$subkey->revoked && (!$subkey->expires || $subkey->expires > $now)) { + if (($mode == self::CAN_ENCRYPT && $subkey->can_encrypt) + || ($mode == self::CAN_SIGN && $subkey->has_private) + ) { + return $subkey; + } + } + } + } + } + } + + /** + * Converts long ID or Fingerprint to short ID + * Crypt_GPG uses internal, but e.g. Thunderbird's Enigmail displays short ID + * + * @param string Key ID or fingerprint + * @return string Key short ID + */ + static function format_id($id) + { + // E.g. 04622F2089E037A5 => 89E037A5 + + return substr($id, -8); + } + + /** + * Formats fingerprint string + * + * @param string Key fingerprint + * + * @return string Formatted fingerprint (with spaces) + */ + static function format_fingerprint($fingerprint) + { + if (!$fingerprint) { + return ''; + } + + $result = ''; + for ($i=0; $i<40; $i++) { + if ($i % 4 == 0) { + $result .= ' '; + } + $result .= $fingerprint[$i]; + } + + return $result; + } + +} diff --git a/plugins/enigma/lib/enigma_mime_message.php b/plugins/enigma/lib/enigma_mime_message.php new file mode 100644 index 000000000..feed78e03 --- /dev/null +++ b/plugins/enigma/lib/enigma_mime_message.php @@ -0,0 +1,299 @@ +<?php +/* + +-------------------------------------------------------------------------+ + | Mail_mime wrapper for the Enigma Plugin | + | | + | Copyright (C) 2010-2015 The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + +-------------------------------------------------------------------------+ + | Author: Aleksander Machniak <alec@alec.pl> | + +-------------------------------------------------------------------------+ +*/ + +class enigma_mime_message extends Mail_mime +{ + const PGP_SIGNED = 1; + const PGP_ENCRYPTED = 2; + + protected $_type; + protected $_message; + protected $_body; + protected $_signature; + protected $_encrypted; + + + /** + * Object constructor + * + * @param Mail_mime Original message + * @param int Output message type + */ + function __construct($message, $type) + { + $this->_message = $message; + $this->_type = $type; + + // clone parameters + foreach (array_keys($this->_build_params) as $param) { + $this->_build_params[$param] = $message->getParam($param); + } + + // clone headers + $this->_headers = $message->_headers; + +/* + if ($message->getParam('delay_file_io')) { + // use common temp dir + $temp_dir = $this->config->get('temp_dir'); + $body_file = tempnam($temp_dir, 'rcmMsg'); + $mime_result = $message->saveMessageBody($body_file); + + if (is_a($mime_result, 'PEAR_Error')) { + self::raise_error(array('code' => 650, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Could not create message: ".$mime_result->getMessage()), + true, false); + return false; + } + + $msg_body = fopen($body_file, 'r'); + } + else { +*/ + // \r\n is must-have here + $this->_body = $message->get() . "\r\n"; +/* + } +*/ + } + + /** + * Check if the message is multipart (requires PGP/MIME) + * + * @return bool True if it is multipart, otherwise False + */ + function isMultipart() + { + return $this->_message instanceof enigma_mime_message + || !empty($this->_message->_parts) || $this->_message->getHTMLBody(); + } + + /** + * Get e-mail address of message sender + * + * @return string Sender address + */ + function getFromAddress() + { + // get sender address + $headers = $this->_message->headers(); + $from = rcube_mime::decode_address_list($headers['From'], 1, false, null, true); + $from = $from[1]; + + return $from; + } + + /** + * Get recipients' e-mail addresses + * + * @return array Recipients' addresses + */ + function getRecipients() + { + // get sender address + $headers = $this->_message->headers(); + $to = rcube_mime::decode_address_list($headers['To'], null, false, null, true); + $cc = rcube_mime::decode_address_list($headers['Cc'], null, false, null, true); + $bcc = rcube_mime::decode_address_list($headers['Bcc'], null, false, null, true); + + $recipients = array_unique(array_merge($to, $cc, $bcc)); + $recipients = array_diff($recipients, array('undisclosed-recipients:')); + + return $recipients; + } + + /** + * Get original message body, to be encrypted/signed + * + * @return string Message body + */ + function getOrigBody() + { + $_headers = $this->_message->headers(); + $headers = array(); + + if ($_headers['Content-Transfer-Encoding']) { + $headers[] = 'Content-Transfer-Encoding: ' . $_headers['Content-Transfer-Encoding']; + } + $headers[] = 'Content-Type: ' . $_headers['Content-Type']; + + return implode("\r\n", $headers) . "\r\n\r\n" . $this->_body; + } + + /** + * Register signature attachment + * + * @param string Signature body + */ + function addPGPSignature($body) + { + $this->_signature = $body; + } + + /** + * Register encrypted body + * + * @param string Encrypted body + */ + function setPGPEncryptedBody($body) + { + $this->_encrypted = $body; + } + + /** + * Builds the multipart message. + * + * @param array $params Build parameters that change the way the email + * is built. Should be associative. See $_build_params. + * @param resource $filename Output file where to save the message instead of + * returning it + * @param boolean $skip_head True if you want to return/save only the message + * without headers + * + * @return mixed The MIME message content string, null or PEAR error object + * @access public + */ + function get($params = null, $filename = null, $skip_head = false) + { + if (isset($params)) { + while (list($key, $value) = each($params)) { + $this->_build_params[$key] = $value; + } + } + + $this->_checkParams(); + + if ($this->_type == self::PGP_SIGNED) { + $body = "This is an OpenPGP/MIME signed message (RFC 4880 and 3156)"; + $params = array( + 'content_type' => "multipart/signed; micalg=pgp-sha1; protocol=\"application/pgp-signature\"", + 'eol' => $this->_build_params['eol'], + ); + + $message = new Mail_mimePart($body, $params); + + if (!empty($this->_body)) { + $headers = $this->_message->headers(); + $params = array('content_type' => $headers['Content-Type']); + + if ($headers['Content-Transfer-Encoding']) { + $params['encoding'] = $headers['Content-Transfer-Encoding']; + } + + $message->addSubpart($this->_body, $params); + } + + if (!empty($this->_signature)) { + $message->addSubpart($this->_signature, array( + 'filename' => 'signature.asc', + 'content_type' => 'application/pgp-signature', + 'disposition' => 'attachment', + 'description' => 'OpenPGP digital signature', + )); + } + } + else if ($this->_type == self::PGP_ENCRYPTED) { + $body = "This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)"; + $params = array( + 'content_type' => "multipart/encrypted; protocol=\"application/pgp-encrypted\"", + 'eol' => $this->_build_params['eol'], + ); + + $message = new Mail_mimePart($body, $params); + + $message->addSubpart('Version: 1', array( + 'content_type' => 'application/pgp-encrypted', + 'description' => 'PGP/MIME version identification', + )); + + $message->addSubpart($this->_encrypted, array( + 'content_type' => 'application/octet-stream', + 'description' => 'PGP/MIME encrypted message', + 'disposition' => 'inline', + 'filename' => 'encrypted.asc', + )); + } + + // Use saved boundary + if (!empty($this->_build_params['boundary'])) { + $boundary = $this->_build_params['boundary']; + } + else { + $boundary = null; + } + + // Write output to file + if ($filename) { + // Append mimePart message headers and body into file + $headers = $message->encodeToFile($filename, $boundary, $skip_head); + if ($this->_isError($headers)) { + return $headers; + } + $this->_headers = array_merge($this->_headers, $headers); + return null; + } + else { + $output = $message->encode($boundary, $skip_head); + if ($this->_isError($output)) { + return $output; + } + $this->_headers = array_merge($this->_headers, $output['headers']); + return $output['body']; + } + } + + /** + * Get Content-Type and Content-Transfer-Encoding headers of the message + * + * @return array Headers array + * @access private + */ + function _contentHeaders() + { + $this->_checkParams(); + + $eol = !empty($this->_build_params['eol']) ? $this->_build_params['eol'] : "\r\n"; + + // multipart message: and boundary + if (!empty($this->_build_params['boundary'])) { + $boundary = $this->_build_params['boundary']; + } + else if (!empty($this->_headers['Content-Type']) + && preg_match('/boundary="([^"]+)"/', $this->_headers['Content-Type'], $m) + ) { + $boundary = $m[1]; + } + else { + $boundary = '=_' . md5(rand() . microtime()); + } + + $this->_build_params['boundary'] = $boundary; + + if ($this->_type == self::PGP_SIGNED) { + $headers['Content-Type'] = "multipart/signed; micalg=pgp-sha1;$eol" + ." protocol=\"application/pgp-signature\";$eol" + ." boundary=\"$boundary\""; + } + else if ($this->_type == self::PGP_ENCRYPTED) { + $headers['Content-Type'] = "multipart/encrypted;$eol" + ." protocol=\"application/pgp-encrypted\";$eol" + ." boundary=\"$boundary\""; + } + + return $headers; + } +} diff --git a/plugins/enigma/lib/enigma_signature.php b/plugins/enigma/lib/enigma_signature.php new file mode 100644 index 000000000..2e63a80f4 --- /dev/null +++ b/plugins/enigma/lib/enigma_signature.php @@ -0,0 +1,27 @@ +<?php +/* + +-------------------------------------------------------------------------+ + | Signature class for the Enigma Plugin | + | | + | Copyright (C) 2010-2015 The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + +-------------------------------------------------------------------------+ + | Author: Aleksander Machniak <alec@alec.pl> | + +-------------------------------------------------------------------------+ +*/ + +class enigma_signature +{ + public $id; + public $valid; + public $fingerprint; + public $created; + public $expires; + public $name; + public $comment; + public $email; +} diff --git a/plugins/enigma/lib/enigma_subkey.php b/plugins/enigma/lib/enigma_subkey.php new file mode 100644 index 000000000..cd57611c0 --- /dev/null +++ b/plugins/enigma/lib/enigma_subkey.php @@ -0,0 +1,50 @@ +<?php +/* + +-------------------------------------------------------------------------+ + | SubKey class for the Enigma Plugin | + | | + | Copyright (C) 2010-2015 The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + +-------------------------------------------------------------------------+ + | Author: Aleksander Machniak <alec@alec.pl> | + +-------------------------------------------------------------------------+ +*/ + +class enigma_subkey +{ + public $id; + public $fingerprint; + public $expires; + public $created; + public $revoked; + public $has_private; + public $can_sign; + public $can_encrypt; + + /** + * Converts internal ID to short ID + * Crypt_GPG uses internal, but e.g. Thunderbird's Enigmail displays short ID + * + * @return string Key ID + */ + function get_short_id() + { + // E.g. 04622F2089E037A5 => 89E037A5 + return enigma_key::format_id($this->id); + } + + /** + * Getter for formatted fingerprint + * + * @return string Formatted fingerprint + */ + function get_fingerprint() + { + return enigma_key::format_fingerprint($this->fingerprint); + } + +} diff --git a/plugins/enigma/lib/enigma_ui.php b/plugins/enigma/lib/enigma_ui.php new file mode 100644 index 000000000..e866ba335 --- /dev/null +++ b/plugins/enigma/lib/enigma_ui.php @@ -0,0 +1,749 @@ +<?php +/* + +-------------------------------------------------------------------------+ + | User Interface for the Enigma Plugin | + | | + | Copyright (C) 2010-2015 The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + +-------------------------------------------------------------------------+ + | Author: Aleksander Machniak <alec@alec.pl> | + +-------------------------------------------------------------------------+ +*/ + +class enigma_ui +{ + private $rc; + private $enigma; + private $home; + private $css_loaded; + private $js_loaded; + private $data; + private $keys_parts = array(); + private $keys_bodies = array(); + + + function __construct($enigma_plugin, $home='') + { + $this->enigma = $enigma_plugin; + $this->rc = $enigma_plugin->rc; + $this->home = $home; // we cannot use $enigma_plugin->home here + } + + /** + * UI initialization and requests handlers. + * + * @param string Preferences section + */ + function init() + { + $this->add_js(); + + $action = rcube_utils::get_input_value('_a', rcube_utils::INPUT_GPC); + + if ($this->rc->action == 'plugin.enigmakeys') { + switch ($action) { + case 'delete': + $this->key_delete(); + break; +/* + case 'edit': + $this->key_edit(); + break; +*/ + case 'import': + $this->key_import(); + break; + + case 'search': + case 'list': + $this->key_list(); + break; + + case 'info': + $this->key_info(); + break; + } + + $this->rc->output->add_handlers(array( + 'keyslist' => array($this, 'tpl_keys_list'), + 'keyframe' => array($this, 'tpl_key_frame'), + 'countdisplay' => array($this, 'tpl_keys_rowcount'), + 'searchform' => array($this->rc->output, 'search_form'), + )); + + $this->rc->output->set_pagetitle($this->enigma->gettext('enigmakeys')); + $this->rc->output->send('enigma.keys'); + } +/* + // Preferences UI + else if ($this->rc->action == 'plugin.enigmacerts') { + $this->rc->output->add_handlers(array( + 'keyslist' => array($this, 'tpl_certs_list'), + 'keyframe' => array($this, 'tpl_cert_frame'), + 'countdisplay' => array($this, 'tpl_certs_rowcount'), + 'searchform' => array($this->rc->output, 'search_form'), + )); + + $this->rc->output->set_pagetitle($this->enigma->gettext('enigmacerts')); + $this->rc->output->send('enigma.certs'); + } +*/ + // Message composing UI + else if ($this->rc->action == 'compose') { + $this->compose_ui(); + } + } + + /** + * Adds CSS style file to the page header. + */ + function add_css() + { + if ($this->css_loaded) + return; + + $skin_path = $this->enigma->local_skin_path(); + if (is_file($this->home . "/$skin_path/enigma.css")) { + $this->enigma->include_stylesheet("$skin_path/enigma.css"); + } + + $this->css_loaded = true; + } + + /** + * Adds javascript file to the page header. + */ + function add_js() + { + if ($this->js_loaded) { + return; + } + + $this->enigma->include_script('enigma.js'); + + $this->js_loaded = true; + } + + /** + * Initializes key password prompt + * + * @param enigma_error Error object with key info + */ + function password_prompt($status) + { + $data = $status->getData('missing'); + + if (empty($data)) { + $data = $status->getData('bad'); + } + + $data = array('keyid' => key($data), 'user' => $data[key($data)]); + + if ($this->rc->action == 'send') { + $this->rc->output->command('enigma_password_request', $data); + } + else { + $this->rc->output->set_env('enigma_password_request', $data); + } + + // add some labels to client + $this->rc->output->add_label('enigma.enterkeypasstitle', 'enigma.enterkeypass', + 'save', 'cancel'); + + $this->add_css(); + $this->add_js(); + } + + /** + * Template object for key info/edit frame. + * + * @param array Object attributes + * + * @return string HTML output + */ + function tpl_key_frame($attrib) + { + if (!$attrib['id']) { + $attrib['id'] = 'rcmkeysframe'; + } + + $attrib['name'] = $attrib['id']; + + $this->rc->output->set_env('contentframe', $attrib['name']); + $this->rc->output->set_env('blankpage', $attrib['src'] ? + $this->rc->output->abs_url($attrib['src']) : 'program/resources/blank.gif'); + + return $this->rc->output->frame($attrib); + } + + /** + * Template object for list of keys. + * + * @param array Object attributes + * + * @return string HTML content + */ + function tpl_keys_list($attrib) + { + // add id to message list table if not specified + if (!strlen($attrib['id'])) { + $attrib['id'] = 'rcmenigmakeyslist'; + } + + // define list of cols to be displayed + $a_show_cols = array('name'); + + // create XHTML table + $out = $this->rc->table_output($attrib, array(), $a_show_cols, 'id'); + + // set client env + $this->rc->output->add_gui_object('keyslist', $attrib['id']); + $this->rc->output->include_script('list.js'); + + // add some labels to client + $this->rc->output->add_label('enigma.keyremoveconfirm', 'enigma.keyremoving'); + + return $out; + } + + /** + * Key listing (and searching) request handler + */ + private function key_list() + { + $this->enigma->load_engine(); + + $pagesize = $this->rc->config->get('pagesize', 100); + $page = max(intval(rcube_utils::get_input_value('_p', rcube_utils::INPUT_GPC)), 1); + $search = rcube_utils::get_input_value('_q', rcube_utils::INPUT_GPC); + + // Get the list + $list = $this->enigma->engine->list_keys($search); + + if ($list && ($list instanceof enigma_error)) + $this->rc->output->show_message('enigma.keylisterror', 'error'); + else if (empty($list)) + $this->rc->output->show_message('enigma.nokeysfound', 'notice'); + else if (is_array($list)) { + // Save the size + $listsize = count($list); + + // Sort the list by key (user) name + usort($list, array('enigma_key', 'cmp')); + + // Slice current page + $list = array_slice($list, ($page - 1) * $pagesize, $pagesize); + $size = count($list); + + // Add rows + foreach ($list as $key) { + $this->rc->output->command('enigma_add_list_row', + array('name' => rcube::Q($key->name), 'id' => $key->id)); + } + } + + $this->rc->output->set_env('search_request', $search); + $this->rc->output->set_env('pagecount', ceil($listsize/$pagesize)); + $this->rc->output->set_env('current_page', $page); + $this->rc->output->command('set_rowcount', + $this->get_rowcount_text($listsize, $size, $page)); + + $this->rc->output->send(); + } + + /** + * Template object for list records counter. + * + * @param array Object attributes + * + * @return string HTML output + */ + function tpl_keys_rowcount($attrib) + { + if (!$attrib['id']) + $attrib['id'] = 'rcmcountdisplay'; + + $this->rc->output->add_gui_object('countdisplay', $attrib['id']); + + return html::span($attrib, $this->get_rowcount_text()); + } + + /** + * Returns text representation of list records counter + */ + private function get_rowcount_text($all=0, $curr_count=0, $page=1) + { + if (!$curr_count) { + $out = $this->enigma->gettext('nokeysfound'); + } + else { + $pagesize = $this->rc->config->get('pagesize', 100); + $first = ($page - 1) * $pagesize; + + $out = $this->enigma->gettext(array( + 'name' => 'keysfromto', + 'vars' => array( + 'from' => $first + 1, + 'to' => $first + $curr_count, + 'count' => $all) + )); + } + + return $out; + } + + /** + * Key information page handler + */ + private function key_info() + { + $this->enigma->load_engine(); + + $id = rcube_utils::get_input_value('_id', rcube_utils::INPUT_GET); + $res = $this->enigma->engine->get_key($id); + + if ($res instanceof enigma_key) { + $this->data = $res; + } + else { // error + $this->rc->output->show_message('enigma.keyopenerror', 'error'); + $this->rc->output->command('parent.enigma_loadframe'); + $this->rc->output->send('iframe'); + } + + $this->rc->output->add_handlers(array( + 'keyname' => array($this, 'tpl_key_name'), + 'keydata' => array($this, 'tpl_key_data'), + )); + + $this->rc->output->set_pagetitle($this->enigma->gettext('keyinfo')); + $this->rc->output->send('enigma.keyinfo'); + } + + /** + * Template object for key name + */ + function tpl_key_name($attrib) + { + return rcube::Q($this->data->name); + } + + /** + * Template object for key information page content + */ + function tpl_key_data($attrib) + { + $out = ''; + $table = new html_table(array('cols' => 2)); + + // Key user ID + $table->add('title', $this->enigma->gettext('keyuserid')); + $table->add(null, rcube::Q($this->data->name)); + // Key ID + $table->add('title', $this->enigma->gettext('keyid')); + $table->add(null, $this->data->subkeys[0]->get_short_id()); + // Key type + $keytype = $this->data->get_type(); + if ($keytype == enigma_key::TYPE_KEYPAIR) + $type = $this->enigma->gettext('typekeypair'); + else if ($keytype == enigma_key::TYPE_PUBLIC) + $type = $this->enigma->gettext('typepublickey'); + $table->add('title', $this->enigma->gettext('keytype')); + $table->add(null, $type); + // Key fingerprint + $table->add('title', $this->enigma->gettext('fingerprint')); + $table->add(null, $this->data->subkeys[0]->get_fingerprint()); + + $out .= html::tag('fieldset', null, + html::tag('legend', null, + $this->enigma->gettext('basicinfo')) . $table->show($attrib)); +/* + // Subkeys + $table = new html_table(array('cols' => 6)); + // Columns: Type, ID, Algorithm, Size, Created, Expires + + $out .= html::tag('fieldset', null, + html::tag('legend', null, + $this->enigma->gettext('subkeys')) . $table->show($attrib)); + + // Additional user IDs + $table = new html_table(array('cols' => 2)); + // Columns: User ID, Validity + + $out .= html::tag('fieldset', null, + html::tag('legend', null, + $this->enigma->gettext('userids')) . $table->show($attrib)); +*/ + return $out; + } + + /** + * Key import page handler + */ + private function key_import() + { + // Import process + if ($_FILES['_file']['tmp_name'] && is_uploaded_file($_FILES['_file']['tmp_name'])) { + $this->enigma->load_engine(); + $result = $this->enigma->engine->import_key($_FILES['_file']['tmp_name'], true); + + if (is_array($result)) { + // reload list if any keys has been added + if ($result['imported']) { + $this->rc->output->command('parent.enigma_list', 1); + } + else + $this->rc->output->command('parent.enigma_loadframe'); + + $this->rc->output->show_message('enigma.keysimportsuccess', 'confirmation', + array('new' => $result['imported'], 'old' => $result['unchanged'])); + + $this->rc->output->send('iframe'); + } + else { + $this->rc->output->show_message('enigma.keysimportfailed', 'error'); + } + } + else if ($err = $_FILES['_file']['error']) { + if ($err == UPLOAD_ERR_INI_SIZE || $err == UPLOAD_ERR_FORM_SIZE) { + $this->rc->output->show_message('filesizeerror', 'error', + array('size' => $this->rc->show_bytes(parse_bytes(ini_get('upload_max_filesize'))))); + } else { + $this->rc->output->show_message('fileuploaderror', 'error'); + } + } + + $this->rc->output->add_handlers(array( + 'importform' => array($this, 'tpl_key_import_form'), + )); + + $this->rc->output->set_pagetitle($this->enigma->gettext('keyimport')); + $this->rc->output->send('enigma.keyimport'); + } + + /** + * Template object for key import (upload) form + */ + function tpl_key_import_form($attrib) + { + $attrib += array('id' => 'rcmKeyImportForm'); + + $upload = new html_inputfield(array('type' => 'file', 'name' => '_file', + 'id' => 'rcmimportfile', 'size' => 30)); + + $form = html::p(null, + rcube::Q($this->enigma->gettext('keyimporttext'), 'show') + . html::br() . html::br() . $upload->show() + ); + + $this->rc->output->add_label('selectimportfile', 'importwait'); + $this->rc->output->add_gui_object('importform', $attrib['id']); + + $out = $this->rc->output->form_tag(array( + 'action' => $this->rc->url(array('action' => $this->rc->action, 'a' => 'import')), + 'method' => 'post', + 'enctype' => 'multipart/form-data') + $attrib, + $form); + + return $out; + } + + /** + * Key deleting + */ + private function key_delete() + { + $keys = rcube_utils::get_input_value('_keys', rcube_utils::INPUT_POST); + + $this->enigma->load_engine(); + + foreach ((array)$keys as $key) { + $res = $this->enigma->engine->delete_key($key); + + if ($res !== true) { + $this->rc->output->show_message('enigma.keyremoveerror', 'error'); + $this->rc->output->command('enigma_list'); + $this->rc->output->send(); + } + } + + $this->rc->output->command('enigma_list'); + $this->rc->output->show_message('enigma.keyremovesuccess', 'confirmation'); + $this->rc->output->send(); + } + + private function compose_ui() + { + $this->add_css(); + + // Options menu button + $this->enigma->add_button(array( + 'type' => 'link', + 'command' => 'plugin.enigma', + 'onclick' => "rcmail.command('menu-open', 'enigmamenu', event.target, event)", + 'class' => 'button enigma', + 'title' => 'encryptionoptions', + 'label' => 'encryption', + 'domain' => $this->enigma->ID, + 'width' => 32, + 'height' => 32 + ), 'toolbar'); + + // Options menu contents + $this->enigma->add_hook('render_page', array($this, 'compose_menu')); + } + + function compose_menu($p) + { + $menu = new html_table(array('cols' => 2)); + $chbox = new html_checkbox(array('value' => 1)); + + $menu->add(null, html::label(array('for' => 'enigmasignopt'), + rcube::Q($this->enigma->gettext('signmsg')))); + $menu->add(null, $chbox->show($this->rc->config->get('enigma_sign_all') ? 1 : 0, + array('name' => '_enigma_sign', 'id' => 'enigmasignopt'))); + + $menu->add(null, html::label(array('for' => 'enigmaencryptopt'), + rcube::Q($this->enigma->gettext('encryptmsg')))); + $menu->add(null, $chbox->show($this->rc->config->get('enigma_encrypt_all') ? 1 : 0, + array('name' => '_enigma_encrypt', 'id' => 'enigmaencryptopt'))); + + $menu = html::div(array('id' => 'enigmamenu', 'class' => 'popupmenu'), + $menu->show()); + + $p['content'] .= $menu; + + return $p; + } + + /** + * Handler for message_body_prefix hook. + * Called for every displayed (content) part of the message. + * Adds infobox about signature verification and/or decryption + * status above the body. + * + * @param array Original parameters + * + * @return array Modified parameters + */ + function status_message($p) + { + // skip: not a message part + if ($p['part'] instanceof rcube_message) { + return $p; + } + + // skip: message has no signed/encoded content + if (!$this->enigma->engine) { + return $p; + } + + $engine = $this->enigma->engine; + $part_id = $p['part']->mime_id; + + // Decryption status + if (isset($engine->decryptions[$part_id])) { + $attach_scripts = true; + + // get decryption status + $status = $engine->decryptions[$part_id]; + + // display status info + $attrib['id'] = 'enigma-message'; + + if ($status instanceof enigma_error) { + $attrib['class'] = 'enigmaerror'; + $code = $status->getCode(); + + if ($code == enigma_error::E_KEYNOTFOUND) { + $msg = rcube::Q(str_replace('$keyid', enigma_key::format_id($status->getData('id')), + $this->enigma->gettext('decryptnokey'))); + } + else if ($code == enigma_error::E_BADPASS) { + $msg = rcube::Q($this->enigma->gettext('decryptbadpass')); + $this->password_prompt($status); + } + else { + $msg = rcube::Q($this->enigma->gettext('decrypterror')); + } + } + else { + $attrib['class'] = 'enigmanotice'; + $msg = rcube::Q($this->enigma->gettext('decryptok')); + } + + $p['prefix'] .= html::div($attrib, $msg); + } + + // Signature verification status + if (isset($engine->signed_parts[$part_id]) + && ($sig = $engine->signatures[$engine->signed_parts[$part_id]]) + ) { + $attach_scripts = true; + + // display status info + $attrib['id'] = 'enigma-message'; + + if ($sig instanceof enigma_signature) { + $sender = ($sig->name ? $sig->name . ' ' : '') . '<' . $sig->email . '>'; + + if ($sig->valid === enigma_error::E_UNVERIFIED) { + $attrib['class'] = 'enigmawarning'; + $msg = str_replace('$sender', $sender, $this->enigma->gettext('sigunverified')); + $msg = str_replace('$keyid', $sig->id, $msg); + $msg = rcube::Q($msg); + } + else if ($sig->valid) { + $attrib['class'] = 'enigmanotice'; + $msg = rcube::Q(str_replace('$sender', $sender, $this->enigma->gettext('sigvalid'))); + } + else { + $attrib['class'] = 'enigmawarning'; + $msg = rcube::Q(str_replace('$sender', $sender, $this->enigma->gettext('siginvalid'))); + } + } + else if ($sig && $sig->getCode() == enigma_error::E_KEYNOTFOUND) { + $attrib['class'] = 'enigmawarning'; + $msg = rcube::Q(str_replace('$keyid', enigma_key::format_id($sig->getData('id')), + $this->enigma->gettext('signokey'))); + } + else { + $attrib['class'] = 'enigmaerror'; + $msg = rcube::Q($this->enigma->gettext('sigerror')); + } +/* + $msg .= ' ' . html::a(array('href' => "#sigdetails", + 'onclick' => rcmail_output::JS_OBJECT_NAME.".command('enigma-sig-details')"), + rcube::Q($this->enigma->gettext('showdetails'))); +*/ + // test +// $msg .= '<br /><pre>'.$sig->body.'</pre>'; + + $p['prefix'] .= html::div($attrib, $msg); + + // Display each signature message only once + unset($engine->signatures[$engine->signed_parts[$part_id]]); + } + + if ($attach_scripts) { + // add css and js script + $this->add_css(); + $this->add_js(); + } + + return $p; + } + + /** + * Handler for message_load hook. + * Check message bodies and attachments for keys/certs. + */ + function message_load($p) + { + $engine = $this->enigma->load_engine(); + + // handle attachments vcard attachments + foreach ((array) $p['object']->attachments as $attachment) { + if ($engine->is_keys_part($attachment)) { + $this->keys_parts[] = $attachment->mime_id; + } + } + + // the same with message bodies + foreach ((array) $p['object']->parts as $part) { + if ($engine->is_keys_part($part)) { + $this->keys_parts[] = $part->mime_id; + $this->keys_bodies[] = $part->mime_id; + } + } + + // @TODO: inline PGP keys + + if ($this->keys_parts) { + $this->enigma->add_texts('localization'); + } + + return $p; + } + + /** + * Handler for template_object_messagebody hook. + * This callback function adds a box below the message content + * if there is a key/cert attachment available + */ + function message_output($p) + { + foreach ($this->keys_parts as $part) { + // remove part's body + if (in_array($part, $this->keys_bodies)) { + $p['content'] = ''; + } + + // add box below message body + $p['content'] .= html::p(array('class' => 'enigmaattachment'), + html::a(array( + 'href' => "#", + 'onclick' => "return ".rcmail_output::JS_OBJECT_NAME.".enigma_import_attachment('".rcube::JQ($part)."')", + 'title' => $this->enigma->gettext('keyattimport')), + html::span(null, $this->enigma->gettext('keyattfound')))); + + $attach_scripts = true; + } + + if ($attach_scripts) { + // add css and js script + $this->add_css(); + $this->add_js(); + } + + return $p; + } + + /** + * Handle message_ready hook (encryption/signing) + */ + function message_ready($p) + { + $savedraft = !empty($_POST['_draft']) && empty($_GET['_saveonly']); + + if (!$savedraft && rcube_utils::get_input_value('_enigma_sign', rcube_utils::INPUT_POST)) { + $this->enigma->load_engine(); + $status = $this->enigma->engine->sign_message($p['message']); + $mode = 'sign'; + } + + if ((!$status instanceof enigma_error) && rcube_utils::get_input_value('_enigma_encrypt', rcube_utils::INPUT_POST)) { + $this->enigma->load_engine(); + $status = $this->enigma->engine->encrypt_message($p['message'], null, $savedraft); + $mode = 'encrypt'; + } + + if ($mode && ($status instanceof enigma_error)) { + $code = $status->getCode(); + + if ($code == enigma_error::E_KEYNOTFOUND) { + $vars = array('email' => $status->getData('missing')); + $msg = 'enigma.' . $mode . 'nokey'; + } + else if ($code == enigma_error::E_BADPASS) { + $msg = 'enigma.' . $mode . 'badpass'; + $type = 'warning'; + + $this->password_prompt($status); + } + else { + $msg = 'enigma.' . $mode . 'error'; + } + + $this->rc->output->show_message($msg, $type ?: 'error', $vars); + $this->rc->output->send('iframe'); + } + + return $p; + } + +} diff --git a/plugins/enigma/lib/enigma_userid.php b/plugins/enigma/lib/enigma_userid.php new file mode 100644 index 000000000..da0358445 --- /dev/null +++ b/plugins/enigma/lib/enigma_userid.php @@ -0,0 +1,24 @@ +<?php +/* + +-------------------------------------------------------------------------+ + | User ID class for the Enigma Plugin | + | | + | Copyright (C) 2010-2015 The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + +-------------------------------------------------------------------------+ + | Author: Aleksander Machniak <alec@alec.pl> | + +-------------------------------------------------------------------------+ +*/ + +class enigma_userid +{ + public $revoked; + public $valid; + public $name; + public $comment; + public $email; +} diff --git a/plugins/enigma/localization/en_US.inc b/plugins/enigma/localization/en_US.inc new file mode 100644 index 000000000..410a52e56 --- /dev/null +++ b/plugins/enigma/localization/en_US.inc @@ -0,0 +1,72 @@ +<?php + +$labels = array(); +$labels['encryption'] = 'Encryption'; +$labels['enigmacerts'] = 'S/MIME Certificates'; +$labels['enigmakeys'] = 'PGP Keys'; +$labels['keysfromto'] = 'Keys $from to $to of $count'; +$labels['keyname'] = 'Name'; +$labels['keyid'] = 'Key ID'; +$labels['keyuserid'] = 'User ID'; +$labels['keytype'] = 'Key type'; +$labels['fingerprint'] = 'Fingerprint'; +$labels['subkeys'] = 'Subkeys'; +$labels['basicinfo'] = 'Basic Information'; +$labels['userids'] = 'Additional User IDs'; +$labels['typepublickey'] = 'public key'; +$labels['typekeypair'] = 'key pair'; +$labels['keyattfound'] = 'This message contains attached PGP key(s).'; +$labels['keyattimport'] = 'Import key(s)'; + +$labels['supportsignatures'] = 'Enable message signatures verification'; +$labels['supportdecryption'] = 'Enable message decryption'; +$labels['signdefault'] = 'Sign all messages by default'; +$labels['encryptdefault'] = 'Encrypt all messages by default'; +$labels['passwordtime'] = 'Keep private key passwords for'; +$labels['nminutes'] = '$m minute(s)'; +$labels['wholesession'] = 'the whole session'; + +$labels['createkeys'] = 'Create a new key pair'; +$labels['importkeys'] = 'Import key(s)'; +$labels['exportkeys'] = 'Export key(s)'; +$labels['keyactions'] = 'Key actions...'; +$labels['keyremove'] = 'Remove'; +$labels['keydisable'] = 'Disable'; +$labels['keyrevoke'] = 'Revoke'; +$labels['keysend'] = 'Send public key in a message'; +$labels['keychpass'] = 'Change password'; + +$labels['encryptionoptions'] = 'Encryption options...'; +$labels['encryptmsg'] = 'Encrypt this message'; +$labels['signmsg'] = 'Digitally sign this message'; + +$labels['enterkeypasstitle'] = 'Enter key passphrase'; +$labels['enterkeypass'] = 'A passphrase is needed to unlock the secret key ($keyid) for user: $user.'; + +$messages = array(); +$messages['sigvalid'] = 'Verified signature from $sender.'; +$messages['siginvalid'] = 'Invalid signature from $sender.'; +$messages['sigunverified'] = 'Unverified signature. Certificate not verified. Certificate ID: $keyid.'; +$messages['signokey'] = 'Unverified signature. Public key not found. Key ID: $keyid.'; +$messages['sigerror'] = 'Unverified signature. Internal error.'; +$messages['decryptok'] = 'Message decrypted.'; +$messages['decrypterror'] = 'Decryption failed.'; +$messages['decryptnokey'] = 'Decryption failed. Private key not found. Key ID: $keyid.'; +$messages['decryptbadpass'] = 'Decryption failed. Bad password.'; +$messages['signerror'] = 'Signing failed.'; +$messages['signnokey'] = 'Signing failed. Private key not found.'; +$messages['signbadpass'] = 'Signing failed. Bad password.'; +$messages['encrypterror'] = 'Encryption failed.'; +$messages['encryptnokey'] = 'Encryption failed. Public key not found for $email.'; +$messages['nokeysfound'] = 'No keys found'; +$messages['keyopenerror'] = 'Unable to get key information! Internal error.'; +$messages['keylisterror'] = 'Unable to list keys! Internal error.'; +$messages['keysimportfailed'] = 'Unable to import key(s)! Internal error.'; +$messages['keysimportsuccess'] = 'Key(s) imported successfully. Imported: $new, unchanged: $old.'; +$messages['keyremoving'] = 'Removing key(s)...'; +$messages['keyremoveconfirm'] = 'Are you sure, you want to delete selected key(s)?'; +$messages['keyremovesuccess'] = 'Key(s) deleted successfulyl'; +$messages['keyremoveerror'] = 'Unable to delete selected key(s).'; +$messages['keyimporttext'] = 'You can import private and public key(s) or revocation signatures in ASCII-Armor format.'; + +?> diff --git a/plugins/enigma/localization/ja_JP.inc b/plugins/enigma/localization/ja_JP.inc new file mode 100644 index 000000000..142e7f65d --- /dev/null +++ b/plugins/enigma/localization/ja_JP.inc @@ -0,0 +1,49 @@ +<?php + + + +$labels['enigmasettings'] = 'Enigma'; +$labels['enigmacerts'] = 'Enigma: 証明書 (S/MIME)'; +$labels['enigmakeys'] = 'Enigma: 鍵 (PGP)'; +$labels['keysfromto'] = '鍵の一覧 $from ~ $to (合計: $count )'; +$labels['keyname'] = '名前'; +$labels['keyid'] = '鍵 ID'; +$labels['keyuserid'] = 'ユーザー ID'; +$labels['keytype'] = '鍵の種類'; +$labels['fingerprint'] = '指紋'; +$labels['subkeys'] = 'Subkeys'; +$labels['basicinfo'] = '基本情報'; +$labels['userids'] = '追加のユーザー ID'; +$labels['typepublickey'] = '公開鍵'; +$labels['typekeypair'] = '鍵のペア'; +$labels['keyattfound'] = 'このメールは PGP 鍵の添付があります。'; +$labels['keyattimport'] = '鍵のインポート'; +$labels['createkeys'] = '新しい鍵のペアを作成する'; +$labels['importkeys'] = '鍵のインポート'; +$labels['exportkeys'] = '鍵のエクスポート'; +$labels['deletekeys'] = '鍵の削除'; +$labels['keyactions'] = '鍵の操作...'; +$labels['keydisable'] = '鍵を無効にする'; +$labels['keyrevoke'] = '鍵を取り消す'; +$labels['keysend'] = 'メッセージに公開鍵を含んで送信する'; +$labels['keychpass'] = 'パスワードの変更'; +$labels['securityoptions'] = 'メールのセキュリティ オプション...'; +$labels['identdefault'] = '選択した識別子の設定を使う'; +$labels['encryptmsg'] = 'このメールの暗号化'; +$labels['signmsg'] = 'このメールのデジタル署名'; +$messages['sigvalid'] = '$sender からの署名を検証しました。'; +$messages['siginvalid'] = '$sender からの署名が正しくありません。'; +$messages['signokey'] = '署名は未検証です。公開鍵が見つかりません。鍵 ID: $keyid'; +$messages['sigerror'] = '署名は未検証です。内部エラーです。'; +$messages['decryptok'] = 'メールを復号しました。'; +$messages['decrypterror'] = '復号に失敗しました。'; +$messages['decryptnokey'] = '復号に失敗しました。秘密鍵が見つかりません。鍵 ID: $keyid.'; +$messages['decryptbadpass'] = '復号に失敗しました。パスワードが正しくありません。'; +$messages['nokeysfound'] = '鍵が見つかりません。'; +$messages['keyopenerror'] = '鍵情報の取得に失敗しました! 内部エラーです。'; +$messages['keylisterror'] = '鍵情報のリストに失敗しました! 内部エラーです。'; +$messages['keysimportfailed'] = '鍵のインポートに失敗しました! 内部エラーです。'; +$messages['keysimportsuccess'] = '鍵をインポートしました。インポート: $new, 未変更: $old'; +$messages['keyconfirmdelete'] = '選択した鍵を本当に削除しますか?'; +$messages['keyimporttext'] = '秘密鍵と公開鍵のインポート、または ASCII 形式の署名を無効にできます。'; +?> diff --git a/plugins/enigma/localization/ru_RU.inc b/plugins/enigma/localization/ru_RU.inc new file mode 100644 index 000000000..e8240de30 --- /dev/null +++ b/plugins/enigma/localization/ru_RU.inc @@ -0,0 +1,58 @@ +<?php +/* + ++-----------------------------------------------------------------------+ +| plugins/enigma/localization/ru_RU.inc | +| | +| Russian translation for roundcube/enigma plugin | +| Copyright (C) 2010 | +| Licensed under the GNU GPL | +| | ++-----------------------------------------------------------------------+ +| Author: Sergey Dukachev <iam@dukess.ru> | +| Updates: | ++-----------------------------------------------------------------------+ + +@version 2010-12-23 + +*/ +$labels['enigmacerts'] = 'Enigma: Сертификаты (S/MIME)'; +$labels['enigmakeys'] = 'Enigma: Ключи (PGP)'; +$labels['keysfromto'] = 'Ключи от $from к $to в количестве $count'; +$labels['keyname'] = 'Имя'; +$labels['keyid'] = 'Идентификатор ключа'; +$labels['keyuserid'] = 'Идентификатор пользователя'; +$labels['keytype'] = 'Тип ключа'; +$labels['fingerprint'] = 'Отпечаток (хэш) ключа'; +$labels['subkeys'] = 'Подразделы'; +$labels['basicinfo'] = 'Основные сведения'; +$labels['userids'] = 'Дополнительные идентификаторы пользователя'; +$labels['typepublickey'] = 'Открытый ключ'; +$labels['typekeypair'] = 'пара ключей'; +$labels['keyattfound'] = 'Это сообщение содержит один или несколько ключей PGP.'; +$labels['keyattimport'] = 'Импортировать ключи'; +$labels['createkeys'] = 'Создать новую пару ключей'; +$labels['importkeys'] = 'Импортировать ключ(и)'; +$labels['exportkeys'] = 'Экспортировать ключ(и)'; +$labels['deletekeys'] = 'Удалить ключ(и)'; +$labels['keyactions'] = 'Действия с ключами...'; +$labels['keydisable'] = 'Отключить ключ'; +$labels['keyrevoke'] = 'Отозвать ключ'; +$labels['keysend'] = 'Отправить публичный ключ в собщении'; +$labels['keychpass'] = 'Изменить пароль'; +$messages['sigvalid'] = 'Проверенная подпись у $sender.'; +$messages['siginvalid'] = 'Неверная подпись у $sender.'; +$messages['signokey'] = 'Непроверяемая подпись. Открытый ключ не найден. Идентификатор ключа: $keyid.'; +$messages['sigerror'] = 'Непроверяемая подпись. Внутренняя ошибка.'; +$messages['decryptok'] = 'Сообщение расшифровано.'; +$messages['decrypterror'] = 'Расшифровка не удалась.'; +$messages['decryptnokey'] = 'Расшифровка не удалась. Секретный ключ не найден. Идентификатор ключа: $keyid.'; +$messages['decryptbadpass'] = 'Расшифровка не удалась. Неправильный пароль.'; +$messages['nokeysfound'] = 'Ключи не найдены'; +$messages['keyopenerror'] = 'Невозможно получить информацию о ключе! Внутренняя ошибка.'; +$messages['keylisterror'] = 'Невозможно сделать список ключей! Внутренняя ошибка.'; +$messages['keysimportfailed'] = 'Невозможно импортировать ключ(и)! Внутренняя ошибка.'; +$messages['keysimportsuccess'] = 'Ключи успешно импортированы. Импортировано: $new, без изменений: $old.'; +$messages['keyconfirmdelete'] = 'Вы точно хотите удалить выбранные ключи?'; +$messages['keyimporttext'] = 'Вы можете импортировать открытые и секретные ключи или сообщения об отзыве ключей в формате ASCII-Armor.'; +?> diff --git a/plugins/enigma/skins/classic/enigma.css b/plugins/enigma/skins/classic/enigma.css new file mode 100644 index 000000000..bbc4af99d --- /dev/null +++ b/plugins/enigma/skins/classic/enigma.css @@ -0,0 +1,208 @@ +/*** Style for Enigma plugin ***/ + +/***** Messages displaying *****/ + +#enigma-message, +/* fixes border-top */ +#messagebody div #enigma-message +{ + margin: 0; + margin-bottom: 5px; + min-height: 20px; + padding: 10px 10px 6px 46px; +} + +div.enigmaerror, +/* fixes border-top */ +#messagebody div.enigmaerror +{ + background: url(enigma_error.png) 6px 1px no-repeat; + background-color: #EF9398; + border: 1px solid #DC5757; +} + +div.enigmanotice, +/* fixes border-top */ +#messagebody div.enigmanotice +{ + background: url(enigma.png) 6px 1px no-repeat; + background-color: #A6EF7B; + border: 1px solid #76C83F; +} + +div.enigmawarning, +/* fixes border-top */ +#messagebody div.enigmawarning +{ + background: url(enigma.png) 6px 1px no-repeat; + background-color: #F7FDCB; + border: 1px solid #C2D071; +} + +#enigma-message a +{ + color: #666666; + padding-left: 10px; +} + +#enigma-message a:hover +{ + color: #333333; +} + +p.enigmaattachment +{ + margin: 0.5em 1em; + border: 1px solid #999; + border-radius: 4px; + width: auto; +} + +p.enigmaattachment a +{ + display: block; + background: url(key_add.png) 10px center no-repeat; + padding: 1em 0.5em 1em 50px; +} + + +/***** E-mail Compose Page *****/ + +#messagetoolbar a.button.enigma { + text-indent: -5000px; + background: url(enigma.png) 0 0 no-repeat; +} + +/***** Keys/Certs Management *****/ + +#mainscreen.enigma +{ + top: 80px; +} + +div.enigmascreen +{ + position: absolute; + top: 40px; + right: 0; + bottom: 0; + left: 0; +} + +.enigma #quicksearchbar +{ + top: 10px; + right: 0; +} + +#enigmacontent-box +{ + position: absolute; + top: 0px; + left: 290px; + right: 0px; + bottom: 0px; + border: 1px solid #999999; + overflow: hidden; +} + +#enigmakeyslist +{ + position: absolute; + top: 0; + bottom: 0; + left: 0; + border: 1px solid #999999; + background-color: #F9F9F9; + overflow: hidden; +} + +#keylistcountbar +{ + margin-top: 4px; + margin-left: 4px; +} + +#keys-table +{ + width: 100%; + table-layout: fixed; +} + +#keys-table td +{ + cursor: default; + text-overflow: ellipsis; + -o-text-overflow: ellipsis; +} + +#key-details table td.title +{ + font-weight: bold; + text-align: right; +} + +#keystoolbar +{ + position: absolute; + top: 0; + left: 10px; + height: 35px; +} + +#keystoolbar a +{ + padding-right: 10px; +} + +#keystoolbar a.button, +#keystoolbar a.buttonPas, +#keystoolbar span.separator { + display: block; + float: left; + width: 32px; + height: 32px; + padding: 0; + margin-right: 10px; + overflow: hidden; + background: url(keys_toolbar.png) 0 0 no-repeat transparent; + opacity: 0.99; /* this is needed to make buttons appear correctly in Chrome */ +} + +#keystoolbar a.buttonPas { + opacity: 0.35; +} + +#keystoolbar a.createSel { + background-position: 0 -32px; +} + +#keystoolbar a.create { + background-position: 0 0; +} + +#keystoolbar a.importSel { + background-position: -64px -32px; +} + +#keystoolbar a.import { + background-position: -64px 0; +} + +#keystoolbar a.exportSel { + background-position: -96px -32px; +} + +#keystoolbar a.export { + background-position: -96px 0; +} + +#keystoolbar a.keymenu { + background-position: -128px 0; + width: 36px; +} + +#keystoolbar span.separator { + width: 5px; + background-position: -166px 0; +} diff --git a/plugins/enigma/skins/classic/enigma.png b/plugins/enigma/skins/classic/enigma.png Binary files differnew file mode 100644 index 000000000..3ef106e2a --- /dev/null +++ b/plugins/enigma/skins/classic/enigma.png diff --git a/plugins/enigma/skins/classic/enigma_error.png b/plugins/enigma/skins/classic/enigma_error.png Binary files differnew file mode 100644 index 000000000..9bf100efd --- /dev/null +++ b/plugins/enigma/skins/classic/enigma_error.png diff --git a/plugins/enigma/skins/classic/key.png b/plugins/enigma/skins/classic/key.png Binary files differnew file mode 100644 index 000000000..ea1cbd11c --- /dev/null +++ b/plugins/enigma/skins/classic/key.png diff --git a/plugins/enigma/skins/classic/key_add.png b/plugins/enigma/skins/classic/key_add.png Binary files differnew file mode 100644 index 000000000..f22cc870a --- /dev/null +++ b/plugins/enigma/skins/classic/key_add.png diff --git a/plugins/enigma/skins/classic/keys_toolbar.png b/plugins/enigma/skins/classic/keys_toolbar.png Binary files differnew file mode 100644 index 000000000..7cc258cc8 --- /dev/null +++ b/plugins/enigma/skins/classic/keys_toolbar.png diff --git a/plugins/enigma/skins/classic/templates/keyimport.html b/plugins/enigma/skins/classic/templates/keyimport.html new file mode 100644 index 000000000..4e0b304a5 --- /dev/null +++ b/plugins/enigma/skins/classic/templates/keyimport.html @@ -0,0 +1,20 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head> +<title><roundcube:object name="pagetitle" /></title> +<roundcube:include file="/includes/links.html" /> +<link rel="stylesheet" type="text/css" href="/this/enigma.css" /> +</head> +<body class="iframe"> + +<div id="keyimport-title" class="boxtitle"><roundcube:label name="enigma.importkeys" /></div> + +<div id="import-form" class="boxcontent"> + <roundcube:object name="importform" /> + <p> + <br /><roundcube:button command="plugin.enigma-import" type="input" class="button mainaction" label="import" /> + </p> +</div> + +</body> +</html> diff --git a/plugins/enigma/skins/classic/templates/keyinfo.html b/plugins/enigma/skins/classic/templates/keyinfo.html new file mode 100644 index 000000000..2e8ed61db --- /dev/null +++ b/plugins/enigma/skins/classic/templates/keyinfo.html @@ -0,0 +1,17 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head> +<title><roundcube:object name="pagetitle" /></title> +<roundcube:include file="/includes/links.html" /> +<link rel="stylesheet" type="text/css" href="/this/enigma.css" /> +</head> +<body class="iframe"> + +<div id="keyinfo-title" class="boxtitle"><roundcube:object name="keyname" part="name" /></div> + +<div id="key-details" class="boxcontent"> + <roundcube:object name="keydata" /> +</div> + +</body> +</html> diff --git a/plugins/enigma/skins/classic/templates/keys.html b/plugins/enigma/skins/classic/templates/keys.html new file mode 100644 index 000000000..f64c7353a --- /dev/null +++ b/plugins/enigma/skins/classic/templates/keys.html @@ -0,0 +1,89 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head> +<title><roundcube:object name="pagetitle" /></title> +<roundcube:include file="/includes/links.html" /> +<link rel="stylesheet" type="text/css" href="/this/enigma.css" /> +<script type="text/javascript" src="/functions.js"></script> +<script type="text/javascript" src="/splitter.js"></script> +<style type="text/css"> +#enigmakeyslist { width: <roundcube:exp expression="!empty(cookie:enigmaviewsplitter) ? cookie:enigmaviewsplitter-5 : 210" />px; } +#enigmacontent-box { left: <roundcube:exp expression="!empty(cookie:enigmaviewsplitter) ? cookie:enigmaviewsplitter+5 : 220" />px; +<roundcube:exp expression="browser:ie ? ('width:expression((parseInt(this.parentNode.offsetWidth)-'.(!empty(cookie:enigmaeviewsplitter) ? cookie:enigmaviewsplitter+5 : 220).')+\\'px\\');') : ''" /> +} +</style> +</head> +<body> + +<roundcube:include file="/includes/taskbar.html" /> +<roundcube:include file="/includes/header.html" /> +<roundcube:include file="/includes/settingstabs.html" /> + +<div id="mainscreen" class="enigma"> + +<div id="keystoolbar"> +<!-- + <roundcube:button command="plugin.enigma-key-create" type="link" class="buttonPas create" classAct="button create" classSel="button createSel" title="enigma.createkeys" content=" " /> + <span class="separator"> </span> +--> + <roundcube:button command="plugin.enigma-key-import" type="link" class="buttonPas import" classAct="button import" classSel="button importSel" title="enigma.importkeys" content=" " /> +<!-- + <roundcube:button command="plugin.enigma-key-export" type="link" class="buttonPas export" classAct="button export" classSel="button exportSel" title="enigma.exportkeys" content=" " /> +--> + <roundcube:button name="messagemenulink" id="messagemenulink" type="link" class="button keymenu" title="enigma.keyactions" onclick="rcmail_ui.show_popup('messagemenu');return false" content=" " /> +</div> + +<div id="quicksearchbar"> + <roundcube:button name="searchmenulink" id="searchmenulink" image="/images/icons/glass.png" /> + <roundcube:object name="searchform" id="quicksearchbox" /> + <roundcube:button command="reset-search" id="searchreset" image="/images/icons/reset.gif" title="resetsearch" /> +</div> + +<div class="enigmascreen"> + +<div id="enigmakeyslist"> +<div class="boxtitle"><roundcube:label name="enigma.keyname" /></div> +<div class="boxlistcontent"> + <roundcube:object name="keyslist" id="keys-table" class="records-table" cellspacing="0" noheader="true" /> +</div> +<div class="boxfooter"> +<div id="keylistcountbar" class="pagenav"> + <roundcube:button command="firstpage" type="link" class="buttonPas firstpage" classAct="button firstpage" classSel="button firstpageSel" title="firstpage" content=" " /> + <roundcube:button command="previouspage" type="link" class="buttonPas prevpage" classAct="button prevpage" classSel="button prevpageSel" title="previouspage" content=" " /> + <roundcube:object name="countdisplay" style="padding:0 .5em; float:left" /> + <roundcube:button command="nextpage" type="link" class="buttonPas nextpage" classAct="button nextpage" classSel="button nextpageSel" title="nextpage" content=" " /> + <roundcube:button command="lastpage" type="link" class="buttonPas lastpage" classAct="button lastpage" classSel="button lastpageSel" title="lastpage" content=" " /> +</div> +</div> +</div> + +<script type="text/javascript"> + var enigmaviewsplit = new rcube_splitter({id:'enigmaviewsplitter', p1: 'enigmakeyslist', p2: 'enigmacontent-box', orientation: 'v', relative: true, start: 215}); + rcmail.add_onload('enigmaviewsplit.init()'); +</script> + +<div id="enigmacontent-box"> + <roundcube:object name="keyframe" id="keyframe" width="100%" height="100%" frameborder="0" src="/watermark.html" /> +</div> + +</div> +</div> + +<div id="messagemenu" class="popupmenu"> + <ul> + <li><roundcube:button class="deletelink" command="plugin.enigma-key-delete" label="enigma.keyremove" classAct="deletelink active" /></li> +<!-- + <li><roundcube:button class="disablelink" command="plugin.enigma-key-disable" label="enigma.keydisable" classAct="disablelink active" /></li> + <li><roundcube:button class="revokelink" command="plugin.enigma-key-revoke" label="enigma.keyrevoke" classAct="revokelink active" /></li> + <li class="separator_below"><roundcube:button class="sendlink" command="plugin.enigma-key-send" label="enigma.keysend" classAct="sendlink active" /></li> + <li><roundcube:button class="chpasslink" command="plugin.enigma-key-chpass" label="enigma.keychpass" classAct="chpasslink active" /></li> +--> + </ul> +</div> + +<script type="text/javascript"> +rcube_init_mail_ui(); +</script> + +</body> +</html> diff --git a/plugins/enigma/skins/larry/enigma.css b/plugins/enigma/skins/larry/enigma.css new file mode 100644 index 000000000..0f393a022 --- /dev/null +++ b/plugins/enigma/skins/larry/enigma.css @@ -0,0 +1,165 @@ +/*** Style for Enigma plugin ***/ + +/***** Messages displaying *****/ + +#enigma-message, +#messagebody div #enigma-message +{ + margin: 0; + margin-bottom: 5px; + padding: 6px 12px 6px 30px; + font-weight: bold; +} + +div.enigmaerror, +#messagebody div.enigmaerror +{ + background: url(enigma_icons.png) 3px -201px no-repeat #f2cccd; + border: 1px solid #c00005; + color: #c00005; +} + +div.enigmanotice, +#messagebody div.enigmanotice +{ + background: url(enigma_icons.png) 3px -171px no-repeat #c9e6d3; + border: 1px solid #008a2e; + color: #008a2e; +} + +div.enigmawarning, +#messagebody div.enigmawarning +{ + background: url(enigma_icons.png) 3px -231px no-repeat #fef893; + border: 1px solid #ffdf0e; + color: #960; +} + +#enigma-message a +{ + color: #666666; + padding-left: 10px; +} + +#enigma-message a:hover +{ + color: #333333; +} + +p.enigmaattachment { + margin: 0.5em 1em; + width: auto; + background: #f9f9f9; + border: 1px solid #d3d3d3; + border-radius: 4px; + box-shadow: 0 0 2px #ccc; + -webkit-box-shadow: 0 0 2px #ccc; +} + +p.enigmaattachment a { + display: block; + background: url(enigma_icons.png) 8px -78px no-repeat; + padding: 1em 0.5em 1em 46px; +} + +/***** E-mail Compose Page *****/ + +#messagetoolbar a.button.enigma { + background: url(enigma_icons.png) center -122px no-repeat; +} + +#enigmamenu { + color: white; + padding: 2px 5px; +} + + +/***** Keys/Certs Management *****/ + +#settings-sections .enigma.keys a { + background-image: url(enigma_icons.png); + background-position: 7px -345px; + background-repeat: no-repeat; +} + +#settings-sections .enigma.keys.selected a { + background-image: url(enigma_icons.png); + background-position: 7px -368px; + background-repeat: no-repeat; +} + +#sections-table #rcmrowenigma .section { + background-image: url(enigma_icons.png); + background-position: 5px -297px; + background-repeat: no-repeat; +} + +#sections-table #rcmrowenigma.selected .section { + background-image: url(enigma_icons.png); + background-position: 5px -321px; + background-repeat: no-repeat; +} + +#mainscreen.enigma #settings-sections, +#mainscreen.enigma #settings-right +{ + top: 44px; +} + +#enigmacontent-box +{ + position: absolute; + top: 0px; + left: 272px; + right: 0px; + bottom: 0px; +} + +#enigmakeyslist +{ + position: absolute; + top: 0; + bottom: 0; + left: 0; + width: 260px; +} + +#keylistcountbar +{ + margin-top: 4px; + margin-left: 4px; +} + +#keys-table +{ + width: 100%; + table-layout: fixed; +} + +#keys-table td +{ + text-overflow: ellipsis; +} + +#keystoolbar +{ + position: absolute; + top: -6px; + left: 0; + height: 40px; + white-space: nowrap; + z-index: 10; +} + +#keystoolbar a.button +{ + background: url(enigma_icons.png) 0 0 no-repeat transparent; +} + +#keystoolbar a.import { + background-position: center 0; +} + +#keystoolbar a.export { + background-position: center 0; +} diff --git a/plugins/enigma/skins/larry/enigma_icons.png b/plugins/enigma/skins/larry/enigma_icons.png Binary files differnew file mode 100644 index 000000000..ce4d76fb7 --- /dev/null +++ b/plugins/enigma/skins/larry/enigma_icons.png diff --git a/plugins/enigma/skins/larry/templates/keyimport.html b/plugins/enigma/skins/larry/templates/keyimport.html new file mode 100644 index 000000000..83191184c --- /dev/null +++ b/plugins/enigma/skins/larry/templates/keyimport.html @@ -0,0 +1,23 @@ +<roundcube:object name="doctype" value="html5" /> +<html> +<head> +<title><roundcube:object name="pagetitle" /></title> +<roundcube:include file="/includes/links.html" /> +<link rel="stylesheet" type="text/css" href="/this/enigma.css" /> +</head> +<body class="iframe"> + +<h1 class="boxtitle"><roundcube:label name="enigma.importkeys" /></h1> + +<div id="import-form" class="boxcontent"> + <roundcube:object name="importform" /> + <br> + <div class="formbuttons"> + <roundcube:button command="plugin.enigma-import" type="input" class="button mainaction" label="import" /> + </div> +</div> + +<roundcube:include file="/includes/footer.html" /> + +</body> +</html> diff --git a/plugins/enigma/skins/larry/templates/keyinfo.html b/plugins/enigma/skins/larry/templates/keyinfo.html new file mode 100644 index 000000000..3db760ad4 --- /dev/null +++ b/plugins/enigma/skins/larry/templates/keyinfo.html @@ -0,0 +1,19 @@ +<roundcube:object name="doctype" value="html5" /> +<html> +<head> +<title><roundcube:object name="pagetitle" /></title> +<roundcube:include file="/includes/links.html" /> +<link rel="stylesheet" type="text/css" href="/this/enigma.css" /> +</head> +<body class="iframe"> + +<h1 class="boxtitle"><roundcube:object name="keyname" part="name" /></h1> + +<div id="key-details" class="boxcontent propform"> + <roundcube:object name="keydata" class="propform" /> +</div> + +<roundcube:include file="/includes/footer.html" /> + +</body> +</html> diff --git a/plugins/enigma/skins/larry/templates/keys.html b/plugins/enigma/skins/larry/templates/keys.html new file mode 100644 index 000000000..35d179933 --- /dev/null +++ b/plugins/enigma/skins/larry/templates/keys.html @@ -0,0 +1,83 @@ +<roundcube:object name="doctype" value="html5" /> +<html> +<head> +<title><roundcube:object name="pagetitle" /></title> +<roundcube:include file="/includes/links.html" /> +<link rel="stylesheet" type="text/css" href="/this/enigma.css" /> +</head> +<roundcube:if condition="env:extwin" /><body class="noscroll extwin"><roundcube:else /><body class="noscroll"><roundcube:endif /> + +<roundcube:include file="/includes/header.html" /> + +<div id="mainscreen" class="enigma"> + <h1 class="voice"><roundcube:label name="settings" /> : <roundcube:label name="enigma.enigmakeys" /></h1> + + <!-- toolbar --> + <h2 id="aria-label-toolbar" class="voice"><roundcube:label name="arialabeltoolbar" /></h2> + <div id="keystoolbar" class="toolbar" role="toolbar" aria-labelledby="aria-label-toolbar"> + <roundcube:button command="plugin.enigma-key-import" type="link" class="button import disabled" classAct="button import" classSel="button import pressed" label="import" title="enigma.importkeys" /> +<!-- + <roundcube:button command="plugin.enigma-key-export" type="link" class="button export disabled" classAct="button export" classSel="button export pressed" label="export" title="enigma.exportkeys" /> +--> + </div> + + <div id="quicksearchbar" class="searchbox" role="search" aria-labelledby="aria-label-searchform"> + <h2 id="aria-label-searchform" class="voice"><roundcube:label name="enigma.arialabelkeysearchform" /></h2> + <label for="quicksearchbox" class="voice"><roundcube:label name="arialabelmailquicksearchbox" /></label> + <roundcube:object name="searchform" id="quicksearchbox" /> + <a id="searchmenulink" class="iconbutton searchicon" > </a> + <roundcube:button command="reset-search" id="searchreset" class="iconbutton reset" title="resetsearch" label="resetsearch" /> + </div> + + <roundcube:include file="/includes/settingstabs.html" /> + + <div id="settings-right" role="main" aria-labelledby="aria-label-enigmakeyslist"> + <div id="enigmakeyslist" class="uibox listbox" role="navigation" aria-labelledby="enigmakeyslist-header"> + <div id="enigmakeyslist-header" class="boxtitle"><roundcube:label name="enigma.enigmakeys" /></div> + <div class="scroller winfooter"> + <roundcube:object name="keyslist" id="keys-table" class="listing" role="listbox" cellspacing="0" noheader="true" /> + </div> + <div class="boxpagenav"> + <roundcube:button command="firstpage" type="link" class="icon firstpage disabled" classAct="icon firstpage" title="firstpage" label="first" /> + <roundcube:button command="previouspage" type="link" class="icon prevpage disabled" classAct="icon prevpage" title="previouspage" label="previous" /> + <roundcube:button command="nextpage" type="link" class="icon nextpage disabled" classAct="icon nextpage" title="nextpage" label="next" /> + <roundcube:button command="lastpage" type="link" class="icon lastpage disabled" classAct="icon lastpage" title="lastpage" label="last" /> + </div> + <div class="boxfooter"> + <roundcube:button command="plugin.enigma-key-create" type="link" title="enigma.keycreate" class="listbutton add disabled" classAct="listbutton add" innerClass="inner" label="enigma.keyadd" /><roundcube:button name="moreactions" id="keyoptionslink" type="link" title="enigma.keyactions" class="listbutton groupactions" onclick="return UI.toggle_popup('keyoptions',event)" innerClass="inner" label="enigma.arialabelkeyoptions" aria-haspopup="true" aria-expanded="false" aria-owns="keyoptionsmenu" /> + <span class="countdisplay" aria-live="polite" aria-relevant="text"> + <span class="voice"><roundcube:label name="enigma.enigmakeys" /></span> + <roundcube:object name="countdisplay" /> + </span> + </div> + </div> + + <div id="enigmacontent-box" class="uibox"> + <div class="iframebox"> + <roundcube:object name="keyframe" id="keyframe" width="100%" height="100%" frameborder="0" src="/watermark.html" /> + </div> + </div> + </div> +</div> + +<div id="keyoptions" class="popupmenu"> + <ul class="toolbarmenu"> + <li><roundcube:button class="deletelink" command="plugin.enigma-key-delete" label="enigma.keyremove" target="_blank" classAct="deletelink active" /></li> +<!-- + <li><roundcube:button class="disablelink" command="enigma.key-disable" label="enigma.keydisable" target="_blank" classAct="disablelink active" /></li> + <li><roundcube:button class="revokelink" command="enigma.key-revoke" label="enigma.keyrevoke" classAct="revokelink active" /></li> + <li class="separator_below"><roundcube:button class="sendlink" command="enigma.key-send" label="enigma.keysend" classAct="sendlink active" /></li> + <li><roundcube:button class="chpasslink" command="enigma.key-chpass" label="enigma.keychpass" classAct="chpasslink active" /></li> +--> + </ul> +</div> + +<roundcube:include file="/includes/footer.html" /> + +<script type="text/javascript"> + new rcube_splitter({ id:'enigmakeyssplitter', p1:'#enigmakeyslist', p2:'#enigmacontent-box', + orientation:'v', relative:true, start:266, min:180, size:12 }).init(); +</script> + +</body> +</html> diff --git a/plugins/enigma/tests/Enigma.php b/plugins/enigma/tests/Enigma.php new file mode 100644 index 000000000..3972694fc --- /dev/null +++ b/plugins/enigma/tests/Enigma.php @@ -0,0 +1,23 @@ +<?php + +class Enigma_Plugin extends PHPUnit_Framework_TestCase +{ + + function setUp() + { + include_once __DIR__ . '/../enigma.php'; + } + + /** + * Plugin object construction test + */ + function test_constructor() + { + $rcube = rcube::get_instance(); + $plugin = new enigma($rcube->api); + + $this->assertInstanceOf('enigma', $plugin); + $this->assertInstanceOf('rcube_plugin', $plugin); + } +} + |
