From: illia@yshyn.com
To: Eric Abrahamsen <eric@ericabrahamsen.net>
Cc: larsi@gnus.org, Eli Zaretskii <eliz@gnu.org>,
Illia Ostapyshyn <illia@yshyn.com>,
67931@debbugs.gnu.org, stefankangas@gmail.com
Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL
Date: Fri, 10 May 2024 13:20:58 +0200 [thread overview]
Message-ID: <8734qp3obp.fsf@yshyn.com> (raw)
In-Reply-To: <87fruqsg3i.fsf@ericabrahamsen.net> (Eric Abrahamsen's message of "Thu, 09 May 2024 16:47:13 -0700")
Eric Abrahamsen <eric@ericabrahamsen.net> writes:
> I'm mostly trying to understand how broken this was, prior to this
> patch. Obviously there was the hard-coding of the key, the original
> issue. Has encryption been broken this whole time, too?
Encryption is working as intended, I haven't encountered any problems
with it yet.
> Encryption is a separate MML tag, right? And also a separate cert (the
> recipient's, not the user's). Why would additional certificates on your
> own certfile interfere with the process of encrypting to the user?
Actually, when signing and encrypting at the same time, both use a
single "signencrypt" tag. This is what mml-secure-message-encrypt-smime
outputs currently:
<#secure method=smime mode=signencrypt keyfile=keyfile.pem certfile=recip.gpg>
mml-parse-1 converts this into an alist, spliting "signencrypt" into two
separate "sign" and "encrypt" parameters. These are then processed in
mml-generate-mime-1, which consults mml-signencrypt-style-alist if it
encounters both sign and encrypt in the same tag.
With my previous patch (6 May) reusing the certfile parameter, the tag
would include chain certificates as certfiles:
<#secure method=smime mode=signencrypt keyfile=keyfile.pem certfile=chain.pem certfile=recip.pem>
With the same alist is passed to both mml-smime-openssl-sign and
mml-smime-openssl-encrypt, this had the unintended effect of (1)
encrypting for chain.pem and (2) including recip{1,2}.pem in the message
when signing.
With the latest patch, the tag looks like this:
<#secure method=smime mode=signencrypt keyfile=keyfile.pem chainfile=chain.pem certfile=recip.pem>
As mml-smime-openssl-sign expects chainfiles, mml-smime-openssl-encrypt
expects certfiles, and they don't interfere with each other anymore.
> I'm not trying to be difficult, I'd just like to have a better grasp of
> what's going on here!
No worries, I appreciate the additional caution with security-sensitive
code. Also that part of the code seems to have been a bit neglected.
Illia
next prev parent reply other threads:[~2024-05-10 11:20 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-20 13:16 bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL Illia Ostapyshyn
2024-01-11 21:05 ` Stefan Kangas
2024-05-06 18:43 ` Illia Ostapyshyn
2024-05-06 18:46 ` Illia Ostapyshyn
2024-05-07 12:35 ` Eli Zaretskii
2024-05-07 14:21 ` Illia Ostapyshyn
2024-05-08 2:05 ` Eric Abrahamsen
2024-05-08 2:20 ` Eric Abrahamsen
2024-05-08 2:28 ` Eric Abrahamsen
2024-05-08 12:28 ` Illia Ostapyshyn
2024-05-09 23:47 ` Eric Abrahamsen
2024-05-10 11:20 ` illia [this message]
2024-05-10 20:02 ` Eric Abrahamsen
2024-05-14 12:53 ` Illia Ostapyshyn
2024-05-14 14:45 ` Eric Abrahamsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8734qp3obp.fsf@yshyn.com \
--to=illia@yshyn.com \
--cc=67931@debbugs.gnu.org \
--cc=eliz@gnu.org \
--cc=eric@ericabrahamsen.net \
--cc=larsi@gnus.org \
--cc=stefankangas@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).