~kevin8t8/mutt

mutt/mutt_crypt.h -rw-r--r-- 10.2 KiB
46f86782Kevin McCarthy Make some small fixes to the -nonotify commit. 6 days ago 
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
/*
 * Copyright (C) 2003 Werner Koch <wk@gnupg.org>
 * Copyright (C) 2004 g10code GmbH
 *
 *     This program is free software; you can redistribute it and/or modify
 *     it under the terms of the GNU General Public License as published by
 *     the Free Software Foundation; either version 2 of the License, or
 *     (at your option) any later version.
 *
 *     This program is distributed in the hope that it will be useful,
 *     but WITHOUT ANY WARRANTY; without even the implied warranty of
 *     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *     GNU General Public License for more details.
 *
 *     You should have received a copy of the GNU General Public License
 *     along with this program; if not, write to the Free Software
 *     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 */

/*
  Common definitions and prototypes for the crypt functions. They are
  all defined in crypt.c and cryptglue.c
*/

#ifndef MUTT_CRYPT_H
#define MUTT_CRYPT_H

#include "mutt.h"        /* Need this to declare BODY, ADDRESS. STATE etc. */
/* FIXME: They should be pointer to anonymous structures for better
   information hiding. */


/* NOTE: adding flags means HEADER.security bit width needs to be increased */
#define ENCRYPT    (1 << 0)
#define SIGN       (1 << 1)
#define GOODSIGN   (1 << 2)
#define BADSIGN    (1 << 3)
#define PARTSIGN   (1 << 4)
#define SIGNOPAQUE (1 << 5)
#define KEYBLOCK   (1 << 6) /* KEY too generic? */
#define INLINE     (1 << 7)
#define OPPENCRYPT (1 << 8) /* Opportunistic encrypt mode */
#define AUTOCRYPT  (1 << 9) /* Message will be, or was Autocrypt encrypt+signed */

#define AUTOCRYPT_OVERRIDE (1 << 10)  /* Indicates manual set/unset of encryption */

#define APPLICATION_PGP    (1 << 11)
#define APPLICATION_SMIME  (1 << 12)

#define PGP_TRADITIONAL_CHECKED (1 << 13)

#define PGPENCRYPT  (APPLICATION_PGP | ENCRYPT)
#define PGPSIGN     (APPLICATION_PGP | SIGN)
#define PGPGOODSIGN (APPLICATION_PGP | GOODSIGN)
#define PGPKEY      (APPLICATION_PGP | KEYBLOCK)
#define PGPINLINE   (APPLICATION_PGP | INLINE)

#define SMIMEENCRYPT  (APPLICATION_SMIME | ENCRYPT)
#define SMIMESIGN     (APPLICATION_SMIME | SIGN)
#define SMIMEGOODSIGN (APPLICATION_SMIME | GOODSIGN)
#define SMIMEBADSIGN  (APPLICATION_SMIME | BADSIGN)
#define SMIMEOPAQUE   (APPLICATION_SMIME | SIGNOPAQUE)


/* WITHCRYPTO actually replaces ifdefs so make the code more readable.
   Because it is defined as a constant and known at compile time, the
   compiler can do dead code elimination and thus it behaves
   effectively as a conditional compile directive. It is set to false
   if no crypto backend is configures or to a bit vector denoting the
   configured backends. */
#if (defined(CRYPT_BACKEND_CLASSIC_PGP) && defined(CRYPT_BACKEND_CLASSIC_SMIME)) || defined (CRYPT_BACKEND_GPGME)
# define WithCrypto (APPLICATION_PGP | APPLICATION_SMIME)
#elif defined(CRYPT_BACKEND_CLASSIC_PGP)
# define WithCrypto  APPLICATION_PGP
#elif defined(CRYPT_BACKEND_CLASSIC_SMIME)
# define WithCrypto  APPLICATION_SMIME
#else
# define WithCrypto 0
#endif


#define KEYFLAG_CANSIGN 		(1 <<  0)
#define KEYFLAG_CANENCRYPT 		(1 <<  1)
#define KEYFLAG_ISX509                  (1 <<  2)
#define KEYFLAG_SECRET			(1 <<  7)
#define KEYFLAG_EXPIRED 		(1 <<  8)
#define KEYFLAG_REVOKED 		(1 <<  9)
#define KEYFLAG_DISABLED 		(1 << 10)
#define KEYFLAG_SUBKEY 			(1 << 11)
#define KEYFLAG_CRITICAL 		(1 << 12)
#define KEYFLAG_PREFER_ENCRYPTION 	(1 << 13)
#define KEYFLAG_PREFER_SIGNING 		(1 << 14)

#define KEYFLAG_CANTUSE (KEYFLAG_DISABLED|KEYFLAG_REVOKED|KEYFLAG_EXPIRED)
#define KEYFLAG_RESTRICTIONS (KEYFLAG_CANTUSE|KEYFLAG_CRITICAL)

#define KEYFLAG_ABILITIES (KEYFLAG_CANSIGN|KEYFLAG_CANENCRYPT|KEYFLAG_PREFER_ENCRYPTION|KEYFLAG_PREFER_SIGNING)

enum pgp_ring
{
  PGP_PUBRING,
  PGP_SECRING
};
typedef enum pgp_ring pgp_ring_t;


struct pgp_keyinfo;
typedef struct pgp_keyinfo *pgp_key_t;



/* Some prototypes -- old crypt.h. */

int mutt_protect (SEND_CONTEXT *, char *, int);

int mutt_is_multipart_encrypted (BODY *);

int mutt_is_valid_multipart_pgp_encrypted (BODY *b);

int mutt_is_malformed_multipart_pgp_encrypted (BODY *b);

int mutt_is_multipart_signed (BODY *);

int mutt_is_application_pgp (BODY *);

int mutt_is_application_smime (BODY *);

int mutt_should_hide_protected_subject (HEADER *);

int mutt_protected_headers_handler (BODY *, STATE *);

int mutt_signed_handler (BODY *, STATE *);

int mutt_parse_crypt_hdr (const char *, int, int, SEND_CONTEXT *);


void convert_to_7bit (BODY *);



/*-- crypt.c --*/

/* Print the current time. */
void crypt_current_time(STATE *s, char *app_name);

/* Check out the type of encryption used and set the cached status
   values if there are any. */
int crypt_query (BODY *m);

/* Fixme: To be documented. */
void crypt_extract_keys_from_messages (HEADER *h);

/* Do a quick check to make sure that we can find all of the
   encryption keys if the user has requested this service.
   Return the list of keys in KEYLIST.
   If oppenc_mode is true, only keys that can be determined without
   prompting will be used.  */
int crypt_get_keys (HEADER *msg, char **keylist, int oppenc_mode);

/* Check if all recipients keys can be automatically determined.
 * Enable encryption if they can, otherwise disable encryption.  */
void crypt_opportunistic_encrypt(HEADER *msg);

/* Forget a passphrase and display a message. */
void crypt_forget_passphrase (void);

/* Check that we have a usable passphrase, ask if not. */
int crypt_valid_passphrase (int);

/* Write the message body/part A described by state S to a the given
   TEMPFILE.  */
int crypt_write_signed(BODY *a, STATE *s, const char *tempf);

/* Obtain pointers to fingerprint or short or long key ID, if any.

   Upon return, at most one of return, *ppl and *pps pointers is non-NULL,
   indicating the longest fingerprint or ID found, if any.

   Return:  Copy of fingerprint, if any, stripped of all spaces, else NULL.
            Must be FREE'd by caller.
   *pphint  Start of string to be passed to pgp_add_string_to_hints() or
            crypt_add_string_to_hints().
   *ppl     Start of long key ID if detected, else NULL.
   *pps     Start of short key ID if detected, else NULL. */
const char* crypt_get_fingerprint_or_id (char *p, const char **pphint,
                                         const char **ppl, const char **pps);

/* Check if a string contains a numerical key */
short crypt_is_numerical_keyid (const char *s);



/*-- cryptglue.c --*/

/* Show a message that a backend will be invoked. */
void crypt_invoke_message (int type);

/* Returns 1 if a module backend is registered for the type */
int crypt_has_module_backend (int type);


/* Silently forget about a passphrase. */
void crypt_pgp_void_passphrase (void);

int crypt_pgp_valid_passphrase (void);


/* Decrypt a PGP/MIME message. */
int crypt_pgp_decrypt_mime (FILE *a, FILE **b, BODY *c, BODY **d);

/* MIME handler for the application/pgp content-type. */
int crypt_pgp_application_pgp_handler (BODY *m, STATE *s);

/* MIME handler for an PGP/MIME encrypted message. */
int crypt_pgp_encrypted_handler (BODY *a, STATE *s);

/* fixme: needs documentation. */
void crypt_pgp_invoke_getkeys (ADDRESS *addr);

/* Ask for a PGP key. */
pgp_key_t crypt_pgp_ask_for_key (char *tag, char *whatfor,
                                 short abilities, pgp_ring_t keyring);

/* Check for a traditional PGP message in body B. */
int crypt_pgp_check_traditional (FILE *fp, BODY *b, int just_one);

/* fixme: needs documentation. */
BODY *crypt_pgp_traditional_encryptsign (BODY *a, int flags, char *keylist);

/* Release the PGP key KPP (note, that we pass a pointer to it). */
void crypt_pgp_free_key (pgp_key_t *kpp);

/* Generate a PGP public key attachment. */
BODY *crypt_pgp_make_key_attachment (void);

/* This routine attempts to find the keyids of the recipients of a
   message.  It returns NULL if any of the keys can not be found.
   If oppenc_mode is true, only keys that can be determined without
   prompting will be used.  */
char *crypt_pgp_findkeys (ADDRESS *adrlist, int oppenc_mode);

/* Create a new body with a PGP signed message from A. */
BODY *crypt_pgp_sign_message (BODY *a);

/* Warning: A is no longer freed in this routine, you need to free it
   later.  This is necessary for $fcc_attach. */
BODY *crypt_pgp_encrypt_message (HEADER *msg, BODY *a, char *keylist, int sign);

/* Invoke the PGP command to import a key. */
void crypt_pgp_invoke_import (const char *fname);

void crypt_pgp_send_menu (SEND_CONTEXT *sctx);

/* fixme: needs documentation */
int crypt_pgp_verify_one (BODY *sigbdy, STATE *s, const char *tempf);

/* Access the keyID in K. */
char *crypt_pgp_keyid (pgp_key_t k);

/* fixme: needs documentation */
void crypt_pgp_extract_keys_from_attachment_list (FILE *fp, int tag,BODY *top);

void crypt_pgp_set_sender (const char *sender);



/* Silently forget about a passphrase. */
void crypt_smime_void_passphrase (void);

int crypt_smime_valid_passphrase (void);

/* Decrypt an S/MIME message. */
int crypt_smime_decrypt_mime (FILE *a, FILE **b, BODY *c, BODY **d);

/* MIME handler for the application/smime content-type. */
int crypt_smime_application_smime_handler (BODY *m, STATE *s);

/* fixme: Needs documentation. */
void crypt_smime_getkeys (ENVELOPE *env);

/* Check that the sender matches. */
int crypt_smime_verify_sender(HEADER *h);

/* Ask for an SMIME key. */
char *crypt_smime_ask_for_key (char *prompt, char *mailbox, short public);

/* This routine attempts to find the keyids of the recipients of a
   message.  It returns NULL if any of the keys can not be found.
   If oppenc_mode is true, only keys that can be determined without
   prompting will be used.  */
char *crypt_smime_findkeys (ADDRESS *adrlist, int oppenc_mode);

/* fixme: Needs documentation. */
BODY *crypt_smime_sign_message (BODY *a);

/* fixme: needs documentation. */
BODY *crypt_smime_build_smime_entity (BODY *a, char *certlist);

/* Add a certificate and update index file (externally). */
void crypt_smime_invoke_import (const char *infile, const char *mailbox);

void crypt_smime_send_menu (SEND_CONTEXT *sctx);

void crypt_smime_set_sender (const char *sender);

/* fixme: needs documentation */
int crypt_smime_verify_one (BODY *sigbdy, STATE *s, const char *tempf);

void crypt_init (void);

void crypt_cleanup (void);

#endif /*MUTT_CRYPT_H*/