;;; Commentary:
-;; This module is based on
-
-;; [security-multipart] RFC 1847: "Security Multiparts for MIME:
-;; Multipart/Signed and Multipart/Encrypted" by
-;; Jim Galvin <galvin@tis.com>, Sandy Murphy <sandy@tis.com>,
-;; Steve Crocker <crocker@cybercash.com> and
-;; Ned Freed <ned@innosoft.com> (1995/10)
-
-;; [PGP/MIME] RFC 2015: "MIME Security with Pretty Good Privacy
-;; (PGP)" by Michael Elkins <elkins@aero.org> (1996/6)
-
-;; [PGP-kazu] draft-kazu-pgp-mime-00.txt: "PGP MIME Integration"
-;; by Kazuhiko Yamamoto <kazu@is.aist-nara.ac.jp> (1995/10;
-;; expired)
-
-;; [OpenPGP/MIME] draft-ietf-openpgp-mime-02.txt: "MIME
-;; Security with OpenPGP" by
-;; John W. Noerenberg II <jwn2@qualcomm.com>,
-;; Dave Del Torto <ddt@cryptorights.org> and
-;; Michael Elkins <michael_elkins@nai.com> (2000/8)
-
;;; Code:
(require 'mime-play)
-(require 'pgg-def)
-
-(autoload 'pgg-decrypt-region "pgg"
- "PGP decryption of current region." t)
-(autoload 'pgg-verify-region "pgg"
- "PGP verification of current region." t)
-(autoload 'pgg-snarf-keys-region "pgg"
- "Snarf PGP public keys in current region." t)
+(require 'epg)
+(require 'epa)
;;; @ Internal method for multipart/signed
-;;;
-;;; It is based on RFC 1847 (security-multipart).
(defun mime-verify-multipart/signed (entity situation)
"Internal method to verify multipart/signed."
))
-;;; @ internal method for application/pgp
-;;;
-;;; It is based on draft-kazu-pgp-mime-00.txt (PGP-kazu).
+;;; @ Internal method for application/*-signature
+
+(defun mime-verify-application/*-signature (entity situation)
+ (let* ((mother (mime-entity-parent entity))
+ (orig-entity (car (mime-entity-children mother)))
+ (protocol (cdr (assoc "protocol" (mime-entity-parameters mother))))
+ (context (epg-make-context
+ (if (equal protocol "application/pgp-signature")
+ 'OpenPGP
+ (if (string-match
+ "\\`application/\\(x-\\)?pkcs7-signature\\'"
+ protocol)
+ 'CMS
+ (error "Unknown protocol: %s" protocol)))))
+ verify-result)
+ (epg-verify-string context
+ (mime-entity-content entity)
+ (with-temp-buffer
+ (if (fboundp 'set-buffer-multibyte)
+ (set-buffer-multibyte nil))
+ (mime-insert-entity orig-entity)
+ (goto-char (point-min))
+ (while (search-forward "\n" nil t)
+ (replace-match "\r\n"))
+ (buffer-substring (point-min) (point-max))))
+ (setq verify-result (epg-context-result-for context 'verify))
+ (if (> (length verify-result) 1)
+ (mime-show-echo-buffer (epg-verify-result-to-string verify-result))
+ (if verify-result
+ (epa-display-verify-result verify-result)))))
-(defun mime-view-application/pgp (entity situation)
- (let* ((p-win (or (get-buffer-window (current-buffer))
+
+;;; @ Internal method for application/pgp-encrypted
+
+(defun mime-decrypt-application/pgp-encrypted (entity situation)
+ (let* ((mother (mime-entity-parent entity))
+ (encrypted-entity (nth 1 (mime-entity-children mother)))
+ (p-win (or (get-buffer-window (current-buffer))
(get-largest-window)))
(new-name
(format "%s-%s" (buffer-name) (mime-entity-number entity)))
(mother (current-buffer))
(preview-buffer (concat "*Preview-" (buffer-name) "*"))
- representation-type message-buf)
+ representation-type message-buf context plain verify-result)
(set-buffer (setq message-buf (get-buffer-create new-name)))
(erase-buffer)
- (mime-insert-entity entity)
- (cond ((progn
- (goto-char (point-min))
- (re-search-forward "^-+BEGIN PGP SIGNED MESSAGE-+$" nil t))
- (pgg-verify-region (match-beginning 0)(point-max) nil 'fetch)
- (goto-char (point-min))
- (delete-region
- (point-min)
- (and
- (re-search-forward "^-+BEGIN PGP SIGNED MESSAGE-+\n\n")
- (match-end 0)))
- (delete-region
- (and (re-search-forward "^-+BEGIN PGP SIGNATURE-+")
- (match-beginning 0))
- (point-max))
- (goto-char (point-min))
- (while (re-search-forward "^- -" nil t)
- (replace-match "-"))
- (setq representation-type (if (mime-entity-cooked-p entity)
- 'cooked)))
- ((progn
- (goto-char (point-min))
- (re-search-forward "^-+BEGIN PGP MESSAGE-+$" nil t))
- (pgg-decrypt-region (point-min)(point-max))
- (delete-region (point-min)(point-max))
- (insert-buffer pgg-output-buffer)
- (setq representation-type 'binary)))
- (setq major-mode 'mime-show-message-mode)
+ (mime-insert-entity encrypted-entity)
+ (goto-char (point-min))
+ (setq context (epg-make-context)
+ plain (decode-coding-string
+ (epg-decrypt-string
+ context
+ (buffer-substring (point-min)(point-max)))
+ 'raw-text))
+ (delete-region (point-min)(point-max))
+ (insert plain)
+ (setq representation-type 'binary
+ major-mode 'mime-show-message-mode)
(save-window-excursion
(mime-view-buffer nil preview-buffer mother
nil representation-type)
(make-local-variable 'mime-view-temp-message-buffer)
(setq mime-view-temp-message-buffer message-buf))
- (set-window-buffer p-win preview-buffer)))
-
-
-;;; @ Internal method for application/pgp-signature
-;;;
-;;; It is based on RFC 2015 (PGP/MIME) and
-;;; draft-ietf-openpgp-mime-02.txt (OpenPGP/MIME).
-
-(defun mime-verify-application/pgp-signature (entity situation)
- "Internal method to check PGP/MIME signature."
- (let* ((entity-node-id (mime-entity-node-id entity))
- (mother (mime-entity-parent entity))
- (knum (car entity-node-id))
- (onum (if (> knum 0)
- (1- knum)
- (1+ knum)))
- (orig-entity (nth onum (mime-entity-children mother)))
- (sig-file (make-temp-file "tm" nil ".asc"))
- status)
- (save-excursion
- (mime-show-echo-buffer)
- (set-buffer mime-echo-buffer-name)
- (set-window-start
- (get-buffer-window mime-echo-buffer-name)
- (point-max)))
- (mime-write-entity-content entity sig-file)
- (unwind-protect
- (with-temp-buffer
- (mime-insert-entity orig-entity)
- (goto-char (point-min))
- (while (progn (end-of-line) (not (eobp)))
- (insert "\r")
- (forward-line 1))
- (setq status (pgg-verify-region (point-min)(point-max)
- sig-file 'fetch))
- (save-excursion
- (set-buffer mime-echo-buffer-name)
- (insert-buffer-substring (if status pgg-output-buffer
- pgg-errors-buffer))))
- (delete-file sig-file))))
-
-
-;;; @ Internal method for application/pgp-encrypted
-;;;
-;;; It is based on RFC 2015 (PGP/MIME) and
-;;; draft-ietf-openpgp-mime-02.txt (OpenPGP/MIME).
-
-(defun mime-decrypt-application/pgp-encrypted (entity situation)
- (let* ((entity-node-id (mime-entity-node-id entity))
- (mother (mime-entity-parent entity))
- (knum (car entity-node-id))
- (onum (if (> knum 0)
- (1- knum)
- (1+ knum)))
- (orig-entity (nth onum (mime-entity-children mother))))
- (mime-view-application/pgp orig-entity situation)))
+ (set-window-buffer p-win preview-buffer)
+ (setq verify-result (epg-context-result-for context 'verify))
+ (if (> (length verify-result) 1)
+ (mime-show-echo-buffer (epg-verify-result-to-string verify-result))
+ (if verify-result
+ (epa-display-verify-result verify-result)))))
;;; @ Internal method for application/pgp-keys
-;;;
-;;; It is based on RFC 2015 (PGP/MIME) and
-;;; draft-ietf-openpgp-mime-02.txt (OpenPGP/MIME).
(defun mime-add-application/pgp-keys (entity situation)
- (save-excursion
- (mime-show-echo-buffer)
- (set-buffer mime-echo-buffer-name)
- (set-window-start
- (get-buffer-window mime-echo-buffer-name)
- (point-max)))
- (with-temp-buffer
- (mime-insert-entity-content entity)
- (mime-decode-region (point-min) (point-max)
- (cdr (assq 'encoding situation)))
- (let ((status (pgg-snarf-keys-region (point-min)(point-max))))
- (save-excursion
- (set-buffer mime-echo-buffer-name)
- (insert-buffer-substring (if status pgg-output-buffer
- pgg-errors-buffer))))))
-
-
-;;; @ Internal method for application/pkcs7-signature
-;;;
-;;; It is based on the S/MIME user interface in Gnus.
-
-(defun mime-verify-application/pkcs7-signature (entity situation)
- "Internal method to check S/MIME signature."
- (with-temp-buffer
- (mime-insert-entity (mime-find-root-entity entity))
- (let ((good-signature (smime-noverify-buffer))
- (good-certificate
- (and (or smime-CA-file smime-CA-directory)
- (smime-verify-buffer))))
- (if (not good-signature)
- ;; we couldn't verify message, fail with openssl output as message
- (save-excursion
- (mime-show-echo-buffer)
- (set-buffer mime-echo-buffer-name)
- (set-window-start
- (get-buffer-window mime-echo-buffer-name)
- (point-max))
- (insert-buffer-substring smime-details-buffer))
- ;; verify mail addresses in mail against those in certificate
- (when (and (smime-pkcs7-region (point-min)(point-max))
- (smime-pkcs7-certificates-region (point-min)(point-max)))
- (if (not (member
- (downcase
- (nth 1 (std11-extract-address-components
- (mime-entity-fetch-field
- (mime-find-root-entity entity) "From"))))
- (mime-smime-pkcs7-email-buffer (current-buffer))))
- (message "Sender address forged")
- (if good-certificate
- (message "Ok (sender authenticated)")
- (message "Integrity OK (sender unknown)"))))))))
-
-(defun mime-smime-pkcs7-email-buffer (buffer)
- (with-temp-buffer
- (insert-buffer-substring buffer)
- (goto-char (point-min))
- (let (addresses)
- (while (re-search-forward "-----END CERTIFICATE-----" nil t)
- (if (smime-pkcs7-email-region (point-min)(point))
- (setq addresses (append (split-string
- (buffer-substring (point-min)(point))
- "[\n\r]+")
- addresses)))
- (delete-region (point-min)(point)))
- (mapcar #'downcase addresses))))
+ (epg-import-keys-from-string (epg-make-context)
+ (mime-entity-content entity)))
;;; @ Internal method for application/pkcs7-mime
-;;;
-;;; It is based on RFC 2633 (S/MIME version 3).
(defun mime-view-application/pkcs7-mime (entity situation)
(let* ((p-win (or (get-buffer-window (current-buffer))
(format "%s-%s" (buffer-name) (mime-entity-number entity)))
(mother (current-buffer))
(preview-buffer (concat "*Preview-" (buffer-name) "*"))
+ (context (epg-make-context 'CMS))
message-buf)
(when (memq (or (cdr (assq 'smime-type situation)) 'enveloped-data)
'(enveloped-data signed-data))
(let ((inhibit-read-only t)
buffer-read-only)
(erase-buffer)
- (mime-insert-entity entity)
- (smime-decrypt-buffer))
+ (insert (epg-decrypt-string context (mime-entity-content entity))))
(setq major-mode 'mime-show-message-mode)
(save-window-excursion
(mime-view-buffer nil preview-buffer mother