1 ;;; mml-smime.el --- S/MIME support for MML
3 ;; Copyright (C) 2000, 2001, 2002, 2003, 2004,
4 ;; 2005, 2006, 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
6 ;; Author: Simon Josefsson <simon@josefsson.org>
7 ;; Keywords: Gnus, MIME, S/MIME, MML
9 ;; This file is part of GNU Emacs.
11 ;; GNU Emacs is free software: you can redistribute it and/or modify
12 ;; it under the terms of the GNU General Public License as published by
13 ;; the Free Software Foundation, either version 3 of the License, or
14 ;; (at your option) any later version.
16 ;; GNU Emacs is distributed in the hope that it will be useful,
17 ;; but WITHOUT ANY WARRANTY; without even the implied warranty of
18 ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 ;; GNU General Public License for more details.
21 ;; You should have received a copy of the GNU General Public License
22 ;; along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>.
30 (unless (fboundp 'declare-function
) (defmacro declare-function
(&rest r
))))
32 (eval-when-compile (require 'cl
))
37 (autoload 'message-narrow-to-headers
"message")
38 (autoload 'message-fetch-field
"message")
40 (defvar mml-smime-use
'openssl
)
42 (defvar mml-smime-function-alist
43 '((openssl mml-smime-openssl-sign
44 mml-smime-openssl-encrypt
45 mml-smime-openssl-sign-query
46 mml-smime-openssl-encrypt-query
47 mml-smime-openssl-verify
48 mml-smime-openssl-verify-test
)
49 (epg mml-smime-epg-sign
54 mml-smime-epg-verify-test
)))
56 (defcustom mml-smime-verbose mml-secure-verbose
57 "If non-nil, ask the user about the current operation more verbosely."
61 (defcustom mml-smime-cache-passphrase mml-secure-cache-passphrase
62 "If t, cache passphrase."
66 (defcustom mml-smime-passphrase-cache-expiry mml-secure-passphrase-cache-expiry
67 "How many seconds the passphrase is cached.
68 Whether the passphrase is cached at all is controlled by
69 `mml-smime-cache-passphrase'."
73 (defcustom mml-smime-signers nil
74 "A list of your own key ID which will be used to sign a message."
76 :type
'(repeat (string :tag
"Key ID")))
78 (defun mml-smime-sign (cont)
79 (let ((func (nth 1 (assq mml-smime-use mml-smime-function-alist
))))
82 (error "Cannot find sign function"))))
84 (defun mml-smime-encrypt (cont)
85 (let ((func (nth 2 (assq mml-smime-use mml-smime-function-alist
))))
88 (error "Cannot find encrypt function"))))
90 (defun mml-smime-sign-query ()
91 (let ((func (nth 3 (assq mml-smime-use mml-smime-function-alist
))))
95 (defun mml-smime-encrypt-query ()
96 (let ((func (nth 4 (assq mml-smime-use mml-smime-function-alist
))))
100 (defun mml-smime-verify (handle ctl
)
101 (let ((func (nth 5 (assq mml-smime-use mml-smime-function-alist
))))
103 (funcall func handle ctl
)
106 (defun mml-smime-verify-test (handle ctl
)
107 (let ((func (nth 6 (assq mml-smime-use mml-smime-function-alist
))))
109 (funcall func handle ctl
))))
111 (defun mml-smime-openssl-sign (cont)
112 (when (null smime-keys
)
113 (customize-variable 'smime-keys
)
114 (error "No S/MIME keys configured, use customize to add your key"))
115 (smime-sign-buffer (cdr (assq 'keyfile cont
)))
116 (goto-char (point-min))
117 (while (search-forward "\r\n" nil t
)
118 (replace-match "\n" t t
))
119 (goto-char (point-max)))
121 (defun mml-smime-openssl-encrypt (cont)
122 (let (certnames certfiles tmp file tmpfiles
)
123 ;; xxx tmp files are always an security issue
124 (while (setq tmp
(pop cont
))
125 (if (and (consp tmp
) (eq (car tmp
) 'certfile
))
126 (push (cdr tmp
) certnames
)))
127 (while (setq tmp
(pop certnames
))
128 (if (not (and (not (file-exists-p tmp
))
131 (setq file
(mm-make-temp-file (expand-file-name "mml."
133 (with-current-buffer tmp
134 (write-region (point-min) (point-max) file
))
135 (push file certfiles
)
136 (push file tmpfiles
)))
137 (if (smime-encrypt-buffer certfiles
)
139 (while (setq tmp
(pop tmpfiles
))
142 (while (setq tmp
(pop tmpfiles
))
145 (goto-char (point-max)))
147 (defvar gnus-extract-address-components
)
149 (defun mml-smime-openssl-sign-query ()
150 ;; query information (what certificate) from user when MML tag is
151 ;; added, for use later by the signing process
152 (when (null smime-keys
)
153 (customize-variable 'smime-keys
)
154 (error "No S/MIME keys configured, use customize to add your key"))
156 (if (= (length smime-keys
) 1)
158 (or (let ((from (cadr (funcall (if (boundp
159 'gnus-extract-address-components
)
160 gnus-extract-address-components
161 'mail-extract-address-components
)
164 (message-narrow-to-headers)
165 (message-fetch-field "from")))
167 (and from
(smime-get-key-by-email from
)))
168 (smime-get-key-by-email
169 (completing-read "Sign this part with what signature? "
171 (and (listp (car-safe smime-keys
))
172 (caar smime-keys
))))))))
174 (defun mml-smime-get-file-cert ()
176 (list 'certfile
(read-file-name
177 "File with recipient's S/MIME certificate: "
178 smime-certificate-directory nil t
""))))
180 (defun mml-smime-get-dns-cert ()
181 ;; todo: deal with comma separated multiple recipients
182 (let (result who bad cert
)
185 (setq who
(read-from-minibuffer
186 (format "%sLookup certificate for: " (or bad
""))
187 (cadr (funcall (if (boundp
188 'gnus-extract-address-components
)
189 gnus-extract-address-components
190 'mail-extract-address-components
)
193 (message-narrow-to-headers)
194 (message-fetch-field "to")))
196 (if (setq cert
(smime-cert-by-dns who
))
197 (setq result
(list 'certfile
(buffer-name cert
)))
198 (setq bad
(format "`%s' not found. " who
))))
202 (defun mml-smime-get-ldap-cert ()
203 ;; todo: deal with comma separated multiple recipients
204 (let (result who bad cert
)
207 (setq who
(read-from-minibuffer
208 (format "%sLookup certificate for: " (or bad
""))
209 (cadr (funcall gnus-extract-address-components
212 (message-narrow-to-headers)
213 (message-fetch-field "to")))
215 (if (setq cert
(smime-cert-by-ldap who
))
216 (setq result
(list 'certfile
(buffer-name cert
)))
217 (setq bad
(format "`%s' not found. " who
))))
221 (autoload 'gnus-completing-read-with-default
"gnus-util")
223 (defun mml-smime-openssl-encrypt-query ()
224 ;; todo: try dns/ldap automatically first, before prompting user
227 (ecase (read (gnus-completing-read-with-default
228 "ldap" "Fetch certificate from"
229 '(("dns") ("ldap") ("file")) nil t
))
230 (dns (setq certs
(append certs
231 (mml-smime-get-dns-cert))))
232 (ldap (setq certs
(append certs
233 (mml-smime-get-ldap-cert))))
234 (file (setq certs
(append certs
235 (mml-smime-get-file-cert)))))
236 (setq done
(not (y-or-n-p "Add more recipients? "))))
239 (defun mml-smime-openssl-verify (handle ctl
)
241 (insert-buffer-substring (mm-handle-multipart-original-buffer ctl
))
242 (goto-char (point-min))
243 (insert (format "Content-Type: %s; " (mm-handle-media-type ctl
)))
244 (insert (format "protocol=\"%s\"; "
245 (mm-handle-multipart-ctl-parameter ctl
'protocol
)))
246 (insert (format "micalg=\"%s\"; "
247 (mm-handle-multipart-ctl-parameter ctl
'micalg
)))
248 (insert (format "boundary=\"%s\"\n\n"
249 (mm-handle-multipart-ctl-parameter ctl
'boundary
)))
250 (when (get-buffer smime-details-buffer
)
251 (kill-buffer smime-details-buffer
))
252 (let ((buf (current-buffer))
253 (good-signature (smime-noverify-buffer))
254 (good-certificate (and (or smime-CA-file smime-CA-directory
)
255 (smime-verify-buffer)))
256 addresses openssl-output
)
257 (setq openssl-output
(with-current-buffer smime-details-buffer
259 (if (not good-signature
)
261 ;; we couldn't verify message, fail with openssl output as message
262 (mm-set-handle-multipart-parameter
263 mm-security-handle
'gnus-info
"Failed")
264 (mm-set-handle-multipart-parameter
265 mm-security-handle
'gnus-details
266 (concat "OpenSSL failed to verify message integrity:\n"
267 "-------------------------------------------\n"
269 ;; verify mail addresses in mail against those in certificate
270 (when (and (smime-pkcs7-region (point-min) (point-max))
271 (smime-pkcs7-certificates-region (point-min) (point-max)))
273 (insert-buffer-substring buf
)
274 (goto-char (point-min))
275 (while (re-search-forward "-----END CERTIFICATE-----" nil t
)
276 (when (smime-pkcs7-email-region (point-min) (point))
277 (setq addresses
(append (smime-buffer-as-string-region
278 (point-min) (point)) addresses
)))
279 (delete-region (point-min) (point)))
280 (setq addresses
(mapcar 'downcase addresses
))))
281 (if (not (member (downcase (or (mm-handle-multipart-from ctl
) "")) addresses
))
282 (mm-set-handle-multipart-parameter
283 mm-security-handle
'gnus-info
"Sender address forged")
285 (mm-set-handle-multipart-parameter
286 mm-security-handle
'gnus-info
"Ok (sender authenticated)")
287 (mm-set-handle-multipart-parameter
288 mm-security-handle
'gnus-info
"Ok (sender not trusted)")))
289 (mm-set-handle-multipart-parameter
290 mm-security-handle
'gnus-details
291 (concat "Sender claimed to be: " (mm-handle-multipart-from ctl
) "\n"
293 (concat "Addresses in certificate: "
294 (mapconcat 'identity addresses
", "))
295 "No addresses found in certificate. (Requires OpenSSL 0.9.6 or later.)")
298 "---------------\n" openssl-output
"\n"
299 "Certificate(s) inside S/MIME signature:\n"
300 "---------------------------------------\n"
301 (buffer-string) "\n")))))
304 (defun mml-smime-openssl-verify-test (handle ctl
)
305 smime-openssl-program
)
307 (defvar epg-user-id-alist
)
308 (defvar epg-digest-algorithm-alist
)
309 (defvar inhibit-redisplay
)
310 (defvar password-cache-expiry
)
313 (autoload 'epg-make-context
"epg")
314 (autoload 'epg-context-set-armor
"epg")
315 (autoload 'epg-context-set-signers
"epg")
316 (autoload 'epg-context-result-for
"epg")
317 (autoload 'epg-new-signature-digest-algorithm
"epg")
318 (autoload 'epg-verify-result-to-string
"epg")
319 (autoload 'epg-list-keys
"epg")
320 (autoload 'epg-decrypt-string
"epg")
321 (autoload 'epg-verify-string
"epg")
322 (autoload 'epg-sign-string
"epg")
323 (autoload 'epg-encrypt-string
"epg")
324 (autoload 'epg-passphrase-callback-function
"epg")
325 (autoload 'epg-context-set-passphrase-callback
"epg")
326 (autoload 'epg-configuration
"epg-config")
327 (autoload 'epg-expand-group
"epg-config")
328 (autoload 'epa-select-keys
"epa"))
330 (defvar mml-smime-epg-secret-key-id-list nil
)
332 (defun mml-smime-epg-passphrase-callback (context key-id ignore
)
334 (epg-passphrase-callback-function context key-id nil
)
339 "Passphrase for PIN: "
340 (if (setq entry
(assoc key-id epg-user-id-alist
))
341 (format "Passphrase for %s %s: " key-id
(cdr entry
))
342 (format "Passphrase for %s: " key-id
)))
347 (let ((password-cache-expiry mml-smime-passphrase-cache-expiry
))
348 (password-cache-add key-id passphrase
))
349 (setq mml-smime-epg-secret-key-id-list
350 (cons key-id mml-smime-epg-secret-key-id-list
))
351 (copy-sequence passphrase
)))))
353 (declare-function epg-key-sub-key-list
"ext:epg" (key))
354 (declare-function epg-sub-key-capability
"ext:epg" (sub-key))
355 (declare-function epg-sub-key-validity
"ext:epg" (sub-key))
357 (defun mml-smime-epg-find-usable-key (keys usage
)
360 (let ((pointer (epg-key-sub-key-list (car keys
))))
362 (if (and (memq usage
(epg-sub-key-capability (car pointer
)))
363 (not (memq (epg-sub-key-validity (car pointer
))
364 '(revoked expired
))))
365 (throw 'found
(car keys
)))
366 (setq pointer
(cdr pointer
))))
367 (setq keys
(cdr keys
)))))
369 (autoload 'mml-compute-boundary
"mml")
371 ;; We require mm-decode, which requires mm-bodies, which autoloads
372 ;; message-options-get (!).
373 (declare-function message-options-set
"message" (symbol value
))
375 (defun mml-smime-epg-sign (cont)
376 (let* ((inhibit-redisplay t
)
377 (context (epg-make-context 'CMS
))
378 (boundary (mml-compute-boundary cont
))
381 (or (message-options-get 'mml-smime-epg-signers
)
383 'mml-smime-epg-signers
384 (if (eq mm-sign-option
'guided
)
385 (epa-select-keys context
"\
386 Select keys for signing.
387 If no one is selected, default secret key is used. "
389 (if mml-smime-signers
392 (setq signer-key
(mml-smime-epg-find-usable-key
393 (epg-list-keys context signer t
)
395 (unless (or signer-key
397 (format "No secret key for %s; skip it? "
399 (error "No secret key for %s" signer
))
401 mml-smime-signers
))))))
403 (epg-context-set-signers context signers
)
404 (if mml-smime-cache-passphrase
405 (epg-context-set-passphrase-callback
407 #'mml-smime-epg-passphrase-callback
))
408 (condition-case error
409 (setq signature
(epg-sign-string context
410 (mm-replace-in-string (buffer-string)
413 mml-smime-epg-secret-key-id-list nil
)
415 (while mml-smime-epg-secret-key-id-list
416 (password-cache-remove (car mml-smime-epg-secret-key-id-list
))
417 (setq mml-smime-epg-secret-key-id-list
418 (cdr mml-smime-epg-secret-key-id-list
)))
419 (signal (car error
) (cdr error
))))
420 (if (epg-context-result-for context
'sign
)
421 (setq micalg
(epg-new-signature-digest-algorithm
422 (car (epg-context-result-for context
'sign
)))))
423 (goto-char (point-min))
424 (insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
427 (insert (format "\tmicalg=%s; "
430 epg-digest-algorithm-alist
))))))
431 (insert "protocol=\"application/pkcs7-signature\"\n")
432 (insert (format "\n--%s\n" boundary
))
433 (goto-char (point-max))
434 (insert (format "\n--%s\n" boundary
))
435 (insert "Content-Type: application/pkcs7-signature; name=smime.p7s
436 Content-Transfer-Encoding: base64
437 Content-Disposition: attachment; filename=smime.p7s
440 (insert (base64-encode-string signature
) "\n")
441 (goto-char (point-max))
442 (insert (format "--%s--\n" boundary
))
443 (goto-char (point-max))))
445 (defun mml-smime-epg-encrypt (cont)
446 (let ((inhibit-redisplay t
)
447 (context (epg-make-context 'CMS
))
448 (config (epg-configuration))
449 (recipients (message-options-get 'mml-smime-epg-recipients
))
451 (boundary (mml-compute-boundary cont
))
458 (or (epg-expand-group config recipient
)
461 (or (message-options-get 'message-recipients
)
462 (message-options-set 'message-recipients
463 (read-string "Recipients: ")))
464 "[ \f\t\n\r\v,]+"))))
465 (if (eq mm-encrypt-option
'guided
)
467 (epa-select-keys context
"\
468 Select recipients for encryption.
469 If no one is selected, symmetric encryption will be performed. "
474 (setq recipient-key
(mml-smime-epg-find-usable-key
475 (epg-list-keys context recipient
)
477 (unless (or recipient-key
479 (format "No public key for %s; skip it? "
481 (error "No public key for %s" recipient
))
485 (error "No recipient specified")))
486 (message-options-set 'mml-smime-epg-recipients recipients
))
487 (if mml-smime-cache-passphrase
488 (epg-context-set-passphrase-callback
490 #'mml-smime-epg-passphrase-callback
))
491 (condition-case error
493 (epg-encrypt-string context
(buffer-string) recipients
)
494 mml-smime-epg-secret-key-id-list nil
)
496 (while mml-smime-epg-secret-key-id-list
497 (password-cache-remove (car mml-smime-epg-secret-key-id-list
))
498 (setq mml-smime-epg-secret-key-id-list
499 (cdr mml-smime-epg-secret-key-id-list
)))
500 (signal (car error
) (cdr error
))))
501 (delete-region (point-min) (point-max))
502 (goto-char (point-min))
504 Content-Type: application/pkcs7-mime;
505 smime-type=enveloped-data;
507 Content-Transfer-Encoding: base64
508 Content-Disposition: attachment; filename=smime.p7m
511 (insert (base64-encode-string cipher
))
512 (goto-char (point-max))))
514 (defun mml-smime-epg-verify (handle ctl
)
516 (let ((inhibit-redisplay t
)
517 context plain signature-file part signature
)
518 (when (or (null (setq part
(mm-find-raw-part-by-type
519 ctl
(or (mm-handle-multipart-ctl-parameter
521 "application/pkcs7-signature")
523 (null (setq signature
(mm-find-part-by-type
525 "application/pkcs7-signature"
527 (mm-set-handle-multipart-parameter
528 mm-security-handle
'gnus-info
"Corrupted")
529 (throw 'error handle
))
530 (setq part
(mm-replace-in-string part
"\n" "\r\n" t
)
531 context
(epg-make-context 'CMS
))
532 (condition-case error
533 (setq plain
(epg-verify-string context
(mm-get-part signature
) part
))
535 (mm-set-handle-multipart-parameter
536 mm-security-handle
'gnus-info
"Failed")
537 (if (eq (car error
) 'quit
)
538 (mm-set-handle-multipart-parameter
539 mm-security-handle
'gnus-details
"Quit.")
540 (mm-set-handle-multipart-parameter
541 mm-security-handle
'gnus-details
(format "%S" error
)))
542 (throw 'error handle
)))
543 (mm-set-handle-multipart-parameter
544 mm-security-handle
'gnus-info
545 (epg-verify-result-to-string (epg-context-result-for context
'verify
)))
548 (defun mml-smime-epg-verify-test (handle ctl
)
553 ;; arch-tag: f1bf94d4-f2cd-4c6f-b059-ad69492817e2
554 ;;; mml-smime.el ends here