GNU bug report logs - #36222
26.1; Message sent even with invalid S/MIME password

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 36222 in the body.
You can then email your comments to 36222 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Christophe TROESTLER <Christophe.TROESTLER <at> umons.ac.be>
To: "bug-gnu-emacs <at> gnu.org" <bug-gnu-emacs <at> gnu.org>
Subject: 26.1; Message sent even with invalid S/MIME password
Date: Sat, 15 Jun 2019 09:21:52 +0000

[Message part 1 (text/plain, inline)]

Hi,

I am digitally signing emails with S/MIME (because that's what my colleagues support) using the default configuration (that is “gpgsm” through EasyPG) and it works well.  However, I got the surprise that, if I cancel the dialog box asking for the password (my S/MIME certificate is password protected), then the message is sent (with an invalid S/MIME attachment)!  Returning to editing the message would be a better behavior in this case.

Best regards,
C.


In GNU Emacs 26.1 (build 2, x86_64-pc-linux-gnu, GTK+ Version 3.24.4)
 of 2019-02-03, modified by Debian built on zam904
Windowing system distributor 'The X.Org Foundation', version 11.0.12004000
System Description:	Debian GNU/Linux 10 (buster)

Recent messages:
Grep finished with 4 matches found
Mark set
completing-read-default: Command attempted to use minibuffer while in minibuffer
Grep finished with 5 matches found
Making completion list... [3 times]
Quit
Undo!
Mark saved where search started
Page has 2121 lines (1596 + 525)
C-x C-g is undefined

Configured using:
 'configure --build x86_64-linux-gnu --prefix=/usr
 --sharedstatedir=/var/lib --libexecdir=/usr/lib
 --localstatedir=/var/lib --infodir=/usr/share/info
 --mandir=/usr/share/man --enable-libsystemd --with-pop=yes
 --enable-locallisppath=/etc/emacs:/usr/local/share/emacs/26.1/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/26.1/site-lisp:/usr/share/emacs/site-lisp
 --with-sound=alsa --without-gconf --with-mailutils --build
 x86_64-linux-gnu --prefix=/usr --sharedstatedir=/var/lib
 --libexecdir=/usr/lib --localstatedir=/var/lib
 --infodir=/usr/share/info --mandir=/usr/share/man --enable-libsystemd
 --with-pop=yes
 --enable-locallisppath=/etc/emacs:/usr/local/share/emacs/26.1/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/26.1/site-lisp:/usr/share/emacs/site-lisp
 --with-sound=alsa --without-gconf --with-mailutils --with-x=yes
 --with-x-toolkit=gtk3 --with-toolkit-scroll-bars 'CFLAGS=-g -O2
 -fdebug-prefix-map=/build/emacs-26.1+1=. -fstack-protector-strong
 -Wformat -Werror=format-security -Wall' 'CPPFLAGS=-Wdate-time
 -D_FORTIFY_SOURCE=2' LDFLAGS=-Wl,-z,relro'

Configured features:
XPM JPEG TIFF GIF PNG RSVG IMAGEMAGICK SOUND GPM DBUS GSETTINGS NOTIFY
ACL LIBSELINUX GNUTLS LIBXML2 FREETYPE M17N_FLT LIBOTF XFT ZLIB
TOOLKIT_SCROLL_BARS GTK3 X11 THREADS LIBSYSTEMD LCMS2

Important settings:
  value of $LC_MESSAGES: en_US.UTF-8
  value of $LC_NUMERIC: en_US.UTF-8
  value of $LANG: en_US.UTF-8
  locale-coding-system: utf-8-unix

Major mode: mu4e-headers

Minor modes in effect:
  TeX-PDF-mode: t
  global-magit-file-mode: t
  diff-auto-refine-mode: t
  magit-auto-revert-mode: t
  global-git-commit-mode: t
  async-bytecomp-package-mode: t
  shell-dirtrack-mode: t
  desktop-save-mode: t
  hl-line-mode: t
  show-paren-mode: t
  global-edit-server-edit-mode: t
  tooltip-mode: t
  global-eldoc-mode: t
  electric-indent-mode: t
  mouse-wheel-mode: t
  menu-bar-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  buffer-read-only: t
  column-number-mode: t
  line-number-mode: t
  transient-mark-mode: t

Load-path shadows:
~/software/OCaml/dune/editor-integration/emacs/dune-flymake hides /home/trch/.opam/4.07.1/share/emacs/site-lisp/dune-flymake
~/software/OCaml/dune/editor-integration/emacs/dune hides /home/trch/.opam/4.07.1/share/emacs/site-lisp/dune
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/deb-view hides /usr/share/emacs/site-lisp/elpa/debian-el-37/deb-view
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/debian-bug hides /usr/share/emacs/site-lisp/elpa/debian-el-37/debian-bug
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/apt-utils hides /usr/share/emacs/site-lisp/elpa/debian-el-37/apt-utils
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/preseed hides /usr/share/emacs/site-lisp/elpa/debian-el-37/preseed
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/apt-sources hides /usr/share/emacs/site-lisp/elpa/debian-el-37/apt-sources
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/debian-autoloads hides /usr/share/emacs/site-lisp/elpa/debian-el-37/debian-autoloads
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/debian-el hides /usr/share/emacs/site-lisp/elpa/debian-el-37/debian-el
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/debian-el-autoloads hides /usr/share/emacs/site-lisp/elpa/debian-el-37/debian-el-autoloads
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/gnus-BTS hides /usr/share/emacs/site-lisp/elpa/debian-el-37/gnus-BTS
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/debian-el-pkg hides /usr/share/emacs/site-lisp/elpa/debian-el-37/debian-el-pkg
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/deb-view hides /usr/share/emacs/site-lisp/elpa-src/debian-el-37/deb-view
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/apt-utils hides /usr/share/emacs/site-lisp/elpa-src/debian-el-37/apt-utils
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/preseed hides /usr/share/emacs/site-lisp/elpa-src/debian-el-37/preseed
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/debian-bug hides /usr/share/emacs/site-lisp/elpa-src/debian-el-37/debian-bug
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/apt-sources hides /usr/share/emacs/site-lisp/elpa-src/debian-el-37/apt-sources
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/debian-autoloads hides /usr/share/emacs/site-lisp/elpa-src/debian-el-37/debian-autoloads
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/debian-el hides /usr/share/emacs/site-lisp/elpa-src/debian-el-37/debian-el
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/debian-el-autoloads hides /usr/share/emacs/site-lisp/elpa-src/debian-el-37/debian-el-autoloads
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/gnus-BTS hides /usr/share/emacs/site-lisp/elpa-src/debian-el-37/gnus-BTS
/home/trch/.emacs.d/elpa/debian-el-20181020.1513/debian-el-pkg hides /usr/share/emacs/site-lisp/elpa-src/debian-el-37/debian-el-pkg
/usr/share/emacs/site-lisp/rst hides /usr/share/emacs/26.1/lisp/textmodes/rst

Features:
(calc-alg calc-ext calc-menu calc calc-loaddefs calc-macs grep dabbrev
mhtml-mode css-mode eww mm-url url-queue url url-proxy url-privacy
url-expand url-methods url-history url-cookie url-domsuf js cc-mode
cc-fonts cc-guess cc-menus cc-cmds cc-styles cc-align cc-engine cc-vars
cc-defs sgml-mode texmathp misearch multi-isearch view cal-china lunar
solar cal-dst cal-islam holidays hol-loaddefs cal-move shadow emacsbug
url-util timezone shr-color color shr svg dom smiley gnus-cite
mm-archive network-stream nsm starttls mailalias qp mail-extr sort
visual-fill-column face-remap latexenc org-rmail org-mhe org-irc
org-info org-gnus nnir org-docview org-bibtex org-bbdb org-w3m merlin-ac
auto-complete popup tuareg caml-help find-file flycheck json map
elec-pair vc-git reftex-auc preview prv-emacs tex-buf reftex-dcr reftex
reftex-loaddefs reftex-vars flyspell ispell latex latex-flymake
tex-ispell tex-style tex-mode font-latex tex dbus xml bibtex
dune-flymake flymake-proc flymake compile warnings dune skeleton smie
utop utop-minor-mode pcase merlin-cap merlin caml-types caml-emacs
magit-submodule magit-obsolete magit-blame magit-stash magit-reflog
magit-bisect magit-push magit-pull magit-fetch magit-clone magit-remote
magit-commit magit-sequence magit-notes magit-worktree magit-tag
magit-merge magit-branch magit-reset magit-files magit-refs magit-status
magit magit-repos magit-apply magit-wip magit-log which-func imenu
magit-diff smerge-mode diff-mode magit-core magit-autorevert
magit-margin magit-transient magit-process magit-mode transient
git-commit magit-git magit-section magit-utils crm log-edit pcvs-util
add-log with-editor cl-extra async-bytecomp async shell subr-x dash
erc-goodies erc erc-backend erc-compat pp org-mu4e org-agenda
mu4e-icalendar gnus-icalendar org-capture mu4e-contrib mu4e desktop
frameset mu4e-speedbar speedbar sb-image ezimage dframe mu4e-main
mu4e-view thingatpt browse-url gnus-art mm-uu mml2015 mm-view mml-smime
smime dig mailcap gnus-sum gnus-group gnus-undo gnus-start gnus-cloud
nnimap nnmail mail-source tls gnutls utf7 netrc nnoo parse-time
gnus-spec gnus-int gnus-range gnus-win gnus nnheader wid-edit
mu4e-headers mu4e-compose mu4e-context mu4e-draft mu4e-actions ido
rfc2368 smtpmail sendmail mu4e-mark mu4e-message flow-fill mu4e-proc
mu4e-utils doc-view jka-compr image-mode mu4e-lists mu4e-vars message
rmc puny dired dired-loaddefs rfc822 mml mml-sec gnus-util rmail
rmail-loaddefs mm-decode mm-bodies mm-encode mail-parse rfc2231 rfc2047
rfc2045 ietf-drums mailabbrev mail-utils gmm-utils mailheader hl-line
mu4e-meta adoc-mode tempo markup-faces org-element avl-tree generator
org org-macro org-footnote org-pcomplete pcomplete org-list org-faces
org-entities noutline outline easy-mmode org-version ob-emacs-lisp ob
ob-tangle org-src ob-ref ob-lob ob-table ob-keys ob-exp ob-comint comint
ansi-color ring ob-core ob-eval org-compat org-macs org-loaddefs
format-spec find-func epa-file epa derived epg cl quail help-mode
mm-util mail-prsvr autorevert filenotify edmacro kmacro paren icalendar
diary-lib diary-loaddefs cal-menu calendar cal-loaddefs edit-server
advice server finder-inf tex-site debian-el gh-common marshal
eieio-compat rx info package easymenu epg-config url-handlers url-parse
auth-source cl-seq eieio eieio-core cl-macs eieio-loaddefs
password-cache url-vars seq byte-opt gv bytecomp byte-compile cconv
cl-loaddefs cl-lib time-date mule-util tooltip eldoc electric uniquify
ediff-hook vc-hooks lisp-float-type mwheel term/x-win x-win
term/common-win x-dnd tool-bar dnd fontset image regexp-opt fringe
tabulated-list replace newcomment text-mode elisp-mode lisp-mode
prog-mode register page menu-bar rfn-eshadow isearch timer select
scroll-bar mouse jit-lock font-lock syntax facemenu font-core
term/tty-colors frame cl-generic cham georgian utf-8-lang misc-lang
vietnamese tibetan thai tai-viet lao korean japanese eucjp-ms cp51932
hebrew greek romanian slovak czech european ethiopic indian cyrillic
chinese composite charscript charprop case-table epa-hook jka-cmpr-hook
help simple abbrev obarray minibuffer cl-preloaded nadvice loaddefs
button faces cus-face macroexp files text-properties overlay sha1 md5
base64 format env code-pages mule custom widget hashtable-print-readable
backquote dbusbind inotify lcms2 dynamic-setting system-font-setting
font-render-setting move-toolbar gtk x-toolkit x multi-tty
make-network-process emacs)

Memory information:
((conses 16 795636 114743)
 (symbols 48 67643 1)
 (miscs 40 4200 2699)
 (strings 32 237875 18898)
 (string-bytes 1 7206184)
 (vectors 16 84065)
 (vector-slots 8 2267996 182866)
 (floats 8 1389 1041)
 (intervals 56 11381 3762)
 (buffers 992 726))

[smime.p7s (application/pkcs7-signature, attachment)]

Message #8 received at 36222 <at> debbugs.gnu.org (full text, mbox):

From: Lars Ingebrigtsen <larsi <at> gnus.org>
To: Christophe TROESTLER <Christophe.TROESTLER <at> umons.ac.be>
Cc: 36222 <at> debbugs.gnu.org
Subject: Re: bug#36222: 26.1; Message sent even with invalid S/MIME password
Date: Sun, 22 Sep 2019 23:50:17 +0200

Christophe TROESTLER <Christophe.TROESTLER <at> umons.ac.be> writes:

> I am digitally signing emails with S/MIME (because that's what my
> colleagues support) using the default configuration (that is “gpgsm”
> through EasyPG) and it works well.  However, I got the surprise that,
> if I cancel the dialog box asking for the password (my S/MIME
> certificate is password protected), then the message is sent (with an
> invalid S/MIME attachment)!  Returning to editing the message would be
> a better behavior in this case.

I'm not very familiar with how S/MIME works.

How do you ask Message to send with S/MIME?  Using the `C-c C-m C s'
command?  And how do you set up the S/MIME recipient stuff?

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

Message #11 received at 36222 <at> debbugs.gnu.org (full text, mbox):

From: Christophe TROESTLER <Christophe.TROESTLER <at> umons.ac.be>
To: Lars Ingebrigtsen <larsi <at> gnus.org>
Cc: "36222 <at> debbugs.gnu.org" <36222 <at> debbugs.gnu.org>
Subject: Re: bug#36222: 26.1; Message sent even with invalid S/MIME password
Date: Thu, 17 Oct 2019 22:06:20 +0000

[Message part 1 (text/plain, inline)]

Hi,

I apologize for the delay in replying.

On 22 September 2019 at 23:50 CEST, Lars Ingebrigtsen <larsi <at> gnus.org> wrote:
>
> I'm not very familiar with how S/MIME works.
>
> How do you ask Message to send with S/MIME?  Using the `C-c C-m C s'
> command?

Yes.

> And how do you set up the S/MIME recipient stuff?

My config :

(setq mml-smime-use 'epg)
(setq mm-decrypt-option 'always)
(setq mm-verify-option 'always)
(setq gnus-buttonized-mime-types '("multipart/encrypted" "multipart/signed"))

Then use gpgsm to import your certificate (delivered by a certificate authority).

Hope it helps.

Best,
C.

[smime.p7s (application/pkcs7-signature, attachment)]

Message #14 received at 36222 <at> debbugs.gnu.org (full text, mbox):

From: Lars Ingebrigtsen <larsi <at> gnus.org>
To: Christophe TROESTLER <Christophe.TROESTLER <at> umons.ac.be>
Cc: "36222 <at> debbugs.gnu.org" <36222 <at> debbugs.gnu.org>
Subject: Re: bug#36222: 26.1; Message sent even with invalid S/MIME password
Date: Fri, 18 Oct 2019 05:31:16 +0200

Christophe TROESTLER <Christophe.TROESTLER <at> umons.ac.be> writes:

>> How do you ask Message to send with S/MIME?  Using the `C-c C-m C s'
>> command?
>
> Yes.
>
>> And how do you set up the S/MIME recipient stuff?
>
> My config :
>
> (setq mml-smime-use 'epg)
> (setq mm-decrypt-option 'always)
> (setq mm-verify-option 'always)
> (setq gnus-buttonized-mime-types '("multipart/encrypted" "multipart/signed"))
>
> Then use gpgsm to import your certificate (delivered by a certificate
> authority).

Hm...  when I do this, Message creates a 

 Content-Type: application/pkcs7-mime;
  smime-type=enveloped-data;
  name=smime.p7m

message (without prompting me for a password, which is strange), and
when I decrypt it, I'm then prompted for a password, and then it's
decrypted successfully.

I thought I needed my private key when sending, but apparently not.  Hm.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

Message #17 received at 36222 <at> debbugs.gnu.org (full text, mbox):

From: Lars Ingebrigtsen <larsi <at> gnus.org>
To: Christophe TROESTLER <Christophe.TROESTLER <at> umons.ac.be>
Cc: "36222 <at> debbugs.gnu.org" <36222 <at> debbugs.gnu.org>
Subject: Re: bug#36222: 26.1; Message sent even with invalid S/MIME password
Date: Fri, 18 Oct 2019 05:39:41 +0200

Lars Ingebrigtsen <larsi <at> gnus.org> writes:

> I thought I needed my private key when sending, but apparently not.  Hm.

Duh.  Of course, S/MIME encrypts with the public key of the recipient,
and uses the private key when decrypting.

So that makes me wonder under what circumstances it asks for a password
when encrypting.  Christophe? 

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

Message #20 received at 36222 <at> debbugs.gnu.org (full text, mbox):

From: Christophe Troestler <Christophe.Troestler <at> umons.ac.be>
To: Lars Ingebrigtsen <larsi <at> gnus.org>
Cc: "36222 <at> debbugs.gnu.org" <36222 <at> debbugs.gnu.org>
Subject: Re: bug#36222: 26.1; Message sent even with invalid S/MIME password
Date: Mon, 30 Mar 2020 08:47:36 +0200

[Message part 1 (text/plain, inline)]

On 18 October 2019 at 05:39 CEST, Lars Ingebrigtsen <larsi <at> gnus.org> wrote:
>
> So that makes me wonder under what circumstances it asks for a password when encrypting.

When the S/MIME certificate is password protected (I am *signing* my messages, thus *my* certificate is used).  It did not happen in the last months; I guess the password was stored in the password manager but I did not investigate further.

[smime.p7s (application/pkcs7-signature, attachment)]

Message #23 received at 36222 <at> debbugs.gnu.org (full text, mbox):

From: Lars Ingebrigtsen <larsi <at> gnus.org>
To: Christophe Troestler <Christophe.Troestler <at> umons.ac.be>
Cc: "36222 <at> debbugs.gnu.org" <36222 <at> debbugs.gnu.org>
Subject: Re: bug#36222: 26.1; Message sent even with invalid S/MIME password
Date: Mon, 03 Aug 2020 09:50:21 +0200

Christophe Troestler <Christophe.Troestler <at> umons.ac.be> writes:

> On 18 October 2019 at 05:39 CEST, Lars Ingebrigtsen <larsi <at> gnus.org> wrote:
>>
>> So that makes me wonder under what circumstances it asks for a
>> password when encrypting.
>
> When the S/MIME certificate is password protected (I am *signing* my
> messages, thus *my* certificate is used).  It did not happen in the
> last months; I guess the password was stored in the password manager
> but I did not investigate further.

This was fixed in conjunction with a different bug yesterday (in Emacs
28) -- hitting "cancel" in the pinentry now aborts sending.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.