line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Mail::GnuPG; |
2
|
|
|
|
|
|
|
|
3
|
|
|
|
|
|
|
=head1 NAME |
4
|
|
|
|
|
|
|
|
5
|
|
|
|
|
|
|
Mail::GnuPG - Process email with GPG. |
6
|
|
|
|
|
|
|
|
7
|
|
|
|
|
|
|
=head1 SYNOPSIS |
8
|
|
|
|
|
|
|
|
9
|
|
|
|
|
|
|
use Mail::GnuPG; |
10
|
|
|
|
|
|
|
my $mg = new Mail::GnuPG( key => 'ABCDEFGH' ); |
11
|
|
|
|
|
|
|
$ret = $mg->mime_sign( $MIMEObj, 'you@my.dom' ); |
12
|
|
|
|
|
|
|
|
13
|
|
|
|
|
|
|
=head1 DESCRIPTION |
14
|
|
|
|
|
|
|
|
15
|
|
|
|
|
|
|
Use GnuPG::Interface to process or create PGP signed or encrypted |
16
|
|
|
|
|
|
|
email. |
17
|
|
|
|
|
|
|
|
18
|
|
|
|
|
|
|
=cut |
19
|
|
|
|
|
|
|
|
20
|
8
|
|
|
8
|
|
118620
|
use 5.006; |
|
8
|
|
|
|
|
22
|
|
21
|
8
|
|
|
8
|
|
29
|
use strict; |
|
8
|
|
|
|
|
9
|
|
|
8
|
|
|
|
|
142
|
|
22
|
8
|
|
|
8
|
|
23
|
use warnings; |
|
8
|
|
|
|
|
9
|
|
|
8
|
|
|
|
|
373
|
|
23
|
|
|
|
|
|
|
|
24
|
|
|
|
|
|
|
our $VERSION = '0.23'; |
25
|
|
|
|
|
|
|
my $DEBUG = 0; |
26
|
|
|
|
|
|
|
|
27
|
8
|
|
|
8
|
|
4070
|
use GnuPG::Interface; |
|
8
|
|
|
|
|
2196936
|
|
|
8
|
|
|
|
|
271
|
|
28
|
8
|
|
|
8
|
|
59
|
use File::Spec; |
|
8
|
|
|
|
|
12
|
|
|
8
|
|
|
|
|
174
|
|
29
|
8
|
|
|
8
|
|
4780
|
use File::Temp; |
|
8
|
|
|
|
|
52988
|
|
|
8
|
|
|
|
|
610
|
|
30
|
8
|
|
|
8
|
|
50
|
use IO::Handle; |
|
8
|
|
|
|
|
10
|
|
|
8
|
|
|
|
|
298
|
|
31
|
8
|
|
|
8
|
|
5570
|
use MIME::Entity; |
|
8
|
|
|
|
|
528688
|
|
|
8
|
|
|
|
|
293
|
|
32
|
8
|
|
|
8
|
|
5370
|
use MIME::Parser; |
|
8
|
|
|
|
|
73858
|
|
|
8
|
|
|
|
|
309
|
|
33
|
8
|
|
|
8
|
|
110
|
use Mail::Address; |
|
8
|
|
|
|
|
13
|
|
|
8
|
|
|
|
|
138
|
|
34
|
8
|
|
|
8
|
|
28
|
use IO::Select; |
|
8
|
|
|
|
|
8
|
|
|
8
|
|
|
|
|
331
|
|
35
|
8
|
|
|
8
|
|
29
|
use Errno qw(EPIPE); |
|
8
|
|
|
|
|
11
|
|
|
8
|
|
|
|
|
32486
|
|
36
|
|
|
|
|
|
|
|
37
|
|
|
|
|
|
|
=head2 new |
38
|
|
|
|
|
|
|
|
39
|
|
|
|
|
|
|
Create a new Mail::GnuPG instance. |
40
|
|
|
|
|
|
|
|
41
|
|
|
|
|
|
|
Arguments: |
42
|
|
|
|
|
|
|
Paramhash... |
43
|
|
|
|
|
|
|
|
44
|
|
|
|
|
|
|
key => gpg key id |
45
|
|
|
|
|
|
|
keydir => gpg configuration/key directory |
46
|
|
|
|
|
|
|
passphrase => primary key password |
47
|
|
|
|
|
|
|
use_agent => use gpg-agent if non-zero |
48
|
|
|
|
|
|
|
always_trust => always trust a public key |
49
|
|
|
|
|
|
|
# FIXME: we need more things here, maybe primary key id. |
50
|
|
|
|
|
|
|
|
51
|
|
|
|
|
|
|
|
52
|
|
|
|
|
|
|
=cut |
53
|
|
|
|
|
|
|
|
54
|
|
|
|
|
|
|
sub new { |
55
|
5
|
|
|
5
|
1
|
742460
|
my $proto = shift; |
56
|
5
|
|
33
|
|
|
90
|
my $class = ref($proto) || $proto; |
57
|
5
|
|
|
|
|
94
|
my $self = { |
58
|
|
|
|
|
|
|
key => undef, |
59
|
|
|
|
|
|
|
keydir => undef, |
60
|
|
|
|
|
|
|
passphrase => "", |
61
|
|
|
|
|
|
|
gpg_path => "gpg", |
62
|
|
|
|
|
|
|
use_agent => 0, |
63
|
|
|
|
|
|
|
@_ |
64
|
|
|
|
|
|
|
}; |
65
|
5
|
|
|
|
|
30
|
$self->{last_message} = []; |
66
|
5
|
|
|
|
|
26
|
$self->{plaintext} = []; |
67
|
5
|
|
|
|
|
18
|
bless ($self, $class); |
68
|
5
|
|
|
|
|
24
|
return $self; |
69
|
|
|
|
|
|
|
} |
70
|
|
|
|
|
|
|
|
71
|
|
|
|
|
|
|
sub _set_options { |
72
|
11
|
|
|
11
|
|
26
|
my ($self,$gnupg) = @_; |
73
|
11
|
|
|
|
|
156
|
$gnupg->options->meta_interactive( 0 ); |
74
|
|
|
|
|
|
|
$gnupg->options->hash_init( armor => 1, |
75
|
|
|
|
|
|
|
( defined $self->{keydir} ? |
76
|
|
|
|
|
|
|
(homedir => $self->{keydir}) : () ), |
77
|
|
|
|
|
|
|
( defined $self->{key} ? |
78
|
11
|
50
|
|
|
|
54830
|
( default_key => $self->{key} ) : () ), |
|
|
100
|
|
|
|
|
|
79
|
|
|
|
|
|
|
# ( defined $self->{passphrase} ? |
80
|
|
|
|
|
|
|
# ( passphrase => $self->{passphrase} ) : () ), |
81
|
|
|
|
|
|
|
); |
82
|
11
|
50
|
|
|
|
6324
|
if ($self->{use_agent}) { |
83
|
0
|
|
|
|
|
0
|
push @{$gnupg->options->extra_args}, '--use-agent'; |
|
0
|
|
|
|
|
0
|
|
84
|
|
|
|
|
|
|
} |
85
|
|
|
|
|
|
|
|
86
|
11
|
50
|
|
|
|
40
|
if (defined $self->{always_trust}) { |
87
|
|
|
|
|
|
|
$gnupg->options->always_trust($self->{always_trust}) |
88
|
0
|
|
|
|
|
0
|
} |
89
|
11
|
50
|
|
|
|
204
|
$gnupg->call( $self->{gpg_path} ) if defined $self->{gpg_path}; |
90
|
|
|
|
|
|
|
} |
91
|
|
|
|
|
|
|
|
92
|
|
|
|
|
|
|
|
93
|
|
|
|
|
|
|
=head2 decrypt |
94
|
|
|
|
|
|
|
|
95
|
|
|
|
|
|
|
Decrypt an encrypted message |
96
|
|
|
|
|
|
|
|
97
|
|
|
|
|
|
|
Input: |
98
|
|
|
|
|
|
|
MIME::Entity containing email message to decrypt. |
99
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
|
The message can either be in RFC compliant-ish multipart/encrypted |
101
|
|
|
|
|
|
|
format, or just a single part ascii armored message. |
102
|
|
|
|
|
|
|
|
103
|
|
|
|
|
|
|
Output: |
104
|
|
|
|
|
|
|
On Failure: |
105
|
|
|
|
|
|
|
Exit code of gpg. (0 on success) |
106
|
|
|
|
|
|
|
|
107
|
|
|
|
|
|
|
On Success: (just encrypted) |
108
|
|
|
|
|
|
|
(0, undef, undef) |
109
|
|
|
|
|
|
|
|
110
|
|
|
|
|
|
|
On success: (signed and encrypted) |
111
|
|
|
|
|
|
|
( 0, |
112
|
|
|
|
|
|
|
keyid, # ABCDDCBA |
113
|
|
|
|
|
|
|
emailaddress # Foo Bar |
114
|
|
|
|
|
|
|
) |
115
|
|
|
|
|
|
|
|
116
|
|
|
|
|
|
|
where the keyid is the key that signed it, and emailaddress is full |
117
|
|
|
|
|
|
|
name and email address of the primary uid |
118
|
|
|
|
|
|
|
|
119
|
|
|
|
|
|
|
|
120
|
|
|
|
|
|
|
$self->{last_message} => any errors from gpg |
121
|
|
|
|
|
|
|
$self->{plaintext} => plaintext output from gpg |
122
|
|
|
|
|
|
|
$self->{decrypted} => parsed output as MIME::Entity |
123
|
|
|
|
|
|
|
|
124
|
|
|
|
|
|
|
=cut |
125
|
|
|
|
|
|
|
|
126
|
|
|
|
|
|
|
sub decrypt { |
127
|
2
|
|
|
2
|
1
|
673
|
my ($self, $message) = @_; |
128
|
2
|
|
|
|
|
9
|
my $ciphertext = ""; |
129
|
|
|
|
|
|
|
|
130
|
2
|
|
|
|
|
10
|
$self->{last_message} = []; |
131
|
|
|
|
|
|
|
|
132
|
2
|
50
|
33
|
|
|
46
|
unless (ref $message && $message->isa("MIME::Entity")) { |
133
|
0
|
|
|
|
|
0
|
die "decrypt only knows about MIME::Entitys right now"; |
134
|
0
|
|
|
|
|
0
|
return 255; |
135
|
|
|
|
|
|
|
} |
136
|
|
|
|
|
|
|
|
137
|
2
|
|
|
|
|
5
|
my $armor_message = 0; |
138
|
2
|
50
|
|
|
|
15
|
if ($message->effective_type =~ m!multipart/encrypted!) { |
|
|
50
|
|
|
|
|
|
139
|
0
|
0
|
|
|
|
0
|
die "multipart/encrypted with more than two parts" |
140
|
|
|
|
|
|
|
if ($message->parts != 2); |
141
|
0
|
0
|
|
|
|
0
|
die "Content-Type not pgp-encrypted" |
142
|
|
|
|
|
|
|
unless $message->parts(0)->effective_type =~ |
143
|
|
|
|
|
|
|
m!application/pgp-encrypted!; |
144
|
0
|
|
|
|
|
0
|
$ciphertext = $message->parts(1)->stringify_body; |
145
|
|
|
|
|
|
|
} |
146
|
|
|
|
|
|
|
elsif ($message->bodyhandle->as_string |
147
|
|
|
|
|
|
|
=~ m!^-----BEGIN PGP MESSAGE-----!m ) { |
148
|
2
|
|
|
|
|
346
|
$ciphertext = $message->bodyhandle->as_string; |
149
|
2
|
|
|
|
|
14
|
$armor_message = 1; |
150
|
|
|
|
|
|
|
} |
151
|
|
|
|
|
|
|
else { |
152
|
0
|
|
|
|
|
0
|
die "Unknown Content-Type or no PGP message in body" |
153
|
|
|
|
|
|
|
} |
154
|
|
|
|
|
|
|
|
155
|
2
|
|
|
|
|
47
|
my $gnupg = GnuPG::Interface->new(); |
156
|
2
|
|
|
|
|
3956
|
$self->_set_options($gnupg); |
157
|
|
|
|
|
|
|
# how we create some handles to interact with GnuPG |
158
|
|
|
|
|
|
|
# This time we'll catch the standard error for our perusing |
159
|
|
|
|
|
|
|
# as well as passing in the passphrase manually |
160
|
|
|
|
|
|
|
# as well as the status information given by GnuPG |
161
|
2
|
|
|
|
|
61
|
my ( $input, $output, $error, $passphrase_fh, $status_fh ) |
162
|
|
|
|
|
|
|
= ( new IO::Handle, new IO::Handle,new IO::Handle, |
163
|
|
|
|
|
|
|
new IO::Handle,new IO::Handle,); |
164
|
|
|
|
|
|
|
|
165
|
|
|
|
|
|
|
my $handles = GnuPG::Handles->new( stdin => $input, |
166
|
|
|
|
|
|
|
stdout => $output, |
167
|
|
|
|
|
|
|
stderr => $error, |
168
|
2
|
50
|
|
|
|
137
|
$self->{use_agent} ? () : (passphrase => $passphrase_fh), |
169
|
|
|
|
|
|
|
status => $status_fh, |
170
|
|
|
|
|
|
|
); |
171
|
|
|
|
|
|
|
|
172
|
|
|
|
|
|
|
# this sets up the communication |
173
|
2
|
|
|
|
|
5975
|
my $pid = $gnupg->decrypt( handles => $handles ); |
174
|
|
|
|
|
|
|
|
175
|
2
|
50
|
|
|
|
8244
|
die "NO PASSPHRASE" unless defined $passphrase_fh; |
176
|
|
|
|
|
|
|
my $read = _communicate([$output, $error, $status_fh], |
177
|
|
|
|
|
|
|
[$input, $self->{use_agent} ? () : $passphrase_fh], |
178
|
|
|
|
|
|
|
{ $input => $ciphertext, |
179
|
2
|
50
|
|
|
|
119
|
$self->{use_agent} ? () : ($passphrase_fh => $self->{passphrase})} |
|
|
50
|
|
|
|
|
|
180
|
|
|
|
|
|
|
); |
181
|
|
|
|
|
|
|
|
182
|
2
|
|
|
|
|
9142
|
my @plaintext = split(/^/m, $read->{$output}); |
183
|
2
|
|
|
|
|
14
|
my @error_output = split(/^/m, $read->{$error}); |
184
|
2
|
|
|
|
|
13
|
my @status_info = split(/^/m, $read->{$status_fh}); |
185
|
|
|
|
|
|
|
|
186
|
2
|
|
|
|
|
33
|
waitpid $pid, 0; |
187
|
2
|
|
|
|
|
10
|
my $return = $?; |
188
|
2
|
50
|
|
|
|
12
|
$return = 0 if $return == -1; |
189
|
|
|
|
|
|
|
|
190
|
2
|
|
|
|
|
3
|
my $exit_value = $return >> 8; |
191
|
|
|
|
|
|
|
|
192
|
|
|
|
|
|
|
|
193
|
|
|
|
|
|
|
|
194
|
2
|
|
|
|
|
9
|
$self->{last_message} = \@error_output; |
195
|
2
|
|
|
|
|
6
|
$self->{plaintext} = \@plaintext; |
196
|
|
|
|
|
|
|
|
197
|
2
|
|
|
|
|
39
|
my $parser = new MIME::Parser; |
198
|
2
|
|
|
|
|
360
|
$parser->output_to_core(1); |
199
|
|
|
|
|
|
|
|
200
|
|
|
|
|
|
|
# for armor message (which usually contain no MIME entity) |
201
|
|
|
|
|
|
|
# and if the first line seems to be no header, add an empty |
202
|
|
|
|
|
|
|
# line at the top, otherwise the first line of a text message |
203
|
|
|
|
|
|
|
# will be removed by the parser. |
204
|
2
|
50
|
33
|
|
|
45
|
if ( $armor_message and $plaintext[0] and $plaintext[0] !~ /^[\w-]+:/ ) { |
|
|
|
33
|
|
|
|
|
205
|
2
|
|
|
|
|
763
|
unshift @plaintext, "\n"; |
206
|
|
|
|
|
|
|
} |
207
|
|
|
|
|
|
|
|
208
|
2
|
|
|
|
|
16
|
my $entity = $parser->parse_data(\@plaintext); |
209
|
2
|
|
|
|
|
6982
|
$self->{decrypted} = $entity; |
210
|
|
|
|
|
|
|
|
211
|
2
|
50
|
|
|
|
15
|
return $exit_value if $exit_value; # failure |
212
|
|
|
|
|
|
|
|
213
|
|
|
|
|
|
|
# if the message was signed and encrypted, extract the signature |
214
|
|
|
|
|
|
|
# information and return it. In some theory or another, you can't |
215
|
|
|
|
|
|
|
# trust an unsigned encrypted message is from who it says signed it. |
216
|
|
|
|
|
|
|
# (Although I think it would have to go hand in hand at some point.) |
217
|
|
|
|
|
|
|
|
218
|
2
|
|
|
|
|
7
|
my $result = join "", @error_output; |
219
|
2
|
|
|
|
|
13
|
my ($keyid, $pemail) = key_and_uid_from_status(@status_info); |
220
|
|
|
|
|
|
|
|
221
|
2
|
|
|
|
|
142
|
return ($exit_value,$keyid,$pemail); |
222
|
|
|
|
|
|
|
|
223
|
|
|
|
|
|
|
} |
224
|
|
|
|
|
|
|
|
225
|
|
|
|
|
|
|
=head2 get_decrypt_key |
226
|
|
|
|
|
|
|
|
227
|
|
|
|
|
|
|
determines the decryption key (and corresponding mail) of a message |
228
|
|
|
|
|
|
|
|
229
|
|
|
|
|
|
|
Input: |
230
|
|
|
|
|
|
|
MIME::Entity containing email message to analyze. |
231
|
|
|
|
|
|
|
|
232
|
|
|
|
|
|
|
The message can either be in RFC compliant-ish multipart/signed |
233
|
|
|
|
|
|
|
format, or just a single part ascii armored message. |
234
|
|
|
|
|
|
|
|
235
|
|
|
|
|
|
|
Output: |
236
|
|
|
|
|
|
|
$key -- decryption key |
237
|
|
|
|
|
|
|
$mail -- corresponding mail address |
238
|
|
|
|
|
|
|
|
239
|
|
|
|
|
|
|
=cut |
240
|
|
|
|
|
|
|
|
241
|
|
|
|
|
|
|
sub get_decrypt_key { |
242
|
0
|
|
|
0
|
1
|
0
|
my ($self, $message) = @_; |
243
|
|
|
|
|
|
|
|
244
|
0
|
0
|
0
|
|
|
0
|
unless (ref $message && $message->isa("MIME::Entity")) { |
245
|
0
|
|
|
|
|
0
|
die "decrypt only knows about MIME::Entitys right now"; |
246
|
|
|
|
|
|
|
} |
247
|
|
|
|
|
|
|
|
248
|
0
|
|
|
|
|
0
|
my $ciphertext; |
249
|
|
|
|
|
|
|
|
250
|
0
|
0
|
|
|
|
0
|
if ($message->effective_type =~ m!multipart/encrypted!) { |
|
|
0
|
|
|
|
|
|
251
|
0
|
0
|
|
|
|
0
|
die "multipart/encrypted with more than two parts" |
252
|
|
|
|
|
|
|
if ($message->parts != 2); |
253
|
0
|
0
|
|
|
|
0
|
die "Content-Type not pgp-encrypted" |
254
|
|
|
|
|
|
|
unless $message->parts(0)->effective_type =~ |
255
|
|
|
|
|
|
|
m!application/pgp-encrypted!; |
256
|
0
|
|
|
|
|
0
|
$ciphertext = $message->parts(1)->stringify_body; |
257
|
|
|
|
|
|
|
} |
258
|
|
|
|
|
|
|
elsif ($message->bodyhandle->as_string |
259
|
|
|
|
|
|
|
=~ m!^-----BEGIN PGP MESSAGE-----!m ) { |
260
|
0
|
|
|
|
|
0
|
$ciphertext = $message->bodyhandle->as_string; |
261
|
|
|
|
|
|
|
} |
262
|
|
|
|
|
|
|
else { |
263
|
0
|
|
|
|
|
0
|
die "Unknown Content-Type or no PGP message in body" |
264
|
|
|
|
|
|
|
} |
265
|
|
|
|
|
|
|
|
266
|
0
|
|
|
|
|
0
|
my $gnupg = GnuPG::Interface->new(); |
267
|
0
|
|
|
|
|
0
|
$gnupg->options->batch(1); |
268
|
0
|
|
|
|
|
0
|
$gnupg->options->status_fd(1); |
269
|
0
|
|
|
|
|
0
|
push @{$gnupg->options->extra_args}, '--list-only'; |
|
0
|
|
|
|
|
0
|
|
270
|
|
|
|
|
|
|
|
271
|
|
|
|
|
|
|
# how we create some handles to interact with GnuPG |
272
|
|
|
|
|
|
|
# This time we'll catch the standard error for our perusing |
273
|
|
|
|
|
|
|
# as well as passing in the passphrase manually |
274
|
|
|
|
|
|
|
# as well as the status information given by GnuPG |
275
|
0
|
|
|
|
|
0
|
my ( $input, $output, $stderr ) |
276
|
|
|
|
|
|
|
= ( new IO::Handle, new IO::Handle, new IO::Handle ); |
277
|
|
|
|
|
|
|
|
278
|
0
|
|
|
|
|
0
|
my $handles = GnuPG::Handles->new( stdin => $input, |
279
|
|
|
|
|
|
|
stdout => $output, |
280
|
|
|
|
|
|
|
stderr => $stderr, |
281
|
|
|
|
|
|
|
); |
282
|
|
|
|
|
|
|
|
283
|
|
|
|
|
|
|
# this sets up the communication |
284
|
0
|
|
|
|
|
0
|
my $pid = $gnupg->wrap_call( |
285
|
|
|
|
|
|
|
handles => $handles, |
286
|
|
|
|
|
|
|
commands => [ "--decrypt" ], |
287
|
|
|
|
|
|
|
command_args => [ ], |
288
|
|
|
|
|
|
|
); |
289
|
|
|
|
|
|
|
|
290
|
0
|
|
|
|
|
0
|
my $read = _communicate([$output], [$input], { $input => $ciphertext }); |
291
|
|
|
|
|
|
|
|
292
|
|
|
|
|
|
|
# reading the output |
293
|
0
|
|
|
|
|
0
|
my @result = split(/^/m, $read->{$output}); |
294
|
|
|
|
|
|
|
|
295
|
|
|
|
|
|
|
# clean up the finished GnuPG process |
296
|
0
|
|
|
|
|
0
|
waitpid $pid, 0; |
297
|
0
|
|
|
|
|
0
|
my $return = $?; |
298
|
0
|
0
|
|
|
|
0
|
$return = 0 if $return == -1; |
299
|
|
|
|
|
|
|
|
300
|
0
|
|
|
|
|
0
|
my $exit_value = $return >> 8; |
301
|
|
|
|
|
|
|
|
302
|
|
|
|
|
|
|
|
303
|
|
|
|
|
|
|
|
304
|
|
|
|
|
|
|
# set last_message |
305
|
0
|
|
|
|
|
0
|
$self->{last_message} = \@result; |
306
|
|
|
|
|
|
|
|
307
|
|
|
|
|
|
|
# grep ENC_TO and NO_SECKEY items |
308
|
0
|
|
|
|
|
0
|
my (@enc_to_keys, %no_sec_keys); |
309
|
0
|
|
|
|
|
0
|
for ( @result ) { |
310
|
0
|
0
|
|
|
|
0
|
push @enc_to_keys, $1 if /ENC_TO\s+([^\s]+)/; |
311
|
0
|
0
|
|
|
|
0
|
$no_sec_keys{$1} = 1 if /NO_SECKEY\s+([^\s]+)/; |
312
|
|
|
|
|
|
|
} |
313
|
|
|
|
|
|
|
|
314
|
|
|
|
|
|
|
# find first key we have the secret portion of |
315
|
0
|
|
|
|
|
0
|
my $key; |
316
|
0
|
|
|
|
|
0
|
foreach my $k ( @enc_to_keys ) { |
317
|
0
|
0
|
|
|
|
0
|
if ( not exists $no_sec_keys{$k} ) { |
318
|
0
|
|
|
|
|
0
|
$key = $k; |
319
|
0
|
|
|
|
|
0
|
last; |
320
|
|
|
|
|
|
|
} |
321
|
|
|
|
|
|
|
} |
322
|
|
|
|
|
|
|
|
323
|
0
|
0
|
|
|
|
0
|
return if not $key; |
324
|
|
|
|
|
|
|
|
325
|
|
|
|
|
|
|
# get mail address of this key |
326
|
0
|
0
|
|
|
|
0
|
die "Invalid Key Format: $key" unless $key =~ /^[0-9A-F]+$/i; |
327
|
0
|
|
|
|
|
0
|
my $cmd = $self->{gpg_path} . " --with-colons --list-keys $key 2>&1"; |
328
|
0
|
|
|
|
|
0
|
my $gpg_out = qx[ $cmd ]; |
329
|
|
|
|
|
|
|
## FIXME: this should probably use open| instead. |
330
|
0
|
0
|
0
|
|
|
0
|
die "Couldn't find key $key in keyring" if $gpg_out !~ /\S/ or $?; |
331
|
0
|
|
|
|
|
0
|
my $mail = (split(":", $gpg_out))[9]; |
332
|
|
|
|
|
|
|
|
333
|
0
|
|
|
|
|
0
|
return ($mail, $key); |
334
|
|
|
|
|
|
|
} |
335
|
|
|
|
|
|
|
|
336
|
|
|
|
|
|
|
=head2 verify |
337
|
|
|
|
|
|
|
|
338
|
|
|
|
|
|
|
verify a signed message |
339
|
|
|
|
|
|
|
|
340
|
|
|
|
|
|
|
Input: |
341
|
|
|
|
|
|
|
MIME::Entity containing email message to verify. |
342
|
|
|
|
|
|
|
|
343
|
|
|
|
|
|
|
The message can either be in RFC compliant-ish multipart/signed |
344
|
|
|
|
|
|
|
format, or just a single part ascii armored message. |
345
|
|
|
|
|
|
|
|
346
|
|
|
|
|
|
|
Note that MIME-encoded data should be supplied unmodified inside |
347
|
|
|
|
|
|
|
the MIME::Entity input message, otherwise the signature will be |
348
|
|
|
|
|
|
|
broken. Since MIME-tools version 5.419, this can be achieved with |
349
|
|
|
|
|
|
|
the C method of MIME::Parser. See the MIME::Parser |
350
|
|
|
|
|
|
|
documentation for more information. |
351
|
|
|
|
|
|
|
|
352
|
|
|
|
|
|
|
Output: |
353
|
|
|
|
|
|
|
On error: |
354
|
|
|
|
|
|
|
Exit code of gpg. (0 on success) |
355
|
|
|
|
|
|
|
On success |
356
|
|
|
|
|
|
|
( 0, |
357
|
|
|
|
|
|
|
keyid, # ABCDDCBA |
358
|
|
|
|
|
|
|
emailaddress # Foo Bar |
359
|
|
|
|
|
|
|
) |
360
|
|
|
|
|
|
|
|
361
|
|
|
|
|
|
|
where the keyid is the key that signed it, and emailaddress is full |
362
|
|
|
|
|
|
|
name and email address of the primary uid. The email/uid is UTF8 |
363
|
|
|
|
|
|
|
encoded, as output by GPG. |
364
|
|
|
|
|
|
|
|
365
|
|
|
|
|
|
|
$self->{last_message} => any errors from gpg |
366
|
|
|
|
|
|
|
|
367
|
|
|
|
|
|
|
=cut |
368
|
|
|
|
|
|
|
|
369
|
|
|
|
|
|
|
# Verify RFC2015/RFC3156 email |
370
|
|
|
|
|
|
|
sub verify { |
371
|
4
|
|
|
4
|
1
|
916
|
my ($self, $message) = @_; |
372
|
|
|
|
|
|
|
|
373
|
4
|
|
|
|
|
17
|
my $ciphertext = ""; |
374
|
4
|
|
|
|
|
11
|
my $sigtext = ""; |
375
|
|
|
|
|
|
|
|
376
|
4
|
|
|
|
|
24
|
$self->{last_message} = []; |
377
|
|
|
|
|
|
|
|
378
|
4
|
50
|
33
|
|
|
94
|
unless (ref $message && $message->isa("MIME::Entity")) { |
379
|
0
|
|
|
|
|
0
|
die "VerifyMessage only knows about MIME::Entitys right now"; |
380
|
0
|
|
|
|
|
0
|
return 255; |
381
|
|
|
|
|
|
|
} |
382
|
|
|
|
|
|
|
|
383
|
4
|
100
|
33
|
|
|
31
|
if ($message->effective_type =~ m!multipart/signed!) { |
|
|
50
|
|
|
|
|
|
384
|
2
|
50
|
|
|
|
377
|
die "multipart/signed with more than two parts" |
385
|
|
|
|
|
|
|
if ($message->parts != 2); |
386
|
2
|
50
|
|
|
|
23
|
die "Content-Type not pgp-signed" |
387
|
|
|
|
|
|
|
unless $message->parts(1)->effective_type =~ |
388
|
|
|
|
|
|
|
m!application/pgp-signature!; |
389
|
2
|
|
|
|
|
183
|
$ciphertext = $message->parts(0)->as_string; |
390
|
2
|
|
|
|
|
1481
|
$sigtext = $message->parts(1)->stringify_body; |
391
|
|
|
|
|
|
|
} |
392
|
|
|
|
|
|
|
elsif ( $message->bodyhandle and $message->bodyhandle->as_string |
393
|
|
|
|
|
|
|
=~ m!^-----BEGIN PGP SIGNED MESSAGE-----!m ) { |
394
|
|
|
|
|
|
|
# don't use not $message->body_as_string here, because |
395
|
|
|
|
|
|
|
# the body isn't decoded in this case!!! |
396
|
|
|
|
|
|
|
# (which is evil for quoted-printable transfer encoding) |
397
|
|
|
|
|
|
|
# also the headers and stuff are not needed here |
398
|
2
|
|
|
|
|
455
|
$ciphertext = undef; |
399
|
2
|
|
|
|
|
10
|
$sigtext = $message->bodyhandle->as_string; # well, actually both |
400
|
|
|
|
|
|
|
} |
401
|
|
|
|
|
|
|
else { |
402
|
0
|
|
|
|
|
0
|
die "Unknown Content-Type or no PGP message in body" |
403
|
|
|
|
|
|
|
} |
404
|
|
|
|
|
|
|
|
405
|
4
|
|
|
|
|
2391
|
my $gnupg = GnuPG::Interface->new(); |
406
|
4
|
|
|
|
|
11829
|
$self->_set_options($gnupg); |
407
|
|
|
|
|
|
|
# how we create some handles to interact with GnuPG |
408
|
4
|
|
|
|
|
98
|
my $input = IO::Handle->new(); |
409
|
4
|
|
|
|
|
88
|
my $error = IO::Handle->new(); |
410
|
4
|
|
|
|
|
47
|
my $status_fh = IO::Handle->new(); |
411
|
|
|
|
|
|
|
|
412
|
4
|
|
|
|
|
103
|
my $handles = GnuPG::Handles->new( stderr => $error, |
413
|
|
|
|
|
|
|
stdin => $input, |
414
|
|
|
|
|
|
|
status => $status_fh ); |
415
|
|
|
|
|
|
|
|
416
|
4
|
|
|
|
|
12072
|
my ($sigfh, $sigfile) |
417
|
|
|
|
|
|
|
= File::Temp::tempfile('mgsXXXXXXXX', |
418
|
|
|
|
|
|
|
DIR => File::Spec->tmpdir, |
419
|
|
|
|
|
|
|
UNLINK => 1, |
420
|
|
|
|
|
|
|
); |
421
|
4
|
|
|
|
|
3707
|
print $sigfh $sigtext; |
422
|
4
|
|
|
|
|
200
|
close($sigfh); |
423
|
|
|
|
|
|
|
|
424
|
4
|
|
|
|
|
67
|
my ($datafh, $datafile) = |
425
|
|
|
|
|
|
|
File::Temp::tempfile('mgdXXXXXX', |
426
|
|
|
|
|
|
|
DIR => File::Spec->tmpdir, |
427
|
|
|
|
|
|
|
UNLINK => 1, |
428
|
|
|
|
|
|
|
); |
429
|
|
|
|
|
|
|
|
430
|
|
|
|
|
|
|
# according to RFC3156 all line endings MUST be CR/LF |
431
|
4
|
100
|
|
|
|
247576
|
if ( defined $ciphertext ) { |
432
|
2
|
|
|
|
|
8842
|
$ciphertext =~ s/\x0A/\x0D\x0A/g; |
433
|
2
|
|
|
|
|
26140
|
$ciphertext =~ s/\x0D+/\x0D/g; |
434
|
|
|
|
|
|
|
} |
435
|
|
|
|
|
|
|
|
436
|
|
|
|
|
|
|
# Read the (unencoded) body data: |
437
|
|
|
|
|
|
|
# as_string includes the header portion |
438
|
4
|
100
|
|
|
|
838
|
print $datafh $ciphertext if $ciphertext; |
439
|
4
|
|
|
|
|
178
|
close($datafh); |
440
|
|
|
|
|
|
|
|
441
|
4
|
100
|
|
|
|
70
|
my $pid = $gnupg->verify( handles => $handles, |
442
|
|
|
|
|
|
|
command_args => ( $ciphertext ? |
443
|
|
|
|
|
|
|
["$sigfile", "$datafile"] : |
444
|
|
|
|
|
|
|
"$sigfile" ), |
445
|
|
|
|
|
|
|
); |
446
|
|
|
|
|
|
|
|
447
|
4
|
|
|
|
|
22820
|
my $read = _communicate([$error,$status_fh], [$input], {$input => ''}); |
448
|
|
|
|
|
|
|
|
449
|
4
|
|
|
|
|
76
|
my @result = split(/^/m, $read->{$error}); |
450
|
4
|
|
|
|
|
37
|
my @status_info = split(/^/m, $read->{$status_fh}); |
451
|
|
|
|
|
|
|
|
452
|
4
|
|
|
|
|
1046
|
unlink $sigfile, $datafile; |
453
|
|
|
|
|
|
|
|
454
|
4
|
|
|
|
|
91
|
waitpid $pid, 0; |
455
|
4
|
|
|
|
|
30
|
my $return = $?; |
456
|
4
|
50
|
|
|
|
38
|
$return = 0 if $return == -1; |
457
|
|
|
|
|
|
|
|
458
|
4
|
|
|
|
|
13
|
my $exit_value = $return >> 8; |
459
|
|
|
|
|
|
|
|
460
|
4
|
|
|
|
|
30
|
$self->{last_message} = [@result]; |
461
|
|
|
|
|
|
|
|
462
|
4
|
50
|
|
|
|
19
|
return $exit_value if $exit_value; # failure |
463
|
|
|
|
|
|
|
|
464
|
4
|
|
|
|
|
24
|
my $result = join "", @result; |
465
|
|
|
|
|
|
|
|
466
|
4
|
|
|
|
|
27
|
my ($keyid, $pemail) = key_and_uid_from_status(@status_info); |
467
|
|
|
|
|
|
|
|
468
|
4
|
|
|
|
|
379
|
return ($exit_value,$keyid,$pemail); |
469
|
|
|
|
|
|
|
|
470
|
|
|
|
|
|
|
} |
471
|
|
|
|
|
|
|
|
472
|
|
|
|
|
|
|
sub key_and_uid_from_status { |
473
|
|
|
|
|
|
|
|
474
|
6
|
|
|
6
|
0
|
35
|
my @status_info = @_; |
475
|
|
|
|
|
|
|
|
476
|
6
|
|
|
|
|
40
|
chomp(@status_info); |
477
|
|
|
|
|
|
|
|
478
|
6
|
|
|
|
|
19
|
my ($keyid) = grep { s/^\[GNUPG:\] VALIDSIG \S+(\S{8}) .*$/$1/; } @status_info; |
|
69
|
|
|
|
|
169
|
|
479
|
|
|
|
|
|
|
|
480
|
|
|
|
|
|
|
# FIXME: we should really distinguish between GOOD and the others |
481
|
|
|
|
|
|
|
# but this will change the existing behaviour |
482
|
|
|
|
|
|
|
|
483
|
6
|
|
|
|
|
13
|
my ($pemail) = grep { s/^\[GNUPG:\] (GOODSIG|EXPKEYSIG|REVKEYSIG) \S+ (.*)$/$2/; } @status_info; |
|
69
|
|
|
|
|
138
|
|
484
|
|
|
|
|
|
|
|
485
|
6
|
|
|
|
|
26
|
return ($keyid,$pemail); |
486
|
|
|
|
|
|
|
} |
487
|
|
|
|
|
|
|
|
488
|
|
|
|
|
|
|
# Should this go elsewhere? The Key handling stuff doesn't seem to |
489
|
|
|
|
|
|
|
# make sense in a Mail:: module. |
490
|
|
|
|
|
|
|
my %key_cache; |
491
|
|
|
|
|
|
|
my $key_cache_age = 0; |
492
|
|
|
|
|
|
|
my $key_cache_expire = 60*60*30; # 30 minutes |
493
|
|
|
|
|
|
|
|
494
|
|
|
|
|
|
|
sub _rebuild_key_cache { |
495
|
2
|
|
|
2
|
|
6
|
my $self = shift; |
496
|
2
|
|
|
|
|
4
|
local $_; |
497
|
2
|
|
|
|
|
6
|
%key_cache = (); |
498
|
2
|
|
|
|
|
40
|
my $gnupg = GnuPG::Interface->new(); |
499
|
2
|
|
|
|
|
3716
|
$self->_set_options($gnupg); |
500
|
2
|
|
|
|
|
31
|
my @keys = $gnupg->get_public_keys(); |
501
|
2
|
|
|
|
|
124255
|
foreach my $key (@keys) { |
502
|
2
|
|
|
|
|
18
|
foreach my $uid ($key->user_ids) { |
503
|
|
|
|
|
|
|
# M::A may not parse the gpg stuff properly. Cross fingers |
504
|
2
|
|
|
|
|
63
|
my ($a) = Mail::Address->parse($uid->as_string); # list context, please |
505
|
2
|
50
|
|
|
|
886
|
$key_cache{$a->address}=1 if ref $a; |
506
|
|
|
|
|
|
|
} |
507
|
|
|
|
|
|
|
} |
508
|
|
|
|
|
|
|
} |
509
|
|
|
|
|
|
|
|
510
|
|
|
|
|
|
|
=head2 has_public_key |
511
|
|
|
|
|
|
|
|
512
|
|
|
|
|
|
|
Does the keyring have a public key for the specified email address? |
513
|
|
|
|
|
|
|
|
514
|
|
|
|
|
|
|
FIXME: document better. talk about caching. maybe put a better |
515
|
|
|
|
|
|
|
interface in. |
516
|
|
|
|
|
|
|
|
517
|
|
|
|
|
|
|
=cut |
518
|
|
|
|
|
|
|
|
519
|
|
|
|
|
|
|
|
520
|
|
|
|
|
|
|
sub has_public_key { |
521
|
2
|
|
|
2
|
1
|
520
|
my ($self,$address) = @_; |
522
|
|
|
|
|
|
|
|
523
|
|
|
|
|
|
|
# cache aging is disabled until someone has enough time to test this |
524
|
2
|
|
|
|
|
3
|
if (0) { |
525
|
|
|
|
|
|
|
$self->_rebuild_key_cache() unless ($key_cache_age); |
526
|
|
|
|
|
|
|
|
527
|
|
|
|
|
|
|
if ( $key_cache_age && ( time() - $key_cache_expire > $key_cache_age )) { |
528
|
|
|
|
|
|
|
$self->_rebuild_key_cache(); |
529
|
|
|
|
|
|
|
} |
530
|
|
|
|
|
|
|
} |
531
|
|
|
|
|
|
|
|
532
|
2
|
|
|
|
|
9
|
$self->_rebuild_key_cache(); |
533
|
|
|
|
|
|
|
|
534
|
2
|
100
|
|
|
|
124
|
return 1 if exists $key_cache{$address}; |
535
|
1
|
|
|
|
|
16
|
return 0; |
536
|
|
|
|
|
|
|
|
537
|
|
|
|
|
|
|
} |
538
|
|
|
|
|
|
|
|
539
|
|
|
|
|
|
|
=head2 mime_sign |
540
|
|
|
|
|
|
|
|
541
|
|
|
|
|
|
|
sign an email message |
542
|
|
|
|
|
|
|
|
543
|
|
|
|
|
|
|
Input: |
544
|
|
|
|
|
|
|
MIME::Entity containing email message to sign |
545
|
|
|
|
|
|
|
|
546
|
|
|
|
|
|
|
Output: |
547
|
|
|
|
|
|
|
Exit code of gpg. (0 on success) |
548
|
|
|
|
|
|
|
|
549
|
|
|
|
|
|
|
$self->{last_message} => any errors from gpg |
550
|
|
|
|
|
|
|
|
551
|
|
|
|
|
|
|
The provided $entity will be signed. (i.e. it _will_ be modified.) |
552
|
|
|
|
|
|
|
|
553
|
|
|
|
|
|
|
=cut |
554
|
|
|
|
|
|
|
|
555
|
|
|
|
|
|
|
|
556
|
|
|
|
|
|
|
sub mime_sign { |
557
|
1
|
|
|
1
|
1
|
2741
|
my ($self,$entity) = @_; |
558
|
|
|
|
|
|
|
|
559
|
1
|
50
|
|
|
|
10
|
die "Not a mime entity" |
560
|
|
|
|
|
|
|
unless $entity->isa("MIME::Entity"); |
561
|
|
|
|
|
|
|
|
562
|
1
|
|
|
|
|
8
|
$entity->make_multipart; |
563
|
1
|
|
|
|
|
1020
|
my $workingentity = $entity; |
564
|
1
|
50
|
|
|
|
5
|
if ($entity->parts > 1) { |
565
|
0
|
|
|
|
|
0
|
$workingentity = MIME::Entity->build(Type => $entity->head->mime_attr("Content-Type")); |
566
|
0
|
|
|
|
|
0
|
$workingentity->add_part($_) for ($entity->parts); |
567
|
0
|
|
|
|
|
0
|
$entity->parts([]); |
568
|
0
|
|
|
|
|
0
|
$entity->add_part($workingentity); |
569
|
|
|
|
|
|
|
} |
570
|
|
|
|
|
|
|
|
571
|
1
|
|
|
|
|
25
|
my $gnupg = GnuPG::Interface->new(); |
572
|
1
|
|
|
|
|
3509
|
$self->_set_options( $gnupg ); |
573
|
1
|
|
|
|
|
22
|
my ( $input, $output, $error, $passphrase_fh, $status_fh ) |
574
|
|
|
|
|
|
|
= ( new IO::Handle, new IO::Handle,new IO::Handle, |
575
|
|
|
|
|
|
|
new IO::Handle,new IO::Handle,); |
576
|
|
|
|
|
|
|
my $handles = GnuPG::Handles->new( stdin => $input, |
577
|
|
|
|
|
|
|
stdout => $output, |
578
|
|
|
|
|
|
|
stderr => $error, |
579
|
1
|
50
|
|
|
|
65
|
$self->{use_agent} ? () : (passphrase => $passphrase_fh), |
580
|
|
|
|
|
|
|
status => $status_fh, |
581
|
|
|
|
|
|
|
); |
582
|
1
|
|
|
|
|
5538
|
my $pid = $gnupg->detach_sign( handles => $handles ); |
583
|
1
|
50
|
|
|
|
4394
|
die "NO PASSPHRASE" unless defined $passphrase_fh; |
584
|
|
|
|
|
|
|
|
585
|
|
|
|
|
|
|
# this passes in the plaintext |
586
|
1
|
|
|
|
|
6
|
my $plaintext; |
587
|
1
|
50
|
|
|
|
12
|
if ($workingentity eq $entity) { |
588
|
1
|
|
|
|
|
23
|
$plaintext = $entity->parts(0)->as_string; |
589
|
|
|
|
|
|
|
} else { |
590
|
0
|
|
|
|
|
0
|
$plaintext = $workingentity->as_string; |
591
|
|
|
|
|
|
|
} |
592
|
|
|
|
|
|
|
|
593
|
|
|
|
|
|
|
# according to RFC3156 all line endings MUST be CR/LF |
594
|
1
|
|
|
|
|
11380
|
$plaintext =~ s/\x0A/\x0D\x0A/g; |
595
|
1
|
|
|
|
|
24502
|
$plaintext =~ s/\x0D+/\x0D/g; |
596
|
|
|
|
|
|
|
|
597
|
|
|
|
|
|
|
# DEBUG: |
598
|
|
|
|
|
|
|
# print "SIGNING THIS STRING ----->\n"; |
599
|
|
|
|
|
|
|
# $plaintext =~ s/\n/-\n/gs; |
600
|
|
|
|
|
|
|
# warn("SIGNING:\n$plaintext<<<"); |
601
|
|
|
|
|
|
|
# warn($entity->as_string); |
602
|
|
|
|
|
|
|
# print STDERR $plaintext; |
603
|
|
|
|
|
|
|
# print "<----\n"; |
604
|
|
|
|
|
|
|
my $read = _communicate([$output, $error, $status_fh], |
605
|
|
|
|
|
|
|
[$input, $self->{use_agent} ? () : ($passphrase_fh)], |
606
|
|
|
|
|
|
|
{ $input => $plaintext, |
607
|
1
|
50
|
|
|
|
179
|
$self->{use_agent} ? () : ($passphrase_fh => $self->{passphrase})} |
|
|
50
|
|
|
|
|
|
608
|
|
|
|
|
|
|
); |
609
|
|
|
|
|
|
|
|
610
|
1
|
|
|
|
|
116
|
my @signature = split(/^/m, $read->{$output}); |
611
|
1
|
|
|
|
|
3
|
my @error_output = split(/^/m, $read->{$error}); |
612
|
1
|
|
|
|
|
9
|
my @status_info = split(/^/m, $read->{$status_fh}); |
613
|
|
|
|
|
|
|
|
614
|
1
|
|
|
|
|
23
|
waitpid $pid, 0; |
615
|
1
|
|
|
|
|
9
|
my $return = $?; |
616
|
1
|
50
|
|
|
|
4
|
$return = 0 if $return == -1; |
617
|
|
|
|
|
|
|
|
618
|
1
|
|
|
|
|
2
|
my $exit_value = $return >> 8; |
619
|
|
|
|
|
|
|
|
620
|
|
|
|
|
|
|
|
621
|
1
|
|
|
|
|
4
|
$self->{last_message} = \@error_output; |
622
|
|
|
|
|
|
|
|
623
|
1
|
|
|
|
|
17
|
$entity->attach( Type => "application/pgp-signature", |
624
|
|
|
|
|
|
|
Disposition => "inline", |
625
|
|
|
|
|
|
|
Data => [@signature], |
626
|
|
|
|
|
|
|
Encoding => "7bit"); |
627
|
|
|
|
|
|
|
|
628
|
1
|
|
|
|
|
1218
|
$entity->head->mime_attr("Content-Type","multipart/signed"); |
629
|
1
|
|
|
|
|
186
|
$entity->head->mime_attr("Content-Type.protocol","application/pgp-signature"); |
630
|
|
|
|
|
|
|
# $entity->head->mime_attr("Content-Type.micalg","pgp-md5"); |
631
|
|
|
|
|
|
|
# Richard Hirner notes that Thunderbird/Enigmail really wants a micalg |
632
|
|
|
|
|
|
|
# of pgp-sha1 (which will be GPG version dependent.. older versions |
633
|
|
|
|
|
|
|
# used md5. For now, until we can detect which type was used, the end |
634
|
|
|
|
|
|
|
# user should read the source code, notice this comment, and insert |
635
|
|
|
|
|
|
|
# the appropriate value themselves. |
636
|
|
|
|
|
|
|
|
637
|
1
|
|
|
|
|
456
|
return $exit_value; |
638
|
|
|
|
|
|
|
} |
639
|
|
|
|
|
|
|
|
640
|
|
|
|
|
|
|
=head2 clear_sign |
641
|
|
|
|
|
|
|
|
642
|
|
|
|
|
|
|
clearsign the body of an email message |
643
|
|
|
|
|
|
|
|
644
|
|
|
|
|
|
|
Input: |
645
|
|
|
|
|
|
|
MIME::Entity containing email message to sign. |
646
|
|
|
|
|
|
|
This entity MUST have a body. |
647
|
|
|
|
|
|
|
|
648
|
|
|
|
|
|
|
Output: |
649
|
|
|
|
|
|
|
Exit code of gpg. (0 on success) |
650
|
|
|
|
|
|
|
|
651
|
|
|
|
|
|
|
$self->{last_message} => any errors from gpg |
652
|
|
|
|
|
|
|
|
653
|
|
|
|
|
|
|
The provided $entity will be signed. (i.e. it _will_ be modified.) |
654
|
|
|
|
|
|
|
|
655
|
|
|
|
|
|
|
=cut |
656
|
|
|
|
|
|
|
|
657
|
|
|
|
|
|
|
sub clear_sign { |
658
|
1
|
|
|
1
|
1
|
695
|
my ($self, $entity) = @_; |
659
|
|
|
|
|
|
|
|
660
|
1
|
50
|
|
|
|
8
|
die "Not a mime entity" |
661
|
|
|
|
|
|
|
unless $entity->isa("MIME::Entity"); |
662
|
|
|
|
|
|
|
|
663
|
1
|
|
|
|
|
3
|
my $body = $entity->bodyhandle; |
664
|
|
|
|
|
|
|
|
665
|
1
|
50
|
|
|
|
6
|
die "Message has no body" |
666
|
|
|
|
|
|
|
unless defined $body; |
667
|
|
|
|
|
|
|
|
668
|
1
|
|
|
|
|
32
|
my $gnupg = GnuPG::Interface->new(); |
669
|
1
|
|
|
|
|
153
|
$self->_set_options( $gnupg ); |
670
|
1
|
|
|
|
|
32
|
$gnupg->passphrase ( $self->{passphrase} ); |
671
|
|
|
|
|
|
|
|
672
|
1
|
|
|
|
|
25
|
my ( $input, $output, $error ) |
673
|
|
|
|
|
|
|
= ( new IO::Handle, new IO::Handle, new IO::Handle); |
674
|
|
|
|
|
|
|
|
675
|
1
|
|
|
|
|
50
|
my $handles = GnuPG::Handles->new( |
676
|
|
|
|
|
|
|
stdin => $input, |
677
|
|
|
|
|
|
|
stdout => $output, |
678
|
|
|
|
|
|
|
stderr => $error, |
679
|
|
|
|
|
|
|
); |
680
|
|
|
|
|
|
|
|
681
|
1
|
|
|
|
|
346
|
my $pid = $gnupg->clearsign ( handles => $handles ); |
682
|
|
|
|
|
|
|
|
683
|
1
|
|
|
|
|
4795
|
my $plaintext = $body->as_string; |
684
|
|
|
|
|
|
|
|
685
|
1
|
|
|
|
|
8465
|
$plaintext =~ s/\x0A/\x0D\x0A/g; |
686
|
1
|
|
|
|
|
25877
|
$plaintext =~ s/\x0D+/\x0D/g; |
687
|
|
|
|
|
|
|
|
688
|
1
|
|
|
|
|
120
|
my $read = _communicate([$output, $error], [$input], { $input => $plaintext }); |
689
|
|
|
|
|
|
|
|
690
|
1
|
|
|
|
|
12666
|
my @ciphertext = split(/^/m, $read->{$output}); |
691
|
1
|
|
|
|
|
17
|
my @error_output = split(/^/m, $read->{$error}); |
692
|
|
|
|
|
|
|
|
693
|
1
|
|
|
|
|
67
|
waitpid $pid, 0; |
694
|
1
|
|
|
|
|
11
|
my $return = $?; |
695
|
1
|
50
|
|
|
|
12
|
$return = 0 if $return == -1; |
696
|
|
|
|
|
|
|
|
697
|
1
|
|
|
|
|
2
|
my $exit_value = $return >> 8; |
698
|
|
|
|
|
|
|
|
699
|
1
|
|
|
|
|
9
|
$self->{last_message} = [@error_output]; |
700
|
|
|
|
|
|
|
|
701
|
1
|
50
|
|
|
|
22
|
my $io = $body->open ("w") or die "can't open entity body"; |
702
|
1
|
|
|
|
|
3796
|
$io->print (join('',@ciphertext)); |
703
|
1
|
|
|
|
|
271
|
$io->close; |
704
|
|
|
|
|
|
|
|
705
|
1
|
|
|
|
|
4863
|
return $exit_value; |
706
|
|
|
|
|
|
|
} |
707
|
|
|
|
|
|
|
|
708
|
|
|
|
|
|
|
|
709
|
|
|
|
|
|
|
=head2 ascii_encrypt |
710
|
|
|
|
|
|
|
|
711
|
|
|
|
|
|
|
encrypt an email message body using ascii armor |
712
|
|
|
|
|
|
|
|
713
|
|
|
|
|
|
|
Input: |
714
|
|
|
|
|
|
|
MIME::Entity containing email message to encrypt. |
715
|
|
|
|
|
|
|
This entity MUST have a body. |
716
|
|
|
|
|
|
|
|
717
|
|
|
|
|
|
|
list of recipients |
718
|
|
|
|
|
|
|
|
719
|
|
|
|
|
|
|
Output: |
720
|
|
|
|
|
|
|
Exit code of gpg. (0 on success) |
721
|
|
|
|
|
|
|
|
722
|
|
|
|
|
|
|
$self->{last_message} => any errors from gpg |
723
|
|
|
|
|
|
|
|
724
|
|
|
|
|
|
|
The provided $entity will be encrypted. (i.e. it _will_ be modified.) |
725
|
|
|
|
|
|
|
|
726
|
|
|
|
|
|
|
=head2 ascii_signencrypt |
727
|
|
|
|
|
|
|
|
728
|
|
|
|
|
|
|
encrypt and sign an email message body using ascii armor |
729
|
|
|
|
|
|
|
|
730
|
|
|
|
|
|
|
Input: |
731
|
|
|
|
|
|
|
MIME::Entity containing email message to encrypt. |
732
|
|
|
|
|
|
|
This entity MUST have a body. |
733
|
|
|
|
|
|
|
|
734
|
|
|
|
|
|
|
list of recipients |
735
|
|
|
|
|
|
|
|
736
|
|
|
|
|
|
|
Output: |
737
|
|
|
|
|
|
|
Exit code of gpg. (0 on success) |
738
|
|
|
|
|
|
|
|
739
|
|
|
|
|
|
|
$self->{last_message} => any errors from gpg |
740
|
|
|
|
|
|
|
|
741
|
|
|
|
|
|
|
The provided $entity will be encrypted. (i.e. it _will_ be modified.) |
742
|
|
|
|
|
|
|
|
743
|
|
|
|
|
|
|
=cut |
744
|
|
|
|
|
|
|
|
745
|
|
|
|
|
|
|
sub ascii_encrypt { |
746
|
1
|
|
|
1
|
1
|
604
|
my ($self, $entity, @recipients) = @_; |
747
|
1
|
|
|
|
|
7
|
$self->_ascii_encrypt($entity, 0, @recipients); |
748
|
|
|
|
|
|
|
} |
749
|
|
|
|
|
|
|
|
750
|
|
|
|
|
|
|
sub ascii_signencrypt { |
751
|
0
|
|
|
0
|
1
|
0
|
my ($self, $entity, @recipients) = @_; |
752
|
0
|
|
|
|
|
0
|
$self->_ascii_encrypt($entity, 1, @recipients); |
753
|
|
|
|
|
|
|
} |
754
|
|
|
|
|
|
|
|
755
|
|
|
|
|
|
|
sub _ascii_encrypt { |
756
|
1
|
|
|
1
|
|
5
|
my ($self, $entity, $sign, @recipients) = @_; |
757
|
|
|
|
|
|
|
|
758
|
1
|
50
|
|
|
|
8
|
die "Not a mime entity" |
759
|
|
|
|
|
|
|
unless $entity->isa("MIME::Entity"); |
760
|
|
|
|
|
|
|
|
761
|
1
|
|
|
|
|
6
|
my $body = $entity->bodyhandle; |
762
|
|
|
|
|
|
|
|
763
|
1
|
50
|
|
|
|
9
|
die "Message has no body" |
764
|
|
|
|
|
|
|
unless defined $body; |
765
|
|
|
|
|
|
|
|
766
|
1
|
|
|
|
|
5
|
my $plaintext = $body->as_string; |
767
|
|
|
|
|
|
|
|
768
|
1
|
|
|
|
|
36
|
my $gnupg = GnuPG::Interface->new(); |
769
|
1
|
|
|
|
|
131
|
$self->_set_options( $gnupg ); |
770
|
1
|
|
|
|
|
33
|
$gnupg->passphrase ( $self->{passphrase} ); |
771
|
1
|
|
|
|
|
33
|
$gnupg->options->push_recipients( $_ ) for @recipients; |
772
|
|
|
|
|
|
|
|
773
|
1
|
|
|
|
|
958
|
my ( $input, $output, $error ) |
774
|
|
|
|
|
|
|
= ( new IO::Handle, new IO::Handle, new IO::Handle); |
775
|
|
|
|
|
|
|
|
776
|
1
|
|
|
|
|
57
|
my $handles = GnuPG::Handles->new( |
777
|
|
|
|
|
|
|
stdin => $input, |
778
|
|
|
|
|
|
|
stdout => $output, |
779
|
|
|
|
|
|
|
stderr => $error, |
780
|
|
|
|
|
|
|
); |
781
|
|
|
|
|
|
|
|
782
|
1
|
|
|
|
|
358
|
my $pid = do { |
783
|
1
|
50
|
|
|
|
3
|
if ( $sign ) { |
784
|
0
|
|
|
|
|
0
|
$gnupg->sign_and_encrypt ( handles => $handles ); |
785
|
|
|
|
|
|
|
} else { |
786
|
1
|
|
|
|
|
5
|
$gnupg->encrypt ( handles => $handles ); |
787
|
|
|
|
|
|
|
} |
788
|
|
|
|
|
|
|
}; |
789
|
|
|
|
|
|
|
|
790
|
1
|
|
|
|
|
3864
|
my $read = _communicate([$output, $error], [$input], { $input => $plaintext }); |
791
|
|
|
|
|
|
|
|
792
|
1
|
|
|
|
|
20
|
my @ciphertext = split(/^/m, $read->{$output}); |
793
|
1
|
|
|
|
|
4
|
my @error_output = split(/^/m, $read->{$error}); |
794
|
|
|
|
|
|
|
|
795
|
1
|
|
|
|
|
19
|
waitpid $pid, 0; |
796
|
1
|
|
|
|
|
8
|
my $return = $?; |
797
|
1
|
50
|
|
|
|
8
|
$return = 0 if $return == -1; |
798
|
|
|
|
|
|
|
|
799
|
1
|
|
|
|
|
4
|
my $exit_value = $return >> 8; |
800
|
|
|
|
|
|
|
|
801
|
|
|
|
|
|
|
|
802
|
1
|
|
|
|
|
6
|
$self->{last_message} = [@error_output]; |
803
|
|
|
|
|
|
|
|
804
|
1
|
50
|
|
|
|
19
|
my $io = $body->open ("w") or die "can't open entity body"; |
805
|
1
|
|
|
|
|
143
|
$io->print (join('',@ciphertext)); |
806
|
1
|
|
|
|
|
17
|
$io->close; |
807
|
|
|
|
|
|
|
|
808
|
1
|
|
|
|
|
67
|
return $exit_value; |
809
|
|
|
|
|
|
|
} |
810
|
|
|
|
|
|
|
|
811
|
|
|
|
|
|
|
=head2 mime_encrypt |
812
|
|
|
|
|
|
|
|
813
|
|
|
|
|
|
|
encrypt an email message |
814
|
|
|
|
|
|
|
|
815
|
|
|
|
|
|
|
Input: |
816
|
|
|
|
|
|
|
MIME::Entity containing email message to encrypt |
817
|
|
|
|
|
|
|
list of email addresses to sign to |
818
|
|
|
|
|
|
|
|
819
|
|
|
|
|
|
|
Output: |
820
|
|
|
|
|
|
|
Exit code of gpg. (0 on success) |
821
|
|
|
|
|
|
|
|
822
|
|
|
|
|
|
|
$self->{last_message} => any errors from gpg |
823
|
|
|
|
|
|
|
|
824
|
|
|
|
|
|
|
The provided $entity will be encrypted. (i.e. it _will_ be modified.) |
825
|
|
|
|
|
|
|
|
826
|
|
|
|
|
|
|
=head2 mime_signencrypt |
827
|
|
|
|
|
|
|
|
828
|
|
|
|
|
|
|
sign and encrypt an email message |
829
|
|
|
|
|
|
|
|
830
|
|
|
|
|
|
|
Input: |
831
|
|
|
|
|
|
|
MIME::Entity containing email message to sign encrypt |
832
|
|
|
|
|
|
|
list of email addresses to sign to |
833
|
|
|
|
|
|
|
|
834
|
|
|
|
|
|
|
Output: |
835
|
|
|
|
|
|
|
Exit code of gpg. (0 on success) |
836
|
|
|
|
|
|
|
|
837
|
|
|
|
|
|
|
$self->{last_message} => any errors from gpg |
838
|
|
|
|
|
|
|
|
839
|
|
|
|
|
|
|
The provided $entity will be encrypted. (i.e. it _will_ be modified.) |
840
|
|
|
|
|
|
|
|
841
|
|
|
|
|
|
|
=cut |
842
|
|
|
|
|
|
|
|
843
|
|
|
|
|
|
|
sub mime_encrypt { |
844
|
0
|
|
|
0
|
1
|
0
|
my $self = shift; |
845
|
0
|
|
|
|
|
0
|
$self->_mime_encrypt(0,@_); |
846
|
|
|
|
|
|
|
} |
847
|
|
|
|
|
|
|
|
848
|
|
|
|
|
|
|
sub mime_signencrypt { |
849
|
0
|
|
|
0
|
1
|
0
|
my $self = shift; |
850
|
0
|
|
|
|
|
0
|
$self->_mime_encrypt(1,@_); |
851
|
|
|
|
|
|
|
} |
852
|
|
|
|
|
|
|
|
853
|
|
|
|
|
|
|
sub _mime_encrypt { |
854
|
0
|
|
|
0
|
|
0
|
my ($self,$sign,$entity,@recipients) = @_; |
855
|
|
|
|
|
|
|
|
856
|
0
|
0
|
|
|
|
0
|
die "Not a mime entity" |
857
|
|
|
|
|
|
|
unless $entity->isa("MIME::Entity"); |
858
|
|
|
|
|
|
|
|
859
|
0
|
|
|
|
|
0
|
my $workingentity = $entity; |
860
|
0
|
|
|
|
|
0
|
$entity->make_multipart; |
861
|
0
|
0
|
|
|
|
0
|
if ($entity->parts > 1) { |
862
|
0
|
|
|
|
|
0
|
$workingentity = MIME::Entity->build(Type => $entity->head->mime_attr("Content-Type")); |
863
|
0
|
|
|
|
|
0
|
$workingentity->add_part($_) for ($entity->parts); |
864
|
0
|
|
|
|
|
0
|
$entity->parts([]); |
865
|
0
|
|
|
|
|
0
|
$entity->add_part($workingentity); |
866
|
|
|
|
|
|
|
} |
867
|
|
|
|
|
|
|
|
868
|
0
|
|
|
|
|
0
|
my $gnupg = GnuPG::Interface->new(); |
869
|
|
|
|
|
|
|
|
870
|
0
|
|
|
|
|
0
|
$gnupg->options->push_recipients( $_ ) for @recipients; |
871
|
0
|
|
|
|
|
0
|
$self->_set_options($gnupg); |
872
|
0
|
|
|
|
|
0
|
my ( $input, $output, $error, $passphrase_fh, $status_fh ) |
873
|
|
|
|
|
|
|
= ( new IO::Handle, new IO::Handle,new IO::Handle, |
874
|
|
|
|
|
|
|
new IO::Handle,new IO::Handle,); |
875
|
|
|
|
|
|
|
my $handles = GnuPG::Handles->new( stdin => $input, |
876
|
|
|
|
|
|
|
stdout => $output, |
877
|
|
|
|
|
|
|
stderr => $error, |
878
|
0
|
0
|
|
|
|
0
|
$self->{use_agent} ? () : (passphrase => $passphrase_fh), |
879
|
|
|
|
|
|
|
status => $status_fh, |
880
|
|
|
|
|
|
|
); |
881
|
|
|
|
|
|
|
|
882
|
0
|
|
|
|
|
0
|
my $pid = do { |
883
|
0
|
0
|
|
|
|
0
|
if ($sign) { |
884
|
0
|
|
|
|
|
0
|
$gnupg->sign_and_encrypt( handles => $handles ); |
885
|
|
|
|
|
|
|
} else { |
886
|
0
|
|
|
|
|
0
|
$gnupg->encrypt( handles => $handles ); |
887
|
|
|
|
|
|
|
} |
888
|
|
|
|
|
|
|
}; |
889
|
|
|
|
|
|
|
|
890
|
|
|
|
|
|
|
# this passes in the plaintext |
891
|
0
|
|
|
|
|
0
|
my $plaintext; |
892
|
0
|
0
|
|
|
|
0
|
if ($workingentity eq $entity) { |
893
|
0
|
|
|
|
|
0
|
$plaintext= $entity->parts(0)->as_string; |
894
|
|
|
|
|
|
|
} else { |
895
|
0
|
|
|
|
|
0
|
$plaintext=$workingentity->as_string; |
896
|
|
|
|
|
|
|
} |
897
|
|
|
|
|
|
|
|
898
|
|
|
|
|
|
|
# no need to mangle line endings for encryption (RFC3156) |
899
|
|
|
|
|
|
|
# $plaintext =~ s/\n/\x0D\x0A/sg; |
900
|
|
|
|
|
|
|
# should we store this back into the body? |
901
|
|
|
|
|
|
|
|
902
|
|
|
|
|
|
|
# DEBUG: |
903
|
|
|
|
|
|
|
#print "ENCRYPTING THIS STRING ----->\n"; |
904
|
|
|
|
|
|
|
# print $plaintext; |
905
|
|
|
|
|
|
|
# print "<----\n"; |
906
|
|
|
|
|
|
|
|
907
|
0
|
0
|
|
|
|
0
|
die "NO PASSPHRASE" unless defined $passphrase_fh; |
908
|
|
|
|
|
|
|
my $read = _communicate([$output, $error, $status_fh], |
909
|
|
|
|
|
|
|
[$input, $self->{use_agent} ? () : ($passphrase_fh)], |
910
|
|
|
|
|
|
|
{ $input => $plaintext, |
911
|
0
|
0
|
|
|
|
0
|
$self->{use_agent} ? () : ($passphrase_fh => $self->{passphrase})} |
|
|
0
|
|
|
|
|
|
912
|
|
|
|
|
|
|
); |
913
|
|
|
|
|
|
|
|
914
|
0
|
|
|
|
|
0
|
my @plaintext = split(/^/m, $read->{$output}); |
915
|
0
|
|
|
|
|
0
|
my @ciphertext = split(/^/m, $read->{$output}); |
916
|
0
|
|
|
|
|
0
|
my @error_output = split(/^/m, $read->{$error}); |
917
|
0
|
|
|
|
|
0
|
my @status_info = split(/^/m, $read->{$status_fh}); |
918
|
|
|
|
|
|
|
|
919
|
0
|
|
|
|
|
0
|
waitpid $pid, 0; |
920
|
0
|
|
|
|
|
0
|
my $return = $?; |
921
|
0
|
0
|
|
|
|
0
|
$return = 0 if $return == -1; |
922
|
|
|
|
|
|
|
|
923
|
0
|
|
|
|
|
0
|
my $exit_value = $return >> 8; |
924
|
|
|
|
|
|
|
|
925
|
|
|
|
|
|
|
|
926
|
|
|
|
|
|
|
|
927
|
|
|
|
|
|
|
|
928
|
0
|
|
|
|
|
0
|
$self->{last_message} = [@error_output]; |
929
|
|
|
|
|
|
|
|
930
|
|
|
|
|
|
|
|
931
|
0
|
|
|
|
|
0
|
$entity->parts([]); # eliminate all parts |
932
|
|
|
|
|
|
|
|
933
|
0
|
|
|
|
|
0
|
$entity->attach(Type => "application/pgp-encrypted", |
934
|
|
|
|
|
|
|
Disposition => "inline", |
935
|
|
|
|
|
|
|
Filename => "msg.asc", |
936
|
|
|
|
|
|
|
Data => ["Version: 1",""], |
937
|
|
|
|
|
|
|
Encoding => "7bit"); |
938
|
0
|
|
|
|
|
0
|
$entity->attach(Type => "application/octet-stream", |
939
|
|
|
|
|
|
|
Disposition => "inline", |
940
|
|
|
|
|
|
|
Data => [@ciphertext], |
941
|
|
|
|
|
|
|
Encoding => "7bit"); |
942
|
|
|
|
|
|
|
|
943
|
0
|
|
|
|
|
0
|
$entity->head->mime_attr("Content-Type","multipart/encrypted"); |
944
|
0
|
|
|
|
|
0
|
$entity->head->mime_attr("Content-Type.protocol","application/pgp-encrypted"); |
945
|
|
|
|
|
|
|
|
946
|
0
|
|
|
|
|
0
|
$exit_value; |
947
|
|
|
|
|
|
|
} |
948
|
|
|
|
|
|
|
|
949
|
|
|
|
|
|
|
=head2 is_signed |
950
|
|
|
|
|
|
|
|
951
|
|
|
|
|
|
|
best guess as to whether a message is signed or not (by looking at |
952
|
|
|
|
|
|
|
the mime type and message content) |
953
|
|
|
|
|
|
|
|
954
|
|
|
|
|
|
|
Input: |
955
|
|
|
|
|
|
|
MIME::Entity containing email message to test |
956
|
|
|
|
|
|
|
|
957
|
|
|
|
|
|
|
Output: |
958
|
|
|
|
|
|
|
True or False value |
959
|
|
|
|
|
|
|
|
960
|
|
|
|
|
|
|
=head2 is_encrypted |
961
|
|
|
|
|
|
|
|
962
|
|
|
|
|
|
|
best guess as to whether a message is signed or not (by looking at |
963
|
|
|
|
|
|
|
the mime type and message content) |
964
|
|
|
|
|
|
|
|
965
|
|
|
|
|
|
|
Input: |
966
|
|
|
|
|
|
|
MIME::Entity containing email message to test |
967
|
|
|
|
|
|
|
|
968
|
|
|
|
|
|
|
Output: |
969
|
|
|
|
|
|
|
True or False value |
970
|
|
|
|
|
|
|
|
971
|
|
|
|
|
|
|
=cut |
972
|
|
|
|
|
|
|
|
973
|
|
|
|
|
|
|
sub is_signed { |
974
|
3
|
|
|
3
|
1
|
2134
|
my ($self,$entity) = @_; |
975
|
3
|
100
|
100
|
|
|
31
|
return 1 |
976
|
|
|
|
|
|
|
if (($entity->effective_type =~ m!multipart/signed!) |
977
|
|
|
|
|
|
|
|| |
978
|
|
|
|
|
|
|
($entity->as_string =~ m!^-----BEGIN PGP SIGNED MESSAGE-----!m)); |
979
|
1
|
|
|
|
|
970
|
return 0; |
980
|
|
|
|
|
|
|
} |
981
|
|
|
|
|
|
|
|
982
|
|
|
|
|
|
|
sub is_encrypted { |
983
|
3
|
|
|
3
|
1
|
8
|
my ($self,$entity) = @_; |
984
|
3
|
100
|
66
|
|
|
10
|
return 1 |
985
|
|
|
|
|
|
|
if (($entity->effective_type =~ m!multipart/encrypted!) |
986
|
|
|
|
|
|
|
|| |
987
|
|
|
|
|
|
|
($entity->as_string =~ m!^-----BEGIN PGP MESSAGE-----!m)); |
988
|
2
|
|
|
|
|
3563
|
return 0; |
989
|
|
|
|
|
|
|
} |
990
|
|
|
|
|
|
|
|
991
|
|
|
|
|
|
|
# interleave reads and writes |
992
|
|
|
|
|
|
|
# input parameters: |
993
|
|
|
|
|
|
|
# $rhandles - array ref with a list of file handles for reading |
994
|
|
|
|
|
|
|
# $whandles - array ref with a list of file handles for writing |
995
|
|
|
|
|
|
|
# $wbuf_of - hash ref indexed by the stringified handles |
996
|
|
|
|
|
|
|
# containing the data to write |
997
|
|
|
|
|
|
|
# return value: |
998
|
|
|
|
|
|
|
# $rbuf_of - hash ref indexed by the stringified handles |
999
|
|
|
|
|
|
|
# containing the data that has been read |
1000
|
|
|
|
|
|
|
# |
1001
|
|
|
|
|
|
|
# read and write errors due to EPIPE (gpg exit) are skipped silently on the |
1002
|
|
|
|
|
|
|
# assumption that gpg will explain the problem on the error handle |
1003
|
|
|
|
|
|
|
# |
1004
|
|
|
|
|
|
|
# other errors cause a non-fatal warning, processing continues on the rest |
1005
|
|
|
|
|
|
|
# of the file handles |
1006
|
|
|
|
|
|
|
# |
1007
|
|
|
|
|
|
|
# NOTE: all the handles get closed inside this function |
1008
|
|
|
|
|
|
|
|
1009
|
|
|
|
|
|
|
sub _communicate { |
1010
|
9
|
|
|
9
|
|
38
|
my $blocksize = 2048; |
1011
|
9
|
|
|
|
|
38
|
my ($rhandles, $whandles, $wbuf_of) = @_; |
1012
|
9
|
|
|
|
|
30
|
my $rbuf_of = {}; |
1013
|
|
|
|
|
|
|
|
1014
|
|
|
|
|
|
|
# the current write offsets, again indexed by the stringified handle |
1015
|
9
|
|
|
|
|
35
|
my $woffset_of; |
1016
|
|
|
|
|
|
|
|
1017
|
9
|
|
|
|
|
306
|
my $reader = IO::Select->new; |
1018
|
9
|
|
|
|
|
197
|
for (@$rhandles) { |
1019
|
21
|
|
|
|
|
112
|
$reader->add($_); |
1020
|
21
|
|
|
|
|
957
|
$rbuf_of->{$_} = ''; |
1021
|
|
|
|
|
|
|
} |
1022
|
|
|
|
|
|
|
|
1023
|
9
|
|
|
|
|
52
|
my $writer = IO::Select->new; |
1024
|
9
|
|
|
|
|
86
|
for (@$whandles) { |
1025
|
12
|
50
|
|
|
|
135
|
die("no data supplied for handle " . fileno($_)) if !exists $wbuf_of->{$_}; |
1026
|
12
|
100
|
|
|
|
47
|
if ($wbuf_of->{$_}) { |
1027
|
8
|
|
|
|
|
24
|
$writer->add($_); |
1028
|
|
|
|
|
|
|
} else { # nothing to write |
1029
|
4
|
|
|
|
|
22
|
close $_; |
1030
|
|
|
|
|
|
|
} |
1031
|
|
|
|
|
|
|
} |
1032
|
|
|
|
|
|
|
|
1033
|
|
|
|
|
|
|
# we'll handle EPIPE explicitly below |
1034
|
9
|
|
|
|
|
232
|
local $SIG{PIPE} = 'IGNORE'; |
1035
|
|
|
|
|
|
|
|
1036
|
9
|
|
66
|
|
|
138
|
while ($reader->handles || $writer->handles) { |
1037
|
575
|
|
|
|
|
10416
|
my @ready = IO::Select->select($reader, $writer, undef, undef); |
1038
|
575
|
50
|
|
|
|
272933
|
if (!@ready) { |
1039
|
0
|
|
|
|
|
0
|
die("error doing select: $!"); |
1040
|
|
|
|
|
|
|
} |
1041
|
575
|
|
|
|
|
514
|
my ($rready, $wready, $eready) = @ready; |
1042
|
575
|
50
|
|
|
|
701
|
if (@$eready) { |
1043
|
0
|
|
|
|
|
0
|
die("select returned an unexpected exception handle, this shouldn't happen"); |
1044
|
|
|
|
|
|
|
} |
1045
|
575
|
|
|
|
|
604
|
for my $rhandle (@$rready) { |
1046
|
318
|
|
|
|
|
588
|
my $n = fileno($rhandle); |
1047
|
|
|
|
|
|
|
my $count = sysread($rhandle, $rbuf_of->{$rhandle}, |
1048
|
318
|
|
|
|
|
5821
|
$blocksize, length($rbuf_of->{$rhandle})); |
1049
|
318
|
50
|
|
|
|
451
|
warn("read $count bytes from handle $n") if $DEBUG; |
1050
|
318
|
50
|
|
|
|
440
|
if (!defined $count) { # read error |
1051
|
0
|
0
|
|
|
|
0
|
if ($!{EPIPE}) { |
1052
|
0
|
0
|
|
|
|
0
|
warn("read failure (gpg exited?) from handle $n: $!") |
1053
|
|
|
|
|
|
|
if $DEBUG; |
1054
|
|
|
|
|
|
|
} else { |
1055
|
0
|
|
|
|
|
0
|
warn("read failure from handle $n: $!"); |
1056
|
|
|
|
|
|
|
} |
1057
|
0
|
|
|
|
|
0
|
$reader->remove($rhandle); |
1058
|
0
|
|
|
|
|
0
|
close $rhandle; |
1059
|
0
|
|
|
|
|
0
|
next; |
1060
|
|
|
|
|
|
|
} |
1061
|
318
|
100
|
|
|
|
611
|
if ($count == 0) { # EOF |
1062
|
21
|
50
|
|
|
|
73
|
warn("read done from handle $n") if $DEBUG; |
1063
|
21
|
|
|
|
|
79
|
$reader->remove($rhandle); |
1064
|
21
|
|
|
|
|
1053
|
close $rhandle; |
1065
|
21
|
|
|
|
|
53
|
next; |
1066
|
|
|
|
|
|
|
} |
1067
|
|
|
|
|
|
|
} |
1068
|
575
|
|
|
|
|
930
|
for my $whandle (@$wready) { |
1069
|
397
|
|
|
|
|
305
|
my $n = fileno($whandle); |
1070
|
397
|
100
|
|
|
|
613
|
$woffset_of->{$whandle} = 0 if !exists $woffset_of->{$whandle}; |
1071
|
|
|
|
|
|
|
my $count = syswrite($whandle, $wbuf_of->{$whandle}, |
1072
|
397
|
|
|
|
|
5356
|
$blocksize, $woffset_of->{$whandle}); |
1073
|
397
|
50
|
|
|
|
511
|
if (!defined $count) { |
1074
|
0
|
0
|
|
|
|
0
|
if ($!{EPIPE}) { # write error |
1075
|
0
|
0
|
|
|
|
0
|
warn("write failure (gpg exited?) from handle $n: $!") |
1076
|
|
|
|
|
|
|
if $DEBUG; |
1077
|
|
|
|
|
|
|
} else { |
1078
|
0
|
|
|
|
|
0
|
warn("write failure from handle $n: $!"); |
1079
|
|
|
|
|
|
|
} |
1080
|
0
|
|
|
|
|
0
|
$writer->remove($whandle); |
1081
|
0
|
|
|
|
|
0
|
close $whandle; |
1082
|
0
|
|
|
|
|
0
|
next; |
1083
|
|
|
|
|
|
|
} |
1084
|
397
|
50
|
|
|
|
442
|
warn("wrote $count bytes to handle $n") if $DEBUG; |
1085
|
397
|
|
|
|
|
478
|
$woffset_of->{$whandle} += $count; |
1086
|
397
|
100
|
|
|
|
1480
|
if ($woffset_of->{$whandle} >= length($wbuf_of->{$whandle})) { |
1087
|
8
|
50
|
|
|
|
16
|
warn("write done to handle $n") if $DEBUG; |
1088
|
8
|
|
|
|
|
27
|
$writer->remove($whandle); |
1089
|
8
|
|
|
|
|
3664
|
close $whandle; |
1090
|
8
|
|
|
|
|
48
|
next; |
1091
|
|
|
|
|
|
|
} |
1092
|
|
|
|
|
|
|
} |
1093
|
|
|
|
|
|
|
} |
1094
|
9
|
|
|
|
|
545
|
return $rbuf_of; |
1095
|
|
|
|
|
|
|
} |
1096
|
|
|
|
|
|
|
|
1097
|
|
|
|
|
|
|
# FIXME: there's no reason why is_signed and is_encrypted couldn't be |
1098
|
|
|
|
|
|
|
# static (class) methods, so maybe we should support that. |
1099
|
|
|
|
|
|
|
|
1100
|
|
|
|
|
|
|
# FIXME: will we properly deal with signed+encrypted stuff? probably not. |
1101
|
|
|
|
|
|
|
|
1102
|
|
|
|
|
|
|
# Autoload methods go after =cut, and are processed by the autosplit program. |
1103
|
|
|
|
|
|
|
|
1104
|
|
|
|
|
|
|
1; |
1105
|
|
|
|
|
|
|
__END__ |