lib.h File Reference

API for encryption/signing of emails. More...

#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>

Include dependency graph for lib.h:

Go to the source code of this file.

Macros
#define	SEC_NO_FLAGS   0
	No flags are set.
#define	SEC_ENCRYPT   (1 << 0)
	Email is encrypted.
#define	SEC_SIGN   (1 << 1)
	Email is signed.
#define	SEC_GOODSIGN   (1 << 2)
	Email has a valid signature.
#define	SEC_BADSIGN   (1 << 3)
	Email has a bad signature.
#define	SEC_PARTSIGN   (1 << 4)
	Not all parts of the email is signed.
#define	SEC_SIGNOPAQUE   (1 << 5)
	Email has an opaque signature (encrypted)
#define	SEC_KEYBLOCK   (1 << 6)
	Email has a key attached.
#define	SEC_INLINE   (1 << 7)
	Email has an inline signature.
#define	SEC_OPPENCRYPT   (1 << 8)
	Opportunistic encrypt mode.
#define	SEC_AUTOCRYPT   (1 << 9)
	(Autocrypt) Message will be, or was Autocrypt encrypt+signed
#define	SEC_AUTOCRYPT_OVERRIDE   (1 << 10)
	(Autocrypt) Indicates manual set/unset of encryption
#define	APPLICATION_PGP   (1 << 11)
	Use PGP to encrypt/sign.
#define	APPLICATION_SMIME   (1 << 12)
	Use SMIME to encrypt/sign.
#define	PGP_TRADITIONAL_CHECKED   (1 << 13)
	Email has a traditional (inline) signature.
#define	SEC_ALL_FLAGS   ((1 << 14) - 1)
	Mask for all security flags.
#define	PGP_ENCRYPT   (APPLICATION_PGP | SEC_ENCRYPT)
	Email is PGP encrypted.
#define	PGP_SIGN   (APPLICATION_PGP | SEC_SIGN)
	Email is PGP signed.
#define	PGP_GOODSIGN   (APPLICATION_PGP | SEC_GOODSIGN)
	Email has a good PGP signature.
#define	PGP_KEY   (APPLICATION_PGP | SEC_KEYBLOCK)
	Email contains a PGP key.
#define	PGP_INLINE   (APPLICATION_PGP | SEC_INLINE)
	Email is inline PGP encrypted/signed.
#define	SMIME_ENCRYPT   (APPLICATION_SMIME | SEC_ENCRYPT)
	Email is S/MIME encrypted.
#define	SMIME_SIGN   (APPLICATION_SMIME | SEC_SIGN)
	Email is S/MIME signed.
#define	SMIME_GOODSIGN   (APPLICATION_SMIME | SEC_GOODSIGN)
	Email has a good S/MIME signature.
#define	SMIME_BADSIGN   (APPLICATION_SMIME | SEC_BADSIGN)
	Email has a bad S/MIME signature.
#define	SMIME_OPAQUE   (APPLICATION_SMIME | SEC_SIGNOPAQUE)
	Email has an opaque S/MIME signature.
#define	WithCrypto   (APPLICATION_PGP | APPLICATION_SMIME)
#define	KEYFLAG_NO_FLAGS   0
	No flags are set.
#define	KEYFLAG_CANSIGN   (1 << 0)
	Key is suitable for signing.
#define	KEYFLAG_CANENCRYPT   (1 << 1)
	Key is suitable for encryption.
#define	KEYFLAG_ISX509   (1 << 2)
	Key is an X.509 key.
#define	KEYFLAG_SECRET   (1 << 7)
	Key is a secret key.
#define	KEYFLAG_EXPIRED   (1 << 8)
	Key is expired.
#define	KEYFLAG_REVOKED   (1 << 9)
	Key is revoked.
#define	KEYFLAG_DISABLED   (1 << 10)
	Key is marked disabled.
#define	KEYFLAG_SUBKEY   (1 << 11)
	Key is a subkey.
#define	KEYFLAG_CRITICAL   (1 << 12)
	Key is marked critical.
#define	KEYFLAG_PREFER_ENCRYPTION   (1 << 13)
	Key's owner prefers encryption.
#define	KEYFLAG_PREFER_SIGNING   (1 << 14)
	Key's owner prefers signing.
#define	KEYFLAG_CANTUSE   (KEYFLAG_DISABLED | KEYFLAG_REVOKED | KEYFLAG_EXPIRED)
#define	KEYFLAG_RESTRICTIONS   (KEYFLAG_CANTUSE | KEYFLAG_CRITICAL)
#define	KEYFLAG_ABILITIES   (KEYFLAG_CANSIGN | KEYFLAG_CANENCRYPT | KEYFLAG_PREFER_ENCRYPTION | KEYFLAG_PREFER_SIGNING)

Typedefs
typedef uint16_t	SecurityFlags
	Flags, e.g. SEC_ENCRYPT.
typedef uint16_t	KeyFlags
	Flags describing PGP/SMIME keys, e.g. KEYFLAG_CANSIGN.

Functions
void	pgp_init_keys (struct NeoMutt *n, struct SubMenu *sm_generic)
	Initialise the PGP Keybindings - Implements ::init_keys_api.
void	crypt_extract_keys_from_messages (struct Mailbox *m, struct EmailArray *ea)
	Extract keys from a message.
void	crypt_forget_passphrase (void)
	Forget a passphrase and display a message.
int	crypt_get_keys (struct Email *e, char **keylist, bool oppenc_mode)
	Check we have all the keys we need.
void	crypt_opportunistic_encrypt (struct Email *e)
	Can all recipients be determined.
SecurityFlags	crypt_query (struct Body *b)
	Check out the type of encryption used.
bool	crypt_valid_passphrase (SecurityFlags flags)
	Check that we have a usable passphrase, ask if not.
SecurityFlags	mutt_is_application_pgp (const struct Body *b)
	Does the message use PGP?
SecurityFlags	mutt_is_application_smime (struct Body *b)
	Does the message use S/MIME?
SecurityFlags	mutt_is_malformed_multipart_pgp_encrypted (struct Body *b)
	Check for malformed layout.
SecurityFlags	mutt_is_multipart_encrypted (struct Body *b)
	Does the message have encrypted parts?
SecurityFlags	mutt_is_multipart_signed (struct Body *b)
	Is a message signed?
int	mutt_is_valid_multipart_pgp_encrypted (struct Body *b)
	Is this a valid multi-part encrypted message?
int	mutt_protected_headers_handler (struct Body *b, struct State *state)
	Handler for protected headers - Implements handler_t -.
int	mutt_protect (struct Email *e, char *keylist, bool postpone)
	Encrypt and/or sign a message.
bool	mutt_should_hide_protected_subject (struct Email *e)
	Should NeoMutt hide the protected subject?
int	mutt_signed_handler (struct Body *b, struct State *state)
	Handler for "multipart/signed" - Implements handler_t -.
void	crypt_cleanup (void)
	Clean up backend.
bool	crypt_has_module_backend (SecurityFlags type)
	Is there a crypto backend for a given type?
void	crypt_init (void)
	Initialise the crypto backends.
void	crypt_invoke_message (SecurityFlags type)
	Display an informative message.
int	crypt_pgp_application_handler (struct Body *b_email, struct State *state)
	Wrapper for CryptModuleSpecs::application_handler() - Implements handler_t -.
bool	crypt_pgp_check_traditional (FILE *fp, struct Body *b, bool just_one)
	Wrapper for CryptModuleSpecs::pgp_check_traditional()
int	crypt_pgp_decrypt_mime (FILE *fp_in, FILE **fp_out, struct Body *b, struct Body **b_dec)
	Wrapper for CryptModuleSpecs::decrypt_mime()
int	crypt_pgp_encrypted_handler (struct Body *b_email, struct State *state)
	Wrapper for CryptModuleSpecs::encrypted_handler() - Implements handler_t -.
void	crypt_pgp_extract_key_from_attachment (FILE *fp, struct Body *b)
	Wrapper for CryptModuleSpecs::pgp_extract_key_from_attachment()
void	crypt_pgp_invoke_getkeys (struct Address *addr)
	Wrapper for CryptModuleSpecs::pgp_invoke_getkeys()
struct Body *	crypt_pgp_make_key_attachment (void)
	Wrapper for CryptModuleSpecs::pgp_make_key_attachment()
SecurityFlags	crypt_pgp_send_menu (struct Email *e)
	Wrapper for CryptModuleSpecs::send_menu()
int	crypt_smime_application_handler (struct Body *b_email, struct State *state)
	Wrapper for CryptModuleSpecs::application_handler() - Implements handler_t -.
int	crypt_smime_decrypt_mime (FILE *fp_in, FILE **fp_out, struct Body *b, struct Body **b_dec)
	Wrapper for CryptModuleSpecs::decrypt_mime()
void	crypt_smime_getkeys (struct Envelope *env)
	Wrapper for CryptModuleSpecs::smime_getkeys()
SecurityFlags	crypt_smime_send_menu (struct Email *e)
	Wrapper for CryptModuleSpecs::send_menu()
int	crypt_smime_verify_sender (struct Email *e, struct Message *msg)
	Wrapper for CryptModuleSpecs::smime_verify_sender()
void	crypto_module_cleanup (void)
	Clean up the crypto modules.
void	pgp_gpgme_init (void)
	Initialise the crypto module - Implements CryptModuleSpecs::init() -.
int	mutt_gpgme_select_secret_key (struct Buffer *keyid)
	Select a private Autocrypt key for a new account.
const char *	mutt_gpgme_print_version (void)
	Get version of GPGME.

Detailed Description

API for encryption/signing of emails.

Authors

• Richard Russon
• Pietro Cerutti

Copyright

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

Definition in file lib.h.

Macro Definition Documentation

SEC_NO_FLAGS

#define SEC_NO_FLAGS   0

No flags are set.

Definition at line 86 of file lib.h.

SEC_ENCRYPT

#define SEC_ENCRYPT   (1 << 0)

Email is encrypted.

Definition at line 87 of file lib.h.

SEC_SIGN

#define SEC_SIGN   (1 << 1)

Email is signed.

Definition at line 88 of file lib.h.

SEC_GOODSIGN

#define SEC_GOODSIGN   (1 << 2)

Email has a valid signature.

Definition at line 89 of file lib.h.

SEC_BADSIGN

#define SEC_BADSIGN   (1 << 3)

Email has a bad signature.

Definition at line 90 of file lib.h.

SEC_PARTSIGN

#define SEC_PARTSIGN   (1 << 4)

Not all parts of the email is signed.

Definition at line 91 of file lib.h.

SEC_SIGNOPAQUE

#define SEC_SIGNOPAQUE   (1 << 5)

Email has an opaque signature (encrypted)

Definition at line 92 of file lib.h.

SEC_KEYBLOCK

#define SEC_KEYBLOCK   (1 << 6)

Email has a key attached.

Definition at line 93 of file lib.h.

SEC_INLINE

#define SEC_INLINE   (1 << 7)

Email has an inline signature.

Definition at line 94 of file lib.h.

SEC_OPPENCRYPT

#define SEC_OPPENCRYPT   (1 << 8)

Opportunistic encrypt mode.

Definition at line 95 of file lib.h.

SEC_AUTOCRYPT

#define SEC_AUTOCRYPT   (1 << 9)

(Autocrypt) Message will be, or was Autocrypt encrypt+signed

Definition at line 96 of file lib.h.

SEC_AUTOCRYPT_OVERRIDE

#define SEC_AUTOCRYPT_OVERRIDE   (1 << 10)

(Autocrypt) Indicates manual set/unset of encryption

Definition at line 97 of file lib.h.

APPLICATION_PGP

#define APPLICATION_PGP   (1 << 11)

Use PGP to encrypt/sign.

Definition at line 99 of file lib.h.

APPLICATION_SMIME

#define APPLICATION_SMIME   (1 << 12)

Use SMIME to encrypt/sign.

Definition at line 100 of file lib.h.

PGP_TRADITIONAL_CHECKED

#define PGP_TRADITIONAL_CHECKED   (1 << 13)

Email has a traditional (inline) signature.

Definition at line 101 of file lib.h.

SEC_ALL_FLAGS

#define SEC_ALL_FLAGS   ((1 << 14) - 1)

Mask for all security flags.

Definition at line 103 of file lib.h.

PGP_ENCRYPT

#define PGP_ENCRYPT   (APPLICATION_PGP | SEC_ENCRYPT)

Email is PGP encrypted.

Definition at line 105 of file lib.h.

PGP_SIGN

#define PGP_SIGN   (APPLICATION_PGP | SEC_SIGN)

Email is PGP signed.

Definition at line 106 of file lib.h.

PGP_GOODSIGN

#define PGP_GOODSIGN   (APPLICATION_PGP | SEC_GOODSIGN)

Email has a good PGP signature.

Definition at line 107 of file lib.h.

PGP_KEY

#define PGP_KEY   (APPLICATION_PGP | SEC_KEYBLOCK)

Email contains a PGP key.

Definition at line 108 of file lib.h.

PGP_INLINE

#define PGP_INLINE   (APPLICATION_PGP | SEC_INLINE)

Email is inline PGP encrypted/signed.

Definition at line 109 of file lib.h.

SMIME_ENCRYPT

#define SMIME_ENCRYPT   (APPLICATION_SMIME | SEC_ENCRYPT)

Email is S/MIME encrypted.

Definition at line 111 of file lib.h.

SMIME_SIGN

#define SMIME_SIGN   (APPLICATION_SMIME | SEC_SIGN)

Email is S/MIME signed.

Definition at line 112 of file lib.h.

SMIME_GOODSIGN

#define SMIME_GOODSIGN   (APPLICATION_SMIME | SEC_GOODSIGN)

Email has a good S/MIME signature.

Definition at line 113 of file lib.h.

SMIME_BADSIGN

#define SMIME_BADSIGN   (APPLICATION_SMIME | SEC_BADSIGN)

Email has a bad S/MIME signature.

Definition at line 114 of file lib.h.

SMIME_OPAQUE

#define SMIME_OPAQUE   (APPLICATION_SMIME | SEC_SIGNOPAQUE)

Email has an opaque S/MIME signature.

Definition at line 115 of file lib.h.

WithCrypto

#define WithCrypto   (APPLICATION_PGP | APPLICATION_SMIME)

Definition at line 125 of file lib.h.

KEYFLAG_NO_FLAGS

#define KEYFLAG_NO_FLAGS   0

No flags are set.

Definition at line 135 of file lib.h.

KEYFLAG_CANSIGN

#define KEYFLAG_CANSIGN   (1 << 0)

Key is suitable for signing.

Definition at line 136 of file lib.h.

KEYFLAG_CANENCRYPT

#define KEYFLAG_CANENCRYPT   (1 << 1)

Key is suitable for encryption.

Definition at line 137 of file lib.h.

KEYFLAG_ISX509

#define KEYFLAG_ISX509   (1 << 2)

Key is an X.509 key.

Definition at line 138 of file lib.h.

KEYFLAG_SECRET

#define KEYFLAG_SECRET   (1 << 7)

Key is a secret key.

Definition at line 139 of file lib.h.

KEYFLAG_EXPIRED

#define KEYFLAG_EXPIRED   (1 << 8)

Key is expired.

Definition at line 140 of file lib.h.

KEYFLAG_REVOKED

#define KEYFLAG_REVOKED   (1 << 9)

Key is revoked.

Definition at line 141 of file lib.h.

KEYFLAG_DISABLED

#define KEYFLAG_DISABLED   (1 << 10)

Key is marked disabled.

Definition at line 142 of file lib.h.

KEYFLAG_SUBKEY

#define KEYFLAG_SUBKEY   (1 << 11)

Key is a subkey.

Definition at line 143 of file lib.h.

KEYFLAG_CRITICAL

#define KEYFLAG_CRITICAL   (1 << 12)

Key is marked critical.

Definition at line 144 of file lib.h.

KEYFLAG_PREFER_ENCRYPTION

#define KEYFLAG_PREFER_ENCRYPTION   (1 << 13)

Key's owner prefers encryption.

Definition at line 145 of file lib.h.

KEYFLAG_PREFER_SIGNING

#define KEYFLAG_PREFER_SIGNING   (1 << 14)

Key's owner prefers signing.

Definition at line 146 of file lib.h.

KEYFLAG_CANTUSE

#define KEYFLAG_CANTUSE   (KEYFLAG_DISABLED | KEYFLAG_REVOKED | KEYFLAG_EXPIRED)

Definition at line 148 of file lib.h.

KEYFLAG_RESTRICTIONS

#define KEYFLAG_RESTRICTIONS   (KEYFLAG_CANTUSE | KEYFLAG_CRITICAL)

Definition at line 149 of file lib.h.

KEYFLAG_ABILITIES

#define KEYFLAG_ABILITIES   (KEYFLAG_CANSIGN | KEYFLAG_CANENCRYPT | KEYFLAG_PREFER_ENCRYPTION | KEYFLAG_PREFER_SIGNING)

Definition at line 151 of file lib.h.

Typedef Documentation

SecurityFlags

typedef uint16_t SecurityFlags

Flags, e.g. SEC_ENCRYPT.

Definition at line 85 of file lib.h.

KeyFlags

typedef uint16_t KeyFlags

Flags describing PGP/SMIME keys, e.g. KEYFLAG_CANSIGN.

Definition at line 134 of file lib.h.

Function Documentation

pgp_init_keys()

void pgp_init_keys	(	struct NeoMutt *	n,
		struct SubMenu *	sm_generic )

Initialise the PGP Keybindings - Implements ::init_keys_api.

Definition at line 88 of file functions.c.

{
  struct MenuDefinition *md = NULL;
  struct SubMenu *sm = NULL;
 
  sm = km_register_submenu(OpPgp);
  md = km_register_menu(MENU_PGP, "pgp");
  km_menu_add_submenu(md, sm);
  km_menu_add_submenu(md, sm_generic);
  km_menu_add_bindings(md, PgpDefaultBindings);
 
  struct NcryptModuleData *mod_data = neomutt_get_module_data(n, MODULE_ID_NCRYPT);
  ASSERT(mod_data);
  mod_data->menu_pgp = md;
 
  sm = km_register_submenu(OpSmime);
  md = km_register_menu(MENU_SMIME, "smime");
  km_menu_add_submenu(md, sm);
  km_menu_add_submenu(md, sm_generic);
  km_menu_add_bindings(md, SmimeDefaultBindings);
 
  mod_data->menu_smime = md;
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_extract_keys_from_messages()

void crypt_extract_keys_from_messages	(	struct Mailbox *	m,
		struct EmailArray *	ea )

Extract keys from a message.

Parameters

m	Mailbox
ea	Array of Emails to process

The extracted keys will be added to the user's keyring.

Definition at line 863 of file crypt.c.

{
  if (!WithCrypto)
    return;
 
  struct Buffer *tempfile = buf_pool_get();
  buf_mktemp(tempfile);
  FILE *fp_out = mutt_file_fopen(buf_string(tempfile), "w");
  if (!fp_out)
  {
    mutt_perror("%s", buf_string(tempfile));
    goto cleanup;
  }
 
  if (WithCrypto & APPLICATION_PGP)
    OptDontHandlePgpKeys = true;
 
  struct Email **ep = NULL;
  ARRAY_FOREACH(ep, ea)
  {
    struct Email *e = *ep;
    struct Message *msg = mx_msg_open(m, e);
    if (!msg)
    {
      continue;
    }
    mutt_parse_mime_message(e, msg->fp);
    if (e->security & SEC_ENCRYPT && !crypt_valid_passphrase(e->security))
    {
      mx_msg_close(m, &msg);
      mutt_file_fclose(&fp_out);
      break;
    }
 
    if (((WithCrypto & APPLICATION_PGP) != 0) && (e->security & APPLICATION_PGP))
    {
      mutt_copy_message(fp_out, e, msg, MUTT_CM_DECODE | MUTT_CM_CHARCONV, CH_NO_FLAGS, 0);
      fflush(fp_out);
 
      mutt_endwin();
      puts(_("Trying to extract PGP keys...\n"));
      crypt_pgp_invoke_import(buf_string(tempfile));
    }
 
    if (((WithCrypto & APPLICATION_SMIME) != 0) && (e->security & APPLICATION_SMIME))
    {
      const bool encrypt = e->security & SEC_ENCRYPT;
      mutt_copy_message(fp_out, e, msg,
                        encrypt ? MUTT_CM_NOHEADER | MUTT_CM_DECODE_CRYPT | MUTT_CM_DECODE_SMIME :
                                  MUTT_CM_NO_FLAGS,
                        CH_NO_FLAGS, 0);
      fflush(fp_out);
 
      const char *mbox = NULL;
      if (!TAILQ_EMPTY(&e->env->from))
      {
        mutt_expand_aliases(&e->env->from);
        mbox = buf_string(TAILQ_FIRST(&e->env->from)->mailbox);
      }
      else if (!TAILQ_EMPTY(&e->env->sender))
      {
        mutt_expand_aliases(&e->env->sender);
        mbox = buf_string(TAILQ_FIRST(&e->env->sender)->mailbox);
      }
      if (mbox)
      {
        mutt_endwin();
        puts(_("Trying to extract S/MIME certificates..."));
        crypt_smime_invoke_import(buf_string(tempfile), mbox);
      }
    }
    mx_msg_close(m, &msg);
 
    rewind(fp_out);
  }
 
  mutt_file_fclose(&fp_out);
  if (isendwin())
    mutt_any_key_to_continue(NULL);
 
  mutt_file_unlink(buf_string(tempfile));
 
  if (WithCrypto & APPLICATION_PGP)
    OptDontHandlePgpKeys = false;
 
cleanup:
  buf_pool_release(&tempfile);
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_forget_passphrase()

void crypt_forget_passphrase

(

void

)

Forget a passphrase and display a message.

Definition at line 89 of file crypt.c.

{
  if (WithCrypto & APPLICATION_PGP)
    crypt_pgp_void_passphrase();
 
  if (WithCrypto & APPLICATION_SMIME)
    crypt_smime_void_passphrase();
 
  if (WithCrypto)
  {
    /* L10N: Due to the implementation details (e.g. some passwords are managed
       by gpg-agent) we can't know whether we forgot zero, 1, 12, ...
       passwords. So in English we use "Passphrases". Your language might
       have other means to express this. */
    mutt_message(_("Passphrases forgotten"));
  }
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_get_keys()

int crypt_get_keys	(	struct Email *	e,
		char **	keylist,
		bool	oppenc_mode )

Check we have all the keys we need.

Parameters

[in]	e	Email with addresses to match
[out]	keylist	Keys needed
[in]	oppenc_mode	If true, use opportunistic encryption

Return values

0	Success
-1	Error

Do a quick check to make sure that we can find all of the encryption keys if the user has requested this service. Return the list of keys in KEYLIST. If oppenc_mode is true, only keys that can be determined without prompting will be used.

Definition at line 966 of file crypt.c.

{
  if (!WithCrypto)
    return 0;
 
  struct AddressList addrlist = TAILQ_HEAD_INITIALIZER(addrlist);
  const char *fqdn = mutt_fqdn(true, NeoMutt->sub);
  const char *self_encrypt = NULL;
 
  /* Do a quick check to make sure that we can find all of the encryption
   * keys if the user has requested this service.  */
 
  *keylist = NULL;
 
#ifdef USE_AUTOCRYPT
  if (!oppenc_mode && (e->security & SEC_AUTOCRYPT))
  {
    if (mutt_autocrypt_ui_recommendation(e, keylist) <= AUTOCRYPT_REC_NO)
      return -1;
    return 0;
  }
#endif
 
  if (WithCrypto & APPLICATION_PGP)
    OptPgpCheckTrust = true;
 
  mutt_addrlist_copy(&addrlist, &e->env->to, false);
  mutt_addrlist_copy(&addrlist, &e->env->cc, false);
  mutt_addrlist_copy(&addrlist, &e->env->bcc, false);
  mutt_addrlist_qualify(&addrlist, fqdn);
  mutt_addrlist_dedupe(&addrlist);
 
  if (oppenc_mode || (e->security & SEC_ENCRYPT))
  {
    if (((WithCrypto & APPLICATION_PGP) != 0) && (e->security & APPLICATION_PGP))
    {
      *keylist = crypt_pgp_find_keys(&addrlist, oppenc_mode);
      if (!*keylist)
      {
        mutt_addrlist_clear(&addrlist);
        return -1;
      }
      OptPgpCheckTrust = false;
      const bool c_pgp_self_encrypt = cs_subset_bool(NeoMutt->sub, "pgp_self_encrypt");
      const char *const c_pgp_default_key = cs_subset_string(NeoMutt->sub, "pgp_default_key");
      const enum QuadOption c_pgp_encrypt_self = cs_subset_quad(NeoMutt->sub, "pgp_encrypt_self");
      if (c_pgp_self_encrypt || (c_pgp_encrypt_self == MUTT_YES))
        self_encrypt = c_pgp_default_key;
    }
    if (((WithCrypto & APPLICATION_SMIME) != 0) && (e->security & APPLICATION_SMIME))
    {
      *keylist = crypt_smime_find_keys(&addrlist, oppenc_mode);
      if (!*keylist)
      {
        mutt_addrlist_clear(&addrlist);
        return -1;
      }
      const bool c_smime_self_encrypt = cs_subset_bool(NeoMutt->sub, "smime_self_encrypt");
      const char *const c_smime_default_key = cs_subset_string(NeoMutt->sub, "smime_default_key");
      const enum QuadOption c_smime_encrypt_self = cs_subset_quad(NeoMutt->sub, "smime_encrypt_self");
      if (c_smime_self_encrypt || (c_smime_encrypt_self == MUTT_YES))
        self_encrypt = c_smime_default_key;
    }
  }
 
  if (!oppenc_mode && self_encrypt)
  {
    const size_t keylist_size = mutt_str_len(*keylist);
    MUTT_MEM_REALLOC(keylist, keylist_size + mutt_str_len(self_encrypt) + 2, char);
    sprintf(*keylist + keylist_size, " %s", self_encrypt);
  }
 
  mutt_addrlist_clear(&addrlist);
 
  return 0;
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_opportunistic_encrypt()

void crypt_opportunistic_encrypt

(

struct Email *

e

)

Can all recipients be determined.

Parameters

e

Email

Check if all recipients keys can be automatically determined. Enable encryption if they can, otherwise disable encryption.

Definition at line 1050 of file crypt.c.

{
  if (!WithCrypto)
    return;
 
  const bool c_crypt_opportunistic_encrypt = cs_subset_bool(NeoMutt->sub, "crypt_opportunistic_encrypt");
  if (!(c_crypt_opportunistic_encrypt && (e->security & SEC_OPPENCRYPT)))
    return;
 
  char *pgpkeylist = NULL;
 
  crypt_get_keys(e, &pgpkeylist, true);
  if (pgpkeylist)
  {
    e->security |= SEC_ENCRYPT;
    FREE(&pgpkeylist);
  }
  else
  {
    e->security &= ~SEC_ENCRYPT;
  }
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_query()

SecurityFlags crypt_query

(

struct Body *

b

)

Check out the type of encryption used.

Parameters

b	Body of email

Return values

num	Flags, see SecurityFlags
0	Error (SEC_NO_FLAGS)

Set the cached status values if there are any.

Definition at line 692 of file crypt.c.

{
  if (!WithCrypto || !b)
    return SEC_NO_FLAGS;
 
  SecurityFlags rc = SEC_NO_FLAGS;
 
  if (b->type == TYPE_APPLICATION)
  {
    if (WithCrypto & APPLICATION_PGP)
      rc |= mutt_is_application_pgp(b);
 
    if (WithCrypto & APPLICATION_SMIME)
    {
      rc |= mutt_is_application_smime(b);
      if (rc && b->goodsig)
        rc |= SEC_GOODSIGN;
      if (rc && b->badsig)
        rc |= SEC_BADSIGN;
    }
  }
  else if (((WithCrypto & APPLICATION_PGP) != 0) && (b->type == TYPE_TEXT))
  {
    rc |= mutt_is_application_pgp(b);
    if (rc && b->goodsig)
      rc |= SEC_GOODSIGN;
  }
 
  if (b->type == TYPE_MULTIPART)
  {
    rc |= mutt_is_multipart_encrypted(b);
    rc |= mutt_is_multipart_signed(b);
    rc |= mutt_is_malformed_multipart_pgp_encrypted(b);
 
    if (rc && b->goodsig)
      rc |= SEC_GOODSIGN;
#ifdef USE_AUTOCRYPT
    if (rc && b->is_autocrypt)
      rc |= SEC_AUTOCRYPT;
#endif
  }
 
  if ((b->type == TYPE_MULTIPART) || (b->type == TYPE_MESSAGE))
  {
    SecurityFlags u = b->parts ? SEC_ALL_FLAGS : SEC_NO_FLAGS; /* Bits set in all parts */
    SecurityFlags w = SEC_NO_FLAGS; /* Bits set in any part  */
 
    for (b = b->parts; b; b = b->next)
    {
      const SecurityFlags v = crypt_query(b);
      u &= v;
      w |= v;
    }
    rc |= u | (w & ~SEC_GOODSIGN);
 
    if ((w & SEC_GOODSIGN) && !(u & SEC_GOODSIGN))
      rc |= SEC_PARTSIGN;
  }
 
  return rc;
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_valid_passphrase()

bool crypt_valid_passphrase

(

SecurityFlags

flags

)

Check that we have a usable passphrase, ask if not.

Parameters

flags

Flags, see SecurityFlags

Return values

true	Success
false	Failed

Definition at line 131 of file crypt.c.

{
  bool rc = false;
 
#ifndef DEBUG
  disable_coredumps();
#endif
 
  if (((WithCrypto & APPLICATION_PGP) != 0) && (flags & APPLICATION_PGP))
    rc = crypt_pgp_valid_passphrase();
 
  if (((WithCrypto & APPLICATION_SMIME) != 0) && (flags & APPLICATION_SMIME))
    rc = crypt_smime_valid_passphrase();
 
  return rc;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_is_application_pgp()

SecurityFlags mutt_is_application_pgp

(

const struct Body *

b

)

Does the message use PGP?

Parameters

b	Body of email

Return values

>0	Message uses PGP, e.g. PGP_ENCRYPT
0	Message doesn't use PGP, (SEC_NO_FLAGS)

Definition at line 548 of file crypt.c.

{
  SecurityFlags t = SEC_NO_FLAGS;
  char *p = NULL;
 
  if (b->type == TYPE_APPLICATION)
  {
    if (mutt_istr_equal(b->subtype, "pgp") || mutt_istr_equal(b->subtype, "x-pgp-message"))
    {
      p = mutt_param_get(&b->parameter, "x-action");
      if (p && (mutt_istr_equal(p, "sign") || mutt_istr_equal(p, "signclear")))
      {
        t |= PGP_SIGN;
      }
 
      p = mutt_param_get(&b->parameter, "format");
      if (p && mutt_istr_equal(p, "keys-only"))
      {
        t |= PGP_KEY;
      }
 
      if (t == SEC_NO_FLAGS)
        t |= PGP_ENCRYPT; /* not necessarily correct, but... */
    }
 
    if (mutt_istr_equal(b->subtype, "pgp-signed"))
      t |= PGP_SIGN;
 
    if (mutt_istr_equal(b->subtype, "pgp-keys"))
      t |= PGP_KEY;
  }
  else if ((b->type == TYPE_TEXT) && mutt_istr_equal("plain", b->subtype))
  {
    if (((p = mutt_param_get(&b->parameter, "x-mutt-action")) ||
         (p = mutt_param_get(&b->parameter, "x-action")) ||
         (p = mutt_param_get(&b->parameter, "action"))) &&
        mutt_istr_startswith(p, "pgp-sign"))
    {
      t |= PGP_SIGN;
    }
    else if (p && mutt_istr_startswith(p, "pgp-encrypt"))
    {
      t |= PGP_ENCRYPT;
    }
    else if (p && mutt_istr_startswith(p, "pgp-keys"))
    {
      t |= PGP_KEY;
    }
  }
  if (t)
    t |= PGP_INLINE;
 
  return t;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_is_application_smime()

SecurityFlags mutt_is_application_smime

(

struct Body *

b

)

Does the message use S/MIME?

Parameters

b	Body of email

Return values

>0	Message uses S/MIME, e.g. SMIME_ENCRYPT
0	Message doesn't use S/MIME, (SEC_NO_FLAGS)

Definition at line 609 of file crypt.c.

{
  if (!b)
    return SEC_NO_FLAGS;
 
  if (((b->type & TYPE_APPLICATION) == 0) || !b->subtype)
    return SEC_NO_FLAGS;
 
  char *t = NULL;
  bool complain = false;
  /* S/MIME MIME types don't need x- anymore, see RFC2311 */
  if (mutt_istr_equal(b->subtype, "x-pkcs7-mime") || mutt_istr_equal(b->subtype, "pkcs7-mime"))
  {
    t = mutt_param_get(&b->parameter, "smime-type");
    if (t)
    {
      if (mutt_istr_equal(t, "enveloped-data"))
        return SMIME_ENCRYPT;
      if (mutt_istr_equal(t, "signed-data"))
        return SMIME_SIGN | SMIME_OPAQUE;
      return SEC_NO_FLAGS;
    }
    /* Netscape 4.7 uses
     * Content-Description: S/MIME Encrypted Message
     * instead of Content-Type parameter */
    if (mutt_istr_equal(b->description, "S/MIME Encrypted Message"))
      return SMIME_ENCRYPT;
    complain = true;
  }
  else if (!mutt_istr_equal(b->subtype, "octet-stream"))
  {
    return SEC_NO_FLAGS;
  }
 
  t = mutt_param_get(&b->parameter, "name");
 
  if (!t)
    t = b->d_filename;
  if (!t)
    t = b->filename;
  if (!t)
  {
    if (complain)
    {
      mutt_message(_("S/MIME messages with no hints on content are unsupported"));
    }
    return SEC_NO_FLAGS;
  }
 
  /* no .p7c, .p10 support yet. */
 
  int len = mutt_str_len(t) - 4;
  if ((len > 0) && (*(t + len) == '.'))
  {
    len++;
    if (mutt_istr_equal((t + len), "p7m"))
    {
      const char *const c_smime_pkcs7_default_smime_type =
          cs_subset_string(NeoMutt->sub, "smime_pkcs7_default_smime_type");
      if (mutt_istr_equal(c_smime_pkcs7_default_smime_type, "signed"))
        return SMIME_SIGN | SMIME_OPAQUE;
      else if (mutt_istr_equal(c_smime_pkcs7_default_smime_type, "enveloped"))
        return SMIME_ENCRYPT;
      else
        return SEC_NO_FLAGS;
    }
    else if (mutt_istr_equal((t + len), "p7s"))
    {
      return SMIME_SIGN | SMIME_OPAQUE;
    }
  }
 
  return SEC_NO_FLAGS;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_is_malformed_multipart_pgp_encrypted()

SecurityFlags mutt_is_malformed_multipart_pgp_encrypted

(

struct Body *

b

)

Check for malformed layout.

Parameters

b	Body of email

Return values

num	Success, see SecurityFlags
0	Error, (SEC_NO_FLAGS)

This checks for the malformed layout caused by MS Exchange in some cases:

<multipart/mixed>
   <text/plain>
   <application/pgp-encrypted> [BASE64-encoded]
   <application/octet-stream> [BASE64-encoded]

Definition at line 504 of file crypt.c.

{
  if (!(WithCrypto & APPLICATION_PGP))
    return SEC_NO_FLAGS;
 
  if (!b || (b->type != TYPE_MULTIPART) || !b->subtype || !mutt_istr_equal(b->subtype, "mixed"))
  {
    return SEC_NO_FLAGS;
  }
 
  b = b->parts;
  if (!b || (b->type != TYPE_TEXT) || !b->subtype ||
      !mutt_istr_equal(b->subtype, "plain") || (b->length != 0))
  {
    return SEC_NO_FLAGS;
  }
 
  b = b->next;
  if (!b || (b->type != TYPE_APPLICATION) || !b->subtype ||
      !mutt_istr_equal(b->subtype, "pgp-encrypted"))
  {
    return SEC_NO_FLAGS;
  }
 
  b = b->next;
  if (!b || (b->type != TYPE_APPLICATION) || !b->subtype ||
      !mutt_istr_equal(b->subtype, "octet-stream"))
  {
    return SEC_NO_FLAGS;
  }
 
  b = b->next;
  if (b)
    return SEC_NO_FLAGS;
 
  return PGP_ENCRYPT;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_is_multipart_encrypted()

SecurityFlags mutt_is_multipart_encrypted

(

struct Body *

b

)

Does the message have encrypted parts?

Parameters

b	Body of email

Return values

num	Message has got encrypted parts, see SecurityFlags
0	Message hasn't got encrypted parts (SEC_NO_FLAGS)

Definition at line 443 of file crypt.c.

{
  if ((WithCrypto & APPLICATION_PGP) == 0)
    return SEC_NO_FLAGS;
 
  char *p = NULL;
 
  if (!b || (b->type != TYPE_MULTIPART) || !b->subtype ||
      !mutt_istr_equal(b->subtype, "encrypted") ||
      !(p = mutt_param_get(&b->parameter, "protocol")) ||
      !mutt_istr_equal(p, "application/pgp-encrypted"))
  {
    return SEC_NO_FLAGS;
  }
 
  return PGP_ENCRYPT;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_is_multipart_signed()

SecurityFlags mutt_is_multipart_signed

(

struct Body *

b

)

Is a message signed?

Parameters

b	Body of email

Return values

num	Message is signed, see SecurityFlags
0	Message is not signed (SEC_NO_FLAGS)

Definition at line 408 of file crypt.c.

{
  if (!b || (b->type != TYPE_MULTIPART) || !b->subtype || !mutt_istr_equal(b->subtype, "signed"))
  {
    return SEC_NO_FLAGS;
  }
 
  char *p = mutt_param_get(&b->parameter, "protocol");
  if (!p)
    return SEC_NO_FLAGS;
 
  if (mutt_istr_equal(p, "multipart/mixed"))
    return SEC_SIGN;
 
  if (((WithCrypto & APPLICATION_PGP) != 0) && mutt_istr_equal(p, "application/pgp-signature"))
  {
    return PGP_SIGN;
  }
 
  if (((WithCrypto & APPLICATION_SMIME) != 0) &&
      (mutt_istr_equal(p, "application/x-pkcs7-signature") ||
       mutt_istr_equal(p, "application/pkcs7-signature")))
  {
    return SMIME_SIGN;
  }
 
  return SEC_NO_FLAGS;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_is_valid_multipart_pgp_encrypted()

int mutt_is_valid_multipart_pgp_encrypted

(

struct Body *

b

)

Is this a valid multi-part encrypted message?

Parameters

b	Body of email

Return values

>0	Message is valid, with encrypted parts, e.g. PGP_ENCRYPT
0	Message hasn't got encrypted parts

Definition at line 467 of file crypt.c.

{
  if (mutt_is_multipart_encrypted(b) == SEC_NO_FLAGS)
    return 0;
 
  b = b->parts;
  if (!b || (b->type != TYPE_APPLICATION) || !b->subtype ||
      !mutt_istr_equal(b->subtype, "pgp-encrypted"))
  {
    return 0;
  }
 
  b = b->next;
  if (!b || (b->type != TYPE_APPLICATION) || !b->subtype ||
      !mutt_istr_equal(b->subtype, "octet-stream"))
  {
    return 0;
  }
 
  return PGP_ENCRYPT;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_protect()

int mutt_protect	(	struct Email *	e,
		char *	keylist,
		bool	postpone )

Encrypt and/or sign a message.

Parameters

e	Email
keylist	List of keys to encrypt to (space-separated)
postpone	When true, signing is automatically disabled

Return values

0	Success
-1	Error

Definition at line 156 of file crypt.c.

{
  struct Body *pbody = NULL, *tmp_pbody = NULL;
  struct Body *tmp_smime_pbody = NULL;
  struct Body *tmp_pgp_pbody = NULL;
  bool has_retainable_sig = false;
 
  if (!WithCrypto)
    return -1;
 
  SecurityFlags security = e->security;
  int sign = security & (SEC_AUTOCRYPT | SEC_SIGN);
  if (postpone)
  {
    sign = SEC_NO_FLAGS;
    security &= ~SEC_SIGN;
  }
 
  if (!(security & (SEC_ENCRYPT | SEC_AUTOCRYPT)) && !sign)
    return 0;
 
  if (sign && !(security & SEC_AUTOCRYPT) && !crypt_valid_passphrase(security))
    return -1;
 
  if (((WithCrypto & APPLICATION_PGP) != 0) && !(security & SEC_AUTOCRYPT) &&
      ((security & PGP_INLINE) == PGP_INLINE))
  {
    if ((e->body->type != TYPE_TEXT) || !mutt_istr_equal(e->body->subtype, "plain"))
    {
      if (query_quadoption(_("Inline PGP can't be used with attachments.  Revert to PGP/MIME?"),
                           NeoMutt->sub, "pgp_mime_auto") != MUTT_YES)
      {
        mutt_error(_("Mail not sent: inline PGP can't be used with attachments"));
        return -1;
      }
    }
    else if (mutt_istr_equal("flowed", mutt_param_get(&e->body->parameter, "format")))
    {
      if ((query_quadoption(_("Inline PGP can't be used with format=flowed.  Revert to PGP/MIME?"),
                            NeoMutt->sub, "pgp_mime_auto")) != MUTT_YES)
      {
        mutt_error(_("Mail not sent: inline PGP can't be used with format=flowed"));
        return -1;
      }
    }
    else
    {
      /* they really want to send it inline... go for it */
      if (!isendwin())
      {
        mutt_endwin();
        puts(_("Invoking PGP..."));
      }
      pbody = crypt_pgp_traditional_encryptsign(e->body, security, keylist);
      if (pbody)
      {
        e->body = pbody;
        return 0;
      }
 
      /* otherwise inline won't work...ask for revert */
      if (query_quadoption(_("Message can't be sent inline.  Revert to using PGP/MIME?"),
                           NeoMutt->sub, "pgp_mime_auto") != MUTT_YES)
      {
        mutt_error(_("Mail not sent"));
        return -1;
      }
    }
 
    /* go ahead with PGP/MIME */
  }
 
  if (!isendwin())
    mutt_endwin();
 
  if (WithCrypto & APPLICATION_SMIME)
    tmp_smime_pbody = e->body;
  if (WithCrypto & APPLICATION_PGP)
    tmp_pgp_pbody = e->body;
 
#ifdef CRYPT_BACKEND_GPGME
  const bool c_crypt_use_pka = cs_subset_bool(NeoMutt->sub, "crypt_use_pka");
  if (sign && c_crypt_use_pka)
#else
  if (sign)
#endif
  {
    /* Set sender (necessary for e.g. PKA).  */
    const char *mailbox = NULL;
    struct Address *from = TAILQ_FIRST(&e->env->from);
    bool free_from = false;
 
    if (!from)
    {
      free_from = true;
      from = mutt_default_from(NeoMutt->sub);
    }
 
    mailbox = buf_string(from->mailbox);
    const struct Address *c_envelope_from_address = cs_subset_address(NeoMutt->sub, "envelope_from_address");
    if (!mailbox && c_envelope_from_address)
      mailbox = buf_string(c_envelope_from_address->mailbox);
 
    if (((WithCrypto & APPLICATION_SMIME) != 0) && (security & APPLICATION_SMIME))
      crypt_smime_set_sender(mailbox);
    else if (((WithCrypto & APPLICATION_PGP) != 0) && (security & APPLICATION_PGP))
      crypt_pgp_set_sender(mailbox);
 
    if (free_from)
      mutt_addr_free(&from);
  }
 
  const bool c_crypt_protected_headers_write = cs_subset_bool(NeoMutt->sub, "crypt_protected_headers_write");
  if (c_crypt_protected_headers_write)
  {
    const bool c_devel_security = cs_subset_bool(NeoMutt->sub, "devel_security");
    struct Envelope *protected_headers = mutt_env_new();
    mutt_env_set_subject(protected_headers, e->env->subject);
    if (c_devel_security)
    {
      mutt_addrlist_copy(&protected_headers->return_path, &e->env->return_path, false);
      mutt_addrlist_copy(&protected_headers->from, &e->env->from, false);
      mutt_addrlist_copy(&protected_headers->to, &e->env->to, false);
      mutt_addrlist_copy(&protected_headers->cc, &e->env->cc, false);
      mutt_addrlist_copy(&protected_headers->sender, &e->env->sender, false);
      mutt_addrlist_copy(&protected_headers->reply_to, &e->env->reply_to, false);
      mutt_addrlist_copy(&protected_headers->mail_followup_to,
                         &e->env->mail_followup_to, false);
      mutt_addrlist_copy(&protected_headers->x_original_to, &e->env->x_original_to, false);
      mutt_str_replace(&protected_headers->message_id, e->env->message_id);
      mutt_list_copy_tail(&protected_headers->references, &e->env->references);
      mutt_list_copy_tail(&protected_headers->in_reply_to, &e->env->in_reply_to);
      mutt_env_to_intl(protected_headers, NULL, NULL);
    }
    mutt_prepare_envelope(protected_headers, 0, NeoMutt->sub);
 
    mutt_env_free(&e->body->mime_headers);
    e->body->mime_headers = protected_headers;
    mutt_param_set(&e->body->parameter, "protected-headers", "v1");
  }
 
#ifdef USE_AUTOCRYPT
  /* A note about e->body->mime_headers.  If postpone or send
   * fails, the mime_headers is cleared out before returning to the
   * compose menu.  So despite the "robustness" code above and in the
   * gen_gossip_list function below, mime_headers will not be set when
   * entering mutt_protect().
   *
   * This is important to note because the user could toggle
   * $crypt_protected_headers_write or $autocrypt off back in the
   * compose menu.  We don't want mutt_rfc822_write_header() to write
   * stale data from one option if the other is set.
   */
  const bool c_autocrypt = cs_subset_bool(NeoMutt->sub, "autocrypt");
  if (c_autocrypt && !postpone && (security & SEC_AUTOCRYPT))
  {
    mutt_autocrypt_generate_gossip_list(e);
  }
#endif
 
  if (sign)
  {
    if (((WithCrypto & APPLICATION_SMIME) != 0) && (security & APPLICATION_SMIME))
    {
      tmp_pbody = crypt_smime_sign_message(e->body, &e->env->from);
      if (!tmp_pbody)
        goto bail;
      pbody = tmp_pbody;
      tmp_smime_pbody = tmp_pbody;
    }
 
    const bool c_pgp_retainable_sigs = cs_subset_bool(NeoMutt->sub, "pgp_retainable_sigs");
    if (((WithCrypto & APPLICATION_PGP) != 0) && (security & APPLICATION_PGP) &&
        (!(security & (SEC_ENCRYPT | SEC_AUTOCRYPT)) || c_pgp_retainable_sigs))
    {
      tmp_pbody = crypt_pgp_sign_message(e->body, &e->env->from);
      if (!tmp_pbody)
        goto bail;
 
      has_retainable_sig = true;
      sign = SEC_NO_FLAGS;
      pbody = tmp_pbody;
      tmp_pgp_pbody = tmp_pbody;
    }
  }
 
  if (security & (SEC_ENCRYPT | SEC_AUTOCRYPT))
  {
    if (((WithCrypto & APPLICATION_SMIME) != 0) && (security & APPLICATION_SMIME))
    {
      tmp_pbody = crypt_smime_build_smime_entity(tmp_smime_pbody, keylist);
      if (!tmp_pbody)
      {
        /* signed ? free it! */
        goto bail;
      }
      /* free tmp_body if messages was signed AND encrypted ... */
      if ((tmp_smime_pbody != e->body) && (tmp_smime_pbody != tmp_pbody))
      {
        /* detach and don't delete e->body,
         * which tmp_smime_pbody->parts after signing. */
        tmp_smime_pbody->parts = tmp_smime_pbody->parts->next;
        e->body->next = NULL;
        mutt_body_free(&tmp_smime_pbody);
      }
      pbody = tmp_pbody;
    }
 
    if (((WithCrypto & APPLICATION_PGP) != 0) && (security & APPLICATION_PGP))
    {
      pbody = crypt_pgp_encrypt_message(e, tmp_pgp_pbody, keylist, sign, &e->env->from);
      if (!pbody)
      {
        /* did we perform a retainable signature? */
        if (has_retainable_sig)
        {
          /* remove the outer multipart layer */
          tmp_pgp_pbody = mutt_remove_multipart(tmp_pgp_pbody);
          /* get rid of the signature */
          mutt_body_free(&tmp_pgp_pbody->next);
        }
 
        goto bail;
      }
 
      // destroy temporary signature envelope when doing retainable signatures.
      if (has_retainable_sig)
      {
        tmp_pgp_pbody = mutt_remove_multipart(tmp_pgp_pbody);
        mutt_body_free(&tmp_pgp_pbody->next);
      }
    }
  }
 
  if (pbody)
  {
    e->body = pbody;
    return 0;
  }
 
bail:
  mutt_env_free(&e->body->mime_headers);
  mutt_param_delete(&e->body->parameter, "protected-headers");
  return -1;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_should_hide_protected_subject()

bool mutt_should_hide_protected_subject

(

struct Email *

e

)

Should NeoMutt hide the protected subject?

Parameters

e	Email to test

Return values

true	The subject should be protected

Definition at line 1105 of file crypt.c.

{
  const bool c_crypt_protected_headers_write = cs_subset_bool(NeoMutt->sub, "crypt_protected_headers_write");
  const char *const c_crypt_protected_headers_subject =
      cs_subset_string(NeoMutt->sub, "crypt_protected_headers_subject");
  if (c_crypt_protected_headers_write && (e->security & (SEC_ENCRYPT | SEC_AUTOCRYPT)) &&
      !(e->security & SEC_INLINE) && c_crypt_protected_headers_subject)
  {
    return true;
  }
 
  return false;
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_cleanup()

void crypt_cleanup

(

void

)

Clean up backend.

Definition at line 146 of file cryptglue.c.

{
  if (CRYPT_MOD_CALL_CHECK(PGP, cleanup))
    (CRYPT_MOD_CALL(PGP, cleanup))();
 
  if (CRYPT_MOD_CALL_CHECK(SMIME, cleanup))
    (CRYPT_MOD_CALL(SMIME, cleanup))();
 
#ifdef CRYPT_BACKEND_CLASSIC_PGP
  pgp_id_defaults_cleanup();
#endif
 
#ifdef CRYPT_BACKEND_GPGME
  gpgme_id_defaults_cleanup();
#endif
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_has_module_backend()

bool crypt_has_module_backend

(

SecurityFlags

type

)

Is there a crypto backend for a given type?

Parameters

type	Crypto type, see SecurityFlags

Return values

true	Backend is present
false	Backend is not present

Definition at line 183 of file cryptglue.c.

{
  if (((WithCrypto & APPLICATION_PGP) != 0) && (type & APPLICATION_PGP) &&
      crypto_module_lookup(APPLICATION_PGP))
  {
    return true;
  }
 
  if (((WithCrypto & APPLICATION_SMIME) != 0) && (type & APPLICATION_SMIME) &&
      crypto_module_lookup(APPLICATION_SMIME))
  {
    return true;
  }
 
  return false;
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_init()

void crypt_init

(

void

)

Initialise the crypto backends.

This calls CryptModuleSpecs::init()

Definition at line 98 of file cryptglue.c.

{
#ifdef CRYPT_BACKEND_GPGME
  const bool c_crypt_use_gpgme = cs_subset_bool(NeoMutt->sub, "crypt_use_gpgme");
#endif
#ifdef CRYPT_BACKEND_CLASSIC_PGP
  if (
#ifdef CRYPT_BACKEND_GPGME
      (!c_crypt_use_gpgme)
#else
      1
#endif
  )
    crypto_module_register(&CryptModPgpClassic);
#endif
 
#ifdef CRYPT_BACKEND_CLASSIC_SMIME
  if (
#ifdef CRYPT_BACKEND_GPGME
      (!c_crypt_use_gpgme)
#else
      1
#endif
  )
    crypto_module_register(&CryptModSmimeClassic);
#endif
 
#ifdef CRYPT_BACKEND_GPGME
  if (c_crypt_use_gpgme)
  {
    crypto_module_register(&CryptModPgpGpgme);
    crypto_module_register(&CryptModSmimeGpgme);
  }
#endif
 
#if defined(CRYPT_BACKEND_CLASSIC_PGP) ||                                      \
    defined(CRYPT_BACKEND_CLASSIC_SMIME) || defined(CRYPT_BACKEND_GPGME)
  if (CRYPT_MOD_CALL_CHECK(PGP, init))
    CRYPT_MOD_CALL(PGP, init)();
 
  if (CRYPT_MOD_CALL_CHECK(SMIME, init))
    CRYPT_MOD_CALL(SMIME, init)();
#endif
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_invoke_message()

void crypt_invoke_message

(

SecurityFlags

type

)

Display an informative message.

Parameters

type	Crypto type, see SecurityFlags

Show a message that a backend will be invoked.

Definition at line 169 of file cryptglue.c.

{
  if (((WithCrypto & APPLICATION_PGP) != 0) && (type & APPLICATION_PGP))
    mutt_message(_("Invoking PGP..."));
  else if (((WithCrypto & APPLICATION_SMIME) != 0) && (type & APPLICATION_SMIME))
    mutt_message(_("Invoking S/MIME..."));
}

Here is the caller graph for this function:

crypt_pgp_check_traditional()

bool crypt_pgp_check_traditional	(	FILE *	fp,
		struct Body *	b,
		bool	just_one )

Wrapper for CryptModuleSpecs::pgp_check_traditional()

Definition at line 295 of file cryptglue.c.

{
  if (CRYPT_MOD_CALL_CHECK(PGP, pgp_check_traditional))
    return CRYPT_MOD_CALL(PGP, pgp_check_traditional)(fp, b, just_one);
 
  return false;
}

Here is the caller graph for this function:

crypt_pgp_decrypt_mime()

int crypt_pgp_decrypt_mime	(	FILE *	fp_in,
		FILE **	fp_out,
		struct Body *	b,
		struct Body **	b_dec )

Wrapper for CryptModuleSpecs::decrypt_mime()

Definition at line 223 of file cryptglue.c.

{
#ifdef USE_AUTOCRYPT
  const bool c_autocrypt = cs_subset_bool(NeoMutt->sub, "autocrypt");
  if (c_autocrypt)
  {
    OptAutocryptGpgme = true;
    int result = pgp_gpgme_decrypt_mime(fp_in, fp_out, b, b_dec);
    OptAutocryptGpgme = false;
    if (result == 0)
    {
      b->is_autocrypt = true;
      return result;
    }
  }
#endif
 
  if (CRYPT_MOD_CALL_CHECK(PGP, decrypt_mime))
    return CRYPT_MOD_CALL(PGP, decrypt_mime)(fp_in, fp_out, b, b_dec);
 
  return -1;
}

Here is the call graph for this function:

Here is the caller graph for this function:

crypt_pgp_extract_key_from_attachment()

void crypt_pgp_extract_key_from_attachment	(	FILE *	fp,
		struct Body *	b )

Wrapper for CryptModuleSpecs::pgp_extract_key_from_attachment()

Definition at line 407 of file cryptglue.c.

{
  if (CRYPT_MOD_CALL_CHECK(PGP, pgp_extract_key_from_attachment))
    CRYPT_MOD_CALL(PGP, pgp_extract_key_from_attachment)(fp, b);
}

Here is the caller graph for this function:

crypt_pgp_invoke_getkeys()

void crypt_pgp_invoke_getkeys

(

struct Address *

addr

)

Wrapper for CryptModuleSpecs::pgp_invoke_getkeys()

Definition at line 286 of file cryptglue.c.

{
  if (CRYPT_MOD_CALL_CHECK(PGP, pgp_invoke_getkeys))
    CRYPT_MOD_CALL(PGP, pgp_invoke_getkeys)(addr);
}

Here is the caller graph for this function:

crypt_pgp_make_key_attachment()

struct Body * crypt_pgp_make_key_attachment

(

void

)

Wrapper for CryptModuleSpecs::pgp_make_key_attachment()

Definition at line 317 of file cryptglue.c.

{
  if (CRYPT_MOD_CALL_CHECK(PGP, pgp_make_key_attachment))
    return CRYPT_MOD_CALL(PGP, pgp_make_key_attachment)();
 
  return NULL;
}

Here is the caller graph for this function:

crypt_pgp_send_menu()

SecurityFlags crypt_pgp_send_menu

(

struct Email *

e

)

Wrapper for CryptModuleSpecs::send_menu()

Definition at line 396 of file cryptglue.c.

{
  if (CRYPT_MOD_CALL_CHECK(PGP, send_menu))
    return CRYPT_MOD_CALL(PGP, send_menu)(e);
 
  return 0;
}

Here is the caller graph for this function:

crypt_smime_decrypt_mime()

int crypt_smime_decrypt_mime	(	FILE *	fp_in,
		FILE **	fp_out,
		struct Body *	b,
		struct Body **	b_dec )

Wrapper for CryptModuleSpecs::decrypt_mime()

Definition at line 445 of file cryptglue.c.

{
  if (CRYPT_MOD_CALL_CHECK(SMIME, decrypt_mime))
    return CRYPT_MOD_CALL(SMIME, decrypt_mime)(fp_in, fp_out, b, b_dec);
 
  return -1;
}

Here is the caller graph for this function:

crypt_smime_getkeys()

void crypt_smime_getkeys

(

struct Envelope *

env

)

Wrapper for CryptModuleSpecs::smime_getkeys()

Definition at line 467 of file cryptglue.c.

{
  if (CRYPT_MOD_CALL_CHECK(SMIME, smime_getkeys))
    CRYPT_MOD_CALL(SMIME, smime_getkeys)(env);
}

Here is the caller graph for this function:

crypt_smime_send_menu()

SecurityFlags crypt_smime_send_menu

(

struct Email *

e

)

Wrapper for CryptModuleSpecs::send_menu()

Definition at line 540 of file cryptglue.c.

{
  if (CRYPT_MOD_CALL_CHECK(SMIME, send_menu))
    return CRYPT_MOD_CALL(SMIME, send_menu)(e);
 
  return 0;
}

Here is the caller graph for this function:

crypt_smime_verify_sender()

int crypt_smime_verify_sender	(	struct Email *	e,
		struct Message *	msg )

Wrapper for CryptModuleSpecs::smime_verify_sender()

Definition at line 476 of file cryptglue.c.

{
  if (CRYPT_MOD_CALL_CHECK(SMIME, smime_verify_sender))
    return CRYPT_MOD_CALL(SMIME, smime_verify_sender)(e, msg);
 
  return 1;
}

Here is the caller graph for this function:

crypto_module_cleanup()

void crypto_module_cleanup

(

void

)

Clean up the crypto modules.

Definition at line 73 of file crypt_mod.c.

{
  struct NcryptModuleData *mod_data = neomutt_get_module_data(NeoMutt, MODULE_ID_NCRYPT);
  struct CryptModule *np = NULL, *tmp = NULL;
  STAILQ_FOREACH_SAFE(np, &mod_data->crypt_modules, entries, tmp)
  {
    STAILQ_REMOVE(&mod_data->crypt_modules, np, CryptModule, entries);
    FREE(&np);
  }
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_gpgme_select_secret_key()

int mutt_gpgme_select_secret_key

(

struct Buffer *

keyid

)

Select a private Autocrypt key for a new account.

Parameters

keyid

Autocrypt Key id

Return values

0	Success
-1	Error

Unfortunately, the internal ncrypt/crypt_gpgme.c functions use CryptKeyInfo, and so aren't exportable.

This function queries all private keys, provides the crypt_select_keys() menu, and returns the selected key fingerprint in keyid.

Definition at line 3701 of file crypt_gpgme.c.

{
  int rc = -1;
  gpgme_error_t err = GPG_ERR_NO_ERROR;
  gpgme_key_t key = NULL;
  gpgme_user_id_t uid = NULL;
  struct CryptKeyInfo *results = NULL, *k = NULL;
  struct CryptKeyInfo **kend = NULL;
  struct CryptKeyInfo *choice = NULL;
 
  gpgme_ctx_t ctx = create_gpgme_context(false);
 
  /* list all secret keys */
  if (gpgme_op_keylist_start(ctx, NULL, 1))
    goto cleanup;
 
  kend = &results;
 
  while ((err = gpgme_op_keylist_next(ctx, &key)) == GPG_ERR_NO_ERROR)
  {
    KeyFlags flags = KEYFLAG_NO_FLAGS;
 
    if (key_check_cap(key, KEY_CAP_CAN_ENCRYPT))
      flags |= KEYFLAG_CANENCRYPT;
    if (key_check_cap(key, KEY_CAP_CAN_SIGN))
      flags |= KEYFLAG_CANSIGN;
 
    if (key->revoked)
      flags |= KEYFLAG_REVOKED;
    if (key->expired)
      flags |= KEYFLAG_EXPIRED;
    if (key->disabled)
      flags |= KEYFLAG_DISABLED;
 
    int idx;
    for (idx = 0, uid = key->uids; uid; idx++, uid = uid->next)
    {
      k = MUTT_MEM_CALLOC(1, struct CryptKeyInfo);
      k->kobj = key;
      gpgme_key_ref(k->kobj);
      k->idx = idx;
      k->uid = uid->uid;
      k->flags = flags;
      if (uid->revoked)
        k->flags |= KEYFLAG_REVOKED;
      k->validity = uid->validity;
      *kend = k;
      kend = &k->next;
    }
    gpgme_key_unref(key);
  }
  if (gpg_err_code(err) != GPG_ERR_EOF)
    mutt_error(_("gpgme_op_keylist_next failed: %s"), gpgme_strerror(err));
  gpgme_op_keylist_end(ctx);
 
  if (!results)
  {
    /* L10N: mutt_gpgme_select_secret_key() tries to list all secret keys to choose
       from.  This error is displayed if no results were found.  */
    mutt_error(_("No secret keys found"));
    goto cleanup;
  }
 
  choice = dlg_gpgme(results, NULL, "*", APPLICATION_PGP, NULL);
  if (!(choice && choice->kobj && choice->kobj->subkeys && choice->kobj->subkeys->fpr))
    goto cleanup;
  buf_strcpy(keyid, choice->kobj->subkeys->fpr);
 
  rc = 0;
 
cleanup:
  crypt_key_free(&choice);
  crypt_key_free(&results);
  gpgme_release(ctx);
  return rc;
}

Here is the call graph for this function:

Here is the caller graph for this function:

mutt_gpgme_print_version()

const char * mutt_gpgme_print_version

(

void

)

Get version of GPGME.

Return values

ptr	GPGME version string

Definition at line 4181 of file crypt_gpgme.c.

{
  return GPGME_VERSION;
}

Here is the caller graph for this function: