Commit 54544e6a authored by Kevin J. McCarthy's avatar Kevin J. McCarthy

Add self-encrypt options for PGP and S/MIME.

Add $pgp_self_encrypt, $pgp_self_encrypt_as, $smime_self_encrypt,
$smime_self_encrypt_as.

$pgp_sign_as and $smime_default_key are inappropriate to use, as they
specify signing key/certs.  In some cases, this is a different value
than the encryption key/cert.
parent c1bcf4ba
......@@ -787,6 +787,8 @@ int crypt_get_keys (HEADER *msg, char **keylist, int oppenc_mode)
{
ADDRESS *adrlist = NULL, *last = NULL;
const char *fqdn = mutt_fqdn (1);
char *self_encrypt = NULL;
size_t keylist_size;
/* Do a quick check to make sure that we can find all of the encryption
* keys if the user has requested this service.
......@@ -819,6 +821,8 @@ int crypt_get_keys (HEADER *msg, char **keylist, int oppenc_mode)
return (-1);
}
unset_option (OPTPGPCHECKTRUST);
if (option (OPTPGPSELFENCRYPT))
self_encrypt = PgpSelfEncryptAs;
}
if ((WithCrypto & APPLICATION_SMIME)
&& (msg->security & APPLICATION_SMIME))
......@@ -828,9 +832,18 @@ int crypt_get_keys (HEADER *msg, char **keylist, int oppenc_mode)
rfc822_free_address (&adrlist);
return (-1);
}
if (option (OPTSMIMESELFENCRYPT))
self_encrypt = SmimeSelfEncryptAs;
}
}
if (!oppenc_mode && self_encrypt && *self_encrypt)
{
keylist_size = mutt_strlen (*keylist);
safe_realloc (keylist, keylist_size + mutt_strlen (self_encrypt) + 2);
sprintf (*keylist + keylist_size, " %s", self_encrypt); /* __SPRINTF_CHECKED__ */
}
rfc822_free_address (&adrlist);
return (0);
......
......@@ -262,6 +262,7 @@ WHERE char *PgpVerifyKeyCommand;
WHERE char *PgpListSecringCommand;
WHERE char *PgpListPubringCommand;
WHERE char *PgpGetkeysCommand;
WHERE char *PgpSelfEncryptAs;
/*-- formerly in smime.h --*/
WHERE char *SmimeDefaultKey;
......@@ -282,6 +283,7 @@ WHERE char *SmimePk7outCommand;
WHERE char *SmimeGetCertCommand;
WHERE char *SmimeImportCertCommand;
WHERE char *SmimeGetCertEmailCommand;
WHERE char *SmimeSelfEncryptAs;
......
......@@ -2059,6 +2059,20 @@ struct option_t MuttVars[] = {
** removed, while the inner \fCmultipart/signed\fP part is retained.
** (PGP only)
*/
{ "pgp_self_encrypt", DT_BOOL, R_NONE, OPTPGPSELFENCRYPT, 0 },
/*
** .pp
** When \fIset\fP, PGP encrypted messages will also be encrypted
** using the key in $$pgp_self_encrypt_as.
** (PGP only)
*/
{ "pgp_self_encrypt_as", DT_STR, R_NONE, UL &PgpSelfEncryptAs, 0 },
/*
** .pp
** This is an additional key used to encrypt messages when $$pgp_self_encrypt
** is \fIset\fP. It should be in keyid or fingerprint form (e.g. 0x00112233).
** (PGP only)
*/
{ "pgp_show_unusable", DT_BOOL, R_NONE, OPTPGPSHOWUNUSABLE, 1 },
/*
** .pp
......@@ -3096,6 +3110,21 @@ struct option_t MuttVars[] = {
** possible \fCprintf(3)\fP-like sequences.
** (S/MIME only)
*/
{ "smime_self_encrypt", DT_BOOL, R_NONE, OPTSMIMESELFENCRYPT, 0 },
/*
** .pp
** When \fIset\fP, S/MIME encrypted messages will also be encrypted
** using the certificate in $$smime_self_encrypt_as.
** (S/MIME only)
*/
{ "smime_self_encrypt_as", DT_STR, R_NONE, UL &SmimeSelfEncryptAs, 0 },
/*
** .pp
** This is an additional certificate used to encrypt messages when
** $$smime_self_encrypt is \fIset\fP. It should be the
** hash-value that OpenSSL generates.
** (S/MIME only)
*/
{ "smime_sign_command", DT_STR, R_NONE, UL &SmimeSignCommand, 0},
/*
** .pp
......
......@@ -503,6 +503,7 @@ enum
OPTCRYPTREPLYSIGNENCRYPTED,
OPTCRYPTTIMESTAMP,
OPTSMIMEISDEFAULT,
OPTSMIMESELFENCRYPT,
OPTASKCERTLABEL,
OPTSDEFAULTDECRYPTKEY,
OPTPGPIGNORESUB,
......@@ -513,6 +514,7 @@ enum
OPTPGPENCRYPTSELF,
#endif
OPTPGPRETAINABLESIG,
OPTPGPSELFENCRYPT,
OPTPGPSTRICTENC,
OPTFORWDECRYPT,
OPTPGPSHOWUNUSABLE,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment