diff options
| -rw-r--r-- | gpgmeplug/cryptplug.h | 220 | ||||
| -rw-r--r-- | gpgmeplug/gpgmeplug.c | 260 |
2 files changed, 429 insertions, 51 deletions
diff --git a/gpgmeplug/cryptplug.h b/gpgmeplug/cryptplug.h index 64de73ef..73176fab 100644 --- a/gpgmeplug/cryptplug.h +++ b/gpgmeplug/cryptplug.h @@ -159,8 +159,10 @@ typedef enum { PinRequest_undef = 0, PinRequest_Always = 1, - PinRequest_OncePerMail = 2, - PinRequest_OncePerSession = 3 // may be changed ... + PinRequest_WhenAddingCerts = 2, + PinRequest_AlwaysWhenSigning = 3, + PinRequest_OncePerSession = 4, + PinRequest_AfterMinutes = 5 } PinRequests; // dummy values: @@ -388,6 +390,21 @@ void setSignEmail( SignEmail ); */ SignEmail signEmail( void ); + +/*! \ingroup groupConfigSign + \brief Specifies whether a warning should be emitted when the user + tries to send an email message unsigned. +*/ +void setWarnSendUnsigned( bool ); + + +/*! \ingroup groupConfigSign + \brief Returns whether a warning should be emitted when the user + tries to send an email message unsigned. +*/ +bool warnSendUnsigned( void ); + + /*! \ingroup groupConfigSign \brief Specifies whether sent email messages should be stored with or without their signatures. @@ -401,20 +418,6 @@ void setSaveSentSignatures( bool ); bool saveSentSignatures( void ); /*! \ingroup groupConfigSign - \brief Specifies whether a warning should be emitted if any - of the certificates involved in the signing process - expires in the near future. -*/ -void setCertificateExpiryNearWarning( bool ); - -/*! \ingroup groupConfigSign - \brief Returns whether a warning should be emitted if any - of the certificates involved in the signing process - expires in the near future. -*/ -bool certificateExpiryNearWarning( void ); - -/*! \ingroup groupConfigSign \brief Specifies whether a warning should be emitted if the email address of the sender is not contained in the certificate. @@ -441,6 +444,20 @@ void setNumPINRequests( PinRequests ); PinRequests numPINRequests( void ); /*! \ingroup groupConfigSign + \brief Specifies the interval in minutes the PIN must be reentered if + numPINRequests() is PinRequest_AfterMinutes. +*/ +void setNumPINRequestsInterval( int ); + + +/*! \ingroup groupConfigSign + \brief Returns the interval in minutes the PIN must be reentered if + numPINRequests() is PinRequest_AfterMinutes. +*/ +int numPINRequestsInterval( void ); + + +/*! \ingroup groupConfigSign \brief Specifies whether the certificate path should be followed to the root certificate or whether locally stored certificates may be used. @@ -467,33 +484,85 @@ void setSignatureUseCRLs( bool ); bool signatureUseCRLs( void ); /*! \ingroup groupConfigSign - \brief Specifies whether a warning should be emitted if any - of the certificates involved in the signing process - expires in the near future. + \brief Specifies whether a warning should be emitted if the + signature certificate expires in the near future. */ -void setSignatureCRLExpiryNearWarning( bool ); +void setSignatureCertificateExpiryNearWarning( bool ); /*! \ingroup groupConfigSign - \brief Returns whether a warning should be emitted if any - of the certificates involved in the signing process - expires in the near future. + \brief Returns whether a warning should be emitted if + the signature certificate expires in the near future. */ -bool signatureCRLExpiryNearWarning( void ); +bool signatureCertificateExpiryNearWarning( void ); /*! \ingroup groupConfigSign - \brief Specifies the number of days which a certificate must + \brief Specifies the number of days which a signature certificate must + be valid before it is considered to expire in the near + future. +*/ +void setSignatureCertificateExpiryNearInterval( int ); + +/*! \ingroup groupConfigSign + \brief Returns the number of days which a signature certificate must be valid before it is considered to expire in the near future. */ -void setSignatureCRLNearExpiryInterval( int ); +int signatureCertificateExpiryNearInterval( void ); /*! \ingroup groupConfigSign - \brief Returns the number of days which a certificate must + \brief Specifies whether a warning should be emitted if the + CA certificate expires in the near future. +*/ +void setCACertificateExpiryNearWarning( bool ); + +/*! \ingroup groupConfigSign + \brief Returns whether a warning should be emitted if + the CA certificate expires in the near future. +*/ +bool caCertificateExpiryNearWarning( void ); + +/*! \ingroup groupConfigSign + \brief Specifies the number of days which a CA certificate must + be valid before it is considered to expire in the near + future. +*/ +void setCACertificateExpiryNearInterval( int ); + +/*! \ingroup groupConfigSign + \brief Returns the number of days which a CA certificate must + be valid before it is considered to expire in the near + future. +*/ +int caCertificateExpiryNearInterval( void ); + +/*! \ingroup groupConfigSign + \brief Specifies whether a warning should be emitted if the + root certificate expires in the near future. +*/ +void setRootCertificateExpiryNearWarning( bool ); + +/*! \ingroup groupConfigSign + \brief Returns whether a warning should be emitted if + the root certificate expires in the near future. +*/ +bool rootCertificateExpiryNearWarning( void ); + +/*! \ingroup groupConfigSign + \brief Specifies the number of days which a root certificate must + be valid before it is considered to expire in the near + future. +*/ +void setRootCertificateExpiryNearInterval( int ); + +/*! \ingroup groupConfigSign + \brief Returns the number of days which a signature certificate must be valid before it is considered to expire in the near future. */ -int signatureCRLNearExpiryInterval( void ); +int rootCertificateExpiryNearInterval( void ); + + /*! \ingroup groupConfigCrypt \brief This function returns an XML representation of a @@ -576,6 +645,20 @@ void setEncryptEmail( EncryptEmail ); */ EncryptEmail encryptEmail( void ); +/*! \ingroup groupConfigSign + \brief Specifies whether a warning should be emitted when the user + tries to send an email message unencrypted. +*/ +void setWarnSendUnencrypted( bool ); + + +/*! \ingroup groupConfigSign + \brief Returns whether a warning should be emitted when the user + tries to send an email message unencrypted. +*/ +bool warnSendUnencrypted( void ); + + /*! \ingroup groupConfigCrypt \brief Specifies whether encrypted email messages should be stored encrypted or decrypted. @@ -588,6 +671,20 @@ void setSaveMessagesEncrypted( bool ); */ bool saveMessagesEncrypted( void ); + +/*! \ingroup groupConfigCrypt + \brief Specifies whether the certificate path should be checked + during encryption. +*/ +void setCheckCertificatePath( bool ); + +/*! \ingroup groupConfigCrypt + \brief Returns whether the certificate path should be checked + during encryption. +*/ +bool checkCertificatePath( void ); + + /*! \ingroup groupConfigCrypt \brief Specifies whether the certificate path should be followed to the root certificate or whether locally stored @@ -602,6 +699,73 @@ void setCheckEncryptionCertificatePathToRoot( bool ); */ bool checkEncryptionCertificatePathToRoot( void ); + +/*! \ingroup groupConfigCrypt + \brief Specifies whether a warning should be emitted if the + certificate of the receiver expires in the near future. +*/ +void setReceiverCertificateExpiryNearWarning( bool ); + +/*! \ingroup groupConfigCrypt + \brief Returns whether a warning should be emitted if the + certificate of the receiver expires in the near future. +*/ +bool receiverCertificateExpiryNearWarning( void ); + + +/*! \ingroup groupConfigCrypt + \brief Specifies the number of days which a receiver certificate + must be valid before it is considered to expire in the near future. +*/ +void setReceiverCertificateExpiryNearWarningInterval( int ); + +/*! \ingroup groupConfigCrypt + \brief Returns the number of days which a receiver certificate + must be valid before it is considered to expire in the near future. +*/ +int receiverCertificateExpiryNearWarningInterval( void ); + +/*! \ingroup groupConfigCrypt + \brief Specifies whether a warning should be emitted if + a certificate in the chain expires in the near future. +*/ +void setCertificateInChainExpiryNearWarning( bool ); + + +/*! \ingroup groupConfigCrypt + \brief Returns whether a warning should be emitted if a + certificate in the chain expires in the near future. +*/ +bool certificateInChainExpiryNearWarning( void ); + + + +/*! \ingroup groupConfigCrypt + \brief Specifies the number of days which a certificate in the chain + must be valid before it is considered to expire in the near future. +*/ +void setCertificateInChainExpiryNearWarningInterval( int ); + +/*! \ingroup groupConfigCrypt + \brief Returns the number of days which a certificate in the chain + must be valid before it is considered to expire in the near future. +*/ +int certificateInChainExpiryNearWarningInterval( void ); + + +/*! \ingroup groupConfigCrypt + \brief Specifies whether a warning is emitted if the email address + of the receiver does not appear in the certificate. +*/ +void setReceiverEmailAddressNotInCertificateWarning( bool ); + +/*! \ingroup groupConfigCrypt + \brief Returns whether a warning is emitted if the email address + of the receiver does not appear in the certificate. +*/ +bool receiverEmailAddressNotInCertificateWarning( void ); + + /*! \ingroup groupConfigCrypt \brief Specifies whether certificate revocation lists should be used. diff --git a/gpgmeplug/gpgmeplug.c b/gpgmeplug/gpgmeplug.c index a1087483..de772f42 100644 --- a/gpgmeplug/gpgmeplug.c +++ b/gpgmeplug/gpgmeplug.c @@ -61,13 +61,10 @@ typedef struct { SendCertificates sendCertificates; SignEmail signEmail; bool saveSentSignatures; - bool certificateExpiryNearWarning; bool warnNoCertificate; PinRequests numPINRequests; bool checkSignatureCertificatePathToRoot; bool signatureUseCRLs; - bool signatureCRLExpiryNearWarning; - int signatureCRLNearExpiryInterval; EncryptionAlgorithm encryptionAlgorithm; EncryptEmail encryptEmail; bool saveMessagesEncrypted; @@ -79,13 +76,28 @@ typedef struct { unsigned int numDirectoryServers; CertificateSource certificateSource; CertificateSource cRLSource; + bool warnSendUnsigned; + int numPINRequestsInterval; + bool signatureCertificateExpiryNearWarning; + int signatureCertificateExpiryNearInterval; + bool cACertificateExpiryNearWarning; + int cACertificateExpiryNearInterval; + bool rootCertificateExpiryNearWarning; + int rootCertificateExpiryNearInterval; + bool warnSendUnencrypted; + bool checkCertificatePath; + bool receiverCertificateExpiryNearWarning; + int receiverCertificateExpiryNearWarningInterval; + bool certificateInChainExpiryNearWarning; + int certificateInChainExpiryNearWarningInterval; + bool receiverEmailAddressNotInCertificateWarning; } Config; Config config; -#define NEAR_EXPIRY 21 +#define NEAR_EXPIRY 14 bool initialize() { @@ -94,13 +106,10 @@ bool initialize() config.sendCertificates = SendCert_SendChainWithRoot; config.signEmail = SignEmail_SignAll; config.saveSentSignatures = true; - config.certificateExpiryNearWarning = true; config.warnNoCertificate = true; config.numPINRequests = PinRequest_Always; config.checkSignatureCertificatePathToRoot = true; config.signatureUseCRLs = true; - config.signatureCRLExpiryNearWarning = true; - config.signatureCRLNearExpiryInterval = NEAR_EXPIRY; config.encryptionAlgorithm = EncryptAlg_RSA; config.encryptEmail = EncryptEmail_Ask; config.saveMessagesEncrypted = true; @@ -112,6 +121,22 @@ bool initialize() config.numDirectoryServers = 0; config.certificateSource = CertSrc_Server; config.cRLSource = CertSrc_Server; + config.warnSendUnsigned = true; + config.numPINRequestsInterval = NEAR_EXPIRY; + config.signatureCertificateExpiryNearWarning = true; + config.signatureCertificateExpiryNearInterval = NEAR_EXPIRY; + config.cACertificateExpiryNearWarning = true; + config.cACertificateExpiryNearInterval = NEAR_EXPIRY; + config.rootCertificateExpiryNearWarning = true; + config.rootCertificateExpiryNearInterval = NEAR_EXPIRY; + config.warnSendUnencrypted = false; + config.checkCertificatePath = true; + config.receiverCertificateExpiryNearWarning = true; + config.receiverCertificateExpiryNearWarningInterval = NEAR_EXPIRY; + config.certificateInChainExpiryNearWarning = true; + config.certificateInChainExpiryNearWarningInterval = NEAR_EXPIRY; + config.receiverEmailAddressNotInCertificateWarning = true; + return true; }; @@ -198,24 +223,33 @@ SignEmail signEmail() return config.signEmail; } -void setSaveSentSignatures( bool flag ) + + + + +void setWarnSendUnsigned( bool flag ) { - config.saveSentSignatures = flag; + config.warnSendUnsigned = flag; } -bool saveSentSignatures() +bool warnSendUnsigned() { - return config.saveSentSignatures; + return config.warnSendUnsigned; } -void setCertificateExpiryNearWarning( bool flag ) + + + + + +void setSaveSentSignatures( bool flag ) { - config.certificateExpiryNearWarning = flag; + config.saveSentSignatures = flag; } -bool certificateExpiryNearWarning() +bool saveSentSignatures() { - return config.certificateExpiryNearWarning; + return config.saveSentSignatures; } void setWarnNoCertificate( bool flag ) @@ -238,6 +272,26 @@ PinRequests numPINRequests() return config.numPINRequests; } + + + + +void setNumPINRequestsInterval( int interval ) +{ + config.numPINRequestsInterval = interval; +} + +int numPINRequestsInterval() +{ + return config.numPINRequestsInterval; +} + + + + + + + void setCheckSignatureCertificatePathToRoot( bool flag ) { config.checkSignatureCertificatePathToRoot = flag; @@ -258,26 +312,77 @@ bool signatureUseCRLs() return config.signatureUseCRLs; } -void setSignatureCRLExpiryNearWarning( bool flag ) + + + + + +void setSignatureCertificateExpiryNearWarning( bool flag ) +{ + config.signatureCertificateExpiryNearWarning = flag; +} + +bool signatureCertificateExpiryNearWarning( void ) +{ + return config.signatureCertificateExpiryNearWarning; +} + +void setSignatureCertificateExpiryNearInterval( int interval ) { - config.signatureCRLExpiryNearWarning = flag; + config.signatureCertificateExpiryNearInterval = interval; } -bool signatureCRLExpiryNearWarning() +int signatureCertificateExpiryNearInterval( void ) { - return config.signatureCRLExpiryNearWarning; + return config.signatureCertificateExpiryNearInterval; } -void setSignatureCRLNearExpiryInterval( int interval ) +void setCACertificateExpiryNearWarning( bool flag ) { - config.signatureCRLNearExpiryInterval = interval; + config.cACertificateExpiryNearWarning = flag; } -int signatureCRLNearExpiryInterval() +bool caCertificateExpiryNearWarning( void ) { - return config.signatureCRLNearExpiryInterval; + return config.cACertificateExpiryNearWarning; } +void setCACertificateExpiryNearInterval( int interval ) +{ + config.cACertificateExpiryNearInterval = interval; +} + +int caCertificateExpiryNearInterval( void ) +{ + return config.cACertificateExpiryNearInterval; +} + +void setRootCertificateExpiryNearWarning( bool flag ) +{ + config.rootCertificateExpiryNearWarning = flag; +} + +bool rootCertificateExpiryNearWarning( void ) +{ + return config.rootCertificateExpiryNearWarning; +} + +void setRootCertificateExpiryNearInterval( int interval ) +{ + config.rootCertificateExpiryNearInterval = interval; +} + +int rootCertificateExpiryNearInterval( void ) +{ + return config.rootCertificateExpiryNearInterval; +} + + + + + + + const char* encryptionConfigurationDialog(){ return 0; } @@ -307,6 +412,29 @@ EncryptEmail encryptEmail() return config.encryptEmail; } + + + + + +void setWarnSendUnencrypted( bool flag ) +{ + config.warnSendUnencrypted = flag; +} + +bool warnSendUnencrypted() +{ + return config.warnSendUnencrypted; +} + + + + + + + + + void setSaveMessagesEncrypted( bool flag ) { config.saveMessagesEncrypted = flag; @@ -317,6 +445,29 @@ bool saveMessagesEncrypted() return config.saveMessagesEncrypted; } + + + + + + +void setCheckCertificatePath( bool flag ) +{ + config.checkCertificatePath = flag; +} + +bool checkCertificatePath() +{ + return config.checkCertificatePath; +} + + + + + + + + void setCheckEncryptionCertificatePathToRoot( bool flag ) { config.checkEncryptionCertificatePathToRoot = flag; @@ -327,6 +478,69 @@ bool checkEncryptionCertificatePathToRoot() return config.checkEncryptionCertificatePathToRoot; } + + + + + + +void setReceiverCertificateExpiryNearWarning( bool flag ) +{ + config.receiverCertificateExpiryNearWarning = flag; +} + +bool receiverCertificateExpiryNearWarning() +{ + return config.receiverCertificateExpiryNearWarning; +} + +void setReceiverCertificateExpiryNearWarningInterval( int interval ) +{ + config.receiverCertificateExpiryNearWarningInterval = interval; +} + +int receiverCertificateExpiryNearWarningInterval() +{ + return config.receiverCertificateExpiryNearWarningInterval; +} + +void setCertificateInChainExpiryNearWarning( bool flag ) +{ + config.certificateInChainExpiryNearWarning = flag; +} + +bool certificateInChainExpiryNearWarning() +{ + return config.certificateInChainExpiryNearWarning; +} + +void setCertificateInChainExpiryNearWarningInterval( int interval ) +{ + config.certificateInChainExpiryNearWarningInterval = interval; +} + +int certificateInChainExpiryNearWarningInterval() +{ + return config.certificateInChainExpiryNearWarningInterval; +} + +void setReceiverEmailAddressNotInCertificateWarning( bool flag ) +{ + config.receiverEmailAddressNotInCertificateWarning = flag; +} + +bool receiverEmailAddressNotInCertificateWarning() +{ + return config.receiverEmailAddressNotInCertificateWarning; +} + + + + + + + + void setEncryptionUseCRLs( bool flag ) { config.encryptionUseCRLs = flag; |