line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
# FTN::Crypt - Encryption of the FTN messages |
2
|
|
|
|
|
|
|
# |
3
|
|
|
|
|
|
|
# Copyright (C) 2019 by Petr Antonov |
4
|
|
|
|
|
|
|
# |
5
|
|
|
|
|
|
|
# This library is free software; you can redistribute it and/or modify it |
6
|
|
|
|
|
|
|
# under the same terms as Perl 5.10.0. For more details, see the full text |
7
|
|
|
|
|
|
|
# of the licenses at https://opensource.org/licenses/Artistic-1.0, and |
8
|
|
|
|
|
|
|
# http://www.gnu.org/licenses/gpl-2.0.html. |
9
|
|
|
|
|
|
|
# |
10
|
|
|
|
|
|
|
# This package is provided "as is" and without any express or implied |
11
|
|
|
|
|
|
|
# warranties, including, without limitation, the implied warranties of |
12
|
|
|
|
|
|
|
# merchantability and fitness for a particular purpose. |
13
|
|
|
|
|
|
|
# |
14
|
|
|
|
|
|
|
|
15
|
|
|
|
|
|
|
package FTN::Crypt; |
16
|
|
|
|
|
|
|
|
17
|
2
|
|
|
2
|
|
135378
|
use strict; |
|
2
|
|
|
|
|
15
|
|
|
2
|
|
|
|
|
55
|
|
18
|
2
|
|
|
2
|
|
10
|
use warnings; |
|
2
|
|
|
|
|
4
|
|
|
2
|
|
|
|
|
48
|
|
19
|
2
|
|
|
2
|
|
25
|
use v5.10.1; |
|
2
|
|
|
|
|
7
|
|
20
|
|
|
|
|
|
|
|
21
|
2
|
|
|
2
|
|
10
|
use base qw/FTN::Crypt::Error/; |
|
2
|
|
|
|
|
4
|
|
|
2
|
|
|
|
|
895
|
|
22
|
|
|
|
|
|
|
|
23
|
|
|
|
|
|
|
#----------------------------------------------------------------------# |
24
|
|
|
|
|
|
|
|
25
|
|
|
|
|
|
|
=head1 NAME |
26
|
|
|
|
|
|
|
|
27
|
|
|
|
|
|
|
FTN::Crypt - Encryption of the FTN messages. |
28
|
|
|
|
|
|
|
|
29
|
|
|
|
|
|
|
=head2 VERSION |
30
|
|
|
|
|
|
|
|
31
|
|
|
|
|
|
|
0.5.1 |
32
|
|
|
|
|
|
|
|
33
|
|
|
|
|
|
|
=cut |
34
|
|
|
|
|
|
|
|
35
|
|
|
|
|
|
|
our $VERSION = '0.5.1'; |
36
|
|
|
|
|
|
|
|
37
|
|
|
|
|
|
|
#----------------------------------------------------------------------# |
38
|
|
|
|
|
|
|
|
39
|
|
|
|
|
|
|
=head1 SYNOPSIS |
40
|
|
|
|
|
|
|
|
41
|
|
|
|
|
|
|
use FTN::Crypt; |
42
|
|
|
|
|
|
|
|
43
|
|
|
|
|
|
|
my $obj = FTN::Crypt->new( |
44
|
|
|
|
|
|
|
Nodelist => 'NODELIST.*', |
45
|
|
|
|
|
|
|
Pointlist => [ |
46
|
|
|
|
|
|
|
'pointlist_1.*', |
47
|
|
|
|
|
|
|
'pointlist_2', |
48
|
|
|
|
|
|
|
], |
49
|
|
|
|
|
|
|
) or die FTN::Crypt->error; |
50
|
|
|
|
|
|
|
|
51
|
|
|
|
|
|
|
$obj->encrypt_message( |
52
|
|
|
|
|
|
|
Address => $ftn_address, |
53
|
|
|
|
|
|
|
Message => $msg, |
54
|
|
|
|
|
|
|
) or die $obj->error; |
55
|
|
|
|
|
|
|
|
56
|
|
|
|
|
|
|
=head1 DESCRIPTION |
57
|
|
|
|
|
|
|
|
58
|
|
|
|
|
|
|
The possibility of FTN netmail encryption may be sometimes a useful option. |
59
|
|
|
|
|
|
|
Corresponding nodelist flag was proposed in FSC-0073. |
60
|
|
|
|
|
|
|
|
61
|
|
|
|
|
|
|
Although current FidoNet Policy (version 4.07 dated June 9, 1989) clearly |
62
|
|
|
|
|
|
|
forbids routing of encrypted traffic without the express permission of |
63
|
|
|
|
|
|
|
all the links in the delivery system, it's still possible to deliver such |
64
|
|
|
|
|
|
|
messages directly. And, obviously, such routing may be allowed in FTN |
65
|
|
|
|
|
|
|
networks other than FidoNet. |
66
|
|
|
|
|
|
|
|
67
|
|
|
|
|
|
|
The proposed nodelist userflag is ENCRYPT:[TYPE], where [TYPE] is one of |
68
|
|
|
|
|
|
|
'PGP2', 'PGP5', 'GnuPG'. So encryption-capable node should have something |
69
|
|
|
|
|
|
|
like U,ENCRYPT:PGP5 in his nodelist record. |
70
|
|
|
|
|
|
|
|
71
|
|
|
|
|
|
|
=cut |
72
|
|
|
|
|
|
|
|
73
|
|
|
|
|
|
|
#----------------------------------------------------------------------# |
74
|
|
|
|
|
|
|
|
75
|
2
|
|
|
2
|
|
806
|
use FTN::Crypt::Constants; |
|
2
|
|
|
|
|
4
|
|
|
2
|
|
|
|
|
58
|
|
76
|
2
|
|
|
2
|
|
878
|
use FTN::Crypt::Msg; |
|
2
|
|
|
|
|
6
|
|
|
2
|
|
|
|
|
67
|
|
77
|
2
|
|
|
2
|
|
846
|
use FTN::Crypt::Nodelist; |
|
2
|
|
|
|
|
5
|
|
|
2
|
|
|
|
|
74
|
|
78
|
|
|
|
|
|
|
|
79
|
2
|
|
|
2
|
|
1140
|
use GnuPG::Interface; |
|
2
|
|
|
|
|
698274
|
|
|
2
|
|
|
|
|
81
|
|
80
|
|
|
|
|
|
|
|
81
|
2
|
|
|
2
|
|
17
|
use IO::Handle; |
|
2
|
|
|
|
|
4
|
|
|
2
|
|
|
|
|
76
|
|
82
|
|
|
|
|
|
|
|
83
|
2
|
|
|
2
|
|
902
|
use PGP::Finger; |
|
2
|
|
|
|
|
2388020
|
|
|
2
|
|
|
|
|
246
|
|
84
|
|
|
|
|
|
|
|
85
|
2
|
|
|
2
|
|
33
|
use Try::Tiny; |
|
2
|
|
|
|
|
10
|
|
|
2
|
|
|
|
|
4223
|
|
86
|
|
|
|
|
|
|
|
87
|
|
|
|
|
|
|
#----------------------------------------------------------------------# |
88
|
|
|
|
|
|
|
|
89
|
|
|
|
|
|
|
my $DEFAULT_KEYSERVER_URL = 'https://zimmermann.mayfirst.org/pks/lookup'; |
90
|
|
|
|
|
|
|
|
91
|
|
|
|
|
|
|
my $GPG2_BVER = '2.1.0'; |
92
|
|
|
|
|
|
|
|
93
|
|
|
|
|
|
|
#----------------------------------------------------------------------# |
94
|
|
|
|
|
|
|
|
95
|
|
|
|
|
|
|
=head1 METHODS |
96
|
|
|
|
|
|
|
|
97
|
|
|
|
|
|
|
=cut |
98
|
|
|
|
|
|
|
|
99
|
|
|
|
|
|
|
#----------------------------------------------------------------------# |
100
|
|
|
|
|
|
|
|
101
|
|
|
|
|
|
|
=head2 new() |
102
|
|
|
|
|
|
|
|
103
|
|
|
|
|
|
|
Constructor. |
104
|
|
|
|
|
|
|
|
105
|
|
|
|
|
|
|
=head3 Parameters: |
106
|
|
|
|
|
|
|
|
107
|
|
|
|
|
|
|
=over 4 |
108
|
|
|
|
|
|
|
|
109
|
|
|
|
|
|
|
=item * C<Nodelist>: Path to nodelist file(s), either scalar or arrayref. If contains wildcard, file with maximum number in digital extension will be selected. |
110
|
|
|
|
|
|
|
|
111
|
|
|
|
|
|
|
=item * B<Optional> C<Pointlist>: Path to pointlist file(s), either scalar or arrayref. If contains wildcard, file with maximum number in digital extension will be selected. |
112
|
|
|
|
|
|
|
|
113
|
|
|
|
|
|
|
=item * B<Optional> C<Keyserver> Keyserver (defaults to 'https://zimmermann.mayfirst.org/pks/lookup'). |
114
|
|
|
|
|
|
|
|
115
|
|
|
|
|
|
|
=item * B<Optional> C<Pubring> Public keyring file. |
116
|
|
|
|
|
|
|
|
117
|
|
|
|
|
|
|
=item * B<Optional> C<Secring> Secret keyring file. |
118
|
|
|
|
|
|
|
|
119
|
|
|
|
|
|
|
=back |
120
|
|
|
|
|
|
|
|
121
|
|
|
|
|
|
|
=head3 Returns: |
122
|
|
|
|
|
|
|
|
123
|
|
|
|
|
|
|
Created object or error in C<FTN::Crypt-E<gt>error>. |
124
|
|
|
|
|
|
|
|
125
|
|
|
|
|
|
|
Sample: |
126
|
|
|
|
|
|
|
|
127
|
|
|
|
|
|
|
my $obj = FTN::Crypt->new( |
128
|
|
|
|
|
|
|
Nodelist => 'NODELIST.*', |
129
|
|
|
|
|
|
|
Pointlist => [ |
130
|
|
|
|
|
|
|
'pointlist_1.*', |
131
|
|
|
|
|
|
|
'pointlist_2', |
132
|
|
|
|
|
|
|
], |
133
|
|
|
|
|
|
|
) or die FTN::Crypt->error; |
134
|
|
|
|
|
|
|
|
135
|
|
|
|
|
|
|
=cut |
136
|
|
|
|
|
|
|
|
137
|
|
|
|
|
|
|
sub new { |
138
|
1
|
|
|
1
|
1
|
1212
|
my $class = shift; |
139
|
1
|
|
|
|
|
6
|
my (%opts) = @_; |
140
|
|
|
|
|
|
|
|
141
|
1
|
50
|
|
|
|
5
|
unless (%opts) { |
142
|
0
|
|
|
|
|
0
|
$class->set_error('No options specified'); |
143
|
0
|
|
|
|
|
0
|
return; |
144
|
|
|
|
|
|
|
} |
145
|
|
|
|
|
|
|
|
146
|
|
|
|
|
|
|
my $self = { |
147
|
1
|
50
|
|
|
|
23
|
keyserver_url => $opts{Keyserver} ? $opts{Keyserver} : $DEFAULT_KEYSERVER_URL, |
148
|
|
|
|
|
|
|
gnupg => GnuPG::Interface->new(), |
149
|
|
|
|
|
|
|
}; |
150
|
|
|
|
|
|
|
|
151
|
|
|
|
|
|
|
$self->{nodelist} = FTN::Crypt::Nodelist->new( |
152
|
|
|
|
|
|
|
Nodelist => $opts{Nodelist}, |
153
|
|
|
|
|
|
|
Pointlist => $opts{Pointlist}, |
154
|
1
|
|
|
|
|
4216
|
); |
155
|
1
|
50
|
|
|
|
11
|
unless ($self->{nodelist}) { |
156
|
0
|
|
|
|
|
0
|
$class->set_error(FTN::Crypt::Nodelist->error); |
157
|
0
|
|
|
|
|
0
|
return; |
158
|
|
|
|
|
|
|
} |
159
|
|
|
|
|
|
|
|
160
|
|
|
|
|
|
|
$self->{gnupg}->options->hash_init( |
161
|
1
|
|
|
|
|
28
|
armor => 1, |
162
|
|
|
|
|
|
|
meta_interactive => 0, |
163
|
|
|
|
|
|
|
); |
164
|
|
|
|
|
|
|
|
165
|
1
|
50
|
|
|
|
14338
|
$self->{gnupg}->options->push_extra_args('--keyring', $opts{Pubring}) if $opts{Pubring}; |
166
|
1
|
50
|
|
|
|
170
|
$self->{gnupg}->options->push_extra_args('--secret-keyring', $opts{Secring}) if $opts{Secring}; |
167
|
1
|
|
|
|
|
81
|
$self->{gnupg}->options->push_extra_args('--always-trust'); |
168
|
|
|
|
|
|
|
|
169
|
1
|
|
|
|
|
65
|
$self = bless $self, $class; |
170
|
1
|
|
|
|
|
5
|
return $self; |
171
|
|
|
|
|
|
|
} |
172
|
|
|
|
|
|
|
|
173
|
|
|
|
|
|
|
#----------------------------------------------------------------------# |
174
|
|
|
|
|
|
|
|
175
|
|
|
|
|
|
|
=head2 encrypt_message() |
176
|
|
|
|
|
|
|
|
177
|
|
|
|
|
|
|
Message encryption. |
178
|
|
|
|
|
|
|
|
179
|
|
|
|
|
|
|
=head3 Parameters: |
180
|
|
|
|
|
|
|
|
181
|
|
|
|
|
|
|
=over 4 |
182
|
|
|
|
|
|
|
|
183
|
|
|
|
|
|
|
=item * C<Address>: Recipient's FTN address. |
184
|
|
|
|
|
|
|
|
185
|
|
|
|
|
|
|
=item * C<Message>: FTN message text with kludges. |
186
|
|
|
|
|
|
|
|
187
|
|
|
|
|
|
|
=back |
188
|
|
|
|
|
|
|
|
189
|
|
|
|
|
|
|
=head3 Returns: |
190
|
|
|
|
|
|
|
|
191
|
|
|
|
|
|
|
Encrypted message or error in C<$obj-E<gt>error>. |
192
|
|
|
|
|
|
|
|
193
|
|
|
|
|
|
|
Sample: |
194
|
|
|
|
|
|
|
|
195
|
|
|
|
|
|
|
my $res = $obj->encrypt_message( |
196
|
|
|
|
|
|
|
Address => $ftn_address, |
197
|
|
|
|
|
|
|
Message => $msg, |
198
|
|
|
|
|
|
|
) or die $obj->error; |
199
|
|
|
|
|
|
|
|
200
|
|
|
|
|
|
|
=cut |
201
|
|
|
|
|
|
|
|
202
|
|
|
|
|
|
|
sub encrypt_message { |
203
|
1
|
|
|
1
|
1
|
924
|
my $self = shift; |
204
|
1
|
|
|
|
|
5
|
my (%opts) = @_; |
205
|
|
|
|
|
|
|
|
206
|
|
|
|
|
|
|
my $msg = FTN::Crypt::Msg->new( |
207
|
|
|
|
|
|
|
Address => $opts{Address}, |
208
|
|
|
|
|
|
|
Message => $opts{Message}, |
209
|
1
|
|
|
|
|
15
|
); |
210
|
1
|
50
|
|
|
|
3
|
unless ($msg) { |
211
|
0
|
|
|
|
|
0
|
$self->set_error(FTN::Crypt::Msg->error); |
212
|
0
|
|
|
|
|
0
|
return; |
213
|
|
|
|
|
|
|
} |
214
|
|
|
|
|
|
|
|
215
|
1
|
|
|
|
|
2
|
my $res; |
216
|
|
|
|
|
|
|
|
217
|
1
|
|
|
|
|
7
|
my ($addr, $method) = $self->{nodelist}->get_email_addr($msg->get_address); |
218
|
1
|
50
|
|
|
|
36
|
unless ($addr) { |
219
|
0
|
|
|
|
|
0
|
$self->set_error('Encryption-capable address not found', $self->{nodelist}->error); |
220
|
0
|
|
|
|
|
0
|
return; |
221
|
|
|
|
|
|
|
} |
222
|
|
|
|
|
|
|
|
223
|
1
|
|
|
|
|
7
|
my $gnupg_ver = $self->{gnupg}->version; |
224
|
1
|
50
|
|
|
|
18145
|
if ($method eq 'PGP2') { |
|
|
50
|
|
|
|
|
|
225
|
0
|
0
|
|
|
|
0
|
if (version->parse($gnupg_ver) < version->parse($GPG2_BVER)) { |
226
|
0
|
|
|
|
|
0
|
$self->{gnupg}->options->meta_pgp_2_compatible(1); |
227
|
|
|
|
|
|
|
} else { |
228
|
0
|
|
|
|
|
0
|
$self->set_error("GnuPG is too new (ver. $gnupg_ver), can't ensure required encryption method ($method)"); |
229
|
0
|
|
|
|
|
0
|
return; |
230
|
|
|
|
|
|
|
} |
231
|
|
|
|
|
|
|
} elsif ($method eq 'PGP5') { |
232
|
1
|
|
|
|
|
66
|
$self->{gnupg}->options->meta_pgp_5_compatible(1); |
233
|
|
|
|
|
|
|
} |
234
|
|
|
|
|
|
|
|
235
|
1
|
50
|
33
|
|
|
138
|
unless ($self->_lookup_key($addr) || $self->_import_key($addr)) { |
236
|
0
|
|
|
|
|
0
|
$self->set_error("PGP key for $addr not found"); |
237
|
0
|
|
|
|
|
0
|
return; |
238
|
|
|
|
|
|
|
} |
239
|
|
|
|
|
|
|
|
240
|
1
|
|
|
|
|
25
|
my $key_id = $self->_select_key($addr); |
241
|
1
|
|
|
|
|
36
|
$self->{gnupg}->options->push_recipients($key_id); |
242
|
|
|
|
|
|
|
|
243
|
1
|
|
|
|
|
125
|
my ($in_fh, $out_fh, $err_fh) = (IO::Handle->new(), IO::Handle->new(), |
244
|
|
|
|
|
|
|
IO::Handle->new()); |
245
|
|
|
|
|
|
|
|
246
|
1
|
|
|
|
|
141
|
my $handles = GnuPG::Handles->new( |
247
|
|
|
|
|
|
|
stdin => $in_fh, |
248
|
|
|
|
|
|
|
stdout => $out_fh, |
249
|
|
|
|
|
|
|
stderr => $err_fh, |
250
|
|
|
|
|
|
|
); |
251
|
|
|
|
|
|
|
|
252
|
1
|
|
|
|
|
572
|
my $pid = $self->{gnupg}->encrypt(handles => $handles); |
253
|
|
|
|
|
|
|
|
254
|
1
|
|
|
|
|
4976
|
print $in_fh $msg->get_text; |
255
|
1
|
|
|
|
|
15
|
close $in_fh; |
256
|
|
|
|
|
|
|
|
257
|
1
|
|
|
|
|
9921
|
my $msg_enc = join '', <$out_fh>; |
258
|
1
|
|
|
|
|
25
|
close $out_fh; |
259
|
|
|
|
|
|
|
|
260
|
1
|
|
|
|
|
19
|
close $err_fh; |
261
|
|
|
|
|
|
|
|
262
|
1
|
|
|
|
|
18
|
waitpid $pid, 0; |
263
|
|
|
|
|
|
|
|
264
|
1
|
50
|
|
|
|
12
|
if ($msg_enc) { |
265
|
1
|
50
|
|
|
|
13
|
unless ($msg->set_text($msg_enc)) { |
266
|
0
|
|
|
|
|
0
|
$self->set_error("Can't write message text", $msg->error); |
267
|
0
|
|
|
|
|
0
|
return; |
268
|
|
|
|
|
|
|
} |
269
|
1
|
50
|
|
|
|
7
|
unless ($msg->add_kludge("$FTN::Crypt::Constants::ENC_MESSAGE_KLUDGE: $method")) { |
270
|
0
|
|
|
|
|
0
|
$self->set_error("Can't modify message kludges", $msg->error); |
271
|
0
|
|
|
|
|
0
|
return; |
272
|
|
|
|
|
|
|
} |
273
|
|
|
|
|
|
|
|
274
|
1
|
|
|
|
|
5
|
$res = $msg->get_message; |
275
|
1
|
50
|
|
|
|
5
|
unless ($res) { |
276
|
0
|
|
|
|
|
0
|
$self->set_error("Can't get message", $msg->error); |
277
|
0
|
|
|
|
|
0
|
return; |
278
|
|
|
|
|
|
|
} |
279
|
|
|
|
|
|
|
} else { |
280
|
0
|
|
|
|
|
0
|
$self->set_error('Message enccryption failed'); |
281
|
0
|
|
|
|
|
0
|
return; |
282
|
|
|
|
|
|
|
} |
283
|
|
|
|
|
|
|
|
284
|
1
|
|
|
|
|
221
|
return $res; |
285
|
|
|
|
|
|
|
} |
286
|
|
|
|
|
|
|
|
287
|
|
|
|
|
|
|
#----------------------------------------------------------------------# |
288
|
|
|
|
|
|
|
|
289
|
|
|
|
|
|
|
=head2 decrypt_message() |
290
|
|
|
|
|
|
|
|
291
|
|
|
|
|
|
|
Message decryption. |
292
|
|
|
|
|
|
|
|
293
|
|
|
|
|
|
|
=head3 Parameters: |
294
|
|
|
|
|
|
|
|
295
|
|
|
|
|
|
|
=over 4 |
296
|
|
|
|
|
|
|
|
297
|
|
|
|
|
|
|
=item * C<Address>: Recipient's FTN address. |
298
|
|
|
|
|
|
|
|
299
|
|
|
|
|
|
|
=item * C<Message>: FTN message text with kludges. |
300
|
|
|
|
|
|
|
|
301
|
|
|
|
|
|
|
=item * C<Passphrase>: Key passphrase. |
302
|
|
|
|
|
|
|
|
303
|
|
|
|
|
|
|
=back |
304
|
|
|
|
|
|
|
|
305
|
|
|
|
|
|
|
=head3 Returns: |
306
|
|
|
|
|
|
|
|
307
|
|
|
|
|
|
|
Decrypted message or error in C<$obj-E<gt>error>. |
308
|
|
|
|
|
|
|
|
309
|
|
|
|
|
|
|
Sample: |
310
|
|
|
|
|
|
|
|
311
|
|
|
|
|
|
|
my $res = $obj->decrypt_message( |
312
|
|
|
|
|
|
|
Address => $ftn_address, |
313
|
|
|
|
|
|
|
Message => $msg, |
314
|
|
|
|
|
|
|
Passphrase => $pass, |
315
|
|
|
|
|
|
|
) or die $obj->error; |
316
|
|
|
|
|
|
|
|
317
|
|
|
|
|
|
|
=cut |
318
|
|
|
|
|
|
|
|
319
|
|
|
|
|
|
|
sub decrypt_message { |
320
|
1
|
|
|
1
|
1
|
1600
|
my $self = shift; |
321
|
1
|
|
|
|
|
15
|
my (%opts) = @_; |
322
|
|
|
|
|
|
|
|
323
|
1
|
50
|
|
|
|
7
|
unless (%opts) { |
324
|
0
|
|
|
|
|
0
|
$self->set_error('No options specified'); |
325
|
0
|
|
|
|
|
0
|
return; |
326
|
|
|
|
|
|
|
} |
327
|
1
|
50
|
|
|
|
3
|
unless (defined $opts{Passphrase}) { |
328
|
0
|
|
|
|
|
0
|
$self->set_error('No passphrase specified'); |
329
|
0
|
|
|
|
|
0
|
return; |
330
|
|
|
|
|
|
|
} |
331
|
|
|
|
|
|
|
|
332
|
|
|
|
|
|
|
my $msg = FTN::Crypt::Msg->new( |
333
|
|
|
|
|
|
|
Address => $opts{Address}, |
334
|
|
|
|
|
|
|
Message => $opts{Message}, |
335
|
1
|
|
|
|
|
15
|
); |
336
|
1
|
50
|
|
|
|
4
|
unless ($msg) { |
337
|
0
|
|
|
|
|
0
|
$self->set_error(FTN::Crypt::Msg->error); |
338
|
0
|
|
|
|
|
0
|
return; |
339
|
|
|
|
|
|
|
} |
340
|
|
|
|
|
|
|
|
341
|
1
|
|
|
|
|
8
|
my $res; |
342
|
|
|
|
|
|
|
|
343
|
|
|
|
|
|
|
my $method_used; |
344
|
1
|
|
|
|
|
3
|
foreach my $c (@{$msg->get_kludges}) { |
|
1
|
|
|
|
|
5
|
|
345
|
2
|
|
|
|
|
4
|
foreach my $k (@{$c}) { |
|
2
|
|
|
|
|
4
|
|
346
|
8
|
100
|
|
|
|
64
|
$method_used = $1 if $k =~ /^$FTN::Crypt::Constants::ENC_MESSAGE_KLUDGE:\s+(\w+)$/; |
347
|
|
|
|
|
|
|
} |
348
|
|
|
|
|
|
|
} |
349
|
1
|
50
|
|
|
|
4
|
unless ($method_used) { |
350
|
0
|
|
|
|
|
0
|
$self->set_error('Message seems not to be encrypted'); |
351
|
0
|
|
|
|
|
0
|
return; |
352
|
|
|
|
|
|
|
} |
353
|
|
|
|
|
|
|
|
354
|
1
|
|
|
|
|
11
|
my ($addr, $method) = $self->{nodelist}->get_email_addr($msg->get_address); |
355
|
1
|
50
|
|
|
|
29
|
unless ($addr) { |
356
|
0
|
|
|
|
|
0
|
$self->set_error('Encryption-capable address not found', $self->{nodelist}->error); |
357
|
0
|
|
|
|
|
0
|
return; |
358
|
|
|
|
|
|
|
} |
359
|
1
|
50
|
|
|
|
4
|
unless ($method) { |
360
|
0
|
|
|
|
|
0
|
$self->set_error('Encryption method not found', $self->{nodelist}->error); |
361
|
0
|
|
|
|
|
0
|
return; |
362
|
|
|
|
|
|
|
} |
363
|
|
|
|
|
|
|
|
364
|
1
|
50
|
|
|
|
4
|
if ($method ne $method_used) { |
365
|
0
|
|
|
|
|
0
|
$self->set_error("Message is encrypted with $method_used while node uses $method"); |
366
|
0
|
|
|
|
|
0
|
return; |
367
|
|
|
|
|
|
|
} |
368
|
|
|
|
|
|
|
|
369
|
1
|
|
|
|
|
21
|
my ($in_fh, $out_fh, $err_fh, $pass_fh) = (IO::Handle->new(), |
370
|
|
|
|
|
|
|
IO::Handle->new(), IO::Handle->new(), IO::Handle->new()); |
371
|
|
|
|
|
|
|
|
372
|
1
|
|
|
|
|
178
|
my $handles = GnuPG::Handles->new( |
373
|
|
|
|
|
|
|
stdin => $in_fh, |
374
|
|
|
|
|
|
|
stdout => $out_fh, |
375
|
|
|
|
|
|
|
stderr => $err_fh, |
376
|
|
|
|
|
|
|
passphrase => $pass_fh, |
377
|
|
|
|
|
|
|
); |
378
|
|
|
|
|
|
|
|
379
|
1
|
|
|
|
|
665
|
my $pid = $self->{gnupg}->decrypt(handles => $handles); |
380
|
|
|
|
|
|
|
|
381
|
1
|
|
|
|
|
5147
|
print $pass_fh $opts{Passphrase}; |
382
|
1
|
|
|
|
|
23
|
close $pass_fh; |
383
|
|
|
|
|
|
|
|
384
|
1
|
|
|
|
|
47
|
print $in_fh $msg->get_text; |
385
|
1
|
|
|
|
|
25
|
close $in_fh; |
386
|
|
|
|
|
|
|
|
387
|
1
|
|
|
|
|
12624
|
my $msg_dec = join '', <$out_fh>; |
388
|
1
|
|
|
|
|
32
|
close $out_fh; |
389
|
|
|
|
|
|
|
|
390
|
1
|
|
|
|
|
16
|
close $err_fh; |
391
|
|
|
|
|
|
|
|
392
|
1
|
|
|
|
|
29
|
waitpid $pid, 0; |
393
|
|
|
|
|
|
|
|
394
|
1
|
50
|
|
|
|
19
|
if ($msg_dec) { |
395
|
1
|
50
|
|
|
|
93
|
unless ($msg->set_text($msg_dec)) { |
396
|
0
|
|
|
|
|
0
|
$self->set_error("Can't write message text", $msg->error); |
397
|
0
|
|
|
|
|
0
|
return; |
398
|
|
|
|
|
|
|
} |
399
|
1
|
50
|
|
|
|
14
|
unless ($msg->remove_kludge($FTN::Crypt::Constants::ENC_MESSAGE_KLUDGE)) { |
400
|
0
|
|
|
|
|
0
|
$self->set_error("Can't modify message kludges", $msg->error); |
401
|
0
|
|
|
|
|
0
|
return; |
402
|
|
|
|
|
|
|
} |
403
|
|
|
|
|
|
|
|
404
|
1
|
|
|
|
|
63
|
$res = $msg->get_message; |
405
|
1
|
50
|
|
|
|
10
|
unless ($res) { |
406
|
0
|
|
|
|
|
0
|
$self->set_error("Can't get message", $msg->error); |
407
|
0
|
|
|
|
|
0
|
return; |
408
|
|
|
|
|
|
|
} |
409
|
|
|
|
|
|
|
} else { |
410
|
0
|
|
|
|
|
0
|
$self->set_error('Message decryption failed'); |
411
|
0
|
|
|
|
|
0
|
return; |
412
|
|
|
|
|
|
|
} |
413
|
|
|
|
|
|
|
|
414
|
1
|
|
|
|
|
138
|
return $res; |
415
|
|
|
|
|
|
|
} |
416
|
|
|
|
|
|
|
|
417
|
|
|
|
|
|
|
#----------------------------------------------------------------------# |
418
|
|
|
|
|
|
|
|
419
|
|
|
|
|
|
|
sub _lookup_key { |
420
|
2
|
|
|
2
|
|
369
|
my $self = shift; |
421
|
2
|
|
|
|
|
11
|
my ($uid) = @_; |
422
|
|
|
|
|
|
|
|
423
|
2
|
|
|
|
|
63
|
my ($out_fh, $err_fh) = (IO::Handle->new(), IO::Handle->new()); |
424
|
|
|
|
|
|
|
|
425
|
2
|
|
|
|
|
296
|
my $handles = GnuPG::Handles->new( |
426
|
|
|
|
|
|
|
stdout => $out_fh, |
427
|
|
|
|
|
|
|
stderr => $err_fh, |
428
|
|
|
|
|
|
|
); |
429
|
|
|
|
|
|
|
|
430
|
|
|
|
|
|
|
my $pid = $self->{gnupg}->list_public_keys( |
431
|
2
|
|
|
|
|
928
|
handles => $handles, |
432
|
|
|
|
|
|
|
command_args => [$uid], |
433
|
|
|
|
|
|
|
); |
434
|
|
|
|
|
|
|
|
435
|
2
|
|
|
|
|
26210
|
my $out = join '', <$out_fh>; |
436
|
|
|
|
|
|
|
|
437
|
2
|
|
|
|
|
51
|
close $out_fh; |
438
|
2
|
|
|
|
|
28
|
close $err_fh; |
439
|
|
|
|
|
|
|
|
440
|
2
|
|
|
|
|
47
|
waitpid $pid, 0; |
441
|
|
|
|
|
|
|
|
442
|
2
|
50
|
|
|
|
173
|
return $out ? 1 : 0; |
443
|
|
|
|
|
|
|
} |
444
|
|
|
|
|
|
|
|
445
|
|
|
|
|
|
|
#----------------------------------------------------------------------# |
446
|
|
|
|
|
|
|
|
447
|
|
|
|
|
|
|
sub _import_key { |
448
|
0
|
|
|
0
|
|
0
|
my ($self, $uid) = @_; |
449
|
|
|
|
|
|
|
|
450
|
0
|
0
|
|
|
|
0
|
return if $self->_lookup_key($uid); |
451
|
|
|
|
|
|
|
|
452
|
0
|
|
|
|
|
0
|
my $res; |
453
|
|
|
|
|
|
|
|
454
|
|
|
|
|
|
|
try { |
455
|
|
|
|
|
|
|
my $finger = PGP::Finger->new( |
456
|
|
|
|
|
|
|
sources => [ |
457
|
|
|
|
|
|
|
PGP::Finger::Keyserver->new( |
458
|
|
|
|
|
|
|
url => $self->{keyserver_url}, |
459
|
0
|
|
|
0
|
|
0
|
), |
460
|
|
|
|
|
|
|
# Now there are no PGP-related DNS records in fidonet.net zone |
461
|
|
|
|
|
|
|
#~ PGP::Finger::DNS->new( |
462
|
|
|
|
|
|
|
#~ dnssec => 1, |
463
|
|
|
|
|
|
|
#~ rr_types => ['OPENPGPKEY', 'TYPE61'], |
464
|
|
|
|
|
|
|
#~ ), |
465
|
|
|
|
|
|
|
], |
466
|
|
|
|
|
|
|
); |
467
|
0
|
|
|
|
|
0
|
$res = $finger->fetch($uid); |
468
|
|
|
|
|
|
|
} catch { |
469
|
0
|
|
|
0
|
|
0
|
return; |
470
|
0
|
|
|
|
|
0
|
}; |
471
|
|
|
|
|
|
|
|
472
|
0
|
0
|
|
|
|
0
|
if ($res) { |
473
|
0
|
|
|
|
|
0
|
my ($in_fh, $out_fh, $err_fh) = (IO::Handle->new(), |
474
|
|
|
|
|
|
|
IO::Handle->new(), IO::Handle->new()); |
475
|
|
|
|
|
|
|
|
476
|
0
|
|
|
|
|
0
|
my $handles = GnuPG::Handles->new( |
477
|
|
|
|
|
|
|
stdin => $in_fh, |
478
|
|
|
|
|
|
|
stdout => $out_fh, |
479
|
|
|
|
|
|
|
stderr => $err_fh, |
480
|
|
|
|
|
|
|
); |
481
|
|
|
|
|
|
|
|
482
|
0
|
|
|
|
|
0
|
my $pid = $self->{gnupg}->import_keys(handles => $handles); |
483
|
|
|
|
|
|
|
|
484
|
0
|
|
|
|
|
0
|
print $in_fh $res->as_string('armored'); |
485
|
0
|
|
|
|
|
0
|
close $in_fh; |
486
|
|
|
|
|
|
|
|
487
|
0
|
|
|
|
|
0
|
close $out_fh; |
488
|
0
|
|
|
|
|
0
|
close $err_fh; |
489
|
|
|
|
|
|
|
|
490
|
0
|
|
|
|
|
0
|
waitpid $pid, 0; |
491
|
|
|
|
|
|
|
|
492
|
0
|
|
|
|
|
0
|
return 1; |
493
|
|
|
|
|
|
|
} |
494
|
|
|
|
|
|
|
|
495
|
0
|
|
|
|
|
0
|
return; |
496
|
|
|
|
|
|
|
} |
497
|
|
|
|
|
|
|
|
498
|
|
|
|
|
|
|
#----------------------------------------------------------------------# |
499
|
|
|
|
|
|
|
|
500
|
|
|
|
|
|
|
sub _select_key { |
501
|
1
|
|
|
1
|
|
11
|
my ($self, $uid) = @_; |
502
|
|
|
|
|
|
|
|
503
|
1
|
50
|
|
|
|
16
|
return unless $self->_lookup_key($uid); |
504
|
|
|
|
|
|
|
|
505
|
1
|
|
|
|
|
17
|
my @keys; |
506
|
1
|
|
|
|
|
25
|
foreach my $key ($self->{gnupg}->get_public_keys($uid)) { |
507
|
1
|
50
|
33
|
|
|
169151
|
push @keys, [$key->creation_date, $key->hex_id] |
508
|
|
|
|
|
|
|
if !$self->_key_is_disabled($key) && $self->_key_can_encrypt($key); |
509
|
1
|
|
|
|
|
53
|
foreach my $subkey (@{$key->subkeys_ref}) { |
|
1
|
|
|
|
|
20
|
|
510
|
1
|
50
|
33
|
|
|
7
|
push @keys, [$subkey->creation_date, $subkey->hex_id] |
511
|
|
|
|
|
|
|
if !$self->_key_is_disabled($subkey) && $self->_key_can_encrypt($subkey); |
512
|
|
|
|
|
|
|
} |
513
|
|
|
|
|
|
|
} |
514
|
|
|
|
|
|
|
|
515
|
1
|
|
|
|
|
9
|
@keys = map { '0x' . substr $_->[1], -8 } |
516
|
1
|
|
|
|
|
76
|
sort { $b->[0] <=> $a->[0] } |
|
0
|
|
|
|
|
0
|
|
517
|
|
|
|
|
|
|
@keys; |
518
|
|
|
|
|
|
|
|
519
|
1
|
|
|
|
|
5
|
return $keys[0]; |
520
|
|
|
|
|
|
|
} |
521
|
|
|
|
|
|
|
|
522
|
|
|
|
|
|
|
#----------------------------------------------------------------------# |
523
|
|
|
|
|
|
|
|
524
|
|
|
|
|
|
|
sub _key_is_disabled { |
525
|
2
|
|
|
2
|
|
8
|
my ($self, $key) = @_; |
526
|
|
|
|
|
|
|
|
527
|
2
|
|
|
|
|
47
|
return index($key->usage_flags, 'D') != -1; |
528
|
|
|
|
|
|
|
} |
529
|
|
|
|
|
|
|
|
530
|
|
|
|
|
|
|
#----------------------------------------------------------------------# |
531
|
|
|
|
|
|
|
|
532
|
|
|
|
|
|
|
sub _key_can_encrypt { |
533
|
2
|
|
|
2
|
|
63
|
my ($self, $key) = @_; |
534
|
|
|
|
|
|
|
|
535
|
2
|
|
|
|
|
40
|
return index($key->usage_flags, 'E') != -1; |
536
|
|
|
|
|
|
|
} |
537
|
|
|
|
|
|
|
|
538
|
|
|
|
|
|
|
1; |
539
|
|
|
|
|
|
|
__END__ |
540
|
|
|
|
|
|
|
|
541
|
|
|
|
|
|
|
=head1 AUTHOR |
542
|
|
|
|
|
|
|
|
543
|
|
|
|
|
|
|
Petr Antonov, E<lt>pietro@cpan.orgE<gt> |
544
|
|
|
|
|
|
|
|
545
|
|
|
|
|
|
|
=head1 COPYRIGHT AND LICENSE |
546
|
|
|
|
|
|
|
|
547
|
|
|
|
|
|
|
Copyright (C) 2019 by Petr Antonov |
548
|
|
|
|
|
|
|
|
549
|
|
|
|
|
|
|
This library is free software; you can redistribute it and/or modify it |
550
|
|
|
|
|
|
|
under the same terms as Perl 5.10.0. For more details, see the full text |
551
|
|
|
|
|
|
|
of the licenses at L<https://opensource.org/licenses/Artistic-1.0>, and |
552
|
|
|
|
|
|
|
L<http://www.gnu.org/licenses/gpl-2.0.html>. |
553
|
|
|
|
|
|
|
|
554
|
|
|
|
|
|
|
This package is provided "as is" and without any express or implied |
555
|
|
|
|
|
|
|
warranties, including, without limitation, the implied warranties of |
556
|
|
|
|
|
|
|
merchantability and fitness for a particular purpose. |
557
|
|
|
|
|
|
|
|
558
|
|
|
|
|
|
|
=head1 INSTALLATION |
559
|
|
|
|
|
|
|
|
560
|
|
|
|
|
|
|
Using C<cpan>: |
561
|
|
|
|
|
|
|
|
562
|
|
|
|
|
|
|
$ cpan FTN::Crypt |
563
|
|
|
|
|
|
|
|
564
|
|
|
|
|
|
|
Manual install: |
565
|
|
|
|
|
|
|
|
566
|
|
|
|
|
|
|
$ perl Makefile.PL |
567
|
|
|
|
|
|
|
$ make |
568
|
|
|
|
|
|
|
$ make test |
569
|
|
|
|
|
|
|
$ make install |
570
|
|
|
|
|
|
|
|
571
|
|
|
|
|
|
|
=head1 REFERENCES |
572
|
|
|
|
|
|
|
|
573
|
|
|
|
|
|
|
=over 4 |
574
|
|
|
|
|
|
|
|
575
|
|
|
|
|
|
|
=item 1 L<FidoNet Policy Document Version 4.07|https://www.fidonet.org/policy4.txt> |
576
|
|
|
|
|
|
|
|
577
|
|
|
|
|
|
|
=item 2 L<FTS-5001 - Nodelist flags and userflags|http://ftsc.org/docs/fts-5001.006> |
578
|
|
|
|
|
|
|
|
579
|
|
|
|
|
|
|
=item 3 L<FSC-0073 - Encrypted message identification for FidoNet *Draft I*|http://ftsc.org/docs/fsc-0073.001> |
580
|
|
|
|
|
|
|
|
581
|
|
|
|
|
|
|
=back |
582
|
|
|
|
|
|
|
|
583
|
|
|
|
|
|
|
=cut |