lib/App/EdwardNG.pm

   1 package App::EdwardNG;
   2
   3 use 5.014000;
   4 use strict;
   5 use warnings;
   6 use parent qw/Exporter/;
   7 our $VERSION = '0.001';
   8 our @EXPORT = qw/process_message/;
   9
  10 use Email::Sender::Simple qw/sendmail/;
  11 use File::Share qw/dist_file/;
  12 use File::Slurp qw/read_file/;
  13 use File::Spec::Functions qw/rel2abs/;
  14 use Getopt::Long;
  15 use MIME::Entity;
  16 use MIME::Parser;
  17 use Mail::GnuPG;
  18 use PerlX::Maybe;
  19 use Template;
  20 use Try::Tiny;
  21
  22 sub debug { say STDERR @_ if $ENV{EDWARDNG_DEBUG} }
  23 sub stringify ($) { join '', map {; '>', $_ } @{$_[0]} }
  24 sub mg {
  25         Mail::GnuPG->new(
  26                 key                => $ENV{EDWARDNG_KEY},
  27                 maybe always_trust => $ENV{EDWARDNG_ALWAYS_TRUST},
  28                 maybe keydir       => $ENV{EDWARDNG_KEYDIR},
  29                 maybe passphrase   => $ENV{EDWARDNG_PASSPHRASE},
  30                 maybe use_agent    => $ENV{EDWARDNG_USE_AGENT},
  31                 @_);
  32 }
  33
  34 sub first_part{
  35         my ($ent) = @_;
  36         return first_part ($ent->parts(0)) if $ent->parts;
  37         stringify [$ent->bodyhandle->as_lines]
  38 }
  39
  40 sub process_message {
  41         my ($in) = @_;
  42         my $msg;
  43         my $parser = MIME::Parser->new;
  44         $parser->decode_bodies(0);
  45         $parser->output_to_core(1);
  46
  47         $msg =                      $in   if     ref $in eq 'MIME::Entity';
  48         $msg = $parser->parse      ($in)  if     ref $in eq 'IO';
  49         $msg = $parser->parse_data ($in)  if     ref $in eq 'SCALAR';
  50         $msg = $parser->parse_open ($in)  unless ref $in;
  51         die "Don't know how to parse $in" unless $msg;
  52
  53         if ($msg->mime_type ne 'multipart/signed' && $msg->mime_type ne 'multipart/encrypted') {
  54                 # PGP/Inline requires decoding
  55                 $parser->decode_bodies(1);
  56                 $msg = $parser->parse_data($msg->stringify)
  57         }
  58
  59         my $gpg = mg;
  60         if ($gpg->is_signed($msg)) {
  61                 debug 'This mail looks signed';
  62                 my ($code, $keyid, $email) = $gpg->verify($msg);
  63                 return sign_error => (
  64                         message => stringify $gpg->{last_message}) if $code;
  65                 return sign => (
  66                         keyid   => $keyid,
  67                         email   => $email,
  68                         message => stringify $gpg->{last_message});
  69         }
  70
  71         if ($gpg->is_encrypted($msg)) {
  72                 debug 'This mail looks encrypted';
  73                 my ($code, $keyid, $email) = $gpg->decrypt($msg);
  74                 return encrypt_error => (
  75                         message   => stringify $gpg->{last_message}) if $code;
  76                 return encrypt => (
  77                         plaintext => stringify $gpg->{plaintext},
  78                         decrypted => $gpg->{decrypted},
  79                         message   => stringify $gpg->{last_message}) unless defined $keyid;
  80                 return signencrypt => (
  81                         keyid     => $keyid,
  82                         email     => $email,
  83                         plaintext => stringify $gpg->{plaintext},
  84                         decrypted => $gpg->{decrypted},
  85                         message   => stringify $gpg->{last_message});
  86         }
  87
  88         debug 'This mail doesn\'t seem to be signed or encrypted';
  89         return 'plain'
  90 }
  91
  92 sub run {
  93         GetOptions(
  94                 'always-trust!' => \$ENV{EDWARDNG_ALWAYS_TRUST},
  95                 'debug!'        => \$ENV{EDWARDNG_DEBUG},
  96                 'from=s'        => \$ENV{EDWARDNG_FROM},
  97                 'key=s'         => \$ENV{EDWARDNG_KEY},
  98                 'keydir=s'      => \$ENV{EDWARDNG_KEYDIR},
  99                 'logfile=s'     => \$ENV{EDWARDNG_LOGFILE},
 100                 'passphrase=s'  => \$ENV{EDWARDNG_PASSPHRASE},
 101                 'tmpl-path=s'   => \$ENV{EDWARDNG_TMPL_PATH},
 102                 'use-agent!'    => \$ENV{EDWARDNG_USE_AGENT},
 103         );
 104         my $tmpl_path = $ENV{EDWARDNG_TMPL_PATH} // 'en';
 105         open STDERR, '>>', $ENV{EDWARDNG_LOGFILE} if $ENV{EDWARDNG_LOGFILE};
 106
 107         my $parser = MIME::Parser->new;
 108         $parser->decode_bodies(0);
 109         $parser->output_to_core(1);
 110         my $in = $parser->parse(\*STDIN);
 111         debug 'Received mail from ', $in->get('From');
 112
 113         my ($tmpl, %params);
 114         try {
 115                 ($tmpl, %params) = process_message $in
 116         } catch {
 117                 ($tmpl, %params) = (error => message => $_)
 118         };
 119         debug "Result is $tmpl, GnuPG said:\n", $params{message};
 120
 121         $params{plaintext} = first_part $params{decrypted} if $params{decrypted};
 122
 123         my $tt = Template->new(INCLUDE_PATH => rel2abs $tmpl_path, dist_file 'App-EdwardNG', 'tmpl');
 124         my $data;
 125         $tt->process($tmpl, \%params, \$data);
 126         my $email = MIME::Entity->build(
 127                 From    => $ENV{EDWARDNG_FROM},
 128                 To      => $in->get('From'),
 129                 Subject => 'Re: ' . $in->get('Subject'),
 130                 Data    => $data);
 131
 132         my $email_unencrypted = $email->dup;
 133         my $mg = mg always_trust => 1;
 134         my $encrypt_failed = $mg->mime_signencrypt($email, $in->get('From') =~ /<(.*)>/);
 135         debug 'Could not encrypt message, sending unencrypted. GnuPG said:', "\n", stringify $mg->{last_message} if $encrypt_failed;
 136         sendmail $encrypt_failed ? $email_unencrypted : $email
 137 }
 138
 139 1;
 140 __END__
 141
 142 =encoding utf-8
 143
 144 =head1 NAME
 145
 146 App::EdwardNG - GnuPG email sign/encrypt testing bot
 147
 148 =head1 SYNOPSIS
 149
 150   use App::EdwardNG;
 151   my ($status, %params) = process_message '/path/to/message';
 152   if ($status eq 'signencrypt') {
 153     say 'This message is encrypted and signed with key ', $params{keyid}, ' from ', $params{email};
 154     say 'Its contents are: ', $params{plaintext};
 155   } elsif ($status eq 'encrypt') {
 156     say 'This message is encrypted but not signed';
 157     say 'Its contents are: ', $params{plaintext};
 158   } elsif ($status eq 'encrypt_error') {
 159     say 'This message is encrypted but I was unable to decrypt it. GnuPG output: ', $params{message};
 160   } elsif ($status eq 'sign') {
 161     say 'This message is signed with key ', $params{keyid}, ' from ', $params{email};
 162   } elsif ($status eq 'sign_error') {
 163     say 'This message is signed but I was unable to verify the signature. GnuPG output: ', $params{message};
 164   } elsif ($status eq 'plain') {
 165     say 'This message is neither signed nor encrypted';
 166   } elsif ($status eq 'error') {
 167     say 'There was an error processing the message: ', $params{message};
 168   }
 169
 170 =head1 DESCRIPTION
 171
 172 EdwardNG is a reimplementation of the Edward reply bot referenced in L<https://emailselfdefense.fsf.org/>.
 173
 174 This module exports a single function, B<process_message>, which takes a single parameter representing the message. This parameter can be:
 175
 176 =over
 177
 178 =item A filehandle reference, e.g. C<\*STDIN>.
 179
 180 =item A reference to a scalar which holds the message contents.
 181
 182 =item A scalar which represents a path to a message.
 183
 184 =item A L<MIME::Entity> object
 185
 186 =back
 187
 188 The function returns a status followed by a hash. Possible results:
 189
 190 =over
 191
 192 =item plain
 193
 194 The message is neither signed nor encrypted.
 195
 196 =item sign_error, message => $message
 197
 198 The message is signed but the signature could not be verified. GnuPG output is $message.
 199
 200 =item sign, keyid => $keyid, email => $email, message => $message
 201
 202 The message is signed with key $keyid from $email. GnuPG output is $message.
 203
 204 =item encrypt_error, message => $message
 205
 206 The message is encrypted and unable to be decrypted. GnuPG output is $message.
 207
 208 =item encrypt, plaintext => $plaintext, decrypted => $decrypted, message => $message
 209
 210 The message is encrypted and unsigned. $plaintext is the decrypted message as plain text, while $decrypted is a MIME::Entity representing the decrypted message. GnuPG output is $message.
 211
 212 =item signencrypt, plaintext => $plaintext, decrypted => $decrypted, keyid => $keyid, email => $email, message => $message
 213
 214 The message is encrypted and signed with key $keyid from $email. $plaintext is the decrypted message as plain text, while $decrypted is a MIME::Entity representing the decrypted message. GnuPG output is $message.
 215
 216 =item error, message => $message
 217
 218 There was an error while processing the message. The error can be found in $message.
 219
 220 =back
 221
 222 =head1 ENVIRONMENT
 223
 224 This module is configured via the %ENV hash. See the L<edwardng(1)> manpage for more information.
 225
 226 =head1 SEE ALSO
 227
 228 L<edwardng(1)>
 229
 230 =head1 AUTHOR
 231
 232 Marius Gavrilescu, E<lt>marius@ieval.roE<gt>
 233
 234 =head1 COPYRIGHT AND LICENSE
 235
 236 Copyright (C) 2014 by Fundația Ceata
 237
 238 This library is free software; you can redistribute it and/or modify
 239 it under the same terms as Perl itself, either Perl version 5.18.2 or,
 240 at your option, any later version of Perl 5 you may have available.
 241
 242
 243 =cut