* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use [not found] <87zjegss2o.fsf@pcwi7557.uni-muenster.de> @ 2019-09-23 19:02 ` Lars Ingebrigtsen 2019-09-24 12:35 ` Jens Lechtenboerger 0 siblings, 1 reply; 17+ messages in thread From: Lars Ingebrigtsen @ 2019-09-23 19:02 UTC (permalink / raw) To: Jens Lechtenboerger; +Cc: 18393 Jens Lechtenboerger <lechten@wi.uni-muenster.de> writes: > I use mml-smime-use to prefer EPG over OpenSSL. However, > mm-view-pkcs7-verify ignores that variable and calls > smime-verify-region (which uses OpenSSL). > > For signed e-mails with > Content-Type: application/pkcs7-mime; name="smime.p7m"; > smime-type=signed-data > this results in the error message: "No CA configured" > (And the e-mail is displayed in base64 encoded form; the text is not > shown.) Could you send such a message to enable us to debug this? -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-23 19:02 ` bug#18393: mm-view-pkcs7-verify ignores mml-smime-use Lars Ingebrigtsen @ 2019-09-24 12:35 ` Jens Lechtenboerger 2019-09-25 13:38 ` Lars Ingebrigtsen 0 siblings, 1 reply; 17+ messages in thread From: Jens Lechtenboerger @ 2019-09-24 12:35 UTC (permalink / raw) To: Lars Ingebrigtsen; +Cc: 18393 [-- Attachment #1: Type: text/plain, Size: 809 bytes --] On 2019-09-23, Lars Ingebrigtsen wrote: > Jens Lechtenboerger <lechten@wi.uni-muenster.de> writes: > >> I use mml-smime-use to prefer EPG over OpenSSL. However, >> mm-view-pkcs7-verify ignores that variable and calls >> smime-verify-region (which uses OpenSSL). >> >> For signed e-mails with >> Content-Type: application/pkcs7-mime; name="smime.p7m"; >> smime-type=signed-data >> this results in the error message: "No CA configured" >> (And the e-mail is displayed in base64 encoded form; the text is not >> shown.) > > Could you send such a message to enable us to debug this? Attached you find the message from section 4.9 of RFC4134, with the CA certificate. Verify with: openssl smime -verify -CAfile carldssself.pem -in rfc4134-4.9.mail -signer signer.pem -out signedtext.txt Best wishes Jens [-- Attachment #2: rfc4134-4.9.mail --] [-- Type: application/octet-stream, Size: 1596 bytes --] MIME-Version: 1.0 To: User2@examples.com From: aliceDss@examples.com Subject: Example 4.9 Message-Id: <021031164540300.304@examples.com> Date: Thu, 31 Oct 2002 16:45:14 -0300 Content-Type: application/pkcs7-mime; smime-type=signed-data; name=smime.p7m Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename=smime.p7m MIIDmQYJKoZIhvcNAQcCoIIDijCCA4YCAQExCTAHBgUrDgMCGjAtBgkqhkiG9w0BBwGgIAQ eDQpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIC4DCCAtwwggKboAMCAQICAgDIMA kGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMTEwNDlaFw0zOTEyM zEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlRFNTMIIBtjCCASsGByqGSM44BAEwggEeAoGB AIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg 23j+bv7dM3F9piuR10DcMkQiVm96nXvn89J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dh DEeL3/nbCElzfy5FEbteQJllzzflvbAhUA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUi TKqOfs+bdlLWWpMdiM5BAI1XPLLGjDDHlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oI Xks+kPht6pzJIYo7dhTpzi5dowfNI4W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+waYTYfEX/ Cve3RUP+YdMLRgUpgObo2OQOBhAACgYBc47ladRSWC6l63eM/qeysXty9txMRNKYWiSgRI9 k0hmd1dRMSPUNbb+VRv/qJ8qIbPiR9PQeNW2PIu0WloErjhdbOBoA/6CN+GvIkq1MauCcNH u8Iv2YUgFxirGX6FYvxuzTU0pY39mFHssQyhPB+QUD9RqdjTjPypeL08oPluKOBgTB/MAwG A1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0 gvEMrk/EfMB0GA1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAfBgNVHREEGDAWgRRBbG ljZURTU0BleGFtcGxlLmNvbTAJBgcqhkjOOAQDAzAAMC0CFFUMpBkfQiuJcSIzjYNqtT1na 79FAhUAn2FTUlQLXLLd2ud2HeIQUltDXr0xYzBhAgEBMBgwEjEQMA4GA1UEAxMHQ2FybERT UwICAMgwBwYFKw4DAhowCQYHKoZIzjgEAwQuMCwCFD1cSW6LIUFzeXle3YI5SKSBer/sAhQ mCq7s/CTFHOEjgASeUjbMpx5g6A== [-- Attachment #3: carldssself.pem --] [-- Type: application/octet-stream, Size: 964 bytes --] -----BEGIN CERTIFICATE----- MIICmzCCAlqgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1Mw HhcNOTkwODE2MjI1MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJs RFNTMIIBtzCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RN qx6B+8ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjS u36KCoq6Fnu5UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeL cF+5reEI1G0pLdbpAhUA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdq dDdPVX+d7bxhDetGWTxWCytbDJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKd nESHC8fN8BzZtU5dc96vDskdWlH1T0R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRj H4a4o1gGJfgpwO+64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNmoLHArdwsdbvhbESc 2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/nXA+87YaADj /dVwT98jlhkGlPSxYY86V7EIEaQLJiXwUnaB6gtiDZUq5oa6crKnUIMLqifNG6lN iZrXjRg5hD+LxVZNgHqjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD AgGGMB0GA1UdDgQWBBRwRD6CLm+H3krTdeM9ILxDK5PxHzAJBgcqhkjOOAQDAzAA MC0CFGup8E56Wnnj+b49K8kGN+kRF6ETAhUAjzRpKouxPAN5lDJNEh/OiftGsjs= -----END CERTIFICATE----- ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-24 12:35 ` Jens Lechtenboerger @ 2019-09-25 13:38 ` Lars Ingebrigtsen 2019-09-26 9:04 ` Jens Lechtenboerger 0 siblings, 1 reply; 17+ messages in thread From: Lars Ingebrigtsen @ 2019-09-25 13:38 UTC (permalink / raw) To: Jens Lechtenboerger; +Cc: 18393 Jens Lechtenboerger <lechten@wi.uni-muenster.de> writes: >>> I use mml-smime-use to prefer EPG over OpenSSL. However, >>> mm-view-pkcs7-verify ignores that variable and calls >>> smime-verify-region (which uses OpenSSL). >>> >>> For signed e-mails with >>> Content-Type: application/pkcs7-mime; name="smime.p7m"; >>> smime-type=signed-data >>> this results in the error message: "No CA configured" >>> (And the e-mail is displayed in base64 encoded form; the text is not >>> shown.) >> >> Could you send such a message to enable us to debug this? > > Attached you find the message from section 4.9 of RFC4134, with the > CA certificate. Verify with: > > openssl smime -verify -CAfile carldssself.pem -in rfc4134-4.9.mail > -signer signer.pem -out signedtext.txt Yup, I get the same. If I say: (setq smime-CA-file "/tmp/carldssself.pem") I get a blank article buffer. I'm trying to follow the logic of the code here. One bug is what you report, that mml-smime-use isn't heeded, and I'll fix that (it seems pretty easy, I can just cargo-cult mm-view-pkcs7-decrypt, which starts: (defun mm-view-pkcs7-decrypt (handle &optional from) (insert-buffer-substring (mm-handle-buffer handle)) (goto-char (point-min)) (if (eq mml-smime-use 'epg) ... But in this instance we don't get to that function. Instead we get to: (defun mm-view-pkcs7 (handle &optional from) (cl-case (mm-view-pkcs7-get-type handle) (enveloped (mm-view-pkcs7-decrypt handle from)) (signed (mm-view-pkcs7-verify handle)) (otherwise (error "Unknown or unimplemented PKCS#7 type")))) (defun mm-view-pkcs7-verify (handle) ...) because this is "signed", not "enveloped". I'm not very familiar with this stuff... but the mm-view-pkcs7-verify function just verifies the data and doesn't return anything, which explains why I'm getting an empty article buffer. But why is this ever useful? It seems odd, doesn't it? Is the -verify function also supposed to return the decoded text? (Which is "This is some sample content.".) -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-25 13:38 ` Lars Ingebrigtsen @ 2019-09-26 9:04 ` Jens Lechtenboerger 2019-09-26 14:26 ` Lars Ingebrigtsen 0 siblings, 1 reply; 17+ messages in thread From: Jens Lechtenboerger @ 2019-09-26 9:04 UTC (permalink / raw) To: Lars Ingebrigtsen; +Cc: 18393 On 2019-09-25, Lars Ingebrigtsen wrote: > (setq smime-CA-file "/tmp/carldssself.pem") > > I get a blank article buffer. Same here. > [...] > (defun mm-view-pkcs7-verify (handle) > ...) > > because this is "signed", not "enveloped". I'm not very familiar with > this stuff... but the mm-view-pkcs7-verify function just verifies the > data and doesn't return anything, which explains why I'm getting an > empty article buffer. But why is this ever useful? It seems odd, > doesn't it? > > Is the -verify function also supposed to return the decoded text? > (Which is "This is some sample content.".) Function mm-view-pkcs7-verify calls (mm-insert-part handle), which somehow deals with the text for subsequent display. The search for "Content-Type" suggests that this is only meant for multi-part e-mails, for which it really works. In this case, however, it inserts the text among binary data, which seems to fail subsequently. Best wishes Jens ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-26 9:04 ` Jens Lechtenboerger @ 2019-09-26 14:26 ` Lars Ingebrigtsen 2019-09-26 14:32 ` Lars Ingebrigtsen 0 siblings, 1 reply; 17+ messages in thread From: Lars Ingebrigtsen @ 2019-09-26 14:26 UTC (permalink / raw) To: Jens Lechtenboerger; +Cc: 18393 Jens Lechtenboerger <lechten@wi.uni-muenster.de> writes: > On 2019-09-25, Lars Ingebrigtsen wrote: > >> (setq smime-CA-file "/tmp/carldssself.pem") >> >> I get a blank article buffer. > > Same here. I've now fixed this on the trunk. >> [...] >> (defun mm-view-pkcs7-verify (handle) >> ...) >> >> because this is "signed", not "enveloped". I'm not very familiar with >> this stuff... but the mm-view-pkcs7-verify function just verifies the >> data and doesn't return anything, which explains why I'm getting an >> empty article buffer. But why is this ever useful? It seems odd, >> doesn't it? >> >> Is the -verify function also supposed to return the decoded text? >> (Which is "This is some sample content.".) > > Function mm-view-pkcs7-verify calls (mm-insert-part handle), which > somehow deals with the text for subsequent display. But that's just the raw data that's supposed to be verified. "openssl smime" outputs the actual verified data, so I've adjusted the callers to return that. In addition, whatever that function inserted in that buffer was just discarded. *phew* OK, so now it works for the case you weren't using, so now I can start working on the actual bug report. :-) -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-26 14:26 ` Lars Ingebrigtsen @ 2019-09-26 14:32 ` Lars Ingebrigtsen 2019-09-27 6:09 ` Jens Lechtenboerger 0 siblings, 1 reply; 17+ messages in thread From: Lars Ingebrigtsen @ 2019-09-26 14:32 UTC (permalink / raw) To: Jens Lechtenboerger; +Cc: 18393 Lars Ingebrigtsen <larsi@gnus.org> writes: > OK, so now it works for the case you weren't using, so now I can start > working on the actual bug report. :-) And that part was trivial. :-) Can you check whether this works for you now with the test email? -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-26 14:32 ` Lars Ingebrigtsen @ 2019-09-27 6:09 ` Jens Lechtenboerger 2019-09-27 6:33 ` Jens Lechtenboerger 0 siblings, 1 reply; 17+ messages in thread From: Jens Lechtenboerger @ 2019-09-27 6:09 UTC (permalink / raw) To: Lars Ingebrigtsen; +Cc: 18393 On 2019-09-26, Lars Ingebrigtsen wrote: > Lars Ingebrigtsen <larsi@gnus.org> writes: > >> OK, so now it works for the case you weren't using, so now I can start >> working on the actual bug report. :-) > > And that part was trivial. :-) Can you check whether this works for > you now with the test email? Yes, many thanks for your efforts! This works for the test mail and for multipart mails. Best wishes Jens ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-27 6:09 ` Jens Lechtenboerger @ 2019-09-27 6:33 ` Jens Lechtenboerger 2019-09-27 13:55 ` Lars Ingebrigtsen 0 siblings, 1 reply; 17+ messages in thread From: Jens Lechtenboerger @ 2019-09-27 6:33 UTC (permalink / raw) To: Lars Ingebrigtsen; +Cc: 18393 On 2019-09-27, Jens Lechtenboerger wrote: > On 2019-09-26, Lars Ingebrigtsen wrote: > >> Lars Ingebrigtsen <larsi@gnus.org> writes: >> >>> OK, so now it works for the case you weren't using, so now I can start >>> working on the actual bug report. :-) >> >> And that part was trivial. :-) Can you check whether this works for >> you now with the test email? > > Yes, many thanks for your efforts! This works for the test mail and > for multipart mails. One addition: If verification fails, just an empty buffer is shown, without any indication what went wrong. An error message would be nice, also an option to see the text anyways. Best wishes Jens ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-27 6:33 ` Jens Lechtenboerger @ 2019-09-27 13:55 ` Lars Ingebrigtsen 2019-09-27 15:04 ` Jens Lechtenboerger 0 siblings, 1 reply; 17+ messages in thread From: Lars Ingebrigtsen @ 2019-09-27 13:55 UTC (permalink / raw) To: Jens Lechtenboerger; +Cc: 18393 Jens Lechtenboerger <lechten@wi.uni-muenster.de> writes: >> Yes, many thanks for your efforts! This works for the test mail and >> for multipart mails. Thanks for checking. > One addition: If verification fails, just an empty buffer is shown, > without any indication what went wrong. An error message would be > nice, also an option to see the text anyways. Yes, that's true. Could you send me a couple of messages where verification should fail for me so that I can test? Perhaps we should start building a test suite... -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-27 13:55 ` Lars Ingebrigtsen @ 2019-09-27 15:04 ` Jens Lechtenboerger 2019-09-27 15:19 ` Lars Ingebrigtsen 0 siblings, 1 reply; 17+ messages in thread From: Jens Lechtenboerger @ 2019-09-27 15:04 UTC (permalink / raw) To: Lars Ingebrigtsen; +Cc: 18393 [-- Attachment #1: Type: text/plain, Size: 888 bytes --] On 2019-09-27, Lars Ingebrigtsen wrote: > Jens Lechtenboerger <lechten@wi.uni-muenster.de> writes: > >> One addition: If verification fails, just an empty buffer is shown, >> without any indication what went wrong. An error message would be >> nice, also an option to see the text anyways. > > Yes, that's true. Could you send me a couple of messages where > verification should fail for me so that I can test? Perhaps we should > start building a test suite... Actually, I was too fast. I had a problem with my keyring, which resulted in verification errors, which in turn resulted in empty buffers. I’m not sure how to test this. Attached you find an e-mail where I just changed some bytes in the text, keeping the old signature. Verification fails, but the messages is displayed without any indication of the verification failure. Best wishes Jens [-- Attachment #2: rfc4134-invalid-sig.mail --] [-- Type: application/octet-stream, Size: 1605 bytes --] MIME-Version: 1.0 To: User2@examples.com From: aliceDss@examples.com Subject: Example 4.9 - changed Message-Id: <021031164540300.304@examples.com> Date: Thu, 31 Oct 2002 16:45:14 -0300 Content-Type: application/pkcs7-mime; name="smime.p7m"; smime-type=signed-data Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7m" MIIDmQYJKoZIhvcNAQcCoIIDijCCA4YCAQExCTAHBgUrDgMCGjAtBgkqhkiG9w0BBwGgIAQeDQpU aGlzIGlzIHNvbWUgY2hhbmdlZGNvbnRlbnQuoIIC4DCCAtwwggKboAMCAQICAgDIMAkGByqGSM44 BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMTEwNDlaFw0zOTEyMzEyMzU5NTlaMBMx ETAPBgNVBAMTCEFsaWNlRFNTMIIBtjCCASsGByqGSM44BAEwggEeAoGBAIGNze2D6gqeOT7CSCij 5EeT3Q7XqA7sU8WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg23j+bv7dM3F9piuR10DcMkQiV m96nXvn89J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvb AhUA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDDHlBd 3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4W4LzABfG1J iRGJNkS9+MiVSlNWteL5c+waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQOBhAACgYBc47ladRSWC6l6 3eM/qeysXty9txMRNKYWiSgRI9k0hmd1dRMSPUNbb+VRv/qJ8qIbPiR9PQeNW2PIu0WloErjhdbO BoA/6CN+GvIkq1MauCcNHu8Iv2YUgFxirGX6FYvxuzTU0pY39mFHssQyhPB+QUD9RqdjTjPypeL0 8oPluKOBgTB/MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIu b4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAfBgNVHREEGDAW gRRBbGljZURTU0BleGFtcGxlLmNvbTAJBgcqhkjOOAQDAzAAMC0CFFUMpBkfQiuJcSIzjYNqtT1n a79FAhUAn2FTUlQLXLLd2ud2HeIQUltDXr0xYzBhAgEBMBgwEjEQMA4GA1UEAxMHQ2FybERTUwIC AMgwBwYFKw4DAhowCQYHKoZIzjgEAwQuMCwCFD1cSW6LIUFzeXle3YI5SKSBer/sAhQmCq7s/CTF HOEjgASeUjbMpx5g6A== ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-27 15:04 ` Jens Lechtenboerger @ 2019-09-27 15:19 ` Lars Ingebrigtsen 2019-09-27 18:15 ` Jens Lechtenboerger 0 siblings, 1 reply; 17+ messages in thread From: Lars Ingebrigtsen @ 2019-09-27 15:19 UTC (permalink / raw) To: Jens Lechtenboerger; +Cc: 18393 Jens Lechtenboerger <lechten@wi.uni-muenster.de> writes: > Actually, I was too fast. I had a problem with my keyring, which > resulted in verification errors, which in turn resulted in empty > buffers. I’m not sure how to test this. > > Attached you find an e-mail where I just changed some bytes in the > text, keeping the old signature. Verification fails, but the > messages is displayed without any indication of the verification > failure. Thanks. The more I dig into the entire framework for reporting errors in encrypted/signed messages we have, the more inadequate it seems. If you have a multipart/signed message, and you have (setq gnus-buttonized-mime-types '("multipart/\\(signed\\|encrypted\\)")) then the button (!) will tell you whether the verification of the signature was successful or not. And the decryption/verification functions alter the mm-security-handle bound by mm-possibly-verify-or-decrypt to enable this... er... reporting. If you don't have the button (and by default that variable is nil), you'll get no feedback whatsoever. In the case of the message you sent me, it's not a multipart message, so no buttons are inserted anyway, so you never ever get any feedback. This doesn't seem the right way to do security-related functionality. I think the principle here should be, when displaying signed/encrypted messages, that Gnus should, by default: 1) say that what you're viewing is signed/encrypted and 2) explicitly say whether the signature was verified or not, and if there were any error messages, it should report them. But 1) should not be done in an obnoxious way. But I should be doing more testing before I start hacking away, and have a bigger test corpus. Does anybody know of one that's handy with different signing/encryption methods? -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-27 15:19 ` Lars Ingebrigtsen @ 2019-09-27 18:15 ` Jens Lechtenboerger 2019-09-28 17:55 ` Lars Ingebrigtsen 0 siblings, 1 reply; 17+ messages in thread From: Jens Lechtenboerger @ 2019-09-27 18:15 UTC (permalink / raw) To: Lars Ingebrigtsen; +Cc: 18393 On 2019-09-27, at 17:19, Lars Ingebrigtsen wrote: > But I should be doing more testing before I start hacking away, and have > a bigger test corpus. > > Does anybody know of one that's handy with different signing/encryption > methods? At the end of 2015, when gnus was still maintained in its own repository (https://git.gnus.org/gnus.git) and had a "lisp/tests" subdirectory, I refactored gnus code for OpenPGP and S/MIME and added tests/gnustest-mml-sec.el with key material in tests/mml-gpghome (with expired subkeys, disabled keys, revoked uids). I don’t know whether that is still publicly accessible anywhere but I’ve got a local copy with my merged branch if you are interested. I did not create S/MIME messages of the form of this bug report. Best wishes Jens ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-27 18:15 ` Jens Lechtenboerger @ 2019-09-28 17:55 ` Lars Ingebrigtsen 2019-09-29 8:56 ` Jens Lechtenboerger 0 siblings, 1 reply; 17+ messages in thread From: Lars Ingebrigtsen @ 2019-09-28 17:55 UTC (permalink / raw) To: Jens Lechtenboerger; +Cc: 18393 Jens Lechtenboerger <lechten@wi.uni-muenster.de> writes: > At the end of 2015, when gnus was still maintained in its own > repository (https://git.gnus.org/gnus.git) and had a "lisp/tests" > subdirectory, I refactored gnus code for OpenPGP and S/MIME and > added tests/gnustest-mml-sec.el with key material in > tests/mml-gpghome (with expired subkeys, disabled keys, revoked > uids). I don’t know whether that is still publicly accessible > anywhere but I’ve got a local copy with my merged branch if you are > interested. I do not seem to have a "mml-gpghome" directory on any of my machines. Could you tar up and mail me the test data? -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-28 17:55 ` Lars Ingebrigtsen @ 2019-09-29 8:56 ` Jens Lechtenboerger 2019-09-29 11:17 ` Lars Ingebrigtsen 0 siblings, 1 reply; 17+ messages in thread From: Jens Lechtenboerger @ 2019-09-29 8:56 UTC (permalink / raw) To: Lars Ingebrigtsen; +Cc: 18393 On 2019-09-28, at 19:55, Lars Ingebrigtsen wrote: > Jens Lechtenboerger <lechten@wi.uni-muenster.de> writes: > >> At the end of 2015, when gnus was still maintained in its own >> repository (https://git.gnus.org/gnus.git) and had a "lisp/tests" >> subdirectory, I refactored gnus code for OpenPGP and S/MIME and >> added tests/gnustest-mml-sec.el with key material in >> tests/mml-gpghome (with expired subkeys, disabled keys, revoked >> uids). I don’t know whether that is still publicly accessible >> anywhere but I’ve got a local copy with my merged branch if you are >> interested. > > I do not seem to have a "mml-gpghome" directory on any of my machines. > Could you tar up and mail me the test data? I uploaded a tar archive for the test directory here: https://uni-muenster.sciebo.de/s/OIfu8cUSgqRfhVs The file gnustest-mml-sec.README contains initial pointers. Best wishes Jens ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-29 8:56 ` Jens Lechtenboerger @ 2019-09-29 11:17 ` Lars Ingebrigtsen 2019-09-30 6:43 ` Lars Ingebrigtsen 2020-08-04 17:30 ` Lars Ingebrigtsen 0 siblings, 2 replies; 17+ messages in thread From: Lars Ingebrigtsen @ 2019-09-29 11:17 UTC (permalink / raw) To: Jens Lechtenboerger; +Cc: 18393 Jens Lechtenboerger <lechten@wi.uni-muenster.de> writes: > I uploaded a tar archive for the test directory here: > https://uni-muenster.sciebo.de/s/OIfu8cUSgqRfhVs > > The file gnustest-mml-sec.README contains initial pointers. Thanks; I'll have a look and possibly put some of the tests into the Emacs test directory. -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-29 11:17 ` Lars Ingebrigtsen @ 2019-09-30 6:43 ` Lars Ingebrigtsen 2020-08-04 17:30 ` Lars Ingebrigtsen 1 sibling, 0 replies; 17+ messages in thread From: Lars Ingebrigtsen @ 2019-09-30 6:43 UTC (permalink / raw) To: 18393 I've now started the job of reporting reporting back decryption/verification errors. The first bit is just a refactoring of the code with some helper functions to make it really explicit when things fail or not. There should be no functional change so far... -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no ^ permalink raw reply [flat|nested] 17+ messages in thread
* bug#18393: mm-view-pkcs7-verify ignores mml-smime-use 2019-09-29 11:17 ` Lars Ingebrigtsen 2019-09-30 6:43 ` Lars Ingebrigtsen @ 2020-08-04 17:30 ` Lars Ingebrigtsen 1 sibling, 0 replies; 17+ messages in thread From: Lars Ingebrigtsen @ 2020-08-04 17:30 UTC (permalink / raw) To: Jens Lechtenboerger; +Cc: 18393 Lars Ingebrigtsen <larsi@gnus.org> writes: > Jens Lechtenboerger <lechten@wi.uni-muenster.de> writes: > >> I uploaded a tar archive for the test directory here: >> https://uni-muenster.sciebo.de/s/OIfu8cUSgqRfhVs >> >> The file gnustest-mml-sec.README contains initial pointers. > > Thanks; I'll have a look and possibly put some of the tests into the > Emacs test directory. I've now added these tests to Emacs 28. I think that covers all the specific bugs reported in this bug report, so I'm closing it. If there are more bugs in this area (and I'm sure there are), please open new reports. -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no ^ permalink raw reply [flat|nested] 17+ messages in thread
end of thread, other threads:[~2020-08-04 17:30 UTC | newest]
Thread overview: 17+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <87zjegss2o.fsf@pcwi7557.uni-muenster.de>
2019-09-23 19:02 ` bug#18393: mm-view-pkcs7-verify ignores mml-smime-use Lars Ingebrigtsen
2019-09-24 12:35 ` Jens Lechtenboerger
2019-09-25 13:38 ` Lars Ingebrigtsen
2019-09-26 9:04 ` Jens Lechtenboerger
2019-09-26 14:26 ` Lars Ingebrigtsen
2019-09-26 14:32 ` Lars Ingebrigtsen
2019-09-27 6:09 ` Jens Lechtenboerger
2019-09-27 6:33 ` Jens Lechtenboerger
2019-09-27 13:55 ` Lars Ingebrigtsen
2019-09-27 15:04 ` Jens Lechtenboerger
2019-09-27 15:19 ` Lars Ingebrigtsen
2019-09-27 18:15 ` Jens Lechtenboerger
2019-09-28 17:55 ` Lars Ingebrigtsen
2019-09-29 8:56 ` Jens Lechtenboerger
2019-09-29 11:17 ` Lars Ingebrigtsen
2019-09-30 6:43 ` Lars Ingebrigtsen
2020-08-04 17:30 ` Lars Ingebrigtsen
Code repositories for project(s) associated with this public inbox https://git.savannah.gnu.org/cgit/emacs.git This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).