1 ;;; mml2015.el --- MIME Security with Pretty Good Privacy (PGP)
3 ;; Copyright (C) 2000-2014 Free Software Foundation, Inc.
5 ;; Author: Shenghuo Zhu <zsh@cs.rochester.edu>
6 ;; Keywords: PGP MIME MML
8 ;; This file is part of GNU Emacs.
10 ;; GNU Emacs is free software: you can redistribute it and/or modify
11 ;; it under the terms of the GNU General Public License as published by
12 ;; the Free Software Foundation, either version 3 of the License, or
13 ;; (at your option) any later version.
15 ;; GNU Emacs is distributed in the hope that it will be useful,
16 ;; but WITHOUT ANY WARRANTY; without even the implied warranty of
17 ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 ;; GNU General Public License for more details.
20 ;; You should have received a copy of the GNU General Public License
21 ;; along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>.
25 ;; RFC 2015 is updated by RFC 3156, this file should be compatible
31 ;; For Emacs <22.2 and XEmacs.
32 (unless (fboundp 'declare-function
) (defmacro declare-function
(&rest r
)))
34 (if (locate-library "password-cache")
35 (require 'password-cache
)
38 (eval-when-compile (require 'cl
))
44 (defvar mc-pgp-always-sign
)
46 (declare-function epg-check-configuration
"ext:epg-config"
47 (config &optional minimum-version
))
48 (declare-function epg-configuration
"ext:epg-config" ())
50 ;; Maybe this should be in eg mml-sec.el (and have a different name).
51 ;; Then mml1991 would not need to require mml2015, and mml1991-use
53 (defvar mml2015-use
(or
57 (epg-check-configuration (epg-configuration))
61 (let ((abs-file (locate-library "pgg")))
62 ;; Don't load PGG if it is marked as obsolete
65 (not (string-match "/obsolete/[^/]*\\'"
67 (ignore-errors (require 'pgg
))
68 (and (fboundp 'pgg-sign-region
)
72 (and (fboundp 'mc-encrypt-generic
)
73 (fboundp 'mc-sign-generic
)
74 (fboundp 'mc-cleanup-recipient-headers
)
76 "The package used for PGP/MIME.
77 Valid packages include `epg', `pgg' and `mailcrypt'.")
79 ;; Something is not RFC2015.
80 (defvar mml2015-function-alist
81 '((mailcrypt mml2015-mailcrypt-sign
82 mml2015-mailcrypt-encrypt
83 mml2015-mailcrypt-verify
84 mml2015-mailcrypt-decrypt
85 mml2015-mailcrypt-clear-verify
86 mml2015-mailcrypt-clear-decrypt
)
91 mml2015-pgg-clear-verify
92 mml2015-pgg-clear-decrypt
)
97 mml2015-epg-clear-verify
98 mml2015-epg-clear-decrypt
))
99 "Alist of PGP/MIME functions.")
101 (defvar mml2015-result-buffer nil
)
103 (defcustom mml2015-unabbrev-trust-alist
104 '(("TRUST_UNDEFINED" . nil
)
105 ("TRUST_NEVER" . nil
)
106 ("TRUST_MARGINAL" . t
)
108 ("TRUST_ULTIMATE" . t
))
109 "Map GnuPG trust output values to a boolean saying if you trust the key."
111 :group
'mime-security
112 :type
'(repeat (cons (regexp :tag
"GnuPG output regexp")
113 (boolean :tag
"Trust key"))))
115 (defcustom mml2015-cache-passphrase mml-secure-cache-passphrase
116 "If t, cache passphrase."
117 :group
'mime-security
120 (defcustom mml2015-passphrase-cache-expiry mml-secure-passphrase-cache-expiry
121 "How many seconds the passphrase is cached.
122 Whether the passphrase is cached at all is controlled by
123 `mml2015-cache-passphrase'."
124 :group
'mime-security
127 (defcustom mml2015-signers nil
128 "A list of your own key ID(s) which will be used to sign a message.
129 If set, it overrides the setting of `mml2015-sign-with-sender'."
130 :group
'mime-security
131 :type
'(repeat (string :tag
"Key ID")))
133 (defcustom mml2015-sign-with-sender nil
134 "If t, use message sender so find a key to sign with."
135 :group
'mime-security
139 (defcustom mml2015-encrypt-to-self nil
140 "If t, add your own key ID to recipient list when encryption."
141 :group
'mime-security
144 (defcustom mml2015-always-trust t
145 "If t, GnuPG skip key validation on encryption."
146 :group
'mime-security
149 (defcustom mml2015-maximum-key-image-dimension
64
150 "The maximum dimension (width or height) of any key images."
152 :group
'mime-security
155 ;; Extract plaintext from cleartext signature. IMO, this kind of task
156 ;; should be done by GnuPG rather than Elisp, but older PGP backends
157 ;; (such as Mailcrypt, and PGG) discard the output from GnuPG.
158 (defun mml2015-extract-cleartext-signature ()
160 ;; <54a15d860801080142l70b95d7dkac4bf51a86196011@mail.gmail.com>: ``I still
161 ;; believe that the right way is to use the plaintext output from GnuPG as
162 ;; it is, and mml2015-extract-cleartext-signature is just a kludge for
163 ;; misdesigned libraries like PGG, which have no ability to do that. So, I
164 ;; think it should not have descriptive documentation.''
166 ;; This function doesn't handle NotDashEscaped correctly. EasyPG handles it
168 ;; http://thread.gmane.org/gmane.emacs.gnus.general/66062/focus=66082
169 ;; http://thread.gmane.org/gmane.emacs.gnus.general/65087/focus=65109
170 (goto-char (point-min))
172 ;; We need to be careful not to strip beyond the armor headers.
173 ;; Previously, an attacker could replace the text inside our
174 ;; markup with trailing garbage by injecting whitespace into the
176 (while (looking-at "Hash:") ; The only header allowed in cleartext
177 (forward-line)) ; signatures according to RFC2440.
178 (when (looking-at "[\t ]*$")
180 (delete-region (point-min) (point))
181 (if (re-search-forward "^-----BEGIN PGP SIGNATURE-----" nil t
)
182 (delete-region (match-beginning 0) (point-max)))
183 (goto-char (point-min))
184 (while (re-search-forward "^- " nil t
)
185 (replace-match "" t t
)
188 ;;; mailcrypt wrapper
190 (autoload 'mailcrypt-decrypt
"mailcrypt")
191 (autoload 'mailcrypt-verify
"mailcrypt")
192 (autoload 'mc-pgp-always-sign
"mailcrypt")
193 (autoload 'mc-encrypt-generic
"mc-toplev")
194 (autoload 'mc-cleanup-recipient-headers
"mc-toplev")
195 (autoload 'mc-sign-generic
"mc-toplev")
197 (defvar mml2015-decrypt-function
'mailcrypt-decrypt
)
198 (defvar mml2015-verify-function
'mailcrypt-verify
)
200 (defun mml2015-format-error (err)
201 (if (stringp (cadr err
))
203 (format "%S" (cdr err
))))
205 (defun mml2015-mailcrypt-decrypt (handle ctl
)
207 (let (child handles result
)
208 (unless (setq child
(mm-find-part-by-type
210 "application/octet-stream" nil t
))
211 (mm-set-handle-multipart-parameter
212 mm-security-handle
'gnus-info
"Corrupted")
213 (throw 'error handle
))
215 (mm-insert-part child
)
218 (funcall mml2015-decrypt-function
)
220 (mm-set-handle-multipart-parameter
221 mm-security-handle
'gnus-details
(mml2015-format-error err
))
224 (mm-set-handle-multipart-parameter
225 mm-security-handle
'gnus-details
"Quit.")
228 (mm-set-handle-multipart-parameter
229 mm-security-handle
'gnus-info
"Failed")
230 (throw 'error handle
))
231 (setq handles
(mm-dissect-buffer t
)))
232 (mm-destroy-parts handle
)
233 (mm-set-handle-multipart-parameter
234 mm-security-handle
'gnus-info
236 (let ((sig (with-current-buffer mml2015-result-buffer
237 (mml2015-gpg-extract-signature-details))))
238 (concat ", Signer: " sig
))))
239 (if (listp (car handles
))
243 (defun mml2015-gpg-pretty-print-fpr (fingerprint)
245 (fpr-length (string-width fingerprint
))
248 (setq fingerprint
(string-to-list fingerprint
))
250 (setq fpr-length
(- fpr-length
4))
251 (setq slice
(butlast fingerprint fpr-length
))
252 (setq fingerprint
(nthcdr 4 fingerprint
))
253 (setq n-slice
(1+ n-slice
))
259 (otherwise (concat " " slice
))))))
262 (defun mml2015-gpg-extract-signature-details ()
263 (goto-char (point-min))
264 (let* ((expired (re-search-forward
265 "^\\[GNUPG:\\] SIGEXPIRED$"
267 (signer (and (re-search-forward
268 "^\\[GNUPG:\\] GOODSIG \\([0-9A-Za-z]*\\) \\(.*\\)$"
270 (cons (match-string 1) (match-string 2))))
271 (fprint (and (re-search-forward
272 "^\\[GNUPG:\\] VALIDSIG \\([0-9a-zA-Z]*\\) "
275 (trust (and (re-search-forward
276 "^\\[GNUPG:\\] \\(TRUST_.*\\)$"
280 (cdr (assoc trust mml2015-unabbrev-trust-alist
))))
281 (cond ((and signer fprint
)
283 (unless trust-good-enough-p
284 (concat "\nUntrusted, Fingerprint: "
285 (mml2015-gpg-pretty-print-fpr fprint
)))
287 (format "\nWARNING: Signature from expired key (%s)"
290 "^\\(gpg: \\)?Good signature from \"\\(.*\\)\"$" nil t
)
293 "From unknown user"))))
295 (defun mml2015-mailcrypt-clear-decrypt ()
299 (funcall mml2015-decrypt-function
)
301 (mm-set-handle-multipart-parameter
302 mm-security-handle
'gnus-details
(mml2015-format-error err
))
305 (mm-set-handle-multipart-parameter
306 mm-security-handle
'gnus-details
"Quit.")
309 (mm-set-handle-multipart-parameter
310 mm-security-handle
'gnus-info
"OK")
311 (mm-set-handle-multipart-parameter
312 mm-security-handle
'gnus-info
"Failed"))))
314 (defun mml2015-fix-micalg (alg)
316 ;; Mutt/1.2.5i has seen sending micalg=php-sha1
317 (upcase (if (string-match "^p[gh]p-" alg
)
318 (substring alg
(match-end 0))
321 (defun mml2015-mailcrypt-verify (handle ctl
)
324 (unless (setq part
(mm-find-raw-part-by-type
325 ctl
(or (mm-handle-multipart-ctl-parameter
327 "application/pgp-signature")
329 (mm-set-handle-multipart-parameter
330 mm-security-handle
'gnus-info
"Corrupted")
331 (throw 'error handle
))
333 (insert "-----BEGIN PGP SIGNED MESSAGE-----\n")
334 (insert (format "Hash: %s\n\n"
335 (or (mml2015-fix-micalg
336 (mm-handle-multipart-ctl-parameter
340 (narrow-to-region (point) (point))
342 (goto-char (point-min))
344 (if (looking-at "^-")
347 (unless (setq part
(mm-find-part-by-type
348 (cdr handle
) "application/pgp-signature" nil t
))
349 (mm-set-handle-multipart-parameter
350 mm-security-handle
'gnus-info
"Corrupted")
351 (throw 'error handle
))
353 (narrow-to-region (point) (point))
354 (mm-insert-part part
)
355 (goto-char (point-min))
356 (if (re-search-forward "^-----BEGIN PGP [^-]+-----\r?$" nil t
)
357 (replace-match "-----BEGIN PGP SIGNATURE-----" t t
))
358 (if (re-search-forward "^-----END PGP [^-]+-----\r?$" nil t
)
359 (replace-match "-----END PGP SIGNATURE-----" t t
)))
360 (let ((mc-gpg-debug-buffer (get-buffer-create " *gnus gpg debug*")))
361 (unless (condition-case err
363 (funcall mml2015-verify-function
)
364 (if (get-buffer " *mailcrypt stderr temp")
365 (mm-set-handle-multipart-parameter
366 mm-security-handle
'gnus-details
367 (with-current-buffer " *mailcrypt stderr temp"
369 (if (get-buffer " *mailcrypt stdout temp")
370 (kill-buffer " *mailcrypt stdout temp"))
371 (if (get-buffer " *mailcrypt stderr temp")
372 (kill-buffer " *mailcrypt stderr temp"))
373 (if (get-buffer " *mailcrypt status temp")
374 (kill-buffer " *mailcrypt status temp"))
375 (if (get-buffer mc-gpg-debug-buffer
)
376 (kill-buffer mc-gpg-debug-buffer
)))
378 (mm-set-handle-multipart-parameter
379 mm-security-handle
'gnus-details
(mml2015-format-error err
))
382 (mm-set-handle-multipart-parameter
383 mm-security-handle
'gnus-details
"Quit.")
385 (mm-set-handle-multipart-parameter
386 mm-security-handle
'gnus-info
"Failed")
387 (throw 'error handle
))))
388 (mm-set-handle-multipart-parameter
389 mm-security-handle
'gnus-info
"OK")
392 (defun mml2015-mailcrypt-clear-verify ()
393 (let ((mc-gpg-debug-buffer (get-buffer-create " *gnus gpg debug*")))
394 (if (condition-case err
396 (funcall mml2015-verify-function
)
397 (if (get-buffer " *mailcrypt stderr temp")
398 (mm-set-handle-multipart-parameter
399 mm-security-handle
'gnus-details
400 (with-current-buffer " *mailcrypt stderr temp"
402 (if (get-buffer " *mailcrypt stdout temp")
403 (kill-buffer " *mailcrypt stdout temp"))
404 (if (get-buffer " *mailcrypt stderr temp")
405 (kill-buffer " *mailcrypt stderr temp"))
406 (if (get-buffer " *mailcrypt status temp")
407 (kill-buffer " *mailcrypt status temp"))
408 (if (get-buffer mc-gpg-debug-buffer
)
409 (kill-buffer mc-gpg-debug-buffer
)))
411 (mm-set-handle-multipart-parameter
412 mm-security-handle
'gnus-details
(mml2015-format-error err
))
415 (mm-set-handle-multipart-parameter
416 mm-security-handle
'gnus-details
"Quit.")
418 (mm-set-handle-multipart-parameter
419 mm-security-handle
'gnus-info
"OK")
420 (mm-set-handle-multipart-parameter
421 mm-security-handle
'gnus-info
"Failed")))
422 (mml2015-extract-cleartext-signature))
424 (defun mml2015-mailcrypt-sign (cont)
425 (mc-sign-generic (message-options-get 'message-sender
)
427 (let ((boundary (mml-compute-boundary cont
))
429 (goto-char (point-min))
430 (unless (re-search-forward "^-----BEGIN PGP SIGNED MESSAGE-----\r?$" nil t
)
431 (error "Cannot find signed begin line"))
432 (goto-char (match-beginning 0))
434 (unless (looking-at "Hash:[ \t]*\\([a-zA-Z0-9]+\\)")
435 (error "Cannot not find PGP hash"))
436 (setq hash
(match-string 1))
437 (unless (re-search-forward "^$" nil t
)
438 (error "Cannot not find PGP message"))
440 (delete-region (point-min) (point))
441 (insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
443 (insert (format "\tmicalg=pgp-%s; protocol=\"application/pgp-signature\"\n"
445 (insert (format "\n--%s\n" boundary
))
447 (goto-char (point-max))
448 (unless (re-search-backward "^-----END PGP SIGNATURE-----\r?$" nil t
)
449 (error "Cannot find signature part"))
450 (replace-match "-----END PGP MESSAGE-----" t t
)
451 (goto-char (match-beginning 0))
452 (unless (re-search-backward "^-----BEGIN PGP SIGNATURE-----\r?$"
454 (error "Cannot find signature part"))
455 (replace-match "-----BEGIN PGP MESSAGE-----" t t
)
456 (goto-char (match-beginning 0))
458 (narrow-to-region point
(point))
460 (while (re-search-forward "^- -" nil t
)
461 (replace-match "-" t t
))
462 (goto-char (point-max)))
463 (insert (format "--%s\n" boundary
))
464 (insert "Content-Type: application/pgp-signature\n\n")
465 (goto-char (point-max))
466 (insert (format "--%s--\n" boundary
))
467 (goto-char (point-max))))
469 ;; We require mm-decode, which requires mm-bodies, which autoloads
470 ;; message-options-get (!).
471 (declare-function message-options-set
"message" (symbol value
))
473 (defun mml2015-mailcrypt-encrypt (cont &optional sign
)
474 (let ((mc-pgp-always-sign
475 (or mc-pgp-always-sign
477 (eq t
(or (message-options-get 'message-sign-encrypt
)
479 'message-sign-encrypt
480 (or (y-or-n-p "Sign the message? ")
483 (mm-with-unibyte-current-buffer
485 (or (message-options-get 'message-recipients
)
486 (message-options-set 'message-recipients
487 (mc-cleanup-recipient-headers
488 (read-string "Recipients: "))))
490 (message-options-get 'message-sender
))))
491 (goto-char (point-min))
492 (unless (looking-at "-----BEGIN PGP MESSAGE-----")
493 (error "Fail to encrypt the message"))
494 (let ((boundary (mml-compute-boundary cont
)))
495 (insert (format "Content-Type: multipart/encrypted; boundary=\"%s\";\n"
497 (insert "\tprotocol=\"application/pgp-encrypted\"\n\n")
498 (insert (format "--%s\n" boundary
))
499 (insert "Content-Type: application/pgp-encrypted\n\n")
500 (insert "Version: 1\n\n")
501 (insert (format "--%s\n" boundary
))
502 (insert "Content-Type: application/octet-stream\n\n")
503 (goto-char (point-max))
504 (insert (format "--%s--\n" boundary
))
505 (goto-char (point-max))))
509 (defvar pgg-default-user-id
)
510 (defvar pgg-errors-buffer
)
511 (defvar pgg-output-buffer
)
513 (autoload 'pgg-decrypt-region
"pgg")
514 (autoload 'pgg-verify-region
"pgg")
515 (autoload 'pgg-sign-region
"pgg")
516 (autoload 'pgg-encrypt-region
"pgg")
517 (autoload 'pgg-parse-armor
"pgg-parse")
519 (defun mml2015-pgg-decrypt (handle ctl
)
521 (let ((pgg-errors-buffer mml2015-result-buffer
)
522 child handles result decrypt-status
)
523 (unless (setq child
(mm-find-part-by-type
525 "application/octet-stream" nil t
))
526 (mm-set-handle-multipart-parameter
527 mm-security-handle
'gnus-info
"Corrupted")
528 (throw 'error handle
))
530 (mm-insert-part child
)
531 (if (condition-case err
533 (pgg-decrypt-region (point-min) (point-max))
535 (with-current-buffer mml2015-result-buffer
537 (mm-set-handle-multipart-parameter
538 mm-security-handle
'gnus-details
541 (mm-set-handle-multipart-parameter
542 mm-security-handle
'gnus-details
(mml2015-format-error err
))
545 (mm-set-handle-multipart-parameter
546 mm-security-handle
'gnus-details
"Quit.")
548 (with-current-buffer pgg-output-buffer
549 (goto-char (point-min))
550 (while (search-forward "\r\n" nil t
)
551 (replace-match "\n" t t
))
552 (setq handles
(mm-dissect-buffer t
))
553 (mm-destroy-parts handle
)
554 (mm-set-handle-multipart-parameter
555 mm-security-handle
'gnus-info
"OK")
556 (mm-set-handle-multipart-parameter
557 mm-security-handle
'gnus-details
558 (concat decrypt-status
559 (when (stringp (car handles
))
560 "\n" (mm-handle-multipart-ctl-parameter
561 handles
'gnus-details
))))
562 (if (listp (car handles
))
565 (mm-set-handle-multipart-parameter
566 mm-security-handle
'gnus-info
"Failed")
567 (throw 'error handle
))))))
569 (defun mml2015-pgg-clear-decrypt ()
570 (let ((pgg-errors-buffer mml2015-result-buffer
))
572 (pgg-decrypt-region (point-min) (point-max))
573 (mm-set-handle-multipart-parameter
574 mm-security-handle
'gnus-details
575 (with-current-buffer mml2015-result-buffer
579 ;; Treat data which pgg returns as a unibyte string.
580 (mm-disable-multibyte)
581 (insert-buffer-substring pgg-output-buffer
)
582 (goto-char (point-min))
583 (while (search-forward "\r\n" nil t
)
584 (replace-match "\n" t t
))
585 (mm-set-handle-multipart-parameter
586 mm-security-handle
'gnus-info
"OK"))
587 (mm-set-handle-multipart-parameter
588 mm-security-handle
'gnus-info
"Failed"))))
590 (defun mml2015-pgg-verify (handle ctl
)
591 (let ((pgg-errors-buffer mml2015-result-buffer
)
592 signature-file part signature
)
593 (if (or (null (setq part
(mm-find-raw-part-by-type
594 ctl
(or (mm-handle-multipart-ctl-parameter
596 "application/pgp-signature")
598 (null (setq signature
(mm-find-part-by-type
599 (cdr handle
) "application/pgp-signature" nil t
))))
601 (mm-set-handle-multipart-parameter
602 mm-security-handle
'gnus-info
"Corrupted")
606 ;; Convert <LF> to <CR><LF> in signed text. If --textmode is
607 ;; specified when signing, the conversion is not necessary.
608 (goto-char (point-min))
611 (unless (eq (char-before) ?
\r)
615 (with-temp-file (setq signature-file
(mm-make-temp-file "pgg"))
616 (mm-insert-part signature
))
617 (if (condition-case err
619 (pgg-verify-region (point-min) (point-max)
621 (goto-char (point-min))
622 (while (search-forward "\r\n" nil t
)
623 (replace-match "\n" t t
))
624 (mm-set-handle-multipart-parameter
625 mm-security-handle
'gnus-details
626 (concat (with-current-buffer pgg-output-buffer
628 (with-current-buffer pgg-errors-buffer
631 (mm-set-handle-multipart-parameter
632 mm-security-handle
'gnus-details
(mml2015-format-error err
))
635 (mm-set-handle-multipart-parameter
636 mm-security-handle
'gnus-details
"Quit.")
639 (delete-file signature-file
)
640 (mm-set-handle-multipart-parameter
641 mm-security-handle
'gnus-info
642 (with-current-buffer pgg-errors-buffer
643 (mml2015-gpg-extract-signature-details))))
644 (delete-file signature-file
)
645 (mm-set-handle-multipart-parameter
646 mm-security-handle
'gnus-info
"Failed")))))
649 (defun mml2015-pgg-clear-verify ()
650 (let ((pgg-errors-buffer mml2015-result-buffer
)
651 (text (buffer-string))
652 (coding-system buffer-file-coding-system
))
653 (if (condition-case err
655 (mm-with-unibyte-buffer
656 (insert (mm-encode-coding-string text coding-system
))
657 (pgg-verify-region (point-min) (point-max) nil t
))
658 (goto-char (point-min))
659 (while (search-forward "\r\n" nil t
)
660 (replace-match "\n" t t
))
661 (mm-set-handle-multipart-parameter
662 mm-security-handle
'gnus-details
663 (concat (with-current-buffer pgg-output-buffer
665 (with-current-buffer pgg-errors-buffer
668 (mm-set-handle-multipart-parameter
669 mm-security-handle
'gnus-details
(mml2015-format-error err
))
672 (mm-set-handle-multipart-parameter
673 mm-security-handle
'gnus-details
"Quit.")
675 (mm-set-handle-multipart-parameter
676 mm-security-handle
'gnus-info
677 (with-current-buffer pgg-errors-buffer
678 (mml2015-gpg-extract-signature-details)))
679 (mm-set-handle-multipart-parameter
680 mm-security-handle
'gnus-info
"Failed")))
681 (mml2015-extract-cleartext-signature))
683 (defun mml2015-pgg-sign (cont)
684 (let ((pgg-errors-buffer mml2015-result-buffer
)
685 (boundary (mml-compute-boundary cont
))
686 (pgg-default-user-id (or (message-options-get 'mml-sender
)
687 pgg-default-user-id
))
690 (unless (pgg-sign-region (point-min) (point-max))
691 (pop-to-buffer mml2015-result-buffer
)
692 (error "Sign error"))
693 (goto-char (point-min))
694 (insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
696 (if (setq entry
(assq 2 (pgg-parse-armor
697 (with-current-buffer pgg-output-buffer
699 (setq entry
(assq 'hash-algorithm
(cdr entry
))))
700 (insert (format "\tmicalg=%s; "
702 (downcase (format "pgp-%s" (cdr entry
)))
704 (insert "protocol=\"application/pgp-signature\"\n")
705 (insert (format "\n--%s\n" boundary
))
706 (goto-char (point-max))
707 (insert (format "\n--%s\n" boundary
))
708 (insert "Content-Type: application/pgp-signature\n\n")
709 (insert-buffer-substring pgg-output-buffer
)
710 (goto-char (point-max))
711 (insert (format "--%s--\n" boundary
))
712 (goto-char (point-max))))
714 (defun mml2015-pgg-encrypt (cont &optional sign
)
715 (let ((pgg-errors-buffer mml2015-result-buffer
)
717 (boundary (mml-compute-boundary cont
)))
718 (unless (pgg-encrypt-region (point-min) (point-max)
721 (message-options-get 'message-recipients
)
722 (message-options-set 'message-recipients
723 (read-string "Recipients: ")))
726 (pop-to-buffer mml2015-result-buffer
)
727 (error "Encrypt error"))
728 (delete-region (point-min) (point-max))
729 (goto-char (point-min))
730 (insert (format "Content-Type: multipart/encrypted; boundary=\"%s\";\n"
732 (insert "\tprotocol=\"application/pgp-encrypted\"\n\n")
733 (insert (format "--%s\n" boundary
))
734 (insert "Content-Type: application/pgp-encrypted\n\n")
735 (insert "Version: 1\n\n")
736 (insert (format "--%s\n" boundary
))
737 (insert "Content-Type: application/octet-stream\n\n")
738 (insert-buffer-substring pgg-output-buffer
)
739 (goto-char (point-max))
740 (insert (format "--%s--\n" boundary
))
741 (goto-char (point-max))))
745 (defvar epg-user-id-alist
)
746 (defvar epg-digest-algorithm-alist
)
747 (defvar epg-gpg-program
)
748 (defvar inhibit-redisplay
)
750 (autoload 'epg-make-context
"epg")
751 (autoload 'epg-context-set-armor
"epg")
752 (autoload 'epg-context-set-textmode
"epg")
753 (autoload 'epg-context-set-signers
"epg")
754 (autoload 'epg-context-result-for
"epg")
755 (autoload 'epg-new-signature-digest-algorithm
"epg")
756 (autoload 'epg-list-keys
"epg")
757 (autoload 'epg-decrypt-string
"epg")
758 (autoload 'epg-verify-string
"epg")
759 (autoload 'epg-sign-string
"epg")
760 (autoload 'epg-encrypt-string
"epg")
761 (autoload 'epg-passphrase-callback-function
"epg")
762 (autoload 'epg-context-set-passphrase-callback
"epg")
763 (autoload 'epg-key-sub-key-list
"epg")
764 (autoload 'epg-sub-key-capability
"epg")
765 (autoload 'epg-sub-key-validity
"epg")
766 (autoload 'epg-sub-key-fingerprint
"epg")
767 (autoload 'epg-signature-key-id
"epg")
768 (autoload 'epg-signature-to-string
"epg")
769 (autoload 'epg-key-user-id-list
"epg")
770 (autoload 'epg-user-id-string
"epg")
771 (autoload 'epg-user-id-validity
"epg")
772 (autoload 'epg-configuration
"epg-config")
773 (autoload 'epg-expand-group
"epg-config")
774 (autoload 'epa-select-keys
"epa")
776 (defvar mml2015-epg-secret-key-id-list nil
)
778 (defun mml2015-epg-passphrase-callback (context key-id ignore
)
780 (epg-passphrase-callback-function context key-id nil
)
781 (let* ((password-cache-key-id
789 "Passphrase for PIN: "
790 (if (setq entry
(assoc key-id epg-user-id-alist
))
791 (format "Passphrase for %s %s: " key-id
(cdr entry
))
792 (format "Passphrase for %s: " key-id
)))
793 password-cache-key-id
)))
795 (let ((password-cache-expiry mml2015-passphrase-cache-expiry
))
796 (password-cache-add password-cache-key-id passphrase
))
797 (setq mml2015-epg-secret-key-id-list
798 (cons password-cache-key-id mml2015-epg-secret-key-id-list
))
799 (copy-sequence passphrase
)))))
801 (defun mml2015-epg-check-user-id (key recipient
)
802 (let ((pointer (epg-key-user-id-list key
))
805 (if (and (equal (car (mail-header-parse-address
806 (epg-user-id-string (car pointer
))))
807 (car (mail-header-parse-address
809 (not (memq (epg-user-id-validity (car pointer
))
810 '(revoked expired
))))
813 (setq pointer
(cdr pointer
))))
816 (defun mml2015-epg-check-sub-key (key usage
)
817 (let ((pointer (epg-key-sub-key-list key
))
819 ;; The primary key will be marked as disabled, when the entire
820 ;; key is disabled (see 12 Field, Format of colon listings, in
821 ;; gnupg/doc/DETAILS)
822 (unless (memq 'disabled
(epg-sub-key-capability (car pointer
)))
824 (if (and (memq usage
(epg-sub-key-capability (car pointer
)))
825 (not (memq (epg-sub-key-validity (car pointer
))
826 '(revoked expired
))))
829 (setq pointer
(cdr pointer
)))))
832 (defun mml2015-epg-find-usable-key (context name usage
833 &optional name-is-key-id
)
834 (let ((keys (epg-list-keys context name
))
837 (if (and (or name-is-key-id
838 ;; Non email user-id can be supplied through
839 ;; mml2015-signers if mml2015-encrypt-to-self is set.
840 ;; Treat it as valid, as it is user's intention.
841 (not (string-match "\\`<" name
))
842 (mml2015-epg-check-user-id (car keys
) name
))
843 (mml2015-epg-check-sub-key (car keys
) usage
))
846 (setq keys
(cdr keys
))))
849 ;; XXX: since gpg --list-secret-keys does not return validity of each
850 ;; key, `mml2015-epg-find-usable-key' defined above is not enough for
851 ;; secret keys. The function `mml2015-epg-find-usable-secret-key'
852 ;; below looks at appropriate public keys to check usability.
853 (defun mml2015-epg-find-usable-secret-key (context name usage
)
854 (let ((secret-keys (epg-list-keys context name t
))
856 (while (and (not secret-key
) secret-keys
)
857 (if (mml2015-epg-find-usable-key
859 (epg-sub-key-fingerprint
860 (car (epg-key-sub-key-list
864 (setq secret-key
(car secret-keys
)
866 (setq secret-keys
(cdr secret-keys
))))
869 (autoload 'gnus-create-image
"gnus-ems")
871 (defun mml2015-epg-key-image (key-id)
872 "Return the image of a key, if any"
874 (mm-set-buffer-multibyte nil
)
875 (let* ((coding-system-for-write 'binary
)
876 (coding-system-for-read 'binary
)
877 (data (shell-command-to-string
878 (format "%s --list-options no-show-photos --attribute-fd 3 --list-keys %s 3>&1 >/dev/null 2>&1"
879 (shell-quote-argument epg-gpg-program
) key-id
))))
880 (when (> (length data
) 0)
881 (insert (substring data
16))
883 (gnus-create-image (buffer-string) nil t
)
886 (autoload 'gnus-rescale-image
"gnus-util")
888 (defun mml2015-epg-key-image-to-string (key-id)
889 "Return a string with the image of a key, if any"
890 (let ((key-image (mml2015-epg-key-image key-id
)))
893 (condition-case error
897 (gnus-rescale-image key-image
898 (cons mml2015-maximum-key-image-dimension
899 mml2015-maximum-key-image-dimension
))
904 (defun mml2015-epg-signature-to-string (signature)
905 (concat (epg-signature-to-string signature
)
906 (mml2015-epg-key-image-to-string (epg-signature-key-id signature
))))
908 (defun mml2015-epg-verify-result-to-string (verify-result)
909 (mapconcat #'mml2015-epg-signature-to-string verify-result
"\n"))
911 (defun mml2015-epg-decrypt (handle ctl
)
913 (let ((inhibit-redisplay t
)
914 context plain child handles result decrypt-status
)
915 (unless (setq child
(mm-find-part-by-type
917 "application/octet-stream" nil t
))
918 (mm-set-handle-multipart-parameter
919 mm-security-handle
'gnus-info
"Corrupted")
920 (throw 'error handle
))
921 (setq context
(epg-make-context))
922 (if mml2015-cache-passphrase
923 (epg-context-set-passphrase-callback
925 #'mml2015-epg-passphrase-callback
))
926 (condition-case error
927 (setq plain
(epg-decrypt-string context
(mm-get-part child
))
928 mml2015-epg-secret-key-id-list nil
)
930 (while mml2015-epg-secret-key-id-list
931 (password-cache-remove (car mml2015-epg-secret-key-id-list
))
932 (setq mml2015-epg-secret-key-id-list
933 (cdr mml2015-epg-secret-key-id-list
)))
934 (mm-set-handle-multipart-parameter
935 mm-security-handle
'gnus-info
"Failed")
936 (if (eq (car error
) 'quit
)
937 (mm-set-handle-multipart-parameter
938 mm-security-handle
'gnus-details
"Quit.")
939 (mm-set-handle-multipart-parameter
940 mm-security-handle
'gnus-details
(mml2015-format-error error
)))
941 (throw 'error handle
)))
944 (goto-char (point-min))
945 (while (search-forward "\r\n" nil t
)
946 (replace-match "\n" t t
))
947 (setq handles
(mm-dissect-buffer t
))
948 (mm-destroy-parts handle
)
949 (if (epg-context-result-for context
'verify
)
950 (mm-set-handle-multipart-parameter
951 mm-security-handle
'gnus-info
953 (mml2015-epg-verify-result-to-string
954 (epg-context-result-for context
'verify
))))
955 (mm-set-handle-multipart-parameter
956 mm-security-handle
'gnus-info
"OK"))
957 (if (stringp (car handles
))
958 (mm-set-handle-multipart-parameter
959 mm-security-handle
'gnus-details
960 (mm-handle-multipart-ctl-parameter handles
'gnus-details
))))
961 (if (listp (car handles
))
965 (defun mml2015-epg-clear-decrypt ()
966 (let ((inhibit-redisplay t
)
967 (context (epg-make-context))
969 (if mml2015-cache-passphrase
970 (epg-context-set-passphrase-callback
972 #'mml2015-epg-passphrase-callback
))
973 (condition-case error
974 (setq plain
(epg-decrypt-string context
(buffer-string))
975 mml2015-epg-secret-key-id-list nil
)
977 (while mml2015-epg-secret-key-id-list
978 (password-cache-remove (car mml2015-epg-secret-key-id-list
))
979 (setq mml2015-epg-secret-key-id-list
980 (cdr mml2015-epg-secret-key-id-list
)))
981 (mm-set-handle-multipart-parameter
982 mm-security-handle
'gnus-info
"Failed")
983 (if (eq (car error
) 'quit
)
984 (mm-set-handle-multipart-parameter
985 mm-security-handle
'gnus-details
"Quit.")
986 (mm-set-handle-multipart-parameter
987 mm-security-handle
'gnus-details
(mml2015-format-error error
)))))
990 ;; Treat data which epg returns as a unibyte string.
991 (mm-disable-multibyte)
993 (goto-char (point-min))
994 (while (search-forward "\r\n" nil t
)
995 (replace-match "\n" t t
))
996 (mm-set-handle-multipart-parameter
997 mm-security-handle
'gnus-info
"OK")
998 (if (epg-context-result-for context
'verify
)
999 (mm-set-handle-multipart-parameter
1000 mm-security-handle
'gnus-details
1001 (mml2015-epg-verify-result-to-string
1002 (epg-context-result-for context
'verify
)))))))
1004 (defun mml2015-epg-verify (handle ctl
)
1006 (let ((inhibit-redisplay t
)
1007 context plain signature-file part signature
)
1008 (when (or (null (setq part
(mm-find-raw-part-by-type
1009 ctl
(or (mm-handle-multipart-ctl-parameter
1011 "application/pgp-signature")
1013 (null (setq signature
(mm-find-part-by-type
1014 (cdr handle
) "application/pgp-signature"
1016 (mm-set-handle-multipart-parameter
1017 mm-security-handle
'gnus-info
"Corrupted")
1018 (throw 'error handle
))
1019 (setq part
(mm-replace-in-string part
"\n" "\r\n")
1020 signature
(mm-get-part signature
)
1021 context
(epg-make-context))
1022 (condition-case error
1023 (setq plain
(epg-verify-string context signature part
))
1025 (mm-set-handle-multipart-parameter
1026 mm-security-handle
'gnus-info
"Failed")
1027 (if (eq (car error
) 'quit
)
1028 (mm-set-handle-multipart-parameter
1029 mm-security-handle
'gnus-details
"Quit.")
1030 (mm-set-handle-multipart-parameter
1031 mm-security-handle
'gnus-details
(mml2015-format-error error
)))
1032 (throw 'error handle
)))
1033 (mm-set-handle-multipart-parameter
1034 mm-security-handle
'gnus-info
1035 (mml2015-epg-verify-result-to-string
1036 (epg-context-result-for context
'verify
)))
1039 (defun mml2015-epg-clear-verify ()
1040 (let ((inhibit-redisplay t
)
1041 (context (epg-make-context))
1042 (signature (mm-encode-coding-string (buffer-string)
1043 coding-system-for-write
))
1045 (condition-case error
1046 (setq plain
(epg-verify-string context signature
))
1048 (mm-set-handle-multipart-parameter
1049 mm-security-handle
'gnus-info
"Failed")
1050 (if (eq (car error
) 'quit
)
1051 (mm-set-handle-multipart-parameter
1052 mm-security-handle
'gnus-details
"Quit.")
1053 (mm-set-handle-multipart-parameter
1054 mm-security-handle
'gnus-details
(mml2015-format-error error
)))))
1057 (mm-set-handle-multipart-parameter
1058 mm-security-handle
'gnus-info
1059 (mml2015-epg-verify-result-to-string
1060 (epg-context-result-for context
'verify
)))
1061 (delete-region (point-min) (point-max))
1062 (insert (mm-decode-coding-string plain coding-system-for-read
)))
1063 (mml2015-extract-cleartext-signature))))
1065 (defun mml2015-epg-sign (cont)
1066 (let* ((inhibit-redisplay t
)
1067 (context (epg-make-context))
1068 (boundary (mml-compute-boundary cont
))
1069 (sender (message-options-get 'message-sender
))
1070 (signer-names (or mml2015-signers
1071 (if (and mml2015-sign-with-sender sender
)
1072 (list (concat "<" sender
">")))))
1075 (or (message-options-get 'mml2015-epg-signers
)
1076 (message-options-set
1077 'mml2015-epg-signers
1078 (if (eq mm-sign-option
'guided
)
1079 (epa-select-keys context
"\
1080 Select keys for signing.
1081 If no one is selected, default secret key is used. "
1084 (if (or sender mml2015-signers
)
1089 (mml2015-epg-find-usable-secret-key
1090 context signer
'sign
))
1091 (unless (or signer-key
1094 "No secret key for %s; skip it? "
1096 (error "No secret key for %s" signer
))
1100 (epg-context-set-armor context t
)
1101 (epg-context-set-textmode context t
)
1102 (epg-context-set-signers context signers
)
1103 (if mml2015-cache-passphrase
1104 (epg-context-set-passphrase-callback
1106 #'mml2015-epg-passphrase-callback
))
1107 ;; Signed data must end with a newline (RFC 3156, 5).
1108 (goto-char (point-max))
1111 (condition-case error
1112 (setq signature
(epg-sign-string context
(buffer-string) t
)
1113 mml2015-epg-secret-key-id-list nil
)
1115 (while mml2015-epg-secret-key-id-list
1116 (password-cache-remove (car mml2015-epg-secret-key-id-list
))
1117 (setq mml2015-epg-secret-key-id-list
1118 (cdr mml2015-epg-secret-key-id-list
)))
1119 (signal (car error
) (cdr error
))))
1120 (if (epg-context-result-for context
'sign
)
1121 (setq micalg
(epg-new-signature-digest-algorithm
1122 (car (epg-context-result-for context
'sign
)))))
1123 (goto-char (point-min))
1124 (insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
1127 (insert (format "\tmicalg=pgp-%s; "
1130 epg-digest-algorithm-alist
))))))
1131 (insert "protocol=\"application/pgp-signature\"\n")
1132 (insert (format "\n--%s\n" boundary
))
1133 (goto-char (point-max))
1134 (insert (format "\n--%s\n" boundary
))
1135 (insert "Content-Type: application/pgp-signature; name=\"signature.asc\"\n\n")
1137 (goto-char (point-max))
1138 (insert (format "--%s--\n" boundary
))
1139 (goto-char (point-max))))
1141 (defun mml2015-epg-encrypt (cont &optional sign
)
1142 (let* ((inhibit-redisplay t
)
1143 (context (epg-make-context))
1144 (boundary (mml-compute-boundary cont
))
1145 (config (epg-configuration))
1146 (recipients (message-options-get 'mml2015-epg-recipients
))
1148 (sender (message-options-get 'message-sender
))
1149 (signer-names (or mml2015-signers
1150 (if (and mml2015-sign-with-sender sender
)
1151 (list (concat "<" sender
">")))))
1153 recipient-key signer-key
)
1159 (or (epg-expand-group config recipient
)
1160 (list (concat "<" recipient
">"))))
1162 (or (message-options-get 'message-recipients
)
1163 (message-options-set 'message-recipients
1164 (read-string "Recipients: ")))
1165 "[ \f\t\n\r\v,]+"))))
1166 (when mml2015-encrypt-to-self
1167 (unless signer-names
1168 (error "Neither message sender nor mml2015-signers are set"))
1169 (setq recipients
(nconc recipients signer-names
)))
1170 (if (eq mm-encrypt-option
'guided
)
1172 (epa-select-keys context
"\
1173 Select recipients for encryption.
1174 If no one is selected, symmetric encryption will be performed. "
1180 (setq recipient-key
(mml2015-epg-find-usable-key
1181 context recipient
'encrypt
))
1182 (unless (or recipient-key
1184 (format "No public key for %s; skip it? "
1186 (error "No public key for %s" recipient
))
1190 (error "No recipient specified")))
1191 (message-options-set 'mml2015-epg-recipients recipients
))
1194 (or (message-options-get 'mml2015-epg-signers
)
1195 (message-options-set
1196 'mml2015-epg-signers
1197 (if (eq mm-sign-option
'guided
)
1198 (epa-select-keys context
"\
1199 Select keys for signing.
1200 If no one is selected, default secret key is used. "
1203 (if (or sender mml2015-signers
)
1208 (mml2015-epg-find-usable-secret-key
1209 context signer
'sign
))
1210 (unless (or signer-key
1213 "No secret key for %s; skip it? "
1215 (error "No secret key for %s" signer
))
1218 (epg-context-set-signers context signers
))
1219 (epg-context-set-armor context t
)
1220 (epg-context-set-textmode context t
)
1221 (if mml2015-cache-passphrase
1222 (epg-context-set-passphrase-callback
1224 #'mml2015-epg-passphrase-callback
))
1225 (condition-case error
1227 (epg-encrypt-string context
(buffer-string) recipients sign
1228 mml2015-always-trust
)
1229 mml2015-epg-secret-key-id-list nil
)
1231 (while mml2015-epg-secret-key-id-list
1232 (password-cache-remove (car mml2015-epg-secret-key-id-list
))
1233 (setq mml2015-epg-secret-key-id-list
1234 (cdr mml2015-epg-secret-key-id-list
)))
1235 (signal (car error
) (cdr error
))))
1236 (delete-region (point-min) (point-max))
1237 (goto-char (point-min))
1238 (insert (format "Content-Type: multipart/encrypted; boundary=\"%s\";\n"
1240 (insert "\tprotocol=\"application/pgp-encrypted\"\n\n")
1241 (insert (format "--%s\n" boundary
))
1242 (insert "Content-Type: application/pgp-encrypted\n\n")
1243 (insert "Version: 1\n\n")
1244 (insert (format "--%s\n" boundary
))
1245 (insert "Content-Type: application/octet-stream\n\n")
1247 (goto-char (point-max))
1248 (insert (format "--%s--\n" boundary
))
1249 (goto-char (point-max))))
1253 (autoload 'gnus-buffer-live-p
"gnus-util")
1254 (autoload 'gnus-get-buffer-create
"gnus")
1256 (defun mml2015-clean-buffer ()
1257 (if (gnus-buffer-live-p mml2015-result-buffer
)
1258 (with-current-buffer mml2015-result-buffer
1261 (setq mml2015-result-buffer
1262 (gnus-get-buffer-create " *MML2015 Result*"))
1265 (defsubst mml2015-clear-decrypt-function
()
1266 (nth 6 (assq mml2015-use mml2015-function-alist
)))
1268 (defsubst mml2015-clear-verify-function
()
1269 (nth 5 (assq mml2015-use mml2015-function-alist
)))
1272 (defun mml2015-decrypt (handle ctl
)
1273 (mml2015-clean-buffer)
1274 (let ((func (nth 4 (assq mml2015-use mml2015-function-alist
))))
1276 (funcall func handle ctl
)
1280 (defun mml2015-decrypt-test (handle ctl
)
1284 (defun mml2015-verify (handle ctl
)
1285 (mml2015-clean-buffer)
1286 (let ((func (nth 3 (assq mml2015-use mml2015-function-alist
))))
1288 (funcall func handle ctl
)
1292 (defun mml2015-verify-test (handle ctl
)
1296 (defun mml2015-encrypt (cont &optional sign
)
1297 (mml2015-clean-buffer)
1298 (let ((func (nth 2 (assq mml2015-use mml2015-function-alist
))))
1300 (funcall func cont sign
)
1301 (error "Cannot find encrypt function"))))
1304 (defun mml2015-sign (cont)
1305 (mml2015-clean-buffer)
1306 (let ((func (nth 1 (assq mml2015-use mml2015-function-alist
))))
1309 (error "Cannot find sign function"))))
1312 (defun mml2015-self-encrypt ()
1313 (mml2015-encrypt nil
))
1317 ;;; mml2015.el ends here