1 Return-Path: <jani@nikula.org>
\r
2 X-Original-To: notmuch@notmuchmail.org
\r
3 Delivered-To: notmuch@notmuchmail.org
\r
4 Received: from localhost (localhost [127.0.0.1])
\r
5 by olra.theworths.org (Postfix) with ESMTP id C49E5431FD9
\r
6 for <notmuch@notmuchmail.org>; Sun, 18 Jan 2015 02:45:57 -0800 (PST)
\r
7 X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
\r
8 X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "References"
\r
12 X-Spam-Status: No, score=1.738 tagged_above=-999 required=5
\r
13 tests=[DNS_FROM_AHBL_RHSBL=2.438, RCVD_IN_DNSWL_LOW=-0.7]
\r
15 Received: from olra.theworths.org ([127.0.0.1])
\r
16 by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
\r
17 with ESMTP id 6Z+4gY4wQbqL for <notmuch@notmuchmail.org>;
\r
18 Sun, 18 Jan 2015 02:45:55 -0800 (PST)
\r
19 Received: from mail-wi0-f180.google.com (mail-wi0-f180.google.com
\r
20 [209.85.212.180]) (using TLSv1 with cipher RC4-SHA (128/128 bits))
\r
21 (No client certificate requested)
\r
22 by olra.theworths.org (Postfix) with ESMTPS id 420A3431FDC
\r
23 for <notmuch@notmuchmail.org>; Sun, 18 Jan 2015 02:45:48 -0800 (PST)
\r
24 Received: by mail-wi0-f180.google.com with SMTP id bs8so11170790wib.1
\r
25 for <notmuch@notmuchmail.org>; Sun, 18 Jan 2015 02:45:47 -0800 (PST)
\r
26 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
\r
27 d=1e100.net; s=20130820;
\r
28 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
\r
29 :references:in-reply-to:references;
\r
30 bh=GAW1ZFHzuP3VpdY7t2TExsS+EKg2zM1d6UsYROwg/Ko=;
\r
31 b=ghVl79pGC1/3cXtaMYWky58olohZX7oVVtOaUG9dQJrSX26E8GbLfUhQcWtTD7P/eA
\r
32 gwF8I3BXwz0ydM4aQ0tb4H7jsikKF/O+08kq1+sajIoeTA7AZDPOSAeEZWCBNrD3YNgz
\r
33 8IZbExoeLvTXQfdZFVfjT712ySxjheo6++lzx5QkdzkkTw+b0A/WPdhDqcXDxlHsoxl6
\r
34 WQZQOtDyfoUqSzU9x9ChdCds64qzZX6cjx3NUsQBHSPvHC35PI8awSpOz3NUzwB6Pd4Q
\r
35 LzNFA+QlADcfTkINEhh2TAoVWp6EOwDHrEltvqALPTO/nySnyWs3CeD/Blo3kj8tLS0f
\r
38 ALoCoQnmMFzo2WnUeYIkQnr+CUIX88iIvhISZpWS0kpdZGQ2Gg7lsfxzsPRc1B3xLD7RL8Qvjfls
\r
39 X-Received: by 10.194.179.166 with SMTP id dh6mr25422649wjc.87.1421577947339;
\r
40 Sun, 18 Jan 2015 02:45:47 -0800 (PST)
\r
41 Received: from localhost (mobile-internet-bcee14-89.dhcp.inet.fi.
\r
42 [188.238.20.89]) by mx.google.com with ESMTPSA id
\r
43 bo3sm12904624wjb.44.2015.01.18.02.45.46
\r
44 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
\r
45 Sun, 18 Jan 2015 02:45:46 -0800 (PST)
\r
46 From: Jani Nikula <jani@nikula.org>
\r
47 To: david@tethera.net,
\r
48 notmuch@notmuchmail.org
\r
49 Subject: [PATCH 3/3] cli: crypto: S/MIME verification/decryption support
\r
50 Date: Sun, 18 Jan 2015 12:45:53 +0200
\r
52 <dab06251b946c0c65a564874ee296a5ac5675d35.1421577605.git.jani@nikula.org>
\r
53 X-Mailer: git-send-email 2.1.4
\r
54 In-Reply-To: <cover.1421577605.git.jani@nikula.org>
\r
55 References: <1421568167-18683-3-git-send-email-david@tethera.net>
\r
56 <cover.1421577605.git.jani@nikula.org>
\r
57 In-Reply-To: <cover.1421577605.git.jani@nikula.org>
\r
58 References: <cover.1421577605.git.jani@nikula.org>
\r
59 X-BeenThere: notmuch@notmuchmail.org
\r
60 X-Mailman-Version: 2.1.13
\r
62 List-Id: "Use and development of the notmuch mail system."
\r
63 <notmuch.notmuchmail.org>
\r
64 List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
\r
65 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
\r
66 List-Archive: <http://notmuchmail.org/pipermail/notmuch>
\r
67 List-Post: <mailto:notmuch@notmuchmail.org>
\r
68 List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
\r
69 List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
\r
70 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
\r
71 X-List-Received-Date: Sun, 18 Jan 2015 10:45:58 -0000
\r
73 The notmuch-show flags --decrypt and --verify will now also process
\r
74 S/MIME multiparts if encountered. Requires gmime-2.6 and gpgsm.
\r
76 Based on work by Jameson Graef Rollins <jrollins@finestructure.net>.
\r
80 id:1340995101-9616-2-git-send-email-jrollins@finestructure.net
\r
82 crypto.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
\r
83 notmuch-client.h | 7 +++++--
\r
84 2 files changed, 53 insertions(+), 2 deletions(-)
\r
86 diff --git a/crypto.c b/crypto.c
\r
87 index 8e58dcca4ee5..8944cc5d4bcd 100644
\r
90 @@ -45,6 +45,29 @@ create_gpg_context (notmuch_crypto_t *crypto)
\r
94 +/* Create a PKCS7 context (GMime 2.6) */
\r
95 +static notmuch_crypto_context_t *
\r
96 +create_pkcs7_context (notmuch_crypto_t *crypto)
\r
98 + notmuch_crypto_context_t *pkcs7ctx;
\r
100 + if (crypto->pkcs7ctx)
\r
101 + return crypto->pkcs7ctx;
\r
103 + /* TODO: GMimePasswordRequestFunc */
\r
104 + pkcs7ctx = g_mime_pkcs7_context_new (NULL);
\r
105 + if (! pkcs7ctx) {
\r
106 + fprintf (stderr, "Failed to construct pkcs7 context.\n");
\r
109 + crypto->pkcs7ctx = pkcs7ctx;
\r
111 + g_mime_pkcs7_context_set_always_trust ((GMimePkcs7Context *) pkcs7ctx,
\r
117 #else /* GMIME_ATLEAST_26 */
\r
119 /* Create a GPG context (GMime 2.4) */
\r
120 @@ -72,6 +95,14 @@ create_gpg_context (notmuch_crypto_t *crypto)
\r
124 +/* Create a PKCS7 context (GMime 2.4) */
\r
125 +static notmuch_crypto_context_t *
\r
126 +create_pkcs7_context (notmuch_crypto_t *crypto)
\r
128 + fprintf (stderr, "pkcs7 is not supported in gmime 2.4.\n");
\r
132 #endif /* GMIME_ATLEAST_26 */
\r
135 @@ -86,6 +117,18 @@ static struct {
\r
136 .protocol = "application/pgp-encrypted",
\r
137 .get_context = create_gpg_context,
\r
140 + .protocol = "application/pkcs7-signature",
\r
141 + .get_context = create_pkcs7_context,
\r
144 + .protocol = "application/x-pkcs7-signature",
\r
145 + .get_context = create_pkcs7_context,
\r
148 + .protocol = "application/pkcs7-encrypted",
\r
149 + .get_context = create_pkcs7_context,
\r
153 /* for the specified protocol return the context pointer (initializing
\r
154 @@ -124,5 +167,10 @@ notmuch_crypto_cleanup (notmuch_crypto_t *crypto)
\r
155 crypto->gpgctx = NULL;
\r
158 + if (crypto->pkcs7ctx) {
\r
159 + g_object_unref (crypto->pkcs7ctx);
\r
160 + crypto->pkcs7ctx = NULL;
\r
165 diff --git a/notmuch-client.h b/notmuch-client.h
\r
166 index 5e0d47508c6a..5f2a11ed8dc5 100644
\r
167 --- a/notmuch-client.h
\r
168 +++ b/notmuch-client.h
\r
170 #ifdef GMIME_MAJOR_VERSION
\r
171 #define GMIME_ATLEAST_26
\r
172 typedef GMimeCryptoContext notmuch_crypto_context_t;
\r
173 +/* This is automatically included only since gmime 2.6.10 */
\r
174 +#include <gmime/gmime-pkcs7-context.h>
\r
176 typedef GMimeCipherContext notmuch_crypto_context_t;
\r
178 @@ -78,6 +80,7 @@ typedef struct notmuch_show_format {
\r
180 typedef struct notmuch_crypto {
\r
181 notmuch_crypto_context_t* gpgctx;
\r
182 + notmuch_crypto_context_t* pkcs7ctx;
\r
183 notmuch_bool_t verify;
\r
184 notmuch_bool_t decrypt;
\r
185 } notmuch_crypto_t;
\r
186 @@ -414,8 +417,8 @@ struct mime_node {
\r
187 /* Construct a new MIME node pointing to the root message part of
\r
188 * message. If crypto->verify is true, signed child parts will be
\r
189 * verified. If crypto->decrypt is true, encrypted child parts will be
\r
190 - * decrypted. If crypto->gpgctx is NULL, it will be lazily
\r
192 + * decrypted. If the crypto contexts (crypto->gpgctx or
\r
193 + * crypto->pkcs7) are NULL, they will be lazily initialized.
\r