search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
# Auto-commit of loaddefs files.
[emacs.git] / lisp / gnus / mml2015.el
bloba5438f7b1c7219700fba68b3744f93137f506ea4
1 ;;; mml2015.el --- MIME Security with Pretty Good Privacy (PGP)
2
3 ;; Copyright (C) 2000-2015 Free Software Foundation, Inc.
4
5 ;; Author: Shenghuo Zhu <zsh@cs.rochester.edu>
6 ;; Keywords: PGP MIME MML
7
8 ;; This file is part of GNU Emacs.
9
10 ;; GNU Emacs is free software: you can redistribute it and/or modify
11 ;; it under the terms of the GNU General Public License as published by
12 ;; the Free Software Foundation, either version 3 of the License, or
13 ;; (at your option) any later version.
14
15 ;; GNU Emacs is distributed in the hope that it will be useful,
16 ;; but WITHOUT ANY WARRANTY; without even the implied warranty of
17 ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 ;; GNU General Public License for more details.
19
20 ;; You should have received a copy of the GNU General Public License
21 ;; along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>.
22
23 ;;; Commentary:
24
25 ;; RFC 2015 is updated by RFC 3156, this file should be compatible
26 ;; with both.
27
28 ;;; Code:
29
30 (eval-and-compile
31 ;; For Emacs <22.2 and XEmacs.
32 (unless (fboundp 'declare-function) (defmacro declare-function (&rest r)))
33
34 (if (locate-library "password-cache")
35 (require 'password-cache)
36 (require 'password)))
37
38 (eval-when-compile (require 'cl))
39 (require 'mm-decode)
40 (require 'mm-util)
41 (require 'mml)
42 (require 'mml-sec)
43
44 (defvar mc-pgp-always-sign)
45
46 (declare-function epg-check-configuration "ext:epg-config"
47 (config &optional minimum-version))
48 (declare-function epg-configuration "ext:epg-config" ())
49
50 ;; Maybe this should be in eg mml-sec.el (and have a different name).
51 ;; Then mml1991 would not need to require mml2015, and mml1991-use
52 ;; could be removed.
53 (defvar mml2015-use (or
54 (condition-case nil
55 (progn
56 (require 'epg-config)
57 (epg-check-configuration (epg-configuration))
58 'epg)
59 (error))
60 (progn
61 (let ((abs-file (locate-library "pgg")))
62 ;; Don't load PGG if it is marked as obsolete
63 ;; (Emacs 24).
64 (when (and abs-file
65 (not (string-match "/obsolete/[^/]*\\'"
66 abs-file)))
67 (ignore-errors (require 'pgg))
68 (and (fboundp 'pgg-sign-region)
69 'pgg))))
70 (progn (ignore-errors
71 (load "mc-toplev"))
72 (and (fboundp 'mc-encrypt-generic)
73 (fboundp 'mc-sign-generic)
74 (fboundp 'mc-cleanup-recipient-headers)
75 'mailcrypt)))
76 "The package used for PGP/MIME.
77 Valid packages include `epg', `pgg' and `mailcrypt'.")
78
79 ;; Something is not RFC2015.
80 (defvar mml2015-function-alist
81 '((mailcrypt mml2015-mailcrypt-sign
82 mml2015-mailcrypt-encrypt
83 mml2015-mailcrypt-verify
84 mml2015-mailcrypt-decrypt
85 mml2015-mailcrypt-clear-verify
86 mml2015-mailcrypt-clear-decrypt)
87 (pgg mml2015-pgg-sign
88 mml2015-pgg-encrypt
89 mml2015-pgg-verify
90 mml2015-pgg-decrypt
91 mml2015-pgg-clear-verify
92 mml2015-pgg-clear-decrypt)
93 (epg mml2015-epg-sign
94 mml2015-epg-encrypt
95 mml2015-epg-verify
96 mml2015-epg-decrypt
97 mml2015-epg-clear-verify
98 mml2015-epg-clear-decrypt))
99 "Alist of PGP/MIME functions.")
100
101 (defvar mml2015-result-buffer nil)
102
103 (defcustom mml2015-unabbrev-trust-alist
104 '(("TRUST_UNDEFINED" . nil)
105 ("TRUST_NEVER" . nil)
106 ("TRUST_MARGINAL" . t)
107 ("TRUST_FULLY" . t)
108 ("TRUST_ULTIMATE" . t))
109 "Map GnuPG trust output values to a boolean saying if you trust the key."
110 :version "22.1"
111 :group 'mime-security
112 :type '(repeat (cons (regexp :tag "GnuPG output regexp")
113 (boolean :tag "Trust key"))))
114
115 (defcustom mml2015-cache-passphrase mml-secure-cache-passphrase
116 "If t, cache passphrase."
117 :group 'mime-security
118 :type 'boolean)
119
120 (defcustom mml2015-passphrase-cache-expiry mml-secure-passphrase-cache-expiry
121 "How many seconds the passphrase is cached.
122 Whether the passphrase is cached at all is controlled by
123 `mml2015-cache-passphrase'."
124 :group 'mime-security
125 :type 'integer)
126
127 (defcustom mml2015-signers nil
128 "A list of your own key ID(s) which will be used to sign a message.
129 If set, it overrides the setting of `mml2015-sign-with-sender'."
130 :group 'mime-security
131 :type '(repeat (string :tag "Key ID")))
132
133 (defcustom mml2015-sign-with-sender nil
134 "If t, use message sender so find a key to sign with."
135 :group 'mime-security
136 :type 'boolean
137 :version "24.1")
138
139 (defcustom mml2015-encrypt-to-self nil
140 "If t, add your own key ID to recipient list when encryption."
141 :group 'mime-security
142 :type 'boolean)
143
144 (defcustom mml2015-always-trust t
145 "If t, GnuPG skip key validation on encryption."
146 :group 'mime-security
147 :type 'boolean)
148
149 (defcustom mml2015-maximum-key-image-dimension 64
150 "The maximum dimension (width or height) of any key images."
151 :version "24.4"
152 :group 'mime-security
153 :type 'integer)
154
155 (defcustom mml2015-display-key-image t
156 "If t, try to display key images."
157 :version "24.5"
158 :group 'mime-security
159 :type 'boolean)
160
161 ;; Extract plaintext from cleartext signature. IMO, this kind of task
162 ;; should be done by GnuPG rather than Elisp, but older PGP backends
163 ;; (such as Mailcrypt, and PGG) discard the output from GnuPG.
164 (defun mml2015-extract-cleartext-signature ()
165 ;; Daiki Ueno in
166 ;; <54a15d860801080142l70b95d7dkac4bf51a86196011@mail.gmail.com>: ``I still
167 ;; believe that the right way is to use the plaintext output from GnuPG as
168 ;; it is, and mml2015-extract-cleartext-signature is just a kludge for
169 ;; misdesigned libraries like PGG, which have no ability to do that. So, I
170 ;; think it should not have descriptive documentation.''
171 ;;
172 ;; This function doesn't handle NotDashEscaped correctly. EasyPG handles it
173 ;; correctly.
174 ;; http://thread.gmane.org/gmane.emacs.gnus.general/66062/focus=66082
175 ;; http://thread.gmane.org/gmane.emacs.gnus.general/65087/focus=65109
176 (goto-char (point-min))
177 (forward-line)
178 ;; We need to be careful not to strip beyond the armor headers.
179 ;; Previously, an attacker could replace the text inside our
180 ;; markup with trailing garbage by injecting whitespace into the
181 ;; message.
182 (while (looking-at "Hash:") ; The only header allowed in cleartext
183 (forward-line)) ; signatures according to RFC2440.
184 (when (looking-at "[\t ]*$")
185 (forward-line))
186 (delete-region (point-min) (point))
187 (if (re-search-forward "^-----BEGIN PGP SIGNATURE-----" nil t)
188 (delete-region (match-beginning 0) (point-max)))
189 (goto-char (point-min))
190 (while (re-search-forward "^- " nil t)
191 (replace-match "" t t)
192 (forward-line 1)))
193
194 ;;; mailcrypt wrapper
195
196 (autoload 'mailcrypt-decrypt "mailcrypt")
197 (autoload 'mailcrypt-verify "mailcrypt")
198 (autoload 'mc-pgp-always-sign "mailcrypt")
199 (autoload 'mc-encrypt-generic "mc-toplev")
200 (autoload 'mc-cleanup-recipient-headers "mc-toplev")
201 (autoload 'mc-sign-generic "mc-toplev")
202
203 (defvar mml2015-decrypt-function 'mailcrypt-decrypt)
204 (defvar mml2015-verify-function 'mailcrypt-verify)
205
206 (defun mml2015-format-error (err)
207 (if (stringp (cadr err))
208 (cadr err)
209 (format "%S" (cdr err))))
210
211 (defun mml2015-mailcrypt-decrypt (handle ctl)
212 (catch 'error
213 (let (child handles result)
214 (unless (setq child (mm-find-part-by-type
215 (cdr handle)
216 "application/octet-stream" nil t))
217 (mm-set-handle-multipart-parameter
218 mm-security-handle 'gnus-info "Corrupted")
219 (throw 'error handle))
220 (with-temp-buffer
221 (mm-insert-part child)
222 (setq result
223 (condition-case err
224 (funcall mml2015-decrypt-function)
225 (error
226 (mm-set-handle-multipart-parameter
227 mm-security-handle 'gnus-details (mml2015-format-error err))
228 nil)
229 (quit
230 (mm-set-handle-multipart-parameter
231 mm-security-handle 'gnus-details "Quit.")
232 nil)))
233 (unless (car result)
234 (mm-set-handle-multipart-parameter
235 mm-security-handle 'gnus-info "Failed")
236 (throw 'error handle))
237 (setq handles (mm-dissect-buffer t)))
238 (mm-destroy-parts handle)
239 (mm-set-handle-multipart-parameter
240 mm-security-handle 'gnus-info
241 (concat "OK"
242 (let ((sig (with-current-buffer mml2015-result-buffer
243 (mml2015-gpg-extract-signature-details))))
244 (concat ", Signer: " sig))))
245 (if (listp (car handles))
246 handles
247 (list handles)))))
248
249 (defun mml2015-gpg-pretty-print-fpr (fingerprint)
250 (let* ((result "")
251 (fpr-length (string-width fingerprint))
252 (n-slice 0)
253 slice)
254 (setq fingerprint (string-to-list fingerprint))
255 (while fingerprint
256 (setq fpr-length (- fpr-length 4))
257 (setq slice (butlast fingerprint fpr-length))
258 (setq fingerprint (nthcdr 4 fingerprint))
259 (setq n-slice (1+ n-slice))
260 (setq result
261 (concat
262 result
263 (case n-slice
264 (1 slice)
265 (otherwise (concat " " slice))))))
266 result))
267
268 (defun mml2015-gpg-extract-signature-details ()
269 (goto-char (point-min))
270 (let* ((expired (re-search-forward
271 "^\\[GNUPG:\\] SIGEXPIRED$"
272 nil t))
273 (signer (and (re-search-forward
274 "^\\[GNUPG:\\] GOODSIG \\([0-9A-Za-z]*\\) \\(.*\\)$"
275 nil t)
276 (cons (match-string 1) (match-string 2))))
277 (fprint (and (re-search-forward
278 "^\\[GNUPG:\\] VALIDSIG \\([0-9a-zA-Z]*\\) "
279 nil t)
280 (match-string 1)))
281 (trust (and (re-search-forward
282 "^\\[GNUPG:\\] \\(TRUST_.*\\)$"
283 nil t)
284 (match-string 1)))
285 (trust-good-enough-p
286 (cdr (assoc trust mml2015-unabbrev-trust-alist))))
287 (cond ((and signer fprint)
288 (concat (cdr signer)
289 (unless trust-good-enough-p
290 (concat "\nUntrusted, Fingerprint: "
291 (mml2015-gpg-pretty-print-fpr fprint)))
292 (when expired
293 (format "\nWARNING: Signature from expired key (%s)"
294 (car signer)))))
295 ((re-search-forward
296 "^\\(gpg: \\)?Good signature from \"\\(.*\\)\"$" nil t)
297 (match-string 2))
298 (t
299 "From unknown user"))))
300
301 (defun mml2015-mailcrypt-clear-decrypt ()
302 (let (result)
303 (setq result
304 (condition-case err
305 (funcall mml2015-decrypt-function)
306 (error
307 (mm-set-handle-multipart-parameter
308 mm-security-handle 'gnus-details (mml2015-format-error err))
309 nil)
310 (quit
311 (mm-set-handle-multipart-parameter
312 mm-security-handle 'gnus-details "Quit.")
313 nil)))
314 (if (car result)
315 (mm-set-handle-multipart-parameter
316 mm-security-handle 'gnus-info "OK")
317 (mm-set-handle-multipart-parameter
318 mm-security-handle 'gnus-info "Failed"))))
319
320 (defun mml2015-fix-micalg (alg)
321 (and alg
322 ;; Mutt/1.2.5i has seen sending micalg=php-sha1
323 (upcase (if (string-match "^p[gh]p-" alg)
324 (substring alg (match-end 0))
325 alg))))
326
327 (defun mml2015-mailcrypt-verify (handle ctl)
328 (catch 'error
329 (let (part)
330 (unless (setq part (mm-find-raw-part-by-type
331 ctl (or (mm-handle-multipart-ctl-parameter
332 ctl 'protocol)
333 "application/pgp-signature")
334 t))
335 (mm-set-handle-multipart-parameter
336 mm-security-handle 'gnus-info "Corrupted")
337 (throw 'error handle))
338 (with-temp-buffer
339 (insert "-----BEGIN PGP SIGNED MESSAGE-----\n")
340 (insert (format "Hash: %s\n\n"
341 (or (mml2015-fix-micalg
342 (mm-handle-multipart-ctl-parameter
343 ctl 'micalg))
344 "SHA1")))
345 (save-restriction
346 (narrow-to-region (point) (point))
347 (insert part "\n")
348 (goto-char (point-min))
349 (while (not (eobp))
350 (if (looking-at "^-")
351 (insert "- "))
352 (forward-line)))
353 (unless (setq part (mm-find-part-by-type
354 (cdr handle) "application/pgp-signature" nil t))
355 (mm-set-handle-multipart-parameter
356 mm-security-handle 'gnus-info "Corrupted")
357 (throw 'error handle))
358 (save-restriction
359 (narrow-to-region (point) (point))
360 (mm-insert-part part)
361 (goto-char (point-min))
362 (if (re-search-forward "^-----BEGIN PGP [^-]+-----\r?$" nil t)
363 (replace-match "-----BEGIN PGP SIGNATURE-----" t t))
364 (if (re-search-forward "^-----END PGP [^-]+-----\r?$" nil t)
365 (replace-match "-----END PGP SIGNATURE-----" t t)))
366 (let ((mc-gpg-debug-buffer (get-buffer-create " *gnus gpg debug*")))
367 (unless (condition-case err
368 (prog1
369 (funcall mml2015-verify-function)
370 (if (get-buffer " *mailcrypt stderr temp")
371 (mm-set-handle-multipart-parameter
372 mm-security-handle 'gnus-details
373 (with-current-buffer " *mailcrypt stderr temp"
374 (buffer-string))))
375 (if (get-buffer " *mailcrypt stdout temp")
376 (kill-buffer " *mailcrypt stdout temp"))
377 (if (get-buffer " *mailcrypt stderr temp")
378 (kill-buffer " *mailcrypt stderr temp"))
379 (if (get-buffer " *mailcrypt status temp")
380 (kill-buffer " *mailcrypt status temp"))
381 (if (get-buffer mc-gpg-debug-buffer)
382 (kill-buffer mc-gpg-debug-buffer)))
383 (error
384 (mm-set-handle-multipart-parameter
385 mm-security-handle 'gnus-details (mml2015-format-error err))
386 nil)
387 (quit
388 (mm-set-handle-multipart-parameter
389 mm-security-handle 'gnus-details "Quit.")
390 nil))
391 (mm-set-handle-multipart-parameter
392 mm-security-handle 'gnus-info "Failed")
393 (throw 'error handle))))
394 (mm-set-handle-multipart-parameter
395 mm-security-handle 'gnus-info "OK")
396 handle)))
397
398 (defun mml2015-mailcrypt-clear-verify ()
399 (let ((mc-gpg-debug-buffer (get-buffer-create " *gnus gpg debug*")))
400 (if (condition-case err
401 (prog1
402 (funcall mml2015-verify-function)
403 (if (get-buffer " *mailcrypt stderr temp")
404 (mm-set-handle-multipart-parameter
405 mm-security-handle 'gnus-details
406 (with-current-buffer " *mailcrypt stderr temp"
407 (buffer-string))))
408 (if (get-buffer " *mailcrypt stdout temp")
409 (kill-buffer " *mailcrypt stdout temp"))
410 (if (get-buffer " *mailcrypt stderr temp")
411 (kill-buffer " *mailcrypt stderr temp"))
412 (if (get-buffer " *mailcrypt status temp")
413 (kill-buffer " *mailcrypt status temp"))
414 (if (get-buffer mc-gpg-debug-buffer)
415 (kill-buffer mc-gpg-debug-buffer)))
416 (error
417 (mm-set-handle-multipart-parameter
418 mm-security-handle 'gnus-details (mml2015-format-error err))
419 nil)
420 (quit
421 (mm-set-handle-multipart-parameter
422 mm-security-handle 'gnus-details "Quit.")
423 nil))
424 (mm-set-handle-multipart-parameter
425 mm-security-handle 'gnus-info "OK")
426 (mm-set-handle-multipart-parameter
427 mm-security-handle 'gnus-info "Failed")))
428 (mml2015-extract-cleartext-signature))
429
430 (defun mml2015-mailcrypt-sign (cont)
431 (mc-sign-generic (message-options-get 'message-sender)
432 nil nil nil nil)
433 (let ((boundary (mml-compute-boundary cont))
434 hash point)
435 (goto-char (point-min))
436 (unless (re-search-forward "^-----BEGIN PGP SIGNED MESSAGE-----\r?$" nil t)
437 (error "Cannot find signed begin line"))
438 (goto-char (match-beginning 0))
439 (forward-line 1)
440 (unless (looking-at "Hash:[ \t]*\\([a-zA-Z0-9]+\\)")
441 (error "Cannot not find PGP hash"))
442 (setq hash (match-string 1))
443 (unless (re-search-forward "^$" nil t)
444 (error "Cannot not find PGP message"))
445 (forward-line 1)
446 (delete-region (point-min) (point))
447 (insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
448 boundary))
449 (insert (format "\tmicalg=pgp-%s; protocol=\"application/pgp-signature\"\n"
450 (downcase hash)))
451 (insert (format "\n--%s\n" boundary))
452 (setq point (point))
453 (goto-char (point-max))
454 (unless (re-search-backward "^-----END PGP SIGNATURE-----\r?$" nil t)
455 (error "Cannot find signature part"))
456 (replace-match "-----END PGP MESSAGE-----" t t)
457 (goto-char (match-beginning 0))
458 (unless (re-search-backward "^-----BEGIN PGP SIGNATURE-----\r?$"
459 nil t)
460 (error "Cannot find signature part"))
461 (replace-match "-----BEGIN PGP MESSAGE-----" t t)
462 (goto-char (match-beginning 0))
463 (save-restriction
464 (narrow-to-region point (point))
465 (goto-char point)
466 (while (re-search-forward "^- -" nil t)
467 (replace-match "-" t t))
468 (goto-char (point-max)))
469 (insert (format "--%s\n" boundary))
470 (insert "Content-Type: application/pgp-signature\n\n")
471 (goto-char (point-max))
472 (insert (format "--%s--\n" boundary))
473 (goto-char (point-max))))
474
475 ;; We require mm-decode, which requires mm-bodies, which autoloads
476 ;; message-options-get (!).
477 (declare-function message-options-set "message" (symbol value))
478
479 (defun mml2015-mailcrypt-encrypt (cont &optional sign)
480 (let ((mc-pgp-always-sign
481 (or mc-pgp-always-sign
482 sign
483 (eq t (or (message-options-get 'message-sign-encrypt)
484 (message-options-set
485 'message-sign-encrypt
486 (or (y-or-n-p "Sign the message? ")
487 'not))))
488 'never)))
489 (mm-with-unibyte-current-buffer
490 (mc-encrypt-generic
491 (or (message-options-get 'message-recipients)
492 (message-options-set 'message-recipients
493 (mc-cleanup-recipient-headers
494 (read-string "Recipients: "))))
495 nil nil nil
496 (message-options-get 'message-sender))))
497 (goto-char (point-min))
498 (unless (looking-at "-----BEGIN PGP MESSAGE-----")
499 (error "Fail to encrypt the message"))
500 (let ((boundary (mml-compute-boundary cont)))
501 (insert (format "Content-Type: multipart/encrypted; boundary=\"%s\";\n"
502 boundary))
503 (insert "\tprotocol=\"application/pgp-encrypted\"\n\n")
504 (insert (format "--%s\n" boundary))
505 (insert "Content-Type: application/pgp-encrypted\n\n")
506 (insert "Version: 1\n\n")
507 (insert (format "--%s\n" boundary))
508 (insert "Content-Type: application/octet-stream\n\n")
509 (goto-char (point-max))
510 (insert (format "--%s--\n" boundary))
511 (goto-char (point-max))))
512
513 ;;; pgg wrapper
514
515 (defvar pgg-default-user-id)
516 (defvar pgg-errors-buffer)
517 (defvar pgg-output-buffer)
518
519 (autoload 'pgg-decrypt-region "pgg")
520 (autoload 'pgg-verify-region "pgg")
521 (autoload 'pgg-sign-region "pgg")
522 (autoload 'pgg-encrypt-region "pgg")
523 (autoload 'pgg-parse-armor "pgg-parse")
524
525 (defun mml2015-pgg-decrypt (handle ctl)
526 (catch 'error
527 (let ((pgg-errors-buffer mml2015-result-buffer)
528 child handles result decrypt-status)
529 (unless (setq child (mm-find-part-by-type
530 (cdr handle)
531 "application/octet-stream" nil t))
532 (mm-set-handle-multipart-parameter
533 mm-security-handle 'gnus-info "Corrupted")
534 (throw 'error handle))
535 (with-temp-buffer
536 (mm-insert-part child)
537 (if (condition-case err
538 (prog1
539 (pgg-decrypt-region (point-min) (point-max))
540 (setq decrypt-status
541 (with-current-buffer mml2015-result-buffer
542 (buffer-string)))
543 (mm-set-handle-multipart-parameter
544 mm-security-handle 'gnus-details
545 decrypt-status))
546 (error
547 (mm-set-handle-multipart-parameter
548 mm-security-handle 'gnus-details (mml2015-format-error err))
549 nil)
550 (quit
551 (mm-set-handle-multipart-parameter
552 mm-security-handle 'gnus-details "Quit.")
553 nil))
554 (with-current-buffer pgg-output-buffer
555 (goto-char (point-min))
556 (while (search-forward "\r\n" nil t)
557 (replace-match "\n" t t))
558 (setq handles (mm-dissect-buffer t))
559 (mm-destroy-parts handle)
560 (mm-set-handle-multipart-parameter
561 mm-security-handle 'gnus-info "OK")
562 (mm-set-handle-multipart-parameter
563 mm-security-handle 'gnus-details
564 (concat decrypt-status
565 (when (stringp (car handles))
566 "\n" (mm-handle-multipart-ctl-parameter
567 handles 'gnus-details))))
568 (if (listp (car handles))
569 handles
570 (list handles)))
571 (mm-set-handle-multipart-parameter
572 mm-security-handle 'gnus-info "Failed")
573 (throw 'error handle))))))
574
575 (defun mml2015-pgg-clear-decrypt ()
576 (let ((pgg-errors-buffer mml2015-result-buffer))
577 (if (prog1
578 (pgg-decrypt-region (point-min) (point-max))
579 (mm-set-handle-multipart-parameter
580 mm-security-handle 'gnus-details
581 (with-current-buffer mml2015-result-buffer
582 (buffer-string))))
583 (progn
584 (erase-buffer)
585 ;; Treat data which pgg returns as a unibyte string.
586 (mm-disable-multibyte)
587 (insert-buffer-substring pgg-output-buffer)
588 (goto-char (point-min))
589 (while (search-forward "\r\n" nil t)
590 (replace-match "\n" t t))
591 (mm-set-handle-multipart-parameter
592 mm-security-handle 'gnus-info "OK"))
593 (mm-set-handle-multipart-parameter
594 mm-security-handle 'gnus-info "Failed"))))
595
596 (defun mml2015-pgg-verify (handle ctl)
597 (let ((pgg-errors-buffer mml2015-result-buffer)
598 signature-file part signature)
599 (if (or (null (setq part (mm-find-raw-part-by-type
600 ctl (or (mm-handle-multipart-ctl-parameter
601 ctl 'protocol)
602 "application/pgp-signature")
603 t)))
604 (null (setq signature (mm-find-part-by-type
605 (cdr handle) "application/pgp-signature" nil t))))
606 (progn
607 (mm-set-handle-multipart-parameter
608 mm-security-handle 'gnus-info "Corrupted")
609 handle)
610 (with-temp-buffer
611 (insert part)
612 ;; Convert <LF> to <CR><LF> in signed text. If --textmode is
613 ;; specified when signing, the conversion is not necessary.
614 (goto-char (point-min))
615 (end-of-line)
616 (while (not (eobp))
617 (unless (eq (char-before) ?\r)
618 (insert "\r"))
619 (forward-line)
620 (end-of-line))
621 (with-temp-file (setq signature-file (mm-make-temp-file "pgg"))
622 (mm-insert-part signature))
623 (if (condition-case err
624 (prog1
625 (pgg-verify-region (point-min) (point-max)
626 signature-file t)
627 (goto-char (point-min))
628 (while (search-forward "\r\n" nil t)
629 (replace-match "\n" t t))
630 (mm-set-handle-multipart-parameter
631 mm-security-handle 'gnus-details
632 (concat (with-current-buffer pgg-output-buffer
633 (buffer-string))
634 (with-current-buffer pgg-errors-buffer
635 (buffer-string)))))
636 (error
637 (mm-set-handle-multipart-parameter
638 mm-security-handle 'gnus-details (mml2015-format-error err))
639 nil)
640 (quit
641 (mm-set-handle-multipart-parameter
642 mm-security-handle 'gnus-details "Quit.")
643 nil))
644 (progn
645 (delete-file signature-file)
646 (mm-set-handle-multipart-parameter
647 mm-security-handle 'gnus-info
648 (with-current-buffer pgg-errors-buffer
649 (mml2015-gpg-extract-signature-details))))
650 (delete-file signature-file)
651 (mm-set-handle-multipart-parameter
652 mm-security-handle 'gnus-info "Failed")))))
653 handle)
654
655 (defun mml2015-pgg-clear-verify ()
656 (let ((pgg-errors-buffer mml2015-result-buffer)
657 (text (buffer-string))
658 (coding-system buffer-file-coding-system))
659 (if (condition-case err
660 (prog1
661 (mm-with-unibyte-buffer
662 (insert (mm-encode-coding-string text coding-system))
663 (pgg-verify-region (point-min) (point-max) nil t))
664 (goto-char (point-min))
665 (while (search-forward "\r\n" nil t)
666 (replace-match "\n" t t))
667 (mm-set-handle-multipart-parameter
668 mm-security-handle 'gnus-details
669 (concat (with-current-buffer pgg-output-buffer
670 (buffer-string))
671 (with-current-buffer pgg-errors-buffer
672 (buffer-string)))))
673 (error
674 (mm-set-handle-multipart-parameter
675 mm-security-handle 'gnus-details (mml2015-format-error err))
676 nil)
677 (quit
678 (mm-set-handle-multipart-parameter
679 mm-security-handle 'gnus-details "Quit.")
680 nil))
681 (mm-set-handle-multipart-parameter
682 mm-security-handle 'gnus-info
683 (with-current-buffer pgg-errors-buffer
684 (mml2015-gpg-extract-signature-details)))
685 (mm-set-handle-multipart-parameter
686 mm-security-handle 'gnus-info "Failed")))
687 (mml2015-extract-cleartext-signature))
688
689 (defun mml2015-pgg-sign (cont)
690 (let ((pgg-errors-buffer mml2015-result-buffer)
691 (boundary (mml-compute-boundary cont))
692 (pgg-default-user-id (or (message-options-get 'mml-sender)
693 pgg-default-user-id))
694 (pgg-text-mode t)
695 entry)
696 (unless (pgg-sign-region (point-min) (point-max))
697 (pop-to-buffer mml2015-result-buffer)
698 (error "Sign error"))
699 (goto-char (point-min))
700 (insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
701 boundary))
702 (if (setq entry (assq 2 (pgg-parse-armor
703 (with-current-buffer pgg-output-buffer
704 (buffer-string)))))
705 (setq entry (assq 'hash-algorithm (cdr entry))))
706 (insert (format "\tmicalg=%s; "
707 (if (cdr entry)
708 (downcase (format "pgp-%s" (cdr entry)))
709 "pgp-sha1")))
710 (insert "protocol=\"application/pgp-signature\"\n")
711 (insert (format "\n--%s\n" boundary))
712 (goto-char (point-max))
713 (insert (format "\n--%s\n" boundary))
714 (insert "Content-Type: application/pgp-signature\n\n")
715 (insert-buffer-substring pgg-output-buffer)
716 (goto-char (point-max))
717 (insert (format "--%s--\n" boundary))
718 (goto-char (point-max))))
719
720 (defun mml2015-pgg-encrypt (cont &optional sign)
721 (let ((pgg-errors-buffer mml2015-result-buffer)
722 (pgg-text-mode t)
723 (boundary (mml-compute-boundary cont)))
724 (unless (pgg-encrypt-region (point-min) (point-max)
725 (split-string
726 (or
727 (message-options-get 'message-recipients)
728 (message-options-set 'message-recipients
729 (read-string "Recipients: ")))
730 "[ \f\t\n\r\v,]+")
731 sign)
732 (pop-to-buffer mml2015-result-buffer)
733 (error "Encrypt error"))
734 (delete-region (point-min) (point-max))
735 (goto-char (point-min))
736 (insert (format "Content-Type: multipart/encrypted; boundary=\"%s\";\n"
737 boundary))
738 (insert "\tprotocol=\"application/pgp-encrypted\"\n\n")
739 (insert (format "--%s\n" boundary))
740 (insert "Content-Type: application/pgp-encrypted\n\n")
741 (insert "Version: 1\n\n")
742 (insert (format "--%s\n" boundary))
743 (insert "Content-Type: application/octet-stream\n\n")
744 (insert-buffer-substring pgg-output-buffer)
745 (goto-char (point-max))
746 (insert (format "--%s--\n" boundary))
747 (goto-char (point-max))))
748
749 ;;; epg wrapper
750
751 (defvar epg-user-id-alist)
752 (defvar epg-digest-algorithm-alist)
753 (defvar epg-gpg-program)
754 (defvar inhibit-redisplay)
755
756 (autoload 'epg-make-context "epg")
757 (autoload 'epg-context-set-armor "epg")
758 (autoload 'epg-context-set-textmode "epg")
759 (autoload 'epg-context-set-signers "epg")
760 (autoload 'epg-context-result-for "epg")
761 (autoload 'epg-new-signature-digest-algorithm "epg")
762 (autoload 'epg-list-keys "epg")
763 (autoload 'epg-decrypt-string "epg")
764 (autoload 'epg-verify-string "epg")
765 (autoload 'epg-sign-string "epg")
766 (autoload 'epg-encrypt-string "epg")
767 (autoload 'epg-passphrase-callback-function "epg")
768 (autoload 'epg-context-set-passphrase-callback "epg")
769 (autoload 'epg-key-sub-key-list "epg")
770 (autoload 'epg-sub-key-capability "epg")
771 (autoload 'epg-sub-key-validity "epg")
772 (autoload 'epg-sub-key-fingerprint "epg")
773 (autoload 'epg-signature-key-id "epg")
774 (autoload 'epg-signature-to-string "epg")
775 (autoload 'epg-key-user-id-list "epg")
776 (autoload 'epg-user-id-string "epg")
777 (autoload 'epg-user-id-validity "epg")
778 (autoload 'epg-configuration "epg-config")
779 (autoload 'epg-expand-group "epg-config")
780 (autoload 'epa-select-keys "epa")
781
782 (defvar mml2015-epg-secret-key-id-list nil)
783
784 (defun mml2015-epg-passphrase-callback (context key-id ignore)
785 (if (eq key-id 'SYM)
786 (epg-passphrase-callback-function context key-id nil)
787 (let* ((password-cache-key-id
788 (if (eq key-id 'PIN)
789 "PIN"
790 key-id))
791 entry
792 (passphrase
793 (password-read
794 (if (eq key-id 'PIN)
795 "Passphrase for PIN: "
796 (if (setq entry (assoc key-id epg-user-id-alist))
797 (format "Passphrase for %s %s: " key-id (cdr entry))
798 (format "Passphrase for %s: " key-id)))
799 password-cache-key-id)))
800 (when passphrase
801 (let ((password-cache-expiry mml2015-passphrase-cache-expiry))
802 (password-cache-add password-cache-key-id passphrase))
803 (setq mml2015-epg-secret-key-id-list
804 (cons password-cache-key-id mml2015-epg-secret-key-id-list))
805 (copy-sequence passphrase)))))
806
807 (defun mml2015-epg-check-user-id (key recipient)
808 (let ((pointer (epg-key-user-id-list key))
809 result)
810 (while pointer
811 (if (and (equal (car (mail-header-parse-address
812 (epg-user-id-string (car pointer))))
813 (car (mail-header-parse-address
814 recipient)))
815 (not (memq (epg-user-id-validity (car pointer))
816 '(revoked expired))))
817 (setq result t
818 pointer nil)
819 (setq pointer (cdr pointer))))
820 result))
821
822 (defun mml2015-epg-check-sub-key (key usage)
823 (let ((pointer (epg-key-sub-key-list key))
824 result)
825 ;; The primary key will be marked as disabled, when the entire
826 ;; key is disabled (see 12 Field, Format of colon listings, in
827 ;; gnupg/doc/DETAILS)
828 (unless (memq 'disabled (epg-sub-key-capability (car pointer)))
829 (while pointer
830 (if (and (memq usage (epg-sub-key-capability (car pointer)))
831 (not (memq (epg-sub-key-validity (car pointer))
832 '(revoked expired))))
833 (setq result t
834 pointer nil)
835 (setq pointer (cdr pointer)))))
836 result))
837
838 (defun mml2015-epg-find-usable-key (context name usage
839 &optional name-is-key-id)
840 (let ((keys (epg-list-keys context name))
841 key)
842 (while keys
843 (if (and (or name-is-key-id
844 ;; Non email user-id can be supplied through
845 ;; mml2015-signers if mml2015-encrypt-to-self is set.
846 ;; Treat it as valid, as it is user's intention.
847 (not (string-match "\\`<" name))
848 (mml2015-epg-check-user-id (car keys) name))
849 (mml2015-epg-check-sub-key (car keys) usage))
850 (setq key (car keys)
851 keys nil)
852 (setq keys (cdr keys))))
853 key))
854
855 ;; XXX: since gpg --list-secret-keys does not return validity of each
856 ;; key, `mml2015-epg-find-usable-key' defined above is not enough for
857 ;; secret keys. The function `mml2015-epg-find-usable-secret-key'
858 ;; below looks at appropriate public keys to check usability.
859 (defun mml2015-epg-find-usable-secret-key (context name usage)
860 (let ((secret-keys (epg-list-keys context name t))
861 secret-key)
862 (while (and (not secret-key) secret-keys)
863 (if (mml2015-epg-find-usable-key
864 context
865 (epg-sub-key-fingerprint
866 (car (epg-key-sub-key-list
867 (car secret-keys))))
868 usage
869 t)
870 (setq secret-key (car secret-keys)
871 secret-keys nil)
872 (setq secret-keys (cdr secret-keys))))
873 secret-key))
874
875 (autoload 'gnus-create-image "gnus-ems")
876
877 (defun mml2015-epg-key-image (key-id)
878 "Return the image of a key, if any"
879 (with-temp-buffer
880 (mm-set-buffer-multibyte nil)
881 (let* ((coding-system-for-write 'binary)
882 (coding-system-for-read 'binary)
883 (data (shell-command-to-string
884 (format "%s --list-options no-show-photos --attribute-fd 3 --list-keys %s 3>&1 >/dev/null 2>&1"
885 (shell-quote-argument epg-gpg-program) key-id))))
886 (when (> (length data) 0)
887 (insert (substring data 16))
888 (condition-case nil
889 (gnus-create-image (buffer-string) nil t)
890 (error))))))
891
892 (autoload 'gnus-rescale-image "gnus-util")
893
894 (defun mml2015-epg-key-image-to-string (key-id)
895 "Return a string with the image of a key, if any"
896 (let ((key-image (mml2015-epg-key-image key-id)))
897 (if (not key-image)
898 ""
899 (condition-case error
900 (let ((result " "))
901 (put-text-property
902 1 2 'display
903 (gnus-rescale-image key-image
904 (cons mml2015-maximum-key-image-dimension
905 mml2015-maximum-key-image-dimension))
906 result)
907 result)
908 (error "")))))
909
910 (defun mml2015-epg-signature-to-string (signature)
911 (concat (epg-signature-to-string signature)
912 (when mml2015-display-key-image
913 (mml2015-epg-key-image-to-string (epg-signature-key-id signature)))))
914
915 (defun mml2015-epg-verify-result-to-string (verify-result)
916 (mapconcat #'mml2015-epg-signature-to-string verify-result "\n"))
917
918 (defun mml2015-epg-decrypt (handle ctl)
919 (catch 'error
920 (let ((inhibit-redisplay t)
921 context plain child handles result decrypt-status)
922 (unless (setq child (mm-find-part-by-type
923 (cdr handle)
924 "application/octet-stream" nil t))
925 (mm-set-handle-multipart-parameter
926 mm-security-handle 'gnus-info "Corrupted")
927 (throw 'error handle))
928 (setq context (epg-make-context))
929 (if mml2015-cache-passphrase
930 (epg-context-set-passphrase-callback
931 context
932 #'mml2015-epg-passphrase-callback))
933 (condition-case error
934 (setq plain (epg-decrypt-string context (mm-get-part child))
935 mml2015-epg-secret-key-id-list nil)
936 (error
937 (while mml2015-epg-secret-key-id-list
938 (password-cache-remove (car mml2015-epg-secret-key-id-list))
939 (setq mml2015-epg-secret-key-id-list
940 (cdr mml2015-epg-secret-key-id-list)))
941 (mm-set-handle-multipart-parameter
942 mm-security-handle 'gnus-info "Failed")
943 (if (eq (car error) 'quit)
944 (mm-set-handle-multipart-parameter
945 mm-security-handle 'gnus-details "Quit.")
946 (mm-set-handle-multipart-parameter
947 mm-security-handle 'gnus-details (mml2015-format-error error)))
948 (throw 'error handle)))
949 (with-temp-buffer
950 (insert plain)
951 (goto-char (point-min))
952 (while (search-forward "\r\n" nil t)
953 (replace-match "\n" t t))
954 (setq handles (mm-dissect-buffer t))
955 (mm-destroy-parts handle)
956 (if (epg-context-result-for context 'verify)
957 (mm-set-handle-multipart-parameter
958 mm-security-handle 'gnus-info
959 (concat "OK\n"
960 (mml2015-epg-verify-result-to-string
961 (epg-context-result-for context 'verify))))
962 (mm-set-handle-multipart-parameter
963 mm-security-handle 'gnus-info "OK"))
964 (if (stringp (car handles))
965 (mm-set-handle-multipart-parameter
966 mm-security-handle 'gnus-details
967 (mm-handle-multipart-ctl-parameter handles 'gnus-details))))
968 (if (listp (car handles))
969 handles
970 (list handles)))))
971
972 (defun mml2015-epg-clear-decrypt ()
973 (let ((inhibit-redisplay t)
974 (context (epg-make-context))
975 plain)
976 (if mml2015-cache-passphrase
977 (epg-context-set-passphrase-callback
978 context
979 #'mml2015-epg-passphrase-callback))
980 (condition-case error
981 (setq plain (epg-decrypt-string context (buffer-string))
982 mml2015-epg-secret-key-id-list nil)
983 (error
984 (while mml2015-epg-secret-key-id-list
985 (password-cache-remove (car mml2015-epg-secret-key-id-list))
986 (setq mml2015-epg-secret-key-id-list
987 (cdr mml2015-epg-secret-key-id-list)))
988 (mm-set-handle-multipart-parameter
989 mm-security-handle 'gnus-info "Failed")
990 (if (eq (car error) 'quit)
991 (mm-set-handle-multipart-parameter
992 mm-security-handle 'gnus-details "Quit.")
993 (mm-set-handle-multipart-parameter
994 mm-security-handle 'gnus-details (mml2015-format-error error)))))
995 (when plain
996 (erase-buffer)
997 ;; Treat data which epg returns as a unibyte string.
998 (mm-disable-multibyte)
999 (insert plain)
1000 (goto-char (point-min))
1001 (while (search-forward "\r\n" nil t)
1002 (replace-match "\n" t t))
1003 (mm-set-handle-multipart-parameter
1004 mm-security-handle 'gnus-info "OK")
1005 (if (epg-context-result-for context 'verify)
1006 (mm-set-handle-multipart-parameter
1007 mm-security-handle 'gnus-details
1008 (mml2015-epg-verify-result-to-string
1009 (epg-context-result-for context 'verify)))))))
1010
1011 (defun mml2015-epg-verify (handle ctl)
1012 (catch 'error
1013 (let ((inhibit-redisplay t)
1014 context plain signature-file part signature)
1015 (when (or (null (setq part (mm-find-raw-part-by-type
1016 ctl (or (mm-handle-multipart-ctl-parameter
1017 ctl 'protocol)
1018 "application/pgp-signature")
1019 t)))
1020 (null (setq signature (mm-find-part-by-type
1021 (cdr handle) "application/pgp-signature"
1022 nil t))))
1023 (mm-set-handle-multipart-parameter
1024 mm-security-handle 'gnus-info "Corrupted")
1025 (throw 'error handle))
1026 (setq part (mm-replace-in-string part "\n" "\r\n")
1027 signature (mm-get-part signature)
1028 context (epg-make-context))
1029 (condition-case error
1030 (setq plain (epg-verify-string context signature part))
1031 (error
1032 (mm-set-handle-multipart-parameter
1033 mm-security-handle 'gnus-info "Failed")
1034 (if (eq (car error) 'quit)
1035 (mm-set-handle-multipart-parameter
1036 mm-security-handle 'gnus-details "Quit.")
1037 (mm-set-handle-multipart-parameter
1038 mm-security-handle 'gnus-details (mml2015-format-error error)))
1039 (throw 'error handle)))
1040 (mm-set-handle-multipart-parameter
1041 mm-security-handle 'gnus-info
1042 (mml2015-epg-verify-result-to-string
1043 (epg-context-result-for context 'verify)))
1044 handle)))
1045
1046 (defun mml2015-epg-clear-verify ()
1047 (let ((inhibit-redisplay t)
1048 (context (epg-make-context))
1049 (signature (mm-encode-coding-string (buffer-string)
1050 coding-system-for-write))
1051 plain)
1052 (condition-case error
1053 (setq plain (epg-verify-string context signature))
1054 (error
1055 (mm-set-handle-multipart-parameter
1056 mm-security-handle 'gnus-info "Failed")
1057 (if (eq (car error) 'quit)
1058 (mm-set-handle-multipart-parameter
1059 mm-security-handle 'gnus-details "Quit.")
1060 (mm-set-handle-multipart-parameter
1061 mm-security-handle 'gnus-details (mml2015-format-error error)))))
1062 (if plain
1063 (progn
1064 (mm-set-handle-multipart-parameter
1065 mm-security-handle 'gnus-info
1066 (mml2015-epg-verify-result-to-string
1067 (epg-context-result-for context 'verify)))
1068 (delete-region (point-min) (point-max))
1069 (insert (mm-decode-coding-string plain coding-system-for-read)))
1070 (mml2015-extract-cleartext-signature))))
1071
1072 (defun mml2015-epg-sign (cont)
1073 (let* ((inhibit-redisplay t)
1074 (context (epg-make-context))
1075 (boundary (mml-compute-boundary cont))
1076 (sender (message-options-get 'message-sender))
1077 (signer-names (or mml2015-signers
1078 (if (and mml2015-sign-with-sender sender)
1079 (list (concat "<" sender ">")))))
1080 signer-key
1081 (signers
1082 (or (message-options-get 'mml2015-epg-signers)
1083 (message-options-set
1084 'mml2015-epg-signers
1085 (if (eq mm-sign-option 'guided)
1086 (epa-select-keys context "\
1087 Select keys for signing.
1088 If no one is selected, default secret key is used. "
1089 signer-names
1090 t)
1091 (if (or sender mml2015-signers)
1092 (delq nil
1093 (mapcar
1094 (lambda (signer)
1095 (setq signer-key
1096 (mml2015-epg-find-usable-secret-key
1097 context signer 'sign))
1098 (unless (or signer-key
1099 (y-or-n-p
1100 (format
1101 "No secret key for %s; skip it? "
1102 signer)))
1103 (error "No secret key for %s" signer))
1104 signer-key)
1105 signer-names)))))))
1106 signature micalg)
1107 (epg-context-set-armor context t)
1108 (epg-context-set-textmode context t)
1109 (epg-context-set-signers context signers)
1110 (if mml2015-cache-passphrase
1111 (epg-context-set-passphrase-callback
1112 context
1113 #'mml2015-epg-passphrase-callback))
1114 ;; Signed data must end with a newline (RFC 3156, 5).
1115 (goto-char (point-max))
1116 (unless (bolp)
1117 (insert "\n"))
1118 (condition-case error
1119 (setq signature (epg-sign-string context (buffer-string) t)
1120 mml2015-epg-secret-key-id-list nil)
1121 (error
1122 (while mml2015-epg-secret-key-id-list
1123 (password-cache-remove (car mml2015-epg-secret-key-id-list))
1124 (setq mml2015-epg-secret-key-id-list
1125 (cdr mml2015-epg-secret-key-id-list)))
1126 (signal (car error) (cdr error))))
1127 (if (epg-context-result-for context 'sign)
1128 (setq micalg (epg-new-signature-digest-algorithm
1129 (car (epg-context-result-for context 'sign)))))
1130 (goto-char (point-min))
1131 (insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
1132 boundary))
1133 (if micalg
1134 (insert (format "\tmicalg=pgp-%s; "
1135 (downcase
1136 (cdr (assq micalg
1137 epg-digest-algorithm-alist))))))
1138 (insert "protocol=\"application/pgp-signature\"\n")
1139 (insert (format "\n--%s\n" boundary))
1140 (goto-char (point-max))
1141 (insert (format "\n--%s\n" boundary))
1142 (insert "Content-Type: application/pgp-signature; name=\"signature.asc\"\n\n")
1143 (insert signature)
1144 (goto-char (point-max))
1145 (insert (format "--%s--\n" boundary))
1146 (goto-char (point-max))))
1147
1148 (defun mml2015-epg-encrypt (cont &optional sign)
1149 (let* ((inhibit-redisplay t)
1150 (context (epg-make-context))
1151 (boundary (mml-compute-boundary cont))
1152 (config (epg-configuration))
1153 (recipients (message-options-get 'mml2015-epg-recipients))
1154 cipher
1155 (sender (message-options-get 'message-sender))
1156 (signer-names (or mml2015-signers
1157 (if (and mml2015-sign-with-sender sender)
1158 (list (concat "<" sender ">")))))
1159 signers
1160 recipient-key signer-key)
1161 (unless recipients
1162 (setq recipients
1163 (apply #'nconc
1164 (mapcar
1165 (lambda (recipient)
1166 (or (epg-expand-group config recipient)
1167 (list (concat "<" recipient ">"))))
1168 (split-string
1169 (or (message-options-get 'message-recipients)
1170 (message-options-set 'message-recipients
1171 (read-string "Recipients: ")))
1172 "[ \f\t\n\r\v,]+"))))
1173 (when mml2015-encrypt-to-self
1174 (unless signer-names
1175 (error "Neither message sender nor mml2015-signers are set"))
1176 (setq recipients (nconc recipients signer-names)))
1177 (if (eq mm-encrypt-option 'guided)
1178 (setq recipients
1179 (epa-select-keys context "\
1180 Select recipients for encryption.
1181 If no one is selected, symmetric encryption will be performed. "
1182 recipients))
1183 (setq recipients
1184 (delq nil
1185 (mapcar
1186 (lambda (recipient)
1187 (setq recipient-key (mml2015-epg-find-usable-key
1188 context recipient 'encrypt))
1189 (unless (or recipient-key
1190 (y-or-n-p
1191 (format "No public key for %s; skip it? "
1192 recipient)))
1193 (error "No public key for %s" recipient))
1194 recipient-key)
1195 recipients)))
1196 (unless recipients
1197 (error "No recipient specified")))
1198 (message-options-set 'mml2015-epg-recipients recipients))
1199 (when sign
1200 (setq signers
1201 (or (message-options-get 'mml2015-epg-signers)
1202 (message-options-set
1203 'mml2015-epg-signers
1204 (if (eq mm-sign-option 'guided)
1205 (epa-select-keys context "\
1206 Select keys for signing.
1207 If no one is selected, default secret key is used. "
1208 signer-names
1209 t)
1210 (if (or sender mml2015-signers)
1211 (delq nil
1212 (mapcar
1213 (lambda (signer)
1214 (setq signer-key
1215 (mml2015-epg-find-usable-secret-key
1216 context signer 'sign))
1217 (unless (or signer-key
1218 (y-or-n-p
1219 (format
1220 "No secret key for %s; skip it? "
1221 signer)))
1222 (error "No secret key for %s" signer))
1223 signer-key)
1224 signer-names)))))))
1225 (epg-context-set-signers context signers))
1226 (epg-context-set-armor context t)
1227 (epg-context-set-textmode context t)
1228 (if mml2015-cache-passphrase
1229 (epg-context-set-passphrase-callback
1230 context
1231 #'mml2015-epg-passphrase-callback))
1232 (condition-case error
1233 (setq cipher
1234 (epg-encrypt-string context (buffer-string) recipients sign
1235 mml2015-always-trust)
1236 mml2015-epg-secret-key-id-list nil)
1237 (error
1238 (while mml2015-epg-secret-key-id-list
1239 (password-cache-remove (car mml2015-epg-secret-key-id-list))
1240 (setq mml2015-epg-secret-key-id-list
1241 (cdr mml2015-epg-secret-key-id-list)))
1242 (signal (car error) (cdr error))))
1243 (delete-region (point-min) (point-max))
1244 (goto-char (point-min))
1245 (insert (format "Content-Type: multipart/encrypted; boundary=\"%s\";\n"
1246 boundary))
1247 (insert "\tprotocol=\"application/pgp-encrypted\"\n\n")
1248 (insert (format "--%s\n" boundary))
1249 (insert "Content-Type: application/pgp-encrypted\n\n")
1250 (insert "Version: 1\n\n")
1251 (insert (format "--%s\n" boundary))
1252 (insert "Content-Type: application/octet-stream\n\n")
1253 (insert cipher)
1254 (goto-char (point-max))
1255 (insert (format "--%s--\n" boundary))
1256 (goto-char (point-max))))
1257
1258 ;;; General wrapper
1259
1260 (autoload 'gnus-buffer-live-p "gnus-util")
1261 (autoload 'gnus-get-buffer-create "gnus")
1262
1263 (defun mml2015-clean-buffer ()
1264 (if (gnus-buffer-live-p mml2015-result-buffer)
1265 (with-current-buffer mml2015-result-buffer
1266 (erase-buffer)
1267 t)
1268 (setq mml2015-result-buffer
1269 (gnus-get-buffer-create " *MML2015 Result*"))
1270 nil))
1271
1272 (defsubst mml2015-clear-decrypt-function ()
1273 (nth 6 (assq mml2015-use mml2015-function-alist)))
1274
1275 (defsubst mml2015-clear-verify-function ()
1276 (nth 5 (assq mml2015-use mml2015-function-alist)))
1277
1278 ;;;###autoload
1279 (defun mml2015-decrypt (handle ctl)
1280 (mml2015-clean-buffer)
1281 (let ((func (nth 4 (assq mml2015-use mml2015-function-alist))))
1282 (if func
1283 (funcall func handle ctl)
1284 handle)))
1285
1286 ;;;###autoload
1287 (defun mml2015-decrypt-test (handle ctl)
1288 mml2015-use)
1289
1290 ;;;###autoload
1291 (defun mml2015-verify (handle ctl)
1292 (mml2015-clean-buffer)
1293 (let ((func (nth 3 (assq mml2015-use mml2015-function-alist))))
1294 (if func
1295 (funcall func handle ctl)
1296 handle)))
1297
1298 ;;;###autoload
1299 (defun mml2015-verify-test (handle ctl)
1300 mml2015-use)
1301
1302 ;;;###autoload
1303 (defun mml2015-encrypt (cont &optional sign)
1304 (mml2015-clean-buffer)
1305 (let ((func (nth 2 (assq mml2015-use mml2015-function-alist))))
1306 (if func
1307 (funcall func cont sign)
1308 (error "Cannot find encrypt function"))))
1309
1310 ;;;###autoload
1311 (defun mml2015-sign (cont)
1312 (mml2015-clean-buffer)
1313 (let ((func (nth 1 (assq mml2015-use mml2015-function-alist))))
1314 (if func
1315 (funcall func cont)
1316 (error "Cannot find sign function"))))
1317
1318 ;;;###autoload
1319 (defun mml2015-self-encrypt ()
1320 (mml2015-encrypt nil))
1321
1322 (provide 'mml2015)
1323
1324 ;;; mml2015.el ends here
Emacs repository mirror