;; PKCSx or similar, it's intended to perform common operations
;; done on messages encoded in these formats. The terminology chosen
;; reflect this.
+;;
+;; The home of this file is in Gnus CVS, but also available from
+;; http://josefsson.org/smime.html.
;;; Quick introduction:
;; environment variables to pass the password to OpenSSL, which is
;; slightly insecure. Hence a new todo: use a better -passin method.
;;
+;; Cache password for e.g. 1h
+;;
;; Suggestions and comments are appreciated, mail me at simon@josefsson.org.
-;; <rant>
+;; begin rant
;;
;; I would include pointers to introductory text on concepts used in
;; this library here, but the material I've read are so horrible I
;; Also, I'm not going to mention anything about the wonders of
;; cryptopolitics. Oops, I just did.
;;
-;; </rant>
+;; end rant
;;; Revision history:
-;; version 0 not released
+;; 2000-06-05 initial version, committed to Gnus CVS contrib/
+;; 2000-10-28 retrieve certificates via DNS CERT RRs
+;; 2001-10-14 posted to gnu.emacs.sources
;;; Code:
string)
:group 'smime)
-(defcustom smime-extra-arguments nil
- "*List of additional arguments passed to OpenSSL.
-For instance, if you don't have a /dev/random you might be forced
-to set this to e.g. `(\"-rand\" \"/etc/entropy\")'."
- :type '(repeat string)
- :group 'smime)
-
(defvar smime-details-buffer "*OpenSSL output*")
+(eval-and-compile
+ (defalias 'smime-make-temp-file
+ (if (fboundp 'make-temp-file)
+ 'make-temp-file
+ (lambda (prefix &optional dir-flag) ;; Simple implementation
+ (expand-file-name
+ (make-temp-name prefix)
+ temporary-file-directory)))))
+
;; Password dialog function
(defun smime-ask-passphrase ()
;; OpenSSL wrappers.
(defun smime-call-openssl-region (b e buf &rest args)
- (case (apply 'call-process-region b e smime-openssl-program nil
- buf nil (append smime-extra-arguments args))
+ (case (apply 'call-process-region b e smime-openssl-program nil buf nil args)
(0 t)
(1 (message "OpenSSL: An error occurred parsing the command options.") nil)
(2 (message "OpenSSL: One of the input files could not be read.") nil)
have proper MIME tags. KEYFILES is expected to contain a PEM encoded
private key and certificate as its car, and a list of additional certificates
to include in its caar."
+ (smime-new-details-buffer)
(let ((keyfile (car keyfiles))
(certfiles (and (cdr keyfiles) (cadr keyfiles)))
(buffer (generate-new-buffer (generate-new-buffer-name " *smime*")))
- (passphrase (smime-ask-passphrase)))
+ (passphrase (smime-ask-passphrase))
+ (tmpfile (smime-make-temp-file "smime")))
(if passphrase
(setenv "GNUS_SMIME_PASSPHRASE" passphrase))
(prog1
- (when (apply 'smime-call-openssl-region b e buffer "smime" "-sign"
- "-signer" (expand-file-name keyfile)
- (append
- (smime-make-certfiles certfiles)
- (if passphrase
- (list "-passin" "env:GNUS_SMIME_PASSPHRASE"))))
+ (when (prog1
+ (apply 'smime-call-openssl-region b e (list buffer tmpfile)
+ "smime" "-sign" "-signer" (expand-file-name keyfile)
+ (append
+ (smime-make-certfiles certfiles)
+ (if passphrase
+ (list "-passin" "env:GNUS_SMIME_PASSPHRASE"))))
+ (if passphrase
+ (setenv "GNUS_SMIME_PASSPHRASE" "" t))
+ (with-current-buffer smime-details-buffer
+ (insert-file-contents tmpfile)
+ (delete-file tmpfile)))
(delete-region b e)
(insert-buffer-substring buffer)
+ (goto-char b)
(when (looking-at "^MIME-Version: 1.0$")
(delete-region (point) (progn (forward-line 1) (point))))
t)
- (if passphrase
- (setenv "GNUS_SMIME_PASSPHRASE" "" t))
- (with-current-buffer (get-buffer-create smime-details-buffer)
+ (with-current-buffer smime-details-buffer
(goto-char (point-max))
(insert-buffer-substring buffer))
(kill-buffer buffer))))
If encryption fails, the buffer is not modified. Region is assumed to
have proper MIME tags. CERTFILES is a list of filenames, each file
is expected to contain of a PEM encoded certificate."
- (let ((buffer (generate-new-buffer (generate-new-buffer-name " *smime*"))))
+ (smime-new-details-buffer)
+ (let ((buffer (generate-new-buffer (generate-new-buffer-name " *smime*")))
+ (tmpfile (smime-make-temp-file "smime")))
(prog1
- (when (apply 'smime-call-openssl-region b e buffer "smime" "-encrypt"
- smime-encrypt-cipher (mapcar 'expand-file-name certfiles))
+ (when (prog1
+ (apply 'smime-call-openssl-region b e (list buffer tmpfile)
+ "smime" "-encrypt" smime-encrypt-cipher
+ (mapcar 'expand-file-name certfiles))
+ (with-current-buffer smime-details-buffer
+ (insert-file-contents tmpfile)
+ (delete-file tmpfile)))
(delete-region b e)
(insert-buffer-substring buffer)
+ (goto-char b)
(when (looking-at "^MIME-Version: 1.0$")
(delete-region (point) (progn (forward-line 1) (point))))
t)
- (with-current-buffer (get-buffer-create smime-details-buffer)
+ (with-current-buffer smime-details-buffer
(goto-char (point-max))
(insert-buffer-substring buffer))
(kill-buffer buffer))))
(smime-new-details-buffer)
(let ((buffer (generate-new-buffer (generate-new-buffer-name " *smime*")))
CAs (passphrase (smime-ask-passphrase))
- (tmpfile (make-temp-file "smime")))
+ (tmpfile (smime-make-temp-file "smime")))
(if passphrase
(setenv "GNUS_SMIME_PASSPHRASE" passphrase))
(if (prog1
(caddr curkey)
(smime-get-certfiles keyfile otherkeys)))))
-(defalias 'smime-point-at-eol
- (if (fboundp 'point-at-eol)
- 'point-at-eol
- 'line-end-position))
+(eval-and-compile
+ (defalias 'smime-point-at-eol
+ (if (fboundp 'point-at-eol)
+ 'point-at-eol
+ 'line-end-position)))
(defun smime-buffer-as-string-region (b e)
"Return each line in region between B and E as a list of strings."
projects / elisp / gnus.git- / blobdiff