Add self-encrypt options for PGP and S/MIME.

Add $pgp_self_encrypt, $pgp_self_encrypt_as, $smime_self_encrypt,
$smime_self_encrypt_as.

$pgp_sign_as and $smime_default_key are inappropriate to use, as they
specify signing key/certs.  In some cases, this is a different value
than the encryption key/cert.

diff --git a/crypt.c b/crypt.c
index c852a31453134af26fe9153623bce93ac23cb3cb..5804c1483f2890f0bea9c069edc552b939f244b5 100644 (file)
--- a/crypt.c
+++ b/crypt.c
@@ -787,6 +787,8 @@ int crypt_get_keys (HEADER *msg, char **keylist, int oppenc_mode)
 {
   ADDRESS *adrlist = NULL, *last = NULL;
   const char *fqdn = mutt_fqdn (1);
+  char *self_encrypt = NULL;
+  size_t keylist_size;
 
   /* Do a quick check to make sure that we can find all of the encryption
    * keys if the user has requested this service.
@@ -819,6 +821,8 @@ int crypt_get_keys (HEADER *msg, char **keylist, int oppenc_mode)
            return (-1);
        }
        unset_option (OPTPGPCHECKTRUST);
+       if (option (OPTPGPSELFENCRYPT))
+         self_encrypt = PgpSelfEncryptAs;
      }
      if ((WithCrypto & APPLICATION_SMIME)
          && (msg->security & APPLICATION_SMIME))
@@ -828,9 +832,18 @@ int crypt_get_keys (HEADER *msg, char **keylist, int oppenc_mode)
            rfc822_free_address (&adrlist);
            return (-1);
        }
+       if (option (OPTSMIMESELFENCRYPT))
+         self_encrypt = SmimeSelfEncryptAs;
      }
   }
 
+  if (!oppenc_mode && self_encrypt && *self_encrypt)
+  {
+    keylist_size = mutt_strlen (*keylist);
+    safe_realloc (keylist, keylist_size + mutt_strlen (self_encrypt) + 2);
+    sprintf (*keylist + keylist_size, " %s", self_encrypt);  /* __SPRINTF_CHECKED__ */
+  }
+
   rfc822_free_address (&adrlist);
     
   return (0);

diff --git a/globals.h b/globals.h
index 5cbed869db65868d875f860a0bea1f278228a143..512d10a0a15464f38a50e2e2afaf3dbcf2b24d94 100644 (file)
--- a/globals.h
+++ b/globals.h
@@ -262,6 +262,7 @@ WHERE char *PgpVerifyKeyCommand;
 WHERE char *PgpListSecringCommand;
 WHERE char *PgpListPubringCommand;
 WHERE char *PgpGetkeysCommand;
+WHERE char *PgpSelfEncryptAs;
 
 /*-- formerly in smime.h --*/
 WHERE char *SmimeDefaultKey;
@@ -282,6 +283,7 @@ WHERE char *SmimePk7outCommand;
 WHERE char *SmimeGetCertCommand;
 WHERE char *SmimeImportCertCommand;
 WHERE char *SmimeGetCertEmailCommand;
+WHERE char *SmimeSelfEncryptAs;
 
 
 

diff --git a/init.h b/init.h
index 0df1efd6c58193ff6d4aedbc7ee7d46109318eb3..9150642de9a3ab2ee8548a0b9694732d1af82ca3 100644 (file)
--- a/init.h
+++ b/init.h
@@ -2059,6 +2059,20 @@ struct option_t MuttVars[] = {
   ** removed, while the inner \fCmultipart/signed\fP part is retained.
   ** (PGP only)
   */
+  { "pgp_self_encrypt",    DT_BOOL, R_NONE, OPTPGPSELFENCRYPT, 0 },
+  /*
+  ** .pp
+  ** When \fIset\fP, PGP encrypted messages will also be encrypted
+  ** using the key in $$pgp_self_encrypt_as.
+  ** (PGP only)
+  */
+  { "pgp_self_encrypt_as", DT_STR,  R_NONE, UL &PgpSelfEncryptAs, 0 },
+  /*
+  ** .pp
+  ** This is an additional key used to encrypt messages when $$pgp_self_encrypt
+  ** is \fIset\fP.  It should be in keyid or fingerprint form (e.g. 0x00112233).
+  ** (PGP only)
+  */
   { "pgp_show_unusable", DT_BOOL, R_NONE, OPTPGPSHOWUNUSABLE, 1 },
   /*
   ** .pp
@@ -3096,6 +3110,21 @@ struct option_t MuttVars[] = {
   ** possible \fCprintf(3)\fP-like sequences.
   ** (S/MIME only)
   */
+  { "smime_self_encrypt",    DT_BOOL, R_NONE, OPTSMIMESELFENCRYPT, 0 },
+  /*
+  ** .pp
+  ** When \fIset\fP, S/MIME encrypted messages will also be encrypted
+  ** using the certificate in $$smime_self_encrypt_as.
+  ** (S/MIME only)
+  */
+  { "smime_self_encrypt_as", DT_STR,  R_NONE, UL &SmimeSelfEncryptAs, 0 },
+  /*
+  ** .pp
+  ** This is an additional certificate used to encrypt messages when
+  ** $$smime_self_encrypt is \fIset\fP.  It should be the
+  ** hash-value that OpenSSL generates.
+  ** (S/MIME only)
+  */
   { "smime_sign_command",      DT_STR, R_NONE, UL &SmimeSignCommand, 0},
   /*
   ** .pp

diff --git a/mutt.h b/mutt.h
index b60414b348febabd037c3749a5c5cac1cf2f440e..be42ebd191febb6be787bfcd279545481bde9091 100644 (file)
--- a/mutt.h
+++ b/mutt.h
@@ -503,6 +503,7 @@ enum
   OPTCRYPTREPLYSIGNENCRYPTED,
   OPTCRYPTTIMESTAMP,
   OPTSMIMEISDEFAULT,
+  OPTSMIMESELFENCRYPT,
   OPTASKCERTLABEL,
   OPTSDEFAULTDECRYPTKEY,
   OPTPGPIGNORESUB,
@@ -513,6 +514,7 @@ enum
   OPTPGPENCRYPTSELF,
 #endif
   OPTPGPRETAINABLESIG,
+  OPTPGPSELFENCRYPT,
   OPTPGPSTRICTENC,
   OPTFORWDECRYPT,
   OPTPGPSHOWUNUSABLE,