Bug 1636791 - Add a pref to allow the use of external GnuPG for OpenPGP secret key operations. r=PatrickBrunschwig,mkmelin
authorKai Engert <kaie@kuix.de>
Sun, 10 May 2020 23:15:17 +0200
changeset 39146 29a19bc9fd475e16c3457dce90a883461d065c5c
parent 39145 4a66b9f9dec4bcb03584e70a9019ed02af4a3808
child 39147 3e3c099a857979693a03ea24c7a4b0149044c917
push id402
push userclokep@gmail.com
push dateMon, 29 Jun 2020 20:48:04 +0000
reviewersPatrickBrunschwig, mkmelin
bugs1636791
Bug 1636791 - Add a pref to allow the use of external GnuPG for OpenPGP secret key operations. r=PatrickBrunschwig,mkmelin Differential Revision: https://phabricator.services.mozilla.com/D74567
mail/extensions/am-e2e/prefs/e2e-prefs.js
mail/extensions/openpgp/content/BondOpenPGP.jsm
mail/extensions/openpgp/content/modules/GPGMELib.jsm
mail/extensions/openpgp/content/modules/RNP.jsm
--- a/mail/extensions/am-e2e/prefs/e2e-prefs.js
+++ b/mail/extensions/am-e2e/prefs/e2e-prefs.js
@@ -18,16 +18,19 @@ pref("mail.identity.default.sign_mail", 
 
 pref("mail.identity.default.encryption_cert_name", "");
 pref("mail.identity.default.signing_cert_name", "");
 
 /**
  * OpenPGP prefs
  */
 
+// If true, we allow the use of GnuPG for OpenPGP secret key operations
+pref("mail.openpgp.allow_external_gnupg", false);
+// The hexadecimal OpenPGP key ID used for an identity.
 pref("mail.identity.default.openpgp_key_id", "");
 
 
 // Hide prefs and menu entries from non-advanced users
 pref("temp.openpgp.advancedUser", false);
 
 // ** enigmail keySel preferences:
 // use rules to assign keys
--- a/mail/extensions/openpgp/content/BondOpenPGP.jsm
+++ b/mail/extensions/openpgp/content/BondOpenPGP.jsm
@@ -59,18 +59,19 @@ var BondOpenPGP = {
     }
     if (this.initDone) {
       return;
     }
     this.initDone = true;
     if (!getRNP().init({})) {
       return;
     }
-    if (!getGPGME().init({})) {
-      return;
+
+    if (Services.prefs.getBoolPref("mail.openpgp.allow_external_gnupg")) {
+      getGPGME().init({});
     }
 
     // trigger service init
     getEnigmailCore().getService();
     //Services.console.logStringMessage("OpenPGP bootstrap completed");
   },
 
   allDependenciesLoaded() {
--- a/mail/extensions/openpgp/content/modules/GPGMELib.jsm
+++ b/mail/extensions/openpgp/content/modules/GPGMELib.jsm
@@ -46,24 +46,24 @@ function tryLoadGPGME(name, suffix) {
 }
 
 function loadExternalGPGMELib() {
   if (!libgpgme) {
     // Try loading libgpgme.so, libgpgme.dylib, or gpgme.dll first
     tryLoadGPGME("gpgme", "");
   }
 
-  if (!libgpgme) {
-    throw new Error("Cannot load required GPGME library");
-  }
+  return !!libgpgme;
 }
 
 var GPGMELibLoader = {
   init() {
-    loadExternalGPGMELib();
+    if (!loadExternalGPGMELib()) {
+      return null;
+    }
     if (libgpgme) {
       enableGPGMELibJS();
     }
     return GPGMELib;
   },
 };
 
 const gpgme_error_t = ctypes.unsigned_int;
--- a/mail/extensions/openpgp/content/modules/RNP.jsm
+++ b/mail/extensions/openpgp/content/modules/RNP.jsm
@@ -1,14 +1,15 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 const EXPORTED_SYMBOLS = ["RNP"];
 
+var { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
 var { ctypes } = ChromeUtils.import("resource://gre/modules/ctypes.jsm");
 var { RNPLibLoader } = ChromeUtils.import(
   "chrome://openpgp/content/modules/RNPLib.jsm"
 );
 var { EnigmailConstants } = ChromeUtils.import(
   "chrome://openpgp/content/modules/constants.jsm"
 );
 var { EnigmailTime } = ChromeUtils.import(
@@ -675,16 +676,17 @@ var RNP = {
 
     RNPLib.rnp_input_destroy(input_from_memory);
     RNPLib.rnp_output_destroy(output_to_memory);
     RNPLib.rnp_op_verify_destroy(verify_op);
 
     if (
       result.exitCode &&
       !("alreadyUsedGPGME" in options) &&
+      Services.prefs.getBoolPref("mail.openpgp.allow_external_gnupg") &&
       GPGME.allDependenciesLoaded()
     ) {
       // failure processing with RNP, attempt decryption with GPGME
       let r2 = await GPGME.decrypt(encrypted, RNP.enArmor);
       if (!r2.exitCode && r2.decryptedData) {
         // TODO: obtain info which key ID was used for decryption
         //       and set result.decryptKey*
         //       It isn't obvious how to do that with GPGME, because