API for encryption/signing of emails. More...
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
Go to the source code of this file.
Macros | |
#define | SEC_NO_FLAGS 0 |
No flags are set. More... | |
#define | SEC_ENCRYPT (1 << 0) |
Email is encrypted. More... | |
#define | SEC_SIGN (1 << 1) |
Email is signed. More... | |
#define | SEC_GOODSIGN (1 << 2) |
Email has a valid signature. More... | |
#define | SEC_BADSIGN (1 << 3) |
Email has a bad signature. More... | |
#define | SEC_PARTSIGN (1 << 4) |
Not all parts of the email is signed. More... | |
#define | SEC_SIGNOPAQUE (1 << 5) |
Email has an opaque signature (encrypted) More... | |
#define | SEC_KEYBLOCK (1 << 6) |
Email has a key attached. More... | |
#define | SEC_INLINE (1 << 7) |
Email has an inline signature. More... | |
#define | SEC_OPPENCRYPT (1 << 8) |
Opportunistic encrypt mode. More... | |
#define | SEC_AUTOCRYPT (1 << 9) |
(Autocrypt) Message will be, or was Autocrypt encrypt+signed More... | |
#define | SEC_AUTOCRYPT_OVERRIDE (1 << 10) |
(Autocrypt) Indicates manual set/unset of encryption More... | |
#define | APPLICATION_PGP (1 << 11) |
Use PGP to encrypt/sign. More... | |
#define | APPLICATION_SMIME (1 << 12) |
Use SMIME to encrypt/sign. More... | |
#define | PGP_TRADITIONAL_CHECKED (1 << 13) |
Email has a traditional (inline) signature. More... | |
#define | SEC_ALL_FLAGS ((1 << 14) - 1) |
#define | PGP_ENCRYPT (APPLICATION_PGP | SEC_ENCRYPT) |
#define | PGP_SIGN (APPLICATION_PGP | SEC_SIGN) |
#define | PGP_GOODSIGN (APPLICATION_PGP | SEC_GOODSIGN) |
#define | PGP_KEY (APPLICATION_PGP | SEC_KEYBLOCK) |
#define | PGP_INLINE (APPLICATION_PGP | SEC_INLINE) |
#define | SMIME_ENCRYPT (APPLICATION_SMIME | SEC_ENCRYPT) |
#define | SMIME_SIGN (APPLICATION_SMIME | SEC_SIGN) |
#define | SMIME_GOODSIGN (APPLICATION_SMIME | SEC_GOODSIGN) |
#define | SMIME_BADSIGN (APPLICATION_SMIME | SEC_BADSIGN) |
#define | SMIME_OPAQUE (APPLICATION_SMIME | SEC_SIGNOPAQUE) |
#define | WithCrypto (APPLICATION_PGP | APPLICATION_SMIME) |
#define | KEYFLAG_NO_FLAGS 0 |
No flags are set. More... | |
#define | KEYFLAG_CANSIGN (1 << 0) |
Key is suitable for signing. More... | |
#define | KEYFLAG_CANENCRYPT (1 << 1) |
Key is suitable for encryption. More... | |
#define | KEYFLAG_ISX509 (1 << 2) |
Key is an X.509 key. More... | |
#define | KEYFLAG_SECRET (1 << 7) |
Key is a secret key. More... | |
#define | KEYFLAG_EXPIRED (1 << 8) |
Key is expired. More... | |
#define | KEYFLAG_REVOKED (1 << 9) |
Key is revoked. More... | |
#define | KEYFLAG_DISABLED (1 << 10) |
Key is marked disabled. More... | |
#define | KEYFLAG_SUBKEY (1 << 11) |
Key is a subkey. More... | |
#define | KEYFLAG_CRITICAL (1 << 12) |
Key is marked critical. More... | |
#define | KEYFLAG_PREFER_ENCRYPTION (1 << 13) |
Key's owner prefers encryption. More... | |
#define | KEYFLAG_PREFER_SIGNING (1 << 14) |
Key's owner prefers signing. More... | |
#define | KEYFLAG_CANTUSE (KEYFLAG_DISABLED | KEYFLAG_REVOKED | KEYFLAG_EXPIRED) |
#define | KEYFLAG_RESTRICTIONS (KEYFLAG_CANTUSE | KEYFLAG_CRITICAL) |
#define | KEYFLAG_ABILITIES (KEYFLAG_CANSIGN | KEYFLAG_CANENCRYPT | KEYFLAG_PREFER_ENCRYPTION | KEYFLAG_PREFER_SIGNING) |
Typedefs | |
typedef uint16_t | SecurityFlags |
Flags, e.g. SEC_ENCRYPT. More... | |
typedef uint16_t | KeyFlags |
Flags describing PGP/SMIME keys, e.g. KEYFLAG_CANSIGN. More... | |
Variables | |
bool | C_CryptOpportunisticEncrypt |
Config: Enable encryption when the recipient's key is available. More... | |
bool | C_CryptProtectedHeadersRead |
Config: Display protected headers (Memory Hole) in the pager. More... | |
bool | C_CryptProtectedHeadersSave |
Config: Save the cleartext Subject with the headers. More... | |
unsigned char | C_CryptVerifySig |
Config: Verify PGP or SMIME signatures. More... | |
bool | C_PgpAutoDecode |
Config: Automatically decrypt PGP messages. More... | |
char * | C_PgpSignAs |
Config: Use this alternative key for signing messages. More... | |
char * | C_SmimeEncryptWith |
Config: Algorithm for encryption. More... | |
bool | C_SmimeIsDefault |
Config: Use SMIME rather than PGP by default. More... | |
char * | C_SmimeSignAs |
Config: Use this alternative key for signing messages. More... | |
API for encryption/signing of emails.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.
Definition in file lib.h.
#define SEC_PARTSIGN (1 << 4) |
#define SEC_SIGNOPAQUE (1 << 5) |
#define SEC_AUTOCRYPT (1 << 9) |
#define SEC_AUTOCRYPT_OVERRIDE (1 << 10) |
#define PGP_TRADITIONAL_CHECKED (1 << 13) |
#define PGP_ENCRYPT (APPLICATION_PGP | SEC_ENCRYPT) |
#define PGP_SIGN (APPLICATION_PGP | SEC_SIGN) |
#define PGP_GOODSIGN (APPLICATION_PGP | SEC_GOODSIGN) |
#define PGP_KEY (APPLICATION_PGP | SEC_KEYBLOCK) |
#define PGP_INLINE (APPLICATION_PGP | SEC_INLINE) |
#define SMIME_ENCRYPT (APPLICATION_SMIME | SEC_ENCRYPT) |
#define SMIME_SIGN (APPLICATION_SMIME | SEC_SIGN) |
#define SMIME_GOODSIGN (APPLICATION_SMIME | SEC_GOODSIGN) |
#define SMIME_BADSIGN (APPLICATION_SMIME | SEC_BADSIGN) |
#define SMIME_OPAQUE (APPLICATION_SMIME | SEC_SIGNOPAQUE) |
#define WithCrypto (APPLICATION_PGP | APPLICATION_SMIME) |
#define KEYFLAG_CANENCRYPT (1 << 1) |
#define KEYFLAG_PREFER_ENCRYPTION (1 << 13) |
#define KEYFLAG_PREFER_SIGNING (1 << 14) |
#define KEYFLAG_CANTUSE (KEYFLAG_DISABLED | KEYFLAG_REVOKED | KEYFLAG_EXPIRED) |
#define KEYFLAG_RESTRICTIONS (KEYFLAG_CANTUSE | KEYFLAG_CRITICAL) |
#define KEYFLAG_ABILITIES (KEYFLAG_CANSIGN | KEYFLAG_CANENCRYPT | KEYFLAG_PREFER_ENCRYPTION | KEYFLAG_PREFER_SIGNING) |
typedef uint16_t SecurityFlags |
Flags, e.g. SEC_ENCRYPT.
typedef uint16_t KeyFlags |
Flags describing PGP/SMIME keys, e.g. KEYFLAG_CANSIGN.
void crypt_extract_keys_from_messages | ( | struct Mailbox * | m, |
struct EmailList * | el | ||
) |
Extract keys from a message.
m | Mailbox |
el | List of Emails to process |
The extracted keys will be added to the user's keyring.
Definition at line 844 of file crypt.c.
void crypt_forget_passphrase | ( | void | ) |
Forget a passphrase and display a message.
Definition at line 92 of file crypt.c.
int crypt_get_keys | ( | struct Email * | e, |
char ** | keylist, | ||
bool | oppenc_mode | ||
) |
Check we have all the keys we need.
[in] | e | Email with addresses to match |
[out] | keylist | Keys needed |
[in] | oppenc_mode | If true, use opportunistic encryption |
0 | Success |
-1 | Error |
Do a quick check to make sure that we can find all of the encryption keys if the user has requested this service. Return the list of keys in KEYLIST. If oppenc_mode is true, only keys that can be determined without prompting will be used.
Definition at line 943 of file crypt.c.
void crypt_opportunistic_encrypt | ( | struct Email * | e | ) |
Can all recipients be determined.
e |
Check if all recipients keys can be automatically determined. Enable encryption if they can, otherwise disable encryption.
Definition at line 1021 of file crypt.c.
SecurityFlags crypt_query | ( | struct Body * | m | ) |
Check out the type of encryption used.
m | Body of email |
num | Flags, see SecurityFlags |
0 | Error (SEC_NO_FLAGS) |
Set the cached status values if there are any.
Definition at line 685 of file crypt.c.
bool crypt_valid_passphrase | ( | SecurityFlags | flags | ) |
Check that we have a usable passphrase, ask if not.
flags | Flags, see SecurityFlags |
true | Success |
false | Failed |
Definition at line 134 of file crypt.c.
SecurityFlags mutt_is_application_pgp | ( | struct Body * | m | ) |
Does the message use PGP?
m | Body of email |
>0 | Message uses PGP, e.g. PGP_ENCRYPT |
0 | Message doesn't use PGP, (SEC_NO_FLAGS) |
Definition at line 552 of file crypt.c.
SecurityFlags mutt_is_application_smime | ( | struct Body * | m | ) |
Does the message use S/MIME?
m | Body of email |
>0 | Message uses S/MIME, e.g. SMIME_ENCRYPT |
0 | Message doesn't use S/MIME, (SEC_NO_FLAGS) |
Definition at line 610 of file crypt.c.
SecurityFlags mutt_is_malformed_multipart_pgp_encrypted | ( | struct Body * | b | ) |
Check for malformed layout.
b | Body of email |
num | Success, see SecurityFlags |
0 | Error, (SEC_NO_FLAGS) |
This checks for the malformed layout caused by MS Exchange in some cases:
Definition at line 508 of file crypt.c.
SecurityFlags mutt_is_multipart_encrypted | ( | struct Body * | b | ) |
Does the message have encrypted parts?
b | Body of email |
num | Message has got encrypted parts, see SecurityFlags |
0 | Message hasn't got encrypted parts (SEC_NO_FLAGS) |
Definition at line 447 of file crypt.c.
SecurityFlags mutt_is_multipart_signed | ( | struct Body * | b | ) |
Is a message signed?
b | Body of email |
num | Message is signed, see SecurityFlags |
0 | Message is not signed (SEC_NO_FLAGS) |
Definition at line 407 of file crypt.c.
int mutt_is_valid_multipart_pgp_encrypted | ( | struct Body * | b | ) |
Is this a valid multi-part encrypted message?
b | Body of email |
>0 | Message is valid, with encrypted parts, e.g. PGP_ENCRYPT |
0 | Message hasn't got encrypted parts |
Definition at line 471 of file crypt.c.
int mutt_protect | ( | struct Email * | e, |
char * | keylist, | ||
bool | postpone | ||
) |
Encrypt and/or sign a message.
e | |
keylist | List of keys to encrypt to (space-separated) |
postpone | When true, signing is automatically disabled |
0 | Success |
-1 | Error |
Definition at line 159 of file crypt.c.
Process a protected header - Implements handler_t.
Definition at line 1087 of file crypt.c.
bool mutt_should_hide_protected_subject | ( | struct Email * | e | ) |
Should NeoMutt hide the protected subject?
e | Email to test |
bool | True if the subject should be protected |
Definition at line 1073 of file crypt.c.
Verify a "multipart/signed" body - Implements handler_t.
Definition at line 1113 of file crypt.c.
void crypt_cleanup | ( | void | ) |
Clean up backend.
Definition at line 138 of file cryptglue.c.
bool crypt_has_module_backend | ( | SecurityFlags | type | ) |
Is there a crypto backend for a given type?
type | Crypto type, see SecurityFlags |
true | Backend is present |
false | Backend is not present |
Definition at line 167 of file cryptglue.c.
void crypt_init | ( | void | ) |
Initialise the crypto backends.
This calls CryptModuleSpecs::init()
Definition at line 93 of file cryptglue.c.
void crypt_invoke_message | ( | SecurityFlags | type | ) |
Display an informative message.
type | Crypto type, see SecurityFlags |
Show a message that a backend will be invoked.
Definition at line 153 of file cryptglue.c.
Wrapper for CryptModuleSpecs::application_handler()
Implements handler_t
Definition at line 234 of file cryptglue.c.
int crypt_pgp_check_traditional | ( | FILE * | fp, |
struct Body * | b, | ||
bool | just_one | ||
) |
Wrapper for CryptModuleSpecs::pgp_check_traditional()
Definition at line 281 of file cryptglue.c.
Wrapper for CryptModuleSpecs::decrypt_mime()
Definition at line 207 of file cryptglue.c.
Wrapper for CryptModuleSpecs::encrypted_handler()
Implements handler_t
Definition at line 247 of file cryptglue.c.
void crypt_pgp_extract_key_from_attachment | ( | FILE * | fp, |
struct Body * | top | ||
) |
Wrapper for CryptModuleSpecs::pgp_extract_key_from_attachment()
Definition at line 393 of file cryptglue.c.
void crypt_pgp_invoke_getkeys | ( | struct Address * | addr | ) |
Wrapper for CryptModuleSpecs::pgp_invoke_getkeys()
Definition at line 272 of file cryptglue.c.
struct Body* crypt_pgp_make_key_attachment | ( | void | ) |
Wrapper for CryptModuleSpecs::pgp_make_key_attachment()
Definition at line 303 of file cryptglue.c.
int crypt_pgp_send_menu | ( | struct Email * | e | ) |
Wrapper for CryptModuleSpecs::send_menu()
Definition at line 382 of file cryptglue.c.
Wrapper for CryptModuleSpecs::application_handler()
Implements handler_t
Definition at line 444 of file cryptglue.c.
Wrapper for CryptModuleSpecs::decrypt_mime()
Definition at line 431 of file cryptglue.c.
void crypt_smime_getkeys | ( | struct Envelope * | env | ) |
Wrapper for CryptModuleSpecs::smime_getkeys()
Definition at line 455 of file cryptglue.c.
int crypt_smime_send_menu | ( | struct Email * | e | ) |
Wrapper for CryptModuleSpecs::send_menu()
Definition at line 528 of file cryptglue.c.
Wrapper for CryptModuleSpecs::smime_verify_sender()
Definition at line 464 of file cryptglue.c.
void crypto_module_free | ( | void | ) |
Clean up the crypto modules.
Definition at line 81 of file crypt_mod.c.
void pgp_gpgme_init | ( | void | ) |
Implements CryptModuleSpecs::init()
Definition at line 4130 of file crypt_gpgme.c.
int mutt_gpgme_select_secret_key | ( | struct Buffer * | keyid | ) |
Select a private Autocrypt key for a new account.
keyid | Autocrypt Key id |
0 | Success |
-1 | Error |
Unfortunately, the internal ncrypt/crypt_gpgme.c functions use CryptKeyInfo, and so aren't exportable.
This function queries all private keys, provides the crypt_select_keys() menu, and returns the selected key fingerprint in keyid.
Definition at line 3942 of file crypt_gpgme.c.
const char* mutt_gpgme_print_version | ( | void | ) |
Get version of GPGME.
ptr | GPGME version string |
Definition at line 4425 of file crypt_gpgme.c.
bool C_CryptOpportunisticEncrypt |
bool C_CryptProtectedHeadersRead |
bool C_CryptProtectedHeadersSave |
unsigned char C_CryptVerifySig |
bool C_PgpAutoDecode |
char* C_PgpSignAs |
bool C_SmimeIsDefault |