1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
| | #ifndef _CRYPTO_H
#define _CRYPTO_H
#include <stdbool.h>
#include "gmime-extra.h"
#include "notmuch.h"
#ifdef __cplusplus
extern "C" {
#endif
typedef struct _notmuch_crypto {
bool verify;
notmuch_decryption_policy_t decrypt;
} _notmuch_crypto_t;
GMimeObject *
_notmuch_crypto_decrypt (bool *attempted,
notmuch_decryption_policy_t decrypt,
notmuch_message_t *message,
GMimeObject *part,
GMimeDecryptResult **decrypt_result,
GError **err);
void
_notmuch_crypto_cleanup (_notmuch_crypto_t *crypto);
/* The user probably wants to know if the entire message was in the
* clear. When replying, the MUA probably wants to know whether there
* was any part decrypted in the message. And when displaying to the
* user, we probably only want to display "encrypted message" if the
* entire message was covered by encryption. */
typedef enum {
NOTMUCH_MESSAGE_DECRYPTED_NONE = 0,
NOTMUCH_MESSAGE_DECRYPTED_PARTIAL,
NOTMUCH_MESSAGE_DECRYPTED_FULL,
} _notmuch_message_decryption_status_t;
/* description of the cryptographic state of a given message overall;
* for use by simple user agents.
*/
typedef struct _notmuch_message_crypto {
/* encryption status: partial, full, none */
_notmuch_message_decryption_status_t decryption_status;
/* FIXME: can we show what key(s) a fully-encrypted message was
* encrypted to? This data is not necessarily cryptographically
* reliable; even when we decrypt, we might not know which public
* key was used (e.g. if we're using a session key). */
/* signature status of the whole message (either the whole message
* is signed, or it is not) -- this means that partially-signed
* messages will get no signature status. */
GMimeSignatureList *sig_list;
/* if part of the message was signed, and the MUA is clever, it
* can determine on its own exactly which part and try to make
* more sense of it. */
/* mark this flag once we encounter a payload (i.e. something that
* is not part of the cryptographic envelope) */
bool payload_encountered;
/* the value of any "Subject:" header in the cryptographic payload
* (the top level part within the crypto envelope), converted to
* UTF-8 */
char *payload_subject;
/* if both signed and encrypted, was the signature encrypted? */
bool signature_encrypted;
} _notmuch_message_crypto_t;
/* _notmuch_message_crypto_t objects should be released with
* talloc_free (), or they will be released along with their parent
* context.
*/
_notmuch_message_crypto_t *
_notmuch_message_crypto_new (void *ctx);
/* call potential_sig_list during a depth-first-search on a message to
* consider a particular signature as relevant for the message.
*/
notmuch_status_t
_notmuch_message_crypto_potential_sig_list (_notmuch_message_crypto_t *msg_crypto,
GMimeSignatureList *sigs);
/* call successful_decryption during a depth-first-search on a message
* to indicate that a part was successfully decrypted.
*/
notmuch_status_t
_notmuch_message_crypto_successful_decryption (_notmuch_message_crypto_t *msg_crypto);
/* call potential_payload during a depth-first-search on a message
* when encountering a message part that is not part of the envelope.
*
* Returns true if part is the root of the cryptographic payload of
* this message.
*/
bool
_notmuch_message_crypto_potential_payload (_notmuch_message_crypto_t *msg_crypto, GMimeObject *part,
GMimeObject *parent, int childnum);
#ifdef __cplusplus
}
#endif
#endif
|