mail-crypt-key.c revision bcb4e51a409d94ae670de96afb8483a4f7855294
e59faf65ce864fe95dc00f5d52b8323cdbd0608aTimo Sirainen/* Copyright (c) 2015-2018 Dovecot authors, see the included COPYING file */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "lib.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "str.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "dict.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "array.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "var-expand.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "mail-storage.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "mailbox-attribute.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "mail-crypt-common.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "mail-crypt-key.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "mail-crypt-plugin.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "mail-user.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "hex-binary.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "safe-memset.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "base64.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen#include "sha2.h"
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenstruct mail_crypt_key_cache_entry {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_crypt_key_cache_entry *next;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen char *pubid;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* this is lazily initialized */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_keypair pair;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen};
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenstatic
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenint mail_crypt_get_key_cache(struct mail_crypt_key_cache_entry *cache,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char *pubid,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_private_key **privkey_r,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_public_key **pubkey_r)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen{
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen for(struct mail_crypt_key_cache_entry *ent = cache;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen ent != NULL; ent = ent->next)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (strcmp(pubid, ent->pubid) == 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (privkey_r != NULL && ent->pair.priv != NULL) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen dcrypt_key_ref_private(ent->pair.priv);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *privkey_r = ent->pair.priv;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return 1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen } else if (pubkey_r != NULL && ent->pair.pub != NULL) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen dcrypt_key_ref_public(ent->pair.pub);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *pubkey_r = ent->pair.pub;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return 1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen } else if ((privkey_r == NULL && pubkey_r == NULL) ||
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen (ent->pair.priv == NULL &&
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen ent->pair.pub == NULL)) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen i_unreached();
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return 0;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen}
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenstatic
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenvoid mail_crypt_put_key_cache(struct mail_crypt_key_cache_entry **cache,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char *pubid,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_private_key *privkey,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_public_key *pubkey)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen{
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen for(struct mail_crypt_key_cache_entry *ent = *cache;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen ent != NULL; ent = ent->next)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (strcmp(pubid, ent->pubid) == 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (privkey != NULL) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (ent->pair.priv == NULL) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen ent->pair.priv = privkey;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen dcrypt_key_ref_private(ent->pair.priv);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen } else if (pubkey != NULL) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (ent->pair.pub == NULL) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen ent->pair.pub = pubkey;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen dcrypt_key_ref_public(ent->pair.pub);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen } else
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen i_unreached();
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* not found */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_crypt_key_cache_entry *ent =
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen i_new(struct mail_crypt_key_cache_entry, 1);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen ent->pubid = i_strdup(pubid);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen ent->pair.priv = privkey;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen ent->pair.pub = pubkey;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (ent->pair.priv != NULL)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen dcrypt_key_ref_private(ent->pair.priv);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (ent->pair.pub != NULL)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen dcrypt_key_ref_public(ent->pair.pub);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (*cache == NULL) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *cache = ent;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen } else {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen ent->next = *cache;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *cache = ent;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen}
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenvoid mail_crypt_key_cache_destroy(struct mail_crypt_key_cache_entry **cache)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen{
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_crypt_key_cache_entry *next, *cur = *cache;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *cache = NULL;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen while(cur != NULL) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen next = cur->next;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen i_free(cur->pubid);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (cur->pair.priv != NULL)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen dcrypt_key_unref_private(&cur->pair.priv);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (cur->pair.pub != NULL)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen dcrypt_key_unref_public(&cur->pair.pub);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen i_free(cur);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen cur = next;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen}
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenint mail_crypt_private_key_id_match(struct dcrypt_private_key *key,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char *pubid, const char **error_r)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen{
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen i_assert(key != NULL);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen buffer_t *key_id = t_str_new(MAIL_CRYPT_HASH_BUF_SIZE);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (!dcrypt_key_id_private(key, MAIL_CRYPT_KEY_ID_ALGORITHM, key_id,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen error_r))
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char *hash = binary_to_hex(key_id->data, key_id->used);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (strcmp(pubid, hash) == 0) return 1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen buffer_set_used_size(key_id, 0);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (!dcrypt_key_id_private_old(key, key_id, error_r)) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen hash = binary_to_hex(key_id->data, key_id->used);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (strcmp(pubid, hash) != 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = t_strdup_printf("Key %s does not match given ID %s",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen hash, pubid);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return 0;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return 1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen}
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenint mail_crypt_public_key_id_match(struct dcrypt_public_key *key,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char *pubid, const char **error_r)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen{
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen i_assert(key != NULL);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen buffer_t *key_id = t_str_new(MAIL_CRYPT_HASH_BUF_SIZE);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (!dcrypt_key_id_public(key, MAIL_CRYPT_KEY_ID_ALGORITHM, key_id,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen error_r))
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char *hash = binary_to_hex(key_id->data, key_id->used);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (strcmp(pubid, hash) == 0) return 1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen buffer_set_used_size(key_id, 0);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (!dcrypt_key_id_public_old(key, key_id, error_r)) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen hash = binary_to_hex(key_id->data, key_id->used);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (strcmp(pubid, hash) != 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = t_strdup_printf("Key %s does not match given ID %s",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen hash, pubid);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return 0;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return 1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen}
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenstatic
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenint mail_crypt_env_get_private_key(struct mail_user *user, const char *pubid,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_private_key **key_r,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char **error_r)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen{
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_crypt_global_keys global_keys;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen int ret = 0;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (mail_crypt_global_keys_load(user, "mail_crypt", &global_keys,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen TRUE, error_r) < 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mail_crypt_global_keys_free(&global_keys);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* see if we got a key */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_private_key *key =
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mail_crypt_global_key_find(&global_keys, pubid);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (key != NULL) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen dcrypt_key_ref_private(key);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *key_r = key;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen ret = 1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mail_crypt_global_keys_free(&global_keys);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return ret;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen}
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenstatic
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenconst char *mail_crypt_get_key_path(bool user_key, bool public, const char *pubid)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen{
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char *ret = t_strdup_printf("%s%s%s",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen user_key ? USER_CRYPT_PREFIX :
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen BOX_CRYPT_PREFIX,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen public ? PUBKEYS_PREFIX :
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen PRIVKEYS_PREFIX,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen pubid);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return ret;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen}
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenstatic
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenint mail_crypt_decrypt_private_key(struct mailbox *box, const char *pubid,
6d2c938f017a2fc55ae476f88839f03a3d3c5fbdTimo Sirainen const char *data,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_private_key **key_r,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char **error_r)
6d2c938f017a2fc55ae476f88839f03a3d3c5fbdTimo Sirainen{
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen enum dcrypt_key_kind key_kind;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen enum dcrypt_key_encryption_type enc_type;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char *enc_hash = NULL, *key_hash = NULL, *pw = NULL;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_private_key *key = NULL, *dec_key = NULL;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_user *user = mail_storage_get_user(mailbox_get_storage(box));
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen int ret = 0;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen i_assert(pubid != NULL);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen i_assert(data != NULL);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* see what the key needs for decrypting */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (!dcrypt_key_string_get_info(data, NULL, NULL, &key_kind,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen &enc_type, &enc_hash, &key_hash, error_r)) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (key_kind != DCRYPT_KEY_KIND_PRIVATE) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = t_strdup_printf("Cannot use key %s: "
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen "Expected private key, got public key",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen pubid);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (key_hash != NULL && strcmp(key_hash, pubid) != 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = t_strdup_printf("Cannot use key %s: "
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen "Incorrect key hash %s stored",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen pubid,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen key_hash);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* see if it needs decrypting */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (enc_type == DCRYPT_KEY_ENCRYPTION_TYPE_NONE) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* no key or password */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen } else if (enc_type == DCRYPT_KEY_ENCRYPTION_TYPE_PASSWORD) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen pw = mail_user_plugin_getenv(user, MAIL_CRYPT_USERENV_PASSWORD);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (pw == NULL) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = t_strdup_printf("Cannot decrypt key %s: "
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen "Password not available",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen pubid);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen } else if (enc_type == DCRYPT_KEY_ENCRYPTION_TYPE_KEY) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if ((ret = mail_crypt_user_get_private_key(user, enc_hash,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen &dec_key, error_r)) <= 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* last resort, look at environment */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (ret == 0 && (ret = mail_crypt_env_get_private_key(user, enc_hash,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen &dec_key, error_r)) == 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = t_strdup_printf("Cannot decrypt key %s: "
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen "Private key %s not available:",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen pubid, enc_hash);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen } else if (ret < 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = t_strdup_printf("Cannot decrypt key %s: %s",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen pubid, *error_r);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return ret;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen bool res = dcrypt_key_load_private(&key, data, pw, dec_key, error_r);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (dec_key != NULL)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen dcrypt_key_unref_private(&dec_key);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (!res)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (mail_crypt_private_key_id_match(key, pubid, error_r) <= 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (key != NULL)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen dcrypt_key_unref_private(&key);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen i_assert(key != NULL);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *key_r = key;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return 1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen}
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenint mail_crypt_get_private_key(struct mailbox *box, const char *pubid,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen bool user_key, bool shared,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_private_key **key_r,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char **error_r)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen{
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_user *user = mail_storage_get_user(mailbox_get_storage(box));
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_crypt_user *muser = mail_crypt_get_mail_crypt_user(user);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* check cache */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (mail_crypt_get_key_cache(muser->key_cache, pubid, key_r, NULL) > 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return 1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_attribute_value value;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_private_key *key;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen int ret;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char *attr_name = mail_crypt_get_key_path(user_key, FALSE, pubid);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if ((ret = mailbox_attribute_get(box,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen shared ? MAIL_ATTRIBUTE_TYPE_SHARED :
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen MAIL_ATTRIBUTE_TYPE_PRIVATE,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen attr_name, &value)) <= 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (ret < 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = t_strdup_printf("mailbox_attribute_get(%s, %s%s) failed: %s",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_get_vname(box),
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen shared ? "/shared/" :
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen "/priv/",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen attr_name,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_get_last_internal_error(box, NULL));
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return ret;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if ((ret = mail_crypt_decrypt_private_key(box, pubid, value.value,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen &key, error_r)) <= 0)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return ret;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen i_assert(key != NULL);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mail_crypt_put_key_cache(&muser->key_cache, pubid, key, NULL);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *key_r = key;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return 1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen}
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenint mail_crypt_user_get_private_key(struct mail_user *user, const char *pubid,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_private_key **key_r,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char **error_r)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen{
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_namespace *ns = mail_namespace_find_inbox(user->namespaces);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mailbox *box = mailbox_alloc(ns->list, "INBOX",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen MAILBOX_FLAG_READONLY);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_attribute_value value;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen int ret;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* try retrieve currently active user key */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (mailbox_open(box) < 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = t_strdup_printf("mailbox_open(%s) failed: %s",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen "INBOX",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_get_last_internal_error(box, NULL));
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (pubid == NULL) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if ((ret = mailbox_attribute_get(box, MAIL_ATTRIBUTE_TYPE_SHARED,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen USER_CRYPT_PREFIX ACTIVE_KEY_NAME,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen &value)) <= 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (ret < 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = t_strdup_printf("mailbox_attribute_get(%s, /shared/%s) failed: %s",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_get_vname(box),
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen USER_CRYPT_PREFIX ACTIVE_KEY_NAME,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_get_last_internal_error(box, NULL));
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen } else {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen pubid = value.value;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen ret = 1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen } else
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen ret = 1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* try to open key */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (ret > 0)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen ret = mail_crypt_get_private_key(box, pubid, TRUE, FALSE,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen key_r, error_r);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_free(&box);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return ret;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen}
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenint mail_crypt_box_get_private_key(struct mailbox *box,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_private_key **key_r,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char **error_r)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen{
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_attribute_value value;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen int ret;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* get active key */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if ((ret = mailbox_attribute_get(box, MAIL_ATTRIBUTE_TYPE_SHARED,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen BOX_CRYPT_PREFIX ACTIVE_KEY_NAME, &value)) <= 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (ret < 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = t_strdup_printf("mailbox_attribute_get(%s, /shared/%s) failed: %s",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_get_vname(box),
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen USER_CRYPT_PREFIX ACTIVE_KEY_NAME,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_get_last_internal_error(box, NULL));
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return ret;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return mail_crypt_get_private_key(box, value.value,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen FALSE, FALSE,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen key_r, error_r);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen}
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenstatic
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenint mail_crypt_set_private_key(struct mailbox_transaction_context *t,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen bool user_key, bool shared, const char *pubid,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_public_key *enc_key,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_private_key *key,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char **error_r)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen{
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* folder keys must be encrypted with some other key,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen unless they are shared keys */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen i_assert(user_key || shared || enc_key != NULL);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen buffer_t *data = t_str_new(MAIL_CRYPT_KEY_BUF_SIZE);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char *pw = NULL;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char *algo = NULL;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_user *user = mail_storage_get_user(
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_get_storage(
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_transaction_get_mailbox(t)));
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char *attr_name = mail_crypt_get_key_path(user_key, FALSE, pubid);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_attribute_value value;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen int ret;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (enc_key != NULL) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen algo = MAIL_CRYPT_KEY_CIPHER;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen } else if (user_key &&
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen (pw = mail_user_plugin_getenv(user,MAIL_CRYPT_USERENV_PASSWORD))
7bafda1813454621e03615e83d55bccfa7cc56bdTimo Sirainen != NULL) {
7bafda1813454621e03615e83d55bccfa7cc56bdTimo Sirainen algo = MAIL_CRYPT_PW_CIPHER;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
7bafda1813454621e03615e83d55bccfa7cc56bdTimo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* export key */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (!dcrypt_key_store_private(key, DCRYPT_FORMAT_DOVECOT, algo, data,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen pw, enc_key, error_r)) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen /* store it */
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen value.value_stream = NULL;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen value.value = str_c(data);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen value.last_change = 0;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if ((ret = mailbox_attribute_set(t,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen shared ? MAIL_ATTRIBUTE_TYPE_SHARED :
7bafda1813454621e03615e83d55bccfa7cc56bdTimo Sirainen MAIL_ATTRIBUTE_TYPE_PRIVATE,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen attr_name,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen &value)) < 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = t_strdup_printf("mailbox_attribute_set(%s, %s/%s) failed: %s",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_get_vname(mailbox_transaction_get_mailbox(t)),
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen shared ? "/shared" : "/priv",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen attr_name,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_get_last_internal_error(
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_transaction_get_mailbox(t), NULL));
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen safe_memset(buffer_get_modifiable_data(data, NULL), 0, data->used);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return ret;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen}
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainenint mail_crypt_user_set_private_key(struct mail_user *user, const char *pubid,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_private_key *key,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen const char **error_r)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen{
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mail_namespace *ns = mail_namespace_find_inbox(user->namespaces);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mailbox *box = mailbox_alloc(ns->list, "INBOX",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen MAILBOX_FLAG_READONLY);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_private_key *env_key = NULL;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct dcrypt_public_key *enc_key = NULL;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen struct mailbox_transaction_context *t;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen int ret;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if ((ret = mail_crypt_env_get_private_key(user, NULL, &env_key,
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen error_r)) < 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen } else if (ret > 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen dcrypt_key_convert_private_to_public(env_key, &enc_key);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen dcrypt_key_unref_private(&env_key);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (mail_user_plugin_getenv(user, MAIL_CRYPT_REQUIRE_ENCRYPTED_USER_KEY) != NULL &&
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mail_user_plugin_getenv(user, MAIL_CRYPT_USERENV_PASSWORD) == NULL &&
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mail_user_plugin_getenv(user, MAIL_CRYPT_USERENV_KEY) == NULL)
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = MAIL_CRYPT_REQUIRE_ENCRYPTED_USER_KEY " set, cannot "
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen "generate user keypair without password or key";
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen if (mailbox_open(box) < 0) {
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen *error_r = t_strdup_printf("mailbox_open(%s) failed: %s",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen "INBOX",
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen mailbox_get_last_internal_error(box, NULL));
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen return -1;
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen }
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen t = mailbox_transaction_begin(box, 0, __func__);
1ac7c8e9040e0d0b7e9f849e45b94bfe919595a9Timo Sirainen
if ((ret = mail_crypt_set_private_key(t, TRUE, FALSE, pubid, enc_key, key,
error_r)) < 0) {
mailbox_transaction_rollback(&t);
} else if ((ret = mailbox_transaction_commit(&t)) < 0) {
*error_r = t_strdup_printf("mailbox_transaction_commit(%s) failed: %s",
mailbox_get_vname(box),
mailbox_get_last_internal_error(box, NULL));
}
mailbox_free(&box);
return ret;
}
int mail_crypt_box_set_private_key(struct mailbox *box, const char *pubid,
struct dcrypt_private_key *key,
struct dcrypt_public_key *user_key,
const char **error_r)
{
int ret;
struct mailbox_transaction_context *t;
t = mailbox_transaction_begin(box, 0, __func__);
if ((ret = mail_crypt_set_private_key(t, FALSE, FALSE, pubid, user_key,
key, error_r)) < 0) {
mailbox_transaction_rollback(&t);
} else if ((ret = mailbox_transaction_commit(&t)) < 0) {
*error_r = t_strdup_printf("mailbox_transaction_commit(%s) failed: %s",
mailbox_get_vname(box),
mailbox_get_last_internal_error(box, NULL));
}
return ret;
}
static
int mail_crypt_get_public_key(struct mailbox *box, const char *pubid,
bool user_key, struct dcrypt_public_key **key_r,
const char **error_r)
{
struct mail_user *user = mail_storage_get_user(mailbox_get_storage(box));
struct mail_crypt_user *muser = mail_crypt_get_mail_crypt_user(user);
/* check cache */
if (mail_crypt_get_key_cache(muser->key_cache, pubid, NULL, key_r) > 0) {
return 1;
}
enum dcrypt_key_kind key_kind;
const char *key_hash = NULL;
struct dcrypt_public_key *key;
struct mail_attribute_value value;
int ret;
const char *attr_name = mail_crypt_get_key_path(user_key, TRUE, pubid);
if ((ret = mailbox_attribute_get(box,
MAIL_ATTRIBUTE_TYPE_SHARED,
attr_name, &value)) <= 0) {
if (ret < 0) {
*error_r = t_strdup_printf("mailbox_attribute_get(%s, %s) failed: %s",
mailbox_get_vname(box),
attr_name,
mailbox_get_last_internal_error(box, NULL));
}
return ret;
}
if (!dcrypt_key_string_get_info(value.value, NULL, NULL, &key_kind,
NULL, NULL, &key_hash, error_r)) {
return -1;
}
if (key_kind != DCRYPT_KEY_KIND_PUBLIC) {
*error_r = t_strdup_printf("Cannot use key %s: "
"Expected public key, got private key",
pubid);
return -1;
}
if (key_hash != NULL && strcmp(key_hash, pubid) != 0) {
*error_r = t_strdup_printf("Cannot use key %s: "
"Incorrect key hash %s stored",
pubid, key_hash);
return -1;
}
/* load the key */
if (!dcrypt_key_load_public(&key, value.value, error_r)) {
return -1;
}
if (pubid != NULL &&
mail_crypt_public_key_id_match(key, pubid, error_r) <= 0) {
dcrypt_key_unref_public(&key);
return -1;
}
mail_crypt_put_key_cache(&muser->key_cache, pubid, NULL, key);
*key_r = key;
return 1;
}
int mail_crypt_user_get_public_key(struct mail_user *user,
struct dcrypt_public_key **key_r,
const char **error_r)
{
struct mail_namespace *ns = mail_namespace_find_inbox(user->namespaces);
struct mailbox *box = mailbox_alloc(ns->list, "INBOX",
MAILBOX_FLAG_READONLY);
struct mail_attribute_value value;
int ret;
/* try retrieve currently active user key */
if (mailbox_open(box) < 0) {
*error_r = t_strdup_printf("mailbox_open(%s) failed: %s",
"INBOX",
mailbox_get_last_internal_error(box, NULL));
return -1;
}
if ((ret = mailbox_attribute_get(box, MAIL_ATTRIBUTE_TYPE_SHARED,
USER_CRYPT_PREFIX ACTIVE_KEY_NAME,
&value)) <= 0) {
if (ret < 0) {
*error_r = t_strdup_printf("mailbox_attribute_get(%s, /shared/%s) failed: %s",
mailbox_get_vname(box),
USER_CRYPT_PREFIX ACTIVE_KEY_NAME,
mailbox_get_last_internal_error(box, NULL));
}
} else {
ret = mail_crypt_get_public_key(box, value.value, TRUE, key_r, error_r);
}
mailbox_free(&box);
return ret;
}
int mail_crypt_box_get_public_key(struct mailbox *box,
struct dcrypt_public_key **key_r,
const char **error_r)
{
struct mail_attribute_value value;
int ret;
if ((ret = mailbox_attribute_get(box, MAIL_ATTRIBUTE_TYPE_SHARED,
BOX_CRYPT_PREFIX ACTIVE_KEY_NAME,
&value)) <= 0) {
if (ret < 0) {
*error_r = t_strdup_printf("mailbox_attribute_get(%s, /shared/%s) failed: %s",
mailbox_get_vname(box),
BOX_CRYPT_PREFIX ACTIVE_KEY_NAME,
mailbox_get_last_internal_error(box, NULL));
}
return ret;
}
return mail_crypt_get_public_key(box, value.value, FALSE, key_r, error_r);
}
static
int mail_crypt_set_public_key(struct mailbox_transaction_context *t,
bool user_key, const char *pubid,
struct dcrypt_public_key *key,
const char **error_r)
{
buffer_t *data = t_str_new(MAIL_CRYPT_KEY_BUF_SIZE);
const char *attr_name = mail_crypt_get_key_path(user_key, TRUE, pubid);
struct mail_attribute_value value;
/* export key */
if (!dcrypt_key_store_public(key, DCRYPT_FORMAT_DOVECOT, data,
error_r)) {
return -1;
}
/* store it */
value.value_stream = NULL;
value.value = str_c(data);
value.last_change = 0;
if (mailbox_attribute_set(t,
MAIL_ATTRIBUTE_TYPE_SHARED,
attr_name,
&value) < 0) {
*error_r = t_strdup_printf("mailbox_attribute_set(%s, %s/%s) failed: %s",
mailbox_get_vname(mailbox_transaction_get_mailbox(t)),
"/shared",
attr_name,
mailbox_get_last_internal_error(
mailbox_transaction_get_mailbox(t), NULL));
return -1;
}
return 0;
}
int mail_crypt_user_set_public_key(struct mail_user *user, const char *pubid,
struct dcrypt_public_key *key,
const char **error_r)
{
struct mail_namespace *ns = mail_namespace_find_inbox(user->namespaces);
struct mailbox *box = mailbox_alloc(ns->list, "INBOX",
MAILBOX_FLAG_READONLY);
struct mailbox_transaction_context *t;
struct mail_attribute_value value;
int ret;
/* try retrieve currently active user key */
if (mailbox_open(box) < 0) {
*error_r = t_strdup_printf("mailbox_open(%s) failed: %s",
"INBOX",
mailbox_get_last_internal_error(box, NULL));
return -1;
}
t = mailbox_transaction_begin(box, 0, __func__);
if ((ret = mail_crypt_set_public_key(t, TRUE, pubid, key,
error_r)) == 0) {
value.value_stream = NULL;
value.value = pubid;
value.last_change = 0;
if ((ret = mailbox_attribute_set(t, MAIL_ATTRIBUTE_TYPE_SHARED,
USER_CRYPT_PREFIX ACTIVE_KEY_NAME,
&value)) < 0) {
*error_r = t_strdup_printf("mailbox_attribute_set(%s, /shared/%s) failed: %s",
mailbox_get_vname(box),
USER_CRYPT_PREFIX ACTIVE_KEY_NAME,
mailbox_get_last_internal_error(box, NULL));
}
}
if (ret < 0) {
mailbox_transaction_rollback(&t);
} else if (mailbox_transaction_commit(&t) < 0) {
*error_r = t_strdup_printf("mailbox_transaction_commit(%s) failed: %s",
mailbox_get_vname(box),
mailbox_get_last_internal_error(box, NULL));
ret = -1;
}
mailbox_free(&box);
return ret;
}
int mail_crypt_box_set_public_key(struct mailbox *box, const char *pubid,
struct dcrypt_public_key *key,
const char **error_r)
{
int ret;
struct mailbox_transaction_context *t;
struct mail_attribute_value value;
t = mailbox_transaction_begin(box, 0, __func__);
if ((ret = mail_crypt_set_public_key(t, FALSE, pubid, key,
error_r)) == 0) {
value.value_stream = NULL;
value.value = pubid;
value.last_change = 0;
if ((ret = mailbox_attribute_set(t, MAIL_ATTRIBUTE_TYPE_SHARED,
BOX_CRYPT_PREFIX ACTIVE_KEY_NAME,
&value)) < 0) {
*error_r = t_strdup_printf("mailbox_attribute_set(%s, /shared/%s) failed: %s",
mailbox_get_vname(box),
BOX_CRYPT_PREFIX ACTIVE_KEY_NAME,
mailbox_get_last_internal_error(box, NULL));
}
}
if (ret < 0) {
mailbox_transaction_rollback(&t);
} else if (mailbox_transaction_commit(&t) < 0) {
*error_r = t_strdup_printf("mailbox_transaction_commit(%s) failed: %s",
mailbox_get_vname(box),
mailbox_get_last_internal_error(box, NULL));
ret = -1;
}
return ret;
}
static
int mail_crypt_user_set_keys(struct mail_user *user,
const char *pubid,
struct dcrypt_private_key *privkey,
struct dcrypt_public_key *pubkey,
const char **error_r)
{
if (mail_crypt_user_set_private_key(user, pubid, privkey, error_r) < 0)
return -1;
if (mail_crypt_user_set_public_key(user, pubid, pubkey, error_r) < 0)
return -1;
return 0;
}
static
int mail_crypt_box_set_keys(struct mailbox *box,
const char *pubid,
struct dcrypt_private_key *privkey,
struct dcrypt_public_key *user_key,
struct dcrypt_public_key *pubkey,
const char **error_r)
{
if (mail_crypt_box_set_private_key(box, pubid, privkey, user_key,
error_r) < 0)
return -1;
if (mail_crypt_box_set_public_key(box, pubid, pubkey, error_r) < 0)
return -1;
return 0;
}
int mail_crypt_box_get_shared_key(struct mailbox *box,
const char *pubid,
struct dcrypt_private_key **key_r,
const char **error_r)
{
struct mail_user *user = mail_storage_get_user(mailbox_get_storage(box));
struct mail_crypt_user *muser = mail_crypt_get_mail_crypt_user(user);
struct dcrypt_private_key *key = NULL;
struct mail_attribute_value value;
int ret;
/* check cache */
if (mail_crypt_get_key_cache(muser->key_cache, pubid, key_r, NULL) > 0) {
return 1;
}
const char *hexname =
binary_to_hex((const unsigned char*)user->username,
strlen(user->username));
const char *attr_name = t_strdup_printf(BOX_CRYPT_PREFIX
PRIVKEYS_PREFIX"%s/%s",
hexname,
pubid);
if ((ret = mailbox_attribute_get(box,
MAIL_ATTRIBUTE_TYPE_SHARED,
attr_name, &value)) <= 0) {
if (ret < 0) {
*error_r = t_strdup_printf("mailbox_attribute_get(%s, %s) failed: %s",
mailbox_get_vname(box),
attr_name,
mailbox_get_last_internal_error(box, NULL));
return ret;
}
return mail_crypt_get_private_key(box, pubid, FALSE, TRUE, key_r,
error_r);
} else {
if ((ret = mail_crypt_decrypt_private_key(box, pubid, value.value,
&key, error_r)) <= 0)
return ret;
}
mail_crypt_put_key_cache(&muser->key_cache, pubid, key, NULL);
*key_r = key;
return 1;
}
int mail_crypt_box_set_shared_key(struct mailbox_transaction_context *t,
const char *pubid,
struct dcrypt_private_key *privkey,
const char *target_uid,
struct dcrypt_public_key *user_key,
const char **error_r)
{
struct mail_attribute_value value;
buffer_t *data = t_str_new(MAIL_CRYPT_KEY_BUF_SIZE);
int ret;
const char *attr_name;
const char *algo = NULL;
i_assert(target_uid == NULL || user_key != NULL);
if (target_uid != NULL) {
/* hash target UID */
algo = MAIL_CRYPT_KEY_CIPHER;
const char *hexname =
binary_to_hex((const unsigned char*)target_uid,
strlen(target_uid));
attr_name = t_strdup_printf(BOX_CRYPT_PREFIX
PRIVKEYS_PREFIX"%s/%s",
hexname,
pubid);
} else {
attr_name = t_strdup_printf(BOX_CRYPT_PREFIX
PRIVKEYS_PREFIX"%s",
pubid);
}
if (!dcrypt_key_store_private(privkey, DCRYPT_FORMAT_DOVECOT,
algo, data,
NULL, user_key, error_r)) {
return -1;
}
value.value_stream = NULL;
value.value = str_c(data);
value.last_change = 0;
if ((ret = mailbox_attribute_set(t, MAIL_ATTRIBUTE_TYPE_SHARED,
attr_name, &value)) < 0) {
*error_r = t_strdup_printf("mailbox_attribute_set(%s, /shared/%s) failed: %s",
mailbox_get_vname(
mailbox_transaction_get_mailbox(t)),
attr_name,
mailbox_get_last_internal_error(
mailbox_transaction_get_mailbox(t),
NULL));
}
safe_memset(buffer_get_modifiable_data(data, NULL), 0, data->used);
return ret;
}
int mail_crypt_box_unset_shared_key(struct mailbox_transaction_context *t,
const char *pubid,
const char *target_uid,
const char **error_r)
{
int ret;
const char *hexname =
binary_to_hex((const unsigned char*)target_uid,
strlen(target_uid));
const char *attr_name = t_strdup_printf(BOX_CRYPT_PREFIX
PRIVKEYS_PREFIX"%s/%s",
hexname,
pubid);
if ((ret = mailbox_attribute_unset(t, MAIL_ATTRIBUTE_TYPE_SHARED,
attr_name)) <= 0) {
if (ret < 0) {
*error_r = t_strdup_printf("mailbox_attribute_unset(%s, "
" /shared/%s): failed: %s",
mailbox_get_vname(
mailbox_transaction_get_mailbox(t)),
attr_name,
mailbox_get_last_internal_error(
mailbox_transaction_get_mailbox(t),
NULL));
}
}
return ret;
}
static
int mail_crypt_generate_keypair(const char *curve,
struct dcrypt_keypair *pair_r,
const char **pubid_r,
const char **error_r)
{
if (curve == NULL) {
*error_r = MAIL_CRYPT_USERENV_CURVE " not set, cannot generate EC key";
return -1;
}
if (!dcrypt_keypair_generate(pair_r, DCRYPT_KEY_EC, 0, curve, error_r)) {
return -1;
}
buffer_t *key_id = t_str_new(MAIL_CRYPT_HASH_BUF_SIZE);
if (!dcrypt_key_id_public(pair_r->pub, MAIL_CRYPT_KEY_ID_ALGORITHM, key_id,
error_r)) {
dcrypt_keypair_unref(pair_r);
return -1;
}
*pubid_r = binary_to_hex(key_id->data, key_id->used);
return 0;
}
int mail_crypt_user_generate_keypair(struct mail_user *user,
struct dcrypt_keypair *pair,
const char **pubid_r,
const char **error_r)
{
struct mail_crypt_user *muser = mail_crypt_get_mail_crypt_user(user);
const char *curve = mail_user_plugin_getenv(user, MAIL_CRYPT_USERENV_CURVE);
if (mail_crypt_generate_keypair(curve, pair, pubid_r, error_r) < 0) {
return -1;
}
if (mail_crypt_user_set_keys(user, *pubid_r,
pair->priv, pair->pub, error_r) < 0) {
dcrypt_keypair_unref(pair);
return -1;
}
mail_crypt_put_key_cache(&muser->key_cache, *pubid_r, pair->priv, pair->pub);
return 0;
}
int mail_crypt_box_generate_keypair(struct mailbox *box,
struct dcrypt_keypair *pair,
struct dcrypt_public_key *user_key,
const char **pubid_r,
const char **error_r)
{
int ret;
struct mail_user *user = mail_storage_get_user(mailbox_get_storage(box));
struct mail_crypt_user *muser = mail_crypt_get_mail_crypt_user(user);
const char *curve = mail_user_plugin_getenv(user,
MAIL_CRYPT_USERENV_CURVE);
if (user_key == NULL) {
if ((ret = mail_crypt_user_get_public_key(user,
&user_key,
error_r)) <= 0) {
if (ret < 0)
return ret;
/* generate keypair */
struct dcrypt_keypair user_pair;
const char *user_pubid;
if (mail_crypt_user_generate_keypair(user, &user_pair,
&user_pubid,
error_r) < 0) {
return -1;
}
mail_crypt_put_key_cache(&muser->key_cache, user_pubid,
user_pair.priv, user_pair.pub);
user_key = user_pair.pub;
dcrypt_key_unref_private(&user_pair.priv);
}
} else {
dcrypt_key_ref_public(user_key);
}
if ((ret = mail_crypt_generate_keypair(curve, pair, pubid_r, error_r)) < 0) {
/* failed */
} else if ((ret = mail_crypt_box_set_keys(box, *pubid_r,
pair->priv, user_key, pair->pub,
error_r)) < 0) {
dcrypt_keypair_unref(pair);
} else {
mail_crypt_put_key_cache(&muser->key_cache, *pubid_r, pair->priv,
pair->pub);
}
dcrypt_key_unref_public(&user_key);
return ret;
}
int mail_crypt_box_get_pvt_digests(struct mailbox *box, pool_t pool,
enum mail_attribute_type type,
ARRAY_TYPE(const_string) *digests,
const char **error_r)
{
struct mailbox_attribute_iter *iter;
const char *key;
int ret;
iter = mailbox_attribute_iter_init(box, type,
BOX_CRYPT_PREFIX PRIVKEYS_PREFIX);
while ((key = mailbox_attribute_iter_next(iter)) != NULL) {
key = p_strdup(pool, key);
array_append(digests, &key, 1);
}
ret = mailbox_attribute_iter_deinit(&iter);
if (ret < 0)
*error_r = mailbox_get_last_internal_error(box, NULL);
return ret;
}
int mail_crypt_box_get_private_keys(struct mailbox *box,
ARRAY_TYPE(dcrypt_private_key) *keys_r,
const char **error_r)
{
struct mailbox_attribute_iter *iter;
iter = mailbox_attribute_iter_init(box, MAIL_ATTRIBUTE_TYPE_PRIVATE,
BOX_CRYPT_PREFIX PRIVKEYS_PREFIX);
const char *id;
int ret;
while ((id = mailbox_attribute_iter_next(iter)) != NULL) {
struct dcrypt_private_key *key = NULL;
if ((ret = mail_crypt_get_private_key(box, id, FALSE, FALSE,
&key, error_r)) < 0) {
(void)mailbox_attribute_iter_deinit(&iter);
return -1;
} else if (ret > 0)
array_append(keys_r, &key, 1);
}
ret = mailbox_attribute_iter_deinit(&iter);
if (ret < 0)
*error_r = mailbox_get_last_internal_error(box, NULL);
return ret;
}
int mail_crypt_box_share_private_keys(struct mailbox_transaction_context *t,
struct dcrypt_public_key *dest_pub_key,
const char *dest_user,
const ARRAY_TYPE(dcrypt_private_key) *priv_keys,
const char **error_r)
{
i_assert(dest_user == NULL || dest_pub_key != NULL);
struct dcrypt_private_key *const *priv_keyp, *priv_key;
buffer_t *key_id = t_str_new(MAIL_CRYPT_HASH_BUF_SIZE);
int ret = 0;
array_foreach(priv_keys, priv_keyp) {
priv_key = *priv_keyp;
ret = -1;
if (!dcrypt_key_id_private(priv_key, MAIL_CRYPT_KEY_ID_ALGORITHM,
key_id, error_r) ||
(ret = mail_crypt_box_set_shared_key(t,
binary_to_hex(key_id->data,
key_id->used),
priv_key, dest_user,
dest_pub_key, error_r)) < 0)
break;
}
return ret;
}
int
mail_crypt_user_get_or_gen_public_key(struct mail_user *user,
struct dcrypt_public_key **pub_r,
const char **error_r)
{
i_assert(user != NULL);
i_assert(pub_r != NULL);
i_assert(error_r != NULL);
int ret;
if ((ret = mail_crypt_user_get_public_key(user, pub_r, error_r)) == 0) {
struct dcrypt_keypair pair;
const char *pubid = NULL;
if (mail_crypt_user_generate_keypair(user, &pair,
&pubid, error_r) < 0) {
return -1;
}
*pub_r = pair.pub;
dcrypt_key_unref_private(&pair.priv);
} else
return ret;
return 0;
}
int
mail_crypt_box_get_or_gen_public_key(struct mailbox *box,
struct dcrypt_public_key **pub_r,
const char **error_r)
{
i_assert(box != NULL);
i_assert(pub_r != NULL);
i_assert(error_r != NULL);
struct mail_user *user =
mail_storage_get_user(mailbox_get_storage(box));
int ret;
if ((ret = mail_crypt_box_get_public_key(box, pub_r, error_r)) == 0) {
struct dcrypt_public_key *user_key;
if (mail_crypt_user_get_or_gen_public_key(user, &user_key,
error_r) < 0) {
return -1;
}
struct dcrypt_keypair pair;
const char *pubid = NULL;
if (mail_crypt_box_generate_keypair(box, &pair, user_key,
&pubid, error_r) < 0) {
return -1;
}
*pub_r = pair.pub;
dcrypt_key_unref_public(&user_key);
dcrypt_key_unref_private(&pair.priv);
} else
return ret;
return 0;
}
bool mail_crypt_acl_secure_sharing_enabled(struct mail_user *user)
{
const char *env =
mail_user_plugin_getenv(user, MAIL_CRYPT_ACL_SECURE_SHARE_SETTING);
/* disabled by default */
bool ret = FALSE;
if (env != NULL) {
/* enable unless specifically
requested not to */
ret = TRUE;
switch (env[0]) {
case 'n':
case 'N':
case '0':
case 'f':
case 'F':
ret = FALSE;
}
}
return ret;
}
static const struct mailbox_attribute_internal mailbox_internal_attributes[] = {
{ .type = MAIL_ATTRIBUTE_TYPE_PRIVATE,
.key = BOX_CRYPT_PREFIX,
.flags = MAIL_ATTRIBUTE_INTERNAL_FLAG_CHILDREN
},
{ .type = MAIL_ATTRIBUTE_TYPE_SHARED,
.key = BOX_CRYPT_PREFIX,
.flags = MAIL_ATTRIBUTE_INTERNAL_FLAG_CHILDREN
},
{ .type = MAIL_ATTRIBUTE_TYPE_PRIVATE,
.key = USER_CRYPT_PREFIX,
.flags = MAIL_ATTRIBUTE_INTERNAL_FLAG_CHILDREN
},
{ .type = MAIL_ATTRIBUTE_TYPE_SHARED,
.key = USER_CRYPT_PREFIX,
.flags = MAIL_ATTRIBUTE_INTERNAL_FLAG_CHILDREN
}
};
void mail_crypt_key_register_mailbox_internal_attributes(void)
{
mailbox_attribute_register_internals(mailbox_internal_attributes,
N_ELEMENTS(mailbox_internal_attributes));
}