From: Kevin McCarthy Date: Mon, 29 May 2017 18:48:42 +0000 (-0700) Subject: Add self-encrypt options for PGP and S/MIME. X-Git-Tag: neomutt-20170707^2^2~30 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3251a117413262251466c0e6f0962e0f5d33ff81;p=neomutt Add self-encrypt options for PGP and S/MIME. Add $pgp_self_encrypt, $pgp_self_encrypt_as, $smime_self_encrypt, $smime_self_encrypt_as. $pgp_sign_as and $smime_default_key are inappropriate to use, as they specify signing key/certs. In some cases, this is a different value than the encryption key/cert. --- diff --git a/crypt.c b/crypt.c index c852a3145..5804c1483 100644 --- a/crypt.c +++ b/crypt.c @@ -787,6 +787,8 @@ int crypt_get_keys (HEADER *msg, char **keylist, int oppenc_mode) { ADDRESS *adrlist = NULL, *last = NULL; const char *fqdn = mutt_fqdn (1); + char *self_encrypt = NULL; + size_t keylist_size; /* Do a quick check to make sure that we can find all of the encryption * keys if the user has requested this service. @@ -819,6 +821,8 @@ int crypt_get_keys (HEADER *msg, char **keylist, int oppenc_mode) return (-1); } unset_option (OPTPGPCHECKTRUST); + if (option (OPTPGPSELFENCRYPT)) + self_encrypt = PgpSelfEncryptAs; } if ((WithCrypto & APPLICATION_SMIME) && (msg->security & APPLICATION_SMIME)) @@ -828,9 +832,18 @@ int crypt_get_keys (HEADER *msg, char **keylist, int oppenc_mode) rfc822_free_address (&adrlist); return (-1); } + if (option (OPTSMIMESELFENCRYPT)) + self_encrypt = SmimeSelfEncryptAs; } } + if (!oppenc_mode && self_encrypt && *self_encrypt) + { + keylist_size = mutt_strlen (*keylist); + safe_realloc (keylist, keylist_size + mutt_strlen (self_encrypt) + 2); + sprintf (*keylist + keylist_size, " %s", self_encrypt); /* __SPRINTF_CHECKED__ */ + } + rfc822_free_address (&adrlist); return (0); diff --git a/globals.h b/globals.h index 5cbed869d..512d10a0a 100644 --- a/globals.h +++ b/globals.h @@ -262,6 +262,7 @@ WHERE char *PgpVerifyKeyCommand; WHERE char *PgpListSecringCommand; WHERE char *PgpListPubringCommand; WHERE char *PgpGetkeysCommand; +WHERE char *PgpSelfEncryptAs; /*-- formerly in smime.h --*/ WHERE char *SmimeDefaultKey; @@ -282,6 +283,7 @@ WHERE char *SmimePk7outCommand; WHERE char *SmimeGetCertCommand; WHERE char *SmimeImportCertCommand; WHERE char *SmimeGetCertEmailCommand; +WHERE char *SmimeSelfEncryptAs; diff --git a/init.h b/init.h index 0df1efd6c..9150642de 100644 --- a/init.h +++ b/init.h @@ -2059,6 +2059,20 @@ struct option_t MuttVars[] = { ** removed, while the inner \fCmultipart/signed\fP part is retained. ** (PGP only) */ + { "pgp_self_encrypt", DT_BOOL, R_NONE, OPTPGPSELFENCRYPT, 0 }, + /* + ** .pp + ** When \fIset\fP, PGP encrypted messages will also be encrypted + ** using the key in $$pgp_self_encrypt_as. + ** (PGP only) + */ + { "pgp_self_encrypt_as", DT_STR, R_NONE, UL &PgpSelfEncryptAs, 0 }, + /* + ** .pp + ** This is an additional key used to encrypt messages when $$pgp_self_encrypt + ** is \fIset\fP. It should be in keyid or fingerprint form (e.g. 0x00112233). + ** (PGP only) + */ { "pgp_show_unusable", DT_BOOL, R_NONE, OPTPGPSHOWUNUSABLE, 1 }, /* ** .pp @@ -3096,6 +3110,21 @@ struct option_t MuttVars[] = { ** possible \fCprintf(3)\fP-like sequences. ** (S/MIME only) */ + { "smime_self_encrypt", DT_BOOL, R_NONE, OPTSMIMESELFENCRYPT, 0 }, + /* + ** .pp + ** When \fIset\fP, S/MIME encrypted messages will also be encrypted + ** using the certificate in $$smime_self_encrypt_as. + ** (S/MIME only) + */ + { "smime_self_encrypt_as", DT_STR, R_NONE, UL &SmimeSelfEncryptAs, 0 }, + /* + ** .pp + ** This is an additional certificate used to encrypt messages when + ** $$smime_self_encrypt is \fIset\fP. It should be the + ** hash-value that OpenSSL generates. + ** (S/MIME only) + */ { "smime_sign_command", DT_STR, R_NONE, UL &SmimeSignCommand, 0}, /* ** .pp diff --git a/mutt.h b/mutt.h index b60414b34..be42ebd19 100644 --- a/mutt.h +++ b/mutt.h @@ -503,6 +503,7 @@ enum OPTCRYPTREPLYSIGNENCRYPTED, OPTCRYPTTIMESTAMP, OPTSMIMEISDEFAULT, + OPTSMIMESELFENCRYPT, OPTASKCERTLABEL, OPTSDEFAULTDECRYPTKEY, OPTPGPIGNORESUB, @@ -513,6 +514,7 @@ enum OPTPGPENCRYPTSELF, #endif OPTPGPRETAINABLESIG, + OPTPGPSELFENCRYPT, OPTPGPSTRICTENC, OPTFORWDECRYPT, OPTPGPSHOWUNUSABLE,