2009-09-14 19:44:39 +02:00
|
|
|
/* UIxMailPartSignedViewer.m - this file is part of SOGo
|
|
|
|
*
|
2018-01-09 21:22:04 +01:00
|
|
|
* Copyright (C) 2009-2018 Inverse inc.
|
2009-09-14 19:44:39 +02:00
|
|
|
*
|
|
|
|
* This file is free software; you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
* the Free Software Foundation; either version 2, or (at your option)
|
|
|
|
* any later version.
|
|
|
|
*
|
|
|
|
* This file is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; see the file COPYING. If not, write to
|
|
|
|
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
|
|
|
|
* Boston, MA 02111-1307, USA.
|
|
|
|
*/
|
|
|
|
|
2017-07-04 17:00:06 +02:00
|
|
|
#if defined(HAVE_OPENSSL) || defined(HAVE_GNUTLS)
|
2016-02-15 17:14:06 +01:00
|
|
|
#include <openssl/bio.h>
|
|
|
|
#include <openssl/err.h>
|
|
|
|
#include <openssl/pkcs7.h>
|
|
|
|
#include <openssl/x509.h>
|
2012-10-19 17:33:48 +02:00
|
|
|
#endif
|
2009-09-14 19:44:39 +02:00
|
|
|
|
2016-02-15 17:14:06 +01:00
|
|
|
#import <Foundation/NSData.h>
|
2015-05-13 04:37:58 +02:00
|
|
|
#import <Foundation/NSDictionary.h>
|
|
|
|
#import <Foundation/NSValue.h>
|
2017-12-23 15:05:59 +01:00
|
|
|
|
|
|
|
#import <NGMime/NGMimeMultipartBody.h>
|
|
|
|
|
2018-01-12 20:47:31 +01:00
|
|
|
#import <SOGo/NSString+Utilities.h>
|
|
|
|
|
2016-02-15 17:14:06 +01:00
|
|
|
#import <Mailer/SOGoMailObject.h>
|
2009-09-14 19:44:39 +02:00
|
|
|
|
2015-05-13 04:37:58 +02:00
|
|
|
#import "UIxMailRenderingContext.h"
|
2009-09-14 19:44:39 +02:00
|
|
|
#import "UIxMailPartSignedViewer.h"
|
|
|
|
|
2009-09-27 19:24:20 +02:00
|
|
|
@implementation UIxMailPartSignedViewer : UIxMailPartMixedViewer
|
2009-09-14 19:44:39 +02:00
|
|
|
|
2017-07-04 17:00:06 +02:00
|
|
|
|
|
|
|
#if defined(HAVE_OPENSSL) || defined(HAVE_GNUTLS)
|
2012-10-23 16:52:58 +02:00
|
|
|
- (BOOL) supportsSMIME
|
|
|
|
{
|
|
|
|
return YES;
|
|
|
|
}
|
|
|
|
|
2009-09-14 19:44:39 +02:00
|
|
|
- (X509_STORE *) _setupVerify
|
|
|
|
{
|
|
|
|
X509_STORE *store;
|
|
|
|
X509_LOOKUP *lookup;
|
|
|
|
BOOL success;
|
|
|
|
|
|
|
|
success = NO;
|
|
|
|
|
2018-01-09 21:22:04 +01:00
|
|
|
store = X509_STORE_new();
|
|
|
|
OpenSSL_add_all_algorithms();
|
2013-09-16 16:59:45 +02:00
|
|
|
|
2009-09-14 19:44:39 +02:00
|
|
|
if (store)
|
|
|
|
{
|
2018-01-09 21:22:04 +01:00
|
|
|
lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
|
2009-09-14 19:44:39 +02:00
|
|
|
if (lookup)
|
|
|
|
{
|
2018-01-09 21:22:04 +01:00
|
|
|
X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
|
|
|
|
lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir());
|
2009-09-14 19:44:39 +02:00
|
|
|
if (lookup)
|
|
|
|
{
|
2018-01-09 21:22:04 +01:00
|
|
|
X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
|
2009-09-14 19:44:39 +02:00
|
|
|
ERR_clear_error();
|
|
|
|
success = YES;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!success)
|
|
|
|
{
|
|
|
|
if (store)
|
|
|
|
{
|
|
|
|
X509_STORE_free(store);
|
|
|
|
store = NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return store;
|
|
|
|
}
|
|
|
|
|
|
|
|
- (void) _processMessage
|
|
|
|
{
|
|
|
|
NSData *signedData;
|
2009-09-25 23:01:05 +02:00
|
|
|
|
|
|
|
STACK_OF(X509) *certs;
|
|
|
|
X509_STORE *x509Store;
|
|
|
|
BIO *msgBio, *inData;
|
|
|
|
PKCS7 *p7;
|
|
|
|
int err, i;
|
|
|
|
|
2009-09-14 19:44:39 +02:00
|
|
|
ERR_clear_error();
|
|
|
|
|
2017-12-23 15:05:59 +01:00
|
|
|
if ([[self decodedFlatContent] isKindOfClass: [NGMimeMultipartBody class]])
|
|
|
|
signedData = [self flatContent];
|
|
|
|
else
|
|
|
|
signedData = [[self clientObject] content];
|
|
|
|
|
2009-09-14 19:44:39 +02:00
|
|
|
msgBio = BIO_new_mem_buf ((void *) [signedData bytes], [signedData length]);
|
|
|
|
|
|
|
|
inData = NULL;
|
2009-09-25 23:01:05 +02:00
|
|
|
p7 = SMIME_read_PKCS7(msgBio, &inData);
|
|
|
|
|
|
|
|
certs = NULL;
|
2018-01-09 21:22:04 +01:00
|
|
|
certificates = [NSMutableArray array];
|
|
|
|
validationMessage = nil;
|
2009-09-25 23:01:05 +02:00
|
|
|
|
2009-09-30 03:04:04 +02:00
|
|
|
if (p7)
|
|
|
|
{
|
2018-01-09 21:22:04 +01:00
|
|
|
if (OBJ_obj2nid(p7->type) == NID_pkcs7_signed)
|
2009-09-25 23:01:05 +02:00
|
|
|
{
|
2018-01-09 21:22:04 +01:00
|
|
|
NSString *subject, *issuer;
|
2009-09-30 03:04:04 +02:00
|
|
|
X509 *x;
|
|
|
|
|
2019-05-08 14:09:14 +02:00
|
|
|
certs = PKCS7_get0_signers(p7, NULL, 0);
|
2018-01-09 21:22:04 +01:00
|
|
|
|
|
|
|
for (i = 0; i < sk_X509_num(certs); i++)
|
|
|
|
{
|
2009-09-30 03:04:04 +02:00
|
|
|
BIO *buf;
|
2018-01-09 21:22:04 +01:00
|
|
|
char p[1024];
|
|
|
|
|
|
|
|
x = sk_X509_value(certs, i);
|
|
|
|
|
|
|
|
memset(p, 0, 1024);
|
2009-09-30 03:04:04 +02:00
|
|
|
buf = BIO_new(BIO_s_mem());
|
2018-01-09 21:22:04 +01:00
|
|
|
X509_NAME_print_ex(buf, X509_get_subject_name(x), 0,
|
|
|
|
ASN1_STRFLGS_ESC_CTRL | XN_FLAG_SEP_MULTILINE | XN_FLAG_FN_LN);
|
|
|
|
BIO_read(buf, p, 1024);
|
2009-09-30 03:04:04 +02:00
|
|
|
subject = [NSString stringWithUTF8String: p];
|
2018-01-09 21:22:04 +01:00
|
|
|
BIO_free(buf);
|
|
|
|
|
|
|
|
memset(p, 0, 1024);
|
|
|
|
buf = BIO_new(BIO_s_mem());
|
|
|
|
X509_NAME_print_ex(buf, X509_get_issuer_name(x), 0,
|
|
|
|
ASN1_STRFLGS_ESC_CTRL | XN_FLAG_SEP_MULTILINE | XN_FLAG_FN_LN);
|
|
|
|
BIO_read(buf, p, 1024);
|
2009-09-30 03:04:04 +02:00
|
|
|
issuer = [NSString stringWithUTF8String: p];
|
|
|
|
BIO_free(buf);
|
2018-01-09 21:22:04 +01:00
|
|
|
|
|
|
|
[certificates addObject: [self certificateForSubject: subject
|
|
|
|
andIssuer: issuer]];
|
2009-09-30 03:04:04 +02:00
|
|
|
}
|
2009-09-25 23:01:05 +02:00
|
|
|
}
|
2009-09-30 03:04:04 +02:00
|
|
|
|
2009-09-14 19:44:39 +02:00
|
|
|
err = ERR_get_error();
|
|
|
|
if (err)
|
2009-09-30 03:04:04 +02:00
|
|
|
{
|
|
|
|
validSignature = NO;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
x509Store = [self _setupVerify];
|
|
|
|
validSignature = (PKCS7_verify(p7, NULL, x509Store, inData,
|
|
|
|
NULL, PKCS7_DETACHED) == 1);
|
|
|
|
|
|
|
|
err = ERR_get_error();
|
|
|
|
|
|
|
|
if (x509Store)
|
|
|
|
X509_STORE_free (x509Store);
|
|
|
|
}
|
2018-01-09 21:22:04 +01:00
|
|
|
|
|
|
|
if (err)
|
|
|
|
{
|
2018-10-14 06:55:34 +02:00
|
|
|
#ifdef HAVE_GNUTLS
|
2018-10-17 16:19:52 +02:00
|
|
|
const char* sslError;
|
2018-10-14 06:55:34 +02:00
|
|
|
ERR_load_crypto_strings();
|
2018-08-01 16:47:43 +02:00
|
|
|
SSL_load_error_strings();
|
2018-01-09 21:22:04 +01:00
|
|
|
sslError = ERR_reason_error_string(err);
|
2018-10-17 16:19:52 +02:00
|
|
|
validationMessage = [[self labelForKey: [NSString stringWithUTF8String: sslError ? sslError : @"No error information available"]] retain];
|
2018-10-18 02:23:53 +02:00
|
|
|
#elif OPENSSL_VERSION_NUMBER < 0x10100000L
|
2018-10-17 16:19:52 +02:00
|
|
|
const char* sslError;
|
2018-10-14 06:55:34 +02:00
|
|
|
ERR_load_crypto_strings();
|
|
|
|
SSL_load_error_strings();
|
|
|
|
sslError = ERR_reason_error_string(err);
|
2018-10-17 16:19:52 +02:00
|
|
|
validationMessage = [[self labelForKey: [NSString stringWithUTF8String: sslError ? sslError : @"No error information available"]] retain];
|
2018-10-14 06:55:34 +02:00
|
|
|
#else
|
2018-10-17 16:19:52 +02:00
|
|
|
validationMessage = [[self labelForKey: @"No error information available"] retain];
|
2018-10-14 06:55:34 +02:00
|
|
|
#endif /* HAVE_GNUTLS */
|
|
|
|
}
|
2009-09-14 19:44:39 +02:00
|
|
|
}
|
2018-01-09 21:22:04 +01:00
|
|
|
|
2009-09-30 03:04:04 +02:00
|
|
|
|
2009-09-30 03:15:21 +02:00
|
|
|
BIO_free (msgBio);
|
|
|
|
if (inData)
|
|
|
|
BIO_free (inData);
|
|
|
|
|
2018-01-09 21:22:04 +01:00
|
|
|
if (validSignature)
|
|
|
|
validationMessage = [NSString stringWithString: [self labelForKey: @"Message is signed"]];
|
|
|
|
else if (!validationMessage)
|
|
|
|
validationMessage = [NSString stringWithString: [self labelForKey: @"Digital signature is not valid"]];
|
2009-09-14 19:44:39 +02:00
|
|
|
|
|
|
|
processed = YES;
|
|
|
|
}
|
|
|
|
|
|
|
|
- (BOOL) validSignature
|
|
|
|
{
|
|
|
|
if (!processed)
|
|
|
|
[self _processMessage];
|
|
|
|
|
|
|
|
return validSignature;
|
|
|
|
}
|
|
|
|
|
2018-01-09 21:22:04 +01:00
|
|
|
- (NSDictionary *) certificateForSubject: (NSString *) subject
|
|
|
|
andIssuer: (NSString *) issuer
|
|
|
|
{
|
|
|
|
return [NSDictionary dictionaryWithObjectsAndKeys:
|
2018-01-12 20:47:31 +01:00
|
|
|
[subject componentsFromMultilineDN], @"subject",
|
|
|
|
[issuer componentsFromMultilineDN], @"issuer",
|
2018-01-09 21:22:04 +01:00
|
|
|
nil];
|
|
|
|
}
|
|
|
|
|
|
|
|
- (NSArray *) smimeCertificates
|
|
|
|
{
|
|
|
|
return certificates;
|
|
|
|
}
|
|
|
|
|
2009-09-25 23:01:05 +02:00
|
|
|
- (NSString *) validationMessage
|
2009-09-14 19:44:39 +02:00
|
|
|
{
|
|
|
|
if (!processed)
|
|
|
|
[self _processMessage];
|
|
|
|
|
2009-09-25 23:01:05 +02:00
|
|
|
return validationMessage;
|
2009-09-14 19:44:39 +02:00
|
|
|
}
|
2012-10-19 17:33:48 +02:00
|
|
|
#else
|
2012-10-23 16:52:58 +02:00
|
|
|
- (BOOL) supportsSMIME
|
|
|
|
{
|
|
|
|
return NO;
|
|
|
|
}
|
|
|
|
|
2018-01-09 21:22:04 +01:00
|
|
|
- (NSArray *) smimeCertificates
|
|
|
|
{
|
|
|
|
return nil;
|
|
|
|
}
|
|
|
|
|
2012-10-19 17:33:48 +02:00
|
|
|
- (BOOL) validSignature
|
|
|
|
{
|
|
|
|
return NO;
|
|
|
|
}
|
|
|
|
|
|
|
|
- (NSString *) validationMessage
|
|
|
|
{
|
2012-10-23 16:52:58 +02:00
|
|
|
return nil;
|
2012-10-19 17:33:48 +02:00
|
|
|
}
|
|
|
|
#endif
|
2009-09-14 19:44:39 +02:00
|
|
|
|
2017-12-23 15:05:59 +01:00
|
|
|
- (id) renderedPart
|
|
|
|
{
|
|
|
|
NSMutableArray *renderedParts;
|
2015-05-13 04:37:58 +02:00
|
|
|
id info, viewer;
|
|
|
|
NSArray *parts;
|
2017-12-23 15:05:59 +01:00
|
|
|
|
2015-05-13 04:37:58 +02:00
|
|
|
NSUInteger i, max;
|
|
|
|
|
2018-01-23 16:35:46 +01:00
|
|
|
if ([self decodedFlatContent])
|
2017-12-23 15:05:59 +01:00
|
|
|
parts = [[self decodedFlatContent] parts];
|
|
|
|
else
|
|
|
|
parts = [[self bodyInfo] objectForKey: @"parts"];
|
|
|
|
|
2015-05-13 04:37:58 +02:00
|
|
|
max = [parts count];
|
|
|
|
renderedParts = [NSMutableArray arrayWithCapacity: max];
|
2017-12-23 15:05:59 +01:00
|
|
|
|
2015-05-13 04:37:58 +02:00
|
|
|
for (i = 0; i < max; i++)
|
|
|
|
{
|
|
|
|
[self setChildIndex: i];
|
2017-12-23 15:05:59 +01:00
|
|
|
|
2018-01-23 16:35:46 +01:00
|
|
|
if ([self decodedFlatContent])
|
2017-12-23 15:05:59 +01:00
|
|
|
[self setChildInfo: [[parts objectAtIndex: i] bodyInfo]];
|
|
|
|
else
|
|
|
|
[self setChildInfo: [parts objectAtIndex: i]];
|
|
|
|
|
2015-05-13 04:37:58 +02:00
|
|
|
info = [self childInfo];
|
2017-12-23 15:05:59 +01:00
|
|
|
viewer = [[[self context] mailRenderingContext] viewerForBodyInfo: info];
|
2015-05-13 04:37:58 +02:00
|
|
|
[viewer setBodyInfo: info];
|
|
|
|
[viewer setPartPath: [self childPartPath]];
|
2018-01-13 17:45:12 +01:00
|
|
|
|
2018-01-23 16:35:46 +01:00
|
|
|
if ([self decodedFlatContent])
|
2017-12-23 15:05:59 +01:00
|
|
|
[viewer setDecodedContent: [[parts objectAtIndex: i] body]];
|
2018-01-23 16:35:46 +01:00
|
|
|
|
|
|
|
[viewer setAttachmentIds: attachmentIds];
|
2015-05-13 04:37:58 +02:00
|
|
|
[renderedParts addObject: [viewer renderedPart]];
|
|
|
|
}
|
|
|
|
|
2018-01-09 21:22:04 +01:00
|
|
|
if (!processed)
|
|
|
|
[self _processMessage];
|
|
|
|
|
2015-05-13 04:37:58 +02:00
|
|
|
return [NSDictionary dictionaryWithObjectsAndKeys:
|
|
|
|
[self className], @"type",
|
2015-12-08 17:56:01 +01:00
|
|
|
[NSNumber numberWithBool: [self supportsSMIME]], @"supports-smime",
|
|
|
|
[NSNumber numberWithBool: [self validSignature]], @"valid",
|
2015-05-13 04:37:58 +02:00
|
|
|
renderedParts, @"content",
|
2018-01-09 21:22:04 +01:00
|
|
|
[self smimeCertificates], @"certificates",
|
2018-01-24 16:32:36 +01:00
|
|
|
[self validationMessage], @"message",
|
2015-05-13 04:37:58 +02:00
|
|
|
nil];
|
|
|
|
}
|
|
|
|
|
2009-09-14 19:44:39 +02:00
|
|
|
@end
|