2 * Copyright (C) 1996,1997 Michael R. Elkins <me@mutt.org>
3 * Copyright (c) 1998,1999 Thomas Roessler <roessler@does-not-exist.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
21 * This file contains all of the PGP routines necessary to sign, encrypt,
22 * verify and decrypt PGP messages in either the new PGP/MIME format, or
23 * in the older Application/Pgp format. It also contains some code to
24 * cache the user's passphrase for repeat use when decrypting or signing
29 #include "mutt_curses.h"
46 #ifdef HAVE_SYS_TIME_H
47 # include <sys/time.h>
50 #ifdef HAVE_SYS_RESOURCE_H
51 # include <sys/resource.h>
54 #ifdef CRYPT_BACKEND_CLASSIC_PGP
56 #include "mutt_crypt.h"
61 time_t PgpExptime = 0; /* when does the cached passphrase expire? */
63 void pgp_void_passphrase (void)
65 memset (PgpPass, 0, sizeof (PgpPass));
70 void pgp_forget_passphrase (void)
72 pgp_void_passphrase ();
73 mutt_message _("PGP passphrase forgotten.");
76 int pgp_use_gpg_agent (void)
78 return option (OPTUSEGPGAGENT) && getenv ("GPG_TTY") && getenv ("GPG_AGENT_INFO");
81 char *pgp_keyid(pgp_key_t k)
83 if((k->flags & KEYFLAG_SUBKEY) && k->parent && option(OPTPGPIGNORESUB))
89 char *_pgp_keyid(pgp_key_t k)
91 if(option(OPTPGPLONGIDS))
94 return (k->keyid + 8);
97 /* ----------------------------------------------------------------------------
98 * Routines for handing PGP input.
103 /* Copy PGP output messages and look for signs of a good signature */
105 static int pgp_copy_checksig (FILE *fpin, FILE *fpout)
109 if (PgpGoodSign.pattern)
115 while ((line = mutt_read_line (line, &linelen, fpin, &lineno)) != NULL)
117 if (regexec (PgpGoodSign.rx, line, 0, NULL, 0) == 0)
119 dprint (2, (debugfile, "pgp_copy_checksig: \"%s\" matches regexp.\n",
124 dprint (2, (debugfile, "pgp_copy_checksig: \"%s\" doesn't match regexp.\n",
134 dprint (2, (debugfile, "pgp_copy_checksig: No pattern.\n"));
135 mutt_copy_stream (fpin, fpout);
143 * Copy a clearsigned message, and strip the signature and PGP's
146 * XXX - charset handling: We assume that it is safe to do
147 * character set decoding first, dash decoding second here, while
148 * we do it the other way around in the main handler.
150 * (Note that we aren't worse than Outlook &c in this, and also
151 * note that we can successfully handle anything produced by any
152 * existing versions of mutt.)
155 static void pgp_copy_clearsigned (FILE *fpin, STATE *s, char *charset)
157 char buf[HUGE_STRING];
158 short complete, armor_header;
164 fc = fgetconv_open (fpin, charset, Charset, M_ICONV_HOOK_FROM);
166 for (complete = 1, armor_header = 1;
167 fgetconvs (buf, sizeof (buf), fc) != NULL;
168 complete = strchr (buf, '\n') != NULL)
177 if (mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n") == 0)
188 state_puts (s->prefix, s);
190 if (buf[0] == '-' && buf[1] == ' ')
191 state_puts (buf + 2, s);
196 fgetconv_close (&fc);
200 /* Support for the Application/PGP Content Type. */
202 void pgp_application_pgp_handler (BODY *m, STATE *s)
204 int needpass = -1, pgp_keyblock = 0;
205 int clearsign = 0, rv, rc;
207 long bytes, last_pos, offset;
208 char buf[HUGE_STRING];
209 char outfile[_POSIX_PATH_MAX];
210 char tmpfname[_POSIX_PATH_MAX];
211 FILE *pgpout = NULL, *pgpin = NULL, *pgperr = NULL;
215 short maybe_goodsig = 1;
216 short have_any_sigs = 0;
218 char body_charset[STRING];
219 mutt_get_body_charset (body_charset, sizeof (body_charset), m);
221 fseek (s->fpin, m->offset, 0);
222 last_pos = m->offset;
224 for (bytes = m->length; bytes > 0;)
226 if (fgets (buf, sizeof (buf), s->fpin) == NULL)
229 offset = ftell (s->fpin);
230 bytes -= (offset - last_pos); /* don't rely on mutt_strlen(buf) */
233 if (mutt_strncmp ("-----BEGIN PGP ", buf, 15) == 0)
236 start_pos = last_pos;
238 if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0)
240 else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0)
245 else if (!option (OPTDONTHANDLEPGPKEYS) &&
246 mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) == 0)
253 /* XXX - we may wish to recode here */
255 state_puts (s->prefix, s);
260 have_any_sigs = have_any_sigs || (clearsign && (s->flags & M_VERIFY));
262 /* Copy PGP material to temporary file */
263 mutt_mktemp (tmpfname);
264 if ((tmpfp = safe_fopen (tmpfname, "w+")) == NULL)
266 mutt_perror (tmpfname);
271 while (bytes > 0 && fgets (buf, sizeof (buf) - 1, s->fpin) != NULL)
273 offset = ftell (s->fpin);
274 bytes -= (offset - last_pos); /* don't rely on mutt_strlen(buf) */
279 if ((needpass && mutt_strcmp ("-----END PGP MESSAGE-----\n", buf) == 0) ||
281 && (mutt_strcmp ("-----END PGP SIGNATURE-----\n", buf) == 0
282 || mutt_strcmp ("-----END PGP PUBLIC KEY BLOCK-----\n",buf) == 0)))
286 /* leave tmpfp open in case we still need it - but flush it! */
290 /* Invoke PGP if needed */
291 if (!clearsign || (s->flags & M_VERIFY))
293 mutt_mktemp (outfile);
294 if ((pgpout = safe_fopen (outfile, "w+")) == NULL)
296 mutt_perror (tmpfname);
300 if ((thepid = pgp_invoke_decode (&pgpin, NULL, &pgperr, -1,
301 fileno (pgpout), -1, tmpfname,
304 safe_fclose (&pgpout);
308 state_attach_puts (_("[-- Error: unable to create PGP subprocess! --]\n"), s);
310 else /* PGP started successfully */
314 if (!pgp_valid_passphrase ()) pgp_void_passphrase();
315 if (pgp_use_gpg_agent())
317 fprintf (pgpin, "%s\n", PgpPass);
320 safe_fclose (&pgpin);
322 if (s->flags & M_DISPLAY)
324 crypt_current_time (s, "PGP");
325 rc = pgp_copy_checksig (pgperr, s->fpout);
328 safe_fclose (&pgperr);
329 rv = mutt_wait_filter (thepid);
331 if (s->flags & M_DISPLAY)
333 if (rc == 0) have_any_sigs = 1;
334 if (rc || rv) maybe_goodsig = 0;
336 state_putc ('\n', s);
337 state_attach_puts (_("[-- End of PGP output --]\n\n"), s);
344 * Now, copy cleartext to the screen. NOTE - we expect that PGP
345 * outputs utf-8 cleartext. This may not always be true, but it
346 * seems to be a reasonable guess.
349 if(s->flags & M_DISPLAY)
352 state_attach_puts (_("[-- BEGIN PGP MESSAGE --]\n\n"), s);
353 else if (pgp_keyblock)
354 state_attach_puts (_("[-- BEGIN PGP PUBLIC KEY BLOCK --]\n"), s);
356 state_attach_puts (_("[-- BEGIN PGP SIGNED MESSAGE --]\n\n"), s);
363 pgp_copy_clearsigned (tmpfp, s, body_charset);
370 state_set_prefix (s);
371 fc = fgetconv_open (pgpout, "utf-8", Charset, 0);
372 while ((c = fgetconv (fc)) != EOF)
373 state_prefix_putc (c, s);
374 fgetconv_close (&fc);
377 if (s->flags & M_DISPLAY)
379 state_putc ('\n', s);
381 state_attach_puts (_("[-- END PGP MESSAGE --]\n"), s);
382 else if (pgp_keyblock)
383 state_attach_puts (_("[-- END PGP PUBLIC KEY BLOCK --]\n"), s);
385 state_attach_puts (_("[-- END PGP SIGNED MESSAGE --]\n"), s);
390 safe_fclose (&tmpfp);
391 mutt_unlink (tmpfname);
395 safe_fclose (&pgpout);
396 mutt_unlink (outfile);
401 /* XXX - we may wish to recode here */
403 state_puts (s->prefix, s);
408 m->goodsig = (maybe_goodsig && have_any_sigs);
412 state_attach_puts (_("[-- Error: could not find beginning of PGP message! --]\n\n"), s);
417 static int pgp_check_traditional_one_body (FILE *fp, BODY *b, int tagged_only)
419 char tempfile[_POSIX_PATH_MAX];
420 char buf[HUGE_STRING];
427 if (b->type != TYPETEXT)
430 if (tagged_only && !b->tagged)
433 mutt_mktemp (tempfile);
434 if (mutt_decode_save_attachment (fp, b, tempfile, 0, 0) != 0)
440 if ((tfp = fopen (tempfile, "r")) == NULL)
446 while (fgets (buf, sizeof (buf), tfp))
448 if (mutt_strncmp ("-----BEGIN PGP ", buf, 15) == 0)
450 if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0)
452 else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0)
454 else if (mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) == 0)
461 if (!enc && !sgn && !key)
464 /* fix the content type */
466 mutt_set_parameter ("format", "fixed", &b->parameter);
468 mutt_set_parameter ("x-action", "pgp-encrypted", &b->parameter);
470 mutt_set_parameter ("x-action", "pgp-signed", &b->parameter);
472 mutt_set_parameter ("x-action", "pgp-keys", &b->parameter);
477 int pgp_check_traditional (FILE *fp, BODY *b, int tagged_only)
481 for (; b; b = b->next)
483 if (is_multipart (b))
484 rv = pgp_check_traditional (fp, b->parts, tagged_only) || rv;
485 else if (b->type == TYPETEXT)
487 if ((r = mutt_is_application_pgp (b)))
490 rv = pgp_check_traditional_one_body (fp, b, tagged_only) || rv;
501 int pgp_verify_one (BODY *sigbdy, STATE *s, const char *tempfile)
503 char sigfile[_POSIX_PATH_MAX], pgperrfile[_POSIX_PATH_MAX];
504 FILE *fp, *pgpout, *pgperr;
509 snprintf (sigfile, sizeof (sigfile), "%s.asc", tempfile);
511 if(!(fp = safe_fopen (sigfile, "w")))
513 mutt_perror(sigfile);
517 fseek (s->fpin, sigbdy->offset, 0);
518 mutt_copy_bytes (s->fpin, fp, sigbdy->length);
521 mutt_mktemp(pgperrfile);
522 if(!(pgperr = safe_fopen(pgperrfile, "w+")))
524 mutt_perror(pgperrfile);
529 crypt_current_time (s, "PGP");
531 if((thepid = pgp_invoke_verify (NULL, &pgpout, NULL,
532 -1, -1, fileno(pgperr),
533 tempfile, sigfile)) != -1)
535 if (pgp_copy_checksig (pgpout, s->fpout) >= 0)
539 safe_fclose (&pgpout);
543 if (pgp_copy_checksig (pgperr, s->fpout) >= 0)
546 if ((rv = mutt_wait_filter (thepid)))
549 dprint (1, (debugfile, "pgp_verify_one: mutt_wait_filter returned %d.\n", rv));
552 safe_fclose (&pgperr);
554 state_attach_puts (_("[-- End of PGP output --]\n\n"), s);
556 mutt_unlink (sigfile);
557 mutt_unlink (pgperrfile);
559 dprint (1, (debugfile, "pgp_verify_one: returning %d.\n", badsig));
565 /* Extract pgp public keys from messages or attachments */
567 void pgp_extract_keys_from_messages (HEADER *h)
570 char tempfname[_POSIX_PATH_MAX];
575 mutt_parse_mime_message (Context, h);
576 if(h->security & PGPENCRYPT && !pgp_valid_passphrase ())
580 mutt_mktemp (tempfname);
581 if (!(fpout = safe_fopen (tempfname, "w")))
583 mutt_perror (tempfname);
587 set_option (OPTDONTHANDLEPGPKEYS);
591 for (i = 0; i < Context->vcount; i++)
593 if (Context->hdrs[Context->v2r[i]]->tagged)
595 mutt_parse_mime_message (Context, Context->hdrs[Context->v2r[i]]);
596 if (Context->hdrs[Context->v2r[i]]->security & PGPENCRYPT
597 && !pgp_valid_passphrase())
602 mutt_copy_message (fpout, Context, Context->hdrs[Context->v2r[i]],
603 M_CM_DECODE|M_CM_CHARCONV, 0);
609 mutt_parse_mime_message (Context, h);
610 if (h->security & PGPENCRYPT && !pgp_valid_passphrase())
615 mutt_copy_message (fpout, Context, h, M_CM_DECODE|M_CM_CHARCONV, 0);
620 pgp_invoke_import (tempfname);
621 mutt_any_key_to_continue (NULL);
625 mutt_unlink (tempfname);
626 unset_option (OPTDONTHANDLEPGPKEYS);
630 static void pgp_extract_keys_from_attachment (FILE *fp, BODY *top)
634 char tempfname[_POSIX_PATH_MAX];
636 mutt_mktemp (tempfname);
637 if (!(tempfp = safe_fopen (tempfname, "w")))
639 mutt_perror (tempfname);
643 memset (&s, 0, sizeof (STATE));
648 mutt_body_handler (top, &s);
652 pgp_invoke_import (tempfname);
653 mutt_any_key_to_continue (NULL);
655 mutt_unlink (tempfname);
658 void pgp_extract_keys_from_attachment_list (FILE *fp, int tag, BODY *top)
662 mutt_error _("Internal error. Inform <roessler@does-not-exist.org>.");
667 set_option(OPTDONTHANDLEPGPKEYS);
669 for(; top; top = top->next)
671 if(!tag || top->tagged)
672 pgp_extract_keys_from_attachment (fp, top);
678 unset_option(OPTDONTHANDLEPGPKEYS);
681 BODY *pgp_decrypt_part (BODY *a, STATE *s, FILE *fpout, BODY *p)
683 char buf[LONG_STRING];
684 FILE *pgpin, *pgpout, *pgperr, *pgptmp;
688 char pgperrfile[_POSIX_PATH_MAX];
689 char pgptmpfile[_POSIX_PATH_MAX];
692 mutt_mktemp (pgperrfile);
693 if ((pgperr = safe_fopen (pgperrfile, "w+")) == NULL)
695 mutt_perror (pgperrfile);
700 mutt_mktemp (pgptmpfile);
701 if((pgptmp = safe_fopen (pgptmpfile, "w")) == NULL)
703 mutt_perror (pgptmpfile);
708 /* Position the stream at the beginning of the body, and send the data to
709 * the temporary file.
712 fseek (s->fpin, a->offset, 0);
713 mutt_copy_bytes (s->fpin, pgptmp, a->length);
716 if ((thepid = pgp_invoke_decrypt (&pgpin, &pgpout, NULL, -1, -1,
717 fileno (pgperr), pgptmpfile)) == -1)
721 if (s->flags & M_DISPLAY)
722 state_attach_puts (_("[-- Error: could not create a PGP subprocess! --]\n\n"), s);
726 /* send the PGP passphrase to the subprocess. Never do this if the
727 agent is active, because this might lead to a passphrase send as
729 if (!pgp_use_gpg_agent())
730 fputs (PgpPass, pgpin);
734 /* Read the output from PGP, and make sure to change CRLF to LF, otherwise
735 * read_mime_header has a hard time parsing the message.
737 while (fgets (buf, sizeof (buf) - 1, pgpout) != NULL)
739 len = mutt_strlen (buf);
740 if (len > 1 && buf[len - 2] == '\r')
741 strcpy (buf + len - 2, "\n"); /* __STRCPY_CHECKED__ */
746 mutt_wait_filter (thepid);
747 mutt_unlink(pgptmpfile);
749 if (s->flags & M_DISPLAY)
753 if (pgp_copy_checksig (pgperr, s->fpout) == 0 && p)
755 state_attach_puts (_("[-- End of PGP output --]\n\n"), s);
761 if ((tattach = mutt_read_mime_header (fpout, 0)) != NULL)
764 * Need to set the length of this body part.
766 fstat (fileno (fpout), &info);
767 tattach->length = info.st_size - tattach->offset;
769 /* See if we need to recurse on this MIME part. */
771 mutt_parse_part (fpout, tattach);
777 int pgp_decrypt_mime (FILE *fpin, FILE **fpout, BODY *b, BODY **cur)
779 char tempfile[_POSIX_PATH_MAX];
783 if(!mutt_is_multipart_encrypted(b))
786 if(!b->parts || !b->parts->next)
791 memset (&s, 0, sizeof (s));
793 mutt_mktemp (tempfile);
794 if ((*fpout = safe_fopen (tempfile, "w+")) == NULL)
796 mutt_perror (tempfile);
801 *cur = pgp_decrypt_part (b, &s, *fpout, p);
807 void pgp_encrypted_handler (BODY *a, STATE *s)
809 char tempfile[_POSIX_PATH_MAX];
815 if (!a || a->type != TYPEAPPLICATION || !a->subtype ||
816 ascii_strcasecmp ("pgp-encrypted", a->subtype) != 0 ||
817 !a->next || a->next->type != TYPEAPPLICATION || !a->next->subtype ||
818 ascii_strcasecmp ("octet-stream", a->next->subtype) != 0)
820 if (s->flags & M_DISPLAY)
821 state_attach_puts (_("[-- Error: malformed PGP/MIME message! --]\n\n"), s);
826 * Move forward to the application/pgp-encrypted body.
830 mutt_mktemp (tempfile);
831 if ((fpout = safe_fopen (tempfile, "w+")) == NULL)
833 if (s->flags & M_DISPLAY)
834 state_attach_puts (_("[-- Error: could not create temporary file! --]\n"), s);
838 if (s->flags & M_DISPLAY) crypt_current_time (s, "PGP");
840 if ((tattach = pgp_decrypt_part (a, s, fpout, p)) != NULL)
842 if (s->flags & M_DISPLAY)
843 state_attach_puts (_("[-- The following data is PGP/MIME encrypted --]\n\n"), s);
847 mutt_body_handler (tattach, s);
851 * if a multipart/signed is the _only_ sub-part of a
852 * multipart/encrypted, cache signature verification
857 if (mutt_is_multipart_signed (tattach) && !tattach->next)
858 p->goodsig |= tattach->goodsig;
860 if (s->flags & M_DISPLAY)
862 state_puts ("\n", s);
863 state_attach_puts (_("[-- End of PGP/MIME encrypted data --]\n"), s);
866 mutt_free_body (&tattach);
870 mutt_unlink(tempfile);
873 /* ----------------------------------------------------------------------------
874 * Routines for sending PGP/MIME messages.
878 BODY *pgp_sign_message (BODY *a)
881 char buffer[LONG_STRING];
882 char sigfile[_POSIX_PATH_MAX], signedfile[_POSIX_PATH_MAX];
883 FILE *pgpin, *pgpout, *pgperr, *fp, *sfp;
888 convert_to_7bit (a); /* Signed data _must_ be in 7-bit format. */
890 mutt_mktemp (sigfile);
891 if ((fp = safe_fopen (sigfile, "w")) == NULL)
896 mutt_mktemp (signedfile);
897 if ((sfp = safe_fopen(signedfile, "w")) == NULL)
899 mutt_perror(signedfile);
905 mutt_write_mime_header (a, sfp);
907 mutt_write_mime_body (a, sfp);
910 if ((thepid = pgp_invoke_sign (&pgpin, &pgpout, &pgperr,
911 -1, -1, -1, signedfile)) == -1)
913 mutt_perror _("Can't open PGP subprocess!");
920 if (!pgp_use_gpg_agent())
921 fputs(PgpPass, pgpin);
926 * Read back the PGP signature. Also, change MESSAGE=>SIGNATURE as
927 * recommended for future releases of PGP.
929 while (fgets (buffer, sizeof (buffer) - 1, pgpout) != NULL)
931 if (mutt_strcmp ("-----BEGIN PGP MESSAGE-----\n", buffer) == 0)
932 fputs ("-----BEGIN PGP SIGNATURE-----\n", fp);
933 else if (mutt_strcmp("-----END PGP MESSAGE-----\n", buffer) == 0)
934 fputs ("-----END PGP SIGNATURE-----\n", fp);
937 empty = 0; /* got some output, so we're ok */
940 /* check for errors from PGP */
942 while (fgets (buffer, sizeof (buffer) - 1, pgperr) != NULL)
945 fputs (buffer, stdout);
948 if(mutt_wait_filter (thepid) && option(OPTPGPCHECKEXIT))
955 if (fclose (fp) != 0)
957 mutt_perror ("fclose");
964 pgp_void_passphrase();
965 mutt_any_key_to_continue (NULL);
971 return (NULL); /* fatal error while signing */
974 t = mutt_new_body ();
975 t->type = TYPEMULTIPART;
976 t->subtype = safe_strdup ("signed");
977 t->encoding = ENC7BIT;
979 t->disposition = DISPINLINE;
981 mutt_generate_boundary (&t->parameter);
982 mutt_set_parameter ("protocol", "application/pgp-signature", &t->parameter);
983 mutt_set_parameter ("micalg", pgp_micalg (sigfile), &t->parameter);
988 t->parts->next = mutt_new_body ();
990 t->type = TYPEAPPLICATION;
991 t->subtype = safe_strdup ("pgp-signature");
992 t->filename = safe_strdup (sigfile);
994 t->disposition = DISPINLINE;
995 t->encoding = ENC7BIT;
996 t->unlink = 1; /* ok to remove this file after sending. */
1001 static short is_numerical_keyid (const char *s)
1003 /* or should we require the "0x"? */
1004 if (strncmp (s, "0x", 2) == 0)
1009 if (strchr ("0123456789ABCDEFabcdef", *s++) == NULL)
1015 /* This routine attempts to find the keyids of the recipients of a message.
1016 * It returns NULL if any of the keys can not be found.
1018 char *pgp_findKeys (ADDRESS *to, ADDRESS *cc, ADDRESS *bcc)
1020 char *keyID, *keylist = NULL, *t;
1021 size_t keylist_size = 0;
1022 size_t keylist_used = 0;
1023 ADDRESS *tmp = NULL, *addr = NULL;
1024 ADDRESS **last = &tmp;
1027 pgp_key_t k_info = NULL, key = NULL;
1029 const char *fqdn = mutt_fqdn (1);
1031 for (i = 0; i < 3; i++)
1035 case 0: p = to; break;
1036 case 1: p = cc; break;
1037 case 2: p = bcc; break;
1041 *last = rfc822_cpy_adr (p);
1043 last = &((*last)->next);
1047 rfc822_qualify (tmp, fqdn);
1049 tmp = mutt_remove_duplicates (tmp);
1051 for (p = tmp; p ; p = p->next)
1053 char buf[LONG_STRING];
1058 if ((keyID = mutt_crypt_hook (p)) != NULL)
1061 snprintf (buf, sizeof (buf), _("Use keyID = \"%s\" for %s?"), keyID, p->mailbox);
1062 if ((r = mutt_yesorno (buf, M_YES)) == M_YES)
1064 if (is_numerical_keyid (keyID))
1066 if (strncmp (keyID, "0x", 2) == 0)
1068 goto bypass_selection; /* you don't see this. */
1071 /* check for e-mail address */
1072 if ((t = strchr (keyID, '@')) &&
1073 (addr = rfc822_parse_adrlist (NULL, keyID)))
1075 if (fqdn) rfc822_qualify (addr, fqdn);
1079 k_info = pgp_getkeybystr (keyID, KEYFLAG_CANENCRYPT, PGP_PUBRING);
1084 rfc822_free_address (&tmp);
1085 rfc822_free_address (&addr);
1091 pgp_invoke_getkeys (q);
1093 if (k_info == NULL && (k_info = pgp_getkeybyaddr (q, KEYFLAG_CANENCRYPT, PGP_PUBRING)) == NULL)
1095 snprintf (buf, sizeof (buf), _("Enter keyID for %s: "), q->mailbox);
1097 if ((key = pgp_ask_for_key (buf, q->mailbox,
1098 KEYFLAG_CANENCRYPT, PGP_PUBRING)) == NULL)
1101 rfc822_free_address (&tmp);
1102 rfc822_free_address (&addr);
1109 keyID = pgp_keyid (key);
1112 keylist_size += mutt_strlen (keyID) + 4;
1113 safe_realloc (&keylist, keylist_size);
1114 sprintf (keylist + keylist_used, "%s0x%s", keylist_used ? " " : "", /* __SPRINTF_CHECKED__ */
1116 keylist_used = mutt_strlen (keylist);
1118 pgp_free_key (&key);
1119 rfc822_free_address (&addr);
1122 rfc822_free_address (&tmp);
1126 /* Warning: "a" is no longer freed in this routine, you need
1127 * to free it later. This is necessary for $fcc_attach. */
1129 BODY *pgp_encrypt_message (BODY *a, char *keylist, int sign)
1131 char buf[LONG_STRING];
1132 char tempfile[_POSIX_PATH_MAX], pgperrfile[_POSIX_PATH_MAX];
1133 char pgpinfile[_POSIX_PATH_MAX];
1134 FILE *pgpin, *pgperr, *fpout, *fptmp;
1140 mutt_mktemp (tempfile);
1141 if ((fpout = safe_fopen (tempfile, "w+")) == NULL)
1143 mutt_perror (tempfile);
1147 mutt_mktemp (pgperrfile);
1148 if ((pgperr = safe_fopen (pgperrfile, "w+")) == NULL)
1150 mutt_perror (pgperrfile);
1155 unlink (pgperrfile);
1157 mutt_mktemp(pgpinfile);
1158 if((fptmp = safe_fopen(pgpinfile, "w")) == NULL)
1160 mutt_perror(pgpinfile);
1168 convert_to_7bit (a);
1170 mutt_write_mime_header (a, fptmp);
1171 fputc ('\n', fptmp);
1172 mutt_write_mime_body (a, fptmp);
1175 if ((thepid = pgp_invoke_encrypt (&pgpin, NULL, NULL, -1,
1176 fileno (fpout), fileno (pgperr),
1177 pgpinfile, keylist, sign)) == -1)
1186 if (!pgp_use_gpg_agent())
1187 fputs (PgpPass, pgpin);
1188 fputc ('\n', pgpin);
1192 if(mutt_wait_filter (thepid) && option(OPTPGPCHECKEXIT))
1200 empty = (fgetc (fpout) == EOF);
1205 while (fgets (buf, sizeof (buf) - 1, pgperr) != NULL)
1208 fputs (buf, stdout);
1212 /* pause if there is any error output from PGP */
1214 mutt_any_key_to_continue (NULL);
1218 /* fatal error while trying to encrypt message */
1223 t = mutt_new_body ();
1224 t->type = TYPEMULTIPART;
1225 t->subtype = safe_strdup ("encrypted");
1226 t->encoding = ENC7BIT;
1228 t->disposition = DISPINLINE;
1230 mutt_generate_boundary(&t->parameter);
1231 mutt_set_parameter("protocol", "application/pgp-encrypted", &t->parameter);
1233 t->parts = mutt_new_body ();
1234 t->parts->type = TYPEAPPLICATION;
1235 t->parts->subtype = safe_strdup ("pgp-encrypted");
1236 t->parts->encoding = ENC7BIT;
1238 t->parts->next = mutt_new_body ();
1239 t->parts->next->type = TYPEAPPLICATION;
1240 t->parts->next->subtype = safe_strdup ("octet-stream");
1241 t->parts->next->encoding = ENC7BIT;
1242 t->parts->next->filename = safe_strdup (tempfile);
1243 t->parts->next->use_disp = 1;
1244 t->parts->next->disposition = DISPINLINE;
1245 t->parts->next->unlink = 1; /* delete after sending the message */
1246 t->parts->next->d_filename = safe_strdup ("msg.asc"); /* non pgp/mime can save */
1251 BODY *pgp_traditional_encryptsign (BODY *a, int flags, char *keylist)
1255 char pgpoutfile[_POSIX_PATH_MAX];
1256 char pgperrfile[_POSIX_PATH_MAX];
1257 char pgpinfile[_POSIX_PATH_MAX];
1259 char body_charset[STRING];
1261 const char *send_charset;
1263 FILE *pgpout = NULL, *pgperr = NULL, *pgpin = NULL;
1273 if (a->type != TYPETEXT)
1275 if (ascii_strcasecmp (a->subtype, "plain"))
1278 if ((fp = fopen (a->filename, "r")) == NULL)
1280 mutt_perror (a->filename);
1284 mutt_mktemp (pgpinfile);
1285 if ((pgpin = safe_fopen (pgpinfile, "w")) == NULL)
1287 mutt_perror (pgpinfile);
1292 /* The following code is really correct: If noconv is set,
1293 * a's charset parameter contains the on-disk character set, and
1294 * we have to convert from that to utf-8. If noconv is not set,
1295 * we have to convert from $charset to utf-8.
1298 mutt_get_body_charset (body_charset, sizeof (body_charset), a);
1300 from_charset = body_charset;
1302 from_charset = Charset;
1304 if (!mutt_is_us_ascii (body_charset))
1309 if (flags & ENCRYPT)
1310 send_charset = "us-ascii";
1312 send_charset = "utf-8";
1314 fc = fgetconv_open (fp, from_charset, "utf-8", M_ICONV_HOOK_FROM);
1315 while ((c = fgetconv (fc)) != EOF)
1318 fgetconv_close (&fc);
1322 send_charset = "us-ascii";
1323 mutt_copy_stream (fp, pgpin);
1328 mutt_mktemp (pgpoutfile);
1329 mutt_mktemp (pgperrfile);
1330 if ((pgpout = safe_fopen (pgpoutfile, "w+")) == NULL ||
1331 (pgperr = safe_fopen (pgperrfile, "w+")) == NULL)
1333 mutt_perror (pgpout ? pgperrfile : pgpoutfile);
1338 unlink (pgpoutfile);
1343 unlink (pgperrfile);
1345 if ((thepid = pgp_invoke_traditional (&pgpin, NULL, NULL,
1346 -1, fileno (pgpout), fileno (pgperr),
1347 pgpinfile, keylist, flags)) == -1)
1349 mutt_perror _("Can't invoke PGP");
1352 mutt_unlink (pgpinfile);
1353 unlink (pgpoutfile);
1357 if (pgp_use_gpg_agent())
1360 fprintf (pgpin, "%s\n", PgpPass);
1363 if(mutt_wait_filter (thepid) && option(OPTPGPCHECKEXIT))
1366 mutt_unlink (pgpinfile);
1375 empty = (fgetc (pgpout) == EOF);
1380 while (fgets (buff, sizeof (buff), pgperr))
1383 fputs (buff, stdout);
1389 mutt_any_key_to_continue (NULL);
1393 unlink (pgpoutfile);
1397 b = mutt_new_body ();
1399 b->encoding = ENC7BIT;
1402 b->subtype = safe_strdup ("plain");
1404 mutt_set_parameter ("x-action", flags & ENCRYPT ? "pgp-encrypted" : "pgp-signed",
1406 mutt_set_parameter ("charset", send_charset, &b->parameter);
1408 b->filename = safe_strdup (pgpoutfile);
1411 /* The following is intended to give a clue to some completely brain-dead
1412 * "mail environments" which are typically used by large corporations.
1415 b->d_filename = safe_strdup ("msg.pgp");
1420 b->disposition = DISPINLINE;
1426 if (!(flags & ENCRYPT))
1427 b->encoding = a->encoding;
1432 #endif /* CRYPT_BACKEND_CLASSIC_PGP */