Hello, when reading an S/MIME signed email message, activating the "good signature" button (at the top of the multipart/signed) yields an error message in the "*notmuch-crypto-gpg-out*" buffer, because the 'gpg' executable is hard-coded for retrieving information about a signing key.
The attached patch adds support for displaying information about S/MIME signing keys by using to either the 'gpg' or 'gpgsm' executable as appropriate for the message. Hoping to have helped, and looking forward to your thoughts, --alexander
>From 2aa35a043f6e71afd521f7c209e00052c38eb2ad Mon Sep 17 00:00:00 2001 From: Alexander Adolf <[email protected]> Date: Fri, 28 Nov 2025 21:47:25 +0100 Subject: [PATCH 1/1] emacs: show key info for S/MIME signing keys Instead of a hard-coded call to the 'gpg' executable for listing information about the key used for a multipart/signed part, the signing protocol (PGP or S/MIME) is inferred from the message structure, and either 'gpg' or 'gpgsm' is called as appropriate. Tho achieve this, a new ':protocol' property (indicating the signature's media type) is stored in the sigstatus variable, which is passed to the button. The button action for showing the key info then uses that to choose the matching 'gpg' or 'gpgsm' executable. --- emacs/notmuch-crypto.el | 16 +++++++++++++++- emacs/notmuch-show.el | 14 ++++++++++++-- 2 files changed, 27 insertions(+), 3 deletions(-) diff --git a/emacs/notmuch-crypto.el b/emacs/notmuch-crypto.el index a1cf3ddd..02658fcc 100644 --- a/emacs/notmuch-crypto.el +++ b/emacs/notmuch-crypto.el @@ -57,6 +57,11 @@ mode." :type 'string :group 'notmuch-crypto) +(defcustom notmuch-crypto-gpgsm-program epg-gpgsm-program + "The gpgsm executable." + :type 'string + :group 'notmuch-crypto) + ;;; Faces (defface notmuch-crypto-part-header @@ -110,6 +115,9 @@ mode." (defun notmuch-crypto-insert-sigstatus-button (sigstatus from) "Insert a button describing the signature status SIGSTATUS sent by user FROM." + + (message "sigstatus = %s" (prin1-to-string sigstatus)) + (let* ((status (plist-get sigstatus :status)) (show-button t) (face 'notmuch-crypto-signature-unknown) @@ -156,6 +164,12 @@ mode." (defun notmuch-crypto-sigstatus-good-callback (button) (let* ((id (notmuch-show-get-message-id)) (sigstatus (button-get button :notmuch-sigstatus)) + (protocol (plist-get sigstatus :protocol)) + (gpg-prog (pcase protocol + ("application/pgp-signature" notmuch-crypto-gpg-program) + ("application/pkcs7-signature" notmuch-crypto-gpgsm-program) + (_ (message "unknown signature protocol \"%s\" - attempting PGP" protocol) + notmuch-crypto-gpg-program))) (fingerprint (concat "0x" (plist-get sigstatus :fingerprint))) (buffer (get-buffer-create "*notmuch-crypto-gpg-out*")) (window (display-buffer buffer))) @@ -164,7 +178,7 @@ mode." (goto-char (point-max)) (insert (format "-- Key %s in message %s:\n" fingerprint id)) - (notmuch--call-process notmuch-crypto-gpg-program nil t t + (notmuch--call-process gpg-prog nil t t "--batch" "--no-tty" "--list-keys" fingerprint)) (recenter -1)))) diff --git a/emacs/notmuch-show.el b/emacs/notmuch-show.el index 19b51753..e0e7f2f1 100644 --- a/emacs/notmuch-show.el +++ b/emacs/notmuch-show.el @@ -772,8 +772,18 @@ will return nil if the CID is unknown or cannot be retrieved." (when button (button-put button 'face 'notmuch-crypto-part-header)) ;; Insert a button detailing the signature status. - (notmuch-crypto-insert-sigstatus-button (car (plist-get part :sigstatus)) - (notmuch-show-get-header :From msg)) + (let* ((sigstatus (car (plist-get part :sigstatus))) + (from (notmuch-show-get-header :From msg)) + ;; RFC 1847, clause 2.1: + ;; "The multipart/signed content type contains exactly two body parts. + ;; The first body part is the body part over which the digital signature + ;; was created, including its MIME headers. The second body part + ;; contains the control information necessary to verify the digital + ;; signature." + (signature (cadr (plist-get part :content))) + (sig-type (plist-get signature :content-type))) + (plist-put sigstatus :protocol sig-type) + (notmuch-crypto-insert-sigstatus-button sigstatus from)) (let ((inner-parts (plist-get part :content)) (start (point))) ;; Show all of the parts. -- 2.50.1 (Apple Git-155)
_______________________________________________ notmuch mailing list -- [email protected] To unsubscribe send an email to [email protected]
