crypto: actually stash session keys when decrypt=true

[notmuch] / util / crypto.c

diff --git a/util/crypto.c b/util/crypto.c
index 087536ec7ed97156459339eb6f2b3b09cc5409d8..066dea6e1a0380fa8b3844380269669c987e90ab 100644 (file)
--- a/util/crypto.c
+++ b/util/crypto.c
@@ -140,18 +140,81 @@ void _notmuch_crypto_cleanup (unused(_notmuch_crypto_t *crypto))
 #endif
 
 GMimeObject *
-_notmuch_crypto_decrypt (g_mime_3_unused(GMimeCryptoContext* crypto_ctx),
+_notmuch_crypto_decrypt (bool *attempted,
+                        notmuch_decryption_policy_t decrypt,
+                        notmuch_message_t *message,
+                        g_mime_3_unused(GMimeCryptoContext* crypto_ctx),
                         GMimeMultipartEncrypted *part,
                         GMimeDecryptResult **decrypt_result,
                         GError **err)
 {
     GMimeObject *ret = NULL;
+    if (decrypt == NOTMUCH_DECRYPT_FALSE)
+       return NULL;
+
+    /* the versions of notmuch that can support session key decryption */
+#if HAVE_GMIME_SESSION_KEYS
+    if (message) {
+       notmuch_message_properties_t *list = NULL;
+
+       for (list = notmuch_message_get_properties (message, "session-key", TRUE);
+            notmuch_message_properties_valid (list); notmuch_message_properties_move_to_next (list)) {
+           if (err && *err) {
+               g_error_free (*err);
+               *err = NULL;
+           }
+           if (attempted)
+               *attempted = true;
+#if (GMIME_MAJOR_VERSION < 3)
+           ret = g_mime_multipart_encrypted_decrypt_session (part,
+                                                             crypto_ctx,
+                                                             notmuch_message_properties_value (list),
+                                                             decrypt_result, err);
+#else
+           ret = g_mime_multipart_encrypted_decrypt (part,
+                                                     GMIME_DECRYPT_NONE,
+                                                     notmuch_message_properties_value (list),
+                                                     decrypt_result, err);
+#endif
+           if (ret)
+               break;
+       }
+       if (list)
+           notmuch_message_properties_destroy (list);
+       if (ret)
+           return ret;
+    }
+#endif
 
+    if (err && *err) {
+       g_error_free (*err);
+       *err = NULL;
+    }
+
+    if (decrypt == NOTMUCH_DECRYPT_AUTO)
+       return ret;
+
+    if (attempted)
+       *attempted = true;
 #if (GMIME_MAJOR_VERSION < 3)
+#if HAVE_GMIME_SESSION_KEYS
+    gboolean oldgetsk = g_mime_crypto_context_get_retrieve_session_key (crypto_ctx);
+    gboolean newgetsk = (decrypt_result);
+    if (newgetsk != oldgetsk)
+       /* This could return an error, but we can't do anything about it, so ignore it */
+       g_mime_crypto_context_set_retrieve_session_key (crypto_ctx, newgetsk, NULL);
+#endif
     ret = g_mime_multipart_encrypted_decrypt(part, crypto_ctx,
                                             decrypt_result, err);
+#if HAVE_GMIME_SESSION_KEYS
+    if (newgetsk != oldgetsk)
+       g_mime_crypto_context_set_retrieve_session_key (crypto_ctx, oldgetsk, NULL);
+#endif
 #else
-    ret = g_mime_multipart_encrypted_decrypt(part, GMIME_DECRYPT_NONE, NULL,
+    GMimeDecryptFlags flags = GMIME_DECRYPT_NONE;
+    if (decrypt_result)
+       flags |= GMIME_DECRYPT_EXPORT_SESSION_KEY;
+    ret = g_mime_multipart_encrypted_decrypt(part, flags, NULL,
                                             decrypt_result, err);
 #endif
     return ret;