X-Git-Url: https://git.cworth.org/git?a=blobdiff_plain;f=crypto.c;h=4c1b7eeca6cb56575d01ddb10c3310e829fec46d;hb=6499fce3911df2646db67c0f1ff65672324904f0;hp=9736517f7f6d3ef633438f0c312e3b7d3873c668;hpb=8c6fd797952d38e03d46fd6b57bd6a1a63474de8;p=notmuch

diff --git a/crypto.c b/crypto.c
index 9736517f..4c1b7eec 100644
--- a/crypto.c
+++ b/crypto.c
@@ -13,61 +13,92 @@
  * GNU General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see http://www.gnu.org/licenses/ .
+ * along with this program.  If not, see https://www.gnu.org/licenses/ .
  *
  * Authors: Jameson Rollins <jrollins@finestructure.net>
  */
 
 #include "notmuch-client.h"
-
-#ifdef GMIME_ATLEAST_26
-
+#if (GMIME_MAJOR_VERSION < 3)
 /* Create a GPG context (GMime 2.6) */
-static notmuch_crypto_context_t *
-create_gpg_context (void)
+static GMimeCryptoContext *
+create_gpg_context (_notmuch_crypto_t *crypto)
 {
-    notmuch_crypto_context_t *gpgctx;
+    GMimeCryptoContext *gpgctx;
+
+    if (crypto->gpgctx)
+	return crypto->gpgctx;
 
     /* TODO: GMimePasswordRequestFunc */
-    gpgctx = g_mime_gpg_context_new (NULL, "gpg");
-    if (! gpgctx)
+    gpgctx = g_mime_gpg_context_new (NULL, crypto->gpgpath ? crypto->gpgpath : "gpg");
+    if (! gpgctx) {
+	fprintf (stderr, "Failed to construct gpg context.\n");
 	return NULL;
+    }
+    crypto->gpgctx = gpgctx;
 
-    g_mime_gpg_context_set_use_agent ((GMimeGpgContext *) gpgctx, TRUE);
-    g_mime_gpg_context_set_always_trust ((GMimeGpgContext *) gpgctx, FALSE);
+    g_mime_gpg_context_set_use_agent ((GMimeGpgContext *) gpgctx, true);
+    g_mime_gpg_context_set_always_trust ((GMimeGpgContext *) gpgctx, false);
 
     return gpgctx;
 }
 
-#else /* GMIME_ATLEAST_26 */
-
-/* Create a GPG context (GMime 2.4) */
-static notmuch_crypto_context_t *
-create_gpg_context (void)
+/* Create a PKCS7 context (GMime 2.6) */
+static GMimeCryptoContext *
+create_pkcs7_context (_notmuch_crypto_t *crypto)
 {
-    GMimeSession *session;
-    notmuch_crypto_context_t *gpgctx;
+    GMimeCryptoContext *pkcs7ctx;
 
-    session = g_object_new (g_mime_session_get_type (), NULL);
-    gpgctx = g_mime_gpg_context_new (session, "gpg");
-    g_object_unref (session);
+    if (crypto->pkcs7ctx)
+	return crypto->pkcs7ctx;
 
-    if (! gpgctx)
+    /* TODO: GMimePasswordRequestFunc */
+    pkcs7ctx = g_mime_pkcs7_context_new (NULL);
+    if (! pkcs7ctx) {
+	fprintf (stderr, "Failed to construct pkcs7 context.\n");
 	return NULL;
+    }
+    crypto->pkcs7ctx = pkcs7ctx;
 
-    g_mime_gpg_context_set_always_trust ((GMimeGpgContext *) gpgctx, FALSE);
+    g_mime_pkcs7_context_set_always_trust ((GMimePkcs7Context *) pkcs7ctx,
+					   false);
 
-    return gpgctx;
+    return pkcs7ctx;
 }
-
-#endif /* GMIME_ATLEAST_26 */
+static const struct {
+    const char *protocol;
+    GMimeCryptoContext *(*get_context) (_notmuch_crypto_t *crypto);
+} protocols[] = {
+    {
+	.protocol = "application/pgp-signature",
+	.get_context = create_gpg_context,
+    },
+    {
+	.protocol = "application/pgp-encrypted",
+	.get_context = create_gpg_context,
+    },
+    {
+	.protocol = "application/pkcs7-signature",
+	.get_context = create_pkcs7_context,
+    },
+    {
+	.protocol = "application/x-pkcs7-signature",
+	.get_context = create_pkcs7_context,
+    },
+};
 
 /* for the specified protocol return the context pointer (initializing
  * if needed) */
-notmuch_crypto_context_t *
-notmuch_crypto_get_context (notmuch_crypto_t *crypto, const char *protocol)
+GMimeCryptoContext *
+_notmuch_crypto_get_gmime_context (_notmuch_crypto_t *crypto, const char *protocol)
 {
-    notmuch_crypto_context_t *cryptoctx = NULL;
+    GMimeCryptoContext *cryptoctx = NULL;
+    size_t i;
+
+    if (! protocol) {
+	fprintf (stderr, "Cryptographic protocol is empty.\n");
+	return cryptoctx;
+    }
 
     /* As per RFC 1847 section 2.1: "the [protocol] value token is
      * comprised of the type and sub-type tokens of the Content-Type".
@@ -75,28 +106,32 @@ notmuch_crypto_get_context (notmuch_crypto_t *crypto, const char *protocol)
      * parameter names as defined in this document are
      * case-insensitive."  Thus, we use strcasecmp for the protocol.
      */
-    if (strcasecmp (protocol, "application/pgp-signature") == 0 ||
-	strcasecmp (protocol, "application/pgp-encrypted") == 0) {
-	if (! crypto->gpgctx) {
-	    crypto->gpgctx = create_gpg_context ();
-	    if (! crypto->gpgctx)
-		fprintf (stderr, "Failed to construct gpg context.\n");
-	}
-	cryptoctx = crypto->gpgctx;
-    } else {
-	fprintf (stderr, "Unknown or unsupported cryptographic protocol.\n");
+    for (i = 0; i < ARRAY_SIZE (protocols); i++) {
+	if (strcasecmp (protocol, protocols[i].protocol) == 0)
+	    return protocols[i].get_context (crypto);
     }
 
-    return cryptoctx;
+    fprintf (stderr, "Unknown or unsupported cryptographic protocol %s.\n",
+	     protocol);
+
+    return NULL;
 }
 
-int
-notmuch_crypto_cleanup (notmuch_crypto_t *crypto)
+void
+_notmuch_crypto_cleanup (_notmuch_crypto_t *crypto)
 {
     if (crypto->gpgctx) {
 	g_object_unref (crypto->gpgctx);
 	crypto->gpgctx = NULL;
     }
 
-    return 0;
+    if (crypto->pkcs7ctx) {
+	g_object_unref (crypto->pkcs7ctx);
+	crypto->pkcs7ctx = NULL;
+    }
+}
+#else
+void _notmuch_crypto_cleanup (unused(_notmuch_crypto_t *crypto))
+{
 }
+#endif