}
/* Handle PGP/MIME parts */
- if (GMIME_IS_MULTIPART_ENCRYPTED (part)
- && node->ctx->crypto->gpgctx && node->ctx->crypto->decrypt) {
+ if (GMIME_IS_MULTIPART_ENCRYPTED (part) && node->ctx->crypto->decrypt) {
if (node->nchildren != 2) {
/* this violates RFC 3156 section 4, so we won't bother with it. */
fprintf (stderr, "Error: %d part(s) for a multipart/encrypted "
(err ? err->message : "no error explanation given"));
}
}
- } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->gpgctx) {
+ } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->verify) {
if (node->nchildren != 2) {
/* this violates RFC 3156 section 5, so we won't bother with it. */
fprintf (stderr, "Error: %d part(s) for a multipart/signed message "
typedef struct notmuch_crypto {
notmuch_crypto_context_t* gpgctx;
+ notmuch_bool_t verify;
notmuch_bool_t decrypt;
} notmuch_crypto_t;
};
/* Construct a new MIME node pointing to the root message part of
- * message. If crypto->gpgctx is non-NULL, it will be used to verify
- * signatures on any child parts. If crypto->decrypt is true, then
- * crypto.gpgctx will additionally be used to decrypt any encrypted
- * child parts.
+ * message. If crypto->verify is true, signed child parts will be
+ * verified. If crypto->decrypt is true, encrypted child parts will be
+ * decrypted.
*
* Return value:
*
.part = -1,
.omit_excluded = TRUE,
.crypto = {
+ .verify = FALSE,
.decrypt = FALSE
}
};
int format_sel = NOTMUCH_FORMAT_NOT_SPECIFIED;
- notmuch_bool_t verify = FALSE;
int exclude = EXCLUDE_TRUE;
notmuch_opt_desc_t options[] = {
{ NOTMUCH_OPT_INT, ¶ms.part, "part", 'p', 0 },
{ NOTMUCH_OPT_BOOLEAN, ¶ms.entire_thread, "entire-thread", 't', 0 },
{ NOTMUCH_OPT_BOOLEAN, ¶ms.crypto.decrypt, "decrypt", 'd', 0 },
- { NOTMUCH_OPT_BOOLEAN, &verify, "verify", 'v', 0 },
+ { NOTMUCH_OPT_BOOLEAN, ¶ms.crypto.verify, "verify", 'v', 0 },
{ 0, 0, 0, 0, 0 }
};
return 1;
}
+ /* decryption implies verification */
+ if (params.crypto.decrypt)
+ params.crypto.verify = TRUE;
+
if (format_sel == NOTMUCH_FORMAT_NOT_SPECIFIED) {
/* if part was requested and format was not specified, use format=raw */
if (params.part >= 0)
break;
}
- if (params.crypto.decrypt || verify) {
+ if (params.crypto.decrypt || params.crypto.verify) {
#ifdef GMIME_ATLEAST_26
/* TODO: GMimePasswordRequestFunc */
params.crypto.gpgctx = g_mime_gpg_context_new (NULL, "gpg");
if (params.crypto.gpgctx) {
g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.crypto.gpgctx, FALSE);
} else {
+ /* If we fail to create the gpgctx set the verify and
+ * decrypt flags to FALSE so we don't try to do any
+ * further verification or decryption */
+ params.crypto.verify = FALSE;
params.crypto.decrypt = FALSE;
fprintf (stderr, "Failed to construct gpg context.\n");
}