2004-09-04 13:13:48 +00:00
|
|
|
;;; mml-smime.el --- S/MIME support for MML
|
2005-08-06 19:51:42 +00:00
|
|
|
|
2017-01-01 03:14:01 +00:00
|
|
|
;; Copyright (C) 2000-2017 Free Software Foundation, Inc.
|
2004-09-04 13:13:48 +00:00
|
|
|
|
|
|
|
|
;; Author: Simon Josefsson <simon@josefsson.org>
|
|
|
|
|
;; Keywords: Gnus, MIME, S/MIME, MML
|
|
|
|
|
|
|
|
|
|
;; This file is part of GNU Emacs.
|
|
|
|
|
|
2008-05-06 03:56:49 +00:00
|
|
|
;; GNU Emacs is free software: you can redistribute it and/or modify
|
|
|
|
|
;; it under the terms of the GNU General Public License as published by
|
|
|
|
|
;; the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
;; (at your option) any later version.
|
2004-09-04 13:13:48 +00:00
|
|
|
|
2008-05-06 03:56:49 +00:00
|
|
|
;; GNU Emacs is distributed in the hope that it will be useful,
|
|
|
|
|
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
;; GNU General Public License for more details.
|
2004-09-04 13:13:48 +00:00
|
|
|
|
|
|
|
|
;; You should have received a copy of the GNU General Public License
|
2017-09-13 15:52:52 -07:00
|
|
|
;; along with GNU Emacs. If not, see <https://www.gnu.org/licenses/>.
|
2004-09-04 13:13:48 +00:00
|
|
|
|
|
|
|
|
;;; Commentary:
|
|
|
|
|
|
|
|
|
|
;;; Code:
|
|
|
|
|
|
2004-09-29 06:35:14 +00:00
|
|
|
(eval-when-compile (require 'cl))
|
|
|
|
|
|
2004-09-04 13:13:48 +00:00
|
|
|
(require 'smime)
|
|
|
|
|
(require 'mm-decode)
|
2007-10-28 09:18:39 +00:00
|
|
|
(require 'mml-sec)
|
2004-09-04 13:13:48 +00:00
|
|
|
(autoload 'message-narrow-to-headers "message")
|
2004-09-29 06:35:14 +00:00
|
|
|
(autoload 'message-fetch-field "message")
|
2004-09-04 13:13:48 +00:00
|
|
|
|
2016-03-17 00:14:11 -07:00
|
|
|
;; Prefer epg over openssl as epg uses GnuPG's gpgsm,
|
Refactor mml-smime.el, mml1991.el, mml2015.el
(Maybe this is the last merge from Gnus git to Emacs git)
Cf. discussion on ding mailing list, messages in
<http://thread.gmane.org/gmane.emacs.gnus.general/86228>.
Common code from the three files mml-smime.el, mml1991.el, and
mml2015.el is moved to mml-sec.el. Auxiliary functions are added
to gnus-util.el.
The code is supported by test cases with necessary test keys.
Documentation in message.texi is updated.
* doc/misc/message.texi (Security, Using S/MIME):
Update for refactoring mml-smime.el, mml1991.el, mml2015.el.
(Using OpenPGP): Rename from "Using PGP/MIME"; update contents.
(Passphrase caching, Encrypt-to-self, Bcc Warning): New sections.
* lisp/gnus/gnus-util.el (gnus-test-list, gnus-subsetp, gnus-setdiff):
New functions.
* lisp/gnus/mml-sec.el: Require gnus-util and epg.
(epa--select-keys): Autoload.
(mml-signencrypt-style-alist, mml-secure-cache-passphrase): Doc fix.
(mml-secure-openpgp-signers): New user option;
make mml1991-signers and mml2015-signers obsolete aliases to it.
(mml-secure-smime-signers): New user option;
make mml-smime-signers an obsolete alias to it.
(mml-secure-openpgp-encrypt-to-self): New user option;
make mml1991-encrypt-to-self and mml2015-encrypt-to-self obsolete
aliases to it.
(mml-secure-smime-encrypt-to-self): New user option;
make mml-smime-encrypt-to-self an obsolete alias to it.
(mml-secure-openpgp-sign-with-sender): New user option;
make mml2015-sign-with-sender an obsolete alias to it.
(mml-secure-smime-sign-with-sender): New user option;
make mml-smime-sign-with-sender an obsolete alias to it.
(mml-secure-openpgp-always-trust): New user option;
make mml2015-always-trust an obsolete alias to it.
(mml-secure-fail-when-key-problem, mml-secure-key-preferences):
New user options.
(mml-secure-cust-usage-lookup, mml-secure-cust-fpr-lookup)
(mml-secure-cust-record-keys, mml-secure-cust-remove-keys)
(mml-secure-add-secret-key-id, mml-secure-clear-secret-key-id-list)
(mml-secure-cache-passphrase-p, mml-secure-cache-expiry-interval)
(mml-secure-passphrase-callback, mml-secure-check-user-id)
(mml-secure-secret-key-exists-p, mml-secure-check-sub-key)
(mml-secure-find-usable-keys, mml-secure-select-preferred-keys)
(mml-secure-fingerprint, mml-secure-filter-keys)
(mml-secure-normalize-cust-name, mml-secure-select-keys)
(mml-secure-select-keys-1, mml-secure-signer-names, mml-secure-signers)
(mml-secure-self-recipients, mml-secure-recipients)
(mml-secure-epg-encrypt, mml-secure-epg-sign): New functions.
* lisp/gnus/mml-smime.el: Require epg;
refactor declaration and autoloading of epg functions.
(mml-smime-use): Doc fix.
(mml-smime-cache-passphrase, mml-smime-passphrase-cache-expiry):
Obsolete.
(mml-smime-get-dns-cert, mml-smime-get-ldap-cert):
Use format instead of gnus-format-message.
(mml-smime-epg-secret-key-id-list): Remove variable.
(mml-smime-epg-passphrase-callback, mml-smime-epg-find-usable-key)
(mml-smime-epg-find-usable-secret-key): Remove functions.
(mml-smime-epg-sign, mml-smime-epg-encrypt): Refactor.
* lisp/gnus/mml1991.el (mml1991-cache-passphrase)
(mml1991-passphrase-cache-expiry): Obsolete.
(mml1991-epg-secret-key-id-list): Remove variable.
(mml1991-epg-passphrase-callback, mml1991-epg-find-usable-key)
(mml1991-epg-find-usable-secret-key): Remove functions.
(mml1991-epg-sign, mml1991-epg-encrypt): Refactor.
* lisp/gnus/mml2015.el (mml2015-cache-passphrase)
(mml2015-passphrase-cache-expiry): Obsolete.
(mml2015-epg-secret-key-id-list): Remove variable.
(mml2015-epg-passphrase-callback, mml2015-epg-check-user-id)
(mml2015-epg-check-sub-key, mml2015-epg-find-usable-key)
(mml2015-epg-find-usable-secret-key): Remove functions.
(mml2015-epg-decrypt, mml2015-epg-clear-decrypt, mml2015-epg-sign)
(mml2015-epg-encrypt): Refactor.
2016-01-03 01:10:34 +00:00
|
|
|
;; which features full-fledged certificate management, while openssl requires
|
|
|
|
|
;; major manual efforts for certificate revocation and expiry and has bugs
|
|
|
|
|
;; as documented under man smime(1).
|
2016-03-17 00:14:11 -07:00
|
|
|
(require 'epg)
|
Refactor mml-smime.el, mml1991.el, mml2015.el
(Maybe this is the last merge from Gnus git to Emacs git)
Cf. discussion on ding mailing list, messages in
<http://thread.gmane.org/gmane.emacs.gnus.general/86228>.
Common code from the three files mml-smime.el, mml1991.el, and
mml2015.el is moved to mml-sec.el. Auxiliary functions are added
to gnus-util.el.
The code is supported by test cases with necessary test keys.
Documentation in message.texi is updated.
* doc/misc/message.texi (Security, Using S/MIME):
Update for refactoring mml-smime.el, mml1991.el, mml2015.el.
(Using OpenPGP): Rename from "Using PGP/MIME"; update contents.
(Passphrase caching, Encrypt-to-self, Bcc Warning): New sections.
* lisp/gnus/gnus-util.el (gnus-test-list, gnus-subsetp, gnus-setdiff):
New functions.
* lisp/gnus/mml-sec.el: Require gnus-util and epg.
(epa--select-keys): Autoload.
(mml-signencrypt-style-alist, mml-secure-cache-passphrase): Doc fix.
(mml-secure-openpgp-signers): New user option;
make mml1991-signers and mml2015-signers obsolete aliases to it.
(mml-secure-smime-signers): New user option;
make mml-smime-signers an obsolete alias to it.
(mml-secure-openpgp-encrypt-to-self): New user option;
make mml1991-encrypt-to-self and mml2015-encrypt-to-self obsolete
aliases to it.
(mml-secure-smime-encrypt-to-self): New user option;
make mml-smime-encrypt-to-self an obsolete alias to it.
(mml-secure-openpgp-sign-with-sender): New user option;
make mml2015-sign-with-sender an obsolete alias to it.
(mml-secure-smime-sign-with-sender): New user option;
make mml-smime-sign-with-sender an obsolete alias to it.
(mml-secure-openpgp-always-trust): New user option;
make mml2015-always-trust an obsolete alias to it.
(mml-secure-fail-when-key-problem, mml-secure-key-preferences):
New user options.
(mml-secure-cust-usage-lookup, mml-secure-cust-fpr-lookup)
(mml-secure-cust-record-keys, mml-secure-cust-remove-keys)
(mml-secure-add-secret-key-id, mml-secure-clear-secret-key-id-list)
(mml-secure-cache-passphrase-p, mml-secure-cache-expiry-interval)
(mml-secure-passphrase-callback, mml-secure-check-user-id)
(mml-secure-secret-key-exists-p, mml-secure-check-sub-key)
(mml-secure-find-usable-keys, mml-secure-select-preferred-keys)
(mml-secure-fingerprint, mml-secure-filter-keys)
(mml-secure-normalize-cust-name, mml-secure-select-keys)
(mml-secure-select-keys-1, mml-secure-signer-names, mml-secure-signers)
(mml-secure-self-recipients, mml-secure-recipients)
(mml-secure-epg-encrypt, mml-secure-epg-sign): New functions.
* lisp/gnus/mml-smime.el: Require epg;
refactor declaration and autoloading of epg functions.
(mml-smime-use): Doc fix.
(mml-smime-cache-passphrase, mml-smime-passphrase-cache-expiry):
Obsolete.
(mml-smime-get-dns-cert, mml-smime-get-ldap-cert):
Use format instead of gnus-format-message.
(mml-smime-epg-secret-key-id-list): Remove variable.
(mml-smime-epg-passphrase-callback, mml-smime-epg-find-usable-key)
(mml-smime-epg-find-usable-secret-key): Remove functions.
(mml-smime-epg-sign, mml-smime-epg-encrypt): Refactor.
* lisp/gnus/mml1991.el (mml1991-cache-passphrase)
(mml1991-passphrase-cache-expiry): Obsolete.
(mml1991-epg-secret-key-id-list): Remove variable.
(mml1991-epg-passphrase-callback, mml1991-epg-find-usable-key)
(mml1991-epg-find-usable-secret-key): Remove functions.
(mml1991-epg-sign, mml1991-epg-encrypt): Refactor.
* lisp/gnus/mml2015.el (mml2015-cache-passphrase)
(mml2015-passphrase-cache-expiry): Obsolete.
(mml2015-epg-secret-key-id-list): Remove variable.
(mml2015-epg-passphrase-callback, mml2015-epg-check-user-id)
(mml2015-epg-check-sub-key, mml2015-epg-find-usable-key)
(mml2015-epg-find-usable-secret-key): Remove functions.
(mml2015-epg-decrypt, mml2015-epg-clear-decrypt, mml2015-epg-sign)
(mml2015-epg-encrypt): Refactor.
2016-01-03 01:10:34 +00:00
|
|
|
|
2016-03-17 00:14:11 -07:00
|
|
|
(defcustom mml-smime-use 'epg
|
Refactor mml-smime.el, mml1991.el, mml2015.el
(Maybe this is the last merge from Gnus git to Emacs git)
Cf. discussion on ding mailing list, messages in
<http://thread.gmane.org/gmane.emacs.gnus.general/86228>.
Common code from the three files mml-smime.el, mml1991.el, and
mml2015.el is moved to mml-sec.el. Auxiliary functions are added
to gnus-util.el.
The code is supported by test cases with necessary test keys.
Documentation in message.texi is updated.
* doc/misc/message.texi (Security, Using S/MIME):
Update for refactoring mml-smime.el, mml1991.el, mml2015.el.
(Using OpenPGP): Rename from "Using PGP/MIME"; update contents.
(Passphrase caching, Encrypt-to-self, Bcc Warning): New sections.
* lisp/gnus/gnus-util.el (gnus-test-list, gnus-subsetp, gnus-setdiff):
New functions.
* lisp/gnus/mml-sec.el: Require gnus-util and epg.
(epa--select-keys): Autoload.
(mml-signencrypt-style-alist, mml-secure-cache-passphrase): Doc fix.
(mml-secure-openpgp-signers): New user option;
make mml1991-signers and mml2015-signers obsolete aliases to it.
(mml-secure-smime-signers): New user option;
make mml-smime-signers an obsolete alias to it.
(mml-secure-openpgp-encrypt-to-self): New user option;
make mml1991-encrypt-to-self and mml2015-encrypt-to-self obsolete
aliases to it.
(mml-secure-smime-encrypt-to-self): New user option;
make mml-smime-encrypt-to-self an obsolete alias to it.
(mml-secure-openpgp-sign-with-sender): New user option;
make mml2015-sign-with-sender an obsolete alias to it.
(mml-secure-smime-sign-with-sender): New user option;
make mml-smime-sign-with-sender an obsolete alias to it.
(mml-secure-openpgp-always-trust): New user option;
make mml2015-always-trust an obsolete alias to it.
(mml-secure-fail-when-key-problem, mml-secure-key-preferences):
New user options.
(mml-secure-cust-usage-lookup, mml-secure-cust-fpr-lookup)
(mml-secure-cust-record-keys, mml-secure-cust-remove-keys)
(mml-secure-add-secret-key-id, mml-secure-clear-secret-key-id-list)
(mml-secure-cache-passphrase-p, mml-secure-cache-expiry-interval)
(mml-secure-passphrase-callback, mml-secure-check-user-id)
(mml-secure-secret-key-exists-p, mml-secure-check-sub-key)
(mml-secure-find-usable-keys, mml-secure-select-preferred-keys)
(mml-secure-fingerprint, mml-secure-filter-keys)
(mml-secure-normalize-cust-name, mml-secure-select-keys)
(mml-secure-select-keys-1, mml-secure-signer-names, mml-secure-signers)
(mml-secure-self-recipients, mml-secure-recipients)
(mml-secure-epg-encrypt, mml-secure-epg-sign): New functions.
* lisp/gnus/mml-smime.el: Require epg;
refactor declaration and autoloading of epg functions.
(mml-smime-use): Doc fix.
(mml-smime-cache-passphrase, mml-smime-passphrase-cache-expiry):
Obsolete.
(mml-smime-get-dns-cert, mml-smime-get-ldap-cert):
Use format instead of gnus-format-message.
(mml-smime-epg-secret-key-id-list): Remove variable.
(mml-smime-epg-passphrase-callback, mml-smime-epg-find-usable-key)
(mml-smime-epg-find-usable-secret-key): Remove functions.
(mml-smime-epg-sign, mml-smime-epg-encrypt): Refactor.
* lisp/gnus/mml1991.el (mml1991-cache-passphrase)
(mml1991-passphrase-cache-expiry): Obsolete.
(mml1991-epg-secret-key-id-list): Remove variable.
(mml1991-epg-passphrase-callback, mml1991-epg-find-usable-key)
(mml1991-epg-find-usable-secret-key): Remove functions.
(mml1991-epg-sign, mml1991-epg-encrypt): Refactor.
* lisp/gnus/mml2015.el (mml2015-cache-passphrase)
(mml2015-passphrase-cache-expiry): Obsolete.
(mml2015-epg-secret-key-id-list): Remove variable.
(mml2015-epg-passphrase-callback, mml2015-epg-check-user-id)
(mml2015-epg-check-sub-key, mml2015-epg-find-usable-key)
(mml2015-epg-find-usable-secret-key): Remove functions.
(mml2015-epg-decrypt, mml2015-epg-clear-decrypt, mml2015-epg-sign)
(mml2015-epg-encrypt): Refactor.
2016-01-03 01:10:34 +00:00
|
|
|
"Whether to use OpenSSL or EasyPG (EPG) to handle S/MIME messages.
|
2016-03-17 00:14:11 -07:00
|
|
|
If you're thinking about using OpenSSL, please first read the BUGS section
|
|
|
|
|
in the manual for the `smime' command that comes with OpenSSL.
|
|
|
|
|
We recommend EasyPG."
|
2011-01-24 23:38:05 +00:00
|
|
|
:group 'mime-security
|
|
|
|
|
:type '(choice (const :tag "EPG" epg)
|
|
|
|
|
(const :tag "OpenSSL" openssl)))
|
2007-10-28 09:18:39 +00:00
|
|
|
|
|
|
|
|
(defvar mml-smime-function-alist
|
|
|
|
|
'((openssl mml-smime-openssl-sign
|
|
|
|
|
mml-smime-openssl-encrypt
|
|
|
|
|
mml-smime-openssl-sign-query
|
|
|
|
|
mml-smime-openssl-encrypt-query
|
|
|
|
|
mml-smime-openssl-verify
|
|
|
|
|
mml-smime-openssl-verify-test)
|
|
|
|
|
(epg mml-smime-epg-sign
|
|
|
|
|
mml-smime-epg-encrypt
|
|
|
|
|
nil
|
|
|
|
|
nil
|
|
|
|
|
mml-smime-epg-verify
|
|
|
|
|
mml-smime-epg-verify-test)))
|
|
|
|
|
|
|
|
|
|
(defcustom mml-smime-cache-passphrase mml-secure-cache-passphrase
|
|
|
|
|
"If t, cache passphrase."
|
|
|
|
|
:group 'mime-security
|
|
|
|
|
:type 'boolean)
|
Refactor mml-smime.el, mml1991.el, mml2015.el
(Maybe this is the last merge from Gnus git to Emacs git)
Cf. discussion on ding mailing list, messages in
<http://thread.gmane.org/gmane.emacs.gnus.general/86228>.
Common code from the three files mml-smime.el, mml1991.el, and
mml2015.el is moved to mml-sec.el. Auxiliary functions are added
to gnus-util.el.
The code is supported by test cases with necessary test keys.
Documentation in message.texi is updated.
* doc/misc/message.texi (Security, Using S/MIME):
Update for refactoring mml-smime.el, mml1991.el, mml2015.el.
(Using OpenPGP): Rename from "Using PGP/MIME"; update contents.
(Passphrase caching, Encrypt-to-self, Bcc Warning): New sections.
* lisp/gnus/gnus-util.el (gnus-test-list, gnus-subsetp, gnus-setdiff):
New functions.
* lisp/gnus/mml-sec.el: Require gnus-util and epg.
(epa--select-keys): Autoload.
(mml-signencrypt-style-alist, mml-secure-cache-passphrase): Doc fix.
(mml-secure-openpgp-signers): New user option;
make mml1991-signers and mml2015-signers obsolete aliases to it.
(mml-secure-smime-signers): New user option;
make mml-smime-signers an obsolete alias to it.
(mml-secure-openpgp-encrypt-to-self): New user option;
make mml1991-encrypt-to-self and mml2015-encrypt-to-self obsolete
aliases to it.
(mml-secure-smime-encrypt-to-self): New user option;
make mml-smime-encrypt-to-self an obsolete alias to it.
(mml-secure-openpgp-sign-with-sender): New user option;
make mml2015-sign-with-sender an obsolete alias to it.
(mml-secure-smime-sign-with-sender): New user option;
make mml-smime-sign-with-sender an obsolete alias to it.
(mml-secure-openpgp-always-trust): New user option;
make mml2015-always-trust an obsolete alias to it.
(mml-secure-fail-when-key-problem, mml-secure-key-preferences):
New user options.
(mml-secure-cust-usage-lookup, mml-secure-cust-fpr-lookup)
(mml-secure-cust-record-keys, mml-secure-cust-remove-keys)
(mml-secure-add-secret-key-id, mml-secure-clear-secret-key-id-list)
(mml-secure-cache-passphrase-p, mml-secure-cache-expiry-interval)
(mml-secure-passphrase-callback, mml-secure-check-user-id)
(mml-secure-secret-key-exists-p, mml-secure-check-sub-key)
(mml-secure-find-usable-keys, mml-secure-select-preferred-keys)
(mml-secure-fingerprint, mml-secure-filter-keys)
(mml-secure-normalize-cust-name, mml-secure-select-keys)
(mml-secure-select-keys-1, mml-secure-signer-names, mml-secure-signers)
(mml-secure-self-recipients, mml-secure-recipients)
(mml-secure-epg-encrypt, mml-secure-epg-sign): New functions.
* lisp/gnus/mml-smime.el: Require epg;
refactor declaration and autoloading of epg functions.
(mml-smime-use): Doc fix.
(mml-smime-cache-passphrase, mml-smime-passphrase-cache-expiry):
Obsolete.
(mml-smime-get-dns-cert, mml-smime-get-ldap-cert):
Use format instead of gnus-format-message.
(mml-smime-epg-secret-key-id-list): Remove variable.
(mml-smime-epg-passphrase-callback, mml-smime-epg-find-usable-key)
(mml-smime-epg-find-usable-secret-key): Remove functions.
(mml-smime-epg-sign, mml-smime-epg-encrypt): Refactor.
* lisp/gnus/mml1991.el (mml1991-cache-passphrase)
(mml1991-passphrase-cache-expiry): Obsolete.
(mml1991-epg-secret-key-id-list): Remove variable.
(mml1991-epg-passphrase-callback, mml1991-epg-find-usable-key)
(mml1991-epg-find-usable-secret-key): Remove functions.
(mml1991-epg-sign, mml1991-epg-encrypt): Refactor.
* lisp/gnus/mml2015.el (mml2015-cache-passphrase)
(mml2015-passphrase-cache-expiry): Obsolete.
(mml2015-epg-secret-key-id-list): Remove variable.
(mml2015-epg-passphrase-callback, mml2015-epg-check-user-id)
(mml2015-epg-check-sub-key, mml2015-epg-find-usable-key)
(mml2015-epg-find-usable-secret-key): Remove functions.
(mml2015-epg-decrypt, mml2015-epg-clear-decrypt, mml2015-epg-sign)
(mml2015-epg-encrypt): Refactor.
2016-01-03 01:10:34 +00:00
|
|
|
(make-obsolete-variable 'mml-smime-cache-passphrase
|
|
|
|
|
'mml-secure-cache-passphrase
|
|
|
|
|
"25.1")
|
2007-10-28 09:18:39 +00:00
|
|
|
|
|
|
|
|
(defcustom mml-smime-passphrase-cache-expiry mml-secure-passphrase-cache-expiry
|
|
|
|
|
"How many seconds the passphrase is cached.
|
|
|
|
|
Whether the passphrase is cached at all is controlled by
|
|
|
|
|
`mml-smime-cache-passphrase'."
|
|
|
|
|
:group 'mime-security
|
|
|
|
|
:type 'integer)
|
Refactor mml-smime.el, mml1991.el, mml2015.el
(Maybe this is the last merge from Gnus git to Emacs git)
Cf. discussion on ding mailing list, messages in
<http://thread.gmane.org/gmane.emacs.gnus.general/86228>.
Common code from the three files mml-smime.el, mml1991.el, and
mml2015.el is moved to mml-sec.el. Auxiliary functions are added
to gnus-util.el.
The code is supported by test cases with necessary test keys.
Documentation in message.texi is updated.
* doc/misc/message.texi (Security, Using S/MIME):
Update for refactoring mml-smime.el, mml1991.el, mml2015.el.
(Using OpenPGP): Rename from "Using PGP/MIME"; update contents.
(Passphrase caching, Encrypt-to-self, Bcc Warning): New sections.
* lisp/gnus/gnus-util.el (gnus-test-list, gnus-subsetp, gnus-setdiff):
New functions.
* lisp/gnus/mml-sec.el: Require gnus-util and epg.
(epa--select-keys): Autoload.
(mml-signencrypt-style-alist, mml-secure-cache-passphrase): Doc fix.
(mml-secure-openpgp-signers): New user option;
make mml1991-signers and mml2015-signers obsolete aliases to it.
(mml-secure-smime-signers): New user option;
make mml-smime-signers an obsolete alias to it.
(mml-secure-openpgp-encrypt-to-self): New user option;
make mml1991-encrypt-to-self and mml2015-encrypt-to-self obsolete
aliases to it.
(mml-secure-smime-encrypt-to-self): New user option;
make mml-smime-encrypt-to-self an obsolete alias to it.
(mml-secure-openpgp-sign-with-sender): New user option;
make mml2015-sign-with-sender an obsolete alias to it.
(mml-secure-smime-sign-with-sender): New user option;
make mml-smime-sign-with-sender an obsolete alias to it.
(mml-secure-openpgp-always-trust): New user option;
make mml2015-always-trust an obsolete alias to it.
(mml-secure-fail-when-key-problem, mml-secure-key-preferences):
New user options.
(mml-secure-cust-usage-lookup, mml-secure-cust-fpr-lookup)
(mml-secure-cust-record-keys, mml-secure-cust-remove-keys)
(mml-secure-add-secret-key-id, mml-secure-clear-secret-key-id-list)
(mml-secure-cache-passphrase-p, mml-secure-cache-expiry-interval)
(mml-secure-passphrase-callback, mml-secure-check-user-id)
(mml-secure-secret-key-exists-p, mml-secure-check-sub-key)
(mml-secure-find-usable-keys, mml-secure-select-preferred-keys)
(mml-secure-fingerprint, mml-secure-filter-keys)
(mml-secure-normalize-cust-name, mml-secure-select-keys)
(mml-secure-select-keys-1, mml-secure-signer-names, mml-secure-signers)
(mml-secure-self-recipients, mml-secure-recipients)
(mml-secure-epg-encrypt, mml-secure-epg-sign): New functions.
* lisp/gnus/mml-smime.el: Require epg;
refactor declaration and autoloading of epg functions.
(mml-smime-use): Doc fix.
(mml-smime-cache-passphrase, mml-smime-passphrase-cache-expiry):
Obsolete.
(mml-smime-get-dns-cert, mml-smime-get-ldap-cert):
Use format instead of gnus-format-message.
(mml-smime-epg-secret-key-id-list): Remove variable.
(mml-smime-epg-passphrase-callback, mml-smime-epg-find-usable-key)
(mml-smime-epg-find-usable-secret-key): Remove functions.
(mml-smime-epg-sign, mml-smime-epg-encrypt): Refactor.
* lisp/gnus/mml1991.el (mml1991-cache-passphrase)
(mml1991-passphrase-cache-expiry): Obsolete.
(mml1991-epg-secret-key-id-list): Remove variable.
(mml1991-epg-passphrase-callback, mml1991-epg-find-usable-key)
(mml1991-epg-find-usable-secret-key): Remove functions.
(mml1991-epg-sign, mml1991-epg-encrypt): Refactor.
* lisp/gnus/mml2015.el (mml2015-cache-passphrase)
(mml2015-passphrase-cache-expiry): Obsolete.
(mml2015-epg-secret-key-id-list): Remove variable.
(mml2015-epg-passphrase-callback, mml2015-epg-check-user-id)
(mml2015-epg-check-sub-key, mml2015-epg-find-usable-key)
(mml2015-epg-find-usable-secret-key): Remove functions.
(mml2015-epg-decrypt, mml2015-epg-clear-decrypt, mml2015-epg-sign)
(mml2015-epg-encrypt): Refactor.
2016-01-03 01:10:34 +00:00
|
|
|
(make-obsolete-variable 'mml-smime-passphrase-cache-expiry
|
|
|
|
|
'mml-secure-passphrase-cache-expiry
|
|
|
|
|
"25.1")
|
2007-10-28 09:18:39 +00:00
|
|
|
|
|
|
|
|
(defcustom mml-smime-signers nil
|
|
|
|
|
"A list of your own key ID which will be used to sign a message."
|
|
|
|
|
:group 'mime-security
|
|
|
|
|
:type '(repeat (string :tag "Key ID")))
|
|
|
|
|
|
2013-01-07 12:59:02 +09:00
|
|
|
(defcustom mml-smime-sign-with-sender nil
|
|
|
|
|
"If t, use message sender so find a key to sign with."
|
|
|
|
|
:group 'mime-security
|
2013-01-07 20:40:09 -08:00
|
|
|
:version "24.4"
|
2013-01-07 12:59:02 +09:00
|
|
|
:type 'boolean)
|
|
|
|
|
|
2013-01-11 03:06:13 +00:00
|
|
|
(defcustom mml-smime-encrypt-to-self nil
|
|
|
|
|
"If t, add your own key ID to recipient list when encryption."
|
|
|
|
|
:group 'mime-security
|
|
|
|
|
:version "24.4"
|
|
|
|
|
:type 'boolean)
|
|
|
|
|
|
2004-09-04 13:13:48 +00:00
|
|
|
(defun mml-smime-sign (cont)
|
2007-10-28 09:18:39 +00:00
|
|
|
(let ((func (nth 1 (assq mml-smime-use mml-smime-function-alist))))
|
|
|
|
|
(if func
|
|
|
|
|
(funcall func cont)
|
|
|
|
|
(error "Cannot find sign function"))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-encrypt (cont)
|
|
|
|
|
(let ((func (nth 2 (assq mml-smime-use mml-smime-function-alist))))
|
|
|
|
|
(if func
|
|
|
|
|
(funcall func cont)
|
|
|
|
|
(error "Cannot find encrypt function"))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-sign-query ()
|
|
|
|
|
(let ((func (nth 3 (assq mml-smime-use mml-smime-function-alist))))
|
|
|
|
|
(if func
|
|
|
|
|
(funcall func))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-encrypt-query ()
|
|
|
|
|
(let ((func (nth 4 (assq mml-smime-use mml-smime-function-alist))))
|
|
|
|
|
(if func
|
|
|
|
|
(funcall func))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-verify (handle ctl)
|
|
|
|
|
(let ((func (nth 5 (assq mml-smime-use mml-smime-function-alist))))
|
|
|
|
|
(if func
|
|
|
|
|
(funcall func handle ctl)
|
|
|
|
|
handle)))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-verify-test (handle ctl)
|
|
|
|
|
(let ((func (nth 6 (assq mml-smime-use mml-smime-function-alist))))
|
|
|
|
|
(if func
|
|
|
|
|
(funcall func handle ctl))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-openssl-sign (cont)
|
2004-09-04 13:13:48 +00:00
|
|
|
(when (null smime-keys)
|
|
|
|
|
(customize-variable 'smime-keys)
|
|
|
|
|
(error "No S/MIME keys configured, use customize to add your key"))
|
|
|
|
|
(smime-sign-buffer (cdr (assq 'keyfile cont)))
|
|
|
|
|
(goto-char (point-min))
|
|
|
|
|
(while (search-forward "\r\n" nil t)
|
|
|
|
|
(replace-match "\n" t t))
|
|
|
|
|
(goto-char (point-max)))
|
|
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-openssl-encrypt (cont)
|
2004-09-04 13:13:48 +00:00
|
|
|
(let (certnames certfiles tmp file tmpfiles)
|
|
|
|
|
;; xxx tmp files are always an security issue
|
|
|
|
|
(while (setq tmp (pop cont))
|
|
|
|
|
(if (and (consp tmp) (eq (car tmp) 'certfile))
|
|
|
|
|
(push (cdr tmp) certnames)))
|
|
|
|
|
(while (setq tmp (pop certnames))
|
|
|
|
|
(if (not (and (not (file-exists-p tmp))
|
|
|
|
|
(get-buffer tmp)))
|
|
|
|
|
(push tmp certfiles)
|
2016-02-12 16:30:55 +11:00
|
|
|
(setq file (make-temp-file (expand-file-name "mml." mm-tmp-directory)))
|
2004-09-04 13:13:48 +00:00
|
|
|
(with-current-buffer tmp
|
|
|
|
|
(write-region (point-min) (point-max) file))
|
|
|
|
|
(push file certfiles)
|
|
|
|
|
(push file tmpfiles)))
|
|
|
|
|
(if (smime-encrypt-buffer certfiles)
|
|
|
|
|
(progn
|
|
|
|
|
(while (setq tmp (pop tmpfiles))
|
|
|
|
|
(delete-file tmp))
|
|
|
|
|
t)
|
|
|
|
|
(while (setq tmp (pop tmpfiles))
|
|
|
|
|
(delete-file tmp))
|
|
|
|
|
nil))
|
|
|
|
|
(goto-char (point-max)))
|
|
|
|
|
|
2007-12-04 04:04:41 +00:00
|
|
|
(defvar gnus-extract-address-components)
|
|
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-openssl-sign-query ()
|
2004-09-04 13:13:48 +00:00
|
|
|
;; query information (what certificate) from user when MML tag is
|
|
|
|
|
;; added, for use later by the signing process
|
|
|
|
|
(when (null smime-keys)
|
|
|
|
|
(customize-variable 'smime-keys)
|
|
|
|
|
(error "No S/MIME keys configured, use customize to add your key"))
|
|
|
|
|
(list 'keyfile
|
|
|
|
|
(if (= (length smime-keys) 1)
|
|
|
|
|
(cadar smime-keys)
|
2016-02-14 14:42:26 +11:00
|
|
|
(or (let ((from (cadr (mail-extract-address-components
|
|
|
|
|
(or (save-excursion
|
|
|
|
|
(save-restriction
|
|
|
|
|
(message-narrow-to-headers)
|
|
|
|
|
(message-fetch-field "from")))
|
|
|
|
|
"")))))
|
2004-09-04 13:13:48 +00:00
|
|
|
(and from (smime-get-key-by-email from)))
|
|
|
|
|
(smime-get-key-by-email
|
Merge changes made in Gnus trunk.
nndraft.el (nndraft-request-expire-articles): Use the group name instead if "nndraft".
gnus.texi (Using IMAP): Remove the @acronyms from the headings.
nnregistry.el: Added.
nnimap.el (nnimap-insert-partial-structure): Be way more permissive when interpreting the structures.
GNUS-NEWS: Minor error in GNUS-NEWS - password-cache.el.
nnimap.el (nnimap-request-accept-article): Add \r\n to the lines to make this work with Cyrus.
gnus-registry.el: Don't prompt on load, which makes it impossible to build Gnus.
gnus-gravatar.el: Add gnus-gravatar-properties.
gnus-agent.el, gnus-art.el, gnus-bookmark.el, gnus-dired.el, gnus-group.el,\
gnus-int.el, gnus-msg.el, gnus-registry.el, gnus-score.el, gnus-srvr.el,\
gnus-sum.el, gnus-topic.el, gnus-util.el, gnus.el, mm-decode.el, mm-util.el,\
mm-view.el, mml-smime.el, mml.el, nnmairix.el, nnrss.el, smime.el:\
Introduce gnus-completing-read.
gnus-util.el: Make completing-read function configurable.
gnus-util.el: Add requires and fix history for iswitchb.
webmail.el: Remove netscape/my-deja, since they no longer exist.
gnus.el (gnus-local-domain): Declare variable obsolete.
nnimap.el (nnimap-insert-partial-structure): Get the type from the correct slot, too.
pop3.el (pop3-send-streaming-command, pop3-stream-length): New variable.
nnimap.el (nnimap-open-connection): Revert the auto-network->starttls code.
nnimap.el (nnimap-request-set-mark): Erase the buffer before issuing commands.
nnimap.el (nnimap-split-rule): Mark as obsolete.
gnus-sum.el (gnus-valid-move-group-p): Make sure that `group' is a symbol.
nnimap.el (nnimap-split-incoming-mail): Allow `default' as nnimap-split-methods value.
nnimap.el (nnimap-request-article): Downcase the NILs so that they are nil.
nndoc.el (nndoc-retrieve-groups): New function.
gnus.texi: Fix Gravatar documentation.
2010-09-30 08:39:23 +00:00
|
|
|
(gnus-completing-read "Sign this part with what signature"
|
2010-10-04 22:26:51 +00:00
|
|
|
(mapcar 'car smime-keys) nil nil nil
|
Merge changes made in Gnus trunk.
nndraft.el (nndraft-request-expire-articles): Use the group name instead if "nndraft".
gnus.texi (Using IMAP): Remove the @acronyms from the headings.
nnregistry.el: Added.
nnimap.el (nnimap-insert-partial-structure): Be way more permissive when interpreting the structures.
GNUS-NEWS: Minor error in GNUS-NEWS - password-cache.el.
nnimap.el (nnimap-request-accept-article): Add \r\n to the lines to make this work with Cyrus.
gnus-registry.el: Don't prompt on load, which makes it impossible to build Gnus.
gnus-gravatar.el: Add gnus-gravatar-properties.
gnus-agent.el, gnus-art.el, gnus-bookmark.el, gnus-dired.el, gnus-group.el,\
gnus-int.el, gnus-msg.el, gnus-registry.el, gnus-score.el, gnus-srvr.el,\
gnus-sum.el, gnus-topic.el, gnus-util.el, gnus.el, mm-decode.el, mm-util.el,\
mm-view.el, mml-smime.el, mml.el, nnmairix.el, nnrss.el, smime.el:\
Introduce gnus-completing-read.
gnus-util.el: Make completing-read function configurable.
gnus-util.el: Add requires and fix history for iswitchb.
webmail.el: Remove netscape/my-deja, since they no longer exist.
gnus.el (gnus-local-domain): Declare variable obsolete.
nnimap.el (nnimap-insert-partial-structure): Get the type from the correct slot, too.
pop3.el (pop3-send-streaming-command, pop3-stream-length): New variable.
nnimap.el (nnimap-open-connection): Revert the auto-network->starttls code.
nnimap.el (nnimap-request-set-mark): Erase the buffer before issuing commands.
nnimap.el (nnimap-split-rule): Mark as obsolete.
gnus-sum.el (gnus-valid-move-group-p): Make sure that `group' is a symbol.
nnimap.el (nnimap-split-incoming-mail): Allow `default' as nnimap-split-methods value.
nnimap.el (nnimap-request-article): Downcase the NILs so that they are nil.
nndoc.el (nndoc-retrieve-groups): New function.
gnus.texi: Fix Gravatar documentation.
2010-09-30 08:39:23 +00:00
|
|
|
(and (listp (car-safe smime-keys))
|
|
|
|
|
(caar smime-keys))))))))
|
2004-09-04 13:13:48 +00:00
|
|
|
|
|
|
|
|
(defun mml-smime-get-file-cert ()
|
|
|
|
|
(ignore-errors
|
|
|
|
|
(list 'certfile (read-file-name
|
|
|
|
|
"File with recipient's S/MIME certificate: "
|
|
|
|
|
smime-certificate-directory nil t ""))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-get-dns-cert ()
|
|
|
|
|
;; todo: deal with comma separated multiple recipients
|
|
|
|
|
(let (result who bad cert)
|
|
|
|
|
(condition-case ()
|
|
|
|
|
(while (not result)
|
|
|
|
|
(setq who (read-from-minibuffer
|
|
|
|
|
(format "%sLookup certificate for: " (or bad ""))
|
2016-02-14 14:42:26 +11:00
|
|
|
(cadr (mail-extract-address-components
|
|
|
|
|
(or (save-excursion
|
|
|
|
|
(save-restriction
|
|
|
|
|
(message-narrow-to-headers)
|
|
|
|
|
(message-fetch-field "to")))
|
|
|
|
|
"")))))
|
2004-09-04 13:13:48 +00:00
|
|
|
(if (setq cert (smime-cert-by-dns who))
|
|
|
|
|
(setq result (list 'certfile (buffer-name cert)))
|
2016-02-11 16:45:02 +11:00
|
|
|
(setq bad (format-message "`%s' not found. " who))))
|
2004-09-04 13:13:48 +00:00
|
|
|
(quit))
|
|
|
|
|
result))
|
|
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-get-ldap-cert ()
|
|
|
|
|
;; todo: deal with comma separated multiple recipients
|
|
|
|
|
(let (result who bad cert)
|
|
|
|
|
(condition-case ()
|
|
|
|
|
(while (not result)
|
|
|
|
|
(setq who (read-from-minibuffer
|
|
|
|
|
(format "%sLookup certificate for: " (or bad ""))
|
|
|
|
|
(cadr (funcall gnus-extract-address-components
|
|
|
|
|
(or (save-excursion
|
|
|
|
|
(save-restriction
|
|
|
|
|
(message-narrow-to-headers)
|
|
|
|
|
(message-fetch-field "to")))
|
|
|
|
|
"")))))
|
|
|
|
|
(if (setq cert (smime-cert-by-ldap who))
|
|
|
|
|
(setq result (list 'certfile (buffer-name cert)))
|
2016-02-11 16:45:02 +11:00
|
|
|
(setq bad (format-message "`%s' not found. " who))))
|
2007-10-28 09:18:39 +00:00
|
|
|
(quit))
|
|
|
|
|
result))
|
|
|
|
|
|
Merge changes made in Gnus trunk.
nndraft.el (nndraft-request-expire-articles): Use the group name instead if "nndraft".
gnus.texi (Using IMAP): Remove the @acronyms from the headings.
nnregistry.el: Added.
nnimap.el (nnimap-insert-partial-structure): Be way more permissive when interpreting the structures.
GNUS-NEWS: Minor error in GNUS-NEWS - password-cache.el.
nnimap.el (nnimap-request-accept-article): Add \r\n to the lines to make this work with Cyrus.
gnus-registry.el: Don't prompt on load, which makes it impossible to build Gnus.
gnus-gravatar.el: Add gnus-gravatar-properties.
gnus-agent.el, gnus-art.el, gnus-bookmark.el, gnus-dired.el, gnus-group.el,\
gnus-int.el, gnus-msg.el, gnus-registry.el, gnus-score.el, gnus-srvr.el,\
gnus-sum.el, gnus-topic.el, gnus-util.el, gnus.el, mm-decode.el, mm-util.el,\
mm-view.el, mml-smime.el, mml.el, nnmairix.el, nnrss.el, smime.el:\
Introduce gnus-completing-read.
gnus-util.el: Make completing-read function configurable.
gnus-util.el: Add requires and fix history for iswitchb.
webmail.el: Remove netscape/my-deja, since they no longer exist.
gnus.el (gnus-local-domain): Declare variable obsolete.
nnimap.el (nnimap-insert-partial-structure): Get the type from the correct slot, too.
pop3.el (pop3-send-streaming-command, pop3-stream-length): New variable.
nnimap.el (nnimap-open-connection): Revert the auto-network->starttls code.
nnimap.el (nnimap-request-set-mark): Erase the buffer before issuing commands.
nnimap.el (nnimap-split-rule): Mark as obsolete.
gnus-sum.el (gnus-valid-move-group-p): Make sure that `group' is a symbol.
nnimap.el (nnimap-split-incoming-mail): Allow `default' as nnimap-split-methods value.
nnimap.el (nnimap-request-article): Downcase the NILs so that they are nil.
nndoc.el (nndoc-retrieve-groups): New function.
gnus.texi: Fix Gravatar documentation.
2010-09-30 08:39:23 +00:00
|
|
|
(autoload 'gnus-completing-read "gnus-util")
|
2007-12-11 05:29:49 +00:00
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-openssl-encrypt-query ()
|
2004-09-04 13:13:48 +00:00
|
|
|
;; todo: try dns/ldap automatically first, before prompting user
|
|
|
|
|
(let (certs done)
|
|
|
|
|
(while (not done)
|
Merge changes made in Gnus trunk.
nndraft.el (nndraft-request-expire-articles): Use the group name instead if "nndraft".
gnus.texi (Using IMAP): Remove the @acronyms from the headings.
nnregistry.el: Added.
nnimap.el (nnimap-insert-partial-structure): Be way more permissive when interpreting the structures.
GNUS-NEWS: Minor error in GNUS-NEWS - password-cache.el.
nnimap.el (nnimap-request-accept-article): Add \r\n to the lines to make this work with Cyrus.
gnus-registry.el: Don't prompt on load, which makes it impossible to build Gnus.
gnus-gravatar.el: Add gnus-gravatar-properties.
gnus-agent.el, gnus-art.el, gnus-bookmark.el, gnus-dired.el, gnus-group.el,\
gnus-int.el, gnus-msg.el, gnus-registry.el, gnus-score.el, gnus-srvr.el,\
gnus-sum.el, gnus-topic.el, gnus-util.el, gnus.el, mm-decode.el, mm-util.el,\
mm-view.el, mml-smime.el, mml.el, nnmairix.el, nnrss.el, smime.el:\
Introduce gnus-completing-read.
gnus-util.el: Make completing-read function configurable.
gnus-util.el: Add requires and fix history for iswitchb.
webmail.el: Remove netscape/my-deja, since they no longer exist.
gnus.el (gnus-local-domain): Declare variable obsolete.
nnimap.el (nnimap-insert-partial-structure): Get the type from the correct slot, too.
pop3.el (pop3-send-streaming-command, pop3-stream-length): New variable.
nnimap.el (nnimap-open-connection): Revert the auto-network->starttls code.
nnimap.el (nnimap-request-set-mark): Erase the buffer before issuing commands.
nnimap.el (nnimap-split-rule): Mark as obsolete.
gnus-sum.el (gnus-valid-move-group-p): Make sure that `group' is a symbol.
nnimap.el (nnimap-split-incoming-mail): Allow `default' as nnimap-split-methods value.
nnimap.el (nnimap-request-article): Downcase the NILs so that they are nil.
nndoc.el (nndoc-retrieve-groups): New function.
gnus.texi: Fix Gravatar documentation.
2010-09-30 08:39:23 +00:00
|
|
|
(ecase (read (gnus-completing-read
|
|
|
|
|
"Fetch certificate from"
|
2010-10-04 22:26:51 +00:00
|
|
|
'("dns" "ldap" "file") t nil nil
|
Merge changes made in Gnus trunk.
nndraft.el (nndraft-request-expire-articles): Use the group name instead if "nndraft".
gnus.texi (Using IMAP): Remove the @acronyms from the headings.
nnregistry.el: Added.
nnimap.el (nnimap-insert-partial-structure): Be way more permissive when interpreting the structures.
GNUS-NEWS: Minor error in GNUS-NEWS - password-cache.el.
nnimap.el (nnimap-request-accept-article): Add \r\n to the lines to make this work with Cyrus.
gnus-registry.el: Don't prompt on load, which makes it impossible to build Gnus.
gnus-gravatar.el: Add gnus-gravatar-properties.
gnus-agent.el, gnus-art.el, gnus-bookmark.el, gnus-dired.el, gnus-group.el,\
gnus-int.el, gnus-msg.el, gnus-registry.el, gnus-score.el, gnus-srvr.el,\
gnus-sum.el, gnus-topic.el, gnus-util.el, gnus.el, mm-decode.el, mm-util.el,\
mm-view.el, mml-smime.el, mml.el, nnmairix.el, nnrss.el, smime.el:\
Introduce gnus-completing-read.
gnus-util.el: Make completing-read function configurable.
gnus-util.el: Add requires and fix history for iswitchb.
webmail.el: Remove netscape/my-deja, since they no longer exist.
gnus.el (gnus-local-domain): Declare variable obsolete.
nnimap.el (nnimap-insert-partial-structure): Get the type from the correct slot, too.
pop3.el (pop3-send-streaming-command, pop3-stream-length): New variable.
nnimap.el (nnimap-open-connection): Revert the auto-network->starttls code.
nnimap.el (nnimap-request-set-mark): Erase the buffer before issuing commands.
nnimap.el (nnimap-split-rule): Mark as obsolete.
gnus-sum.el (gnus-valid-move-group-p): Make sure that `group' is a symbol.
nnimap.el (nnimap-split-incoming-mail): Allow `default' as nnimap-split-methods value.
nnimap.el (nnimap-request-article): Downcase the NILs so that they are nil.
nndoc.el (nndoc-retrieve-groups): New function.
gnus.texi: Fix Gravatar documentation.
2010-09-30 08:39:23 +00:00
|
|
|
"ldap"))
|
2004-09-04 13:13:48 +00:00
|
|
|
(dns (setq certs (append certs
|
|
|
|
|
(mml-smime-get-dns-cert))))
|
2007-10-28 09:18:39 +00:00
|
|
|
(ldap (setq certs (append certs
|
|
|
|
|
(mml-smime-get-ldap-cert))))
|
2004-09-04 13:13:48 +00:00
|
|
|
(file (setq certs (append certs
|
|
|
|
|
(mml-smime-get-file-cert)))))
|
|
|
|
|
(setq done (not (y-or-n-p "Add more recipients? "))))
|
|
|
|
|
certs))
|
|
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-openssl-verify (handle ctl)
|
2004-09-04 13:13:48 +00:00
|
|
|
(with-temp-buffer
|
|
|
|
|
(insert-buffer-substring (mm-handle-multipart-original-buffer ctl))
|
|
|
|
|
(goto-char (point-min))
|
|
|
|
|
(insert (format "Content-Type: %s; " (mm-handle-media-type ctl)))
|
|
|
|
|
(insert (format "protocol=\"%s\"; "
|
|
|
|
|
(mm-handle-multipart-ctl-parameter ctl 'protocol)))
|
|
|
|
|
(insert (format "micalg=\"%s\"; "
|
|
|
|
|
(mm-handle-multipart-ctl-parameter ctl 'micalg)))
|
|
|
|
|
(insert (format "boundary=\"%s\"\n\n"
|
|
|
|
|
(mm-handle-multipart-ctl-parameter ctl 'boundary)))
|
|
|
|
|
(when (get-buffer smime-details-buffer)
|
|
|
|
|
(kill-buffer smime-details-buffer))
|
|
|
|
|
(let ((buf (current-buffer))
|
|
|
|
|
(good-signature (smime-noverify-buffer))
|
|
|
|
|
(good-certificate (and (or smime-CA-file smime-CA-directory)
|
|
|
|
|
(smime-verify-buffer)))
|
|
|
|
|
addresses openssl-output)
|
|
|
|
|
(setq openssl-output (with-current-buffer smime-details-buffer
|
|
|
|
|
(buffer-string)))
|
|
|
|
|
(if (not good-signature)
|
|
|
|
|
(progn
|
|
|
|
|
;; we couldn't verify message, fail with openssl output as message
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info "Failed")
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-details
|
|
|
|
|
(concat "OpenSSL failed to verify message integrity:\n"
|
|
|
|
|
"-------------------------------------------\n"
|
|
|
|
|
openssl-output)))
|
|
|
|
|
;; verify mail addresses in mail against those in certificate
|
|
|
|
|
(when (and (smime-pkcs7-region (point-min) (point-max))
|
|
|
|
|
(smime-pkcs7-certificates-region (point-min) (point-max)))
|
|
|
|
|
(with-temp-buffer
|
|
|
|
|
(insert-buffer-substring buf)
|
|
|
|
|
(goto-char (point-min))
|
|
|
|
|
(while (re-search-forward "-----END CERTIFICATE-----" nil t)
|
|
|
|
|
(when (smime-pkcs7-email-region (point-min) (point))
|
|
|
|
|
(setq addresses (append (smime-buffer-as-string-region
|
|
|
|
|
(point-min) (point)) addresses)))
|
|
|
|
|
(delete-region (point-min) (point)))
|
|
|
|
|
(setq addresses (mapcar 'downcase addresses))))
|
|
|
|
|
(if (not (member (downcase (or (mm-handle-multipart-from ctl) "")) addresses))
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info "Sender address forged")
|
|
|
|
|
(if good-certificate
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info "Ok (sender authenticated)")
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info "Ok (sender not trusted)")))
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-details
|
|
|
|
|
(concat "Sender claimed to be: " (mm-handle-multipart-from ctl) "\n"
|
|
|
|
|
(if addresses
|
|
|
|
|
(concat "Addresses in certificate: "
|
|
|
|
|
(mapconcat 'identity addresses ", "))
|
|
|
|
|
"No addresses found in certificate. (Requires OpenSSL 0.9.6 or later.)")
|
|
|
|
|
"\n" "\n"
|
|
|
|
|
"OpenSSL output:\n"
|
|
|
|
|
"---------------\n" openssl-output "\n"
|
|
|
|
|
"Certificate(s) inside S/MIME signature:\n"
|
|
|
|
|
"---------------------------------------\n"
|
|
|
|
|
(buffer-string) "\n")))))
|
|
|
|
|
handle)
|
|
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-openssl-verify-test (handle ctl)
|
2004-09-04 13:13:48 +00:00
|
|
|
smime-openssl-program)
|
|
|
|
|
|
* smime.el (from):
* rfc2047.el (message-posting-charset):
* qp.el (mm-use-ultra-safe-encoding):
* pop3.el (parse-time-months):
* nnrss.el (mm-text-html-renderer, mm-text-html-washer-alist):
* nnml.el (files):
* nnheader.el (gnus-newsgroup-name, nnheader-file-coding-system)
(jka-compr-compression-info-list, ange-ftp-path-format)
(efs-path-regexp):
* nndiary.el (files):
* mml2015.el (mc-default-scheme, mc-schemes, pgg-default-user-id)
(pgg-errors-buffer, pgg-output-buffer, epg-user-id-alist)
(epg-digest-algorithm-alist, inhibit-redisplay)
(password-cache-expiry):
* mml1991.el (pgg-default-user-id, pgg-errors-buffer)
(pgg-output-buffer, password-cache-expiry):
* mml.el (mml-dnd-protocol-alist, ange-ftp-name-format)
(efs-path-regexp):
* mml-smime.el (epg-user-id-alist, epg-digest-algorithm-alist)
(inhibit-redisplay):
* mm-uu.el (file-name, start-point, end-point, entry)
(gnus-newsgroup-name, gnus-newsgroup-charset):
* mm-util.el (mm-mime-mule-charset-alist, latin-unity-coding-systems)
(latin-unity-ucs-list):
* mm-bodies.el (mm-uu-yenc-decode-function, mm-uu-decode-function)
(mm-uu-binhex-decode-function):
* message.el (gnus-message-group-art, gnus-list-identifiers, )
(rmail-enable-mime-composing, gnus-local-organization)
(gnus-post-method, gnus-select-method, gnus-active-hashtb)
(gnus-read-active-file, facemenu-add-face-function)
(facemenu-remove-face-function, gnus-article-decoded-p)
(tool-bar-mode):
* mail-source.el (display-time-mail-function):
* gnus-util.el (nnmail-pathname-coding-system)
(nnmail-active-file-coding-system, gnus-emphasize-whitespace-regexp)
(gnus-original-article-buffer, gnus-user-agent)
(rmail-default-rmail-file, mm-text-coding-system, tool-bar-mode)
(xemacs-codename, sxemacs-codename, emacs-program-version):
* gnus-sum.el (tool-bar-mode, gnus-tmp-header, number):
* gnus-start.el (gnus-agent-covered-methods)
(gnus-agent-file-loading-local, gnus-agent-file-loading-cache)
(gnus-current-headers, gnus-thread-indent-array, gnus-newsgroup-name)
(gnus-newsgroup-headers, gnus-group-list-mode)
(gnus-group-mark-positions, gnus-newsgroup-data)
(gnus-newsgroup-unreads, nnoo-state-alist)
(gnus-current-select-method, mail-sources)
(nnmail-scan-directory-mail-source-once, nnmail-split-history)
(nnmail-spool-file, gnus-cache-active-hashtb):
* gnus-mh.el (mh-lib-progs):
* gnus-ems.el (gnus-tmp-unread, gnus-tmp-replied)
(gnus-tmp-score-char, gnus-tmp-indentation, gnus-tmp-opening-bracket)
(gnus-tmp-lines, gnus-tmp-name, gnus-tmp-closing-bracket)
(gnus-tmp-subject-or-nil, gnus-check-before-posting, gnus-mouse-face)
(gnus-group-buffer):
* gnus-cite.el (font-lock-defaults-computed, font-lock-keywords)
(font-lock-set-defaults):
* gnus-art.el (tool-bar-map, w3m-minor-mode-map)
(gnus-face-properties-alist, charset, gnus-summary-article-menu)
(gnus-summary-post-menu, total-parts, type, condition, length):
* gnus-agent.el (gnus-agent-read-agentview):
* flow-fill.el (show-trailing-whitespace):
* gnus-group.el (tool-bar-mode, nnrss-group-alist): Remove unnecessary
eval-and-compile wrappers for byte compiler pacifiers.
* mm-view.el (mm-inline-image-xemacs): Only do something for XEmacs.
(mm-display-inline-fontify): Check for featurep 'xemacs not
extent-list.
* mm-decode.el (mm-display-external): Check for featurep 'xemacs not
itimer-list.
(mm-create-image-xemacs): Only do something for XEmacs.
(mm-image-fit-p): Check for featurep 'xemacs not glyph-width.
* mm-util.el (mm-find-buffer-file-coding-system): Add check for XEmacs.
* gnus-registry.el (gnus-adaptive-word-syntax-table):
* gnus-fun.el (gnus-face-properties-alist): Pacify byte compiler.
* textmodes/reftex-dcr.el (reftex-start-itimer-once): Add check
for XEmacs.
* calc/calc-menu.el (calc-mode-map): Pacify byte compiler.
* doc-view.el (doc-view-resolution): Add missing :group.
2007-11-16 16:50:35 +00:00
|
|
|
(defvar epg-user-id-alist)
|
|
|
|
|
(defvar epg-digest-algorithm-alist)
|
|
|
|
|
(defvar inhibit-redisplay)
|
|
|
|
|
(defvar password-cache-expiry)
|
2007-10-28 09:18:39 +00:00
|
|
|
|
Refactor mml-smime.el, mml1991.el, mml2015.el
(Maybe this is the last merge from Gnus git to Emacs git)
Cf. discussion on ding mailing list, messages in
<http://thread.gmane.org/gmane.emacs.gnus.general/86228>.
Common code from the three files mml-smime.el, mml1991.el, and
mml2015.el is moved to mml-sec.el. Auxiliary functions are added
to gnus-util.el.
The code is supported by test cases with necessary test keys.
Documentation in message.texi is updated.
* doc/misc/message.texi (Security, Using S/MIME):
Update for refactoring mml-smime.el, mml1991.el, mml2015.el.
(Using OpenPGP): Rename from "Using PGP/MIME"; update contents.
(Passphrase caching, Encrypt-to-self, Bcc Warning): New sections.
* lisp/gnus/gnus-util.el (gnus-test-list, gnus-subsetp, gnus-setdiff):
New functions.
* lisp/gnus/mml-sec.el: Require gnus-util and epg.
(epa--select-keys): Autoload.
(mml-signencrypt-style-alist, mml-secure-cache-passphrase): Doc fix.
(mml-secure-openpgp-signers): New user option;
make mml1991-signers and mml2015-signers obsolete aliases to it.
(mml-secure-smime-signers): New user option;
make mml-smime-signers an obsolete alias to it.
(mml-secure-openpgp-encrypt-to-self): New user option;
make mml1991-encrypt-to-self and mml2015-encrypt-to-self obsolete
aliases to it.
(mml-secure-smime-encrypt-to-self): New user option;
make mml-smime-encrypt-to-self an obsolete alias to it.
(mml-secure-openpgp-sign-with-sender): New user option;
make mml2015-sign-with-sender an obsolete alias to it.
(mml-secure-smime-sign-with-sender): New user option;
make mml-smime-sign-with-sender an obsolete alias to it.
(mml-secure-openpgp-always-trust): New user option;
make mml2015-always-trust an obsolete alias to it.
(mml-secure-fail-when-key-problem, mml-secure-key-preferences):
New user options.
(mml-secure-cust-usage-lookup, mml-secure-cust-fpr-lookup)
(mml-secure-cust-record-keys, mml-secure-cust-remove-keys)
(mml-secure-add-secret-key-id, mml-secure-clear-secret-key-id-list)
(mml-secure-cache-passphrase-p, mml-secure-cache-expiry-interval)
(mml-secure-passphrase-callback, mml-secure-check-user-id)
(mml-secure-secret-key-exists-p, mml-secure-check-sub-key)
(mml-secure-find-usable-keys, mml-secure-select-preferred-keys)
(mml-secure-fingerprint, mml-secure-filter-keys)
(mml-secure-normalize-cust-name, mml-secure-select-keys)
(mml-secure-select-keys-1, mml-secure-signer-names, mml-secure-signers)
(mml-secure-self-recipients, mml-secure-recipients)
(mml-secure-epg-encrypt, mml-secure-epg-sign): New functions.
* lisp/gnus/mml-smime.el: Require epg;
refactor declaration and autoloading of epg functions.
(mml-smime-use): Doc fix.
(mml-smime-cache-passphrase, mml-smime-passphrase-cache-expiry):
Obsolete.
(mml-smime-get-dns-cert, mml-smime-get-ldap-cert):
Use format instead of gnus-format-message.
(mml-smime-epg-secret-key-id-list): Remove variable.
(mml-smime-epg-passphrase-callback, mml-smime-epg-find-usable-key)
(mml-smime-epg-find-usable-secret-key): Remove functions.
(mml-smime-epg-sign, mml-smime-epg-encrypt): Refactor.
* lisp/gnus/mml1991.el (mml1991-cache-passphrase)
(mml1991-passphrase-cache-expiry): Obsolete.
(mml1991-epg-secret-key-id-list): Remove variable.
(mml1991-epg-passphrase-callback, mml1991-epg-find-usable-key)
(mml1991-epg-find-usable-secret-key): Remove functions.
(mml1991-epg-sign, mml1991-epg-encrypt): Refactor.
* lisp/gnus/mml2015.el (mml2015-cache-passphrase)
(mml2015-passphrase-cache-expiry): Obsolete.
(mml2015-epg-secret-key-id-list): Remove variable.
(mml2015-epg-passphrase-callback, mml2015-epg-check-user-id)
(mml2015-epg-check-sub-key, mml2015-epg-find-usable-key)
(mml2015-epg-find-usable-secret-key): Remove functions.
(mml2015-epg-decrypt, mml2015-epg-clear-decrypt, mml2015-epg-sign)
(mml2015-epg-encrypt): Refactor.
2016-01-03 01:10:34 +00:00
|
|
|
(eval-when-compile
|
|
|
|
|
(autoload 'epg-make-context "epg")
|
|
|
|
|
(autoload 'epg-context-set-armor "epg")
|
|
|
|
|
(autoload 'epg-context-set-signers "epg")
|
|
|
|
|
(autoload 'epg-context-result-for "epg")
|
|
|
|
|
(autoload 'epg-new-signature-digest-algorithm "epg")
|
|
|
|
|
(autoload 'epg-verify-result-to-string "epg")
|
|
|
|
|
(autoload 'epg-list-keys "epg")
|
|
|
|
|
(autoload 'epg-decrypt-string "epg")
|
|
|
|
|
(autoload 'epg-verify-string "epg")
|
|
|
|
|
(autoload 'epg-sign-string "epg")
|
|
|
|
|
(autoload 'epg-encrypt-string "epg")
|
|
|
|
|
(autoload 'epg-passphrase-callback-function "epg")
|
|
|
|
|
(autoload 'epg-context-set-passphrase-callback "epg")
|
|
|
|
|
(autoload 'epg-sub-key-fingerprint "epg")
|
|
|
|
|
(autoload 'epg-configuration "epg-config")
|
|
|
|
|
(autoload 'epg-expand-group "epg-config")
|
|
|
|
|
(autoload 'epa-select-keys "epa"))
|
|
|
|
|
|
2016-01-12 20:49:34 -05:00
|
|
|
(declare-function epg-key-sub-key-list "epg" (key) t)
|
|
|
|
|
(declare-function epg-sub-key-capability "epg" (sub-key) t)
|
|
|
|
|
(declare-function epg-sub-key-validity "epg" (sub-key) t)
|
2013-01-07 12:59:02 +09:00
|
|
|
|
2007-12-11 05:29:49 +00:00
|
|
|
(autoload 'mml-compute-boundary "mml")
|
|
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-epg-sign (cont)
|
Refactor mml-smime.el, mml1991.el, mml2015.el
(Maybe this is the last merge from Gnus git to Emacs git)
Cf. discussion on ding mailing list, messages in
<http://thread.gmane.org/gmane.emacs.gnus.general/86228>.
Common code from the three files mml-smime.el, mml1991.el, and
mml2015.el is moved to mml-sec.el. Auxiliary functions are added
to gnus-util.el.
The code is supported by test cases with necessary test keys.
Documentation in message.texi is updated.
* doc/misc/message.texi (Security, Using S/MIME):
Update for refactoring mml-smime.el, mml1991.el, mml2015.el.
(Using OpenPGP): Rename from "Using PGP/MIME"; update contents.
(Passphrase caching, Encrypt-to-self, Bcc Warning): New sections.
* lisp/gnus/gnus-util.el (gnus-test-list, gnus-subsetp, gnus-setdiff):
New functions.
* lisp/gnus/mml-sec.el: Require gnus-util and epg.
(epa--select-keys): Autoload.
(mml-signencrypt-style-alist, mml-secure-cache-passphrase): Doc fix.
(mml-secure-openpgp-signers): New user option;
make mml1991-signers and mml2015-signers obsolete aliases to it.
(mml-secure-smime-signers): New user option;
make mml-smime-signers an obsolete alias to it.
(mml-secure-openpgp-encrypt-to-self): New user option;
make mml1991-encrypt-to-self and mml2015-encrypt-to-self obsolete
aliases to it.
(mml-secure-smime-encrypt-to-self): New user option;
make mml-smime-encrypt-to-self an obsolete alias to it.
(mml-secure-openpgp-sign-with-sender): New user option;
make mml2015-sign-with-sender an obsolete alias to it.
(mml-secure-smime-sign-with-sender): New user option;
make mml-smime-sign-with-sender an obsolete alias to it.
(mml-secure-openpgp-always-trust): New user option;
make mml2015-always-trust an obsolete alias to it.
(mml-secure-fail-when-key-problem, mml-secure-key-preferences):
New user options.
(mml-secure-cust-usage-lookup, mml-secure-cust-fpr-lookup)
(mml-secure-cust-record-keys, mml-secure-cust-remove-keys)
(mml-secure-add-secret-key-id, mml-secure-clear-secret-key-id-list)
(mml-secure-cache-passphrase-p, mml-secure-cache-expiry-interval)
(mml-secure-passphrase-callback, mml-secure-check-user-id)
(mml-secure-secret-key-exists-p, mml-secure-check-sub-key)
(mml-secure-find-usable-keys, mml-secure-select-preferred-keys)
(mml-secure-fingerprint, mml-secure-filter-keys)
(mml-secure-normalize-cust-name, mml-secure-select-keys)
(mml-secure-select-keys-1, mml-secure-signer-names, mml-secure-signers)
(mml-secure-self-recipients, mml-secure-recipients)
(mml-secure-epg-encrypt, mml-secure-epg-sign): New functions.
* lisp/gnus/mml-smime.el: Require epg;
refactor declaration and autoloading of epg functions.
(mml-smime-use): Doc fix.
(mml-smime-cache-passphrase, mml-smime-passphrase-cache-expiry):
Obsolete.
(mml-smime-get-dns-cert, mml-smime-get-ldap-cert):
Use format instead of gnus-format-message.
(mml-smime-epg-secret-key-id-list): Remove variable.
(mml-smime-epg-passphrase-callback, mml-smime-epg-find-usable-key)
(mml-smime-epg-find-usable-secret-key): Remove functions.
(mml-smime-epg-sign, mml-smime-epg-encrypt): Refactor.
* lisp/gnus/mml1991.el (mml1991-cache-passphrase)
(mml1991-passphrase-cache-expiry): Obsolete.
(mml1991-epg-secret-key-id-list): Remove variable.
(mml1991-epg-passphrase-callback, mml1991-epg-find-usable-key)
(mml1991-epg-find-usable-secret-key): Remove functions.
(mml1991-epg-sign, mml1991-epg-encrypt): Refactor.
* lisp/gnus/mml2015.el (mml2015-cache-passphrase)
(mml2015-passphrase-cache-expiry): Obsolete.
(mml2015-epg-secret-key-id-list): Remove variable.
(mml2015-epg-passphrase-callback, mml2015-epg-check-user-id)
(mml2015-epg-check-sub-key, mml2015-epg-find-usable-key)
(mml2015-epg-find-usable-secret-key): Remove functions.
(mml2015-epg-decrypt, mml2015-epg-clear-decrypt, mml2015-epg-sign)
(mml2015-epg-encrypt): Refactor.
2016-01-03 01:10:34 +00:00
|
|
|
(let ((inhibit-redisplay t)
|
|
|
|
|
(boundary (mml-compute-boundary cont)))
|
2007-10-28 09:18:39 +00:00
|
|
|
(goto-char (point-min))
|
Refactor mml-smime.el, mml1991.el, mml2015.el
(Maybe this is the last merge from Gnus git to Emacs git)
Cf. discussion on ding mailing list, messages in
<http://thread.gmane.org/gmane.emacs.gnus.general/86228>.
Common code from the three files mml-smime.el, mml1991.el, and
mml2015.el is moved to mml-sec.el. Auxiliary functions are added
to gnus-util.el.
The code is supported by test cases with necessary test keys.
Documentation in message.texi is updated.
* doc/misc/message.texi (Security, Using S/MIME):
Update for refactoring mml-smime.el, mml1991.el, mml2015.el.
(Using OpenPGP): Rename from "Using PGP/MIME"; update contents.
(Passphrase caching, Encrypt-to-self, Bcc Warning): New sections.
* lisp/gnus/gnus-util.el (gnus-test-list, gnus-subsetp, gnus-setdiff):
New functions.
* lisp/gnus/mml-sec.el: Require gnus-util and epg.
(epa--select-keys): Autoload.
(mml-signencrypt-style-alist, mml-secure-cache-passphrase): Doc fix.
(mml-secure-openpgp-signers): New user option;
make mml1991-signers and mml2015-signers obsolete aliases to it.
(mml-secure-smime-signers): New user option;
make mml-smime-signers an obsolete alias to it.
(mml-secure-openpgp-encrypt-to-self): New user option;
make mml1991-encrypt-to-self and mml2015-encrypt-to-self obsolete
aliases to it.
(mml-secure-smime-encrypt-to-self): New user option;
make mml-smime-encrypt-to-self an obsolete alias to it.
(mml-secure-openpgp-sign-with-sender): New user option;
make mml2015-sign-with-sender an obsolete alias to it.
(mml-secure-smime-sign-with-sender): New user option;
make mml-smime-sign-with-sender an obsolete alias to it.
(mml-secure-openpgp-always-trust): New user option;
make mml2015-always-trust an obsolete alias to it.
(mml-secure-fail-when-key-problem, mml-secure-key-preferences):
New user options.
(mml-secure-cust-usage-lookup, mml-secure-cust-fpr-lookup)
(mml-secure-cust-record-keys, mml-secure-cust-remove-keys)
(mml-secure-add-secret-key-id, mml-secure-clear-secret-key-id-list)
(mml-secure-cache-passphrase-p, mml-secure-cache-expiry-interval)
(mml-secure-passphrase-callback, mml-secure-check-user-id)
(mml-secure-secret-key-exists-p, mml-secure-check-sub-key)
(mml-secure-find-usable-keys, mml-secure-select-preferred-keys)
(mml-secure-fingerprint, mml-secure-filter-keys)
(mml-secure-normalize-cust-name, mml-secure-select-keys)
(mml-secure-select-keys-1, mml-secure-signer-names, mml-secure-signers)
(mml-secure-self-recipients, mml-secure-recipients)
(mml-secure-epg-encrypt, mml-secure-epg-sign): New functions.
* lisp/gnus/mml-smime.el: Require epg;
refactor declaration and autoloading of epg functions.
(mml-smime-use): Doc fix.
(mml-smime-cache-passphrase, mml-smime-passphrase-cache-expiry):
Obsolete.
(mml-smime-get-dns-cert, mml-smime-get-ldap-cert):
Use format instead of gnus-format-message.
(mml-smime-epg-secret-key-id-list): Remove variable.
(mml-smime-epg-passphrase-callback, mml-smime-epg-find-usable-key)
(mml-smime-epg-find-usable-secret-key): Remove functions.
(mml-smime-epg-sign, mml-smime-epg-encrypt): Refactor.
* lisp/gnus/mml1991.el (mml1991-cache-passphrase)
(mml1991-passphrase-cache-expiry): Obsolete.
(mml1991-epg-secret-key-id-list): Remove variable.
(mml1991-epg-passphrase-callback, mml1991-epg-find-usable-key)
(mml1991-epg-find-usable-secret-key): Remove functions.
(mml1991-epg-sign, mml1991-epg-encrypt): Refactor.
* lisp/gnus/mml2015.el (mml2015-cache-passphrase)
(mml2015-passphrase-cache-expiry): Obsolete.
(mml2015-epg-secret-key-id-list): Remove variable.
(mml2015-epg-passphrase-callback, mml2015-epg-check-user-id)
(mml2015-epg-check-sub-key, mml2015-epg-find-usable-key)
(mml2015-epg-find-usable-secret-key): Remove functions.
(mml2015-epg-decrypt, mml2015-epg-clear-decrypt, mml2015-epg-sign)
(mml2015-epg-encrypt): Refactor.
2016-01-03 01:10:34 +00:00
|
|
|
(let* ((pair (mml-secure-epg-sign 'CMS cont))
|
|
|
|
|
(signature (car pair))
|
|
|
|
|
(micalg (cdr pair)))
|
|
|
|
|
(insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
|
|
|
|
|
boundary))
|
|
|
|
|
(if micalg
|
|
|
|
|
(insert (format "\tmicalg=%s; "
|
|
|
|
|
(downcase
|
|
|
|
|
(cdr (assq micalg
|
|
|
|
|
epg-digest-algorithm-alist))))))
|
|
|
|
|
(insert "protocol=\"application/pkcs7-signature\"\n")
|
|
|
|
|
(insert (format "\n--%s\n" boundary))
|
|
|
|
|
(goto-char (point-max))
|
|
|
|
|
(insert (format "\n--%s\n" boundary))
|
|
|
|
|
(insert "Content-Type: application/pkcs7-signature; name=smime.p7s
|
2007-10-28 09:18:39 +00:00
|
|
|
Content-Transfer-Encoding: base64
|
|
|
|
|
Content-Disposition: attachment; filename=smime.p7s
|
|
|
|
|
|
|
|
|
|
")
|
Refactor mml-smime.el, mml1991.el, mml2015.el
(Maybe this is the last merge from Gnus git to Emacs git)
Cf. discussion on ding mailing list, messages in
<http://thread.gmane.org/gmane.emacs.gnus.general/86228>.
Common code from the three files mml-smime.el, mml1991.el, and
mml2015.el is moved to mml-sec.el. Auxiliary functions are added
to gnus-util.el.
The code is supported by test cases with necessary test keys.
Documentation in message.texi is updated.
* doc/misc/message.texi (Security, Using S/MIME):
Update for refactoring mml-smime.el, mml1991.el, mml2015.el.
(Using OpenPGP): Rename from "Using PGP/MIME"; update contents.
(Passphrase caching, Encrypt-to-self, Bcc Warning): New sections.
* lisp/gnus/gnus-util.el (gnus-test-list, gnus-subsetp, gnus-setdiff):
New functions.
* lisp/gnus/mml-sec.el: Require gnus-util and epg.
(epa--select-keys): Autoload.
(mml-signencrypt-style-alist, mml-secure-cache-passphrase): Doc fix.
(mml-secure-openpgp-signers): New user option;
make mml1991-signers and mml2015-signers obsolete aliases to it.
(mml-secure-smime-signers): New user option;
make mml-smime-signers an obsolete alias to it.
(mml-secure-openpgp-encrypt-to-self): New user option;
make mml1991-encrypt-to-self and mml2015-encrypt-to-self obsolete
aliases to it.
(mml-secure-smime-encrypt-to-self): New user option;
make mml-smime-encrypt-to-self an obsolete alias to it.
(mml-secure-openpgp-sign-with-sender): New user option;
make mml2015-sign-with-sender an obsolete alias to it.
(mml-secure-smime-sign-with-sender): New user option;
make mml-smime-sign-with-sender an obsolete alias to it.
(mml-secure-openpgp-always-trust): New user option;
make mml2015-always-trust an obsolete alias to it.
(mml-secure-fail-when-key-problem, mml-secure-key-preferences):
New user options.
(mml-secure-cust-usage-lookup, mml-secure-cust-fpr-lookup)
(mml-secure-cust-record-keys, mml-secure-cust-remove-keys)
(mml-secure-add-secret-key-id, mml-secure-clear-secret-key-id-list)
(mml-secure-cache-passphrase-p, mml-secure-cache-expiry-interval)
(mml-secure-passphrase-callback, mml-secure-check-user-id)
(mml-secure-secret-key-exists-p, mml-secure-check-sub-key)
(mml-secure-find-usable-keys, mml-secure-select-preferred-keys)
(mml-secure-fingerprint, mml-secure-filter-keys)
(mml-secure-normalize-cust-name, mml-secure-select-keys)
(mml-secure-select-keys-1, mml-secure-signer-names, mml-secure-signers)
(mml-secure-self-recipients, mml-secure-recipients)
(mml-secure-epg-encrypt, mml-secure-epg-sign): New functions.
* lisp/gnus/mml-smime.el: Require epg;
refactor declaration and autoloading of epg functions.
(mml-smime-use): Doc fix.
(mml-smime-cache-passphrase, mml-smime-passphrase-cache-expiry):
Obsolete.
(mml-smime-get-dns-cert, mml-smime-get-ldap-cert):
Use format instead of gnus-format-message.
(mml-smime-epg-secret-key-id-list): Remove variable.
(mml-smime-epg-passphrase-callback, mml-smime-epg-find-usable-key)
(mml-smime-epg-find-usable-secret-key): Remove functions.
(mml-smime-epg-sign, mml-smime-epg-encrypt): Refactor.
* lisp/gnus/mml1991.el (mml1991-cache-passphrase)
(mml1991-passphrase-cache-expiry): Obsolete.
(mml1991-epg-secret-key-id-list): Remove variable.
(mml1991-epg-passphrase-callback, mml1991-epg-find-usable-key)
(mml1991-epg-find-usable-secret-key): Remove functions.
(mml1991-epg-sign, mml1991-epg-encrypt): Refactor.
* lisp/gnus/mml2015.el (mml2015-cache-passphrase)
(mml2015-passphrase-cache-expiry): Obsolete.
(mml2015-epg-secret-key-id-list): Remove variable.
(mml2015-epg-passphrase-callback, mml2015-epg-check-user-id)
(mml2015-epg-check-sub-key, mml2015-epg-find-usable-key)
(mml2015-epg-find-usable-secret-key): Remove functions.
(mml2015-epg-decrypt, mml2015-epg-clear-decrypt, mml2015-epg-sign)
(mml2015-epg-encrypt): Refactor.
2016-01-03 01:10:34 +00:00
|
|
|
(insert (base64-encode-string signature) "\n")
|
|
|
|
|
(goto-char (point-max))
|
|
|
|
|
(insert (format "--%s--\n" boundary))
|
|
|
|
|
(goto-char (point-max)))))
|
2007-10-28 09:18:39 +00:00
|
|
|
|
|
|
|
|
(defun mml-smime-epg-encrypt (cont)
|
2013-01-11 03:06:13 +00:00
|
|
|
(let* ((inhibit-redisplay t)
|
|
|
|
|
(boundary (mml-compute-boundary cont))
|
Refactor mml-smime.el, mml1991.el, mml2015.el
(Maybe this is the last merge from Gnus git to Emacs git)
Cf. discussion on ding mailing list, messages in
<http://thread.gmane.org/gmane.emacs.gnus.general/86228>.
Common code from the three files mml-smime.el, mml1991.el, and
mml2015.el is moved to mml-sec.el. Auxiliary functions are added
to gnus-util.el.
The code is supported by test cases with necessary test keys.
Documentation in message.texi is updated.
* doc/misc/message.texi (Security, Using S/MIME):
Update for refactoring mml-smime.el, mml1991.el, mml2015.el.
(Using OpenPGP): Rename from "Using PGP/MIME"; update contents.
(Passphrase caching, Encrypt-to-self, Bcc Warning): New sections.
* lisp/gnus/gnus-util.el (gnus-test-list, gnus-subsetp, gnus-setdiff):
New functions.
* lisp/gnus/mml-sec.el: Require gnus-util and epg.
(epa--select-keys): Autoload.
(mml-signencrypt-style-alist, mml-secure-cache-passphrase): Doc fix.
(mml-secure-openpgp-signers): New user option;
make mml1991-signers and mml2015-signers obsolete aliases to it.
(mml-secure-smime-signers): New user option;
make mml-smime-signers an obsolete alias to it.
(mml-secure-openpgp-encrypt-to-self): New user option;
make mml1991-encrypt-to-self and mml2015-encrypt-to-self obsolete
aliases to it.
(mml-secure-smime-encrypt-to-self): New user option;
make mml-smime-encrypt-to-self an obsolete alias to it.
(mml-secure-openpgp-sign-with-sender): New user option;
make mml2015-sign-with-sender an obsolete alias to it.
(mml-secure-smime-sign-with-sender): New user option;
make mml-smime-sign-with-sender an obsolete alias to it.
(mml-secure-openpgp-always-trust): New user option;
make mml2015-always-trust an obsolete alias to it.
(mml-secure-fail-when-key-problem, mml-secure-key-preferences):
New user options.
(mml-secure-cust-usage-lookup, mml-secure-cust-fpr-lookup)
(mml-secure-cust-record-keys, mml-secure-cust-remove-keys)
(mml-secure-add-secret-key-id, mml-secure-clear-secret-key-id-list)
(mml-secure-cache-passphrase-p, mml-secure-cache-expiry-interval)
(mml-secure-passphrase-callback, mml-secure-check-user-id)
(mml-secure-secret-key-exists-p, mml-secure-check-sub-key)
(mml-secure-find-usable-keys, mml-secure-select-preferred-keys)
(mml-secure-fingerprint, mml-secure-filter-keys)
(mml-secure-normalize-cust-name, mml-secure-select-keys)
(mml-secure-select-keys-1, mml-secure-signer-names, mml-secure-signers)
(mml-secure-self-recipients, mml-secure-recipients)
(mml-secure-epg-encrypt, mml-secure-epg-sign): New functions.
* lisp/gnus/mml-smime.el: Require epg;
refactor declaration and autoloading of epg functions.
(mml-smime-use): Doc fix.
(mml-smime-cache-passphrase, mml-smime-passphrase-cache-expiry):
Obsolete.
(mml-smime-get-dns-cert, mml-smime-get-ldap-cert):
Use format instead of gnus-format-message.
(mml-smime-epg-secret-key-id-list): Remove variable.
(mml-smime-epg-passphrase-callback, mml-smime-epg-find-usable-key)
(mml-smime-epg-find-usable-secret-key): Remove functions.
(mml-smime-epg-sign, mml-smime-epg-encrypt): Refactor.
* lisp/gnus/mml1991.el (mml1991-cache-passphrase)
(mml1991-passphrase-cache-expiry): Obsolete.
(mml1991-epg-secret-key-id-list): Remove variable.
(mml1991-epg-passphrase-callback, mml1991-epg-find-usable-key)
(mml1991-epg-find-usable-secret-key): Remove functions.
(mml1991-epg-sign, mml1991-epg-encrypt): Refactor.
* lisp/gnus/mml2015.el (mml2015-cache-passphrase)
(mml2015-passphrase-cache-expiry): Obsolete.
(mml2015-epg-secret-key-id-list): Remove variable.
(mml2015-epg-passphrase-callback, mml2015-epg-check-user-id)
(mml2015-epg-check-sub-key, mml2015-epg-find-usable-key)
(mml2015-epg-find-usable-secret-key): Remove functions.
(mml2015-epg-decrypt, mml2015-epg-clear-decrypt, mml2015-epg-sign)
(mml2015-epg-encrypt): Refactor.
2016-01-03 01:10:34 +00:00
|
|
|
(cipher (mml-secure-epg-encrypt 'CMS cont)))
|
2007-10-28 09:18:39 +00:00
|
|
|
(delete-region (point-min) (point-max))
|
|
|
|
|
(goto-char (point-min))
|
|
|
|
|
(insert "\
|
|
|
|
|
Content-Type: application/pkcs7-mime;
|
|
|
|
|
smime-type=enveloped-data;
|
|
|
|
|
name=smime.p7m
|
|
|
|
|
Content-Transfer-Encoding: base64
|
|
|
|
|
Content-Disposition: attachment; filename=smime.p7m
|
|
|
|
|
|
|
|
|
|
")
|
|
|
|
|
(insert (base64-encode-string cipher))
|
|
|
|
|
(goto-char (point-max))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-epg-verify (handle ctl)
|
|
|
|
|
(catch 'error
|
|
|
|
|
(let ((inhibit-redisplay t)
|
|
|
|
|
context plain signature-file part signature)
|
|
|
|
|
(when (or (null (setq part (mm-find-raw-part-by-type
|
|
|
|
|
ctl (or (mm-handle-multipart-ctl-parameter
|
|
|
|
|
ctl 'protocol)
|
|
|
|
|
"application/pkcs7-signature")
|
|
|
|
|
t)))
|
2010-07-25 10:29:49 +00:00
|
|
|
(null (setq signature (or (mm-find-part-by-type
|
|
|
|
|
(cdr handle)
|
|
|
|
|
"application/pkcs7-signature"
|
|
|
|
|
nil t)
|
|
|
|
|
(mm-find-part-by-type
|
|
|
|
|
(cdr handle)
|
|
|
|
|
"application/x-pkcs7-signature"
|
|
|
|
|
nil t)))))
|
2007-10-28 09:18:39 +00:00
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info "Corrupted")
|
|
|
|
|
(throw 'error handle))
|
2016-02-13 14:31:53 +11:00
|
|
|
(setq part (replace-regexp-in-string "\n" "\r\n" part)
|
2007-10-28 09:18:39 +00:00
|
|
|
context (epg-make-context 'CMS))
|
|
|
|
|
(condition-case error
|
|
|
|
|
(setq plain (epg-verify-string context (mm-get-part signature) part))
|
|
|
|
|
(error
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info "Failed")
|
|
|
|
|
(if (eq (car error) 'quit)
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-details "Quit.")
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-details (format "%S" error)))
|
|
|
|
|
(throw 'error handle)))
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info
|
|
|
|
|
(epg-verify-result-to-string (epg-context-result-for context 'verify)))
|
|
|
|
|
handle)))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-epg-verify-test (handle ctl)
|
|
|
|
|
t)
|
|
|
|
|
|
2004-09-04 13:13:48 +00:00
|
|
|
(provide 'mml-smime)
|
|
|
|
|
|
|
|
|
|
;;; mml-smime.el ends here
|