X-Loop: help-debbugs@HIDDEN Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL Resent-From: Illia Ostapyshyn <illia@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: bug-gnu-emacs@HIDDEN Resent-Date: Wed, 20 Dec 2023 13:59:01 +0000 Resent-Message-ID: <handler.67931.B.170308071815411 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: report 67931 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: 67931 <at> debbugs.gnu.org Cc: Lars Ingebrigtsen <larsi@HIDDEN> X-Debbugs-Original-To: bug-gnu-emacs@HIDDEN Received: via spool by submit <at> debbugs.gnu.org id=B.170308071815411 (code B ref -1); Wed, 20 Dec 2023 13:59:01 +0000 Received: (at submit) by debbugs.gnu.org; 20 Dec 2023 13:58:38 +0000 Received: from localhost ([127.0.0.1]:38938 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1rFx5p-00040P-9e for submit <at> debbugs.gnu.org; Wed, 20 Dec 2023 08:58:38 -0500 Received: from lists.gnu.org ([2001:470:142::17]:60850) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <illia@HIDDEN>) id 1rFwSJ-0006Bl-Rw for submit <at> debbugs.gnu.org; Wed, 20 Dec 2023 08:17:51 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <illia@HIDDEN>) id 1rFwRp-0007qk-R9 for bug-gnu-emacs@HIDDEN; Wed, 20 Dec 2023 08:17:18 -0500 Received: from mailout1n.rrzn.uni-hannover.de ([130.75.2.107]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <illia@HIDDEN>) id 1rFwRn-0002MA-LP for bug-gnu-emacs@HIDDEN; Wed, 20 Dec 2023 08:17:17 -0500 Received: from yowie (dyn-148141.mip.uni-hannover.de [10.172.148.141]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mailout1n.rrzn.uni-hannover.de (Postfix) with ESMTPSA id E98C71F4; Wed, 20 Dec 2023 14:17:06 +0100 (CET) From: Illia Ostapyshyn <illia@HIDDEN> Date: Wed, 20 Dec 2023 14:16:56 +0100 Message-ID: <8734vx6mk7.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Virus-Scanned: clamav-milter 0.103.9 at mailout1n X-Virus-Status: Clean Received-SPF: softfail client-ip=130.75.2.107; envelope-from=illia@HIDDEN; helo=mailout1n.rrzn.uni-hannover.de X-Spam_score_int: -26 X-Spam_score: -2.7 X-Spam_bar: -- X-Spam_report: (-2.7 / 5.0 requ) BAYES_00=-1.9, FROM_FMBLA_NEWDOM28=0.799, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 1.8 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: * Bug mml-smime-openssl-sign always takes the cdar of smime-keys, resulting in keyfile parameter of the #secure tag being ignored. Hence, only the first entry of smime-keys is used, regardless of the mail c [...] Content analysis details: (1.8 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) -0.0 T_SCC_BODY_TEXT_LINE No description available. 0.8 FROM_FMBLA_NEWDOM28 From domain was registered in last 14-28 days X-Mailman-Approved-At: Wed, 20 Dec 2023 08:58:35 -0500 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: 0.8 (/) --=-=-= Content-Type: text/plain * Bug mml-smime-openssl-sign always takes the cdar of smime-keys, resulting in keyfile parameter of the #secure tag being ignored. Hence, only the first entry of smime-keys is used, regardless of the mail contents or sender address. * Fix The relevant information (returned from mml-smime-openssl-sign-query) is already in the cont alist passed to mml-smime-openssl-sign, just use that instead. --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=0001-Use-S-MIME-key-from-content-for-mail-signing-via-Ope.patch Content-Description: Patch From 477badfc705c5dd59cfd8a577eab9eaf4a510e0f Mon Sep 17 00:00:00 2001 From: Illia Ostapyshyn <illia@HIDDEN> Date: Wed, 20 Dec 2023 13:57:28 +0100 Subject: [PATCH] Use S/MIME key from content for mail signing via OpenSSL * lisp/gnus/mml-smime.el (mml-smime-openssl-sign): Use the key passed in the cont argument instead of the first smime-keys entry. --- lisp/gnus/mml-smime.el | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/lisp/gnus/mml-smime.el b/lisp/gnus/mml-smime.el index 896c95f8d3e..713b7fe5b68 100644 --- a/lisp/gnus/mml-smime.el +++ b/lisp/gnus/mml-smime.el @@ -130,10 +130,7 @@ mml-smime-verify-test (funcall func handle ctl)))) (defun mml-smime-openssl-sign (_cont) - (when (null smime-keys) - (customize-variable 'smime-keys) - (error "No S/MIME keys configured, use customize to add your key")) - (smime-sign-buffer (cdar smime-keys)) + (smime-sign-buffer (cdr (assq 'keyfile cont))) (goto-char (point-min)) (while (search-forward "\r\n" nil t) (replace-match "\n" t t)) -- 2.43.0 --=-=-=--
Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) Content-Type: text/plain; charset=utf-8 X-Loop: help-debbugs@HIDDEN From: help-debbugs@HIDDEN (GNU bug Tracking System) To: Illia Ostapyshyn <illia@HIDDEN> Subject: bug#67931: Acknowledgement ([PATCH] Use S/MIME key from content for mail signing via OpenSSL) Message-ID: <handler.67931.B.170308071815411.ack <at> debbugs.gnu.org> References: <8734vx6mk7.fsf@HIDDEN> X-Gnu-PR-Message: ack 67931 X-Gnu-PR-Package: emacs X-Gnu-PR-Keywords: patch Reply-To: 67931 <at> debbugs.gnu.org Date: Wed, 20 Dec 2023 13:59:01 +0000 Thank you for filing a new bug report with debbugs.gnu.org. This is an automatically generated reply to let you know your message has been received. Your message is being forwarded to the package maintainers and other interested parties for their attention; they will reply in due course. Your message has been sent to the package maintainer(s): bug-gnu-emacs@HIDDEN If you wish to submit further information on this problem, please send it to 67931 <at> debbugs.gnu.org. Please do not send mail to help-debbugs@HIDDEN unless you wish to report a problem with the Bug-tracking system. --=20 67931: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D67931 GNU Bug Tracking System Contact help-debbugs@HIDDEN with problems
X-Loop: help-debbugs@HIDDEN Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL Resent-From: Stefan Kangas <stefankangas@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: bug-gnu-emacs@HIDDEN Resent-Date: Thu, 11 Jan 2024 21:06:01 +0000 Resent-Message-ID: <handler.67931.B67931.17050071521530 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 67931 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: Illia Ostapyshyn <illia@HIDDEN> Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 67931 <at> debbugs.gnu.org Received: via spool by 67931-submit <at> debbugs.gnu.org id=B67931.17050071521530 (code B ref 67931); Thu, 11 Jan 2024 21:06:01 +0000 Received: (at 67931) by debbugs.gnu.org; 11 Jan 2024 21:05:52 +0000 Received: from localhost ([127.0.0.1]:34136 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1rO2FM-0000Ob-Ik for submit <at> debbugs.gnu.org; Thu, 11 Jan 2024 16:05:52 -0500 Received: from mail-lj1-x22e.google.com ([2a00:1450:4864:20::22e]:49496) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <stefankangas@HIDDEN>) id 1rO2FK-0000OM-GD for 67931 <at> debbugs.gnu.org; Thu, 11 Jan 2024 16:05:52 -0500 Received: by mail-lj1-x22e.google.com with SMTP id 38308e7fff4ca-2ccbc328744so69984621fa.3 for <67931 <at> debbugs.gnu.org>; Thu, 11 Jan 2024 13:05:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1705007147; x=1705611947; darn=debbugs.gnu.org; h=cc:to:subject:message-id:date:mime-version:references:in-reply-to :from:from:to:cc:subject:date:message-id:reply-to; bh=6I2LW+qDHg9+f2iW16ddV+EQnIn2Voi5Lo3I1D3cKfw=; b=gSlIqcDJMS+9cJ2WczvkRhhD+cphjPRZ01Qh3/0k2QdSHGkb5+2uxyuDL7g0y0sj7G SR79Mu6JuEcIXx2D3vk9C4piIZJoHtC8oLsuq4DAVQZt4uY/Xu1WeHZqy82fLAkM/uhM EtxshvwaE5mY22bgjV7iTCpUBPY6r2y0figs0Jxs1VsaIQBQi/obhBUFg0pRHTM3wdhS P/6I3DmFRUOmuArCHF55ZMHpx7tYefJ2sRxYYwarU7YTnGIEzxJM8a7r3HVnmfkbO8XL Gm4Ev26Is7JCCPiaDrnx1kVEEIdvl7CeR4VoLEkLYvlG7wd0vEL+bAc2oLU5Gecd2d0L uPzg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705007147; x=1705611947; h=cc:to:subject:message-id:date:mime-version:references:in-reply-to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=6I2LW+qDHg9+f2iW16ddV+EQnIn2Voi5Lo3I1D3cKfw=; b=l38UqpMqOncMjYs3g/wVRsCFwO0MflExVuvZxJ+w6FD/qAJ4SiJl4CXcaRJJDiQvXL XvjDoa7/8BGoGCbgdyTf4nLBTT4hOqkEMK7QQdy875tsXOO2oWL7meoWN8ArxB5xDIQe ts1+XVVdfdF/65spIgTEDqtd/C8V5Rmu6sjylcfLvx9YIHuF0B39d1kw0NhwHk4zaPSc oCKKOYDMIQ/k5CJpI1Z7380pF/7fyluN9SUJ+tWainS+T9CPqKA2PmZ9ggJlPkJl8Roi vzcw2OlJZF8WSL4rQHuHmzlJ/pc7UswrsR8C29q/WuxETg9UJ/54Pj8FdXr8qt/4ul5+ erhA== X-Gm-Message-State: AOJu0YwUWkRRL93MNokFeJXqxvXJVncWgsb8NyZAWXlx8MsAhKOkiZYE WEtAW9DELrPn/YUSuzsML6+8FI2njENjVjPIYwVLroXQ1ZI= X-Google-Smtp-Source: AGHT+IE+juVNTEWBa7DXQS5kHikuDp1QztfM/cyZ/qEFU3pLl/6cCCX6PGwVVPMTdWKQ2Itv+BqEt69wFKEQvNWDZw4= X-Received: by 2002:a2e:9b91:0:b0:2cd:1ca6:87c0 with SMTP id z17-20020a2e9b91000000b002cd1ca687c0mr175128lji.23.1705007146671; Thu, 11 Jan 2024 13:05:46 -0800 (PST) Received: from 753933720722 named unknown by gmailapi.google.com with HTTPREST; Thu, 11 Jan 2024 13:05:46 -0800 From: Stefan Kangas <stefankangas@HIDDEN> In-Reply-To: <8734vx6mk7.fsf@HIDDEN> (Illia Ostapyshyn's message of "Wed, 20 Dec 2023 14:16:56 +0100") References: <8734vx6mk7.fsf@HIDDEN> MIME-Version: 1.0 Date: Thu, 11 Jan 2024 13:05:46 -0800 Message-ID: <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN> Content-Type: text/plain; charset="UTF-8" X-Spam-Score: -0.0 (/) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Illia Ostapyshyn <illia@HIDDEN> writes: > * Bug > > mml-smime-openssl-sign always takes the cdar of smime-keys, resulting in > keyfile parameter of the #secure tag being ignored. Hence, only the > first entry of smime-keys is used, regardless of the mail contents or > sender address. > > * Fix > > The relevant information (returned from mml-smime-openssl-sign-query) is > already in the cont alist passed to mml-smime-openssl-sign, just use > that instead. Thanks for the patch. Could you please provide a way to reproduce the issue that you're seeing? We don't have anyone onboard that is deeply familiar with this code, I think, and it is security-sensitive. Therefore, I'd like to be careful when making changes here. If we could have unit tests for this, it would be even better, of course.
X-Loop: help-debbugs@HIDDEN Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL Resent-From: Illia Ostapyshyn <illia@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: bug-gnu-emacs@HIDDEN Resent-Date: Tue, 07 May 2024 04:13:03 +0000 Resent-Message-ID: <handler.67931.B67931.171505513714444 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 67931 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: Stefan Kangas <stefankangas@HIDDEN> Cc: 17780 <at> debbugs.gnu.org, Lars Ingebrigtsen <larsi@HIDDEN>, Illia Ostapyshyn <illia@HIDDEN>, 67931 <at> debbugs.gnu.org, Jan Beich <jbeich@HIDDEN> Received: via spool by 67931-submit <at> debbugs.gnu.org id=B67931.171505513714444 (code B ref 67931); Tue, 07 May 2024 04:13:03 +0000 Received: (at 67931) by debbugs.gnu.org; 7 May 2024 04:12:17 +0000 Received: from localhost ([127.0.0.1]:41978 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1s4CBa-0003kt-6p for submit <at> debbugs.gnu.org; Tue, 07 May 2024 00:12:16 -0400 Received: from phoenix.uberspace.de ([95.143.172.135]:38770) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <illia@HIDDEN>) id 1s43K8-0005iA-Ja for 67931 <at> debbugs.gnu.org; Mon, 06 May 2024 14:44:29 -0400 Received: (qmail 21995 invoked by uid 988); 6 May 2024 18:44:02 -0000 Authentication-Results: phoenix.uberspace.de; auth=pass (plain) Received: from unknown (HELO unkown) (::1) by phoenix.uberspace.de (Haraka/3.0.1) with ESMTPSA; Mon, 06 May 2024 20:44:02 +0200 From: Illia Ostapyshyn <illia@HIDDEN> In-Reply-To: <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN> (Stefan Kangas's message of "Thu, 11 Jan 2024 13:05:46 -0800") References: <8734vx6mk7.fsf@HIDDEN> <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN> Date: Mon, 06 May 2024 20:43:44 +0200 Message-ID: <k8uy18mlr1b.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Rspamd-Bar: --- X-Rspamd-Report: BAYES_HAM(-3) MIME_GOOD(-0.1) X-Rspamd-Score: -3.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yshyn.com; s=uberspace; h=from:to:cc:subject:date; bh=YQXa1EL7//8xCD2CFLTt/mEW9s6nDCEvvYN7oxTHoeQ=; b=s/AESpRQ62JNCCaA7cpxjNoIC0wzop9jVi+JDSN9FLaq/e5qFK9RUL5O5LYTTl9hClzWnbDOJJ jgWcHw5LrzoWBKSRZ/fbwv0zBhJOY/0dUxQNx+LGHDoqCAUEwUC5AkCZws+wIA8jiNNsoh0unXUT 7Ruakc8Bnw4otfGsxULuMSs6RdSyd2RmDx31u+H2hl4PakDrP+oxNUyMJXPmOWzZmOj8clkgbLk6 rUciqfmuxFs054VlGI1QwjK3Yx6bsigNTR+3AVN3NVz7L/7eonr6cfpCidS1ajSOhK1mwNCySWw/ LWwujpIfYI2PR3H2MO3dc1/QiMrJZf2GUaB1XfqQ== X-Spam-Score: -0.7 (/) X-Mailman-Approved-At: Tue, 07 May 2024 00:12:13 -0400 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Hi Stefan, I've been investigating this issue a bit more and discovered bug#17780. My original patch basically reverts its "fix" ac1507a8b6 (which wasn't a proper fix), and there is another issue present. I'm sending a new patch that fixes both issues for good. To recap: - When composing a message signed with S/MIME, the workflow is to insert a "sign tag" using `mml-secure-sign-smime'. When using openssl (as per mml-smime-use), this will search `smime-keys' for the keyfile and certs corresponding to the message sender (From header) and generate a sign MML tag [1]. Then, just before the message is sent, `mml-generate-mime' parses the tag and converts it into an alist passed to `mml-smime-openssl-sign', which executes openssl with the respective arguments from the alist/mml tag. - Prior to bug#17780 patch this process would use the right keyfile from smime-keys, but would ignore additional certificates to be included in the message (third member of `smime-keys' entry). The generated MML tag did not include certfiles and `mml-smime-openssl-sign' did not have the logic to process these, even if they were included in the tag/received alist. - The applied patch ac1507a8b6 just uses (cdar smime-keys), which now includes the certfiles, but always takes the first entry of `smime-keys'. If the user has setup several entries, i.e., different keys for subsequent mail addresses, this results in wrong keyfile/certs being used. This is bug#67931. The new patch complements `mml-secure-sign-smime' to include certfiles in the generated tag. With this, certfiles appear in the alist for `mml-smime-openssl-sign', which is modified to process these entries and forward them to `smime-sign-buffer'. It also fixes a typo in documentation of `smime-sign-region': caar is meant to be cadr. > Could you please provide a way to reproduce the issue that you're > seeing? Here's a way to reproduce this in emacs -Q: 1. Start composing a message from bar@localhost with (progn (setq mml-smime-use 'openssl smime-keys '(("foo@localhost" "foo.pem" ("chain1foo.pem" "chain2foo.pem")) ("bar@localhost" "bar.pem" ("chain1bar.pem" "chain2bar.pem")) ("baz@localhost" "baz.pem" ("chain1baz.pem" "chain2baz.pem")))) (debug-on-entry #'smime-sign-buffer) (compose-mail "test@HIDDEN" "#67931 reproducer" '((from . "bar@localhost")))) 2. Use `mml-secure-sign-smime' (C-c RET S s) to insert a tag on top of the message with the proper path for message sender bar@localhost: <#part sign=smime keyfile=bar.pem> 3. Use `message-send-and-exit` (C-c C-c) to trigger the breakpoint. This yields the following backtrace: Debugger entered--entering a function: * smime-sign-buffer(("foo.pem" ("chain1foo.pem" "chain2foo.pem"))) mml-smime-openssl-sign((part (sign . "smime") (keyfile . "bar.pem") (tag-location . 202) (contents . ""))) mml-smime-sign((part (sign . "smime") (keyfile . "bar.pem") (tag-location . 202) (contents . ""))) mml-smime-sign-buffer((part (sign . "smime") (keyfile . "bar.pem") (tag-location . 202) (contents . ""))) mml-generate-mime-1((part (sign . "smime") (keyfile . "bar.pem") (tag-location . 202) (contents . ""))) mml-generate-mime(nil nil) message-encode-message-body() message-send-mail(nil) message-send-via-mail(nil) message-send(nil) message-send-and-exit(nil) funcall-interactively(message-send-and-exit nil) command-execute(message-send-and-exit) Here, `smime-sign-buffer' signs the buffer with foo.pem, which corresponds to smime-keys entry for foo@localhost, not bar@localhost. As I described, (cdar smime-keys) on line 136 in mml-smime.el always uses the first entry of `smime-keys' regardless of the tag parameters. In theory, `mml-smime-openssl-sign' should not access `smime-keys' at all, as the keyfile/certfiles selection is handled (including the removed error message and customize call) during sign tag generation in `mml-secure-sign-smime'. Instead, `mml-smime-openssl-sign' should use the information from the tag passed in the cont argument (seen in the backtrace). This is the case with this patch. With it applied, the behavior changes: - In step 2, the inserted tag now includes all the certfiles: <#part sign=smime keyfile=bar.pem certfile=chain1bar.pem certfile=chain2bar.pem> - In step 3, `smime-sign-buffer' receives proper keyfile and all certfiles. * smime-sign-buffer(("bar.pem" ("chain1bar.pem" "chain2bar.pem"))) mml-smime-openssl-sign((part (sign . "smime") (keyfile . "bar.pem") (certfile . "chain1bar.pem") (certfile . "chain2bar.pem") (tag-location . 202) (contents . ""))) I've also updated the MML definition in documentation, since certfile parameter is now common to both sign and encrypt tags. Regarding the remark about multiple entries: this is not new and already the case when encrypting for multiple recipients (try `mml-secure-encrypt-smime'), but IMHO worth clarifying, in case users desire write MML tags manually. [1] https://www.gnu.org/software/emacs/manual/html_node/emacs-mime/MML-Definition.html
X-Loop: help-debbugs@HIDDEN Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL Resent-From: Illia Ostapyshyn <illia@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: bug-gnu-emacs@HIDDEN Resent-Date: Tue, 07 May 2024 04:13:04 +0000 Resent-Message-ID: <handler.67931.B67931.171505513914467 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 67931 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: Illia Ostapyshyn <illia@HIDDEN> Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 17780 <at> debbugs.gnu.org, Stefan Kangas <stefankangas@HIDDEN>, Jan Beich <jbeich@HIDDEN>, 67931 <at> debbugs.gnu.org Received: via spool by 67931-submit <at> debbugs.gnu.org id=B67931.171505513914467 (code B ref 67931); Tue, 07 May 2024 04:13:04 +0000 Received: (at 67931) by debbugs.gnu.org; 7 May 2024 04:12:19 +0000 Received: from localhost ([127.0.0.1]:41984 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1s4CBf-0003lA-3z for submit <at> debbugs.gnu.org; Tue, 07 May 2024 00:12:19 -0400 Received: from phoenix.uberspace.de ([95.143.172.135]:39626) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <illia@HIDDEN>) id 1s43Mg-0005mr-5r for 67931 <at> debbugs.gnu.org; Mon, 06 May 2024 14:47:06 -0400 Received: (qmail 23861 invoked by uid 988); 6 May 2024 18:46:40 -0000 Authentication-Results: phoenix.uberspace.de; auth=pass (plain) Received: from unknown (HELO unkown) (::1) by phoenix.uberspace.de (Haraka/3.0.1) with ESMTPSA; Mon, 06 May 2024 20:46:40 +0200 From: Illia Ostapyshyn <illia@HIDDEN> In-Reply-To: <k8uy18mlr1b.fsf@HIDDEN> (Illia Ostapyshyn's message of "Mon, 06 May 2024 20:43:44 +0200") References: <8734vx6mk7.fsf@HIDDEN> <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN> <k8uy18mlr1b.fsf@HIDDEN> Date: Mon, 06 May 2024 20:46:33 +0200 Message-ID: <k8ur0eelqwm.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Rspamd-Bar: --- X-Rspamd-Report: BAYES_HAM(-3) MIME_GOOD(-0.1) X-Rspamd-Score: -3.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yshyn.com; s=uberspace; h=from:to:cc:subject:date; bh=vVx/heUuk/B9hgfh7L+yZpFbGzuSsmDd1rpI57A1WuU=; b=un7/2ciLmugA3MoByBcf8bKHZtWmOz7c1YAzj1QriWUC1Wc2rP+iMV4KtYKpSZwtWkaHRAF4oK cW0C/GB8j/q6zhKXEyWi5k4G6Agt05IYEeO5W7aEmLWYDLzlKf0Ht8zfUwuLcx7BuDhkbiGkdJe7 WIzXaRY2LuandzMWRHWgBzZVsROewmu3RlKEZM2Pr6V2edjAeQTedz2MHNm4dr7ITRVF3inNhxRp wXzFPFbn+PZOcReDopkYhArRRZNOl6AE0RIePZsDBlMSVxEqfD3X3ee+Gf0HGQsFAYShJdbxhzx1 5T2rtk41skplL/aYozIHwbsM/HUkXnZOgiaZh1oQ== X-Spam-Score: -0.7 (/) X-Mailman-Approved-At: Tue, 07 May 2024 00:12:13 -0400 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) --=-=-= Content-Type: text/plain Sorry, forgot to attach the patch, sending it with this email. --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=0001-Use-proper-smime-keys-entry-for-S-MIME-signatures-us.patch Content-Description: PATCH From b228ee97f41911f2aba7b98ae1b5d1226e95e099 Mon Sep 17 00:00:00 2001 From: Illia Ostapyshyn <illia@HIDDEN> Date: Mon, 6 May 2024 20:24:22 +0200 Subject: [PATCH] Use proper smime-keys entry for S/MIME signatures using OpenSSL * lisp/gnus/mml-smime.el (mml-smime-openssl-sign-query): Include the additional certificates from smime-keys in plist for MML tag generation. (mml-smime-openssl-sign): Forward certfile entries from the MML tag to smime-sign-buffer. * doc/misc/emacs-mime.texi (MML Definition): certfile parameter is now common to both sign and encrypt. Clarify that certfile entries can be repeated. ; * lisp/gnus/smime.el (smime-sign-region): Fix typo in documentation. ; (smime-sign-buffer): Improve documentation to match smime-sign-region. --- doc/misc/emacs-mime.texi | 11 +++------- lisp/gnus/mml-smime.el | 46 +++++++++++++++++++++++----------------- lisp/gnus/smime.el | 7 ++++-- 3 files changed, 34 insertions(+), 30 deletions(-) diff --git a/doc/misc/emacs-mime.texi b/doc/misc/emacs-mime.texi index 96a6328cd47..e3e33bad8b4 100644 --- a/doc/misc/emacs-mime.texi +++ b/doc/misc/emacs-mime.texi @@ -780,21 +780,16 @@ MML Definition @end table -Parameters for @samp{sign=smime}: +Parameters for @samp{sign=smime} and @samp{encrypt=smime}: @table @samp @item keyfile File containing key and certificate for signer. -@end table - -Parameters for @samp{encrypt=smime}: - -@table @samp - @item certfile -File containing certificate for recipient. +File containing certificate for recipient. May appear multiple times +for multiple certificates. @end table diff --git a/lisp/gnus/mml-smime.el b/lisp/gnus/mml-smime.el index 3064c46d2a3..17b338755e3 100644 --- a/lisp/gnus/mml-smime.el +++ b/lisp/gnus/mml-smime.el @@ -129,11 +129,15 @@ mml-smime-verify-test (if func (funcall func handle ctl)))) -(defun mml-smime-openssl-sign (_cont) - (when (null smime-keys) - (customize-variable 'smime-keys) - (error "No S/MIME keys configured, use customize to add your key")) - (smime-sign-buffer (cdar smime-keys)) +(defun mml-smime-openssl-sign (cont) + (smime-sign-buffer + ;; List with key and certificate as its car, and a list of additional + ;; certificates to include in its cadr for smime-sign-region + (list + (cdr (assq 'keyfile cont)) + (mapcar #'cdr (cl-remove-if-not (apply-partially #'equal 'certfile) + cont + :key #'car-safe)))) (goto-char (point-min)) (while (search-forward "\r\n" nil t) (replace-match "\n" t t)) @@ -167,21 +171,23 @@ mml-smime-openssl-sign-query (when (null smime-keys) (customize-variable 'smime-keys) (error "No S/MIME keys configured, use customize to add your key")) - (list 'keyfile - (if (= (length smime-keys) 1) - (cadar smime-keys) - (or (let ((from (cadr (mail-extract-address-components - (or (save-excursion - (save-restriction - (message-narrow-to-headers) - (message-fetch-field "from"))) - ""))))) - (and from (smime-get-key-by-email from))) - (smime-get-key-by-email - (gnus-completing-read "Sign this part with what signature" - (mapcar #'car smime-keys) nil nil nil - (and (listp (car-safe smime-keys)) - (caar smime-keys)))))))) + (let ((key-with-certs + (if (= (length smime-keys) 1) + (cdar smime-keys) + (or (let ((from (cadr (mail-extract-address-components + (or (save-excursion + (save-restriction + (message-narrow-to-headers) + (message-fetch-field "from"))) + ""))))) + (and from (smime-get-key-with-certs-by-email from))) + (smime-get-key-with-certs-by-email + (gnus-completing-read "Sign this part with what signature" + (mapcar #'car smime-keys) nil nil nil + (and (listp (car-safe smime-keys)) + (caar smime-keys)))))))) + (append (list 'keyfile (car key-with-certs)) + (mapcan (apply-partially #'list 'certfile) (cadr key-with-certs))))) (defun mml-smime-get-file-cert () (ignore-errors diff --git a/lisp/gnus/smime.el b/lisp/gnus/smime.el index b61579912dd..987bc7273db 100644 --- a/lisp/gnus/smime.el +++ b/lisp/gnus/smime.el @@ -261,7 +261,7 @@ smime-sign-region If signing fails, the buffer is not modified. Region is assumed to have proper MIME tags. KEYFILE is expected to contain a PEM encoded private key and certificate as its car, and a list of additional -certificates to include in its caar. If no additional certificates is +certificates to include in its cadr. If no additional certificates are included, KEYFILE may be the file containing the PEM encoded private key and certificate itself." (smime-new-details-buffer) @@ -327,7 +327,10 @@ smime-encrypt-region (defun smime-sign-buffer (&optional keyfile buffer) "S/MIME sign BUFFER with key in KEYFILE. -KEYFILE should contain a PEM encoded key and certificate." +KEYFILE is expected to contain a PEM encoded private key and certificate +as its car, and a list of additional certificates to include in its +cadr. If no additional certificates are included, KEYFILE may be the +file containing the PEM encoded private key and certificate itself." (interactive) (with-current-buffer (or buffer (current-buffer)) (unless (smime-sign-region -- 2.39.2 --=-=-=--
X-Loop: help-debbugs@HIDDEN Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL Resent-From: Eli Zaretskii <eliz@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: bug-gnu-emacs@HIDDEN Resent-Date: Tue, 07 May 2024 12:37:03 +0000 Resent-Message-ID: <handler.67931.B67931.171508538015253 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 67931 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: Eric Abrahamsen <eric@HIDDEN> Cc: 67931 <at> debbugs.gnu.org, jbeich@HIDDEN, illia@HIDDEN, stefankangas@HIDDEN, larsi@HIDDEN, 17780 <at> debbugs.gnu.org Received: via spool by 67931-submit <at> debbugs.gnu.org id=B67931.171508538015253 (code B ref 67931); Tue, 07 May 2024 12:37:03 +0000 Received: (at 67931) by debbugs.gnu.org; 7 May 2024 12:36:20 +0000 Received: from localhost ([127.0.0.1]:42612 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1s4K3P-0003xw-Uy for submit <at> debbugs.gnu.org; Tue, 07 May 2024 08:36:20 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:56094) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1s4K3O-0003xn-0d; Tue, 07 May 2024 08:36:19 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1s4K2n-0003za-JC; Tue, 07 May 2024 08:35:47 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=olmBGHlLhBpz8RKkQyi3XT7QWkGEC12d1IfjYEEviGU=; b=scyPO3Y+6S9v bQ+mkggpiuhBO1EtcboHZHEzJbvQw1VIYq2f//0De12vFVUyEucQ7SGexkuhzk8f3Hc8izrWII40A rSQqgiSLftQ2Ke0hFUvFY6bTgjVOlmkgktaaW0FgmxbRHKgvOU/tWddBNgWeWWKj5tJ2nHV+qeLSC pFCygBDia56dWDQYovQZGYAkR7LSb+hqVtkDSOISGPFUzNNUn2STcwB+2ztj/gkPgOVRiJbsr3nZm eszJbMLZLjHhakndchurqXFxyTbDk/Q3Gc/pQeu7rwCQhvSz3sKyLRchjB1914jLxeWgcahN9dl6G 8mxKm8V0BrrA79LwAUqX6A==; Date: Tue, 07 May 2024 15:35:14 +0300 Message-Id: <86y18lajgd.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> In-Reply-To: <k8ur0eelqwm.fsf@HIDDEN> (message from Illia Ostapyshyn on Mon, 06 May 2024 20:46:33 +0200) References: <8734vx6mk7.fsf@HIDDEN> <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN> <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN> X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 17780 <at> debbugs.gnu.org, > Stefan Kangas <stefankangas@HIDDEN>, Jan Beich <jbeich@HIDDEN>, > 67931 <at> debbugs.gnu.org > From: Illia Ostapyshyn <illia@HIDDEN> > Date: Mon, 06 May 2024 20:46:33 +0200 > > Sorry, forgot to attach the patch, sending it with this email. Thanks, I'm adding Eric to the discussion.
X-Loop: help-debbugs@HIDDEN Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL Resent-From: Illia Ostapyshyn <illia@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: bug-gnu-emacs@HIDDEN Resent-Date: Tue, 07 May 2024 14:23:01 +0000 Resent-Message-ID: <handler.67931.B67931.171509173131139 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 67931 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: Eli Zaretskii <eliz@HIDDEN> Cc: Eric Abrahamsen <eric@HIDDEN>, larsi@HIDDEN, illia@HIDDEN, stefankangas@HIDDEN, 67931 <at> debbugs.gnu.org Received: via spool by 67931-submit <at> debbugs.gnu.org id=B67931.171509173131139 (code B ref 67931); Tue, 07 May 2024 14:23:01 +0000 Received: (at 67931) by debbugs.gnu.org; 7 May 2024 14:22:11 +0000 Received: from localhost ([127.0.0.1]:42955 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1s4Lhq-00086B-II for submit <at> debbugs.gnu.org; Tue, 07 May 2024 10:22:11 -0400 Received: from phoenix.uberspace.de ([95.143.172.135]:55194) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <illia@HIDDEN>) id 1s4Lhn-000865-OM for 67931 <at> debbugs.gnu.org; Tue, 07 May 2024 10:22:09 -0400 Received: (qmail 27976 invoked by uid 988); 7 May 2024 14:21:41 -0000 Authentication-Results: phoenix.uberspace.de; auth=pass (plain) Received: from unknown (HELO unkown) (::1) by phoenix.uberspace.de (Haraka/3.0.1) with ESMTPSA; Tue, 07 May 2024 16:21:40 +0200 From: Illia Ostapyshyn <illia@HIDDEN> In-Reply-To: <86y18lajgd.fsf@HIDDEN> (Eli Zaretskii's message of "Tue, 07 May 2024 15:35:14 +0300") References: <8734vx6mk7.fsf@HIDDEN> <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN> <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN> <86y18lajgd.fsf@HIDDEN> Date: Tue, 07 May 2024 16:21:09 +0200 Message-ID: <k8ujzk5bt4a.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Rspamd-Bar: --- X-Rspamd-Report: BAYES_HAM(-3) MIME_GOOD(-0.1) X-Rspamd-Score: -3.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yshyn.com; s=uberspace; h=from:to:cc:subject:date; bh=sCCSBu/xiHNihjHYThbw+h7bdE2VoBxRifa74vgwkrk=; b=PyDrmrTAchVztNQMHchiOoAqD49aW/l8ZCOJIBaoH4SKgn53Xp3jzKAmuL0ZCgGbCARVVOyOnJ tOZWmnWnFpkK2xmxizrYe1gV2F0r/HqvkoaBMrkw2cCbyUXV4kWvaLWdtUt+U/o9fdMj20c9e9Px ts+0X0+PUtTBhLiwXk9PWPT5ZnVaKaZ0vV4fw8nx5nJiESuAEUP1VCldtHhjQL55Xx3JPFGHY+Eq VbBQvtG8nevpnrSn8VTTvZARAYINCamuZItZwieJa8Z/NSHOWUf3Wd/e0ROLiuW3oh5hHPVAD73D KeFCRRoKGylKS2DTYmwZhc9mI1lxYkBU2uRbFjIQ== X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) --=-=-= Content-Type: text/plain Eli Zaretskii <eliz@HIDDEN> writes: >> Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 17780 <at> debbugs.gnu.org, >> Stefan Kangas <stefankangas@HIDDEN>, Jan Beich <jbeich@HIDDEN>, >> 67931 <at> debbugs.gnu.org >> From: Illia Ostapyshyn <illia@HIDDEN> >> Date: Mon, 06 May 2024 20:46:33 +0200 >> >> Sorry, forgot to attach the patch, sending it with this email. > > Thanks, I'm adding Eric to the discussion. Thanks! I've realized that reusing certfile parameter for signing will have unintended side-effects when encrypting and signing a message. When a single signencrypt MML tag is used for both this results in all certfiles passed to both `smime-encrypt-buffer' and `smime-sign-buffer'. I'm sending a new patch that introduces a parameter called chainfile for signatures instead. --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=0001-Use-proper-smime-keys-entry-for-S-MIME-signatures-us.patch Content-Description: PATCH From 6b6fb491247506becacb7a217e994b828be2ea2d Mon Sep 17 00:00:00 2001 From: Illia Ostapyshyn <illia@HIDDEN> Date: Mon, 6 May 2024 20:24:22 +0200 Subject: [PATCH] Use proper smime-keys entry for S/MIME signatures using OpenSSL * doc/misc/emacs-mime.texi (MML Definition): * lisp/gnus/mml.el (mml-parse-1): Add chainfile parameter to sign tags. * lisp/gnus/mml-smime.el (mml-smime-openssl-sign-query): Include the additional certificates from smime-keys in MML tag generation as chainfile parameters. (mml-smime-openssl-sign): Forward chainfile entries from the parsed tag alist to smime-sign-buffer. ; * lisp/gnus/smime.el (smime-sign-region): Fix typo in documentation. ; (smime-sign-buffer): Improve documentation to match smime-sign-region. --- doc/misc/emacs-mime.texi | 4 ++++ lisp/gnus/mml-smime.el | 46 +++++++++++++++++++++++----------------- lisp/gnus/mml.el | 8 +++++++ lisp/gnus/smime.el | 7 ++++-- 4 files changed, 43 insertions(+), 22 deletions(-) diff --git a/doc/misc/emacs-mime.texi b/doc/misc/emacs-mime.texi index 96a6328cd47..ef7ea614f8b 100644 --- a/doc/misc/emacs-mime.texi +++ b/doc/misc/emacs-mime.texi @@ -787,6 +787,10 @@ MML Definition @item keyfile File containing key and certificate for signer. +@item chainfile +File containing an additional certificate to be included with the +message. + @end table Parameters for @samp{encrypt=smime}: diff --git a/lisp/gnus/mml-smime.el b/lisp/gnus/mml-smime.el index 3064c46d2a3..9218bc079db 100644 --- a/lisp/gnus/mml-smime.el +++ b/lisp/gnus/mml-smime.el @@ -129,11 +129,15 @@ mml-smime-verify-test (if func (funcall func handle ctl)))) -(defun mml-smime-openssl-sign (_cont) - (when (null smime-keys) - (customize-variable 'smime-keys) - (error "No S/MIME keys configured, use customize to add your key")) - (smime-sign-buffer (cdar smime-keys)) +(defun mml-smime-openssl-sign (cont) + (smime-sign-buffer + ;; List with key and certificate as its car, and a list of additional + ;; certificates to include in its cadr for smime-sign-region + (list + (cdr (assq 'keyfile cont)) + (mapcar #'cdr (cl-remove-if-not (apply-partially #'equal 'chainfile) + cont + :key #'car-safe)))) (goto-char (point-min)) (while (search-forward "\r\n" nil t) (replace-match "\n" t t)) @@ -167,21 +171,23 @@ mml-smime-openssl-sign-query (when (null smime-keys) (customize-variable 'smime-keys) (error "No S/MIME keys configured, use customize to add your key")) - (list 'keyfile - (if (= (length smime-keys) 1) - (cadar smime-keys) - (or (let ((from (cadr (mail-extract-address-components - (or (save-excursion - (save-restriction - (message-narrow-to-headers) - (message-fetch-field "from"))) - ""))))) - (and from (smime-get-key-by-email from))) - (smime-get-key-by-email - (gnus-completing-read "Sign this part with what signature" - (mapcar #'car smime-keys) nil nil nil - (and (listp (car-safe smime-keys)) - (caar smime-keys)))))))) + (let ((key-with-certs + (if (= (length smime-keys) 1) + (cdar smime-keys) + (or (let ((from (cadr (mail-extract-address-components + (or (save-excursion + (save-restriction + (message-narrow-to-headers) + (message-fetch-field "from"))) + ""))))) + (and from (smime-get-key-with-certs-by-email from))) + (smime-get-key-with-certs-by-email + (gnus-completing-read "Sign this part with what signature" + (mapcar #'car smime-keys) nil nil nil + (and (listp (car-safe smime-keys)) + (caar smime-keys)))))))) + (append (list 'keyfile (car key-with-certs)) + (mapcan (apply-partially #'list 'chainfile) (cadr key-with-certs))))) (defun mml-smime-get-file-cert () (ignore-errors diff --git a/lisp/gnus/mml.el b/lisp/gnus/mml.el index edb3c286242..e3bc3932529 100644 --- a/lisp/gnus/mml.el +++ b/lisp/gnus/mml.el @@ -233,6 +233,10 @@ mml-parse-1 (if (eq (car-safe tag) 'certfile) (cdr tag))) taginfo))) + (chainfiles (delq nil (mapcar (lambda (tag) + (if (eq (car-safe tag) 'chainfile) + (cdr tag))) + taginfo))) (recipients (cdr (assq 'recipients taginfo))) (sender (cdr (assq 'sender taginfo))) (location (cdr (assq 'tag-location taginfo))) @@ -267,6 +271,10 @@ mml-parse-1 (mapcar (lambda (certfile) (list "certfile" certfile)) certfiles)) + ,@(apply #'append + (mapcar (lambda (chainfile) + (list "chainfile" chainfile)) + chainfiles)) ,(if recipients "recipients") ,recipients ,(if sender "sender") diff --git a/lisp/gnus/smime.el b/lisp/gnus/smime.el index b61579912dd..987bc7273db 100644 --- a/lisp/gnus/smime.el +++ b/lisp/gnus/smime.el @@ -261,7 +261,7 @@ smime-sign-region If signing fails, the buffer is not modified. Region is assumed to have proper MIME tags. KEYFILE is expected to contain a PEM encoded private key and certificate as its car, and a list of additional -certificates to include in its caar. If no additional certificates is +certificates to include in its cadr. If no additional certificates are included, KEYFILE may be the file containing the PEM encoded private key and certificate itself." (smime-new-details-buffer) @@ -327,7 +327,10 @@ smime-encrypt-region (defun smime-sign-buffer (&optional keyfile buffer) "S/MIME sign BUFFER with key in KEYFILE. -KEYFILE should contain a PEM encoded key and certificate." +KEYFILE is expected to contain a PEM encoded private key and certificate +as its car, and a list of additional certificates to include in its +cadr. If no additional certificates are included, KEYFILE may be the +file containing the PEM encoded private key and certificate itself." (interactive) (with-current-buffer (or buffer (current-buffer)) (unless (smime-sign-region -- 2.39.2 --=-=-=--
X-Loop: help-debbugs@HIDDEN Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL Resent-From: Eric Abrahamsen <eric@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: bug-gnu-emacs@HIDDEN Resent-Date: Wed, 08 May 2024 02:06:02 +0000 Resent-Message-ID: <handler.67931.B67931.171513394128348 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 67931 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: Illia Ostapyshyn <illia@HIDDEN> Cc: Eli Zaretskii <eliz@HIDDEN>, 67931 <at> debbugs.gnu.org, larsi@HIDDEN, stefankangas@HIDDEN Received: via spool by 67931-submit <at> debbugs.gnu.org id=B67931.171513394128348 (code B ref 67931); Wed, 08 May 2024 02:06:02 +0000 Received: (at 67931) by debbugs.gnu.org; 8 May 2024 02:05:41 +0000 Received: from localhost ([127.0.0.1]:46044 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1s4Wge-0007NA-MB for submit <at> debbugs.gnu.org; Tue, 07 May 2024 22:05:41 -0400 Received: from mail.ericabrahamsen.net ([52.70.2.18]:49216) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eric@HIDDEN>) id 1s4Wgb-0007N1-Iy for 67931 <at> debbugs.gnu.org; Tue, 07 May 2024 22:05:38 -0400 Received: from localhost (71-212-21-65.tukw.qwest.net [71.212.21.65]) (Authenticated sender: eric@HIDDEN) by mail.ericabrahamsen.net (Postfix) with ESMTPSA id 87CDCFA396; Wed, 8 May 2024 02:05:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericabrahamsen.net; s=mail; t=1715133905; bh=4npb7LLbcs4RB+jYof3x3/iFY6RdP1FkrXRHHC9RAtc=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=IEVIo6DAC0/QsWa+nCgD2lCdD9Kq8mGYlDgzRcjyNctR97OS0EikMu07aTHKI3lQR p+I0mpM7xktiKw5algudlGit9ERqBEQGG+Ck4H4ohnHDM1kv0obUWu+cQoVWNMhpIg LmF76pbBE1Pb7urdALaOilo8HRZ5I36nw0KwDtrY= From: Eric Abrahamsen <eric@HIDDEN> In-Reply-To: <k8ujzk5bt4a.fsf@HIDDEN> (Illia Ostapyshyn's message of "Tue, 07 May 2024 16:21:09 +0200") References: <8734vx6mk7.fsf@HIDDEN> <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN> <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN> <86y18lajgd.fsf@HIDDEN> <k8ujzk5bt4a.fsf@HIDDEN> Date: Tue, 07 May 2024 19:05:04 -0700 Message-ID: <87edadt5wv.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Illia Ostapyshyn <illia@HIDDEN> writes: > Eli Zaretskii <eliz@HIDDEN> writes: > >>> Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 17780 <at> debbugs.gnu.org, >>> Stefan Kangas <stefankangas@HIDDEN>, Jan Beich <jbeich@HIDDEN>, >>> 67931 <at> debbugs.gnu.org >>> From: Illia Ostapyshyn <illia@HIDDEN> >>> Date: Mon, 06 May 2024 20:46:33 +0200 >>> >>> Sorry, forgot to attach the patch, sending it with this email. >> >> Thanks, I'm adding Eric to the discussion. > > Thanks! > > I've realized that reusing certfile parameter for signing will have > unintended side-effects when encrypting and signing a message. When a > single signencrypt MML tag is used for both this results in all > certfiles passed to both `smime-encrypt-buffer' and `smime-sign-buffer'. > > I'm sending a new patch that introduces a parameter called chainfile for > signatures instead. Thanks for the report, and the code. I haven't been able to get the reproducer to work so far (in Emacs -Q), because it always ends up at `mml-smime-sign-query' instead of `mml-smime-sign-buffer', and the latter seems to be the only way to (eventually) end up at `mml-smime-openssl-sign', where the problem is: - mml-smime-sign-buffer - mml-smime-sign - (funcall (nth 1 (assq 'openssl mml-smime-function-alist))) - mml-smime-openssl-sign `mml-smime-sign' is the only place that does (nth 1 (assq 'openssl mml-smime-function-alist)) The only way to call `mml-smime-sign-buffer' instead of `mml-smime-sign-query' is if some code ran: (funcall (nth 1 (assoc "smime" mml-sign-alist))) And so far as I can tell, no code does that. Obviously you arrived at that function somehow, otherwise we wouldn't have this bug report, but so far I can't figure out how! Thanks, Eric
X-Loop: help-debbugs@HIDDEN Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL Resent-From: Eric Abrahamsen <eric@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: bug-gnu-emacs@HIDDEN Resent-Date: Wed, 08 May 2024 02:22:01 +0000 Resent-Message-ID: <handler.67931.B67931.171513486628983 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 67931 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: Illia Ostapyshyn <illia@HIDDEN> Cc: larsi@HIDDEN, Eli Zaretskii <eliz@HIDDEN>, 67931 <at> debbugs.gnu.org, stefankangas@HIDDEN Received: via spool by 67931-submit <at> debbugs.gnu.org id=B67931.171513486628983 (code B ref 67931); Wed, 08 May 2024 02:22:01 +0000 Received: (at 67931) by debbugs.gnu.org; 8 May 2024 02:21:06 +0000 Received: from localhost ([127.0.0.1]:46104 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1s4WvZ-0007XN-EA for submit <at> debbugs.gnu.org; Tue, 07 May 2024 22:21:05 -0400 Received: from mail.ericabrahamsen.net ([52.70.2.18]:54438) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eric@HIDDEN>) id 1s4WvX-0007Wp-9i for 67931 <at> debbugs.gnu.org; Tue, 07 May 2024 22:21:04 -0400 Received: from localhost (71-212-21-65.tukw.qwest.net [71.212.21.65]) (Authenticated sender: eric@HIDDEN) by mail.ericabrahamsen.net (Postfix) with ESMTPSA id 9CF7FFA396; Wed, 8 May 2024 02:20:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericabrahamsen.net; s=mail; t=1715134831; bh=/9KZFMDH2VfZs+3E8BguujvTizoSMBfsTYRHESBBKZg=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=g8VEeUvnp12HOtKMCDcJ7rZO1h5722HF3/qhQL+tkfgVsrOALDJ8TermNTJ3UfXug Iek1CAskZfHcQBqyHXT3NggPAtDaWSX+AfEmUjdjybOXbDAWOtl/MzaMDS5a9vp48D RPTcvau2DCLajjGJks5qdP+zdeh3DjzCXhNFNon4= From: Eric Abrahamsen <eric@HIDDEN> In-Reply-To: <87edadt5wv.fsf@HIDDEN> (Eric Abrahamsen's message of "Tue, 07 May 2024 19:05:04 -0700") References: <8734vx6mk7.fsf@HIDDEN> <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN> <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN> <86y18lajgd.fsf@HIDDEN> <k8ujzk5bt4a.fsf@HIDDEN> <87edadt5wv.fsf@HIDDEN> Date: Tue, 07 May 2024 19:20:30 -0700 Message-ID: <875xvpt575.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Eric Abrahamsen <eric@HIDDEN> writes: > Illia Ostapyshyn <illia@HIDDEN> writes: > >> Eli Zaretskii <eliz@HIDDEN> writes: >> >>>> Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 17780 <at> debbugs.gnu.org, >>>> Stefan Kangas <stefankangas@HIDDEN>, Jan Beich <jbeich@HIDDEN>, >>>> 67931 <at> debbugs.gnu.org >>>> From: Illia Ostapyshyn <illia@HIDDEN> >>>> Date: Mon, 06 May 2024 20:46:33 +0200 >>>> >>>> Sorry, forgot to attach the patch, sending it with this email. >>> >>> Thanks, I'm adding Eric to the discussion. >> >> Thanks! >> >> I've realized that reusing certfile parameter for signing will have >> unintended side-effects when encrypting and signing a message. When a >> single signencrypt MML tag is used for both this results in all >> certfiles passed to both `smime-encrypt-buffer' and `smime-sign-buffer'. >> >> I'm sending a new patch that introduces a parameter called chainfile for >> signatures instead. > > Thanks for the report, and the code. I haven't been able to get the > reproducer to work so far (in Emacs -Q), because it always ends up at > `mml-smime-sign-query' instead of `mml-smime-sign-buffer', and the > latter seems to be the only way to (eventually) end up at > `mml-smime-openssl-sign', where the problem is: > > - mml-smime-sign-buffer > - mml-smime-sign > - (funcall (nth 1 (assq 'openssl mml-smime-function-alist))) > - mml-smime-openssl-sign > > `mml-smime-sign' is the only place that does (nth 1 (assq 'openssl > mml-smime-function-alist)) > > The only way to call `mml-smime-sign-buffer' instead of > `mml-smime-sign-query' is if some code ran: > > (funcall (nth 1 (assoc "smime" mml-sign-alist))) > > And so far as I can tell, no code does that. > > Obviously you arrived at that function somehow, otherwise we wouldn't > have this bug report, but so far I can't figure out how! Bah, I'm sorry, I didn't realize that was only half the recipe. Hang on...
X-Loop: help-debbugs@HIDDEN Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL Resent-From: Eric Abrahamsen <eric@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: bug-gnu-emacs@HIDDEN Resent-Date: Wed, 08 May 2024 02:30:02 +0000 Resent-Message-ID: <handler.67931.B67931.171513535829290 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 67931 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: Illia Ostapyshyn <illia@HIDDEN> Cc: Eli Zaretskii <eliz@HIDDEN>, 67931 <at> debbugs.gnu.org, larsi@HIDDEN, stefankangas@HIDDEN Received: via spool by 67931-submit <at> debbugs.gnu.org id=B67931.171513535829290 (code B ref 67931); Wed, 08 May 2024 02:30:02 +0000 Received: (at 67931) by debbugs.gnu.org; 8 May 2024 02:29:18 +0000 Received: from localhost ([127.0.0.1]:46138 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1s4X3V-0007cM-On for submit <at> debbugs.gnu.org; Tue, 07 May 2024 22:29:18 -0400 Received: from mail.ericabrahamsen.net ([52.70.2.18]:52384) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eric@HIDDEN>) id 1s4X3R-0007cG-BZ for 67931 <at> debbugs.gnu.org; Tue, 07 May 2024 22:29:16 -0400 Received: from localhost (71-212-21-65.tukw.qwest.net [71.212.21.65]) (Authenticated sender: eric@HIDDEN) by mail.ericabrahamsen.net (Postfix) with ESMTPSA id 4147EFA396; Wed, 8 May 2024 02:28:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericabrahamsen.net; s=mail; t=1715135321; bh=TwGkgY5eyCwK4TQrKhSYI+2+kthGlGm0IohF1U7/AHE=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=yb+HjlaD3VXoR2tHymNBfoiP/TcGXfjzlORIAnizGvGgsZrYo/7ucjoK+ki+vfCc8 mafrumLRYyvNKLDHE7XLtqGos1TrmRZNiAps1gB2fCVGh8wqAvEFNxqsUazA8eLW0K xSfs2VsjPcObP+nLiCmAIZm7qf5tg8nICD1SD+6g= From: Eric Abrahamsen <eric@HIDDEN> In-Reply-To: <k8ujzk5bt4a.fsf@HIDDEN> (Illia Ostapyshyn's message of "Tue, 07 May 2024 16:21:09 +0200") References: <8734vx6mk7.fsf@HIDDEN> <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN> <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN> <86y18lajgd.fsf@HIDDEN> <k8ujzk5bt4a.fsf@HIDDEN> Date: Tue, 07 May 2024 19:28:40 -0700 Message-ID: <87wmo5rq93.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Illia Ostapyshyn <illia@HIDDEN> writes: > Eli Zaretskii <eliz@HIDDEN> writes: > >>> Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 17780 <at> debbugs.gnu.org, >>> Stefan Kangas <stefankangas@HIDDEN>, Jan Beich <jbeich@HIDDEN>, >>> 67931 <at> debbugs.gnu.org >>> From: Illia Ostapyshyn <illia@HIDDEN> >>> Date: Mon, 06 May 2024 20:46:33 +0200 >>> >>> Sorry, forgot to attach the patch, sending it with this email. >> >> Thanks, I'm adding Eric to the discussion. > > Thanks! > > I've realized that reusing certfile parameter for signing will have > unintended side-effects when encrypting and signing a message. When a > single signencrypt MML tag is used for both this results in all > certfiles passed to both `smime-encrypt-buffer' and `smime-sign-buffer'. > > I'm sending a new patch that introduces a parameter called chainfile for > signatures instead. The patch seems to work as intended -- I won't claim to know enough about SMIME to know if it does the right thing or not. Can you briefly explain what the additional certificates actually do, and why they're useful in signing but not in encryption? Thanks, Eric
X-Loop: help-debbugs@HIDDEN Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL Resent-From: Illia Ostapyshyn <illia@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: bug-gnu-emacs@HIDDEN Resent-Date: Wed, 08 May 2024 12:30:01 +0000 Resent-Message-ID: <handler.67931.B67931.171517138911330 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 67931 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: Eric Abrahamsen <eric@HIDDEN> Cc: Eli Zaretskii <eliz@HIDDEN>, 67931 <at> debbugs.gnu.org, Illia Ostapyshyn <illia@HIDDEN>, larsi@HIDDEN, stefankangas@HIDDEN Received: via spool by 67931-submit <at> debbugs.gnu.org id=B67931.171517138911330 (code B ref 67931); Wed, 08 May 2024 12:30:01 +0000 Received: (at 67931) by debbugs.gnu.org; 8 May 2024 12:29:49 +0000 Received: from localhost ([127.0.0.1]:48639 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1s4gQf-0002wg-GN for submit <at> debbugs.gnu.org; Wed, 08 May 2024 08:29:49 -0400 Received: from phoenix.uberspace.de ([95.143.172.135]:52734) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <illia@HIDDEN>) id 1s4gQa-0002wa-W2 for 67931 <at> debbugs.gnu.org; Wed, 08 May 2024 08:29:48 -0400 Received: (qmail 10272 invoked by uid 988); 8 May 2024 12:29:18 -0000 Authentication-Results: phoenix.uberspace.de; auth=pass (plain) Received: from unknown (HELO unkown) (::1) by phoenix.uberspace.de (Haraka/3.0.1) with ESMTPSA; Wed, 08 May 2024 14:29:17 +0200 From: Illia Ostapyshyn <illia@HIDDEN> In-Reply-To: <87wmo5rq93.fsf@HIDDEN> (Eric Abrahamsen's message of "Tue, 07 May 2024 19:28:40 -0700") References: <8734vx6mk7.fsf@HIDDEN> <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN> <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN> <86y18lajgd.fsf@HIDDEN> <k8ujzk5bt4a.fsf@HIDDEN> <87wmo5rq93.fsf@HIDDEN> Date: Wed, 08 May 2024 14:28:37 +0200 Message-ID: <k8u34qs1o96.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Rspamd-Bar: / X-Rspamd-Report: BAYES_HAM(-0.462601) MIME_GOOD(-0.1) X-Rspamd-Score: -0.562601 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yshyn.com; s=uberspace; h=from:to:cc:subject:date; bh=wuJD4h+ZO4R39/MhzfeMqMnUhjBDZa+FMVxgfgvgTv4=; b=W9brB6C87g9iLZTdolzf83fofXAm/eW+cKvqts/sV4OM5fc3A3TeY/u1VTyZcCQ752NaHw1KYr yeuoU10+KUsJT3GW+zubyg0Tll4Po6si5hHlecA07+GcQ9MmE6DwAVOLT6lzRtg7cBrKTOrVTNK2 XtwnQehsHWSAaFLqcqpTAMMNMPXbU/kUqiCvkCpdqsNJN8vgH0TJb9bew9xE2KTrLIIONG7dg1Nd lRI9/2VMY254ecgk6hrf0JGrZK7NHQibQUTwCmvswISjf4sobZmdzzWXRottrrI/g6sy/OzMRP4t t+WqDekHhuiVwrDTg+DydtRQS5X1hCkMGEtTrWcA== X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Eric Abrahamsen <eric@HIDDEN> writes: > The patch seems to work as intended -- I won't claim to know enough > about SMIME to know if it does the right thing or not. Can you briefly > explain what the additional certificates actually do, and why they're > useful in signing but not in encryption? End-user SMIME certificates are signed by the (intermediate) CAs that issued them. The issuer's certificate can be in turn signed by another CA up the hierarchy, resulting in a chain that ends with the implicitly trusted root authority. When signing a message, you can include the intermediate CA certificates, allowing the recipient to verify the whole chain. With openssl, this is done via the -certfile argument [1]: -certfile file Allows additional certificates to be specified. When signing these will be included with the message. When verifying these will be searched for the signers certificates. ... Encryption is orthogonal to this: it only uses the public keys of your recipients from their certificates, the chain is irrelevant. The MML tag parameter names are a bit unfortunate here: the new `chainfile' parameter translates to "-cerfile" arguments and the existing `certfile' parameters translate to positional "recipcert" arguments of openssl [1]. [1] https://www.openssl.org/docs/manmaster/man1/openssl-smime.html
X-Loop: help-debbugs@HIDDEN Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL Resent-From: Eric Abrahamsen <eric@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: bug-gnu-emacs@HIDDEN Resent-Date: Thu, 09 May 2024 23:48:01 +0000 Resent-Message-ID: <handler.67931.B67931.171529845813120 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 67931 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: Illia Ostapyshyn <illia@HIDDEN> Cc: larsi@HIDDEN, Eli Zaretskii <eliz@HIDDEN>, 67931 <at> debbugs.gnu.org, stefankangas@HIDDEN Received: via spool by 67931-submit <at> debbugs.gnu.org id=B67931.171529845813120 (code B ref 67931); Thu, 09 May 2024 23:48:01 +0000 Received: (at 67931) by debbugs.gnu.org; 9 May 2024 23:47:38 +0000 Received: from localhost ([127.0.0.1]:41405 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1s5DUA-0003PY-8N for submit <at> debbugs.gnu.org; Thu, 09 May 2024 19:47:38 -0400 Received: from mail.ericabrahamsen.net ([52.70.2.18]:34572) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eric@HIDDEN>) id 1s5DU5-0003PS-7L for 67931 <at> debbugs.gnu.org; Thu, 09 May 2024 19:47:36 -0400 Received: from localhost (71-212-21-65.tukw.qwest.net [71.212.21.65]) (Authenticated sender: eric@HIDDEN) by mail.ericabrahamsen.net (Postfix) with ESMTPSA id C8560FA09E; Thu, 9 May 2024 23:47:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericabrahamsen.net; s=mail; t=1715298448; bh=MNfjDmZYpONAWerFqEKAmb2JclDSbmpluzRE5/zlpPA=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=kR5m1C/M6ewgTxC9aknZl9dY/zZFkHqbs5hiVENt6fZ5Q9O4Ojzfj7/Un7qoTZmH7 5rET6PXta5gBLAcGMc2U9O0cGWsSw3o0Rddb/hg5Zja9P1wQFgzJUFIL5xUdPahALf kuLOqT8CUr9yvQ8ZoyAuaWvwBL1cQQMJr9FBGB9I= From: Eric Abrahamsen <eric@HIDDEN> In-Reply-To: <k8u34qs1o96.fsf@HIDDEN> (Illia Ostapyshyn's message of "Wed, 08 May 2024 14:28:37 +0200") References: <8734vx6mk7.fsf@HIDDEN> <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN> <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN> <86y18lajgd.fsf@HIDDEN> <k8ujzk5bt4a.fsf@HIDDEN> <87wmo5rq93.fsf@HIDDEN> <k8u34qs1o96.fsf@HIDDEN> Date: Thu, 09 May 2024 16:47:13 -0700 Message-ID: <87fruqsg3i.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Illia Ostapyshyn <illia@HIDDEN> writes: > Eric Abrahamsen <eric@HIDDEN> writes: > >> The patch seems to work as intended -- I won't claim to know enough >> about SMIME to know if it does the right thing or not. Can you briefly >> explain what the additional certificates actually do, and why they're >> useful in signing but not in encryption? > > End-user SMIME certificates are signed by the (intermediate) CAs that > issued them. The issuer's certificate can be in turn signed by another > CA up the hierarchy, resulting in a chain that ends with the implicitly > trusted root authority. When signing a message, you can include the > intermediate CA certificates, allowing the recipient to verify the whole > chain. With openssl, this is done via the -certfile argument [1]: > > -certfile file > Allows additional certificates to be specified. When signing these > will be included with the message. When verifying these will be > searched for the signers certificates. ... Thanks! So basically like TLS cert chaining. > Encryption is orthogonal to this: it only uses the public keys of your > recipients from their certificates, the chain is irrelevant. I'm mostly trying to understand how broken this was, prior to this patch. Obviously there was the hard-coding of the key, the original issue. Has encryption been broken this whole time, too? Encryption is a separate MML tag, right? And also a separate cert (the recipient's, not the user's). Why would additional certificates on your own certfile interfere with the process of encrypting to the user? I'm not trying to be difficult, I'd just like to have a better grasp of what's going on here! > The MML tag parameter names are a bit unfortunate here: the new > `chainfile' parameter translates to "-cerfile" arguments and the > existing `certfile' parameters translate to positional "recipcert" > arguments of openssl [1]. I'm not too concerned about that, the vast majority of the time this process should be automatic. Eric
X-Loop: help-debbugs@HIDDEN Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL Resent-From: illia@HIDDEN Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: bug-gnu-emacs@HIDDEN Resent-Date: Fri, 10 May 2024 11:22:01 +0000 Resent-Message-ID: <handler.67931.B67931.171534007921131 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 67931 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: Eric Abrahamsen <eric@HIDDEN> Cc: larsi@HIDDEN, Eli Zaretskii <eliz@HIDDEN>, Illia Ostapyshyn <illia@HIDDEN>, 67931 <at> debbugs.gnu.org, stefankangas@HIDDEN Received: via spool by 67931-submit <at> debbugs.gnu.org id=B67931.171534007921131 (code B ref 67931); Fri, 10 May 2024 11:22:01 +0000 Received: (at 67931) by debbugs.gnu.org; 10 May 2024 11:21:19 +0000 Received: from localhost ([127.0.0.1]:42022 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1s5OJT-0005Ul-FX for submit <at> debbugs.gnu.org; Fri, 10 May 2024 07:21:19 -0400 Received: from phoenix.uberspace.de ([95.143.172.135]:37072) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <illia@HIDDEN>) id 1s5OJP-0005Uf-JJ for 67931 <at> debbugs.gnu.org; Fri, 10 May 2024 07:21:16 -0400 Received: (qmail 12891 invoked by uid 988); 10 May 2024 11:21:15 -0000 Authentication-Results: phoenix.uberspace.de; auth=pass (plain) Received: from unknown (HELO unkown) (::1) by phoenix.uberspace.de (Haraka/3.0.1) with ESMTPSA; Fri, 10 May 2024 13:21:15 +0200 From: illia@HIDDEN In-Reply-To: <87fruqsg3i.fsf@HIDDEN> (Eric Abrahamsen's message of "Thu, 09 May 2024 16:47:13 -0700") References: <8734vx6mk7.fsf@HIDDEN> <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN> <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN> <86y18lajgd.fsf@HIDDEN> <k8ujzk5bt4a.fsf@HIDDEN> <87wmo5rq93.fsf@HIDDEN> <k8u34qs1o96.fsf@HIDDEN> <87fruqsg3i.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Date: Fri, 10 May 2024 13:20:58 +0200 Message-ID: <8734qp3obp.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain X-Rspamd-Bar: -- X-Rspamd-Report: BAYES_HAM(-2.792643) MIME_GOOD(-0.1) X-Rspamd-Score: -2.892643 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yshyn.com; s=uberspace; h=from:to:cc:subject:date; bh=Nozt6T8Nmas0z4jErCr1FQ07zBkEoBfGHWdYUIeh4vE=; b=G5ZT7prrNmcxPtNl0hA2UO5ycAVUvxtxQqDnK50rYOIw0Yvkk33Ao5+rqq0JJd4vhe9+kcpNnj DMCzAmOX4oieANwTvJc0iAwRhTugTGj6NNKpLydODv6mFYESFtzac/j50LVjYhYxnL5YiOVZMKdA mAsS3L/WoNgeV4Gc5nJr4+Dw0piYOzNKAH5mu2jnxOlAeunLZyCGFWebSBq1PR1qtKsUMhOZVYvr 7vgQxd+7VH1U3QiKlX6y1MQ3gEpepMHJeQQedYQsynhB+awhPT7NSYnUCaoJv4bZQonF8V6Y00oB uEL6jDcosxUN1hmjpug9c/kfq0WCGnKJi7UNyfDg== X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Eric Abrahamsen <eric@HIDDEN> writes: > I'm mostly trying to understand how broken this was, prior to this > patch. Obviously there was the hard-coding of the key, the original > issue. Has encryption been broken this whole time, too? Encryption is working as intended, I haven't encountered any problems with it yet. > Encryption is a separate MML tag, right? And also a separate cert (the > recipient's, not the user's). Why would additional certificates on your > own certfile interfere with the process of encrypting to the user? Actually, when signing and encrypting at the same time, both use a single "signencrypt" tag. This is what mml-secure-message-encrypt-smime outputs currently: <#secure method=smime mode=signencrypt keyfile=keyfile.pem certfile=recip.gpg> mml-parse-1 converts this into an alist, spliting "signencrypt" into two separate "sign" and "encrypt" parameters. These are then processed in mml-generate-mime-1, which consults mml-signencrypt-style-alist if it encounters both sign and encrypt in the same tag. With my previous patch (6 May) reusing the certfile parameter, the tag would include chain certificates as certfiles: <#secure method=smime mode=signencrypt keyfile=keyfile.pem certfile=chain.pem certfile=recip.pem> With the same alist is passed to both mml-smime-openssl-sign and mml-smime-openssl-encrypt, this had the unintended effect of (1) encrypting for chain.pem and (2) including recip{1,2}.pem in the message when signing. With the latest patch, the tag looks like this: <#secure method=smime mode=signencrypt keyfile=keyfile.pem chainfile=chain.pem certfile=recip.pem> As mml-smime-openssl-sign expects chainfiles, mml-smime-openssl-encrypt expects certfiles, and they don't interfere with each other anymore. > I'm not trying to be difficult, I'd just like to have a better grasp of > what's going on here! No worries, I appreciate the additional caution with security-sensitive code. Also that part of the code seems to have been a bit neglected. Illia
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.