NeoMutt  2025-12-11-872-g385a04
Teaching an old dog new tricks
 		DOXYGEN
Loading...
Searching...
No Matches
Functions
sign_message()
Crypto API

Cryptographically sign the Body of a message. More...

+ Collaboration diagram for sign_message():

Functions

struct Bodypgp_gpgme_sign_message (struct Body *b, const struct AddressList *from)
 Cryptographically sign the Body of a message - Implements CryptModuleSpecs::sign_message() -.
 
struct Bodysmime_gpgme_sign_message (struct Body *b, const struct AddressList *from)
 Cryptographically sign the Body of a message - Implements CryptModuleSpecs::sign_message() -.
 
struct Bodypgp_class_sign_message (struct Body *b, const struct AddressList *from)
 Cryptographically sign the Body of a message - Implements CryptModuleSpecs::sign_message() -.
 
struct Bodysmime_class_sign_message (struct Body *b, const struct AddressList *from)
 Cryptographically sign the Body of a message - Implements CryptModuleSpecs::sign_message() -.
 

Detailed Description

Cryptographically sign the Body of a message.

Parameters
bBody of the message
fromFrom line
Return values
ptrNew encrypted Body
NULLError

Function Documentation

◆ pgp_gpgme_sign_message()

struct Body * pgp_gpgme_sign_message ( struct Body * b,
const struct AddressList * from )

Cryptographically sign the Body of a message - Implements CryptModuleSpecs::sign_message() -.

Definition at line 1032 of file crypt_gpgme.c.

1033{
1034 return sign_message(b, from, false);
1035}
sign_message
static struct Body * sign_message(struct Body *b, const struct AddressList *from, bool use_smime)
Sign a message.
Definition crypt_gpgme.c:911
+ Here is the call graph for this function:

◆ smime_gpgme_sign_message()

struct Body * smime_gpgme_sign_message ( struct Body * b,
const struct AddressList * from )

Cryptographically sign the Body of a message - Implements CryptModuleSpecs::sign_message() -.

Definition at line 1040 of file crypt_gpgme.c.

1041{
1042 return sign_message(b, from, true);
1043}
+ Here is the call graph for this function:

◆ pgp_class_sign_message()

struct Body * pgp_class_sign_message ( struct Body * b,
const struct AddressList * from )

Cryptographically sign the Body of a message - Implements CryptModuleSpecs::sign_message() -.

Definition at line 1330 of file pgp.c.

1331{
1332 struct NcryptModuleData *mod_data = neomutt_get_module_data(NeoMutt, MODULE_ID_NCRYPT);
1333 struct Body *b_enc = NULL, *rv = NULL;
1334 char buf[1024] = { 0 };
1335 FILE *fp_pgp_in = NULL, *fp_pgp_out = NULL, *fp_pgp_err = NULL, *fp_signed = NULL;
1336 bool err = false;
1337 bool empty = true;
1338 pid_t pid;
1339 struct Buffer *sigfile = buf_pool_get();
1340 struct Buffer *signedfile = buf_pool_get();
1341
1342 crypt_convert_to_7bit(b); /* Signed data _must_ be in 7-bit format. */
1343
1344 buf_mktemp(sigfile);
1345 FILE *fp_sig = mutt_file_fopen(buf_string(sigfile), "w");
1346 if (!fp_sig)
1347 {
1348 goto cleanup;
1349 }
1350
1351 buf_mktemp(signedfile);
1352 fp_signed = mutt_file_fopen(buf_string(signedfile), "w");
1353 if (!fp_signed)
1354 {
1355 mutt_perror("%s", buf_string(signedfile));
1356 mutt_file_fclose(&fp_sig);
1357 unlink(buf_string(sigfile));
1358 goto cleanup;
1359 }
1360
1361 mutt_write_mime_header(b, fp_signed, NeoMutt->sub);
1362 fputc('\n', fp_signed);
1363 mutt_write_mime_body(b, fp_signed, NeoMutt->sub);
1364 mutt_file_fclose(&fp_signed);
1365
1366 pid = pgp_invoke_sign(&fp_pgp_in, &fp_pgp_out, &fp_pgp_err, -1, -1, -1,
1367 buf_string(signedfile));
1368 if (pid == -1)
1369 {
1370 mutt_perror(_("Can't open PGP subprocess"));
1371 mutt_file_fclose(&fp_sig);
1372 unlink(buf_string(sigfile));
1373 unlink(buf_string(signedfile));
1374 goto cleanup;
1375 }
1376
1377 if (!pgp_use_gpg_agent())
1378 fputs(mod_data->pgp_pass, fp_pgp_in);
1379 fputc('\n', fp_pgp_in);
1380 mutt_file_fclose(&fp_pgp_in);
1381
1382 /* Read back the PGP signature. Also, change MESSAGE=>SIGNATURE as
1383 * recommended for future releases of PGP. */
1384 while (fgets(buf, sizeof(buf) - 1, fp_pgp_out))
1385 {
1386 if (mutt_str_equal("-----BEGIN PGP MESSAGE-----\n", buf))
1387 fputs("-----BEGIN PGP SIGNATURE-----\n", fp_sig);
1388 else if (mutt_str_equal("-----END PGP MESSAGE-----\n", buf))
1389 fputs("-----END PGP SIGNATURE-----\n", fp_sig);
1390 else
1391 fputs(buf, fp_sig);
1392 empty = false; /* got some output, so we're ok */
1393 }
1394
1395 /* check for errors from PGP */
1396 err = false;
1397 while (fgets(buf, sizeof(buf) - 1, fp_pgp_err))
1398 {
1399 err = true;
1400 fputs(buf, stdout);
1401 }
1402
1403 const bool c_pgp_check_exit = cs_subset_bool(NeoMutt->sub, "pgp_check_exit");
1404 if (filter_wait(pid) && c_pgp_check_exit)
1405 empty = true;
1406
1407 mutt_file_fclose(&fp_pgp_err);
1408 mutt_file_fclose(&fp_pgp_out);
1409 unlink(buf_string(signedfile));
1410
1411 if (mutt_file_fclose(&fp_sig) != 0)
1412 {
1413 mutt_perror("fclose");
1414 unlink(buf_string(sigfile));
1415 goto cleanup;
1416 }
1417
1418 if (err)
1419 mutt_any_key_to_continue(NULL);
1420 if (empty)
1421 {
1422 unlink(buf_string(sigfile));
1423 /* most likely error is a bad passphrase, so automatically forget it */
1424 pgp_class_void_passphrase();
1425 goto cleanup; /* fatal error while signing */
1426 }
1427
1428 b_enc = mutt_body_new();
1429 b_enc->type = TYPE_MULTIPART;
1430 b_enc->subtype = mutt_str_dup("signed");
1431 b_enc->encoding = ENC_7BIT;
1432 b_enc->use_disp = false;
1433 b_enc->disposition = DISP_INLINE;
1434 rv = b_enc;
1435
1436 mutt_generate_boundary(&b_enc->parameter);
1437 mutt_param_set(&b_enc->parameter, "protocol", "application/pgp-signature");
1438 mutt_param_set(&b_enc->parameter, "micalg", pgp_micalg(buf_string(sigfile)));
1439
1440 b_enc->parts = b;
1441
1442 b_enc->parts->next = mutt_body_new();
1443 b_enc = b_enc->parts->next;
1444 b_enc->type = TYPE_APPLICATION;
1445 b_enc->subtype = mutt_str_dup("pgp-signature");
1446 b_enc->filename = buf_strdup(sigfile);
1447 b_enc->use_disp = false;
1448 b_enc->disposition = DISP_NONE;
1449 b_enc->encoding = ENC_7BIT;
1450 b_enc->unlink = true; /* ok to remove this file after sending. */
1451 mutt_param_set(&b_enc->parameter, "name", "signature.asc");
1452
1453cleanup:
1454 buf_pool_release(&sigfile);
1455 buf_pool_release(&signedfile);
1456 return rv;
1457}
buf_strdup
char * buf_strdup(const struct Buffer *buf)
Copy a Buffer's string.
Definition buffer.c:571
buf_string
static const char * buf_string(const struct Buffer *buf)
Convert a buffer to a const char * "string".
Definition buffer.h:96
cs_subset_bool
bool cs_subset_bool(const struct ConfigSubset *sub, const char *name)
Get a boolean config item by name.
Definition helpers.c:47
crypt_convert_to_7bit
void crypt_convert_to_7bit(struct Body *b)
Convert an email to 7bit encoding.
Definition crypt.c:814
mutt_any_key_to_continue
int mutt_any_key_to_continue(const char *s)
Prompt the user to 'press any key' and wait.
Definition curs_lib.c:175
mutt_body_new
struct Body * mutt_body_new(void)
Create a new Body.
Definition body.c:44
mutt_file_fclose
#define mutt_file_fclose(FP)
Definition file.h:144
mutt_file_fopen
#define mutt_file_fopen(PATH, MODE)
Definition file.h:143
pgp_class_void_passphrase
void pgp_class_void_passphrase(void)
Forget the cached passphrase - Implements CryptModuleSpecs::void_passphrase() -.
Definition pgp.c:71
mutt_perror
#define mutt_perror(...)
Definition logging2.h:95
ENC_7BIT
@ ENC_7BIT
7-bit text
Definition mime.h:49
TYPE_MULTIPART
@ TYPE_MULTIPART
Type: 'multipart/*'.
Definition mime.h:37
TYPE_APPLICATION
@ TYPE_APPLICATION
Type: 'application/*'.
Definition mime.h:33
DISP_INLINE
@ DISP_INLINE
Content is inline.
Definition mime.h:62
DISP_NONE
@ DISP_NONE
No preferred disposition.
Definition mime.h:65
MODULE_ID_NCRYPT
@ MODULE_ID_NCRYPT
ModuleNcrypt, Ncrypt
Definition module_api.h:80
mutt_generate_boundary
void mutt_generate_boundary(struct ParameterList *pl)
Create a unique boundary id for a MIME part.
Definition multipart.c:93
filter_wait
int filter_wait(pid_t pid)
Wait for the exit of a process and return its status.
Definition filter.c:228
_
#define _(a)
Definition message.h:28
mutt_str_dup
char * mutt_str_dup(const char *str)
Copy a string, safely.
Definition string.c:257
mutt_str_equal
bool mutt_str_equal(const char *a, const char *b)
Compare two strings.
Definition string.c:665
neomutt_get_module_data
void * neomutt_get_module_data(struct NeoMutt *n, enum ModuleId id)
Get the private data for a Module.
Definition neomutt.c:663
mutt_param_set
void mutt_param_set(struct ParameterList *pl, const char *attribute, const char *value)
Set a Parameter.
Definition parameter.c:111
pgp_use_gpg_agent
bool pgp_use_gpg_agent(void)
Does the user want to use the gpg agent?
Definition pgp.c:124
pgp_invoke_sign
pid_t pgp_invoke_sign(FILE **fp_pgp_in, FILE **fp_pgp_out, FILE **fp_pgp_err, int fd_pgp_in, int fd_pgp_out, int fd_pgp_err, const char *fname)
Use PGP to sign a file.
Definition pgpinvoke.c:204
pgp_micalg
const char * pgp_micalg(const char *fname)
Find the hash algorithm of a file.
Definition pgpmicalg.c:228
buf_pool_get
struct Buffer * buf_pool_get(void)
Get a Buffer from the pool.
Definition pool.c:91
buf_pool_release
void buf_pool_release(struct Buffer **ptr)
Return a Buffer to the pool.
Definition pool.c:111
mutt_write_mime_body
int mutt_write_mime_body(struct Body *b, FILE *fp, struct ConfigSubset *sub)
Write a MIME part.
Definition body.c:302
mutt_write_mime_header
int mutt_write_mime_header(struct Body *b, FILE *fp, struct ConfigSubset *sub)
Create a MIME header.
Definition header.c:757
Body
The body of an email.
Definition body.h:36
Body::parts
struct Body * parts
parts of a multipart or message/rfc822
Definition body.h:73
Body::unlink
bool unlink
If true, filename should be unlink()ed before free()ing this structure.
Definition body.h:68
Body::parameter
struct ParameterList parameter
Parameters of the content-type.
Definition body.h:63
Body::use_disp
bool use_disp
Content-Disposition uses filename= ?
Definition body.h:47
Body::disposition
unsigned int disposition
content-disposition, ContentDisposition
Definition body.h:42
Body::next
struct Body * next
next attachment in the list
Definition body.h:72
Body::subtype
char * subtype
content-type subtype
Definition body.h:61
Body::encoding
unsigned int encoding
content-transfer-encoding, ContentEncoding
Definition body.h:41
Body::type
unsigned int type
content-type primary type, ContentType
Definition body.h:40
Body::filename
char * filename
When sending a message, this is the file to which this structure refers.
Definition body.h:59
Buffer
String manipulation buffer.
Definition buffer.h:36
NcryptModuleData
Ncrypt private Module data.
Definition module_data.h:38
NcryptModuleData::pgp_pass
char pgp_pass[1024]
Cached PGP Passphrase.
Definition module_data.h:50
NeoMutt
Container for Accounts, Notifications.
Definition neomutt.h:41
NeoMutt::sub
struct ConfigSubset * sub
Inherited config items.
Definition neomutt.h:49
buf_mktemp
#define buf_mktemp(buf)
Definition tmp.h:33
+ Here is the call graph for this function:

◆ smime_class_sign_message()

struct Body * smime_class_sign_message ( struct Body * b,
const struct AddressList * from )

Cryptographically sign the Body of a message - Implements CryptModuleSpecs::sign_message() -.

Definition at line 1351 of file smime.c.

1352{
1353 struct NcryptModuleData *mod_data = neomutt_get_module_data(NeoMutt, MODULE_ID_NCRYPT);
1354 struct Body *b_sign = NULL;
1355 struct Body *rc = NULL;
1356 char buf[1024] = { 0 };
1357 struct Buffer *filetosign = NULL, *signedfile = NULL;
1358 FILE *fp_smime_in = NULL, *fp_smime_out = NULL, *fp_smime_err = NULL, *fp_sign = NULL;
1359 bool err = false;
1360 int empty = 0;
1361 pid_t pid;
1362 const char *intermediates = NULL;
1363
1364 const char *const c_smime_sign_as = cs_subset_string(NeoMutt->sub, "smime_sign_as");
1365 const char *const c_smime_default_key = cs_subset_string(NeoMutt->sub, "smime_default_key");
1366 const char *signas = c_smime_sign_as ? c_smime_sign_as : c_smime_default_key;
1367 if (!signas || (*signas == '\0'))
1368 {
1369 mutt_error(_("Can't sign: No key specified. Use Sign As."));
1370 return NULL;
1371 }
1372
1373 crypt_convert_to_7bit(b); /* Signed data _must_ be in 7-bit format. */
1374
1375 filetosign = buf_pool_get();
1376 signedfile = buf_pool_get();
1377
1378 buf_mktemp(filetosign);
1379 fp_sign = mutt_file_fopen(buf_string(filetosign), "w+");
1380 if (!fp_sign)
1381 {
1382 mutt_perror("%s", buf_string(filetosign));
1383 goto cleanup;
1384 }
1385
1386 buf_mktemp(signedfile);
1387 fp_smime_out = mutt_file_fopen(buf_string(signedfile), "w+");
1388 if (!fp_smime_out)
1389 {
1390 mutt_perror("%s", buf_string(signedfile));
1391 goto cleanup;
1392 }
1393
1394 mutt_write_mime_header(b, fp_sign, NeoMutt->sub);
1395 fputc('\n', fp_sign);
1396 mutt_write_mime_body(b, fp_sign, NeoMutt->sub);
1397 mutt_file_fclose(&fp_sign);
1398
1399 const char *const c_smime_keys = cs_subset_path(NeoMutt->sub, "smime_keys");
1400 const char *const c_smime_certificates = cs_subset_path(NeoMutt->sub, "smime_certificates");
1401 buf_printf(&mod_data->smime_key_to_use, "%s/%s", NONULL(c_smime_keys), signas);
1402 buf_printf(&mod_data->smime_cert_to_use, "%s/%s", NONULL(c_smime_certificates), signas);
1403
1404 struct SmimeKey *signas_key = smime_get_key_by_hash(signas, 1);
1405 if (!signas_key || mutt_str_equal("?", signas_key->issuer))
1406 intermediates = signas; /* so openssl won't complain in any case */
1407 else
1408 intermediates = signas_key->issuer;
1409
1410 buf_printf(&mod_data->smime_intermediate_to_use, "%s/%s",
1411 NONULL(c_smime_certificates), intermediates);
1412
1413 smime_key_free(&signas_key);
1414
1415 pid = smime_invoke_sign(&fp_smime_in, NULL, &fp_smime_err, -1,
1416 fileno(fp_smime_out), -1, buf_string(filetosign));
1417 if (pid == -1)
1418 {
1419 mutt_perror(_("Can't open OpenSSL subprocess"));
1420 mutt_file_unlink(buf_string(filetosign));
1421 goto cleanup;
1422 }
1423 fputs(mod_data->smime_pass, fp_smime_in);
1424 fputc('\n', fp_smime_in);
1425 mutt_file_fclose(&fp_smime_in);
1426
1427 filter_wait(pid);
1428
1429 /* check for errors from OpenSSL */
1430 err = false;
1431 fflush(fp_smime_err);
1432 rewind(fp_smime_err);
1433 while (fgets(buf, sizeof(buf) - 1, fp_smime_err))
1434 {
1435 err = true;
1436 fputs(buf, stdout);
1437 }
1438 mutt_file_fclose(&fp_smime_err);
1439
1440 fflush(fp_smime_out);
1441 rewind(fp_smime_out);
1442 empty = (fgetc(fp_smime_out) == EOF);
1443 mutt_file_fclose(&fp_smime_out);
1444
1445 mutt_file_unlink(buf_string(filetosign));
1446
1447 if (err)
1448 {
1449 smime_class_void_passphrase();
1450 mutt_any_key_to_continue(NULL);
1451 }
1452
1453 if (empty)
1454 {
1455 mutt_any_key_to_continue(_("No output from OpenSSL..."));
1456 mutt_file_unlink(buf_string(signedfile));
1457 goto cleanup; /* fatal error while signing */
1458 }
1459
1460 b_sign = mutt_body_new();
1461 b_sign->type = TYPE_MULTIPART;
1462 b_sign->subtype = mutt_str_dup("signed");
1463 b_sign->encoding = ENC_7BIT;
1464 b_sign->use_disp = false;
1465 b_sign->disposition = DISP_INLINE;
1466
1467 mutt_generate_boundary(&b_sign->parameter);
1468
1469 const char *const c_smime_sign_digest_alg = cs_subset_string(NeoMutt->sub, "smime_sign_digest_alg");
1470 char *micalg = openssl_md_to_smime_micalg(c_smime_sign_digest_alg);
1471 mutt_param_set(&b_sign->parameter, "micalg", micalg);
1472 FREE(&micalg);
1473
1474 mutt_param_set(&b_sign->parameter, "protocol", "application/pkcs7-signature");
1475
1476 b_sign->parts = b;
1477 rc = b_sign;
1478
1479 b_sign->parts->next = mutt_body_new();
1480 b_sign = b_sign->parts->next;
1481 b_sign->type = TYPE_APPLICATION;
1482 b_sign->subtype = mutt_str_dup("pkcs7-signature");
1483 b_sign->filename = buf_strdup(signedfile);
1484 b_sign->d_filename = mutt_str_dup("smime.p7s");
1485 b_sign->use_disp = true;
1486 b_sign->disposition = DISP_ATTACH;
1487 b_sign->encoding = ENC_BASE64;
1488 b_sign->unlink = true; /* ok to remove this file after sending. */
1489
1490cleanup:
1491 if (fp_sign)
1492 {
1493 mutt_file_fclose(&fp_sign);
1494 mutt_file_unlink(buf_string(filetosign));
1495 }
1496 if (fp_smime_out)
1497 {
1498 mutt_file_fclose(&fp_smime_out);
1499 mutt_file_unlink(buf_string(signedfile));
1500 }
1501 buf_pool_release(&filetosign);
1502 buf_pool_release(&signedfile);
1503 return rc;
1504}
buf_printf
int buf_printf(struct Buffer *buf, const char *fmt,...)
Format a string overwriting a Buffer.
Definition buffer.c:161
cs_subset_string
const char * cs_subset_string(const struct ConfigSubset *sub, const char *name)
Get a string config item by name.
Definition helpers.c:291
cs_subset_path
const char * cs_subset_path(const struct ConfigSubset *sub, const char *name)
Get a path config item by name.
Definition helpers.c:168
mutt_file_unlink
void mutt_file_unlink(const char *s)
Delete a file, carefully.
Definition file.c:156
smime_class_void_passphrase
void smime_class_void_passphrase(void)
Forget the cached passphrase - Implements CryptModuleSpecs::void_passphrase() -.
Definition smime.c:137
mutt_error
#define mutt_error(...)
Definition logging2.h:94
FREE
#define FREE(x)
Free memory and set the pointer to NULL.
Definition memory.h:68
ENC_BASE64
@ ENC_BASE64
Base-64 encoded text.
Definition mime.h:52
DISP_ATTACH
@ DISP_ATTACH
Content is attached.
Definition mime.h:63
smime_get_key_by_hash
static struct SmimeKey * smime_get_key_by_hash(const char *hash, bool only_public_key)
Find a key by its hash.
Definition smime.c:380
smime_invoke_sign
static pid_t smime_invoke_sign(FILE **fp_smime_in, FILE **fp_smime_out, FILE **fp_smime_err, int fp_smime_infd, int fp_smime_outfd, int fp_smime_errfd, const char *fname)
Use SMIME to sign a file.
Definition smime.c:1169
smime_key_free
static void smime_key_free(struct SmimeKey **keylist)
Free a list of SMIME keys.
Definition smime.c:91
openssl_md_to_smime_micalg
static char * openssl_md_to_smime_micalg(const char *md)
Change the algorithm names.
Definition smime.c:1330
NONULL
#define NONULL(x)
Definition string2.h:44
Body::d_filename
char * d_filename
filename to be used for the content-disposition header If NULL, filename is used instead.
Definition body.h:56
NcryptModuleData::smime_cert_to_use
struct Buffer smime_cert_to_use
S/MIME certificate to use.
Definition module_data.h:58
NcryptModuleData::smime_pass
char smime_pass[256]
Cached S/MIME Passphrase.
Definition module_data.h:55
NcryptModuleData::smime_intermediate_to_use
struct Buffer smime_intermediate_to_use
S/MIME intermediate certificate to use.
Definition module_data.h:59
NcryptModuleData::smime_key_to_use
struct Buffer smime_key_to_use
S/MIME key to use.
Definition module_data.h:57
SmimeKey
An SIME key.
Definition smime.h:43
SmimeKey::issuer
char * issuer
Key issuer.
Definition smime.h:47
+ Here is the call graph for this function: