public ProtectAttachment(Microsoft.Office.Interop.Outlook.Attachment attachment)
: this()
{
// 17470 [WS 8.0] Protect files is not enabled when .msg with no subject is attached through Right click->send To->Mail Recipient.ZenQ
Name = attachment.DisplayName ?? "";
var filename = string.Empty;
filename = attachment.FileName.ToLower() == ".msg"
? Guid.NewGuid().ToString() + ".msg"
: attachment.FileName;
// --
Index = attachment.Index.ToString(CultureInfo.InvariantCulture);
var wsAttachment = attachment as WsAttachment;
if (wsAttachment != null)
{
Id = wsAttachment.Id.ToString();
RecordKey = wsAttachment.RecordKey;
}
_lcofm = new LocalCopyOfFileManager();
filename = _lcofm.GetLocalCopyOfFileTarget(filename);
attachment.SaveAsFile(filename);
var lah = new LargeAttachmentHelper(filename);
if (lah.IsLargeAttachment)
{
LargeAttachmentFileName = filename;
var tempfile = _lcofm.GetLocalCopyOfFileTarget(Path.GetFileName(lah.ActualPath));
System.IO.File.Copy(lah.ActualPath, tempfile, true);
filename = tempfile;
Name = Path.GetFileName(filename);
}
File = FcsFileFactory.Create(filename, Name);
Position = attachment.Position;
FileName = filename;
}
void HandlePgpMime(Outlook.MailItem mailItem, Microsoft.Office.Interop.Outlook.Attachment encryptedMime,
Microsoft.Office.Interop.Outlook.Attachment sigMime, string sigHash = "sha1")
{
logger.Trace("> HandlePgpMime");
CryptoContext Context = null;
string sig = null;
byte[] cyphertext = null;
string cleartext = mailItem.Body;
// 1. Decrypt attachement
if (encryptedMime != null)
{
logger.Trace("Decrypting cypher text.");
var tempfile = Path.GetTempFileName();
encryptedMime.SaveAsFile(tempfile);
cyphertext = File.ReadAllBytes(tempfile);
File.Delete(tempfile);
var clearbytes = DecryptAndVerify(mailItem.To, cyphertext, out Context);
if (clearbytes == null)
return;
cleartext = this._encoding.GetString(clearbytes);
}
// 2. Verify signature
if (sigMime != null)
{
Context = new CryptoContext(Passphrase);
var Crypto = new PgpCrypto(Context);
Outlook.OlBodyFormat mailType = mailItem.BodyFormat;
try
{
logger.Trace("Verify detached signature");
var tempfile = Path.GetTempFileName();
sigMime.SaveAsFile(tempfile);
var detachedsig = File.ReadAllText(tempfile);
File.Delete(tempfile);
// Build up a clearsignature format for validation
// the rules for are the same with the addition of two heaer fields.
// Ultimately we need to get these fields out of email itself.
var encoding = GetEncodingFromMail(mailItem);
var clearsig = string.Format("-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: {0}\r\n\r\n", sigHash);
//clearsig += "Content-Type: text/plain; charset=ISO-8859-1\r\nContent-Transfer-Encoding: quoted-printable\r\n\r\n";
clearsig += "Content-Type: text/plain; charset=" +
encoding.BodyName.ToUpper()+
"\r\nContent-Transfer-Encoding: quoted-printable\r\n\r\n";
clearsig += PgpClearDashEscapeAndQuoteEncode(
encoding.GetString(
(byte[])mailItem.PropertyAccessor.GetProperty(
"http://schemas.microsoft.com/mapi/string/{4E3A7680-B77A-11D0-9DA5-00C04FD65685}/Internet Charset Body/0x00000102")));
clearsig += "\r\n"+detachedsig;
logger.Trace(clearsig);
if (Crypto.VerifyClear(_encoding.GetBytes(clearsig)))
{
Context = Crypto.Context;
var message = "** Valid signature from \"" + Context.SignedByUserId +
"\" with KeyId " + Context.SignedByKeyId + ".\n\n";
if (mailType == Outlook.OlBodyFormat.olFormatPlain)
{
mailItem.Body = message + mailItem.Body;
}
}
else
{
Context = Crypto.Context;
var message = "** Invalid signature from \"" + Context.SignedByUserId +
"\" with KeyId " + Context.SignedByKeyId + ".\n\n";
if (mailType == Outlook.OlBodyFormat.olFormatPlain)
{
mailItem.Body = message + mailItem.Body;
}
}
}
catch (PublicKeyNotFoundException ex)
{
logger.Debug(ex.ToString());
Context = Crypto.Context;
var message = "** Unable to verify signature, missing public key.\n\n";
if (mailType == Outlook.OlBodyFormat.olFormatPlain)
{
mailItem.Body = message + mailItem.Body;
}
}
catch (Exception ex)
{
logger.Debug(ex.ToString());
this.Passphrase = null;
WriteErrorData("VerifyEmail", ex);
MessageBox.Show(
ex.Message,
"Outlook Privacy Error",
MessageBoxButtons.OK,
MessageBoxIcon.Error);
}
return;
}
if (Context == null)
return;
// Extract files from MIME data
SharpMessage msg = new SharpMessage(cleartext);
string body = mailItem.Body;
var DecryptAndVerifyHeaderMessage = "** ";
if (Context.IsEncrypted)
DecryptAndVerifyHeaderMessage += "Message decrypted. ";
if (Context.FailedIntegrityCheck)
DecryptAndVerifyHeaderMessage += "Failed integrity check! ";
if (Context.IsSigned && Context.SignatureValidated)
{
DecryptAndVerifyHeaderMessage += "Valid signature from \"" + Context.SignedByUserId +
"\" with KeyId " + Context.SignedByKeyId;
}
else if (Context.IsSigned)
{
DecryptAndVerifyHeaderMessage += "Invalid signature from \"" + Context.SignedByUserId +
"\" with KeyId " + Context.SignedByKeyId + ".";
}
else
DecryptAndVerifyHeaderMessage += "Message was unsigned.";
DecryptAndVerifyHeaderMessage += "\n\n";
if (mailItem.BodyFormat == Outlook.OlBodyFormat.olFormatPlain)
{
mailItem.Body = DecryptAndVerifyHeaderMessage + msg.Body;
}
else if (mailItem.BodyFormat == Outlook.OlBodyFormat.olFormatHTML)
{
if (!msg.Body.TrimStart().ToLower().StartsWith("<html"))
{
body = DecryptAndVerifyHeaderMessage + msg.Body;
body = System.Net.WebUtility.HtmlEncode(body);
body = body.Replace("\n", "<br />");
mailItem.HTMLBody = "<html><head></head><body>" + body + "</body></html>";
}
else
{
// Find <body> tag and insert our message.
var matches = Regex.Match(msg.Body, @"(<body[^<]*>)", RegexOptions.IgnoreCase);
if (matches.Success)
{
var bodyTag = matches.Groups[1].Value;
// Insert decryption message.
mailItem.HTMLBody = msg.Body.Replace(
bodyTag,
bodyTag + DecryptAndVerifyHeaderMessage.Replace("\n", "<br />"));
}
else
mailItem.HTMLBody = msg.Body;
}
}
else
{
// May cause mail item not to open correctly
mailItem.BodyFormat = Outlook.OlBodyFormat.olFormatPlain;
mailItem.Body = msg.Body;
}
foreach (SharpAttachment mimeAttachment in msg.Attachments)
{
mimeAttachment.Stream.Position = 0;
var fileName = mimeAttachment.Name;
var tempFile = Path.Combine(Path.GetTempPath(), fileName);
using (FileStream fout = File.OpenWrite(tempFile))
{
mimeAttachment.Stream.CopyTo(fout);
}
mailItem.Attachments.Add(tempFile, Outlook.OlAttachmentType.olByValue, 1, fileName);
}
//mailItem.Save();
}
void HandlePgpMime(Outlook.MailItem mailItem, Microsoft.Office.Interop.Outlook.Attachment encryptedMime,
Microsoft.Office.Interop.Outlook.Attachment sigMime, string sigHash = "sha1")
{
logger.Trace("> HandlePgpMime");
CryptoContext Context = null;
byte[] cyphertext = null;
byte[] clearbytes = null;
string cleartext = mailItem.Body;
// 1. Decrypt attachement
if (encryptedMime != null)
{
logger.Trace("Decrypting cypher text.");
var tempfile = Path.GetTempFileName();
encryptedMime.SaveAsFile(tempfile);
cyphertext = File.ReadAllBytes(tempfile);
File.Delete(tempfile);
clearbytes = DecryptAndVerify(mailItem.To, cyphertext, out Context);
if (clearbytes == null)
return;
cleartext = this._encoding.GetString(clearbytes);
}
// 2. Verify signature
if (sigMime != null)
{
Context = new CryptoContext(PasswordCallback, _settings.Cipher, _settings.Digest);
var Crypto = new PgpCrypto(Context);
Outlook.OlBodyFormat mailType = mailItem.BodyFormat;
try
{
logger.Trace("Verify detached signature");
var tempfile = Path.GetTempFileName();
sigMime.SaveAsFile(tempfile);
var detachedsig = File.ReadAllText(tempfile);
File.Delete(tempfile);
// Build up a clearsignature format for validation
// the rules for are the same with the addition of two heaer fields.
// Ultimately we need to get these fields out of email itself.
// NOTE: encoding could be uppercase or lowercase. Try both.
// this is definetly hacky :/
var encoding = GetEncodingFromMail(mailItem);
var clearsigUpper = new StringBuilder();
clearsigUpper.Append(string.Format("-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: {0}\r\nCharset: {1}\r\n\r\n", sigHash, encoding.BodyName.ToUpper()));
clearsigUpper.Append("Content-Type: text/plain; charset=");
clearsigUpper.Append(encoding.BodyName.ToUpper());
clearsigUpper.Append("\r\nContent-Transfer-Encoding: quoted-printable\r\n\r\n");
clearsigUpper.Append(PgpClearDashEscapeAndQuoteEncode(
encoding.GetString(
(byte[])mailItem.PropertyAccessor.GetProperty(
"http://schemas.microsoft.com/mapi/string/{4E3A7680-B77A-11D0-9DA5-00C04FD65685}/Internet Charset Body/0x00000102"))));
clearsigUpper.Append("\r\n");
clearsigUpper.Append(detachedsig);
var clearsigLower = new StringBuilder(clearsigUpper.Length);
clearsigLower.Append(string.Format("-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: {0}\r\nCharset: {1}\r\n\r\n", sigHash, encoding.BodyName.ToUpper()));
clearsigLower.Append("Content-Type: text/plain; charset=");
clearsigLower.Append(encoding.BodyName.ToLower());
clearsigLower.Append("\r\nContent-Transfer-Encoding: quoted-printable\r\n\r\n");
clearsigLower.Append(PgpClearDashEscapeAndQuoteEncode(
encoding.GetString(
(byte[])mailItem.PropertyAccessor.GetProperty(
"http://schemas.microsoft.com/mapi/string/{4E3A7680-B77A-11D0-9DA5-00C04FD65685}/Internet Charset Body/0x00000102"))));
clearsigLower.Append("\r\n");
clearsigLower.Append(detachedsig);
logger.Trace(clearsigUpper.ToString());
if (Crypto.VerifyClear(_encoding.GetBytes(clearsigUpper.ToString())) || Crypto.VerifyClear(_encoding.GetBytes(clearsigLower.ToString())))
{
Context = Crypto.Context;
var message = "** " + string.Format(Localized.MsgValidSig,
Context.SignedByUserId, Context.SignedByKeyId) + "\n\n";
if (mailType == Outlook.OlBodyFormat.olFormatPlain)
mailItem.Body = message + mailItem.Body;
else
mailItem.HTMLBody = AddMessageToHtmlBody(mailItem.HTMLBody, message);
}
else
{
Context = Crypto.Context;
var message = "** " + string.Format(Localized.MsgInvalidSig,
Context.SignedByUserId, Context.SignedByKeyId) + "\n\n";
if (mailType == Outlook.OlBodyFormat.olFormatPlain)
mailItem.Body = message + mailItem.Body;
else
mailItem.HTMLBody = AddMessageToHtmlBody(mailItem.HTMLBody, message);
}
}
catch (PublicKeyNotFoundException ex)
{
logger.Debug(ex.ToString());
Context = Crypto.Context;
var message = "** " + Localized.MsgSigMissingPubKey + "\n\n";
if (mailType == Outlook.OlBodyFormat.olFormatPlain)
mailItem.Body = message + mailItem.Body;
else
mailItem.HTMLBody = AddMessageToHtmlBody(mailItem.HTMLBody, message);
}
catch (Exception ex)
{
logger.Debug(ex.ToString());
WriteErrorData("VerifyEmail", ex);
MessageBox.Show(
ex.Message,
"Outlook Privacy Error",
MessageBoxButtons.OK,
MessageBoxIcon.Error);
}
return;
}
if (Context == null)
return;
// Extract files from MIME data
MimeMessage msg = null;
TextPart textPart = null;
MimeEntity htmlPart = null;
var isHtml = false;
using(var sin = new MemoryStream(clearbytes))
{
var parser = new MimeParser(sin);
msg = parser.ParseMessage();
var iter = new MimeIterator(msg);
while(iter.MoveNext())
{
var part = iter.Current as TextPart;
if (part == null)
continue;
if (part.IsAttachment)
continue;
// message could include both text and html
// if we find html use that over text.
if (part.IsHtml)
{
htmlPart = part;
isHtml = true;
}
else
{
textPart = part;
}
}
}
var DecryptAndVerifyHeaderMessage = "** ";
if (Context.IsEncrypted)
DecryptAndVerifyHeaderMessage += Localized.MsgDecrypt + " ";
if (Context.FailedIntegrityCheck)
DecryptAndVerifyHeaderMessage += Localized.MsgFailedIntegrityCheck + " ";
if (Context.IsSigned && Context.SignatureValidated)
{
DecryptAndVerifyHeaderMessage += string.Format(Localized.MsgValidSig,
Context.SignedByUserId, Context.SignedByKeyId);
}
else if (Context.IsSigned)
{
DecryptAndVerifyHeaderMessage += string.Format(Localized.MsgInvalidSig,
Context.SignedByUserId, Context.SignedByKeyId);
}
else
DecryptAndVerifyHeaderMessage += Localized.MsgUnsigned;
DecryptAndVerifyHeaderMessage += "\n\n";
if(isHtml)
{
var htmlBody = msg.HtmlBody;
var related = msg.Body as MultipartRelated;
var doc = new HtmlAgilityPack.HtmlDocument();
var savedImages = new List<MimePart>();
doc.LoadHtml(htmlBody);
// Find any embedded images
foreach (var img in doc.DocumentNode.SelectNodes("//img[@src]"))
{
var src = img.Attributes["src"];
Uri uri;
if (src == null || src.Value == null)
continue;
// parse the <img src=...> attribute value into a Uri
if (Uri.IsWellFormedUriString(src.Value, UriKind.Absolute))
uri = new Uri(src.Value, UriKind.Absolute);
else
uri = new Uri(src.Value, UriKind.Relative);
// locate the index of the attachment within the multipart/related (if it exists)
string imageCid = src.Value.Substring(4);
var iter = new MimeIterator(msg);
MimePart attachment = null;
while (iter.MoveNext())
{
if (iter.Current.ContentId == imageCid)
{
attachment = iter.Current as MimePart;
break;
}
}
if (attachment == null)
continue;
string fileName;
// save the attachment (if we haven't already saved it)
if (!savedImages.Contains(attachment))
{
fileName = attachment.FileName;
if (string.IsNullOrEmpty(fileName))
fileName = Guid.NewGuid().ToString();
using (var stream = File.Create(fileName))
attachment.ContentObject.DecodeTo(stream);
try
{
var att = mailItem.Attachments.Add(fileName, Outlook.OlAttachmentType.olEmbeddeditem, null, "");
att.PropertyAccessor.SetProperty("http://schemas.microsoft.com/mapi/proptag/0x3712001E", imageCid);
savedImages.Add(attachment);
}
finally
{
// try not to leak temp files :)
File.Delete(fileName);
}
}
}
mailItem.BodyFormat = Outlook.OlBodyFormat.olFormatHTML;
mailItem.HTMLBody = AddMessageToHtmlBody(htmlBody, DecryptAndVerifyHeaderMessage);
}
else
{
// NOTE: For some reason we cannot change the BodyFormat once it's set.
// So if we are set to HTML we need to wrap the plain text so it's
// displayed okay. Also of course prevent XSS.
if (mailItem.BodyFormat == Outlook.OlBodyFormat.olFormatPlain)
{
mailItem.Body = DecryptAndVerifyHeaderMessage + msg.TextBody;
}
else
{
var sb = new StringBuilder(msg.TextBody.Length + 100);
sb.Append("<html><body><pre>");
sb.Append(System.Net.WebUtility.HtmlEncode(DecryptAndVerifyHeaderMessage));
sb.Append(System.Net.WebUtility.HtmlEncode(msg.TextBody));
sb.Append("</pre></body></html>");
mailItem.HTMLBody = sb.ToString();
}
}
// NOTE: Removing existing attachments is perminant, even if the message
// is not saved.
foreach (var mimeAttachment in msg.Attachments)
{
var fileName = mimeAttachment.FileName;
var tempFile = Path.Combine(Path.GetTempPath(), fileName);
using (FileStream fout = File.OpenWrite(tempFile))
{
mimeAttachment.ContentObject.DecodeTo(fout);
}
mailItem.Attachments.Add(tempFile, Outlook.OlAttachmentType.olByValue, 1, fileName);
File.Delete(tempFile);
}
}
/* Upload attachments */
public void attachFile(Microsoft.Office.Interop.Outlook.Attachment attachment, string docRef)
{
// Save attachments in local
string fsFilename = repTemp + attachment.FileName;
attachment.SaveAsFile(fsFilename);
EnvoiPJ(attachment.FileName, fsFilename, docRef);
}
void HandlePgpMime(Outlook.MailItem mailItem, Microsoft.Office.Interop.Outlook.Attachment encryptedMime)
{
// 1. Decrypt attachement
CryptoContext Context;
var tempfile = Path.GetTempFileName();
encryptedMime.SaveAsFile(tempfile);
var encrypteddata = File.ReadAllBytes(tempfile);
var cleardata = DecryptAndVerify(mailItem.To, encrypteddata, out Context);
if (cleardata == null)
return;
// Extract files from MIME data
SharpMessage msg = new SharpMessage(this._encoding.GetString(cleardata));
string body = mailItem.Body;
var DecryptAndVerifyHeaderMessage = "** ";
if (Context.IsEncrypted)
DecryptAndVerifyHeaderMessage += "Message decrypted. ";
if (Context.IsSigned && Context.SignatureValidated)
{
DecryptAndVerifyHeaderMessage += "Valid signature from \"" + Context.SignedByUserId +
"\" with KeyId " + Context.SignedByKeyId;
}
else if (Context.IsSigned)
{
DecryptAndVerifyHeaderMessage += "Invalid signature from \"" + Context.SignedByUserId +
"\" with KeyId " + Context.SignedByKeyId + ".";
}
else
DecryptAndVerifyHeaderMessage += "Message was unsigned.";
DecryptAndVerifyHeaderMessage += "\n\n";
if (mailItem.BodyFormat == Outlook.OlBodyFormat.olFormatPlain)
{
mailItem.Body = DecryptAndVerifyHeaderMessage + msg.Body;
}
else if (mailItem.BodyFormat == Outlook.OlBodyFormat.olFormatHTML)
{
if (!msg.Body.TrimStart().ToLower().StartsWith("<html"))
{
body = DecryptAndVerifyHeaderMessage + msg.Body;
body = System.Net.WebUtility.HtmlEncode(body);
body = body.Replace("\n", "<br />");
mailItem.HTMLBody = "<html><head></head><body>" + body + "</body></html>";
}
else
{
// Find <body> tag and insert our message.
var matches = Regex.Match(msg.Body, @"(<body[^<]*>)", RegexOptions.IgnoreCase);
if (matches.Success)
{
var bodyTag = matches.Groups[1].Value;
// Insert decryption message.
mailItem.HTMLBody = msg.Body.Replace(
bodyTag,
bodyTag + DecryptAndVerifyHeaderMessage.Replace("\n", "<br />"));
}
else
mailItem.HTMLBody = msg.Body;
}
}
else
{
// May cause mail item not to open correctly
mailItem.BodyFormat = Outlook.OlBodyFormat.olFormatPlain;
mailItem.Body = msg.Body;
}
foreach (SharpAttachment mimeAttachment in msg.Attachments)
{
mimeAttachment.Stream.Position = 0;
var fileName = mimeAttachment.Name;
var tempFile = Path.Combine(Path.GetTempPath(), fileName);
using (FileStream fout = File.OpenWrite(tempFile))
{
mimeAttachment.Stream.CopyTo(fout);
}
mailItem.Attachments.Add(tempFile, Outlook.OlAttachmentType.olByValue, 1, fileName);
}
//mailItem.Save();
}