;ELC
;;; Compiled by mockbuild@buildfarm06-new.corp.cloudlinux.com on Fri Oct 11 10:10:28 2024
;;; from file /builddir/build/BUILD/emacs-24.3/lisp/gnus/smime.el
;;; in Emacs version 24.3.1
;;; with all optimizations.

;;; This file uses dynamic docstrings, first added in Emacs 19.29.

;;; This file does not contain utf-8 non-ASCII characters,
;;; and so can be loaded in Emacs versions earlier than 23.

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;


(byte-code "\300\301!\204
\302\301\303\304B\"\210\305\306!\210\307\310!\203\305\311!\210\202\"\305\312!\210\300\313!\2030\302\314\313\"\210\202;\300\315!\203;\302\314\316\"\210\317\320\321\322\323\324%\210\325\326\321\327\330\331\323\320&\210\325\332\321\333\330\334\323\320&\210\325\335\321\336\337\340\330\341\323\320&	\210\325\342\343\344\330\345\323\320&\210\325\346\347\350\330\351\323\320&\210\325\352\353\354\337\340\330\355\323\320&	\210\325\356\321\357\330\360\323\320&\210\325\361\321\362\337\340\330\363\323\320&	\210\325\364\321\365\330\366\337\367\323\320&	\207" [fboundp declare-function defalias macro #[(&rest r) "\300\207" [nil] 1] require dig locate-library "password-cache" password-cache password replace-in-string smime-replace-in-string replace-regexp-in-string #[(string regexp newtext &optional literal) "\304	\n\305%\207" [regexp newtext string literal replace-regexp-in-string nil] 6 "Replace all matches for REGEXP with NEWTEXT in STRING.\nIf LITERAL is non-nil, insert NEWTEXT literally.  Return a new\nstring containing the replacements.\n\nThis is a compatibility function for different Emacsen."] custom-declare-group smime nil "S/MIME configuration." :group mime custom-declare-variable smime-keys "*Map mail addresses to a file containing Certificate (and private key).\nThe file is assumed to be in PEM format. You can also associate additional\ncertificates to be sent with every message to each address." :type (repeat (list (string :tag "Mail address") (file :tag "File name") (repeat :tag "Additional certificate files" (file :tag "File name")))) smime-CA-directory "*Directory containing certificates for CAs you trust.\nDirectory should contain files (in PEM format) named to the X.509\nhash of the certificate.  This can be done using OpenSSL such as:\n\n$ ln -s ca.pem `openssl x509 -noout -hash -in ca.pem`.0\n\nwhere `ca.pem' is the file containing a PEM encoded X.509 CA\ncertificate." (choice (const :tag "none" nil) directory) smime-CA-file "*Files containing certificates for CAs you trust.\nFile should contain certificates in PEM format." :version "22.1" (choice (const :tag "none" nil) file) smime-certificate-directory "~/Mail/certs/" "*Directory containing other people's certificates.\nIt should contain files named to the X.509 hash of the certificate,\nand the files themselves should be in PEM format." directory smime-openssl-program (and (condition-case nil (eq 0 (call-process "openssl" nil nil nil "version")) (error nil)) "openssl") "*Name of OpenSSL binary." string smime-encrypt-cipher "-des3" "*Cipher algorithm used for encryption." (choice (const :tag "Triple DES" "-des3") (const :tag "DES" "-des") (const :tag "RC2 40 bits" "-rc2-40") (const :tag "RC2 64 bits" "-rc2-64") (const :tag "RC2 128 bits" "-rc2-128")) smime-crl-check "*Check revocation status of signers certificate using CRLs.\nEnabling this will have OpenSSL check the signers certificate\nagainst a certificate revocation list (CRL).\n\nFor this to work the CRL must be up-to-date and since they are\nnormally updated quite often (i.e., several times a day) you\nprobably need some tool to keep them up-to-date. Unfortunately\nGnus cannot do this for you.\n\nThe CRL should either be appended (in PEM format) to your\n`smime-CA-file' or be located in a file (also in PEM format) in\nyour `smime-certificate-directory' named to the X.509 hash of the\ncertificate with .r0 as file name extension.\n\nAt least OpenSSL version 0.9.7 is required for this to work." (choice (const :tag "No check" nil) (const :tag "Check certificate" "-crl_check") (const :tag "Check certificate chain" "-crl_check_all")) smime-dns-server "*DNS server to query certificates from.\nIf nil, use system defaults." (choice (const :tag "System defaults") string) smime-ldap-host-list "A list of LDAP hosts with S/MIME user certificates.\nIf needed search base, binddn, passwd, etc. for the LDAP host\nmust be set in `ldap-host-parameters-alist'." (repeat (string :tag "Host name")) "23.1"] 10)
(defvar smime-details-buffer "*OpenSSL output*")
(byte-code "\300\301\302\303!\203\f\303\202
\304\"\207" [defalias smime-make-temp-file fboundp make-temp-file #[(prefix &optional dir-flag) "\302\303!\304\305!\203\305 \202	\"\207" [prefix temporary-file-directory expand-file-name make-temp-name fboundp temp-directory] 4]] 4)
#@137 Asks the passphrase to unlock the secret key.
If `cache-key' and `password-cache' is non-nil then cache the
password under `cache-key'.
(defalias 'smime-ask-passphrase #[(&optional cache-key) "\302\303\"\211\304\230?\205
	)\207" [cache-key passphrase password-read-and-add "Passphrase for secret key (RET for no passphrase): " ""] 4 (#$ . 4900)])
(defalias 'smime-call-openssl-region #[(b e buf &rest args) "\306\307	\n\310\310\f&\311
\312\"\203\313\202X\311
\314\"\203&\315\316!\210\310\202X\311
\317\"\2035\315\320!\210\310\202X\311
\321\"\203D\315\322!\210\310\202X\311
\323\"\203S\315\324!\210\310\202X\325\326!\210\310)\207" [b e smime-openssl-program buf args #1=#:--cl-var-- apply call-process-region nil eql 0 t 1 message "OpenSSL: An error occurred parsing the command options." 2 "OpenSSL: One of the input files could not be read." 3 "OpenSSL: An error occurred creating the PKCS#7 file or when reading the MIME message." 4 "OpenSSL: An error occurred decrypting or verifying the message." error "Unknown OpenSSL exitcode"] 9])
(defalias 'smime-make-certfiles #[(certfiles) "\205\301\302\303@!D\304A!\"\207" [certfiles append "-certfile" expand-file-name smime-make-certfiles] 4])
#@414 Sign region with certified key in KEYFILE.
If signing fails, the buffer is not modified.  Region is assumed to
have proper MIME tags.  KEYFILE is expected to contain a PEM encoded
private key and certificate as its car, and a list of additional
certificates to include in its caar.  If no additional certificates is
included, KEYFILE may be the file containing the PEM encoded private
key and certificate itself.
(defalias 'smime-sign-region #[(b e keyfile) "\306 \210\243\205\211A@)\242\206\307\310!\311\312!!\313\314!\f\203-\315\316\f\"\210\317\320 !
D\314\321\322\312!\323\324\n!\f\205G\325\326D\"&	\f\203T\315\316\327\330#\210r\"q\210\331
!\210\332
!\210)\205\201 !|\210\333!\210 b\210\334\335!\203\200`\336y\210`|\210\330r\"q\210db\210\333!\210)\337!\210-\207" [keyfile x certfiles buffer passphrase tmpfile smime-new-details-buffer generate-new-buffer " *smime*" smime-ask-passphrase expand-file-name smime-make-temp-file "smime" setenv "GNUS_SMIME_PASSPHRASE" apply smime-call-openssl-region "-sign" "-signer" append smime-make-certfiles "-passin" "env:GNUS_SMIME_PASSPHRASE" "" t insert-file-contents delete-file insert-buffer-substring looking-at "^MIME-Version: 1.0$" 1 kill-buffer b e smime-details-buffer] 14 (#$ . 6122)])
#@247 Encrypt region for recipients specified in CERTFILES.
If encryption fails, the buffer is not modified.  Region is assumed to
have proper MIME tags.  CERTFILES is a list of filenames, each file
is expected to contain of a PEM encoded certificate.
(defalias 'smime-encrypt-region #[(b e certfiles) "\306 \210\307\310!\311\312!\313\314\n	D\312\315\f\316\317
\"&rq\210\320!\210\321!\210)\205E\n|\210\322	!\210\nb\210\323\324!\203D`\325y\210`|\210\326rq\210db\210\322	!\210)\327	!\210*\207" [tmpfile buffer b e smime-encrypt-cipher certfiles smime-new-details-buffer generate-new-buffer " *smime*" smime-make-temp-file "smime" apply smime-call-openssl-region "-encrypt" mapcar expand-file-name insert-file-contents delete-file insert-buffer-substring looking-at "^MIME-Version: 1.0$" 1 t kill-buffer smime-details-buffer] 11 (#$ . 7396)])
#@99 S/MIME sign BUFFER with key in KEYFILE.
KEYFILE should contain a PEM encoded key and certificate.
(defalias 'smime-sign-buffer #[(&optional keyfile buffer) "r\206pq\210\303ed	\203	\202\304\305\306\n\307\n\242\242$!#?\205%\310\311!)\207" [buffer keyfile smime-keys smime-sign-region smime-get-key-with-certs-by-email gnus-completing-read "Sign using key" nil error "Signing failed"] 9 (#$ . 8250) nil])
#@206 S/MIME encrypt BUFFER for recipients specified in CERTFILES.
CERTFILES is a list of filenames, each file is expected to consist of
a PEM encoded key and certificate.  Uses current buffer if BUFFER is
nil.
(defalias 'smime-encrypt-buffer #[(&optional certfiles buffer) "r\206pq\210\303ed	\206\304\305\n\306#C#?\205\307\310!)\207" [buffer certfiles smime-certificate-directory smime-encrypt-region read-file-name "Recipient's S/MIME certificate: " nil error "Encryption failed"] 7 (#$ . 8667) nil])
#@170 Verify S/MIME message in region between B and E.
Returns non-nil on success.
Any details (stdout and stderr) are left in the buffer specified by
`smime-details-buffer'.
(defalias 'smime-verify-region #[(b e) "\306 \210\307\205
\310\311!D	\205\312\311	!D\"\211\204 \313\314!\210\203)\315\302\"\210\316\317\f
\320D\321\322\323\324\n&	\203?\320\202E\325!\210\326)\207" [smime-CA-file smime-CA-directory CAs smime-crl-check b e smime-new-details-buffer append "-CAfile" expand-file-name "-CApath" error "No CA configured" add-to-list apply smime-call-openssl-region t "smime" "-verify" "-out" "/dev/null" insert-buffer-substring nil smime-details-buffer] 11 (#$ . 9178)])
#@183 Verify integrity of S/MIME message in region between B and E.
Returns non-nil on success.
Any details (stdout and stderr) are left in the buffer specified by
`smime-details-buffer'.
(defalias 'smime-noverify-region #[(b e) "\303 \210\304	\n\305D\306\307\310\311\312&\203\305\207\313\n!\210\314\207" [b e smime-details-buffer smime-new-details-buffer smime-call-openssl-region t "smime" "-verify" "-noverify" "-out" "/dev/null" insert-buffer-substring nil] 9 (#$ . 9869)])
#@306 Decrypt S/MIME message in region between B and E with key in KEYFILE.
Optional FROM specifies sender's mail address.
On success, replaces region with decrypted data and return non-nil.
Any details (stderr on success, stdout and stderr on error) are left
in the buffer specified by `smime-details-buffer'.
(defalias 'smime-decrypt-region #[(b e keyfile &optional from) "\306 \210\307\310!\311\312\313!!\314\315!\n\203\316\317\n\"\210\320\321
\f	D\315\322\323\313!\n\2051\324\325D&	\n\203=\316\317\326\327#\210rq\210\330	!\210\331	!\210)\203k
|\210 \203_\332 \333\261\210\334\f!\210\335\f!\210\327\202\204rq\210\334\f!\210)\335\f!\210
|\210\334!\210\311,\207" [keyfile tmpfile passphrase CAs buffer b smime-new-details-buffer generate-new-buffer " *smime*" nil smime-ask-passphrase expand-file-name smime-make-temp-file "smime" setenv "GNUS_SMIME_PASSPHRASE" apply smime-call-openssl-region "-decrypt" "-recip" "-passin" "env:GNUS_SMIME_PASSPHRASE" "" t insert-file-contents delete-file "From: " "\n" insert-buffer-substring kill-buffer e smime-details-buffer from] 11 (#$ . 10352)])
#@205 Verify integrity of S/MIME message in BUFFER.
Uses current buffer if BUFFER is nil. Returns non-nil on success.
Any details (stdout and stderr) are left in the buffer specified by
`smime-details-buffer'.
(defalias 'smime-verify-buffer #[(&optional buffer) "r\206pq\210\301ed\")\207" [buffer smime-verify-region] 3 (#$ . 11469) nil])
#@271 Verify integrity of S/MIME message in BUFFER.
Does NOT verify validity of certificate (only message integrity).
Uses current buffer if BUFFER is nil. Returns non-nil on success.
Any details (stdout and stderr) are left in the buffer specified by
`smime-details-buffer'.
(defalias 'smime-noverify-buffer #[(&optional buffer) "r\206pq\210\301ed\")\207" [buffer smime-noverify-region] 3 (#$ . 11812) nil])
#@302 Decrypt S/MIME message in BUFFER using KEYFILE.
Uses current buffer if BUFFER is nil, and query user of KEYFILE if it's nil.
On success, replaces data in buffer and return non-nil.
Any details (stderr on success, stdout and stderr on error) are left
in the buffer specified by `smime-details-buffer'.
(defalias 'smime-decrypt-buffer #[(&optional buffer keyfile) "r\206pq\210\303ed\304	\206\305\306\307\n\310\n\242\242$!!#)\207" [buffer keyfile smime-keys smime-decrypt-region expand-file-name smime-get-key-by-email gnus-completing-read "Decipher using key" nil] 10 (#$ . 12225) nil])
(defalias 'smime-new-details-buffer #[nil "r\301!q\210\302 )\207" [smime-details-buffer get-buffer-create erase-buffer] 2])
#@69 Convert S/MIME message between points B and E into a PKCS7 message.
(defalias 'smime-pkcs7-region #[(b e) "\303 \210\304	\n\305\306%\205	|\210\307\n!\210\310\207" [b e smime-details-buffer smime-new-details-buffer smime-call-openssl-region "smime" "-pk7out" insert-buffer-substring t] 6 (#$ . 12946)])
#@76 Extract any certificates enclosed in PKCS7 message between points B and E.
(defalias 'smime-pkcs7-certificates-region #[(b e) "\303 \210\304	\n\305\306\307&\205	|\210\310\n!\210\311\207" [b e smime-details-buffer smime-new-details-buffer smime-call-openssl-region "pkcs7" "-print_certs" "-text" insert-buffer-substring t] 7 (#$ . 13258)])
#@113 Get email addresses contained in certificate between points B and E.
A string or a list of strings is returned.
(defalias 'smime-pkcs7-email-region #[(b e) "\303 \210\304	\n\305\306\307&\205	|\210\310\n!\210\311\207" [b e smime-details-buffer smime-new-details-buffer smime-call-openssl-region "x509" "-email" "-noout" insert-buffer-substring t] 7 (#$ . 13609)])
(defalias 'smime-get-certfiles #[(keyfile keys) "\205!@A\n\211A@)\230\203\nAA@\202 \305	\"*\207" [keys otherkeys curkey keyfile x smime-get-certfiles] 4])
#@66 Return each line in region between B and E as a list of strings.
(defalias 'smime-buffer-as-string-region #[(b e) "\212b\210\304`\nW\203\"`\305 {\211\306\230\204	B)\304y\210\202	*\207" [b res e str nil point-at-eol ""] 3 (#$ . 14150)])
(defalias 'smime-mail-to-domain #[(mailaddr) "\301\302\"\203\303\304\305\306$\207\207" [mailaddr string-match "@" replace-match "." fixedcase literal] 5])
#@44 Find certificate via DNS for address MAIL.
(defalias 'smime-cert-by-dns #[(mail) "\306\307\n!\310\311\211\312%\313\314\315\n\"!rq\210\316\307\n!\310\")\211\205&\317
!\211\203mr\fq\210\320c\210\321G\322ZV\203Z\211\322\\O\323\261\210\322\\\202;O\323\261\210*\324c\210)\202s\325\f!\210\311\325!\210\f-\207" [smime-dns-server dig-dns-server mail digbuf retbuf certrr dig-invoke smime-mail-to-domain "cert" nil "+vc" generate-new-buffer format "*certificate for %s*" dig-extract-rr dig-rr-get-pkix-cert "-----BEGIN CERTIFICATE-----\n" 0 64 "\n" "-----END CERTIFICATE-----\n" kill-buffer cert len i] 7 (#$ . 14562)])
#@56 Get certificate for MAIL from the ldap server at HOST.
(defalias 'smime-cert-by-ldap-1 #[(mail host) "\306\307!\210\310\311P	\312\313$\314\315\316\"!\313\211G\317Y\203\224\f@@A@G\320V\203\224rq\210\f@@A@\320\321O\322\230\204F\f@@A@\320\323O\324\230\203T\325\f@@A@\326\327\330$\202]\331\f@@A@\330\"\332c\210\320\nG
\333ZV\203\203\n\211\333\\O\334\261\210\333\\\202f\n
O\334\261\210*\335c\210)\202\232\336!\210\313+\207" [mail host cert retbuf ldapresult len require ldap ldap-search "mail=" ("userCertificate") nil generate-new-buffer format "*certificate for %s*" 1 0 27 "-----BEGIN CERTIFICATE-----" 3 "MII" smime-replace-in-string "\\(\n\\|
\\|-----BEGIN CERTIFICATE-----\\|-----END CERTIFICATE-----\\)" "" t base64-encode-string "-----BEGIN CERTIFICATE-----\n" 64 "\n" "-----END CERTIFICATE-----\n" kill-buffer i] 6 (#$ . 15220)])
#@45 Find certificate via LDAP for address MAIL.
(defalias 'smime-cert-by-ldap #[(mail) "\205\301\302\215\207" [smime-ldap-host-list certbuf (byte-code "\305\211\205\"\n@\306	\"\211\203\307\310\f\"\210)\nA\211\204\305*\207" [smime-ldap-host-list host --dolist-tail-- mail retbuf nil smime-cert-by-ldap-1 throw certbuf] 4)] 2 (#$ . 16094)])
(defvar smime-buffer "*SMIME*")
(defvar smime-mode-map (byte-code "\301 \302!\210\303\304\305#\210\303\306\307#\210)\207" [map make-sparse-keymap suppress-keymap define-key "q" smime-exit "f" smime-certificate-info] 4))
(byte-code "\300\301\302\"\210\303\304\305\306#\210\307\310N\204\303\307\310\311\312!#\210\313\314!\204%\303\314\315\304#\210\300\207" [autoload gnus-completing-read "gnus-util" put smime-mode mode-class special smime-mode-hook variable-documentation purecopy "Hook run when entering SMIME mode.\nNo problems result if this variable is not bound.\n`add-hook' automatically binds it.  (This is true for all hook variables.)" boundp smime-mode-map definition-name] 5)
(defvar smime-mode-map (make-sparse-keymap))
(byte-code "\300\301N\204\302\300\301\303\304!#\210\305\306!\204\302\306\307\310#\210\300\207" [smime-mode-map variable-documentation put purecopy "Keymap for `smime-mode'." boundp smime-mode-syntax-table definition-name smime-mode] 5)
(defvar smime-mode-syntax-table (make-syntax-table))
(byte-code "\300\301N\204\302\300\301\303\304!#\210\302\305\306\307#\207" [smime-mode-syntax-table variable-documentation put purecopy "Syntax table for `smime-mode'." smime-mode-abbrev-table definition-name smime-mode] 5)
(defvar smime-mode-abbrev-table (progn (define-abbrev-table 'smime-mode-abbrev-table nil) smime-mode-abbrev-table))
(byte-code "\300\301N\204\302\300\301\303\304!#\210\302\305\306\307#\207" [smime-mode-abbrev-table variable-documentation put purecopy "Abbrev table for `smime-mode'." smime-mode derived-mode-parent nil] 5)
#@269 Major mode for browsing, viewing and fetching certificates.

All normal editing commands are switched off.
\<smime-mode-map>

The following commands are available:

\{smime-mode-map}

This mode runs the hook `smime-mode-hook', as the final step
during initialization.
(defalias 'smime-mode #[nil "\306\300!\210\307\310 \210\311\312\313!\210\314\f!\210
\315\316 \210\307\211)\317\320!\207" [delay-mode-hooks major-mode mode-name smime-mode-map smime-mode-syntax-table smime-mode-abbrev-table make-local-variable t kill-all-local-variables smime-mode "SMIME" use-local-map set-syntax-table nil buffer-disable-undo run-mode-hooks smime-mode-hook local-abbrev-table mode-line-process truncate-lines buffer-read-only] 3 (#$ . 18033) nil])
(defalias 'smime-certificate-info #[(certfile) "\304\305\306\"!\307	!\210\310 \210\311\n\312	\313\314\315\316!\317&\210\320 \210\321\312!\210\322eb)\207" [certfile buffer smime-openssl-program buffer-read-only get-buffer-create format "*certificate %s*" switch-to-buffer erase-buffer call-process nil display "x509" "-in" expand-file-name "-text" fundamental-mode set-buffer-modified-p t] 9 nil "fCertificate file: "])
(defalias 'smime-draw-buffer #[nil "rq\210\306\307 \210\310c\210\n\306\211\203+\f@\311\312@\211A@)#c\210\fA\211\204*\313c\210\314c*\207" [smime-buffer buffer-read-only smime-keys key --dolist-tail-- x nil erase-buffer "\nYour keys:\n" format "		%s: %s\n" "\nTrusted Certificate Authorities:\n" "\nKnown Certificates:\n"] 5])
#@25 Go to the SMIME buffer.
(defalias 'smime #[nil "\301!\204r\302!q\210\303 \210)\304 \210\305!\207" [smime-buffer get-buffer get-buffer-create smime-mode smime-draw-buffer switch-to-buffer] 2 (#$ . 19546) nil])
#@25 Quit the S/MIME buffer.
(defalias 'smime-exit #[nil "\300p!\207" [kill-buffer] 2 (#$ . 19766) nil])
(defalias 'smime-get-key-by-email #[(email) "\303	\"\211A@)\207" [email smime-keys x assoc] 4])
(defalias 'smime-get-key-with-certs-by-email #[(email) "\302	\"A\207" [email smime-keys assoc] 3])
(provide 'smime)