X-Git-Url: https://git.notmuchmail.org/git?p=notmuch;a=blobdiff_plain;f=util%2Fcrypto.h;h=4fa5599c755cfedc8e27aaef4e59dc83df3bd997;hp=0c62ac70d8f1cfde40634964654b2fb58c14e229;hb=HEAD;hpb=a99058540823cd520cf2a5333e8ffe99799aa285 diff --git a/util/crypto.h b/util/crypto.h index 0c62ac70..3c5d384b 100644 --- a/util/crypto.h +++ b/util/crypto.h @@ -5,31 +5,102 @@ #include "gmime-extra.h" #include "notmuch.h" +#ifdef __cplusplus +extern "C" { +#endif + typedef struct _notmuch_crypto { bool verify; - bool decrypt; -#if (GMIME_MAJOR_VERSION < 3) - GMimeCryptoContext* gpgctx; - GMimeCryptoContext* pkcs7ctx; - const char *gpgpath; -#endif + notmuch_decryption_policy_t decrypt; } _notmuch_crypto_t; GMimeObject * -_notmuch_crypto_decrypt (notmuch_message_t *message, - GMimeCryptoContext* crypto_ctx, - GMimeMultipartEncrypted *part, +_notmuch_crypto_decrypt (bool *attempted, + notmuch_decryption_policy_t decrypt, + notmuch_message_t *message, + GMimeObject *part, GMimeDecryptResult **decrypt_result, GError **err); -#if (GMIME_MAJOR_VERSION < 3) -notmuch_status_t -_notmuch_crypto_get_gmime_ctx_for_protocol (_notmuch_crypto_t *crypto, - const char *protocol, - GMimeCryptoContext **ctx); -#endif - void _notmuch_crypto_cleanup (_notmuch_crypto_t *crypto); +/* The user probably wants to know if the entire message was in the + * clear. When replying, the MUA probably wants to know whether there + * was any part decrypted in the message. And when displaying to the + * user, we probably only want to display "encrypted message" if the + * entire message was covered by encryption. */ +typedef enum { + NOTMUCH_MESSAGE_DECRYPTED_NONE = 0, + NOTMUCH_MESSAGE_DECRYPTED_PARTIAL, + NOTMUCH_MESSAGE_DECRYPTED_FULL, +} _notmuch_message_decryption_status_t; + +/* description of the cryptographic state of a given message overall; + * for use by simple user agents. + */ +typedef struct _notmuch_message_crypto { + /* encryption status: partial, full, none */ + _notmuch_message_decryption_status_t decryption_status; + /* FIXME: can we show what key(s) a fully-encrypted message was + * encrypted to? This data is not necessarily cryptographically + * reliable; even when we decrypt, we might not know which public + * key was used (e.g. if we're using a session key). */ + + /* signature status of the whole message (either the whole message + * is signed, or it is not) -- this means that partially-signed + * messages will get no signature status. */ + GMimeSignatureList *sig_list; + /* if part of the message was signed, and the MUA is clever, it + * can determine on its own exactly which part and try to make + * more sense of it. */ + + /* mark this flag once we encounter a payload (i.e. something that + * is not part of the cryptographic envelope) */ + bool payload_encountered; + + /* the value of any "Subject:" header in the cryptographic payload + * (the top level part within the crypto envelope), converted to + * UTF-8 */ + char *payload_subject; + + /* if both signed and encrypted, was the signature encrypted? */ + bool signature_encrypted; +} _notmuch_message_crypto_t; + + +/* _notmuch_message_crypto_t objects should be released with + * talloc_free (), or they will be released along with their parent + * context. + */ +_notmuch_message_crypto_t * +_notmuch_message_crypto_new (void *ctx); + +/* call potential_sig_list during a depth-first-search on a message to + * consider a particular signature as relevant for the message. + */ +notmuch_status_t +_notmuch_message_crypto_potential_sig_list (_notmuch_message_crypto_t *msg_crypto, + GMimeSignatureList *sigs); + +/* call successful_decryption during a depth-first-search on a message + * to indicate that a part was successfully decrypted. + */ +notmuch_status_t +_notmuch_message_crypto_successful_decryption (_notmuch_message_crypto_t *msg_crypto); + +/* call potential_payload during a depth-first-search on a message + * when encountering a message part that is not part of the envelope. + * + * Returns true if part is the root of the cryptographic payload of + * this message. + */ +bool +_notmuch_message_crypto_potential_payload (_notmuch_message_crypto_t *msg_crypto, GMimeObject *part, + GMimeObject *parent, int childnum); + + +#ifdef __cplusplus +} +#endif #endif