SecureMail.py

   1 #!/bin/env python
   2 # Created:20080603
   3 # By Jeff Connelly
   4 #
   5 # Communicate with mail servers
   6 #
   7 import imaplib
   8 import smtplib
   9 import getpass
  10 import email
  11 import cotp
  12 import threading
  13 import Queue
  14 import time
  15
  16 # Every X seconds, send a message, and queue messages to be sent at in this
  17 # interval.
  18 FILL_INTERVAL = 10
  19
  20 # Real subject used for all encrypted messages
  21 # Note: make a Gmail filter that filters (Secure Message) into the Secure tag
  22 FAKE_SUBJECT = "(Secure Message)"
  23
  24 # Dummy message used in channel filling if there is nothing to send.
  25 DUMMY_SUBJECT = "Filler Message"
  26 # TODO: should be the person you're always sending to
  27 FILLER_TO = "shellreef@gmail.com"
  28
  29 class SecureMail(threading.Thread):
  30     def __init__(self, username=None, password=None):
  31         """Prompt for login and password, or using stored values if possible, then login."""
  32
  33         if username is None:
  34             try:
  35                 username = file(".otplogin").read().strip()
  36             except:
  37                 username = raw_input("Username: ")
  38
  39         if password is None:
  40             try:
  41                 password = file(".otppass").read().strip()
  42             except:
  43                 password = getpass.getpass()
  44
  45         threading.Thread.__init__(self)
  46         return self.login(username, password)
  47
  48
  49     def login(self, username, password):
  50         """Login to a Gmail account, IMAP and SMTP server, with login and password."""
  51
  52         # IMAP SSL for incoming messages
  53         self.mail_in = imaplib.IMAP4_SSL("imap.gmail.com", 993)
  54
  55         self.username = username
  56
  57         try:
  58             typ, data = self.mail_in.login(username, password)
  59         except imaplib:
  60             raise "Login failure: %s" % (sys.exc_info(),)
  61         else:
  62             assert typ == "OK", "imap login returned: %s %s" % (status, message)
  63             print "Logged in:", typ, data
  64
  65         # Always have "Secure" mailbox selected
  66         typ, num_msgs = self.mail_in.select(mailbox="Secure")
  67         if typ != "OK":
  68             raise ("imap select failure: %s %s" % (typ, num_msgs) +
  69                 "The 'Secure' tag doesn't exist. Tag some of your EMOTP messages" +
  70                 "using a new label, named 'Secure'")
  71
  72         # Outgoing mail, SMTP server
  73         self.mail_out = smtplib.SMTP("smtp.gmail.com", 25)
  74         ret = self.mail_out.ehlo()
  75         assert ret[0] == 250, "SMTP server EHLO failed: %s" % (ret,)
  76
  77         ret = self.mail_out.starttls()
  78         assert ret[0] == 220, "SMTP server STARTTLS failed: %s" % (ret,)
  79
  80         ret = self.mail_out.ehlo()
  81         assert ret[0] == 250, "SMTP server EHLO over TLS failed: %s" % (ret,)
  82
  83         ret = self.mail_out.noop()
  84         assert ret[0] == 250, "SMTP server NOOP failed: %s" % (ret,)
  85
  86         ret = self.mail_out.login(username, password)
  87         assert ret[0] == 235, "SMTP server login failed: %s" % (ret,)
  88         print "Logged in to SMTP server: %s" % (ret,)
  89
  90         # Start channel filler
  91         self.sendq = Queue.Queue()
  92         self.start()
  93
  94     # Channel filling thread
  95     # Problem: computer needs to be online to fill channel!
  96     def run(self):
  97         if FILL_INTERVAL is None:
  98             print "Channel filling disabled - messages will send immediately"
  99             return
 100
 101         while True:
 102             try:
 103                 item = self.sendq.get_nowait()
 104             except Queue.Empty:
 105                 print "Sending filler message"
 106                 body = ""       # empty, they should have padding!
 107                 to = FILLER_TO  # todo: find out other person's email
 108                 subject = DUMMY_SUBJECT
 109
 110                 # Note: subject is encrypted and sent in body, so it is secure
 111                 self.send_now(to, subject, body)
 112             else:
 113                 print "Sending queued message now"
 114                 to, subject, body = item
 115                 self.send_now(to, subject, body)
 116
 117             time.sleep(FILL_INTERVAL)
 118
 119
 120
 121
 122     def get_messages(self):
 123         msgs = []
 124
 125         try:
 126             typ, all_msgs_string = self.mail_in.search(None, 'ALL')
 127         except imaplib.error, e:
 128             raise "imap search failed: %s" % (e,)
 129
 130         all_msgs = all_msgs_string[0].split()
 131         for num in all_msgs:
 132             typ, body = self.mail_in.fetch(num, "(BODY[])")
 133             msg = email.message_from_string(body[0][1])
 134
 135             enc_body = str(msg.get_payload())
 136             fake_subject = msg.get("Subject")   # not encrypted
 137             sender = msg.get("From")
 138             id = msg.get("Message-ID")
 139
 140            #print 'Message %s\n%s\n' % (num, data[0][1])
 141             if "--EMOTP_BEGIN--" not in enc_body:
 142                 continue
 143
 144             subject_plus_body = cotp.decode(enc_body)
 145
 146             if "<body>" in subject_plus_body:
 147                 # encrypted subject
 148                 subject, body = subject_plus_body.split("<body>")
 149             else:
 150                 subject, body = fake_subject, subject_plus_body
 151
 152             if subject == DUMMY_SUBJECT:
 153                 # ignore filler
 154                 continue
 155
 156             msgs.append({"body": body,
 157                 "fake-subject": fake_subject,
 158                 "subject": subject,
 159                 "sender": sender,
 160                 "id": id,
 161                 "num": num})
 162
 163         return msgs
 164
 165     def __iter__(self):
 166         """Fetch messages from server."""
 167         self.msgs = self.get_messages()
 168         return iter(self.msgs)
 169
 170     def __getitem__(self, k):
 171         """Lookup a message of a given number. Messages
 172         must have been previous fetched from server up by __iter__."""
 173
 174         return self.msgs[k]
 175
 176     def send(self, to, subject, body):
 177         """Send, in a timeslot if channel filling is enabled, or immediately
 178         if channel filling is disabled."""
 179         if FILL_INTERVAL is None:
 180             print "Sending %s bytes now" % (len(body,))
 181             return self.send(to, subject, body)
 182         else:
 183             self.sendq.put((to, subject, body))
 184             print "Enqueued to send at next interval, pending: %s" % (self.sendq.qsize(),)
 185             return None
 186
 187     def send_now(self, to, subject, body):
 188         """Send an encrypted message immediately."""
 189         from_address = "%s@gmail.com" % (self.username,)
 190         # TODO: encode with different pads based on 'to' email
 191         enc_body = cotp.encode(subject + "<body>" + body)
 192         return self.mail_out.sendmail(from_address,
 193             [to],
 194             "\r\n".join([
 195             "From: %s" % (from_address,),
 196             "To: %s" % (to,),
 197             "Subject: %s" % (FAKE_SUBJECT,),
 198             "",
 199             enc_body]))
 200
 201     def __del__(self):
 202         self.mail_in.close()
 203         self.mail_in.logout()
 204         self.mail_out.quit()
 205
 206 def main():
 207     ms = SecureMail("shellreef", getpass.getpass())
 208
 209     for m in ms.get_messages():
 210         print m["sender"], m["subject"]
 211
 212 if __name__ == "__main__":
 213     main()
 214