X-Git-Url: http://git.chise.org/gitweb/?a=blobdiff_plain;f=mime-pgp.el;h=3e39afa853c172f9668bfd4c8ca6a4515a768c93;hb=b766c25e4d94346f3b5efef3777009571ffa37eb;hp=fe2e1f2be39bb0070d1131f36ed6d8527d206d9a;hpb=2125f9e5410c72f975ca4188248ef18005404327;p=elisp%2Fsemi.git diff --git a/mime-pgp.el b/mime-pgp.el index fe2e1f2..3e39afa 100644 --- a/mime-pgp.el +++ b/mime-pgp.el @@ -1,8 +1,9 @@ ;;; mime-pgp.el --- mime-view internal methods for PGP. -;; Copyright (C) 1995,1996,1997,1998 MORIOKA Tomohiko +;; Copyright (C) 1995,1996,1997,1998,1999,2000 Free Software Foundation, Inc. -;; Author: MORIOKA Tomohiko +;; Author: MORIOKA Tomohiko +;; Daiki Ueno ;; Created: 1995/12/7 ;; Renamed: 1997/2/27 from tm-pgp.el ;; Keywords: PGP, security, MIME, multimedia, mail, news @@ -41,10 +42,38 @@ ;; by Kazuhiko Yamamoto (1995/10; ;; expired) +;; [OpenPGP/MIME] draft-ietf-openpgp-mime-02.txt: "MIME +;; Security with OpenPGP" by +;; John W. Noerenberg II , +;; Dave Del Torto and +;; Michael Elkins (2000/8) + ;;; Code: (require 'mime-play) - +(require 'pgg-def) + +(autoload 'pgg-decrypt-region "pgg" + "PGP decryption of current region." t) +(autoload 'pgg-verify-region "pgg" + "PGP verification of current region." t) +(autoload 'pgg-snarf-keys-region "pgg" + "Snarf PGP public keys in current region." t) +(autoload 'smime-decrypt-buffer "smime" + "S/MIME decryption of current region.") +(autoload 'smime-verify-buffer "smime" + "Verify integrity of S/MIME message in BUFFER.") +(autoload 'smime-noverify-buffer "smime" + "Verify integrity of S/MIME message in BUFFER.") +(autoload 'smime-pkcs7-region "smime" + "Convert S/MIME message into a PKCS7 message.") +(autoload 'smime-pkcs7-certificates-region "smime" + "Extract any certificates enclosed in PKCS7 message.") +(autoload 'smime-pkcs7-email-region "smime" + "Get email addresses contained in certificate.") +(defvar smime-details-buffer) +(defvar smime-CA-file) +(defvar smime-CA-directory) ;;; @ Internal method for multipart/signed ;;; @@ -52,9 +81,9 @@ (defun mime-verify-multipart/signed (entity situation) "Internal method to verify multipart/signed." - (mime-raw-play-entity + (mime-play-entity (nth 1 (mime-entity-children entity)) ; entity-info of signature - (cdr (assq 'mode situation)) ; play-mode + (list (assq 'mode situation)) ; play-mode )) @@ -63,22 +92,20 @@ ;;; It is based on draft-kazu-pgp-mime-00.txt (PGP-kazu). (defun mime-view-application/pgp (entity situation) - (let* ((start (mime-entity-point-min entity)) - (end (mime-entity-point-max entity)) - (entity-number (mime-raw-point-to-entity-number start)) - (p-win (or (get-buffer-window mime-preview-buffer) + (let* ((p-win (or (get-buffer-window (current-buffer)) (get-largest-window))) - (new-name (format "%s-%s" (buffer-name) entity-number)) - (the-buf (current-buffer)) - (mother mime-preview-buffer) - representation-type) - (set-buffer (get-buffer-create new-name)) + (new-name + (format "%s-%s" (buffer-name) (mime-entity-number entity))) + (mother (current-buffer)) + (preview-buffer (concat "*Preview-" (buffer-name) "*")) + representation-type message-buf) + (set-buffer (setq message-buf (get-buffer-create new-name))) (erase-buffer) - (insert-buffer-substring the-buf start end) + (mime-insert-entity entity) (cond ((progn (goto-char (point-min)) (re-search-forward "^-+BEGIN PGP SIGNED MESSAGE-+$" nil t)) - (funcall (pgp-function 'verify)) + (pgg-verify-region (match-beginning 0)(point-max) nil 'fetch) (goto-char (point-min)) (delete-region (point-min) @@ -91,131 +118,69 @@ (point-max)) (goto-char (point-min)) (while (re-search-forward "^- -" nil t) - (replace-match "-") - ) - (setq representation-type (mime-entity-representation-type entity)) - ) + (replace-match "-")) + (setq representation-type (if (mime-entity-cooked-p entity) + 'cooked))) ((progn (goto-char (point-min)) (re-search-forward "^-+BEGIN PGP MESSAGE-+$" nil t)) - (as-binary-process (funcall (pgp-function 'decrypt))) - (goto-char (point-min)) - (delete-region (point-min) - (and - (search-forward "\n\n") - (match-end 0))) - (setq representation-type 'binary) - )) + (pgg-decrypt-region (point-min)(point-max)) + (delete-region (point-min)(point-max)) + (insert-buffer pgg-output-buffer) + (setq representation-type 'binary))) (setq major-mode 'mime-show-message-mode) - (setq mime-raw-representation-type representation-type) - (save-window-excursion (mime-view-mode mother)) - (set-window-buffer p-win mime-preview-buffer) - )) + (save-window-excursion + (mime-view-buffer nil preview-buffer mother + nil representation-type) + (make-local-variable 'mime-view-temp-message-buffer) + (setq mime-view-temp-message-buffer message-buf)) + (set-window-buffer p-win preview-buffer))) ;;; @ Internal method for application/pgp-signature ;;; -;;; It is based on RFC 2015 (PGP/MIME). - -(defvar mime-pgp-command "pgp" - "*Name of the PGP command.") - -(defvar mime-pgp-default-language 'en - "*Symbol of language for pgp. -It should be ISO 639 2 letter language code such as en, ja, ...") - -(defvar mime-pgp-good-signature-regexp-alist - '((en . "Good signature from user.*$")) - "Alist of language vs regexp to detect ``Good signature''.") - -(defvar mime-pgp-key-expected-regexp-alist - '((en . "Key matching expected Key ID \\(\\S +\\) not found")) - "Alist of language vs regexp to detect ``Key expected''.") - -(defun mime-pgp-check-signature (output-buffer orig-file) - (save-excursion - (set-buffer output-buffer) - (erase-buffer)) - (let* ((lang (or mime-pgp-default-language 'en)) - (status (call-process-region (point-min)(point-max) - mime-pgp-command - nil output-buffer nil - orig-file (format "+language=%s" lang))) - (regexp (cdr (assq lang mime-pgp-good-signature-regexp-alist)))) - (if (= status 0) - (save-excursion - (set-buffer output-buffer) - (goto-char (point-min)) - (message - (cond ((not (stringp regexp)) - "Please specify right regexp for specified language") - ((re-search-forward regexp nil t) - (buffer-substring (match-beginning 0) (match-end 0))) - (t "Bad signature"))) - )))) +;;; It is based on RFC 2015 (PGP/MIME) and +;;; draft-ietf-openpgp-mime-02.txt (OpenPGP/MIME). (defun mime-verify-application/pgp-signature (entity situation) "Internal method to check PGP/MIME signature." - (let* ((start (mime-entity-point-min entity)) - (end (mime-entity-point-max entity)) - (encoding (cdr (assq 'encoding situation))) - (entity-node-id (mime-raw-point-to-entity-node-id start)) + (let* ((entity-node-id (mime-entity-node-id entity)) (mother (mime-entity-parent entity)) (knum (car entity-node-id)) (onum (if (> knum 0) (1- knum) (1+ knum))) (orig-entity (nth onum (mime-entity-children mother))) - (basename (expand-file-name "tm" mime-temp-directory)) - (orig-file (make-temp-name basename)) - (sig-file (concat orig-file ".sig")) - ) - (mime-raw-write-region (mime-entity-point-min orig-entity) - (mime-entity-point-max orig-entity) - orig-file) - (save-excursion (mime-show-echo-buffer)) - (mime-write-decoded-region (save-excursion - (goto-char start) - (and (search-forward "\n\n") - (match-end 0)) - ) end sig-file encoding) - (or (mime-pgp-check-signature mime-echo-buffer-name orig-file) - (let (pgp-id) - (save-excursion + (basename (expand-file-name "tm" temporary-file-directory)) + (sig-file (concat (make-temp-name basename) ".asc")) + status) + (save-excursion + (mime-show-echo-buffer) + (set-buffer mime-echo-buffer-name) + (set-window-start + (get-buffer-window mime-echo-buffer-name) + (point-max))) + (mime-write-entity-content entity sig-file) + (unwind-protect + (with-temp-buffer + (mime-insert-entity orig-entity) + (goto-char (point-min)) + (while (progn (end-of-line) (not (eobp))) + (insert "\r") + (forward-line 1)) + (setq status (pgg-verify-region (point-min)(point-max) + sig-file 'fetch)) + (save-excursion (set-buffer mime-echo-buffer-name) - (goto-char (point-min)) - (let ((regexp (cdr (assq (or mime-pgp-default-language 'en) - mime-pgp-key-expected-regexp-alist)))) - (cond ((not (stringp regexp)) - (message - "Please specify right regexp for specified language") - ) - ((re-search-forward regexp nil t) - (setq pgp-id - (concat "0x" (buffer-substring-no-properties - (match-beginning 1) - (match-end 1)))) - )))) - (if (and pgp-id - (y-or-n-p - (format "Key %s not found; attempt to fetch? " pgp-id)) - ) - (progn - (funcall (pgp-function 'fetch-key) (cons nil pgp-id)) - (mime-pgp-check-signature mime-echo-buffer-name orig-file) - )) - )) - (let ((other-window-scroll-buffer mime-echo-buffer-name)) - (scroll-other-window 8) - ) - (delete-file orig-file) - (delete-file sig-file) - )) + (insert-buffer-substring (if status pgg-output-buffer + pgg-errors-buffer)))) + (delete-file sig-file)))) ;;; @ Internal method for application/pgp-encrypted ;;; -;;; It is based on RFC 2015 (PGP/MIME). +;;; It is based on RFC 2015 (PGP/MIME) and +;;; draft-ietf-openpgp-mime-02.txt (OpenPGP/MIME). (defun mime-decrypt-application/pgp-encrypted (entity situation) (let* ((entity-node-id (mime-entity-node-id entity)) @@ -225,36 +190,111 @@ It should be ISO 639 2 letter language code such as en, ja, ...") (1- knum) (1+ knum))) (orig-entity (nth onum (mime-entity-children mother)))) - (mime-view-application/pgp orig-entity situation) - )) + (mime-view-application/pgp orig-entity situation))) ;;; @ Internal method for application/pgp-keys ;;; -;;; It is based on RFC 2015 (PGP/MIME). +;;; It is based on RFC 2015 (PGP/MIME) and +;;; draft-ietf-openpgp-mime-02.txt (OpenPGP/MIME). (defun mime-add-application/pgp-keys (entity situation) - (let* ((start (mime-entity-point-min entity)) - (end (mime-entity-point-max entity)) - (entity-number (mime-raw-point-to-entity-number start)) - (new-name (format "%s-%s" (buffer-name) entity-number)) - (encoding (cdr (assq 'encoding situation))) - str) - (setq str (buffer-substring start end)) - (switch-to-buffer new-name) - (setq buffer-read-only nil) - (erase-buffer) - (insert str) + (save-excursion + (mime-show-echo-buffer) + (set-buffer mime-echo-buffer-name) + (set-window-start + (get-buffer-window mime-echo-buffer-name) + (point-max))) + (with-temp-buffer + (mime-insert-entity-content entity) + (mime-decode-region (point-min) (point-max) + (cdr (assq 'encoding situation))) + (let ((status (pgg-snarf-keys-region (point-min)(point-max)))) + (save-excursion + (set-buffer mime-echo-buffer-name) + (insert-buffer-substring (if status pgg-output-buffer + pgg-errors-buffer)))))) + + +;;; @ Internal method for application/pkcs7-signature +;;; +;;; It is based on the S/MIME user interface in Gnus. + +(defun mime-verify-application/pkcs7-signature (entity situation) + "Internal method to check S/MIME signature." + (with-temp-buffer + (mime-insert-entity (mime-find-root-entity entity)) + (let ((good-signature (smime-noverify-buffer)) + (good-certificate + (and (or smime-CA-file smime-CA-directory) + (smime-verify-buffer)))) + (if (not good-signature) + ;; we couldn't verify message, fail with openssl output as message + (save-excursion + (mime-show-echo-buffer) + (set-buffer mime-echo-buffer-name) + (set-window-start + (get-buffer-window mime-echo-buffer-name) + (point-max)) + (insert-buffer-substring smime-details-buffer)) + ;; verify mail addresses in mail against those in certificate + (when (and (smime-pkcs7-region (point-min)(point-max)) + (smime-pkcs7-certificates-region (point-min)(point-max))) + (if (not (member + (downcase + (nth 1 (std11-extract-address-components + (mime-entity-fetch-field + (mime-find-root-entity entity) "From")))) + (mime-smime-pkcs7-email-buffer (current-buffer)))) + (message "Sender address forged") + (if good-certificate + (message "Ok (sender authenticated)") + (message "Integrity OK (sender unknown)")))))))) + +(defun mime-smime-pkcs7-email-buffer (buffer) + (with-temp-buffer + (insert-buffer-substring buffer) (goto-char (point-min)) - (if (re-search-forward "^\n" nil t) - (delete-region (point-min) (match-end 0)) - ) - (mime-decode-region (point-min)(point-max) encoding) - (funcall (pgp-function 'snarf-keys)) - (kill-buffer (current-buffer)) - )) - - + (let (addresses) + (while (re-search-forward "-----END CERTIFICATE-----" nil t) + (if (smime-pkcs7-email-region (point-min)(point)) + (setq addresses (append (split-string + (buffer-substring (point-min)(point)) + "[\n\r]+") + addresses))) + (delete-region (point-min)(point))) + (mapcar #'downcase addresses)))) + + +;;; @ Internal method for application/pkcs7-mime +;;; +;;; It is based on RFC 2633 (S/MIME version 3). + +(defun mime-view-application/pkcs7-mime (entity situation) + (let* ((p-win (or (get-buffer-window (current-buffer)) + (get-largest-window))) + (new-name + (format "%s-%s" (buffer-name) (mime-entity-number entity))) + (mother (current-buffer)) + (preview-buffer (concat "*Preview-" (buffer-name) "*")) + message-buf) + (when (memq (or (cdr (assq 'smime-type situation)) 'enveloped-data) + '(enveloped-data signed-data)) + (set-buffer (setq message-buf (get-buffer-create new-name))) + (let ((inhibit-read-only t) + buffer-read-only) + (erase-buffer) + (mime-insert-entity entity) + (smime-decrypt-buffer)) + (setq major-mode 'mime-show-message-mode) + (save-window-excursion + (mime-view-buffer nil preview-buffer mother + nil 'binary) + (make-local-variable 'mime-view-temp-message-buffer) + (setq mime-view-temp-message-buffer message-buf)) + (set-window-buffer p-win preview-buffer)))) + + ;;; @ end ;;;