2 * Copyright notice from original mutt:
3 * Copyright (C) 1996,1997 Michael R. Elkins <me@mutt.org>
4 * Copyright (C) 1998,1999 Thomas Roessler <roessler@does-not-exist.org>
5 * Copyright (C) 2004 g10 Code GmbH
7 * This file is part of mutt-ng, see http://www.muttng.org/.
8 * It's licensed under the GNU General Public License,
9 * please see the file GPL in the top level source directory.
13 * This file contains all of the PGP routines necessary to sign, encrypt,
14 * verify and decrypt PGP messages in either the new PGP/MIME format, or
15 * in the older Application/Pgp format. It also contains some code to
16 * cache the user's passphrase for repeat use when decrypting or signing
28 #include "mutt_curses.h"
37 #include "lib/debug.h"
51 #ifdef HAVE_SYS_TIME_H
52 # include <sys/time.h>
55 #ifdef HAVE_SYS_RESOURCE_H
56 # include <sys/resource.h>
59 #ifdef CRYPT_BACKEND_CLASSIC_PGP
61 #include "mutt_crypt.h"
62 #include "mutt_menu.h"
65 char PgpPass[LONG_STRING];
66 time_t PgpExptime = 0; /* when does the cached passphrase expire? */
68 void pgp_void_passphrase (void)
70 memset (PgpPass, 0, sizeof (PgpPass));
74 int pgp_valid_passphrase (void)
76 time_t now = time (NULL);
78 if (pgp_use_gpg_agent ()) {
80 return 1; /* handled by gpg-agent */
84 /* Use cached copy. */
87 pgp_void_passphrase ();
89 if (mutt_get_field_unbuffered (_("Enter PGP passphrase:"), PgpPass,
90 sizeof (PgpPass), M_PASS) == 0) {
91 PgpExptime = time (NULL) + PgpTimeout;
100 void pgp_forget_passphrase (void)
102 pgp_void_passphrase ();
103 mutt_message _("PGP passphrase forgotten.");
106 int pgp_use_gpg_agent (void) {
109 if (!option (OPTUSEGPGAGENT) || !getenv ("GPG_AGENT_INFO"))
112 if ((tty = ttyname(0)))
113 setenv ("GPG_TTY", tty, 0);
118 char *pgp_keyid (pgp_key_t k)
120 if ((k->flags & KEYFLAG_SUBKEY) && k->parent && option (OPTPGPIGNORESUB))
123 return _pgp_keyid (k);
126 char *_pgp_keyid (pgp_key_t k)
128 if (option (OPTPGPLONGIDS))
131 return (k->keyid + 8);
134 /* ----------------------------------------------------------------------------
135 * Routines for handing PGP input.
140 /* Copy PGP output messages and look for signs of a good signature */
142 static int pgp_copy_checksig (FILE * fpin, FILE * fpout)
146 if (PgpGoodSign.pattern) {
151 while ((line = mutt_read_line (line, &linelen, fpin, &lineno)) != NULL) {
152 if (regexec (PgpGoodSign.rx, line, 0, NULL, 0) == 0) {
153 debug_print (2, ("\"%s\" matches regexp.\n", line));
157 debug_print (2, ("\"%s\" doesn't match regexp.\n", line));
159 if (strncmp (line, "[GNUPG:] ", 9) == 0)
167 debug_print (2, ("No pattern.\n"));
168 mutt_copy_stream (fpin, fpout);
176 * Copy a clearsigned message, and strip the signature and PGP's
179 * XXX - charset handling: We assume that it is safe to do
180 * character set decoding first, dash decoding second here, while
181 * we do it the other way around in the main handler.
183 * (Note that we aren't worse than Outlook &c in this, and also
184 * note that we can successfully handle anything produced by any
185 * existing versions of mutt.)
188 static void pgp_copy_clearsigned (FILE * fpin, STATE * s, char *charset)
190 char buf[HUGE_STRING];
191 short complete, armor_header;
197 fc = fgetconv_open (fpin, charset, Charset, M_ICONV_HOOK_FROM);
199 for (complete = 1, armor_header = 1;
200 fgetconvs (buf, sizeof (buf), fc) != NULL;
201 complete = strchr (buf, '\n') != NULL) {
208 if (str_cmp (buf, "-----BEGIN PGP SIGNATURE-----\n") == 0)
212 char *p = str_skip_initws (buf);
220 state_puts (s->prefix, s);
222 if (buf[0] == '-' && buf[1] == ' ')
223 state_puts (buf + 2, s);
228 fgetconv_close (&fc);
232 /* Support for the Application/PGP Content Type. */
234 int pgp_application_pgp_handler (BODY * m, STATE * s)
236 int needpass = -1, pgp_keyblock = 0;
238 int clearsign = 0, rv, rc;
240 long bytes, last_pos, offset;
241 char buf[HUGE_STRING];
242 char outfile[_POSIX_PATH_MAX];
243 char tmpfname[_POSIX_PATH_MAX];
244 FILE *pgpout = NULL, *pgpin = NULL, *pgperr = NULL;
248 short maybe_goodsig = 1;
249 short have_any_sigs = 0;
251 char body_charset[STRING];
253 mutt_get_body_charset (body_charset, sizeof (body_charset), m);
255 rc = 0; /* silence false compiler warning if (s->flags & M_DISPLAY) */
257 fseek (s->fpin, m->offset, 0);
258 last_pos = m->offset;
260 for (bytes = m->length; bytes > 0;) {
261 if (fgets (buf, sizeof (buf), s->fpin) == NULL)
264 offset = ftell (s->fpin);
265 bytes -= (offset - last_pos); /* don't rely on str_len(buf) */
268 if (str_ncmp ("-----BEGIN PGP ", buf, 15) == 0) {
270 start_pos = last_pos;
272 if (str_cmp ("MESSAGE-----\n", buf + 15) == 0)
274 else if (str_cmp ("SIGNED MESSAGE-----\n", buf + 15) == 0) {
278 else if (!option (OPTDONTHANDLEPGPKEYS) &&
279 str_cmp ("PUBLIC KEY BLOCK-----\n", buf + 15) == 0) {
284 /* XXX - we may wish to recode here */
286 state_puts (s->prefix, s);
291 have_any_sigs = have_any_sigs || (clearsign && (s->flags & M_VERIFY));
293 /* Copy PGP material to temporary file */
294 mutt_mktemp (tmpfname);
295 if ((tmpfp = safe_fopen (tmpfname, "w+")) == NULL) {
296 mutt_perror (tmpfname);
301 while (bytes > 0 && fgets (buf, sizeof (buf) - 1, s->fpin) != NULL) {
302 offset = ftell (s->fpin);
303 bytes -= (offset - last_pos); /* don't rely on str_len(buf) */
309 && str_cmp ("-----END PGP MESSAGE-----\n", buf) == 0)
311 && (str_cmp ("-----END PGP SIGNATURE-----\n", buf) == 0
312 || str_cmp ("-----END PGP PUBLIC KEY BLOCK-----\n",
317 /* leave tmpfp open in case we still need it - but flush it! */
321 /* Invoke PGP if needed */
322 if (!clearsign || (s->flags & M_VERIFY)) {
323 mutt_mktemp (outfile);
324 if ((pgpout = safe_fopen (outfile, "w+")) == NULL) {
325 mutt_perror (tmpfname);
329 if ((thepid = pgp_invoke_decode (&pgpin, NULL, &pgperr, -1,
330 fileno (pgpout), -1, tmpfname,
332 safe_fclose (&pgpout);
337 ("[-- Error: unable to create PGP subprocess! --]\n"),
340 else { /* PGP started successfully */
343 if (!pgp_valid_passphrase ())
344 pgp_void_passphrase ();
345 if (pgp_use_gpg_agent ())
347 fprintf (pgpin, "%s\n", PgpPass);
350 safe_fclose (&pgpin);
352 if (s->flags & M_DISPLAY) {
353 crypt_current_time (s, "PGP");
354 rc = pgp_copy_checksig (pgperr, s->fpout);
357 safe_fclose (&pgperr);
358 rv = mutt_wait_filter (thepid);
360 if (s->flags & M_DISPLAY) {
366 * gpg_good_sign-pattern did not match || pgp_decode_command returned not 0
367 * Sig _is_ correct if
368 * gpg_good_sign="" && pgp_decode_command returned 0
373 state_attach_puts (_("[-- End of PGP output --]\n\n"), s);
377 /* treat empty result as sign of failure */
378 /* TODO: maybe on failure mutt should include the original undecoded text. */
384 if (!clearsign && (!pgpout || c == EOF)) {
385 mutt_error _("Could not decrypt PGP message");
387 pgp_void_passphrase ();
388 if (!(s->flags & M_DISPLAY)) {
396 * Now, copy cleartext to the screen. NOTE - we expect that PGP
397 * outputs utf-8 cleartext. This may not always be true, but it
398 * seems to be a reasonable guess.
401 if (s->flags & M_DISPLAY) {
403 state_attach_puts (_("[-- BEGIN PGP MESSAGE --]\n\n"), s);
404 else if (pgp_keyblock)
405 state_attach_puts (_("[-- BEGIN PGP PUBLIC KEY BLOCK --]\n"), s);
407 state_attach_puts (_("[-- BEGIN PGP SIGNED MESSAGE --]\n\n"), s);
413 pgp_copy_clearsigned (tmpfp, s, body_charset);
420 state_set_prefix (s);
421 fc = fgetconv_open (pgpout, "utf-8", Charset, 0);
422 while ((c = fgetconv (fc)) != EOF)
423 state_prefix_putc (c, s);
424 fgetconv_close (&fc);
427 if (s->flags & M_DISPLAY) {
428 state_putc ('\n', s);
430 state_attach_puts (_("[-- END PGP MESSAGE --]\n"), s);
431 mutt_message _("PGP message successfully decrypted.");
433 else if (pgp_keyblock)
434 state_attach_puts (_("[-- END PGP PUBLIC KEY BLOCK --]\n"), s);
436 state_attach_puts (_("[-- END PGP SIGNED MESSAGE --]\n"), s);
441 /* XXX - we may wish to recode here */
443 state_puts (s->prefix, s);
451 m->goodsig = (maybe_goodsig && have_any_sigs);
454 safe_fclose (&tmpfp);
455 mutt_unlink (tmpfname);
458 safe_fclose (&pgpout);
459 mutt_unlink (outfile);
462 if (needpass == -1) {
464 ("[-- Error: could not find beginning of PGP message! --]\n\n"),
472 static int pgp_check_traditional_one_body (FILE * fp, BODY * b,
475 char tempfile[_POSIX_PATH_MAX];
476 char buf[HUGE_STRING];
483 if (b->type != TYPETEXT)
486 if (tagged_only && !b->tagged)
489 mutt_mktemp (tempfile);
490 if (mutt_decode_save_attachment (fp, b, tempfile, 0, 0) != 0) {
495 if ((tfp = fopen (tempfile, "r")) == NULL) {
500 while (fgets (buf, sizeof (buf), tfp)) {
501 if (str_ncmp ("-----BEGIN PGP ", buf, 15) == 0) {
502 if (str_cmp ("MESSAGE-----\n", buf + 15) == 0)
504 else if (str_cmp ("SIGNED MESSAGE-----\n", buf + 15) == 0)
506 else if (str_cmp ("PUBLIC KEY BLOCK-----\n", buf + 15) == 0)
513 if (!enc && !sgn && !key)
516 /* fix the content type */
518 mutt_set_parameter ("format", "fixed", &b->parameter);
520 mutt_set_parameter ("x-action", "pgp-encrypted", &b->parameter);
522 mutt_set_parameter ("x-action", "pgp-signed", &b->parameter);
524 mutt_set_parameter ("x-action", "pgp-keys", &b->parameter);
529 int pgp_check_traditional (FILE * fp, BODY * b, int tagged_only)
534 for (; b; b = b->next) {
535 if (is_multipart (b))
536 rv = pgp_check_traditional (fp, b->parts, tagged_only) || rv;
537 else if (b->type == TYPETEXT) {
538 if ((r = mutt_is_application_pgp (b)))
541 rv = pgp_check_traditional_one_body (fp, b, tagged_only) || rv;
552 int pgp_verify_one (BODY * sigbdy, STATE * s, const char *tempfile)
554 char sigfile[_POSIX_PATH_MAX], pgperrfile[_POSIX_PATH_MAX];
555 FILE *fp, *pgpout, *pgperr;
560 snprintf (sigfile, sizeof (sigfile), "%s.asc", tempfile);
562 if (!(fp = safe_fopen (sigfile, "w"))) {
563 mutt_perror (sigfile);
567 fseek (s->fpin, sigbdy->offset, 0);
568 mutt_copy_bytes (s->fpin, fp, sigbdy->length);
571 mutt_mktemp (pgperrfile);
572 if (!(pgperr = safe_fopen (pgperrfile, "w+"))) {
573 mutt_perror (pgperrfile);
578 crypt_current_time (s, "PGP");
580 if ((thepid = pgp_invoke_verify (NULL, &pgpout, NULL,
581 -1, -1, fileno (pgperr),
582 tempfile, sigfile)) != -1) {
583 if (pgp_copy_checksig (pgpout, s->fpout) >= 0)
587 safe_fclose (&pgpout);
591 if (pgp_copy_checksig (pgperr, s->fpout) >= 0)
594 if ((rv = mutt_wait_filter (thepid)))
597 debug_print (1, ("mutt_wait_filter returned %d.\n", rv));
600 safe_fclose (&pgperr);
602 state_attach_puts (_("[-- End of PGP output --]\n\n"), s);
604 mutt_unlink (sigfile);
605 mutt_unlink (pgperrfile);
607 debug_print (1, ("returning %d.\n", badsig));
613 /* Extract pgp public keys from messages or attachments */
615 void pgp_extract_keys_from_messages (HEADER * h)
618 char tempfname[_POSIX_PATH_MAX];
622 mutt_parse_mime_message (Context, h);
623 if (h->security & PGPENCRYPT && !pgp_valid_passphrase ())
627 mutt_mktemp (tempfname);
628 if (!(fpout = safe_fopen (tempfname, "w"))) {
629 mutt_perror (tempfname);
633 set_option (OPTDONTHANDLEPGPKEYS);
636 for (i = 0; i < Context->vcount; i++) {
637 if (Context->hdrs[Context->v2r[i]]->tagged) {
638 mutt_parse_mime_message (Context, Context->hdrs[Context->v2r[i]]);
639 if (Context->hdrs[Context->v2r[i]]->security & PGPENCRYPT
640 && !pgp_valid_passphrase ()) {
644 mutt_copy_message (fpout, Context, Context->hdrs[Context->v2r[i]],
645 M_CM_DECODE | M_CM_CHARCONV, 0);
650 mutt_parse_mime_message (Context, h);
651 if (h->security & PGPENCRYPT && !pgp_valid_passphrase ()) {
655 mutt_copy_message (fpout, Context, h, M_CM_DECODE | M_CM_CHARCONV, 0);
660 pgp_invoke_import (tempfname);
661 mutt_any_key_to_continue (NULL);
665 mutt_unlink (tempfname);
666 unset_option (OPTDONTHANDLEPGPKEYS);
670 static void pgp_extract_keys_from_attachment (FILE * fp, BODY * top)
674 char tempfname[_POSIX_PATH_MAX];
676 mutt_mktemp (tempfname);
677 if (!(tempfp = safe_fopen (tempfname, "w"))) {
678 mutt_perror (tempfname);
682 memset (&s, 0, sizeof (STATE));
687 mutt_body_handler (top, &s);
691 pgp_invoke_import (tempfname);
692 mutt_any_key_to_continue (NULL);
694 mutt_unlink (tempfname);
697 void pgp_extract_keys_from_attachment_list (FILE * fp, int tag, BODY * top)
700 mutt_error _("Internal error. Inform <roessler@does-not-exist.org>.");
706 set_option (OPTDONTHANDLEPGPKEYS);
708 for (; top; top = top->next) {
709 if (!tag || top->tagged)
710 pgp_extract_keys_from_attachment (fp, top);
716 unset_option (OPTDONTHANDLEPGPKEYS);
719 BODY *pgp_decrypt_part (BODY * a, STATE * s, FILE * fpout, BODY * p)
721 char buf[LONG_STRING];
722 FILE *pgpin, *pgpout, *pgperr, *pgptmp;
726 char pgperrfile[_POSIX_PATH_MAX];
727 char pgptmpfile[_POSIX_PATH_MAX];
731 mutt_mktemp (pgperrfile);
732 if ((pgperr = safe_fopen (pgperrfile, "w+")) == NULL) {
733 mutt_perror (pgperrfile);
738 mutt_mktemp (pgptmpfile);
739 if ((pgptmp = safe_fopen (pgptmpfile, "w")) == NULL) {
740 mutt_perror (pgptmpfile);
745 /* Position the stream at the beginning of the body, and send the data to
746 * the temporary file.
749 fseek (s->fpin, a->offset, 0);
750 mutt_copy_bytes (s->fpin, pgptmp, a->length);
753 if ((thepid = pgp_invoke_decrypt (&pgpin, &pgpout, NULL, -1, -1,
754 fileno (pgperr), pgptmpfile)) == -1) {
757 if (s->flags & M_DISPLAY)
759 ("[-- Error: could not create a PGP subprocess! --]\n\n"),
764 /* send the PGP passphrase to the subprocess. Never do this if the
765 agent is active, because this might lead to a passphrase send as
767 if (!pgp_use_gpg_agent ())
768 fputs (PgpPass, pgpin);
772 /* Read the output from PGP, and make sure to change CRLF to LF, otherwise
773 * read_mime_header has a hard time parsing the message.
775 while (fgets (buf, sizeof (buf) - 1, pgpout) != NULL) {
777 if (len > 1 && buf[len - 2] == '\r')
778 strcpy (buf + len - 2, "\n"); /* __STRCPY_CHECKED__ */
783 rv = mutt_wait_filter (thepid);
784 mutt_unlink (pgptmpfile);
786 if (s->flags & M_DISPLAY) {
789 if (pgp_copy_checksig (pgperr, s->fpout) == 0 && !rv && p)
793 state_attach_puts (_("[-- End of PGP output --]\n\n"), s);
800 if (fgetc (fpout) == EOF) {
801 mutt_error (_("Decryption failed."));
802 pgp_void_passphrase ();
808 if ((tattach = mutt_read_mime_header (fpout, 0)) != NULL) {
810 * Need to set the length of this body part.
812 fstat (fileno (fpout), &info);
813 tattach->length = info.st_size - tattach->offset;
815 /* See if we need to recurse on this MIME part. */
817 mutt_parse_part (fpout, tattach);
823 int pgp_decrypt_mime (FILE * fpin, FILE ** fpout, BODY * b, BODY ** cur)
825 char tempfile[_POSIX_PATH_MAX];
829 if (!mutt_is_multipart_encrypted (b))
832 if (!b->parts || !b->parts->next)
837 memset (&s, 0, sizeof (s));
839 mutt_mktemp (tempfile);
840 if ((*fpout = safe_fopen (tempfile, "w+")) == NULL) {
841 mutt_perror (tempfile);
846 *cur = pgp_decrypt_part (b, &s, *fpout, p);
856 int pgp_encrypted_handler (BODY * a, STATE * s)
858 char tempfile[_POSIX_PATH_MAX];
865 if (!a || a->type != TYPEAPPLICATION || !a->subtype ||
866 ascii_strcasecmp ("pgp-encrypted", a->subtype) != 0 ||
867 !a->next || a->next->type != TYPEAPPLICATION || !a->next->subtype ||
868 ascii_strcasecmp ("octet-stream", a->next->subtype) != 0) {
869 if (s->flags & M_DISPLAY)
870 state_attach_puts (_("[-- Error: malformed PGP/MIME message! --]\n\n"),
876 * Move forward to the application/pgp-encrypted body.
880 mutt_mktemp (tempfile);
881 if ((fpout = safe_fopen (tempfile, "w+")) == NULL) {
882 if (s->flags & M_DISPLAY)
884 ("[-- Error: could not create temporary file! --]\n"),
889 if (s->flags & M_DISPLAY)
890 crypt_current_time (s, "PGP");
892 if ((tattach = pgp_decrypt_part (a, s, fpout, p)) != NULL) {
893 if (s->flags & M_DISPLAY)
895 ("[-- The following data is PGP/MIME encrypted --]\n\n"),
900 rc = mutt_body_handler (tattach, s);
904 * if a multipart/signed is the _only_ sub-part of a
905 * multipart/encrypted, cache signature verification
910 if (mutt_is_multipart_signed (tattach) && !tattach->next)
911 p->goodsig |= tattach->goodsig;
913 if (s->flags & M_DISPLAY) {
914 state_puts ("\n", s);
915 state_attach_puts (_("[-- End of PGP/MIME encrypted data --]\n"), s);
918 mutt_free_body (&tattach);
919 /* clear 'Invoking...' message, since there's no error */
920 mutt_message _("PGP message successfully decrypted.");
922 mutt_error _("Could not decrypt PGP message");
923 pgp_void_passphrase ();
928 mutt_unlink (tempfile);
933 /* ----------------------------------------------------------------------------
934 * Routines for sending PGP/MIME messages.
938 BODY *pgp_sign_message (BODY * a)
941 char buffer[LONG_STRING];
942 char sigfile[_POSIX_PATH_MAX], signedfile[_POSIX_PATH_MAX];
943 FILE *pgpin, *pgpout, *pgperr, *fp, *sfp;
948 convert_to_7bit (a); /* Signed data _must_ be in 7-bit format. */
950 mutt_mktemp (sigfile);
951 if ((fp = safe_fopen (sigfile, "w")) == NULL) {
955 mutt_mktemp (signedfile);
956 if ((sfp = safe_fopen (signedfile, "w")) == NULL) {
957 mutt_perror (signedfile);
963 mutt_write_mime_header (a, sfp);
965 mutt_write_mime_body (a, sfp);
968 if ((thepid = pgp_invoke_sign (&pgpin, &pgpout, &pgperr,
969 -1, -1, -1, signedfile)) == -1) {
970 mutt_perror (_("Can't open PGP subprocess!"));
978 if (!pgp_use_gpg_agent ())
979 fputs (PgpPass, pgpin);
984 * Read back the PGP signature. Also, change MESSAGE=>SIGNATURE as
985 * recommended for future releases of PGP.
987 while (fgets (buffer, sizeof (buffer) - 1, pgpout) != NULL) {
988 if (str_cmp ("-----BEGIN PGP MESSAGE-----\n", buffer) == 0)
989 fputs ("-----BEGIN PGP SIGNATURE-----\n", fp);
990 else if (str_cmp ("-----END PGP MESSAGE-----\n", buffer) == 0)
991 fputs ("-----END PGP SIGNATURE-----\n", fp);
994 empty = 0; /* got some output, so we're ok */
997 /* check for errors from PGP */
999 while (fgets (buffer, sizeof (buffer) - 1, pgperr) != NULL) {
1001 fputs (buffer, stdout);
1004 if (mutt_wait_filter (thepid) && option (OPTPGPCHECKEXIT))
1009 unlink (signedfile);
1011 if (fclose (fp) != 0) {
1012 mutt_perror ("fclose");
1018 pgp_void_passphrase ();
1019 mutt_any_key_to_continue (NULL);
1024 return (NULL); /* fatal error while signing */
1027 t = mutt_new_body ();
1028 t->type = TYPEMULTIPART;
1029 t->subtype = str_dup ("signed");
1030 t->encoding = ENC7BIT;
1032 t->disposition = DISPINLINE;
1034 mutt_generate_boundary (&t->parameter);
1035 mutt_set_parameter ("protocol", "application/pgp-signature", &t->parameter);
1036 mutt_set_parameter ("micalg", pgp_micalg (sigfile), &t->parameter);
1041 t->parts->next = mutt_new_body ();
1043 t->type = TYPEAPPLICATION;
1044 t->subtype = str_dup ("pgp-signature");
1045 t->filename = str_dup (sigfile);
1047 t->disposition = DISPINLINE;
1048 t->encoding = ENC7BIT;
1049 t->unlink = 1; /* ok to remove this file after sending. */
1054 static short is_numerical_keyid (const char *s)
1056 /* or should we require the "0x"? */
1057 if (strncmp (s, "0x", 2) == 0)
1059 if (str_len (s) % 8)
1062 if (strchr ("0123456789ABCDEFabcdef", *s++) == NULL)
1068 /* This routine attempts to find the keyids of the recipients of a message.
1069 * It returns NULL if any of the keys can not be found.
1071 char *pgp_findKeys (ADDRESS * to, ADDRESS * cc, ADDRESS * bcc)
1073 char *keyID, *keylist = NULL, *t;
1074 size_t keylist_size = 0;
1075 size_t keylist_used = 0;
1076 ADDRESS *tmp = NULL, *addr = NULL;
1077 ADDRESS **last = &tmp;
1080 pgp_key_t k_info = NULL, key = NULL;
1082 const char *fqdn = mutt_fqdn (1);
1084 for (i = 0; i < 3; i++) {
1099 *last = rfc822_cpy_adr (p);
1101 last = &((*last)->next);
1105 rfc822_qualify (tmp, fqdn);
1107 tmp = mutt_remove_duplicates (tmp);
1109 for (p = tmp; p; p = p->next) {
1110 char buf[LONG_STRING];
1115 if ((keyID = mutt_crypt_hook (p)) != NULL) {
1118 snprintf (buf, sizeof (buf), _("Use keyID = \"%s\" for %s?"), keyID,
1120 if ((r = mutt_yesorno (buf, M_YES)) == M_YES) {
1121 if (is_numerical_keyid (keyID)) {
1122 if (strncmp (keyID, "0x", 2) == 0)
1124 goto bypass_selection; /* you don't see this. */
1127 /* check for e-mail address */
1128 if ((t = strchr (keyID, '@')) &&
1129 (addr = rfc822_parse_adrlist (NULL, keyID))) {
1131 rfc822_qualify (addr, fqdn);
1135 k_info = pgp_getkeybystr (keyID, KEYFLAG_CANENCRYPT, PGP_PUBRING);
1138 mem_free (&keylist);
1139 rfc822_free_address (&tmp);
1140 rfc822_free_address (&addr);
1146 pgp_invoke_getkeys (q);
1150 pgp_getkeybyaddr (q, KEYFLAG_CANENCRYPT, PGP_PUBRING)) == NULL) {
1151 snprintf (buf, sizeof (buf), _("Enter keyID for %s: "), q->mailbox);
1153 if ((key = pgp_ask_for_key (buf, q->mailbox,
1154 KEYFLAG_CANENCRYPT, PGP_PUBRING)) == NULL) {
1155 mem_free (&keylist);
1156 rfc822_free_address (&tmp);
1157 rfc822_free_address (&addr);
1164 keyID = pgp_keyid (key);
1167 keylist_size += str_len (keyID) + 4;
1168 mem_realloc (&keylist, keylist_size);
1169 sprintf (keylist + keylist_used, "%s0x%s", keylist_used ? " " : "", /* __SPRINTF_CHECKED__ */
1171 keylist_used = str_len (keylist);
1173 pgp_free_key (&key);
1174 rfc822_free_address (&addr);
1177 rfc822_free_address (&tmp);
1181 /* Warning: "a" is no longer freed in this routine, you need
1182 * to free it later. This is necessary for $fcc_attach. */
1184 BODY *pgp_encrypt_message (BODY * a, char *keylist, int sign)
1186 char buf[LONG_STRING];
1187 char tempfile[_POSIX_PATH_MAX], pgperrfile[_POSIX_PATH_MAX];
1188 char pgpinfile[_POSIX_PATH_MAX];
1189 FILE *pgpin, *pgperr, *fpout, *fptmp;
1195 mutt_mktemp (tempfile);
1196 if ((fpout = safe_fopen (tempfile, "w+")) == NULL) {
1197 mutt_perror (tempfile);
1201 mutt_mktemp (pgperrfile);
1202 if ((pgperr = safe_fopen (pgperrfile, "w+")) == NULL) {
1203 mutt_perror (pgperrfile);
1208 unlink (pgperrfile);
1210 mutt_mktemp (pgpinfile);
1211 if ((fptmp = safe_fopen (pgpinfile, "w")) == NULL) {
1212 mutt_perror (pgpinfile);
1220 convert_to_7bit (a);
1222 mutt_write_mime_header (a, fptmp);
1223 fputc ('\n', fptmp);
1224 mutt_write_mime_body (a, fptmp);
1227 if ((thepid = pgp_invoke_encrypt (&pgpin, NULL, NULL, -1,
1228 fileno (fpout), fileno (pgperr),
1229 pgpinfile, keylist, sign)) == -1) {
1236 if (!pgp_use_gpg_agent ())
1237 fputs (PgpPass, pgpin);
1238 fputc ('\n', pgpin);
1242 if (mutt_wait_filter (thepid) && option (OPTPGPCHECKEXIT))
1250 empty = (fgetc (fpout) == EOF);
1255 while (fgets (buf, sizeof (buf) - 1, pgperr) != NULL) {
1257 fputs (buf, stdout);
1261 /* pause if there is any error output from PGP */
1263 mutt_any_key_to_continue (NULL);
1266 /* fatal error while trying to encrypt message */
1268 pgp_void_passphrase (); /* just in case */
1273 t = mutt_new_body ();
1274 t->type = TYPEMULTIPART;
1275 t->subtype = str_dup ("encrypted");
1276 t->encoding = ENC7BIT;
1278 t->disposition = DISPINLINE;
1280 mutt_generate_boundary (&t->parameter);
1281 mutt_set_parameter ("protocol", "application/pgp-encrypted", &t->parameter);
1283 t->parts = mutt_new_body ();
1284 t->parts->type = TYPEAPPLICATION;
1285 t->parts->subtype = str_dup ("pgp-encrypted");
1286 t->parts->encoding = ENC7BIT;
1288 t->parts->next = mutt_new_body ();
1289 t->parts->next->type = TYPEAPPLICATION;
1290 t->parts->next->subtype = str_dup ("octet-stream");
1291 t->parts->next->encoding = ENC7BIT;
1292 t->parts->next->filename = str_dup (tempfile);
1293 t->parts->next->use_disp = 1;
1294 t->parts->next->disposition = DISPINLINE;
1295 t->parts->next->unlink = 1; /* delete after sending the message */
1296 t->parts->next->d_filename = str_dup ("msg.asc"); /* non pgp/mime can save */
1301 BODY *pgp_traditional_encryptsign (BODY * a, int flags, char *keylist)
1305 char pgpoutfile[_POSIX_PATH_MAX];
1306 char pgperrfile[_POSIX_PATH_MAX];
1307 char pgpinfile[_POSIX_PATH_MAX];
1309 char body_charset[STRING];
1311 const char *send_charset;
1313 FILE *pgpout = NULL, *pgperr = NULL, *pgpin = NULL;
1323 if (a->type != TYPETEXT)
1325 if (ascii_strcasecmp (a->subtype, "plain"))
1328 if ((fp = fopen (a->filename, "r")) == NULL) {
1329 mutt_perror (a->filename);
1333 mutt_mktemp (pgpinfile);
1334 if ((pgpin = safe_fopen (pgpinfile, "w")) == NULL) {
1335 mutt_perror (pgpinfile);
1340 /* The following code is really correct: If noconv is set,
1341 * a's charset parameter contains the on-disk character set, and
1342 * we have to convert from that to utf-8. If noconv is not set,
1343 * we have to convert from $charset to utf-8.
1346 mutt_get_body_charset (body_charset, sizeof (body_charset), a);
1348 from_charset = body_charset;
1350 from_charset = Charset;
1352 if (!mutt_is_us_ascii (body_charset)) {
1356 if (flags & ENCRYPT)
1357 send_charset = "us-ascii";
1359 send_charset = "utf-8";
1361 fc = fgetconv_open (fp, from_charset, "utf-8", M_ICONV_HOOK_FROM);
1362 while ((c = fgetconv (fc)) != EOF)
1365 fgetconv_close (&fc);
1368 send_charset = "us-ascii";
1369 mutt_copy_stream (fp, pgpin);
1374 mutt_mktemp (pgpoutfile);
1375 mutt_mktemp (pgperrfile);
1376 if ((pgpout = safe_fopen (pgpoutfile, "w+")) == NULL ||
1377 (pgperr = safe_fopen (pgperrfile, "w+")) == NULL) {
1378 mutt_perror (pgpout ? pgperrfile : pgpoutfile);
1382 unlink (pgpoutfile);
1387 unlink (pgperrfile);
1389 if ((thepid = pgp_invoke_traditional (&pgpin, NULL, NULL,
1390 -1, fileno (pgpout), fileno (pgperr),
1391 pgpinfile, keylist, flags)) == -1) {
1392 mutt_perror (_("Can't invoke PGP"));
1396 mutt_unlink (pgpinfile);
1397 unlink (pgpoutfile);
1401 if (pgp_use_gpg_agent ())
1404 fprintf (pgpin, "%s\n", PgpPass);
1407 if (mutt_wait_filter (thepid) && option (OPTPGPCHECKEXIT))
1410 mutt_unlink (pgpinfile);
1419 empty = (fgetc (pgpout) == EOF);
1424 while (fgets (buff, sizeof (buff), pgperr)) {
1426 fputs (buff, stdout);
1432 mutt_any_key_to_continue (NULL);
1436 pgp_void_passphrase (); /* just in case */
1437 unlink (pgpoutfile);
1441 b = mutt_new_body ();
1443 b->encoding = ENC7BIT;
1446 b->subtype = str_dup ("plain");
1448 mutt_set_parameter ("x-action",
1449 flags & ENCRYPT ? "pgp-encrypted" : "pgp-signed",
1451 mutt_set_parameter ("charset", send_charset, &b->parameter);
1453 b->filename = str_dup (pgpoutfile);
1456 /* The following is intended to give a clue to some completely brain-dead
1457 * "mail environments" which are typically used by large corporations.
1460 b->d_filename = str_dup ("msg.pgp");
1465 b->disposition = DISPINLINE;
1471 if (!(flags & ENCRYPT))
1472 b->encoding = a->encoding;
1477 int pgp_send_menu (HEADER * msg, int *redraw)
1480 char input_signas[SHORT_STRING];
1482 char prompt[LONG_STRING];
1484 if (!(WithCrypto & APPLICATION_PGP))
1485 return msg->security;
1487 /* If autoinline and no crypto options set, then set inline. */
1488 if (option (OPTPGPAUTOINLINE) && !((msg->security & APPLICATION_PGP)
1489 && (msg->security & (SIGN | ENCRYPT))))
1490 msg->security |= INLINE;
1492 snprintf (prompt, sizeof (prompt),
1493 _("PGP (e)ncrypt, (s)ign, sign (a)s, (b)oth, %s, or (c)lear? "),
1494 (msg->security & INLINE) ? _("PGP/M(i)ME") : _("(i)nline"));
1496 switch (mutt_multi_choice (prompt, _("esabifc"))) {
1497 case 1: /* (e)ncrypt */
1498 msg->security |= ENCRYPT;
1499 msg->security &= ~SIGN;
1502 case 2: /* (s)ign */
1503 msg->security |= SIGN;
1504 msg->security &= ~ENCRYPT;
1507 case 3: /* sign (a)s */
1508 unset_option (OPTPGPCHECKTRUST);
1511 pgp_ask_for_key (_("Sign as: "), NULL, KEYFLAG_CANSIGN,
1513 snprintf (input_signas, sizeof (input_signas), "0x%s", pgp_keyid (p));
1514 str_replace (&PgpSignAs, input_signas);
1517 msg->security |= SIGN;
1519 crypt_pgp_void_passphrase (); /* probably need a different passphrase */
1523 msg->security &= ~SIGN;
1527 *redraw = REDRAW_FULL;
1530 case 4: /* (b)oth */
1531 msg->security |= (ENCRYPT | SIGN);
1534 case 5: /* (i)nline */
1535 if ((msg->security & (ENCRYPT | SIGN)))
1536 msg->security ^= INLINE;
1538 msg->security &= ~INLINE;
1541 case 6: /* (f)orget it */
1542 case 7: /* (c)lear */
1547 if (msg->security) {
1548 if (!(msg->security & (ENCRYPT | SIGN)))
1551 msg->security |= APPLICATION_PGP;
1554 return (msg->security);
1558 #endif /* CRYPT_BACKEND_CLASSIC_PGP */