X-Git-Url: https://git.notmuchmail.org/git?p=notmuch;a=blobdiff_plain;f=show-message.c;h=7a4bbc25807981f2772c3eb6916f73a83811345b;hp=c90f310ca3c45b77b412b2ded67239e9e566b4c8;hb=3b24b396c4c9178603dec5380b4e89f6795dee1f;hpb=8b18efe171ef80cbb238a9446137c39908755d2d

diff --git a/show-message.c b/show-message.c
index c90f310c..7a4bbc25 100644
--- a/show-message.c
+++ b/show-message.c
@@ -34,6 +34,7 @@ show_message_part (GMimeObject *part,
 		   notmuch_show_params_t *params,
 		   int first)
 {
+    GMimeObject *decryptedpart = NULL;
     int selected;
     state->part_count += 1;
 
@@ -58,7 +59,32 @@ show_message_part (GMimeObject *part,
 	GMimeMultipart *multipart = GMIME_MULTIPART (part);
 	GError* err = NULL;
 
-	if (GMIME_IS_MULTIPART_SIGNED (part))
+	if (GMIME_IS_MULTIPART_ENCRYPTED (part) && params->decrypt)
+	{
+	    if ( g_mime_multipart_get_count (multipart) != 2 ) {
+		/* this violates RFC 3156 section 4, so we won't bother with it. */
+		fprintf (stderr,
+			 "Error: %d part(s) for a multipart/encrypted message (should be exactly 2)\n",
+			 g_mime_multipart_get_count (multipart));
+	    } else {
+		GMimeMultipartEncrypted *encrypteddata = GMIME_MULTIPART_ENCRYPTED (part);
+		decryptedpart = g_mime_multipart_encrypted_decrypt (encrypteddata, params->cryptoctx, &err);
+		if (decryptedpart) {
+		    if ((selected || state->in_zone) && format->part_encstatus)
+			format->part_encstatus (1);
+		    const GMimeSignatureValidity *sigvalidity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
+		    if (!sigvalidity)
+			fprintf (stderr, "Failed to verify signed part: %s\n", (err ? err->message : "no error explanation given"));
+		    if ((selected || state->in_zone) && format->part_sigstatus)
+			format->part_sigstatus (sigvalidity);
+		} else {
+		    fprintf (stderr, "Failed to decrypt part: %s\n", (err ? err->message : "no error explanation given"));
+		    if ((selected || state->in_zone) && format->part_encstatus)
+			format->part_encstatus (0);
+		}
+	    }
+	}
+	else if (GMIME_IS_MULTIPART_SIGNED (part))
 	{
 	    if ( g_mime_multipart_get_count (multipart) != 2 ) {
 		/* this violates RFC 3156 section 5, so we won't bother with it. */
@@ -78,8 +104,6 @@ show_message_part (GMimeObject *part,
 		}
 		if ((selected || state->in_zone) && format->part_sigstatus)
 		    format->part_sigstatus (sigvalidity);
-		/* extract only data part, and ignore signature part */
-		part = g_mime_multipart_get_part (multipart, 0);
 		if (sigvalidity)
 		    g_mime_signature_validity_free (sigvalidity);
 	    }
@@ -100,9 +124,20 @@ show_message_part (GMimeObject *part,
 	if (selected)
 	    state->in_zone = 1;
 
-	for (i = 0; i < g_mime_multipart_get_count (multipart); i++) {
-	    show_message_part (g_mime_multipart_get_part (multipart, i),
-			       state, format, params, i == 0);
+	if (decryptedpart) {
+	    /* We emit the useless application/pgp-encrypted version
+	     * part here only to keep the emitted output as consistent
+	     * as possible between decrypted output and the
+	     * unprocessed multipart/mime. For some strange reason,
+	     * the actual encrypted data is the second part of the
+	     * multipart. */
+	    show_message_part (g_mime_multipart_get_part (multipart, 0), state, format, params, TRUE);
+	    show_message_part (decryptedpart, state, format, params, FALSE);
+	} else {
+	    for (i = 0; i < g_mime_multipart_get_count (multipart); i++) {
+		show_message_part (g_mime_multipart_get_part (multipart, i),
+				   state, format, params, i == 0);
+	    }
 	}
 
 	if (selected)