crypt.c File Reference

Signing/encryption multiplexor. More...

#include "config.h"
#include <limits.h>
#include <locale.h>
#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include "mutt/mutt.h"
#include "address/lib.h"
#include "config/lib.h"
#include "email/lib.h"
#include "mutt.h"
#include "alias.h"
#include "copy.h"
#include "cryptglue.h"
#include "curs_lib.h"
#include "globals.h"
#include "handler.h"
#include "mutt_curses.h"
#include "mutt_parse.h"
#include "mutt_window.h"
#include "muttlib.h"
#include "ncrypt.h"
#include "options.h"
#include "send.h"
#include "sendlib.h"
#include "state.h"
#include "autocrypt/autocrypt.h"

Include dependency graph for crypt.c:

Go to the source code of this file.

Functions
void	crypt_current_time (struct State *s, const char *app_name)
	Print the current time. More...
void	crypt_forget_passphrase (void)
	Forget a passphrase and display a message. More...
bool	crypt_valid_passphrase (SecurityFlags flags)
	Check that we have a usable passphrase, ask if not. More...
int	mutt_protect (struct Email *e, char *keylist, bool postpone)
	Encrypt and/or sign a message. More...
SecurityFlags	mutt_is_multipart_signed (struct Body *b)
	Is a message signed? More...
SecurityFlags	mutt_is_multipart_encrypted (struct Body *b)
	Does the message have encrypted parts? More...
int	mutt_is_valid_multipart_pgp_encrypted (struct Body *b)
	Is this a valid multi-part encrypted message? More...
SecurityFlags	mutt_is_malformed_multipart_pgp_encrypted (struct Body *b)
	Check for malformed layout. More...
SecurityFlags	mutt_is_application_pgp (struct Body *m)
	Does the message use PGP? More...
SecurityFlags	mutt_is_application_smime (struct Body *m)
	Does the message use S/MIME? More...
SecurityFlags	crypt_query (struct Body *m)
	Check out the type of encryption used. More...
int	crypt_write_signed (struct Body *a, struct State *s, const char *tempfile)
	Write the message body/part. More...
void	crypt_convert_to_7bit (struct Body *a)
	Convert an email to 7bit encoding. More...
void	crypt_extract_keys_from_messages (struct Mailbox *m, struct EmailList *el)
	Extract keys from a message. More...
int	crypt_get_keys (struct Email *e, char **keylist, bool oppenc_mode)
	Check we have all the keys we need. More...
void	crypt_opportunistic_encrypt (struct Email *e)
	Can all recipients be determined. More...
static void	crypt_fetch_signatures (struct Body ***signatures, struct Body *a, int *n)
	Create an array of an emails parts. More...
bool	mutt_should_hide_protected_subject (struct Email *e)
	Should NeoMutt hide the protected subject? More...
int	mutt_protected_headers_handler (struct Body *a, struct State *s)
	Process a protected header - Implements handler_t. More...
int	mutt_signed_handler (struct Body *a, struct State *s)
	Verify a "multipart/signed" body - Implements handler_t. More...
const char *	crypt_get_fingerprint_or_id (const char *p, const char **pphint, const char **ppl, const char **pps)
	Get the fingerprint or long key ID. More...
bool	crypt_is_numerical_keyid (const char *s)
	Is this a numerical keyid. More...

Variables
bool	C_CryptTimestamp
	Config: Add a timestamp to PGP or SMIME output to prevent spoofing. More...
unsigned char	C_PgpEncryptSelf
	Deprecated, see C_PgpSelfEncrypt. More...
unsigned char	C_PgpMimeAuto
	Config: Prompt the user to use MIME if inline PGP fails. More...
bool	C_PgpRetainableSigs
	Config: Create nested multipart/signed or encrypted messages. More...
bool	C_PgpSelfEncrypt
	Config: Encrypted messages will also be encrypted to C_PgpDefaultKey too. More...
bool	C_PgpStrictEnc
	Config: Encode PGP signed messages with quoted-printable (don't unset) More...
unsigned char	C_SmimeEncryptSelf
	Deprecated, see C_SmimeSelfEncrypt. More...
bool	C_SmimeSelfEncrypt
	Config: Encrypted messages will also be encrypt to C_SmimeDefaultKey too. More...

Detailed Description

Signing/encryption multiplexor.

Authors

• Michael R. Elkins
• Thomas Roessler
• Thomas Roessler
• Oliver Ehli
• Werner Koch
• g10code GmbH
• Pietro Cerutti

Copyright

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

Definition in file crypt.c.

Function Documentation

crypt_current_time()

void crypt_current_time	(	struct State *	s,
		const char *	app_name
	)

Print the current time.

Parameters

s	State to use
app_name	App name, e.g. "PGP"

print the current time to avoid spoofing of the signature output

Definition at line 84 of file crypt.c.

{
  char p[256], tmp[256];

  if (!WithCrypto)
    return;

  if (C_CryptTimestamp)
  {
    mutt_date_localtime_format(p, sizeof(p), _(" (current time: %c)"), MUTT_DATE_NOW);
  }
  else
    *p = '\0';

  snprintf(tmp, sizeof(tmp), _("[-- %s output follows%s --]\n"), NONULL(app_name), p);
  state_attach_puts(tmp, s);
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_forget_passphrase()

void crypt_forget_passphrase

(

void

)

Forget a passphrase and display a message.

Definition at line 105 of file crypt.c.

{
  if (WithCrypto & APPLICATION_PGP)
    crypt_pgp_void_passphrase();

  if (WithCrypto & APPLICATION_SMIME)
    crypt_smime_void_passphrase();

  if (WithCrypto)
  {
    /* L10N: Due to the implementation details (e.g. some passwords are managed
       by gpg-agent) we can't know whether we forgot zero, 1, 12, ...
       passwords. So in English we use "Passphrases". Your language might
       have other means to express this. */
    mutt_message(_("Passphrases forgotten"));
  }
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_valid_passphrase()

bool crypt_valid_passphrase

(

SecurityFlags

flags

)

Check that we have a usable passphrase, ask if not.

Parameters

flags

Flags, see SecurityFlags

Return values

true	Success
false	Failed

Definition at line 147 of file crypt.c.

{
  bool rc = false;

#ifndef DEBUG
  disable_coredumps();
#endif

  if (((WithCrypto & APPLICATION_PGP) != 0) && (flags & APPLICATION_PGP))
    rc = crypt_pgp_valid_passphrase();

  if (((WithCrypto & APPLICATION_SMIME) != 0) && (flags & APPLICATION_SMIME))
    rc = crypt_smime_valid_passphrase();

  return rc;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_protect()

int mutt_protect	(	struct Email *	e,
		char *	keylist,
		bool	postpone
	)

Encrypt and/or sign a message.

Parameters

e	Email
keylist	List of keys to encrypt to (space-separated)
postpone	When true, signing is automatically disabled

Return values

0	Success
-1	Error

Definition at line 172 of file crypt.c.

{
  struct Body *pbody = NULL, *tmp_pbody = NULL;
  struct Body *tmp_smime_pbody = NULL;
  struct Body *tmp_pgp_pbody = NULL;
  bool has_retainable_sig = false;

  if (!WithCrypto)
    return -1;

  int security = e->security;
  int sign = security & (SEC_AUTOCRYPT | SEC_SIGN);
  if (postpone)
  {
    sign = SEC_NO_FLAGS;
    security &= ~SEC_SIGN;
  }

  if (!(security & (SEC_ENCRYPT | SEC_AUTOCRYPT)) && !sign)
    return 0;

  if (sign && !(security & SEC_AUTOCRYPT) && !crypt_valid_passphrase(security))
    return -1;

  if (((WithCrypto & APPLICATION_PGP) != 0) && !(security & SEC_AUTOCRYPT) &&
      ((security & PGP_INLINE) == PGP_INLINE))
  {
    if ((e->content->type != TYPE_TEXT) ||
        (mutt_str_strcasecmp(e->content->subtype, "plain") != 0))
    {
      if (query_quadoption(C_PgpMimeAuto,
                           _("Inline PGP can't be used with attachments.  "
                             "Revert to PGP/MIME?")) != MUTT_YES)
      {
        mutt_error(
            _("Mail not sent: inline PGP can't be used with attachments"));
        return -1;
      }
    }
    else if (mutt_str_strcasecmp("flowed", mutt_param_get(&e->content->parameter, "format")) == 0)
    {
      if ((query_quadoption(C_PgpMimeAuto,
                            _("Inline PGP can't be used with format=flowed.  "
                              "Revert to PGP/MIME?"))) != MUTT_YES)
      {
        mutt_error(
            _("Mail not sent: inline PGP can't be used with format=flowed"));
        return -1;
      }
    }
    else
    {
      /* they really want to send it inline... go for it */
      if (!isendwin())
      {
        mutt_endwin();
        puts(_("Invoking PGP..."));
      }
      pbody = crypt_pgp_traditional_encryptsign(e->content, security, keylist);
      if (pbody)
      {
        e->content = pbody;
        return 0;
      }

      /* otherwise inline won't work...ask for revert */
      if (query_quadoption(
              C_PgpMimeAuto,
              _("Message can't be sent inline.  Revert to using PGP/MIME?")) != MUTT_YES)
      {
        mutt_error(_("Mail not sent"));
        return -1;
      }
    }

    /* go ahead with PGP/MIME */
  }

  if (!isendwin())
    mutt_endwin();

  if (WithCrypto & APPLICATION_SMIME)
    tmp_smime_pbody = e->content;
  if (WithCrypto & APPLICATION_PGP)
    tmp_pgp_pbody = e->content;

  if (C_CryptUsePka && sign)
  {
    /* Set sender (necessary for e.g. PKA).  */
    const char *mailbox = NULL;
    struct Address *from = TAILQ_FIRST(&e->env->from);
    bool free_from = false;

    if (!from)
    {
      free_from = true;
      from = mutt_default_from();
    }

    mailbox = from->mailbox;
    if (!mailbox && C_EnvelopeFromAddress)
      mailbox = C_EnvelopeFromAddress->mailbox;

    if (((WithCrypto & APPLICATION_SMIME) != 0) && (security & APPLICATION_SMIME))
      crypt_smime_set_sender(mailbox);
    else if (((WithCrypto & APPLICATION_PGP) != 0) && (security & APPLICATION_PGP))
      crypt_pgp_set_sender(mailbox);

    if (free_from)
      mutt_addr_free(&from);
  }

  if (C_CryptProtectedHeadersWrite)
  {
    struct Envelope *protected_headers = mutt_env_new();
    mutt_str_replace(&protected_headers->subject, e->env->subject);
    /* Note: if other headers get added, such as to, cc, then a call to
     * mutt_env_to_intl() will need to be added here too. */
    mutt_prepare_envelope(protected_headers, 0);

    mutt_env_free(&e->content->mime_headers);
    e->content->mime_headers = protected_headers;
  }

  /* A note about e->content->mime_headers.  If postpone or send
   * fails, the mime_headers is cleared out before returning to the
   * compose menu.  So despite the "robustness" code above and in the
   * gen_gossip_list function below, mime_headers will not be set when
   * entering mutt_protect().
   *
   * This is important to note because the user could toggle
   * $crypt_protected_headers_write or $autocrypt off back in the
   * compose menu.  We don't want mutt_write_rfc822_header() to write
   * stale data from one option if the other is set.
   */
#ifdef USE_AUTOCRYPT
  if (C_Autocrypt && !postpone && (security & SEC_AUTOCRYPT))
  {
    mutt_autocrypt_generate_gossip_list(e);
  }
#endif

  if (sign)
  {
    if (((WithCrypto & APPLICATION_SMIME) != 0) && (security & APPLICATION_SMIME))
    {
      tmp_pbody = crypt_smime_sign_message(e->content);
      if (!tmp_pbody)
        goto bail;
      pbody = tmp_pbody;
      tmp_smime_pbody = tmp_pbody;
    }

    if (((WithCrypto & APPLICATION_PGP) != 0) && (security & APPLICATION_PGP) &&
        (!(security & (SEC_ENCRYPT | SEC_AUTOCRYPT)) || C_PgpRetainableSigs))
    {
      tmp_pbody = crypt_pgp_sign_message(e->content);
      if (!tmp_pbody)
        goto bail;

      has_retainable_sig = true;
      sign = SEC_NO_FLAGS;
      pbody = tmp_pbody;
      tmp_pgp_pbody = tmp_pbody;
    }

    if ((WithCrypto != 0) && (security & APPLICATION_SMIME) && (security & APPLICATION_PGP))
    {
      /* here comes the draft ;-) */
    }
  }

  if (security & (SEC_ENCRYPT | SEC_AUTOCRYPT))
  {
    if (((WithCrypto & APPLICATION_SMIME) != 0) && (security & APPLICATION_SMIME))
    {
      tmp_pbody = crypt_smime_build_smime_entity(tmp_smime_pbody, keylist);
      if (!tmp_pbody)
      {
        /* signed ? free it! */
        goto bail;
      }
      /* free tmp_body if messages was signed AND encrypted ... */
      if ((tmp_smime_pbody != e->content) && (tmp_smime_pbody != tmp_pbody))
      {
        /* detach and don't delete e->content,
         * which tmp_smime_pbody->parts after signing. */
        tmp_smime_pbody->parts = tmp_smime_pbody->parts->next;
        e->content->next = NULL;
        mutt_body_free(&tmp_smime_pbody);
      }
      pbody = tmp_pbody;
    }

    if (((WithCrypto & APPLICATION_PGP) != 0) && (security & APPLICATION_PGP))
    {
      pbody = crypt_pgp_encrypt_message(e, tmp_pgp_pbody, keylist, sign);
      if (!pbody)
      {
        /* did we perform a retainable signature? */
        if (has_retainable_sig)
        {
          /* remove the outer multipart layer */
          tmp_pgp_pbody = mutt_remove_multipart(tmp_pgp_pbody);
          /* get rid of the signature */
          mutt_body_free(&tmp_pgp_pbody->next);
        }

        goto bail;
      }

      /* destroy temporary signature envelope when doing retainable
       * signatures.

       */
      if (has_retainable_sig)
      {
        tmp_pgp_pbody = mutt_remove_multipart(tmp_pgp_pbody);
        mutt_body_free(&tmp_pgp_pbody->next);
      }
    }
  }

  if (pbody)
  {
    e->content = pbody;
    return 0;
  }

bail:
  mutt_env_free(&e->content->mime_headers);
  return -1;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_is_multipart_signed()

SecurityFlags mutt_is_multipart_signed

(

struct Body *

b

)

Is a message signed?

Parameters

b	Body of email

Return values

num	Message is signed, see SecurityFlags
0	Message is not signed (SEC_NO_FLAGS)

Definition at line 412 of file crypt.c.

{
  if (!b || (b->type != TYPE_MULTIPART) || !b->subtype ||
      (mutt_str_strcasecmp(b->subtype, "signed") != 0))
  {
    return SEC_NO_FLAGS;
  }

  char *p = mutt_param_get(&b->parameter, "protocol");
  if (!p)
    return SEC_NO_FLAGS;

  if (!(mutt_str_strcasecmp(p, "multipart/mixed") != 0))
    return SEC_SIGN;

  if (((WithCrypto & APPLICATION_PGP) != 0) &&
      !(mutt_str_strcasecmp(p, "application/pgp-signature") != 0))
  {
    return PGP_SIGN;
  }

  if (((WithCrypto & APPLICATION_SMIME) != 0) &&
      !(mutt_str_strcasecmp(p, "application/x-pkcs7-signature") != 0))
  {
    return SMIME_SIGN;
  }
  if (((WithCrypto & APPLICATION_SMIME) != 0) &&
      !(mutt_str_strcasecmp(p, "application/pkcs7-signature") != 0))
  {
    return SMIME_SIGN;
  }

  return SEC_NO_FLAGS;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_is_multipart_encrypted()

SecurityFlags mutt_is_multipart_encrypted

(

struct Body *

b

)

Does the message have encrypted parts?

Parameters

b	Body of email

Return values

num	Message has got encrypted parts, see SecurityFlags
0	Message hasn't got encrypted parts (SEC_NO_FLAGS)

Definition at line 453 of file crypt.c.

{
  if ((WithCrypto & APPLICATION_PGP) == 0)
    return SEC_NO_FLAGS;

  char *p = NULL;

  if (!b || (b->type != TYPE_MULTIPART) || !b->subtype ||
      (mutt_str_strcasecmp(b->subtype, "encrypted") != 0) ||
      !(p = mutt_param_get(&b->parameter, "protocol")) ||
      (mutt_str_strcasecmp(p, "application/pgp-encrypted") != 0))
  {
    return SEC_NO_FLAGS;
  }

  return PGP_ENCRYPT;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_is_valid_multipart_pgp_encrypted()

int mutt_is_valid_multipart_pgp_encrypted

(

struct Body *

b

)

Is this a valid multi-part encrypted message?

Parameters

b	Body of email

Return values

>0	Message is valid, with encrypted parts, e.g. PGP_ENCRYPT
0	Message hasn't got encrypted parts

Definition at line 477 of file crypt.c.

{
  if (mutt_is_multipart_encrypted(b) == SEC_NO_FLAGS)
    return 0;

  b = b->parts;
  if (!b || (b->type != TYPE_APPLICATION) || !b->subtype ||
      (mutt_str_strcasecmp(b->subtype, "pgp-encrypted") != 0))
  {
    return 0;
  }

  b = b->next;
  if (!b || (b->type != TYPE_APPLICATION) || !b->subtype ||
      (mutt_str_strcasecmp(b->subtype, "octet-stream") != 0))
  {
    return 0;
  }

  return PGP_ENCRYPT;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_is_malformed_multipart_pgp_encrypted()

SecurityFlags mutt_is_malformed_multipart_pgp_encrypted

(

struct Body *

b

)

Check for malformed layout.

Parameters

b	Body of email

Return values

num	Success, see SecurityFlags
0	Error, (SEC_NO_FLAGS)

This checks for the malformed layout caused by MS Exchange in some cases:

<multipart/mixed>
   <text/plain>
   <application/pgp-encrypted> [BASE64-encoded]
   <application/octet-stream> [BASE64-encoded]

See ticket #3742

Definition at line 515 of file crypt.c.

{
  if (!(WithCrypto & APPLICATION_PGP))
    return SEC_NO_FLAGS;

  if (!b || (b->type != TYPE_MULTIPART) || !b->subtype ||
      (mutt_str_strcasecmp(b->subtype, "mixed") != 0))
  {
    return SEC_NO_FLAGS;
  }

  b = b->parts;
  if (!b || (b->type != TYPE_TEXT) || !b->subtype ||
      (mutt_str_strcasecmp(b->subtype, "plain") != 0) || (b->length != 0))
  {
    return SEC_NO_FLAGS;
  }

  b = b->next;
  if (!b || (b->type != TYPE_APPLICATION) || !b->subtype ||
      (mutt_str_strcasecmp(b->subtype, "pgp-encrypted") != 0))
  {
    return SEC_NO_FLAGS;
  }

  b = b->next;
  if (!b || (b->type != TYPE_APPLICATION) || !b->subtype ||
      (mutt_str_strcasecmp(b->subtype, "octet-stream") != 0))
  {
    return SEC_NO_FLAGS;
  }

  b = b->next;
  if (b)
    return SEC_NO_FLAGS;

  return PGP_ENCRYPT;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_is_application_pgp()

SecurityFlags mutt_is_application_pgp

(

struct Body *

m

)

Does the message use PGP?

Parameters

m	Body of email

Return values

>0	Message uses PGP, e.g. PGP_ENCRYPT
0	Message doesn't use PGP, (SEC_NO_FLAGS)

Definition at line 560 of file crypt.c.

{
  SecurityFlags t = SEC_NO_FLAGS;
  char *p = NULL;

  if (m->type == TYPE_APPLICATION)
  {
    if ((mutt_str_strcasecmp(m->subtype, "pgp") == 0) ||
        (mutt_str_strcasecmp(m->subtype, "x-pgp-message") == 0))
    {
      p = mutt_param_get(&m->parameter, "x-action");
      if (p && ((mutt_str_strcasecmp(p, "sign") == 0) ||
                (mutt_str_strcasecmp(p, "signclear") == 0)))
      {
        t |= PGP_SIGN;
      }

      p = mutt_param_get(&m->parameter, "format");
      if (p && (mutt_str_strcasecmp(p, "keys-only") == 0))
      {
        t |= PGP_KEY;
      }

      if (t == SEC_NO_FLAGS)
        t |= PGP_ENCRYPT; /* not necessarily correct, but... */
    }

    if (mutt_str_strcasecmp(m->subtype, "pgp-signed") == 0)
      t |= PGP_SIGN;

    if (mutt_str_strcasecmp(m->subtype, "pgp-keys") == 0)
      t |= PGP_KEY;
  }
  else if ((m->type == TYPE_TEXT) && (mutt_str_strcasecmp("plain", m->subtype) == 0))
  {
    if (((p = mutt_param_get(&m->parameter, "x-mutt-action")) ||
         (p = mutt_param_get(&m->parameter, "x-action")) ||
         (p = mutt_param_get(&m->parameter, "action"))) &&
        mutt_str_startswith(p, "pgp-sign", CASE_IGNORE))
    {
      t |= PGP_SIGN;
    }
    else if (p && mutt_str_startswith(p, "pgp-encrypt", CASE_IGNORE))
      t |= PGP_ENCRYPT;
    else if (p && mutt_str_startswith(p, "pgp-keys", CASE_IGNORE))
      t |= PGP_KEY;
  }
  if (t)
    t |= PGP_INLINE;

  return t;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_is_application_smime()

SecurityFlags mutt_is_application_smime

(

struct Body *

m

)

Does the message use S/MIME?

Parameters

m	Body of email

Return values

>0	Message uses S/MIME, e.g. SMIME_ENCRYPT
0	Message doesn't use S/MIME, (SEC_NO_FLAGS)

Definition at line 619 of file crypt.c.

{
  if (!m)
    return SEC_NO_FLAGS;

  if (((m->type & TYPE_APPLICATION) == 0) || !m->subtype)
    return SEC_NO_FLAGS;

  char *t = NULL;
  bool complain = false;
  /* S/MIME MIME types don't need x- anymore, see RFC2311 */
  if ((mutt_str_strcasecmp(m->subtype, "x-pkcs7-mime") == 0) ||
      (mutt_str_strcasecmp(m->subtype, "pkcs7-mime") == 0))
  {
    t = mutt_param_get(&m->parameter, "smime-type");
    if (t)
    {
      if (mutt_str_strcasecmp(t, "enveloped-data") == 0)
        return SMIME_ENCRYPT;
      else if (mutt_str_strcasecmp(t, "signed-data") == 0)
        return SMIME_SIGN | SMIME_OPAQUE;
      else
        return SEC_NO_FLAGS;
    }
    /* Netscape 4.7 uses
     * Content-Description: S/MIME Encrypted Message
     * instead of Content-Type parameter */
    if (mutt_str_strcasecmp(m->description, "S/MIME Encrypted Message") == 0)
      return SMIME_ENCRYPT;
    complain = true;
  }
  else if (mutt_str_strcasecmp(m->subtype, "octet-stream") != 0)
    return SEC_NO_FLAGS;

  t = mutt_param_get(&m->parameter, "name");

  if (!t)
    t = m->d_filename;
  if (!t)
    t = m->filename;
  if (!t)
  {
    if (complain)
    {
      mutt_message(
          _("S/MIME messages with no hints on content are unsupported"));
    }
    return SEC_NO_FLAGS;
  }

  /* no .p7c, .p10 support yet. */

  int len = mutt_str_strlen(t) - 4;
  if ((len > 0) && (*(t + len) == '.'))
  {
    len++;
    if (mutt_str_strcasecmp((t + len), "p7m") == 0)
    {
      /* Not sure if this is the correct thing to do, but
       * it's required for compatibility with Outlook */
      return SMIME_SIGN | SMIME_OPAQUE;
    }
    else if (mutt_str_strcasecmp((t + len), "p7s") == 0)
      return SMIME_SIGN | SMIME_OPAQUE;
  }

  return SEC_NO_FLAGS;
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_query()

SecurityFlags crypt_query

(

struct Body *

m

)

Check out the type of encryption used.

Parameters

m	Body of email

Return values

num	Flags, see SecurityFlags
0	Error (SEC_NO_FLAGS)

Set the cached status values if there are any.

Definition at line 696 of file crypt.c.

{
  if (!WithCrypto || !m)
    return SEC_NO_FLAGS;

  SecurityFlags rc = SEC_NO_FLAGS;

  if (m->type == TYPE_APPLICATION)
  {
    if (WithCrypto & APPLICATION_PGP)
      rc |= mutt_is_application_pgp(m);

    if (WithCrypto & APPLICATION_SMIME)
    {
      rc |= mutt_is_application_smime(m);
      if (rc && m->goodsig)
        rc |= SEC_GOODSIGN;
      if (rc && m->badsig)
        rc |= SEC_BADSIGN;
    }
  }
  else if (((WithCrypto & APPLICATION_PGP) != 0) && (m->type == TYPE_TEXT))
  {
    rc |= mutt_is_application_pgp(m);
    if (rc && m->goodsig)
      rc |= SEC_GOODSIGN;
  }

  if (m->type == TYPE_MULTIPART)
  {
    rc |= mutt_is_multipart_encrypted(m);
    rc |= mutt_is_multipart_signed(m);
    rc |= mutt_is_malformed_multipart_pgp_encrypted(m);

    if (rc && m->goodsig)
      rc |= SEC_GOODSIGN;
#ifdef USE_AUTOCRYPT
    if (rc && m->is_autocrypt)
      rc |= SEC_AUTOCRYPT;
#endif
  }

  if ((m->type == TYPE_MULTIPART) || (m->type == TYPE_MESSAGE))
  {
    SecurityFlags u = m->parts ? SEC_ALL_FLAGS : SEC_NO_FLAGS; /* Bits set in all parts */
    SecurityFlags w = SEC_NO_FLAGS; /* Bits set in any part  */

    for (struct Body *b = m->parts; b; b = b->next)
    {
      const SecurityFlags v = crypt_query(b);
      u &= v;
      w |= v;
    }
    rc |= u | (w & ~SEC_GOODSIGN);

    if ((w & SEC_GOODSIGN) && !(u & SEC_GOODSIGN))
      rc |= SEC_PARTSIGN;
  }

  return rc;
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_write_signed()

int crypt_write_signed	(	struct Body *	a,
		struct State *	s,
		const char *	tempfile
	)

Write the message body/part.

Parameters

a	Body to write
s	State to use
tempfile	File to write to

Return values

0	Success
-1	Error

Body/part A described by state S to the given TEMPFILE.

Definition at line 768 of file crypt.c.

{
  if (!WithCrypto)
    return -1;

  FILE *fp = mutt_file_fopen(tempfile, "w");
  if (!fp)
  {
    mutt_perror(tempfile);
    return -1;
  }

  fseeko(s->fp_in, a->hdr_offset, SEEK_SET);
  size_t bytes = a->length + a->offset - a->hdr_offset;
  bool hadcr = false;
  while (bytes > 0)
  {
    const int c = fgetc(s->fp_in);
    if (c == EOF)
      break;

    bytes--;

    if (c == '\r')
      hadcr = true;
    else
    {
      if ((c == '\n') && !hadcr)
        fputc('\r', fp);

      hadcr = false;
    }

    fputc(c, fp);
  }
  mutt_file_fclose(&fp);

  return 0;
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_convert_to_7bit()

void crypt_convert_to_7bit

(

struct Body *

a

)

Convert an email to 7bit encoding.

Parameters

a	Body of email to convert

Definition at line 812 of file crypt.c.

{
  if (!WithCrypto)
    return;

  while (a)
  {
    if (a->type == TYPE_MULTIPART)
    {
      if (a->encoding != ENC_7BIT)
      {
        a->encoding = ENC_7BIT;
        crypt_convert_to_7bit(a->parts);
      }
      else if (((WithCrypto & APPLICATION_PGP) != 0) && C_PgpStrictEnc)
        crypt_convert_to_7bit(a->parts);
    }
    else if ((a->type == TYPE_MESSAGE) &&
             (mutt_str_strcasecmp(a->subtype, "delivery-status") != 0))
    {
      if (a->encoding != ENC_7BIT)
        mutt_message_to_7bit(a, NULL);
    }
    else if (a->encoding == ENC_8BIT)
      a->encoding = ENC_QUOTED_PRINTABLE;
    else if (a->encoding == ENC_BINARY)
      a->encoding = ENC_BASE64;
    else if (a->content && (a->encoding != ENC_BASE64) &&
             (a->content->from || (a->content->space && C_PgpStrictEnc)))
    {
      a->encoding = ENC_QUOTED_PRINTABLE;
    }
    a = a->next;
  }
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_extract_keys_from_messages()

void crypt_extract_keys_from_messages	(	struct Mailbox *	m,
		struct EmailList *	el
	)

Extract keys from a message.

Parameters

m	Mailbox
el	List of Emails to process

The extracted keys will be added to the user's keyring.

Definition at line 855 of file crypt.c.

{
  if (!WithCrypto)
    return;

  char tempfname[PATH_MAX];

  mutt_mktemp(tempfname, sizeof(tempfname));
  FILE *fp_out = mutt_file_fopen(tempfname, "w");
  if (!fp_out)
  {
    mutt_perror(tempfname);
    return;
  }

  if (WithCrypto & APPLICATION_PGP)
    OptDontHandlePgpKeys = true;

  struct EmailNode *en = NULL;
  STAILQ_FOREACH(en, el, entries)
  {
    struct Email *e = en->email;

    mutt_parse_mime_message(m, e);
    if (e->security & SEC_ENCRYPT && !crypt_valid_passphrase(e->security))
    {
      mutt_file_fclose(&fp_out);
      break;
    }

    if (((WithCrypto & APPLICATION_PGP) != 0) && (e->security & APPLICATION_PGP))
    {
      mutt_copy_message(fp_out, m, e, MUTT_CM_DECODE | MUTT_CM_CHARCONV, CH_NO_FLAGS);
      fflush(fp_out);

      mutt_endwin();
      puts(_("Trying to extract PGP keys...\n"));
      crypt_pgp_invoke_import(tempfname);
    }

    if (((WithCrypto & APPLICATION_SMIME) != 0) && (e->security & APPLICATION_SMIME))
    {
      if (e->security & SEC_ENCRYPT)
      {
        mutt_copy_message(fp_out, m, e, MUTT_CM_NOHEADER | MUTT_CM_DECODE_CRYPT | MUTT_CM_DECODE_SMIME,
                          CH_NO_FLAGS);
      }
      else
        mutt_copy_message(fp_out, m, e, MUTT_CM_NO_FLAGS, CH_NO_FLAGS);
      fflush(fp_out);

      char *mbox = NULL;
      if (!TAILQ_EMPTY(&e->env->from))
      {
        mutt_expand_aliases(&e->env->from);
        mbox = TAILQ_FIRST(&e->env->from)->mailbox;
      }
      else if (!TAILQ_EMPTY(&e->env->sender))
      {
        mutt_expand_aliases(&e->env->sender);
        mbox = TAILQ_FIRST(&e->env->sender)->mailbox;
      }
      if (mbox)
      {
        mutt_endwin();
        puts(_("Trying to extract S/MIME certificates..."));
        crypt_smime_invoke_import(tempfname, mbox);
      }
    }

    rewind(fp_out);
  }

  mutt_file_fclose(&fp_out);
  if (isendwin())
    mutt_any_key_to_continue(NULL);

  mutt_file_unlink(tempfname);

  if (WithCrypto & APPLICATION_PGP)
    OptDontHandlePgpKeys = false;
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_get_keys()

int crypt_get_keys	(	struct Email *	e,
		char **	keylist,
		bool	oppenc_mode
	)

Check we have all the keys we need.

Parameters

[in]	e	Email with addresses to match
[out]	keylist	Keys needed
[in]	oppenc_mode	If true, use opportunistic encryption

Return values

0	Success
-1	Error

Do a quick check to make sure that we can find all of the encryption keys if the user has requested this service. Return the list of keys in KEYLIST. If oppenc_mode is true, only keys that can be determined without prompting will be used.

Definition at line 952 of file crypt.c.

{
  if (!WithCrypto)
    return 0;

  struct AddressList addrlist = TAILQ_HEAD_INITIALIZER(addrlist);
  const char *fqdn = mutt_fqdn(true);
  char *self_encrypt = NULL;

  /* Do a quick check to make sure that we can find all of the encryption
   * keys if the user has requested this service.  */

  *keylist = NULL;

#ifdef USE_AUTOCRYPT
  if (!oppenc_mode && (e->security & SEC_AUTOCRYPT))
  {
    if (mutt_autocrypt_ui_recommendation(e, keylist) <= AUTOCRYPT_REC_NO)
      return -1;
    return 0;
  }
#endif

  if (WithCrypto & APPLICATION_PGP)
    OptPgpCheckTrust = true;

  mutt_addrlist_copy(&addrlist, &e->env->to, false);
  mutt_addrlist_copy(&addrlist, &e->env->cc, false);
  mutt_addrlist_copy(&addrlist, &e->env->bcc, false);
  mutt_addrlist_qualify(&addrlist, fqdn);
  mutt_addrlist_dedupe(&addrlist);

  if (oppenc_mode || (e->security & SEC_ENCRYPT))
  {
    if (((WithCrypto & APPLICATION_PGP) != 0) && (e->security & APPLICATION_PGP))
    {
      *keylist = crypt_pgp_find_keys(&addrlist, oppenc_mode);
      if (!*keylist)
      {
        mutt_addrlist_clear(&addrlist);
        return -1;
      }
      OptPgpCheckTrust = false;
      if (C_PgpSelfEncrypt || (C_PgpEncryptSelf == MUTT_YES))
        self_encrypt = C_PgpDefaultKey;
    }
    if (((WithCrypto & APPLICATION_SMIME) != 0) && (e->security & APPLICATION_SMIME))
    {
      *keylist = crypt_smime_find_keys(&addrlist, oppenc_mode);
      if (!*keylist)
      {
        mutt_addrlist_clear(&addrlist);
        return -1;
      }
      if (C_SmimeSelfEncrypt || (C_SmimeEncryptSelf == MUTT_YES))
        self_encrypt = C_SmimeDefaultKey;
    }
  }

  if (!oppenc_mode && self_encrypt)
  {
    const size_t keylist_size = mutt_str_strlen(*keylist);
    mutt_mem_realloc(keylist, keylist_size + mutt_str_strlen(self_encrypt) + 2);
    sprintf(*keylist + keylist_size, " %s", self_encrypt);
  }

  mutt_addrlist_clear(&addrlist);

  return 0;
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_opportunistic_encrypt()

void crypt_opportunistic_encrypt

(

struct Email *

e

)

Can all recipients be determined.

Parameters

e

Email

Check if all recipients keys can be automatically determined. Enable encryption if they can, otherwise disable encryption.

Definition at line 1030 of file crypt.c.

{
  if (!WithCrypto)
    return;

  if (!(C_CryptOpportunisticEncrypt && (e->security & SEC_OPPENCRYPT)))
    return;

  char *pgpkeylist = NULL;

  crypt_get_keys(e, &pgpkeylist, 1);
  if (pgpkeylist)
  {
    e->security |= SEC_ENCRYPT;
    FREE(&pgpkeylist);
  }
  else
  {
    e->security &= ~SEC_ENCRYPT;
  }
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_fetch_signatures()

static void crypt_fetch_signatures ( struct Body ***  signatures, struct Body *  a, int *  n  )

static

Create an array of an emails parts.

Parameters

[out]	signatures	Array of Body parts
[in]	a	Body part to examine
[out]	n	Cumulative count of parts

Definition at line 1058 of file crypt.c.

{
  if (!WithCrypto)
    return;

  for (; a; a = a->next)
  {
    if (a->type == TYPE_MULTIPART)
      crypt_fetch_signatures(signatures, a->parts, n);
    else
    {
      if ((*n % 5) == 0)
        mutt_mem_realloc(signatures, (*n + 6) * sizeof(struct Body **));

      (*signatures)[(*n)++] = a;
    }
  }
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_should_hide_protected_subject()

bool mutt_should_hide_protected_subject

(

struct Email *

e

)

Should NeoMutt hide the protected subject?

Parameters

e	Email to test

Return values

bool	True if the subject should be protected

Definition at line 1082 of file crypt.c.

{
  if (C_CryptProtectedHeadersWrite && (e->security & (SEC_ENCRYPT | SEC_AUTOCRYPT)) &&
      !(e->security & SEC_INLINE) && C_CryptProtectedHeadersSubject)
  {
    return true;
  }

  return false;
}

Here is the caller graph for this function:

mutt_protected_headers_handler()

int mutt_protected_headers_handler	(	struct Body *	a,
		struct State *	s
	)

Process a protected header - Implements handler_t.

Definition at line 1096 of file crypt.c.

{
  if (C_CryptProtectedHeadersRead && a->mime_headers)
  {
    if (a->mime_headers->subject)
    {
      if ((s->flags & MUTT_DISPLAY) && C_Weed && mutt_matches_ignore("subject"))
        return 0;

      state_mark_protected_header(s);
      mutt_write_one_header(s->fp_out, "Subject", a->mime_headers->subject, s->prefix,
                            mutt_window_wrap_cols(MuttIndexWindow->cols, C_Wrap),
                            (s->flags & MUTT_DISPLAY) ? CH_DISPLAY : CH_NO_FLAGS);
      state_puts("\n", s);
    }
  }

  return 0;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_signed_handler()

int mutt_signed_handler	(	struct Body *	a,
		struct State *	s
	)

Verify a "multipart/signed" body - Implements handler_t.

Definition at line 1119 of file crypt.c.

{
  if (!WithCrypto)
    return -1;

  bool inconsistent = false;
  struct Body *b = a;
  struct Body **signatures = NULL;
  int sigcnt = 0;
  int rc = 0;

  a = a->parts;
  SecurityFlags signed_type = mutt_is_multipart_signed(b);
  if (signed_type == SEC_NO_FLAGS)
  {
    /* A null protocol value is already checked for in mutt_body_handler() */
    state_printf(s,
                 _("[-- Error: "
                   "Unknown multipart/signed protocol %s --]\n\n"),
                 mutt_param_get(&b->parameter, "protocol"));
    return mutt_body_handler(a, s);
  }

  if (!(a && a->next))
    inconsistent = true;
  else
  {
    switch (signed_type)
    {
      case SEC_SIGN:
        if ((a->next->type != TYPE_MULTIPART) ||
            (mutt_str_strcasecmp(a->next->subtype, "mixed") != 0))
        {
          inconsistent = true;
        }
        break;
      case PGP_SIGN:
        if ((a->next->type != TYPE_APPLICATION) ||
            (mutt_str_strcasecmp(a->next->subtype, "pgp-signature") != 0))
        {
          inconsistent = true;
        }
        break;
      case SMIME_SIGN:
        if ((a->next->type != TYPE_APPLICATION) ||
            ((mutt_str_strcasecmp(a->next->subtype, "x-pkcs7-signature") != 0) &&
             (mutt_str_strcasecmp(a->next->subtype, "pkcs7-signature") != 0)))
        {
          inconsistent = true;
        }
        break;
      default:
        inconsistent = true;
    }
  }
  if (inconsistent)
  {
    state_attach_puts(_("[-- Error: "
                        "Missing or bad-format multipart/signed signature"
                        " --]\n\n"),
                      s);
    return mutt_body_handler(a, s);
  }

  if (s->flags & MUTT_DISPLAY)
  {
    crypt_fetch_signatures(&signatures, a->next, &sigcnt);

    if (sigcnt != 0)
    {
      char tempfile[PATH_MAX];
      mutt_mktemp(tempfile, sizeof(tempfile));
      bool goodsig = true;
      if (crypt_write_signed(a, s, tempfile) == 0)
      {
        for (int i = 0; i < sigcnt; i++)
        {
          if (((WithCrypto & APPLICATION_PGP) != 0) &&
              (signatures[i]->type == TYPE_APPLICATION) &&
              (mutt_str_strcasecmp(signatures[i]->subtype, "pgp-signature") == 0))
          {
            if (crypt_pgp_verify_one(signatures[i], s, tempfile) != 0)
              goodsig = false;

            continue;
          }

          if (((WithCrypto & APPLICATION_SMIME) != 0) &&
              (signatures[i]->type == TYPE_APPLICATION) &&
              ((mutt_str_strcasecmp(signatures[i]->subtype,
                                    "x-pkcs7-signature") == 0) ||
               (mutt_str_strcasecmp(signatures[i]->subtype,
                                    "pkcs7-signature") == 0)))
          {
            if (crypt_smime_verify_one(signatures[i], s, tempfile) != 0)
              goodsig = false;

            continue;
          }

          state_printf(s,
                       _("[-- Warning: "
                         "We can't verify %s/%s signatures. --]\n\n"),
                       TYPE(signatures[i]), signatures[i]->subtype);
        }
      }

      mutt_file_unlink(tempfile);

      b->goodsig = goodsig;
      b->badsig = !goodsig;

      /* Now display the signed body */
      state_attach_puts(_("[-- The following data is signed --]\n\n"), s);

      mutt_protected_headers_handler(a, s);

      FREE(&signatures);
    }
    else
      state_attach_puts(_("[-- Warning: Can't find any signatures. --]\n\n"), s);
  }

  rc = mutt_body_handler(a, s);

  if ((s->flags & MUTT_DISPLAY) && (sigcnt != 0))
    state_attach_puts(_("\n[-- End of signed data --]\n"), s);

  return rc;
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_get_fingerprint_or_id()

const char* crypt_get_fingerprint_or_id	(	const char *	p,
		const char **	pphint,
		const char **	ppl,
		const char **	pps
	)

Get the fingerprint or long key ID.

Parameters

[in]	p	String to examine
[out]	pphint	Start of string to be passed to pgp_add_string_to_hints() or crypt_add_string_to_hints()
[out]	ppl	Start of long key ID if detected, else NULL
[out]	pps	Start of short key ID if detected, else NULL

Return values

ptr	Copy of fingerprint, if any, stripped of all spaces. Must be FREE'd by caller
NULL	Otherwise

Obtain pointers to fingerprint or short or long key ID, if any.

Upon return, at most one of return, *ppl and *pps pointers is non-NULL, indicating the longest fingerprint or ID found, if any.

Definition at line 1264 of file crypt.c.

{
  const char *ps = NULL, *pl = NULL, *phint = NULL;
  char *pfcopy = NULL, *s1 = NULL, *s2 = NULL;
  char c;
  int isid;
  size_t hexdigits;

  /* User input may be partial name, fingerprint or short or long key ID,
   * independent of C_PgpLongIds.
   * Fingerprint without spaces is 40 hex digits (SHA-1) or 32 hex digits (MD5).
   * Strip leading "0x" for key ID detection and prepare pl and ps to indicate
   * if an ID was found and to simplify logic in the key loop's inner
   * condition of the caller. */

  char *pf = mutt_str_skip_whitespace(p);
  if (mutt_str_startswith(pf, "0x", CASE_IGNORE))
    pf += 2;

  /* Check if a fingerprint is given, must be hex digits only, blanks
   * separating groups of 4 hex digits are allowed. Also pre-check for ID. */
  isid = 2; /* unknown */
  hexdigits = 0;
  s1 = pf;
  do
  {
    c = *(s1++);
    if ((('0' <= c) && (c <= '9')) || (('A' <= c) && (c <= 'F')) ||
        (('a' <= c) && (c <= 'f')))
    {
      hexdigits++;
      if (isid == 2)
        isid = 1; /* it is an ID so far */
    }
    else if (c)
    {
      isid = 0; /* not an ID */
      if ((c == ' ') && ((hexdigits % 4) == 0))
        ; /* skip blank before or after 4 hex digits */
      else
        break; /* any other character or position */
    }
  } while (c);

  /* If at end of input, check for correct fingerprint length and copy if. */
  pfcopy = (!c && ((hexdigits == 40) || (hexdigits == 32)) ? mutt_str_strdup(pf) : NULL);

  if (pfcopy)
  {
    /* Use pfcopy to strip all spaces from fingerprint and as hint. */
    s1 = pfcopy;
    s2 = pfcopy;
    do
    {
      *(s1++) = *(s2 = mutt_str_skip_whitespace(s2));
    } while (*(s2++));

    phint = pfcopy;
    ps = NULL;
    pl = NULL;
  }
  else
  {
    phint = p;
    ps = NULL;
    pl = NULL;
    if (isid == 1)
    {
      if (mutt_str_strlen(pf) == 16)
        pl = pf; /* long key ID */
      else if (mutt_str_strlen(pf) == 8)
        ps = pf; /* short key ID */
    }
  }

  *pphint = phint;
  *ppl = pl;
  *pps = ps;
  return pfcopy;
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_is_numerical_keyid()

bool crypt_is_numerical_keyid

(

const char *

s

)

Is this a numerical keyid.

Parameters

s	Key to test

Return values

true	If keyid is numeric

Check if a crypt-hook value is a key id.

Definition at line 1353 of file crypt.c.

{
  /* or should we require the "0x"? */
  if (strncmp(s, "0x", 2) == 0)
    s += 2;
  if (strlen(s) % 8)
    return false;
  while (*s)
    if (!strchr("0123456789ABCDEFabcdef", *s++))
      return false;

  return true;
}

Here is the caller graph for this function:

Variable Documentation

C_CryptTimestamp

bool C_CryptTimestamp

Config: Add a timestamp to PGP or SMIME output to prevent spoofing.

Definition at line 65 of file crypt.c.

C_PgpEncryptSelf

unsigned char C_PgpEncryptSelf

Deprecated, see C_PgpSelfEncrypt.

Definition at line 69 of file crypt.c.

C_PgpMimeAuto

unsigned char C_PgpMimeAuto

Config: Prompt the user to use MIME if inline PGP fails.

Definition at line 70 of file crypt.c.

C_PgpRetainableSigs

bool C_PgpRetainableSigs

Config: Create nested multipart/signed or encrypted messages.

Definition at line 71 of file crypt.c.

C_PgpSelfEncrypt

bool C_PgpSelfEncrypt

Config: Encrypted messages will also be encrypted to C_PgpDefaultKey too.

Definition at line 72 of file crypt.c.

C_PgpStrictEnc

bool C_PgpStrictEnc

Config: Encode PGP signed messages with quoted-printable (don't unset)

Definition at line 73 of file crypt.c.

C_SmimeEncryptSelf

unsigned char C_SmimeEncryptSelf

Deprecated, see C_SmimeSelfEncrypt.

Definition at line 74 of file crypt.c.

C_SmimeSelfEncrypt

bool C_SmimeSelfEncrypt

Config: Encrypted messages will also be encrypt to C_SmimeDefaultKey too.

Definition at line 75 of file crypt.c.