projects / edward.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
don't complain about lack of encryption
[edward.git] / edward
1 #! /usr/bin/env python3
2 # -*- coding: utf-8 -*-
3 """*********************************************************************
4 * Edward is free software: you can redistribute it and/or modify *
5 * it under the terms of the GNU Affero Public License as published by *
6 * the Free Software Foundation, either version 3 of the License, or *
7 * (at your option) any later version. *
8 * *
9 * Edward is distributed in the hope that it will be useful, *
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
12 * GNU Affero Public License for more details. *
13 * *
14 * You should have received a copy of the GNU Affero Public License *
15 * along with Edward. If not, see <http://www.gnu.org/licenses/>. *
16 * *
17 * Copyright (C) 2014-2015 Andrew Engelbrecht (AGPLv3+) *
18 * Copyright (C) 2014 Josh Drake (AGPLv3+) *
19 * Copyright (C) 2014 Lisa Marie Maginnis (AGPLv3+) *
20 * Copyright (C) 2009-2015 Tails developers <tails@boum.org> ( GPLv3+) *
21 * Copyright (C) 2009 W. Trevor King <wking@drexel.edu> ( GPLv2+) *
22 * *
23 * Special thanks to Josh Drake for writing the original edward bot! :) *
24 * *
25 ************************************************************************
26
27 Code sourced from these projects:
28
29 * http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz
30 * https://git-tails.immerda.ch/whisperback/tree/whisperBack/encryption.py?h=feature/python3
31 * http://www.physics.drexel.edu/~wking/code/python/send_pgp_mime
32 """
33
34 import re
35 import io
36 import os
37 import sys
38 import enum
39 import gpgme
40 import importlib
41 import subprocess
42
43 import email.parser
44 import email.message
45 import email.encoders
46
47 from email.mime.text import MIMEText
48 from email.mime.multipart import MIMEMultipart
49 from email.mime.application import MIMEApplication
50 from email.mime.nonmultipart import MIMENonMultipart
51
52 import edward_config
53
54 langs = ["de", "el", "en", "es", "fr", "it", "ja", "pt-br", "ro", "ru", "tr"]
55
56 """This list contains the abbreviated names of reply languages available to
57 edward."""
58
59 class TxtType (enum.Enum):
60 text = 0
61 message = 1
62 pubkey = 2
63 detachedsig = 3
64 signature = 4
65
66
67 match_pairs = [(TxtType.message,
68 '-----BEGIN PGP MESSAGE-----.*?-----END PGP MESSAGE-----'),
69 (TxtType.pubkey,
70 '-----BEGIN PGP PUBLIC KEY BLOCK-----.*?-----END PGP PUBLIC KEY BLOCK-----'),
71 (TxtType.detachedsig,
72 '-----BEGIN PGP SIGNATURE-----.*?-----END PGP SIGNATURE-----')]
73
74 """This list of tuples matches query names with re.search() queries used
75 to find GPG data for edward to process."""
76
77
78 class EddyMsg (object):
79 """
80 The EddyMsg class represents relevant parts of a mime message.
81
82 The represented message can be single-part or multi-part.
83
84 'multipart' is set to True if there are multiple mime parts.
85
86 'subparts' points to a list of mime sub-parts if it is a multi-part
87 message. Otherwise it points to an empty list.
88
89 'payload_bytes' is a binary representation of the mime part before header
90 removal and message decoding.
91
92 'payload_pieces' is a list of objects containing strings that when strung
93 together form the fully-decoded string representation of the mime part.
94
95 The 'filename', 'content_type' and 'description_list' come from the mime
96 part parameters.
97 """
98
99 multipart = False
100 subparts = []
101
102 payload_bytes = None
103 payload_pieces = []
104
105 filename = None
106 content_type = None
107 description_list = None
108
109
110 class PayloadPiece (object):
111 """
112 PayloadPiece represents a complte or sub-section of a mime part.
113
114 Instances of this class are often strung together within one or more arrays
115 pointed to by each instance of the EddyMsg class.
116
117 'piece_type' refers to an enum whose value describes the content of
118 'string'. Examples include TxtType.pubkey, for public keys, and
119 TxtType.message, for encrypted data (or armored signatures until they are
120 known to be such.) Some of the names derive from the header and footer of
121 each of these ascii-encoded gpg blocks.
122
123 'string' contains some string of text, such as non-GPG text, an encrypted
124 block of text, a signature, or a public key.
125
126 'gpg_data' points to any instances of GPGData that have been created based
127 on the contents of 'string'.
128 """
129
130 piece_type = None
131 string = None
132 gpg_data = None
133
134
135 class GPGData (object):
136 """
137 GPGData holds info from decryption, sig. verification, and/or pub. keys.
138
139 Instances of this class contain decrypted information, signature
140 fingerprints and/or fingerprints of processed and imported public keys.
141
142 'decrypted' is set to True if 'plainobj' was created from encrypted data.
143
144 'plainobj' points to any decrypted, or signed part of, a GPG signature. It
145 is intended to be an instance of the EddyMsg class.
146
147 'sigs' is a list of fingerprints of keys used to sign the data in plainobj.
148
149 'sigkey_missing' is set to True if edward doesn't have the key it needs to
150 verify the signature on a block of text.
151
152 'keys' is a list of fingerprints of keys obtained in public key blocks.
153 """
154
155 decrypted = False
156
157 plainobj = None
158 sigs = []
159 sigkey_missing = False
160 keys = []
161
162
163 class ReplyInfo (object):
164 """
165 ReplyInfo contains details that edward uses in generating its reply.
166
167 Instances of this class contain information about whether a message was
168 successfully encrypted or signed, and whether a public key was attached, or
169 retrievable, from the local GPG store. It stores the fingerprints of
170 potential encryption key candidates and the message (if any at all) to
171 quote in edward's reply.
172
173 'replies' points one of the dictionaries of translated replies.
174
175 'target_key' refers to the fingerprint of a key used to sign encrypted
176 data. This is the preferred key, if it is set, and if is available.
177
178 'fallback_target_key' referst to the fingerprint of a key used to sign
179 unencrypted data; alternatively it may be a public key attached to the
180 message.
181
182 'encrypt_to_key' the key object to use when encrypting edward's reply
183
184 'msg_to_quote' refers to the part of a message which edward should quote in
185 his reply. This should remain as None if there was no encrypted and singed
186 part. This is to avoid making edward a service for decrypting other
187 people's messages to edward.
188
189 'decrypt_success' is set to True if edward could decrypt part of the
190 message.
191
192 'sig_success' is set to True if edward could to some extent verify the
193 signature of a signed part of the message to edward.
194
195 'sig_failure' is set to True if edward could not verify a siganture.
196
197 'pubkey_success' is set to True if edward successfully imported a public
198 key.
199
200 'sigkey_missing' is set to True if edward doesn't have the public key
201 needed for signature verification.
202
203 'have_repy_key' is set to True if edward has a public key to encrypt its
204 reply to.
205 """
206
207 replies = None
208
209 target_key = None
210 fallback_target_key = None
211 encrypt_to_key = None
212 msg_to_quote = ""
213
214 decrypt_success = False
215 sig_success = False
216 pubkey_success = False
217
218 decrypt_failure = False
219 sig_failure = False
220 sigkey_missing = False
221 have_reply_key = False
222
223
224 def main ():
225
226 """
227 This is the main function for edward, a GPG reply bot.
228
229 Edward responds to GPG-encrypted and signed mail, encrypting and signing
230 the response if the user's public key is, or was, included in the message.
231
232 Args:
233 None
234
235 Returns:
236 Nothing
237
238 Pre:
239 Mime or plaintext email passing in through standard input. Portions of
240 the email may be encrypted. If the To: address contains the text
241 "edward-ja", then the reply will contain a reply written in the
242 Japanese language. There are other languages as well. The default
243 language is English.
244
245 Post:
246 A reply email will be printed to standard output. The contents of the
247 reply email depends on whether the original email was encrypted or not,
248 has or doesn't have a signature, whether a public key used in the
249 original message is provided or locally stored, and the language
250 implied by the To: address in the original email.
251 """
252
253 print_reply_only = handle_args()
254
255 gpgme_ctx = get_gpg_context(edward_config.gnupghome,
256 edward_config.sign_with_key)
257
258 email_bytes = sys.stdin.buffer.read()
259 email_struct = parse_pgp_mime(email_bytes, gpgme_ctx)
260
261 email_to, email_from, email_subject = email_to_from_subject(email_bytes)
262 lang, reply_from = import_lang_pick_address(email_to, edward_config.hostname)
263
264 replyinfo_obj = ReplyInfo()
265 replyinfo_obj.replies = lang.replies
266
267 prepare_for_reply(email_struct, replyinfo_obj)
268 get_key_from_fp(replyinfo_obj, gpgme_ctx)
269 reply_plaintext = write_reply(replyinfo_obj)
270
271 reply_mime = generate_encrypted_mime(reply_plaintext, email_from, \
272 email_subject, replyinfo_obj.encrypt_to_key,
273 gpgme_ctx)
274
275 if print_reply_only == True:
276 print(reply_mime)
277 else:
278 send_reply(reply_mime, email_subject, email_from, reply_from)
279
280
281 def get_gpg_context (gnupghome, sign_with_key_fp):
282 """
283 This function returns the GPG context needed for encryption and signing.
284
285 The context is needed by other functions which use GPG functionality.
286
287 Args:
288 gnupghome: The path to "~/.gnupg/" or its alternative.
289 sign_with_key: The fingerprint of the key to sign with
290
291 Returns:
292 A gpgme context to be used for GPG functions.
293
294 Post:
295 the 'armor' flag is set to True and the list of signing keys contains
296 the single specified key
297 """
298
299 os.environ['GNUPGHOME'] = gnupghome
300
301 gpgme_ctx = gpgme.Context()
302 gpgme_ctx.armor = True
303
304 try:
305 sign_with_key = gpgme_ctx.get_key(sign_with_key_fp)
306 except gpgme.GpgmeError:
307 error("unable to load signing key. is the gnupghome "
308 + "and signing key properly set in the edward_config.py?")
309 exit(1)
310
311 gpgme_ctx.signers = [sign_with_key]
312
313 return gpgme_ctx
314
315
316 def parse_pgp_mime (email_bytes, gpgme_ctx):
317 """Parses the email for mime payloads and decrypts/verfies signatures.
318
319 This function creates a representation of a mime or plaintext email with
320 the EddyMsg class. It then splits each mime payload into one or more pieces
321 which may be plain text or GPG data. It then decrypts encrypted parts and
322 does some very basic signature verification on those parts.
323
324 Args:
325 email_bytes: an email message in byte string format
326 gpgme_ctx: a gpgme context
327
328 Returns:
329 A message as an instance of EddyMsg
330
331 Post:
332 the returned EddyMsg instance has split, decrypted, verified and pubkey
333 imported payloads
334 """
335
336 email_struct = email.parser.BytesParser().parsebytes(email_bytes)
337
338 eddymsg_obj = parse_mime(email_struct)
339 split_payloads(eddymsg_obj)
340 gpg_on_payloads(eddymsg_obj, gpgme_ctx)
341
342 return eddymsg_obj
343
344
345 def parse_mime(msg_struct):
346 """Translates python's email.parser format into an EddyMsg format
347
348 If the message is multi-part, then a recursive object is created, where
349 each sub-part is also a EddyMsg instance.
350
351 Args:
352 msg_struct: an email parsed with email.parser.Parser(), which can be
353 multi-part
354
355 Returns:
356 an instance of EddyMsg, potentially a recursive one.
357 """
358
359 eddymsg_obj = EddyMsg()
360
361 if msg_struct.is_multipart() == True:
362 payloads = msg_struct.get_payload()
363
364 eddymsg_obj.multipart = True
365 eddymsg_obj.subparts = list(map(parse_mime, payloads))
366
367 else:
368 eddymsg_obj = get_subpart_data(msg_struct)
369
370 return eddymsg_obj
371
372
373 def scan_and_split (payload_piece, match_name, pattern):
374 """This splits the payloads of an EddyMsg object into GPG and text parts.
375
376 An EddyMsg object's payload_pieces starts off as a list containing a single
377 PayloadPiece object. This function returns a list of these objects which
378 have been split into GPG data and regular text, if such splits need to be/
379 can be made.
380
381 Args:
382 payload_piece: a single payload or a split part of a payload
383 match_name: the type of data to try to spit out from the payload piece
384 pattern: the search pattern to be used for finding that type of data
385
386 Returns:
387 a list of objects of the PayloadPiece class, in the order that the
388 string part of payload_piece originally was, broken up according to
389 matches specified by 'pattern'.
390 """
391
392 # don't try to re-split pieces containing gpg data
393 if payload_piece.piece_type != TxtType.text:
394 return [payload_piece]
395
396 flags = re.DOTALL | re.MULTILINE
397 matches = re.search("(?P<beginning>.*?)(?P<match>" + pattern +
398 ")(?P<rest>.*)", payload_piece.string, flags=flags)
399
400 if matches == None:
401 pieces = [payload_piece]
402
403 else:
404
405 beginning = PayloadPiece()
406 beginning.string = matches.group('beginning')
407 beginning.piece_type = payload_piece.piece_type
408
409 match = PayloadPiece()
410 match.string = matches.group('match')
411 match.piece_type = match_name
412
413 rest = PayloadPiece()
414 rest.string = matches.group('rest')
415 rest.piece_type = payload_piece.piece_type
416
417 more_pieces = scan_and_split(rest, match_name, pattern)
418 pieces = [beginning, match ] + more_pieces
419
420 return pieces
421
422
423 def get_subpart_data (part):
424 """This function grabs information from a single part mime object.
425
426 It copies needed data from a single part email.parser.Parser() object over
427 to an EddyMsg object.
428
429 Args:
430 part: a non-multi-part mime.parser.Parser() object
431
432 Returns:
433 a single-part EddyMsg() object
434 """
435
436 obj = EddyMsg()
437
438 mime_decoded_bytes = part.get_payload(decode=True)
439 charset = part.get_content_charset()
440
441 # your guess is as good as a-myy-ee-ine...
442 if charset == None:
443 charset = 'utf-8'
444
445 payload_string = part.as_string()
446 if payload_string != None:
447 obj.payload_bytes = payload_string.encode(charset)
448
449 obj.filename = part.get_filename()
450 obj.content_type = part.get_content_type()
451 obj.description_list = part['content-description']
452
453 if mime_decoded_bytes != None:
454 try:
455 payload = PayloadPiece()
456 payload.string = mime_decoded_bytes.decode(charset)
457 payload.piece_type = TxtType.text
458
459 obj.payload_pieces = [payload]
460 except UnicodeDecodeError:
461 pass
462
463 return obj
464
465
466 def do_to_eddys_pieces (function_to_do, eddymsg_obj, data):
467 """A function which maps another function onto a message's subparts.
468
469 This is a higer-order function which recursively performs a specified
470 function on each subpart of a multi-part message. Each single-part sub-part
471 has the function applied to it. This function also works if the part passed
472 in is single-part.
473
474 Args:
475 function_to_do: function to perform on sub-parts
476 eddymsg_obj: a single part or multi-part EddyMsg object
477 data: a second argument to pass to 'function_to_do'
478
479 Returns:
480 Nothing
481
482 Post:
483 The passed-in EddyMsg object is transformed recursively on its
484 sub-parts according to 'function_to_do'.
485 """
486
487 if eddymsg_obj.multipart == True:
488 for sub in eddymsg_obj.subparts:
489 do_to_eddys_pieces(function_to_do, sub, data)
490 else:
491 function_to_do(eddymsg_obj, data)
492
493
494 def split_payloads (eddymsg_obj):
495 """Splits all (sub-)payloads of a message into GPG data and regular text.
496
497 Recursively performs payload splitting on all sub-parts of an EddyMsg
498 object into the various GPG data types, such as GPG messages, public key
499 blocks and signed text.
500
501 Args:
502 eddymsg_obj: an instance of EddyMsg
503
504 Returns:
505 Nothing
506
507 Pre:
508 The EddyMsg object has payloads that are unsplit (by may be split)..
509
510 Post:
511 The EddyMsg object's payloads are all split into GPG and non-GPG parts.
512 """
513
514 for match_pair in match_pairs:
515 do_to_eddys_pieces(split_payload_pieces, eddymsg_obj, match_pair)
516
517
518 def split_payload_pieces (eddymsg_obj, match_pair):
519 """A helper function for split_payloads(); works on PayloadPiece objects.
520
521 This function splits up PayloadPiece objects into multipe PayloadPiece
522 objects and replaces the EddyMsg object's previous list of payload pieces
523 with the new split up one.
524
525 Args:
526 eddymsg_obj: a single-part EddyMsg object.
527 match_pair: a tuple from the match_pairs list, which specifies a match
528 name and a match pattern.
529
530 Returns:
531 Nothing
532
533 Pre:
534 The payload piece(s) of an EddyMsg object may be already split or
535 unsplit.
536
537 Post:
538 The EddyMsg object's payload piece(s) are split into a list of pieces
539 if matches of the match_pair are found.
540 """
541
542 (match_name, pattern) = match_pair
543
544 new_pieces_list = []
545 for piece in eddymsg_obj.payload_pieces:
546 new_pieces_list += scan_and_split(piece, match_name, pattern)
547
548 eddymsg_obj.payload_pieces = new_pieces_list
549
550
551 def gpg_on_payloads (eddymsg_obj, gpgme_ctx, prev_parts=[]):
552 """Performs GPG operations on the GPG parts of the message
553
554 This function decrypts text, verifies signatures, and imports public keys
555 included in an email.
556
557 Args:
558 eddymsg_obj: an EddyMsg object with its payload_pieces split into GPG
559 and non-GPG sections by split_payloads()
560 gpgme_ctx: a gpgme context
561
562 prev_parts: a list of mime parts that occur before the eddymsg_obj
563 part, under the same multi-part mime part. This is used for
564 verifying detached signatures. For the root mime part, this should
565 be an empty list, which is the default value if this paramater is
566 omitted.
567
568 Return:
569 Nothing
570
571 Pre:
572 eddymsg_obj should have its payloads split into gpg and non-gpg pieces.
573
574 Post:
575 Decryption, verification and key imports occur. the gpg_data member of
576 PayloadPiece objects get filled in with GPGData objects.
577 """
578
579 if eddymsg_obj.multipart == True:
580 prev_parts=[]
581 for sub in eddymsg_obj.subparts:
582 gpg_on_payloads (sub, gpgme_ctx, prev_parts)
583 prev_parts += [sub]
584
585 return
586
587 for piece in eddymsg_obj.payload_pieces:
588
589 if piece.piece_type == TxtType.text:
590 # don't transform the plaintext.
591 pass
592
593 elif piece.piece_type == TxtType.message:
594 piece.gpg_data = GPGData()
595
596 (plaintext_b, sigs, sigkey_missing) = decrypt_block(piece.string, gpgme_ctx)
597
598 piece.gpg_data.sigkey_missing = sigkey_missing
599
600 if plaintext_b:
601 piece.gpg_data.decrypted = True
602 piece.gpg_data.sigs = sigs
603 # recurse!
604 piece.gpg_data.plainobj = parse_pgp_mime(plaintext_b, gpgme_ctx)
605 continue
606
607 # if not encrypted, check to see if this is an armored signature.
608 (plaintext_b, sigs, sigkey_missing) = verify_sig_message(piece.string, gpgme_ctx)
609
610 piece.gpg_data.sigkey_missing = sigkey_missing
611
612 if plaintext_b:
613 piece.piece_type = TxtType.signature
614 piece.gpg_data.sigs = sigs
615 # recurse!
616 piece.gpg_data.plainobj = parse_pgp_mime(plaintext_b, gpgme_ctx)
617
618 elif piece.piece_type == TxtType.pubkey:
619 key_fps = add_gpg_key(piece.string, gpgme_ctx)
620
621 if key_fps != []:
622 piece.gpg_data = GPGData()
623 piece.gpg_data.keys = key_fps
624
625 elif piece.piece_type == TxtType.detachedsig:
626 piece.gpg_data = GPGData()
627
628 for prev in prev_parts:
629 (sig_fps, sigkey_missing) = verify_detached_signature(piece.string, prev.payload_bytes, gpgme_ctx)
630
631 piece.gpg_data.sigkey_missing = sigkey_missing
632
633 if sig_fps != []:
634 piece.gpg_data.sigs = sig_fps
635 piece.gpg_data.plainobj = prev
636 break
637
638 else:
639 pass
640
641
642 def prepare_for_reply (eddymsg_obj, replyinfo_obj):
643 """Updates replyinfo_obj with info on the message's GPG success/failures
644
645 This function marks replyinfo_obj with information about whether encrypted
646 text in eddymsg_obj was successfully decrypted, signatures were verified
647 and whether a public key was found or not.
648
649 Args:
650 eddymsg_obj: a message in the EddyMsg format
651 replyinfo_obj: an instance of ReplyInfo
652
653 Returns:
654 Nothing
655
656 Pre:
657 eddymsg_obj has had its gpg_data created by gpg_on_payloads
658
659 Post:
660 replyinfo_obj has been updated with info about decryption/sig
661 verififcation status, etc. However the desired key isn't imported until
662 later, so the success or failure of that updates the values set here.
663 """
664
665 do_to_eddys_pieces(prepare_for_reply_pieces, eddymsg_obj, replyinfo_obj)
666
667 def prepare_for_reply_pieces (eddymsg_obj, replyinfo_obj):
668 """A helper function for prepare_for_reply
669
670 It updates replyinfo_obj with GPG success/failure information, when
671 supplied a single-part EddyMsg object.
672
673 Args:
674 eddymsg_obj: a single-part message in the EddyMsg format
675 replyinfo_obj: an object which holds information about the message's
676 GPG status
677
678 Returns:
679 Nothing
680
681 Pre:
682 eddymsg_obj is a single-part message. (it may be a part of a multi-part
683 message.) It has had its gpg_data created by gpg_on_payloads if it has
684 gpg data.
685
686 Post:
687 replyinfo_obj has been updated with gpg success/failure information
688 """
689
690 for piece in eddymsg_obj.payload_pieces:
691 if piece.piece_type == TxtType.text:
692 # don't quote the plaintext part.
693 pass
694
695 elif piece.piece_type == TxtType.message:
696 prepare_for_reply_message(piece, replyinfo_obj)
697
698 elif piece.piece_type == TxtType.pubkey:
699 prepare_for_reply_pubkey(piece, replyinfo_obj)
700
701 elif (piece.piece_type == TxtType.detachedsig) \
702 or (piece.piece_type == TxtType.signature):
703 prepare_for_reply_sig(piece, replyinfo_obj)
704
705
706 def prepare_for_reply_message (piece, replyinfo_obj):
707 """Helper function for prepare_for_reply()
708
709 This function is called when the piece_type of a payload piece is
710 TxtType.message, or GPG Message block. This should be encrypted text. If
711 the encryted block is correclty signed, a sig will be attached to
712 .target_key unless there is already one there.
713
714 Args:
715 piece: a PayloadPiece object.
716 replyinfo_obj: object which gets updated with decryption status, etc.
717
718 Returns:
719 Nothing
720
721 Pre:
722 the piece.payload_piece value should be TxtType.message.
723
724 Post:
725 replyinfo_obj gets updated with decryption status, signing status, a
726 potential signing key, and posession status of the public key for the
727 signature.
728 """
729
730 if piece.gpg_data == None or piece.gpg_data.plainobj == None:
731 replyinfo_obj.decrypt_failure = True
732 return
733
734 replyinfo_obj.decrypt_success = True
735
736 # we already have a key (and a message)
737 if replyinfo_obj.target_key != None:
738 return
739
740 if piece.gpg_data.sigs != []:
741 replyinfo_obj.target_key = piece.gpg_data.sigs[0]
742 replyinfo_obj.sig_success = True
743 get_signed_part = False
744
745 else:
746 if piece.gpg_data.sigkey_missing == True:
747 replyinfo_obj.sigkey_missing = True
748
749 # only include a signed message in the reply.
750 get_signed_part = True
751
752 flatten_decrypted_payloads(piece.gpg_data.plainobj, replyinfo_obj, get_signed_part)
753
754 # to catch public keys in encrypted blocks
755 prepare_for_reply(piece.gpg_data.plainobj, replyinfo_obj)
756
757
758 def prepare_for_reply_pubkey (piece, replyinfo_obj):
759 """Helper function for prepare_for_reply(). Marks pubkey import status.
760
761 Marks replyinfo_obj with pub key import status.
762
763 Args:
764 piece: a PayloadPiece object
765 replyinfo_obj: a ReplyInfo object
766
767 Pre:
768 piece.piece_type should be set to TxtType.pubkey .
769
770 Post:
771 replyinfo_obj has its fields updated.
772 """
773
774 if piece.gpg_data == None or piece.gpg_data.keys == []:
775 pass
776 else:
777 replyinfo_obj.pubkey_success = True
778
779 # prefer public key as a fallback for the encrypted reply
780 replyinfo_obj.fallback_target_key = piece.gpg_data.keys[0]
781
782
783 def prepare_for_reply_sig (piece, replyinfo_obj):
784 """Helper function for prepare_for_reply(). Marks sig verification status.
785
786 Marks replyinfo_obj with signature verification status.
787
788 Args:
789 piece: a PayloadPiece object
790 replyinfo_obj: a ReplyInfo object
791
792 Pre:
793 piece.piece_type should be set to TxtType.signature, or
794 TxtType.detachedsig .
795
796 Post:
797 replyinfo_obj has its fields updated.
798 """
799
800 if piece.gpg_data == None or piece.gpg_data.sigs == []:
801 replyinfo_obj.sig_failure = True
802
803 if piece.gpg_data.sigkey_missing == True:
804 replyinfo_obj.sigkey_missing = True
805
806 else:
807 replyinfo_obj.sig_success = True
808
809 if replyinfo_obj.fallback_target_key == None:
810 replyinfo_obj.fallback_target_key = piece.gpg_data.sigs[0]
811
812
813 def flatten_decrypted_payloads (eddymsg_obj, replyinfo_obj, get_signed_part):
814 """For creating a string representation of a signed, encrypted part.
815
816 When given a decrypted payload, it will add either the plaintext or signed
817 plaintext to the reply message, depeding on 'get_signed_part'. This is
818 useful for ensuring that the reply message only comes from a signed and
819 ecrypted GPG message. It also sets the target_key for encrypting the reply
820 if it's told to get signed text only.
821
822 Args:
823 eddymsg_obj: the message in EddyMsg format created by decrypting GPG
824 text
825 replyinfo_obj: a ReplyInfo object for holding the message to quote and
826 the target_key to encrypt to.
827 get_signed_part: True if we should only include text that contains a
828 further signature. If False, then include plain text.
829
830 Returns:
831 Nothing
832
833 Pre:
834 The EddyMsg instance passed in should be a piece.gpg_data.plainobj
835 which represents decrypted text. It may or may not be signed on that
836 level.
837
838 Post:
839 the ReplyInfo instance may have a new 'target_key' set and its
840 'msg_to_quote' will be updated with (possibly signed) plaintext, if any
841 could be found.
842 """
843
844 if eddymsg_obj == None:
845 return
846
847 # recurse on multi-part mime
848 if eddymsg_obj.multipart == True:
849 for sub in eddymsg_obj.subparts:
850 flatten_decrypted_payloads(sub, replyinfo_obj, get_signed_part)
851
852 for piece in eddymsg_obj.payload_pieces:
853 if (get_signed_part):
854 if ((piece.piece_type == TxtType.detachedsig) \
855 or (piece.piece_type == TxtType.signature)) \
856 and (piece.gpg_data != None) \
857 and (piece.gpg_data.plainobj != None):
858 flatten_decrypted_payloads(piece.gpg_data.plainobj, replyinfo_obj, False)
859 replyinfo_obj.target_key = piece.gpg_data.sigs[0]
860 break
861 else:
862 if piece.piece_type == TxtType.text:
863 replyinfo_obj.msg_to_quote += piece.string
864
865
866 def get_key_from_fp (replyinfo_obj, gpgme_ctx):
867 """Obtains a public key object from a key fingerprint
868
869 If the .target_key is not set, then we use .fallback_target_key, if
870 available.
871
872 Args:
873 replyinfo_obj: ReplyInfo instance
874 gpgme_ctx: the gpgme context
875
876 Return:
877 The key object of the key of either the target_key or the fallback one
878 if .target_key is not set. If the key cannot be loaded, then return
879 None.
880
881 Pre:
882 Loading a key requires that we have the public key imported. This
883 requires that they email contains the pub key block, or that it was
884 previously sent to edward.
885
886 Post:
887 If the key can be loaded, then replyinfo_obj.reply_to_key points to the
888 public key object. If the key cannot be loaded, then the replyinfo_obj
889 is marked as having no public key available.
890 """
891
892 for key in (replyinfo_obj.target_key, replyinfo_obj.fallback_target_key):
893 if key != None:
894 try:
895 encrypt_to_key = gpgme_ctx.get_key(key)
896 replyinfo_obj.encrypt_to_key = encrypt_to_key
897 replyinfo_obj.have_reply_key = True
898 return
899
900 except gpgme.GpgmeError:
901 pass
902
903
904 def write_reply (replyinfo_obj):
905 """Write the reply email body about the GPG successes/failures.
906
907 The reply is about whether decryption, sig verification and key
908 import/loading was successful or failed. If text was successfully decrypted
909 and verified, then the first instance of such text will be included in
910 quoted form.
911
912 Args:
913 replyinfo_obj: contains details of GPG processing status
914
915 Returns:
916 the plaintext message to be sent to the user
917
918 Pre:
919 replyinfo_obj should be populated with info about GPG processing status.
920 """
921
922 reply_plain = ""
923
924 if (replyinfo_obj.pubkey_success == True):
925 reply_plain += replyinfo_obj.replies['greeting']
926 reply_plain += "\n\n"
927
928 if replyinfo_obj.decrypt_success == True:
929 debug('decrypt success')
930 reply_plain += replyinfo_obj.replies['success_decrypt']
931
932 if (replyinfo_obj.sig_success == True) and (replyinfo_obj.have_reply_key == True):
933 debug('message quoted')
934 reply_plain += replyinfo_obj.replies['space']
935 reply_plain += replyinfo_obj.replies['quote_follows']
936 reply_plain += "\n\n"
937 quoted_text = email_quote_text(replyinfo_obj.msg_to_quote)
938 reply_plain += quoted_text
939
940 reply_plain += "\n\n"
941
942 elif replyinfo_obj.decrypt_failure == True:
943 debug('decrypt failure')
944 reply_plain += replyinfo_obj.replies['failed_decrypt']
945 reply_plain += "\n\n"
946
947 if replyinfo_obj.sig_success == True:
948 debug('signature success')
949 reply_plain += replyinfo_obj.replies['sig_success']
950 reply_plain += "\n\n"
951
952 elif replyinfo_obj.sig_failure == True:
953 debug('signature failure')
954 reply_plain += replyinfo_obj.replies['sig_failure']
955 reply_plain += "\n\n"
956
957 if (replyinfo_obj.pubkey_success == True):
958 debug('public key received')
959 reply_plain += replyinfo_obj.replies['public_key_received']
960 reply_plain += "\n\n"
961
962 elif (replyinfo_obj.sigkey_missing == True):
963 debug('no public key')
964 reply_plain += replyinfo_obj.replies['no_public_key']
965 reply_plain += "\n\n"
966
967
968 if (reply_plain == ""):
969 debug('plaintext message')
970 reply_plain += replyinfo_obj.replies['failed_decrypt']
971 reply_plain += "\n\n"
972
973
974 reply_plain += replyinfo_obj.replies['signature']
975 reply_plain += "\n\n"
976
977 return reply_plain
978
979
980 def add_gpg_key (key_block, gpgme_ctx):
981 """Adds a GPG pubkey to the local keystore
982
983 This adds keys received through email into the key store so they can be
984 used later.
985
986 Args:
987 key_block: the string form of the ascii-armored public key block
988 gpgme_ctx: the gpgme context
989
990 Returns:
991 the fingerprint(s) of the imported key(s)
992 """
993
994 fp = io.BytesIO(key_block.encode('ascii'))
995
996 try:
997 result = gpgme_ctx.import_(fp)
998 imports = result.imports
999 except gpgme.GpgmeError:
1000 imports = []
1001
1002 key_fingerprints = []
1003
1004 if imports != []:
1005 for import_ in imports:
1006 fingerprint = import_[0]
1007 key_fingerprints += [fingerprint]
1008
1009 debug("added gpg key: " + fingerprint)
1010
1011 return key_fingerprints
1012
1013
1014 def verify_sig_message (msg_block, gpgme_ctx):
1015 """Verifies the signature of a signed, ascii-armored block of text.
1016
1017 It encodes the string into ascii, since binary GPG files are currently
1018 unsupported, and alternative, the ascii-armored format is encodable into
1019 ascii.
1020
1021 Args:
1022 msg_block: a GPG Message block in string form. It may be encrypted or
1023 not. If it is encrypted, it will return empty results.
1024 gpgme_ctx: the gpgme context
1025
1026 Returns:
1027 A tuple containing the plaintext bytes of the signed part, the list of
1028 fingerprints of keys signing the data, and a boolean marking whether
1029 edward is missing all public keys for validating any of the signatures.
1030 If verification failed, perhaps because the message was also encrypted,
1031 then empty results are returned.
1032 """
1033
1034 block_b = io.BytesIO(msg_block.encode('ascii'))
1035 plain_b = io.BytesIO()
1036
1037 try:
1038 sigs = gpgme_ctx.verify(block_b, None, plain_b)
1039 except gpgme.GpgmeError:
1040 return ("",[],False)
1041
1042 plaintext_b = plain_b.getvalue()
1043
1044 sigkey_missing = False
1045 fingerprints = []
1046 for sig in sigs:
1047 if (sig.summary == 0) or (sig.summary & gpgme.SIGSUM_VALID != 0) or (sig.summary & gpgme.SIGSUM_GREEN != 0):
1048 fingerprints += [sig.fpr]
1049 sigkey_missing = False
1050 break
1051 else:
1052 if (sig.summary & gpgme.SIGSUM_KEY_MISSING != 0):
1053 sigkey_missing = True
1054
1055 return (plaintext_b, fingerprints, sigkey_missing)
1056
1057
1058 def verify_detached_signature (detached_sig, plaintext_bytes, gpgme_ctx):
1059 """Verifies the signature of a detached signature.
1060
1061 This requires the signature part and the signed part as separate arguments.
1062
1063 Args:
1064 detached_sig: the signature part of the detached signature
1065 plaintext_bytes: the byte form of the message being signed.
1066 gpgme_ctx: the gpgme context
1067
1068 Returns:
1069 A tuple containging a list of signing fingerprints if the signature
1070 verification was sucessful, and a boolean marking whether edward is
1071 missing all public keys for validating any of the signatures.
1072 Otherwise, a tuple containing an empty list and True are returned.
1073 """
1074
1075 detached_sig_fp = io.BytesIO(detached_sig.encode('ascii'))
1076 plaintext_fp = io.BytesIO(plaintext_bytes)
1077
1078 try:
1079 result = gpgme_ctx.verify(detached_sig_fp, plaintext_fp, None)
1080 except gpgme.GpgmeError:
1081 return ([],False)
1082
1083 sigkey_missing = False
1084 sig_fingerprints = []
1085 for res_ in result:
1086 if (res_.summary == 0) or (res_.summary & gpgme.SIGSUM_VALID != 0) or (res_.summary & gpgme.SIGSUM_GREEN != 0):
1087 sig_fingerprints += [res_.fpr]
1088 sigkey_missing = False
1089 break
1090 else:
1091 if (res_.summary & gpgme.SIGSUM_KEY_MISSING != 0):
1092 sigkey_missing = True
1093
1094 return (sig_fingerprints, sigkey_missing)
1095
1096
1097 def decrypt_block (msg_block, gpgme_ctx):
1098 """Decrypts a block of GPG text and verifies any included sigatures.
1099
1100 Some encypted messages have embeded signatures, so those are verified too.
1101
1102 Args:
1103 msg_block: the encrypted(/signed) text
1104 gpgme_ctx: the gpgme context
1105
1106 Returns:
1107 A tuple containing plaintext bytes, signatures (if the decryption and
1108 signature verification were successful, respectively), and a boolean
1109 marking whether edward is missing all public keys for validating any of
1110 the signatures.
1111 """
1112
1113 block_b = io.BytesIO(msg_block.encode('ascii'))
1114 plain_b = io.BytesIO()
1115
1116 try:
1117 sigs = gpgme_ctx.decrypt_verify(block_b, plain_b)
1118 except gpgme.GpgmeError:
1119 return ("",[],False)
1120
1121 plaintext_b = plain_b.getvalue()
1122
1123 sigkey_missing = False
1124 fingerprints = []
1125 for sig in sigs:
1126 if (sig.summary == 0) or (sig.summary & gpgme.SIGSUM_VALID != 0) or (sig.summary & gpgme.SIGSUM_GREEN != 0):
1127 fingerprints += [sig.fpr]
1128 sigkey_missing = False
1129 break
1130 else:
1131 if (sig.summary & gpgme.SIGSUM_KEY_MISSING != 0):
1132 sigkey_missing = True
1133
1134 return (plaintext_b, fingerprints, sigkey_missing)
1135
1136
1137 def email_to_from_subject (email_bytes):
1138 """Returns the values of the email's To:, From: and Subject: fields
1139
1140 Returns this information from an email.
1141
1142 Args:
1143 email_bytes: the byte string form of the email
1144
1145 Returns:
1146 the email To:, From:, and Subject: fields as strings
1147 """
1148
1149 email_struct = email.parser.BytesParser().parsebytes(email_bytes)
1150
1151 email_to = email_struct['To']
1152 email_from = email_struct['From']
1153 email_subject = email_struct['Subject']
1154
1155 return email_to, email_from, email_subject
1156
1157
1158 def import_lang_pick_address(email_to, hostname):
1159 """Imports language file for i18n support; makes reply from address
1160
1161 The language imported depends on the To: address of the email received by
1162 edward. an -en ending implies the English language, whereas a -ja ending
1163 implies Japanese. The list of supported languages is listed in the 'langs'
1164 list at the beginning of the program. This function also chooses the
1165 language-dependent address which can be used as the From address in the
1166 reply email.
1167
1168 Args:
1169 email_to: the string containing the email address that the mail was
1170 sent to.
1171 hostname: the hostname part of the reply email's from address
1172
1173 Returns:
1174 the reference to the imported language module. The only variable in
1175 this file is the 'replies' dictionary.
1176 """
1177
1178 # default
1179 use_lang = "en"
1180
1181 if email_to != None:
1182 for lang in langs:
1183 if "edward-" + lang in email_to:
1184 use_lang = lang
1185 break
1186
1187 lang_mod_name = "lang." + re.sub('-', '_', use_lang)
1188 lang_module = importlib.import_module(lang_mod_name)
1189
1190 reply_from = "edward-" + use_lang + "@" + hostname
1191
1192 return lang_module, reply_from
1193
1194
1195 def generate_encrypted_mime (plaintext, email_to, email_subject, encrypt_to_key,
1196 gpgme_ctx):
1197 """This function creates the mime email reply. It can encrypt the email.
1198
1199 If the encrypt_key is included, then the email is encrypted and signed.
1200 Otherwise it is unencrypted.
1201
1202 Args:
1203 plaintext: the plaintext body of the message to create.
1204 email_to: the email address to reply to
1205 email_subject: the subject to use in reply
1206 encrypt_to_key: the key object to use for encrypting the email. (or
1207 None)
1208 gpgme_ctx: the gpgme context
1209
1210 Returns
1211 A string version of the mime message, possibly encrypted and signed.
1212 """
1213
1214 if (encrypt_to_key != None):
1215
1216 plaintext_mime = MIMEText(plaintext)
1217 plaintext_mime.set_charset('utf-8')
1218
1219 encrypted_text = encrypt_sign_message(plaintext_mime.as_string(),
1220 encrypt_to_key,
1221 gpgme_ctx)
1222
1223 control_mime = MIMEApplication("Version: 1",
1224 _subtype='pgp-encrypted',
1225 _encoder=email.encoders.encode_7or8bit)
1226 control_mime['Content-Description'] = 'PGP/MIME version identification'
1227 control_mime.set_charset('us-ascii')
1228
1229 encoded_mime = MIMEApplication(encrypted_text,
1230 _subtype='octet-stream; name="encrypted.asc"',
1231 _encoder=email.encoders.encode_7or8bit)
1232 encoded_mime['Content-Description'] = 'OpenPGP encrypted message'
1233 encoded_mime['Content-Disposition'] = 'inline; filename="encrypted.asc"'
1234 encoded_mime.set_charset('us-ascii')
1235
1236 message_mime = MIMEMultipart(_subtype="encrypted", protocol="application/pgp-encrypted")
1237 message_mime.attach(control_mime)
1238 message_mime.attach(encoded_mime)
1239 message_mime['Content-Disposition'] = 'inline'
1240
1241 else:
1242 message_mime = MIMEText(plaintext)
1243 message_mime.set_charset('utf-8')
1244
1245 message_mime['To'] = email_to
1246 message_mime['Subject'] = email_subject
1247
1248 reply = message_mime.as_string()
1249
1250 return reply
1251
1252
1253 def send_reply(email_txt, subject, reply_to, reply_from):
1254
1255 email_bytes = email_txt.encode('ascii')
1256
1257 p = subprocess.Popen(["/usr/sbin/sendmail", "-f", reply_from, "-F", "Edward, GPG Bot", "-i", reply_to], stdin=subprocess.PIPE)
1258
1259 (stdout, stderr) = p.communicate(email_bytes)
1260
1261 if stdout != None:
1262 debug("sendmail stdout: " + str(stdout))
1263 if stderr != None:
1264 error("sendmail stderr: " + str(stderr))
1265
1266
1267 def email_quote_text (text):
1268 """Quotes input text by inserting "> "s
1269
1270 This is useful for quoting a text for the reply message. It inserts "> "
1271 strings at the beginning of lines.
1272
1273 Args:
1274 text: plain text to quote
1275
1276 Returns:
1277 Quoted text
1278 """
1279
1280 quoted_message = re.sub(r'^', r'> ', text, flags=re.MULTILINE)
1281
1282 return quoted_message
1283
1284
1285 def encrypt_sign_message (plaintext, encrypt_to_key, gpgme_ctx):
1286 """Encrypts and signs plaintext
1287
1288 This encrypts and signs a message.
1289
1290 Args:
1291 plaintext: text to sign and ecrypt
1292 encrypt_to_key: the key object to encrypt to
1293 gpgme_ctx: the gpgme context
1294
1295 Returns:
1296 An encrypted and signed string of text
1297 """
1298
1299 # the plaintext should be mime encoded in an ascii-compatible form
1300 plaintext_bytes = io.BytesIO(plaintext.encode('ascii'))
1301 encrypted_bytes = io.BytesIO()
1302
1303 gpgme_ctx.encrypt_sign([encrypt_to_key], gpgme.ENCRYPT_ALWAYS_TRUST,
1304 plaintext_bytes, encrypted_bytes)
1305
1306 encrypted_txt = encrypted_bytes.getvalue().decode('ascii')
1307 return encrypted_txt
1308
1309
1310 def error (error_msg):
1311 """Write an error message to stdout
1312
1313 The error message includes the program name.
1314
1315 Args:
1316 error_msg: the message to print
1317
1318 Returns:
1319 Nothing
1320
1321 Post:
1322 An error message is printed to stdout
1323 """
1324
1325 sys.stderr.write(progname + ": " + str(error_msg) + "\n")
1326
1327
1328 def debug (debug_msg):
1329 """Writes a debug message to stdout if debug == True
1330
1331 If the debug option is set in edward_config.py, then the passed message
1332 gets printed to stdout.
1333
1334 Args:
1335 debug_msg: the message to print to stdout
1336
1337 Returns:
1338 Nothing
1339
1340 Post:
1341 A debug message is printed to stdout
1342 """
1343
1344 if edward_config.debug == True:
1345 error(debug_msg)
1346
1347
1348 def handle_args ():
1349 """Sets the progname variable and processes optional argument
1350
1351 If there are more than two arguments then edward complains and quits. An
1352 single "-p" argument sets the print_reply_only option, which makes edward
1353 print email replies instead of mailing them.
1354
1355 Args:
1356 None
1357
1358 Returns:
1359 True if edward should print arguments instead of mailing them,
1360 otherwise it returns False.
1361
1362 Post:
1363 Exits with error 1 if there are more than two arguments, otherwise
1364 returns the print_reply_only option.
1365 """
1366
1367 global progname
1368 progname = sys.argv[0]
1369
1370 print_reply_only = False
1371
1372 if len(sys.argv) > 2:
1373 print(progname + " usage: " + progname + " [-p]\n\n" \
1374 + " -p print reply message to stdout, do not mail it\n", \
1375 file=sys.stderr)
1376 exit(1)
1377
1378 elif (len(sys.argv) == 2) and (sys.argv[1] == "-p"):
1379 print_reply_only = True
1380
1381 return print_reply_only
1382
1383
1384 if __name__ == "__main__":
1385 """Executes main if this file is not loaded interactively"""
1386
1387 main()
1388