mirror of
https://git.notmuchmail.org/git/notmuch
synced 2024-12-22 17:34:54 +01:00
a6b0772b60
When walking the MIME tree, if we discover that we are at the cryptographic payload, then we would like to record at least the Subject header of the current MIME part. In the future, we might want to record many other headers as well, but for now we will stick with just the Subject. See https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope for more description of the Cryptographic Payload vs. the Cryptographic Envelope. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
101 lines
3.4 KiB
C
101 lines
3.4 KiB
C
#ifndef _CRYPTO_H
|
|
#define _CRYPTO_H
|
|
|
|
#include <stdbool.h>
|
|
#include "gmime-extra.h"
|
|
#include "notmuch.h"
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
typedef struct _notmuch_crypto {
|
|
bool verify;
|
|
notmuch_decryption_policy_t decrypt;
|
|
} _notmuch_crypto_t;
|
|
|
|
GMimeObject *
|
|
_notmuch_crypto_decrypt (bool *attempted,
|
|
notmuch_decryption_policy_t decrypt,
|
|
notmuch_message_t *message,
|
|
GMimeMultipartEncrypted *part,
|
|
GMimeDecryptResult **decrypt_result,
|
|
GError **err);
|
|
|
|
void
|
|
_notmuch_crypto_cleanup (_notmuch_crypto_t *crypto);
|
|
|
|
/* The user probably wants to know if the entire message was in the
|
|
* clear. When replying, the MUA probably wants to know whether there
|
|
* was any part decrypted in the message. And when displaying to the
|
|
* user, we probably only want to display "encrypted message" if the
|
|
* entire message was covered by encryption. */
|
|
typedef enum {
|
|
NOTMUCH_MESSAGE_DECRYPTED_NONE = 0,
|
|
NOTMUCH_MESSAGE_DECRYPTED_PARTIAL,
|
|
NOTMUCH_MESSAGE_DECRYPTED_FULL,
|
|
} _notmuch_message_decryption_status_t;
|
|
|
|
/* description of the cryptographic state of a given message overall;
|
|
* for use by simple user agents.
|
|
*/
|
|
typedef struct _notmuch_message_crypto {
|
|
/* encryption status: partial, full, none */
|
|
_notmuch_message_decryption_status_t decryption_status;
|
|
/* FIXME: can we show what key(s) a fully-encrypted message was
|
|
* encrypted to? This data is not necessarily cryptographically
|
|
* reliable; even when we decrypt, we might not know which public
|
|
* key was used (e.g. if we're using a session key). */
|
|
|
|
/* signature status of the whole message (either the whole message
|
|
* is signed, or it is not) -- this means that partially-signed
|
|
* messages will get no signature status. */
|
|
GMimeSignatureList * sig_list;
|
|
/* if part of the message was signed, and the MUA is clever, it
|
|
* can determine on its own exactly which part and try to make
|
|
* more sense of it. */
|
|
|
|
/* mark this flag once we encounter a payload (i.e. something that
|
|
* is not part of the cryptographic envelope) */
|
|
bool payload_encountered;
|
|
|
|
/* the value of any "Subject:" header in the cryptographic payload
|
|
* (the top level part within the crypto envelope), converted to
|
|
* UTF-8 */
|
|
char * payload_subject;
|
|
|
|
/* if both signed and encrypted, was the signature encrypted? */
|
|
bool signature_encrypted;
|
|
} _notmuch_message_crypto_t;
|
|
|
|
|
|
/* _notmuch_message_crypto_t objects should be released with
|
|
* talloc_free (), or they will be released along with their parent
|
|
* context.
|
|
*/
|
|
_notmuch_message_crypto_t *
|
|
_notmuch_message_crypto_new (void *ctx);
|
|
|
|
/* call potential_sig_list during a depth-first-search on a message to
|
|
* consider a particular signature as relevant for the message.
|
|
*/
|
|
notmuch_status_t
|
|
_notmuch_message_crypto_potential_sig_list (_notmuch_message_crypto_t *msg_crypto, GMimeSignatureList *sigs);
|
|
|
|
/* call successful_decryption during a depth-first-search on a message
|
|
* to indicate that a part was successfully decrypted.
|
|
*/
|
|
notmuch_status_t
|
|
_notmuch_message_crypto_successful_decryption (_notmuch_message_crypto_t *msg_crypto);
|
|
|
|
/* call potential_payload during a depth-first-search on a message
|
|
* when encountering a message part that is not part of the envelope.
|
|
*/
|
|
notmuch_status_t
|
|
_notmuch_message_crypto_potential_payload (_notmuch_message_crypto_t *msg_crypto, GMimeObject *payload, GMimeObject *parent, int childnum);
|
|
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
#endif
|