From ef5652abadcc102280ca077c7c924d0a011f316b Mon Sep 17 00:00:00 2001
From: Andrew Engelbrecht <sudoman@ninthfloor.org>
Date: Tue, 11 Oct 2016 16:03:20 -0400
Subject: [PATCH] Edward now reports: clear are sigs not supported

Previously, if a user tried sending edward a message using clear
signatures, edward would reply that the signature could not be
validataed. This is because supporting clear signatures is quite hard,
partially due to mangling that an MTA might perform on white space in a
clear signed message, along with other issues.

Now edward lets the user know that it does not support clear text
messages. This should prevent user confusion under this scenario.
Currently this message is shared in english, even if the rest of the
response is in another language. Once translations are added, this issue
should be mitigated.
---
 edward              | 43 +++++++++++++++++++++++++++++++++++++++++--
 lang/de.py          |  1 +
 lang/el.py          |  1 +
 lang/en.py          |  1 +
 lang/es.py          |  1 +
 lang/fr.py          |  1 +
 lang/it.py          |  1 +
 lang/ja.py          |  1 +
 lang/pt_br.py       |  1 +
 lang/ro.py          |  1 +
 lang/ru.py          |  1 +
 lang/tr.py          |  1 +
 tests/flatten-1.out |  2 ++
 tests/flatten-2.out |  2 ++
 14 files changed, 56 insertions(+), 2 deletions(-)

diff --git a/edward b/edward
index fc099d8..d067887 100755
--- a/edward
+++ b/edward
@@ -62,6 +62,7 @@ class TxtType (enum.Enum):
     pubkey      = 2
     detachedsig = 3
     signature   = 4
+    clearsig    = 5
 
 
 match_pairs =  [(TxtType.message,
@@ -69,7 +70,9 @@ match_pairs =  [(TxtType.message,
                 (TxtType.pubkey,
                 '-----BEGIN PGP PUBLIC KEY BLOCK-----.*?-----END PGP PUBLIC KEY BLOCK-----'),
                 (TxtType.detachedsig,
-                '-----BEGIN PGP SIGNATURE-----.*?-----END PGP SIGNATURE-----')]
+                '-----BEGIN PGP SIGNATURE-----.*?-----END PGP SIGNATURE-----'),
+                (TxtType.clearsig,
+                '-----BEGIN PGP SIGNED MESSAGE-----')]
 
 """This list of tuples matches query names with re.search() queries used
 to find GPG data for edward to process."""
@@ -232,6 +235,7 @@ class ReplyInfo (object):
     sig_failure             = False
     sigkey_missing          = False
     key_cannot_encrypt      = False
+    using_clearsig          = False
 
     have_reply_key          = False
 
@@ -610,6 +614,10 @@ def gpg_on_payloads (eddymsg_obj, gpgme_ctx, prev_parts=[]):
             # don't transform the plaintext.
             pass
 
+        if piece.piece_type == TxtType.clearsig:
+            # edward doesn't handle clear sigs
+            pass
+
         elif piece.piece_type == TxtType.message:
             piece.gpg_data = GPGData()
 
@@ -728,6 +736,9 @@ def prepare_for_reply_pieces (eddymsg_obj, replyinfo_obj):
             or (piece.piece_type == TxtType.signature):
                     prepare_for_reply_sig(piece, replyinfo_obj)
 
+        elif (piece.piece_type == TxtType.clearsig):
+            prepare_for_reply_clearsig(piece, replyinfo_obj)
+
 
 def prepare_for_reply_message (piece, replyinfo_obj):
     """Helper function for prepare_for_reply()
@@ -847,6 +858,26 @@ def prepare_for_reply_sig (piece, replyinfo_obj):
         prepare_for_reply(piece.gpg_data.plainobj, replyinfo_obj)
 
 
+def prepare_for_reply_clearsig (piece, replyinfo_obj):
+    """Helper function for prepare_for_reply(). Marks clear sig use status.
+
+    Marks replyinfo_obj with clear signature use status.
+
+    Args:
+        piece: a PayloadPiece object
+        replyinfo_obj: a ReplyInfo object
+
+    Pre:
+        piece.piece_type should be set to TxtType.clearsig
+
+    Post:
+        replyinfo_obj has its fields updated with the using_clearsig property
+        set to True
+    """
+
+    replyinfo_obj.using_clearsig = True
+
+
 def flatten_decrypted_payloads (eddymsg_obj, replyinfo_obj, get_signed_part):
     """For creating a string representation of a signed, encrypted part.
 
@@ -983,7 +1014,14 @@ def write_reply (replyinfo_obj):
         reply_plain += "\n\n"
 
 
-    if replyinfo_obj.sig_success == True:
+    if replyinfo_obj.using_clearsig == True:
+        debug('clear signature')
+        reply_plain += replyinfo_obj.replies['sig_failure']
+        reply_plain += "\n\n"
+        reply_plain += replyinfo_obj.replies['clearsig']
+        reply_plain += "\n\n"
+
+    elif replyinfo_obj.sig_success == True:
         debug('signature success')
         reply_plain += replyinfo_obj.replies['sig_success']
         reply_plain += "\n\n"
@@ -1013,6 +1051,7 @@ def write_reply (replyinfo_obj):
 
     if (replyinfo_obj.decrypt_success == True) \
             and (replyinfo_obj.sig_success == True) \
+            and (replyinfo_obj.using_clearsig == False) \
             and (replyinfo_obj.have_reply_key == True):
         debug('message quoted')
         reply_plain += replyinfo_obj.replies['quote_follows']
diff --git a/lang/de.py b/lang/de.py
index 1798c3b..e0f2fc4 100644
--- a/lang/de.py
+++ b/lang/de.py
@@ -29,6 +29,7 @@ replies = {
     'no_public_key' : "Tut mir leid, Ich konnte deinen öffentlicher Schlüssel nicht finden. Hast du daran gedacht ihn an die E-Mail anzuhängen?",
     'sig_failure' : 'Deine Signatur konnte nicht verifiziert werden.',
     'sig_success' : 'Deine Signatur wurde erfolgreich verifiziert.',
+    'clearsig' : 'Sorry, I don\'t know how to verify clear signatures. I do understand PGP/MIME, which Enigmail produces by default.',
     'signature' : '- Edward, der freundliche GnuPG Roboter\nnDie Free Software Foundation hat mich erstellt. Kannst du etwas spenden, um ihre Arbeit zu unterstützung? | https://www.fsf.org/donate',
     'space' : " "
 }
diff --git a/lang/el.py b/lang/el.py
index e87b993..b98ba37 100644
--- a/lang/el.py
+++ b/lang/el.py
@@ -29,6 +29,7 @@ replies = {
     'no_public_key' : "Δυστυχώς δε μπόρεσα να βρώ το δημόσιο κλειδί σου. Μήπως ξέχασες να το επισυνάψεις;",
     'sig_failure' : 'Δε μπόρεσα να επαληθεύσω την υπογραφή σου.',
     'sig_success' : 'nΕπαλήθευσα την υπογραφή σου.',
+    'clearsig' : 'Sorry, I don\'t know how to verify clear signatures. I do understand PGP/MIME, which Enigmail produces by default.',
     'signature' : '- Edward, το φιλικό ρομπότ του GnuPG\n\nΜε δημιούργησε η Free Software Foundation. Μπορείς να υποστηρίξεις το έργο τους με μια δωρεά; | https://www.fsf.org/donate',
     'space' : " "
 }
diff --git a/lang/en.py b/lang/en.py
index f9455db..8f2c1f2 100644
--- a/lang/en.py
+++ b/lang/en.py
@@ -29,6 +29,7 @@ replies = {
     'no_public_key' : "I'm sorry, I was not able to find your public key. Did you remember to attach it?",
     'sig_failure' : 'Your signature could not be verified.',
     'sig_success' : 'Your signature was verified.',
+    'clearsig' : 'Sorry, I don\'t know how to verify clear signatures. I do understand PGP/MIME, which Enigmail produces by default.',
     'signature' : '- Edward, the friendly GnuPG bot\nThe Free Software Foundation created me.\n\nCan you donate to support their work?\nhttps://www.fsf.org/donate',
     'space' : " "
 }
diff --git a/lang/es.py b/lang/es.py
index 4dc6512..c615704 100644
--- a/lang/es.py
+++ b/lang/es.py
@@ -29,6 +29,7 @@ replies = {
     'no_public_key' : "Lo siento, no he podido encontrar tu clave pública. ¿Te acordaste de adjuntarla?",
     'sig_failure' : 'No he podido verificar tu firma criptográfica.',
     'sig_success' : 'He verificado con éxito tu firma criptográfica.',
+    'clearsig' : 'Sorry, I don\'t know how to verify clear signatures. I do understand PGP/MIME, which Enigmail produces by default.',
     'signature' : '- Edward, el simpático robot GnuPG\n\nMe creó la Free Software Foundation. ¿Puedes hacer una donación para apoyar su trabajo? | https://www.fsf.org/donate',
     'space' : " "
 }
diff --git a/lang/fr.py b/lang/fr.py
index 788e546..1f499f5 100644
--- a/lang/fr.py
+++ b/lang/fr.py
@@ -29,6 +29,7 @@ replies = {
     'no_public_key' : "Je n'ai pas pu trouver votre clef publique, désolé. Avez-vous oublié de la joindre ?",
     'sig_failure' : "Votre signature n'a pas pu être vérifiée.",
     'sig_success' : 'Votre signature a été vérifiée.',
+    'clearsig' : 'Sorry, I don\'t know how to verify clear signatures. I do understand PGP/MIME, which Enigmail produces by default.',
     'signature' : "- Edward, le gentil robot de GnuPGn\nLa Free Software Foundation m'a créé. Pourriez-vous faire un don pour soutenir leur travail ? | https://www.fsf.org/donate",
     'space' : " "
 }
diff --git a/lang/it.py b/lang/it.py
index 277168c..99a12b3 100644
--- a/lang/it.py
+++ b/lang/it.py
@@ -29,6 +29,7 @@ replies = {
     'no_public_key' : "Mi dispiace, non ho trovato la tua chiave pubblica. Ti sei ricordato di allegarla?",
     'sig_failure' : 'La tua firma non può essere verificata.',
     'sig_success' : 'La tua firma è stata verificata.',
+    'clearsig' : 'Sorry, I don\'t know how to verify clear signatures. I do understand PGP/MIME, which Enigmail produces by default.',
     'signature' : "- Edward, l'amichevole bot GnuPG\n\nLa Free Software Foundation mi ha creato. Potresti fare una donazione per supportare il loro lavoro? | https://www.fsf.org/donate",
     'space' : " "
 }
diff --git a/lang/ja.py b/lang/ja.py
index caf6d4a..7f5f597 100644
--- a/lang/ja.py
+++ b/lang/ja.py
@@ -29,6 +29,7 @@ replies = {
     'no_public_key' : "ごめんなさい、あなたの公開鍵が見つからないのです。公開鍵を添付したメールを前に送ってくださいましたか？",
     'sig_failure' : 'あなたの署名を認証できませんでした。',
     'sig_success' : 'あなたの署名を確認できました。',
+    'clearsig' : 'Sorry, I don\'t know how to verify clear signatures. I do understand PGP/MIME, which Enigmail produces by default.',
     'signature' : '- GnuPGボットのEdward\n\nFree Software Foundationが私を制作しました。 Free Software Foundationに寄付しませんか。| https://www.fsf.org/donate',
     'space' : ""
 }
diff --git a/lang/pt_br.py b/lang/pt_br.py
index 5c700a5..42c3335 100644
--- a/lang/pt_br.py
+++ b/lang/pt_br.py
@@ -29,6 +29,7 @@ replies = {
     'no_public_key' : "Perdão, não consegui encontrar sua chave pública. Você se lembrou de anexá-la?",
     'sig_failure' : 'Sua assinatura não pôde ser verificada.',
     'sig_success' : 'Sua assinatura foi verificada.',
+    'clearsig' : 'Sorry, I don\'t know how to verify clear signatures. I do understand PGP/MIME, which Enigmail produces by default.',
     'signature' : '- Edward, o amigo robô de GnuPG\n\nA Free Software Foundation me criou. Você pode fazer uma doação para apoiar o trabalho dela? | https://www.fsf.org/donate',
     'space' : " "
 }
diff --git a/lang/ro.py b/lang/ro.py
index 4eb67af..0f9b250 100644
--- a/lang/ro.py
+++ b/lang/ro.py
@@ -29,6 +29,7 @@ replies = {
     'no_public_key' : "Îmi pare rău, dar nu am putut găsi cheia dumneavoastră publică. V-ați amintit să o atașați?",
     'sig_failure' : 'Semnătura dumneavoastră nu a putut fi verificată.',
     'sig_success' : 'Semnătura dumneavoastră a fost verificată.',
+    'clearsig' : 'Sorry, I don\'t know how to verify clear signatures. I do understand PGP/MIME, which Enigmail produces by default.',
     'signature' : '- Edward, robotul GnuPG cel prietenos.\n\nFundația pentru Software Liber m-a creat. Puteți dona ca să le susțineți munca? | https://www.fsf.org/donate',
     'space' : " "
 }
diff --git a/lang/ru.py b/lang/ru.py
index acae0b3..63773b0 100644
--- a/lang/ru.py
+++ b/lang/ru.py
@@ -29,6 +29,7 @@ replies = {
     'no_public_key' : "Прошу прощения, я не смог найти ваш открытый ключ. Вы не забыли вложить его в письмо?",
     'sig_failure' : 'Мне не удалось проверить вашу подпись.',
     'sig_success' : 'Ваша подпись была успешно проверена.',
+    'clearsig' : 'Sorry, I don\'t know how to verify clear signatures. I do understand PGP/MIME, which Enigmail produces by default.',
     'signature' : '- Эдвард, дружелюбный GnuPG бот\nЯ был создан Фондом свободного программного обеспечения. Вы можете сделать пожертвование в поддержку их работы? | https://www.fsf.org/donate',
     'space' : " "
 }
diff --git a/lang/tr.py b/lang/tr.py
index ce26612..4ee9d89 100644
--- a/lang/tr.py
+++ b/lang/tr.py
@@ -29,6 +29,7 @@ replies = {
     'no_public_key' : "Özür dilerim, açık anahtarınızı bulamadım. E-postaya eklemeyi unutmadınız, değil mi?",
     'sig_failure' : 'İmzanız doğrulanamadı.',
     'sig_success' : 'İmzanız doğrulandı.',
+    'clearsig' : 'Sorry, I don\'t know how to verify clear signatures. I do understand PGP/MIME, which Enigmail produces by default.',
     'signature' : '- Edward, arkadaş canlısı GnuPG botu\n\nÖzgür Yazılım Vakfı tarafından yaratıldım. Çalışmalarını desteklemek için bağışta bulunur musunuz? | https://www.fsf.org/donate',
     'space' : " "
 }
diff --git a/tests/flatten-1.out b/tests/flatten-1.out
index 75759f9..4e3147e 100644
--- a/tests/flatten-1.out
+++ b/tests/flatten-1.out
@@ -1,5 +1,7 @@
 Your signature could not be verified.
 
+Sorry, I don't know how to verify clear signatures. I do understand PGP/MIME, which Enigmail produces by default.
+
 - Edward, the friendly GnuPG bot
 The Free Software Foundation created me.
 
diff --git a/tests/flatten-2.out b/tests/flatten-2.out
index 795aac0..3e19d51 100644
--- a/tests/flatten-2.out
+++ b/tests/flatten-2.out
@@ -2,6 +2,8 @@ I received your message and decrypted it.
 
 Your signature could not be verified.
 
+Sorry, I don't know how to verify clear signatures. I do understand PGP/MIME, which Enigmail produces by default.
+
 - Edward, the friendly GnuPG bot
 The Free Software Foundation created me.
 
-- 
2.25.1