bug#26587: 26.0.50; Gnus signs with false S/MIME key

bug#26587: 26.0.50; Gnus signs with false S/MIME key

[Torsten Bronger]

[-- Attachment #1: Type: text/plain, Size: 14315 bytes --]


If I have keys for different email addresses in my gpgsm keyring, Gnus
signs an outgoing email using S/MIME with the first one listed by "gpgsm
--list-secret-keys" instead of the one actually associated with the
"From:" mail address.


In GNU Emacs 26.0.50.1 (x86_64-pc-linux-gnu)
 of 2017-03-20 built on wilson
Repository revision: 09d50834206ff48bf6ac214e8cfb31d281ba993c
Windowing system distributor 'The X.Org Foundation', version 11.0.11804000
System Description:	Ubuntu 16.04.2 LTS

Recent messages:
Auto-saving...done
Deleting article 41027 in inbox
Saving file /home/bronger/.newsrc...
Wrote /home/bronger/.newsrc
Saving /home/bronger/.newsrc.eld...
Saving file /home/bronger/.newsrc.eld...
Wrote /home/bronger/.newsrc.eld
Saving /home/bronger/.newsrc.eld...done
delete-backward-char: Text is read-only [2 times]
Making completion list...

Configured using:
 'configure --prefix=/usr/local/ --mandir=/usr/local/share/man/
 --infodir=/usr/local/share/info/ --with-x-toolkit=no --without-makeinfo
 --with-xpm --with-jpeg --with-tiff --with-gif --with-png --with-x'

Configured features:
XPM JPEG TIFF GIF PNG RSVG SOUND DBUS GSETTINGS NOTIFY GNUTLS LIBXML2
FREETYPE XFT ZLIB X11

Important settings:
  value of $EMACSLOADPATH: /home/bronger/.emacs.d/lisp:
  value of $LANG: de_DE.UTF-8
  locale-coding-system: utf-8-unix

Major mode: Emacs-Lisp

Minor modes in effect:
  diff-auto-refine-mode: t
  global-auto-revert-mode: t
  shell-dirtrack-mode: t
  savehist-mode: t
  desktop-save-mode: t
  global-eldoc-mode: t
  electric-indent-mode: t
  mouse-wheel-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  line-number-mode: t

Load-path shadows:
/home/bronger/.emacs.d/lisp/visual-basic-mode hides /home/bronger/.emacs.d/lisp/nxhtml/related/visual-basic-mode
/home/bronger/.emacs.d/lisp/yasnippet/snippets/fundamental-mode/.yas-setup hides /home/bronger/.emacs.d/lisp/yasnippet/snippets/prog-mode/.yas-setup
/home/bronger/.emacs.d/lisp/yasnippet/snippets/fundamental-mode/.yas-setup hides /home/bronger/.emacs.d/lisp/yasnippet/snippets/python-mode/.yas-setup
/home/bronger/.emacs.d/lisp/yasnippet/snippets/fundamental-mode/.yas-setup hides /home/bronger/.emacs.d/lisp/yasnippet/yasmate/snippets/html-mode/.yas-setup
/home/bronger/.emacs.d/lisp/yasnippet/snippets/fundamental-mode/.yas-setup hides /home/bronger/.emacs.d/lisp/yasnippet/yasmate/snippets/objc-mode/.yas-setup
/home/bronger/.emacs.d/lisp/yasnippet/yasmate/snippets/html-mode/.yasmate-extra-substitutions hides /home/bronger/.emacs.d/lisp/yasnippet/yasmate/snippets/rails-mode/.yasmate-extra-substitutions
/home/bronger/.emacs.d/lisp/yasnippet/snippets/fundamental-mode/.yas-setup hides /home/bronger/.emacs.d/lisp/yasnippet/yasmate/snippets/rails-mode/.yas-setup
/home/bronger/.emacs.d/lisp/yasnippet/yasmate/snippets/html-mode/.yasmate-extra-substitutions hides /home/bronger/.emacs.d/lisp/yasnippet/yasmate/snippets/ruby-mode/.yasmate-extra-substitutions
/home/bronger/.emacs.d/lisp/yasnippet/snippets/fundamental-mode/.yas-setup hides /home/bronger/.emacs.d/lisp/yasnippet/yasmate/snippets/ruby-mode/.yas-setup
/home/bronger/.emacs.d/lisp/mmm/mmm-noweb hides /usr/local/share/emacs/site-lisp/mmm-noweb
/home/bronger/.emacs.d/lisp/po-mode hides /usr/local/share/emacs/site-lisp/po-mode
/home/bronger/.emacs.d/lisp/mmm/mmm-erb hides /usr/local/share/emacs/site-lisp/mmm-erb
/home/bronger/.emacs.d/lisp/browse-kill-ring hides /usr/local/share/emacs/site-lisp/browse-kill-ring
/home/bronger/.emacs.d/lisp/mmm/mmm-vars hides /usr/local/share/emacs/site-lisp/mmm-vars
/home/bronger/.emacs.d/lisp/mmm/mmm-cweb hides /usr/local/share/emacs/site-lisp/mmm-cweb
/home/bronger/.emacs.d/lisp/mmm/mmm-auto hides /usr/local/share/emacs/site-lisp/mmm-auto
/home/bronger/.emacs.d/lisp/mmm/mmm-rpm hides /usr/local/share/emacs/site-lisp/mmm-rpm
/home/bronger/.emacs.d/lisp/mmm/mmm-univ hides /usr/local/share/emacs/site-lisp/mmm-univ
/home/bronger/.emacs.d/lisp/mmm/mmm-mode hides /usr/local/share/emacs/site-lisp/mmm-mode
/home/bronger/.emacs.d/lisp/mmm/mmm-sample hides /usr/local/share/emacs/site-lisp/mmm-sample
/home/bronger/.emacs.d/lisp/mmm/mmm-region hides /usr/local/share/emacs/site-lisp/mmm-region
/home/bronger/.emacs.d/lisp/mmm/mmm-class hides /usr/local/share/emacs/site-lisp/mmm-class
/home/bronger/.emacs.d/lisp/auctex hides /usr/local/share/emacs/site-lisp/auctex
/home/bronger/.emacs.d/lisp/mmm/mmm-cmds hides /usr/local/share/emacs/site-lisp/mmm-cmds
/home/bronger/.emacs.d/lisp/mmm/mmm-compat hides /usr/local/share/emacs/site-lisp/mmm-compat
/home/bronger/.emacs.d/lisp/mmm/mmm-utils hides /usr/local/share/emacs/site-lisp/mmm-utils
/home/bronger/.emacs.d/lisp/mmm/mmm-mason hides /usr/local/share/emacs/site-lisp/mmm-mason
/home/bronger/.emacs.d/lisp/mmm/mmm-myghty hides /usr/local/share/emacs/site-lisp/mmm-myghty
/home/bronger/.emacs.d/lisp/tex-site hides /usr/local/share/emacs/site-lisp/tex-site
/home/bronger/.emacs.d/lisp/preview-latex hides /usr/local/share/emacs/site-lisp/preview-latex
/home/bronger/.emacs.d/lisp/bbdb/bbdb-xemacs hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-xemacs
/home/bronger/.emacs.d/lisp/bbdb/bbdb hides /usr/local/share/emacs/site-lisp/bbdb/bbdb
/home/bronger/.emacs.d/lisp/bbdb/bbdb-whois hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-whois
/home/bronger/.emacs.d/lisp/bbdb/bbdb-gnus hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-gnus
/home/bronger/.emacs.d/lisp/bbdb/bbdb-sc hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-sc
/home/bronger/.emacs.d/lisp/bbdb/bbdb-merge hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-merge
/home/bronger/.emacs.d/lisp/bbdb/bbdb-autoloads hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-autoloads
/home/bronger/.emacs.d/lisp/bbdb/bbdb-hooks hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-hooks
/home/bronger/.emacs.d/lisp/bbdb/bbdb-com hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-com
/home/bronger/.emacs.d/lisp/bbdb/bbdb-print hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-print
/home/bronger/.emacs.d/lisp/bbdb/bbdb-migrate hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-migrate
/home/bronger/.emacs.d/lisp/bbdb/bbdb-reportmail hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-reportmail
/home/bronger/.emacs.d/lisp/bbdb/bbdb-vm hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-vm
/home/bronger/.emacs.d/lisp/bbdb/bbdb-gui hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-gui
/home/bronger/.emacs.d/lisp/bbdb/bbdb-ftp hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-ftp
/home/bronger/.emacs.d/lisp/bbdb/bbdb-w3 hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-w3
/home/bronger/.emacs.d/lisp/bbdb/bbdb-srv hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-srv
/home/bronger/.emacs.d/lisp/bbdb/bbdb-snarf hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-snarf
/home/bronger/.emacs.d/lisp/bbdb/bbdb-rmail hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-rmail
/home/bronger/.emacs.d/lisp/bbdb/bbdb-mhe hides /usr/local/share/emacs/site-lisp/bbdb/bbdb-mhe
/home/bronger/.emacs.d/lisp/w3m/w3m-cookie hides /usr/local/share/emacs/site-lisp/w3m/w3m-cookie
/home/bronger/.emacs.d/lisp/w3m/w3m-bug hides /usr/local/share/emacs/site-lisp/w3m/w3m-bug
/home/bronger/.emacs.d/lisp/w3m/bookmark-w3m hides /usr/local/share/emacs/site-lisp/w3m/bookmark-w3m
/home/bronger/.emacs.d/lisp/w3m/w3m-symbol hides /usr/local/share/emacs/site-lisp/w3m/w3m-symbol
/home/bronger/.emacs.d/lisp/w3m/w3m-bookmark hides /usr/local/share/emacs/site-lisp/w3m/w3m-bookmark
/home/bronger/.emacs.d/lisp/w3m/w3m-mail hides /usr/local/share/emacs/site-lisp/w3m/w3m-mail
/home/bronger/.emacs.d/lisp/w3m/w3m-session hides /usr/local/share/emacs/site-lisp/w3m/w3m-session
/home/bronger/.emacs.d/lisp/w3m/w3m-lnum hides /usr/local/share/emacs/site-lisp/w3m/w3m-lnum
/home/bronger/.emacs.d/lisp/w3m/w3m-util hides /usr/local/share/emacs/site-lisp/w3m/w3m-util
/home/bronger/.emacs.d/lisp/w3m/w3m hides /usr/local/share/emacs/site-lisp/w3m/w3m
/home/bronger/.emacs.d/lisp/w3m/w3m-search hides /usr/local/share/emacs/site-lisp/w3m/w3m-search
/home/bronger/.emacs.d/lisp/w3m/w3m-image hides /usr/local/share/emacs/site-lisp/w3m/w3m-image
/home/bronger/.emacs.d/lisp/w3m/w3m-load hides /usr/local/share/emacs/site-lisp/w3m/w3m-load
/home/bronger/.emacs.d/lisp/w3m/w3m-dtree hides /usr/local/share/emacs/site-lisp/w3m/w3m-dtree
/home/bronger/.emacs.d/lisp/w3m/w3m-ccl hides /usr/local/share/emacs/site-lisp/w3m/w3m-ccl
/home/bronger/.emacs.d/lisp/w3m/w3m-weather hides /usr/local/share/emacs/site-lisp/w3m/w3m-weather
/home/bronger/.emacs.d/lisp/w3m/w3m-tabmenu hides /usr/local/share/emacs/site-lisp/w3m/w3m-tabmenu
/home/bronger/.emacs.d/lisp/w3m/w3m-form hides /usr/local/share/emacs/site-lisp/w3m/w3m-form
/home/bronger/.emacs.d/lisp/w3m/w3m-perldoc hides /usr/local/share/emacs/site-lisp/w3m/w3m-perldoc
/home/bronger/.emacs.d/lisp/w3m/w3m-namazu hides /usr/local/share/emacs/site-lisp/w3m/w3m-namazu
/home/bronger/.emacs.d/lisp/w3m/w3m-rss hides /usr/local/share/emacs/site-lisp/w3m/w3m-rss
/home/bronger/.emacs.d/lisp/w3m/w3m-favicon hides /usr/local/share/emacs/site-lisp/w3m/w3m-favicon
/home/bronger/.emacs.d/lisp/w3m/mime-w3m hides /usr/local/share/emacs/site-lisp/w3m/mime-w3m
/home/bronger/.emacs.d/lisp/w3m/w3m-antenna hides /usr/local/share/emacs/site-lisp/w3m/w3m-antenna
/home/bronger/.emacs.d/lisp/w3m/w3m-hist hides /usr/local/share/emacs/site-lisp/w3m/w3m-hist
/home/bronger/.emacs.d/lisp/w3m/w3m-filter hides /usr/local/share/emacs/site-lisp/w3m/w3m-filter
/home/bronger/.emacs.d/lisp/w3m/w3m-proc hides /usr/local/share/emacs/site-lisp/w3m/w3m-proc
/home/bronger/.emacs.d/lisp/w3m/octet hides /usr/local/share/emacs/site-lisp/w3m/octet
/home/bronger/.emacs.d/lisp/w3m/w3m-ucs hides /usr/local/share/emacs/site-lisp/w3m/w3m-ucs
/home/bronger/.emacs.d/lisp/w3m/mew-w3m hides /usr/local/share/emacs/site-lisp/w3m/mew-w3m
/home/bronger/.emacs.d/lisp/w3m/w3m-ems hides /usr/local/share/emacs/site-lisp/w3m/w3m-ems
/home/bronger/.emacs.d/lisp/w3m/w3m-fb hides /usr/local/share/emacs/site-lisp/w3m/w3m-fb

Features:
(shadow emacsbug gnus-picon smiley mm-archive gnus-async gnus-bcklg qp
gnus-ml disp-table mailalias smtpmail sendmail sort bbdb-gui gnus-cite
nnir nndraft nnmh gnus-agent gnus-srvr gnus-score score-mode nnvirtual
gnus-msg nnml nnfolder gnus-cache bbdb-gnus bbdb-snarf mail-extr
bbdb-com warnings network-stream nsm starttls nntp gnus-topic add-log
gmane gnus-art mm-uu mml2015 mm-view mml-smime smime dig gnus-sum
gnus-group gnus-undo gnus-start gnus-cloud nnimap nnmail mail-source tls
gnutls utf7 netrc nnoo gnus-spec gnus-int gnus-range message rfc822 mml
mml-sec epa epg mm-decode mm-bodies mm-encode mail-parse rfc2231
mailabbrev gmm-utils mailheader gnus-win vc-cvs go-oracle flyspell
ispell js moz imenu cc-mode cc-fonts cc-guess cc-menus cc-cmds cc-styles
cc-align cc-engine cc-vars cc-defs css-mode eww puny mm-url gnus
nnheader url-queue shr svg hideshow conf-mode python tramp-sh json map
rng-xsd xsd-regexp rng-cmpct rng-nxml rng-valid rng-loc rng-uri
rng-parse nxml-parse rng-match rng-dt rng-util rng-pttrn nxml-ns
nxml-mode nxml-outln nxml-rap sgml-mode dom nxml-util nxml-enc xmltok
dired-aux vc-git diff-mode reftex-dcr reftex reftex-loaddefs reftex-vars
font-latex latexenc darkroom cql-mode sql view rust-mode swift-mode
go-errcheck go-mode url url-proxy url-privacy url-expand url-methods
url-history url-cookie url-domsuf url-util mailcap find-file ffap
thingatpt etags xref project yaml-mode dockerfile-mode derived rx
sh-script smie executable dired-x adaptive-wrap vc-dispatcher vc-bzr
org-element org-rmail org-mhe org-irc org-info org-gnus gnus-util rmail
rmail-loaddefs rfc2047 rfc2045 ietf-drums mail-utils org-docview
org-bibtex bibtex org-bbdb org-w3m org-agenda ob-python org org-macro
org-footnote org-pcomplete org-list org-faces org-entities noutline
outline org-version ob-emacs-lisp ob ob-tangle ob-ref ob-lob ob-table
ob-exp org-src ob-keys ob-comint ob-core ob-eval org-compat org-macs
org-loaddefs find-func server w3m browse-url doc-view subr-x jka-compr
dired dired-loaddefs image-mode w3m-hist w3m-fb bookmark-w3m w3m-ems
wid-edit w3m-ccl ccl w3m-favicon w3m-image w3m-proc w3m-util rst compile
browse-kill-ring mmm-mode mmm-univ mmm-class mmm-region mmm-auto
mmm-vars mmm-utils mmm-compat cl bbdb-autoloads bbdb timezone cal-china
lunar solar cal-dst cal-bahai cal-islam cal-hebrew holidays hol-loaddefs
appt diary-lib diary-loaddefs cal-menu calendar cal-loaddefs preview
prv-emacs info reporter latex easy-mmode tex-style tex-buf tex dbus xml
mm-util mail-prsvr autorevert filenotify preview-latex tex-site
auto-loads edmacro kmacro tramp tramp-compat tramp-loaddefs trampver
ucs-normalize shell pcomplete comint ansi-color ring parse-time
format-spec advice savehist desktop frameset delsel cus-start cus-load
finder-inf package epg-config url-handlers url-parse auth-source cl-seq
eieio eieio-core cl-macs eieio-loaddefs password-cache url-vars seq
byte-opt gv bytecomp byte-compile cl-extra help-mode easymenu cconv
cl-loaddefs pcase cl-lib time-date mule-util tooltip eldoc electric
uniquify ediff-hook vc-hooks lisp-float-type mwheel term/x-win x-win
term/common-win x-dnd tool-bar dnd fontset image regexp-opt fringe
tabulated-list replace newcomment text-mode elisp-mode lisp-mode
prog-mode register page menu-bar rfn-eshadow isearch timer select
scroll-bar mouse jit-lock font-lock syntax facemenu font-core
term/tty-colors frame cl-generic cham georgian utf-8-lang misc-lang
vietnamese tibetan thai tai-viet lao korean japanese eucjp-ms cp51932
hebrew greek romanian slovak czech european ethiopic indian cyrillic
chinese composite charscript case-table epa-hook jka-cmpr-hook help
simple abbrev obarray minibuffer cl-preloaded nadvice loaddefs button
faces cus-face macroexp files text-properties overlay sha1 md5 base64
format env code-pages mule custom widget hashtable-print-readable
backquote dbusbind inotify dynamic-setting system-font-setting
font-render-setting x multi-tty make-network-process emacs)

Memory information:
((conses 16 827570 68035)
 (symbols 48 59127 78)
 (miscs 40 16680 401)
 (strings 32 160272 39554)
 (string-bytes 1 5061174)
 (vectors 16 80094)
 (vector-slots 8 1328229 12278)
 (floats 8 1925 456)
 (intervals 56 27729 0)
 (buffers 976 395)
 (heap 1024 89063 16386))

-- 
Torsten Bronger

[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 4900 bytes --]

bug#26587: 26.0.50; Gnus signs with false S/MIME key

[Lars Ingebrigtsen]

Torsten Bronger <bronger@physik.rwth-aachen.de> writes:

> If I have keys for different email addresses in my gpgsm keyring, Gnus
> signs an outgoing email using S/MIME with the first one listed by "gpgsm
> --list-secret-keys" instead of the one actually associated with the
> "From:" mail address.

I'm unable to reproduce this bug.

Could you describe, step by step, how you are composing the message to
be signed?

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

bug#26587: 26.0.50; Gnus signs with false S/MIME key

[Torsten Bronger]

Hallöchen!

Lars Ingebrigtsen writes:

> Torsten Bronger <bronger@physik.rwth-aachen.de> writes:
>
>> If I have keys for different email addresses in my gpgsm keyring, Gnus
>> signs an outgoing email using S/MIME with the first one listed by "gpgsm
>> --list-secret-keys" instead of the one actually associated with the
>> "From:" mail address.
>
> I'm unable to reproduce this bug.
>
> Could you describe, step by step, how you are composing the message to
> be signed?

When writing the message, I call (mml-secure-message-sign-smime).
The "From:" field contains "Torsten Bronger
<bronger@physik.rwth-aachen.de>".  My secret keys are:

bronger@brad:~/kfa/Zertifikate/juliabase$ gpgsm --list-secret-keys
/home/bronger/.gnupg/pubring.kbx
--------------------------------
           ID: 0x416092ED
          S/N: 1CDCFCFE038E7AD34DF1C3FC
       Issuer: /CN=DFN-Verein Global Issuing CA/OU=DFN-PKI/O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V./C=DE
      Subject: /CN=Torsten Bronger/O=Forschungszentrum Juelich GmbH/C=DE
          aka: t.bronger@fz-juelich.de

[...]

           ID: 0x4A86AFDB
          S/N: 213C2509C6CA74A7ED7133B8
       Issuer: /CN=DFN-Verein Global Issuing CA/OU=DFN-PKI/O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V./C=DE
      Subject: /CN=Torsten Bronger/OU=Fachgruppe Physik/O=RWTH Aachen/C=DE
          aka: bronger@physik.rwth-aachen.de
     validity: 2019-07-03 13:02:55 through 2022-07-02 13:02:55
     key type: 2048 bit RSA
    key usage: digitalSignature nonRepudiation keyEncipherment
ext key usage: clientAuth (suggested), emailProtection (suggested)
     policies: 1.3.6.1.4.1.22177.300.1.1.4:N:,1.3.6.1.4.1.22177.300.1.1.4.4:N:,1.3.6.1.4.1.22177.300.2.1.4.4:N:
  fingerprint: CD:BF:CA:E9:F3:83:B9:DC:00:E4:A2:B1:8F:D8:E0:78:4A:86:AF:DB

I would like the second key to be used.  But Gnus signs the email
with the first certificate.

Regards,
Torsten.

-- 
Torsten Bronger

bug#26587: 26.0.50; Gnus signs with false S/MIME key

[Lars Ingebrigtsen]

Torsten Bronger <bronger@physik.rwth-aachen.de> writes:

> When writing the message, I call (mml-secure-message-sign-smime).
> The "From:" field contains "Torsten Bronger
> <bronger@physik.rwth-aachen.de>".  My secret keys are:

OK, my first attempt at this ended up with Message not complaining at
all, but sending out a "signed" message with the following empty
signature:

--=-=-=
Content-Type: application/pkcs7-signature; name=smime.p7s
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=smime.p7s


--=-=-=--

I've now made it bug out if it can't find any identity to sign with.

Now, for the bug you're seeing...  If I'm tracing the code right (and I
may well not be), this is what's used to find what name to sign with:

(defun mml-secure-signer-names (protocol sender)
  "Determine signer names for PROTOCOL and message from SENDER.
Returned names may be e-mail addresses or key IDs and are determined based
on `mml-secure-openpgp-signers' and `mml-secure-openpgp-sign-with-sender' with
OpenPGP or `mml-secure-smime-signers' and `mml-secure-smime-sign-with-sender'
with S/MIME."
  (if (eq 'OpenPGP protocol)
      (append mml-secure-openpgp-signers
	      (if (and mml-secure-openpgp-sign-with-sender sender)
		  (list (concat "<" sender ">"))))
    (append mml-secure-smime-signers
	    (if (and mml-secure-smime-sign-with-sender sender)
		(list (concat "<" sender ">"))))))

mml-secure-smime-sign-with-sender defaults to nil, so it's normally not
used.  So this returns just the value of mml-secure-smime-signers.
What's that variable for you?

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

bug#26587: 26.0.50; Gnus signs with false S/MIME key

[Lars Ingebrigtsen]

Torsten Bronger <bronger@physik.rwth-aachen.de> writes:

> I would like the second key to be used.  But Gnus signs the email
> with the first certificate.

If I understand the code correctly, `epg-start-sign' is run here, and
gpgsm is started with the parameters looking like 

"--detach-sign" "-u" "4A44812B553ACE6D" "-u" "4A44812B553ACEetc"

with as many "-u"s as there are in your gpgsm store that matches
whatever you've set up in that list that lists all your identities you
want to use.

Could you edebug that function to see if that's really what happens?
Because if it is, we're leaving the decision to gpgsm itself which user
ID to use, and that seems very sub-optimal.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

bug#26587: 26.0.50; Gnus signs with false S/MIME key

[Torsten Bronger]

[-- Attachment #1: Type: text/plain, Size: 1122 bytes --]

Hallöchen!

Lars Ingebrigtsen writes:

> Torsten Bronger <bronger@physik.rwth-aachen.de> writes:
>
>> I would like the second key to be used.  But Gnus signs the email
>> with the first certificate.
>
> If I understand the code correctly, `epg-start-sign' is run here,
> and gpgsm is started with the parameters looking like
>
> "--detach-sign" "-u" "4A44812B553ACE6D" "-u" "4A44812B553ACEetc"
>
> with as many "-u"s as there are in your gpgsm store that matches
> whatever you've set up in that list that lists all your identities
> you want to use.
>
> Could you edebug that function to see if that's really what
> happens?  Because if it is, we're leaving the decision to gpgsm
> itself which user ID to use, and that seems very sub-optimal.

I don’t know how to edebug, so before learning this, I wrote a
wrapper for gpgsm, logging the parameters.  When sending the
message, gpgsm is called once, with the parameters

gpgsm --no-tty --status-fd 1 --yes --output /tmp/epg-outputmEnG08 --detach-sign

In particular, I don’t see "-u"s here.

Regards,
Torsten.

-- 
Torsten Bronger

[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 4900 bytes --]

bug#26587: 26.0.50; Gnus signs with false S/MIME key

[Torsten Bronger]

[-- Attachment #1: Type: text/plain, Size: 1227 bytes --]

Hallöchen!

Lars Ingebrigtsen writes:

> [...]
>
> Now, for the bug you're seeing...  If I'm tracing the code right (and I
> may well not be), this is what's used to find what name to sign with:
>
> (defun mml-secure-signer-names (protocol sender)
>   "Determine signer names for PROTOCOL and message from SENDER.
> Returned names may be e-mail addresses or key IDs and are determined based
> on `mml-secure-openpgp-signers' and `mml-secure-openpgp-sign-with-sender' with
> OpenPGP or `mml-secure-smime-signers' and `mml-secure-smime-sign-with-sender'
> with S/MIME."
>   (if (eq 'OpenPGP protocol)
>       (append mml-secure-openpgp-signers
> 	      (if (and mml-secure-openpgp-sign-with-sender sender)
> 		  (list (concat "<" sender ">"))))
>     (append mml-secure-smime-signers
> 	    (if (and mml-secure-smime-sign-with-sender sender)
> 		(list (concat "<" sender ">"))))))
>
> mml-secure-smime-sign-with-sender defaults to nil, so it's normally not
> used.  So this returns just the value of mml-secure-smime-signers.
> What's that variable for you?

It’s nil, and if I set it to t, my problem is gone.  Thank you!
Strange default, though …

Regards,
Torsten.

-- 
Torsten Bronger

[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 4913 bytes --]

bug#26587: 26.0.50; Gnus signs with false S/MIME key

[Lars Ingebrigtsen]

Torsten Bronger <bronger@physik.rwth-aachen.de> writes:

>> mml-secure-smime-sign-with-sender defaults to nil, so it's normally not
>> used.  So this returns just the value of mml-secure-smime-signers.
>> What's that variable for you?
>
> It’s nil, and if I set it to t, my problem is gone.  Thank you!
> Strange default, though …

Yes it is.  Does anybody know why mml-secure-smime-sign-with-sender is
nil?  Having it be t seems like a much more useful (and less surprising)
value.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

bug#26587: 26.0.50; Gnus signs with false S/MIME key

[Lars Ingebrigtsen]

Torsten Bronger <bronger@physik.rwth-aachen.de> writes:

> I don’t know how to edebug, so before learning this, I wrote a
> wrapper for gpgsm, logging the parameters.  When sending the
> message, gpgsm is called once, with the parameters
>
> gpgsm --no-tty --status-fd 1 --yes --output /tmp/epg-outputmEnG08 --detach-sign
>
> In particular, I don’t see "-u"s here.

Ah, right.  Since mml-secure-smime-signers was nil for you, then no -u
is added, and gpgsm will (by itself) default to the first certificate in
its store.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

bug#26587: 26.0.50; Gnus signs with false S/MIME key

[Lars Ingebrigtsen]

Lars Ingebrigtsen <larsi@gnus.org> writes:

> Torsten Bronger <bronger@physik.rwth-aachen.de> writes:
>
>>> mml-secure-smime-sign-with-sender defaults to nil, so it's normally not
>>> used.  So this returns just the value of mml-secure-smime-signers.
>>> What's that variable for you?
>>
>> It’s nil, and if I set it to t, my problem is gone.  Thank you!
>> Strange default, though …
>
> Yes it is.  Does anybody know why mml-secure-smime-sign-with-sender is
> nil?  Having it be t seems like a much more useful (and less surprising)
> value.

I think this problem was solved by having Message bug out (and say that
you should set mml-secure-smime-sign-with-sender if you wanted that), so
I'm closing this bug report.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

bug#26587: 26.0.50; Gnus signs with false S/MIME key

[Robert Pluim]

>>>>> On Tue, 04 Aug 2020 11:04:28 +0200, Lars Ingebrigtsen <larsi@gnus.org> said:

    Lars> Lars Ingebrigtsen <larsi@gnus.org> writes:
    >> Torsten Bronger <bronger@physik.rwth-aachen.de> writes:
    >> 
    >>>> mml-secure-smime-sign-with-sender defaults to nil, so it's normally not
    >>>> used.  So this returns just the value of mml-secure-smime-signers.
    >>>> What's that variable for you?
    >>> 
    >>> It’s nil, and if I set it to t, my problem is gone.  Thank you!
    >>> Strange default, though …
    >> 
    >> Yes it is.  Does anybody know why mml-secure-smime-sign-with-sender is
    >> nil?  Having it be t seems like a much more useful (and less surprising)
    >> value.

    Lars> I think this problem was solved by having Message bug out (and say that
    Lars> you should set mml-secure-smime-sign-with-sender if you wanted that), so
    Lars> I'm closing this bug report.

It does bug out, but its error message is not helpful. I have a patch
somewhere to improve it, but I guess itʼs too late for 27.1

Robert

bug#26587: 26.0.50; Gnus signs with false S/MIME key

[Lars Ingebrigtsen]

Robert Pluim <rpluim@gmail.com> writes:

> It does bug out, but its error message is not helpful. I have a patch
> somewhere to improve it, but I guess itʼs too late for 27.1

I'm guessing there will be a 27.2 release, too.  :-)

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no