;ELC   
;;; Compiled
;;; in Emacs version 27.1
;;; with all optimizations.

;;; This file uses dynamic docstrings, first added in Emacs 19.29.

;;; This file does not contain utf-8 non-ASCII characters,
;;; and so can be loaded in Emacs versions earlier than 23.

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;


(byte-code "\300\301!\210\300\302!\210\303\304\305\306\307\310%\210\311\312\313\314\315DD\316\317\320\307\304&\210\311\321\313\314\322DD\323\317\324\307\304&\210\311\325\313\314\326DD\327\330\331\317\332\307\304&	\210\311\333\313\314\334DD\335\317\336\307\304&\210\311\337\313\314\340DD\341\317\342\307\304&\210\311\343\313\314\344DD\345\330\331\317\346\307\304&	\210\311\347\313\314\350DD\351\317\352\307\304&\210\311\353\313\314\354DD\355\330\331\317\356\307\304&	\210\311\357\313\314\360DD\361\317\362\330\363\307\304&	\207" [require dig password-cache custom-declare-group smime nil "S/MIME configuration." :group mime custom-declare-variable smime-keys funcall function #[0 "\300\207" [nil] 1] "Map mail addresses to a file containing Certificate (and private key).\nThe file is assumed to be in PEM format.  You can also associate additional\ncertificates to be sent with every message to each address." :type (repeat (list (string :tag "Mail address") (file :tag "File name") (repeat :tag "Additional certificate files" (file :tag "File name")))) smime-CA-directory #[0 "\300\207" [nil] 1] "Directory containing certificates for CAs you trust.\nDirectory should contain files (in PEM format) named to the X.509\nhash of the certificate.  This can be done using OpenSSL such as:\n\n$ ln -s ca.pem \\=`openssl x509 -noout -hash -in ca.pem\\=`.0\n\nwhere `ca.pem' is the file containing a PEM encoded X.509 CA\ncertificate." (choice (const :tag "none" nil) directory) smime-CA-file #[0 "\300\207" [nil] 1] "Files containing certificates for CAs you trust.\nFile should contain certificates in PEM format." :version "22.1" (choice (const :tag "none" nil) file) smime-certificate-directory #[0 "\300\207" [#1="~/Mail/certs/"] 1 #1#] "Directory containing other people's certificates.\nIt should contain files named to the X.509 hash of the certificate,\nand the files themselves should be in PEM format." directory smime-openssl-program #[0 "\3001 \301\302\303\211\211\304%\305=0\202 \210\303\207\205 \302\207" [(error) call-process "openssl" nil "version" 0] 6] "Name of OpenSSL binary." string smime-encrypt-cipher #[0 "\300\207" [#2="-des3"] 1 #2#] "Cipher algorithm used for encryption." (choice (const :tag "Triple DES" "-des3") (const :tag "DES" "-des") (const :tag "RC2 40 bits" "-rc2-40") (const :tag "RC2 64 bits" "-rc2-64") (const :tag "RC2 128 bits" "-rc2-128")) smime-crl-check #[0 "\300\207" [nil] 1] "Check revocation status of signers certificate using CRLs.\nEnabling this will have OpenSSL check the signers certificate\nagainst a certificate revocation list (CRL).\n\nFor this to work the CRL must be up-to-date and since they are\nnormally updated quite often (i.e., several times a day) you\nprobably need some tool to keep them up-to-date.  Unfortunately\nGnus cannot do this for you.\n\nThe CRL should either be appended (in PEM format) to your\n`smime-CA-file' or be located in a file (also in PEM format) in\nyour `smime-certificate-directory' named to the X.509 hash of the\ncertificate with .r0 as file name extension.\n\nAt least OpenSSL version 0.9.7 is required for this to work." (choice (const :tag "No check" nil) (const :tag "Check certificate" "-crl_check") (const :tag "Check certificate chain" "-crl_check_all")) smime-dns-server #[0 "\300\207" [nil] 1] "DNS server to query certificates from.\nIf nil, use system defaults." (choice (const :tag "System defaults") string) smime-ldap-host-list #[0 "\300\207" [nil] 1] "A list of LDAP hosts with S/MIME user certificates.\nIf needed search base, binddn, passwd, etc. for the LDAP host\nmust be set in `ldap-host-parameters-alist'." (repeat (string :tag "Host name")) "23.1"] 10)
(defvar smime-details-buffer "*OpenSSL output*")
#@163 Asks the passphrase to unlock the secret key.
If `cache-key' and `password-cache' is non-nil then cache the
password under `cache-key'.

(fn &optional CACHE-KEY)
(defalias 'smime-ask-passphrase #[256 "\300\301\"\211\302\230?\205 \211\203 \203 \303\"\210\211\207" [password-read "Passphrase for secret key (RET for no passphrase): " "" password-cache-add] 5 (#$ . 4131)])
#@27 

(fn B E BUF &rest ARGS)
(defalias 'smime-call-openssl-region #[899 "\301\302\303\303&\211\304\267\2027 \305\202: \306\307!\210\303\202: \306\310!\210\303\202: \306\311!\210\303\202: \306\312!\210\303\202: \313\314!\207" [smime-openssl-program apply call-process-region nil #s(hash-table size 5 test eql rehash-size 1.5 rehash-threshold 0.8125 purecopy t data (0 19 1 23 2 31 3 39 4 47)) t message "OpenSSL: An error occurred parsing the command options." "OpenSSL: One of the input files could not be read." "OpenSSL: An error occurred creating the PKCS#7 file or when reading the MIME message." "OpenSSL: An error occurred decrypting or verifying the message." error "Unknown OpenSSL exitcode"] 13 (#$ . 4515)])
#@18 

(fn CERTFILES)
(defalias 'smime-make-certfiles #[257 "\211\205 \300\301\302@!D\303A!\"\207" [append "-certfile" expand-file-name smime-make-certfiles] 5 (#$ . 5244)])
#@432 Sign region with certified key in KEYFILE.
If signing fails, the buffer is not modified.  Region is assumed to
have proper MIME tags.  KEYFILE is expected to contain a PEM encoded
private key and certificate as its car, and a list of additional
certificates to include in its caar.  If no additional certificates is
included, KEYFILE may be the file containing the PEM encoded private
key and certificate itself.

(fn B E KEYFILE)
(defalias 'smime-sign-region #[771 "\301 \210\211\243\205 \211A@\242\206 \302\303!\304\305!!\306\307!\203% \310\311\"\210\312\313		D\307\314\315\305\f!\316\317!\f\205C \320\321D\"&	\203P \310\311\322\323#\210rq\210\324!\210\325!\210)\205| |\210\326!\210b\210\327\330!\203{ `\331y\210`|\210\323rq\210db\210\326!\210)\332!\210\207" [smime-details-buffer smime-new-details-buffer generate-new-buffer " *smime*" smime-ask-passphrase expand-file-name make-temp-file "smime" setenv "GNUS_SMIME_PASSPHRASE" apply smime-call-openssl-region "-sign" "-signer" append smime-make-certfiles "-passin" "env:GNUS_SMIME_PASSPHRASE" "" t insert-file-contents delete-file insert-buffer-substring looking-at "^MIME-Version: 1.0$" 1 kill-buffer] 21 (#$ . 5423)])
#@267 Encrypt region for recipients specified in CERTFILES.
If encryption fails, the buffer is not modified.  Region is assumed to
have proper MIME tags.  CERTFILES is a list of filenames, each file
is expected to contain of a PEM encoded certificate.

(fn B E CERTFILES)
(defalias 'smime-encrypt-region #[771 "\302 \210\303\304!\305\306!\307\310D\306\311\312\313\f\"&r	q\210\314!\210\315!\210)\205E |\210\316!\210b\210\317\320!\203D `\321y\210`|\210\322r	q\210db\210\316!\210)\323!\210\207" [smime-encrypt-cipher smime-details-buffer smime-new-details-buffer generate-new-buffer " *smime*" make-temp-file "smime" apply smime-call-openssl-region "-encrypt" mapcar expand-file-name insert-file-contents delete-file insert-buffer-substring looking-at "^MIME-Version: 1.0$" 1 t kill-buffer] 16 (#$ . 6634)])
#@130 S/MIME sign BUFFER with key in KEYFILE.
KEYFILE should contain a PEM encoded key and certificate.

(fn &optional KEYFILE BUFFER)
(defalias 'smime-sign-buffer #[512 "r\211\206 pq\210\301ed\203 \202 \302\303\304\305\242\242$!#?\205% \306\307!)\207" [smime-keys smime-sign-region smime-get-key-with-certs-by-email gnus-completing-read "Sign using key" nil error "Signing failed"] 11 (#$ . 7457) nil])
#@239 S/MIME encrypt BUFFER for recipients specified in CERTFILES.
CERTFILES is a list of filenames, each file is expected to consist of
a PEM encoded key and certificate.  Uses current buffer if BUFFER is
nil.

(fn &optional CERTFILES BUFFER)
(defalias 'smime-encrypt-buffer #[512 "r\211\206 pq\210\301ed\206 \302\303\304#C#?\205 \305\306!)\207" [smime-certificate-directory smime-encrypt-region read-file-name "Recipient's S/MIME certificate: " nil error "Encryption failed"] 9 (#$ . 7869) nil])
#@180 Verify S/MIME message in region between B and E.
Returns non-nil on success.
Any details (stdout and stderr) are left in the buffer specified by
`smime-details-buffer'.

(fn B E)
(defalias 'smime-verify-region #[514 "\304 \210\305\205 \306\307!D	\205 \310\307	!D\"p\204  \311\312!\210\n\2033 \n\235\203. \2021 \nB\262\313\314!r\211q\210\315\316\317\320\321!\322\"\323$\216prq\210\324\325D\326\327\330\331\f&	\205f r\211q\210\332 ))\262*\262\207" [smime-CA-file smime-CA-directory smime-crl-check smime-details-buffer smime-new-details-buffer append "-CAfile" expand-file-name "-CApath" error "No CA configured" generate-new-buffer " *temp*" make-byte-code 0 "\301\300!\205	 \302\300!\207" vconcat vector [buffer-name kill-buffer] 2 apply smime-call-openssl-region "smime" "-verify" "-out" "-" buffer-string] 16 (#$ . 8373)])
#@193 Verify integrity of S/MIME message in region between B and E.
Returns non-nil on success.
Any details (stdout and stderr) are left in the buffer specified by
`smime-details-buffer'.

(fn B E)
(defalias 'smime-noverify-region #[514 "\301 \210\302\303D\304\305\306\307\310&\203 \303\207\311!\210\312\207" [smime-details-buffer smime-new-details-buffer smime-call-openssl-region t "smime" "-verify" "-noverify" "-out" "/dev/null" insert-buffer-substring nil] 11 (#$ . 9225)])
#@339 Decrypt S/MIME message in region between B and E with key in KEYFILE.
Optional FROM specifies sender's mail address.
On success, replaces region with decrypted data and return non-nil.
Any details (stderr on success, stdout and stderr on error) are left
in the buffer specified by `smime-details-buffer'.

(fn B E KEYFILE &optional FROM)
(defalias 'smime-decrypt-region #[1027 "\301 \210\302\303!\304\305!!\306\307!\203 \310\311\"\210\312\313D\307\314\315\305!\n\2050 \316\317D&	\203< \310\311\320\321#\210rq\210\322!\210\323!\210)\203h |\210\203\\ \324\325\261\210\326!\210\327!\210\321\202\200 rq\210\326!\210)\327!\210|\210\326!\210\330\207" [smime-details-buffer smime-new-details-buffer generate-new-buffer " *smime*" smime-ask-passphrase expand-file-name make-temp-file "smime" setenv "GNUS_SMIME_PASSPHRASE" apply smime-call-openssl-region "-decrypt" "-recip" "-passin" "env:GNUS_SMIME_PASSPHRASE" "" t insert-file-contents delete-file "From: " "\n" insert-buffer-substring kill-buffer nil] 18 (#$ . 9711)])
#@229 Verify integrity of S/MIME message in BUFFER.
Uses current buffer if BUFFER is nil.  Returns non-nil on success.
Any details (stdout and stderr) are left in the buffer specified by
`smime-details-buffer'.

(fn &optional BUFFER)
(defalias 'smime-verify-buffer #[256 "r\211\206 pq\210\300ed\")\207" [smime-verify-region] 4 (#$ . 10768) nil])
#@295 Verify integrity of S/MIME message in BUFFER.
Does NOT verify validity of certificate (only message integrity).
Uses current buffer if BUFFER is nil.  Returns non-nil on success.
Any details (stdout and stderr) are left in the buffer specified by
`smime-details-buffer'.

(fn &optional BUFFER)
(defalias 'smime-noverify-buffer #[256 "r\211\206 pq\210\300ed\")\207" [smime-noverify-region] 4 (#$ . 11116) nil])
#@333 Decrypt S/MIME message in BUFFER using KEYFILE.
Uses current buffer if BUFFER is nil, and query user of KEYFILE if it's nil.
On success, replaces data in buffer and return non-nil.
Any details (stderr on success, stdout and stderr on error) are left
in the buffer specified by `smime-details-buffer'.

(fn &optional BUFFER KEYFILE)
(defalias 'smime-decrypt-buffer #[512 "r\206 pq\210\301ed\302\206 \303\304\305\306\242\242$!!#)\207" [smime-keys smime-decrypt-region expand-file-name smime-get-key-by-email gnus-completing-read "Decipher using key" nil] 12 (#$ . 11534) nil])
(defalias 'smime-new-details-buffer #[0 "r\301!q\210\302 )\207" [smime-details-buffer get-buffer-create erase-buffer] 2])
#@79 Convert S/MIME message between points B and E into a PKCS7 message.

(fn B E)
(defalias 'smime-pkcs7-region #[514 "\301 \210\302\303\304%\205 |\210\305!\210\306\207" [smime-details-buffer smime-new-details-buffer smime-call-openssl-region "smime" "-pk7out" insert-buffer-substring t] 8 (#$ . 12244)])
#@86 Extract any certificates enclosed in PKCS7 message between points B and E.

(fn B E)
(defalias 'smime-pkcs7-certificates-region #[514 "\301 \210\302\303\304\305&\205 |\210\306!\210\307\207" [smime-details-buffer smime-new-details-buffer smime-call-openssl-region "pkcs7" "-print_certs" "-text" insert-buffer-substring t] 9 (#$ . 12558)])
#@123 Get email addresses contained in certificate between points B and E.
A string or a list of strings is returned.

(fn B E)
(defalias 'smime-pkcs7-email-region #[514 "\301 \210\302\303\304\305&\205 |\210\306!\210\307\207" [smime-details-buffer smime-new-details-buffer smime-call-openssl-region "x509" "-email" "-noout" insert-buffer-substring t] 9 (#$ . 12911)])
#@21 

(fn KEYFILE KEYS)
(defalias 'smime-get-certfiles #[514 "\211\205 \211@AA@\230\203 \3008\202 \301\"\266\202\207" [2 smime-get-certfiles] 7 (#$ . 13287)])
#@76 Return each line in region between B and E as a list of strings.

(fn B E)
(defalias 'smime-buffer-as-string-region #[514 "\212b\210\300`W\203! `\301 {\211\302\230\204 \211B\262\210\300y\210\202 \211\262)\207" [nil point-at-eol ""] 6 (#$ . 13457)])
#@17 

(fn MAILADDR)
(defalias 'smime-mail-to-domain #[257 "\300\301\"\203 \302\303\304\305$\207\207" [string-match "@" replace-match "." fixedcase literal] 6 (#$ . 13719)])
#@55 Find certificate via DNS for address MAIL.

(fn MAIL)
(defalias 'smime-cert-by-dns #[257 "\302\303!\304\305\211\306%\307\310\311\"!rq\210\312\303!\304\")\211\205# \313!\211\203] rq\210\314c\210\315G\211\316ZV\203L \317\211\316\\#\320\261\210\316\\\262\2021 \317#\320\261\266\321c\210)\202d \322!\210\305\262\322!\210)\207" [smime-dns-server dig-dns-server dig-invoke smime-mail-to-domain "cert" nil "+vc" generate-new-buffer format "*certificate for %s*" dig-extract-rr dig-rr-get-pkix-cert "-----BEGIN CERTIFICATE-----\n" 0 64 substring "\n" "-----END CERTIFICATE-----\n" kill-buffer] 12 (#$ . 13897)])
#@72 Get certificate for MAIL from the ldap server at HOST.

(fn MAIL HOST)
(defalias 'smime-cert-by-ldap-1 #[514 "\300\301!\210\302\303P\304\305$\306\307\310\"!\305\211:\203\207 @@A@\211\262\203\207 G\311V\203\207 rq\210\312\311\313#\314\230\204C \312\311\315#\316\230\203O \317\320\321\305\322%\262\202U \323\322\"\262\324c\210\311G\211\325ZV\203v \312\211\325\\#\326\261\210\325\\\262\202[ \312#\326\261\266\327c\210)\202\216 \330!\210\305\262\207" [require ldap ldap-search "mail=" ("userCertificate") nil generate-new-buffer format "*certificate for %s*" 0 substring 27 "-----BEGIN CERTIFICATE-----" 3 "MII" replace-regexp-in-string "\\(\n\\|\\|-----BEGIN CERTIFICATE-----\\|-----END CERTIFICATE-----\\)" "" t base64-encode-string "-----BEGIN CERTIFICATE-----\n" 64 "\n" "-----END CERTIFICATE-----\n" kill-buffer] 13 (#$ . 14531)])
#@56 Find certificate via LDAP for address MAIL.

(fn MAIL)
(defalias 'smime-cert-by-ldap #[257 "\205' \3012' \211\205$ \211@\302\"\211\203 \303\301\"\210\210A\266\202\202	 \2620\207" [smime-ldap-host-list certbuf smime-cert-by-ldap-1 throw] 7 (#$ . 15399)])
(defvar smime-buffer "*SMIME*")
(defvar smime-mode-map (byte-code "\300 \301!\210\302\303\304#\210\302\305\306#\210\211\207" [make-sparse-keymap suppress-keymap define-key "q" smime-exit "f" smime-certificate-info] 5))
(byte-code "\300\301\302\"\210\303\304\305\306#\207" [autoload gnus-completing-read "gnus-util" put smime-mode mode-class special] 4)
(defvar smime-mode-hook nil)
(byte-code "\300\301N\204\f \302\300\301\303#\210\304\305!\204 \302\305\306\307#\210\300\207" [smime-mode-hook variable-documentation put "Hook run after entering SMIME mode.\nNo problems result if this variable is not bound.\n`add-hook' automatically binds it.  (This is true for all hook variables.)" boundp smime-mode-map definition-name smime-mode] 4)
(defvar smime-mode-map (make-sparse-keymap))
(byte-code "\301\302N\204 \303\301\302\304\305!#\210\306\307!\204 \303\307\310\311#\210\312\313 !\210\307\302N\204- \303\307\302\304\314!#\210\306\300!\204B \303\300\310\311#\210\315\316\300\317\"\210!\210\300\302N\204P \303\300\302\304\320!#\210\303\311\321\317#\207" [smime-mode-abbrev-table smime-mode-map variable-documentation put purecopy "Keymap for `smime-mode'." boundp smime-mode-syntax-table definition-name smime-mode (lambda (#1=#:def-tmp-var) (defvar smime-mode-syntax-table #1#)) make-syntax-table "Syntax table for `smime-mode'." (lambda (#1#) (defvar smime-mode-abbrev-table #1#)) define-abbrev-table nil "Abbrev table for `smime-mode'." derived-mode-parent] 5)
#@284 Major mode for browsing, viewing and fetching certificates.

All normal editing commands are switched off.
\<smime-mode-map>

The following commands are available:

\{smime-mode-map}

This mode runs the hook `smime-mode-hook', as the final or penultimate step
during initialization.
(defalias 'smime-mode #[0 "\306\300!\210\307\310 \210\311\312\313!\210\314\f!\210\315\316 \210\307\211)\317\320!\207" [delay-mode-hooks major-mode mode-name smime-mode-map smime-mode-syntax-table smime-mode-abbrev-table make-local-variable t kill-all-local-variables smime-mode "SMIME" use-local-map set-syntax-table nil buffer-disable-undo run-mode-hooks smime-mode-hook local-abbrev-table mode-line-process truncate-lines buffer-read-only] 3 (#$ . 17137) nil])
#@17 

(fn CERTFILE)
(defalias 'smime-certificate-info #[257 "\302\303\304\"!\305!\210\306 \210\307\310\311\312\313\314	!\315&\210\316 \210\317\310!\210\320eb\207" [smime-openssl-program buffer-read-only get-buffer-create format "*certificate %s*" switch-to-buffer erase-buffer call-process nil display "x509" "-in" expand-file-name "-text" fundamental-mode set-buffer-modified-p t] 11 (#$ . 17902) "fCertificate file: "])
(defalias 'smime-draw-buffer #[0 "rq\210\303\304 \210\305c\210\n\211\203$ \211@\306\307@A@#c\210A\266\202\202 \210\310c\210\311c*\207" [smime-buffer buffer-read-only smime-keys nil erase-buffer "\nYour keys:\n" format "		%s: %s\n" "\nTrusted Certificate Authorities:\n" "\nKnown Certificates:\n"] 6])
#@25 Go to the SMIME buffer.
(defalias 'smime #[0 "\301!\204 r\302!q\210\303 \210)\304 \210\305!\207" [smime-buffer get-buffer get-buffer-create smime-mode smime-draw-buffer switch-to-buffer] 2 (#$ . 18640) nil])
#@25 Quit the S/MIME buffer.
(defalias 'smime-exit #[0 "\300p!\207" [kill-buffer] 2 (#$ . 18858) nil])
#@14 

(fn EMAIL)
(defalias 'smime-get-key-by-email #[257 "\301\"A@\207" [smime-keys assoc] 4 (#$ . 18962)])
#@14 

(fn EMAIL)
(defalias 'smime-get-key-with-certs-by-email #[257 "\301\"A\207" [smime-keys assoc] 4 (#$ . 19074)])
(provide 'smime)