From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Sascha Wilde Newsgroups: gmane.emacs.devel Subject: Re: pgg symmetric encryption patch Date: Fri, 7 Oct 2005 12:00:15 +0200 Message-ID: <20051007100014.GB4850@kenny.sha-bang.local> References: <2cd46e7f0510010928v8244052k2a98375e38fdd2ed@mail.gmail.com> <20051002104823.GA31722@kenny.sha-bang.local> <20051003192503.GA15503@kenny.sha-bang.local> <2cd46e7f0510031250u66ea1349yb437d539ce4027ef@mail.gmail.com> <20051004105330.GA5288@kenny.sha-bang.local> <20051005161905.GA6208@kenny.sha-bang.local> <20051006090152.GB4494@kenny.sha-bang.local> <2cd46e7f0510061541w73bb6a92wb6d22829b6e804ae@mail.gmail.com> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0444178615==" X-Trace: sea.gmane.org 1128680899 4428 80.91.229.2 (7 Oct 2005 10:28:19 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Fri, 7 Oct 2005 10:28:19 +0000 (UTC) Cc: "sascha schwab \(symmetric encryption patches\)" , "Daiki Ueno \(pgg author\)" , emacs-devel@gnu.org, "Richard M. Stallman" , "Simon Josefsson \(gnus maintainer of pgg\)" Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Oct 07 12:28:08 2005 Return-path: Original-Received: from lists.gnu.org ([199.232.76.165]) by ciao.gmane.org with esmtp (Exim 4.43) id 1ENpS5-0001qR-Gv for ged-emacs-devel@m.gmane.org; Fri, 07 Oct 2005 12:27:45 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1ENpS3-0004KW-Qk for ged-emacs-devel@m.gmane.org; Fri, 07 Oct 2005 06:27:44 -0400 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1ENp1u-0001OA-NW for emacs-devel@gnu.org; Fri, 07 Oct 2005 06:00:42 -0400 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1ENp1r-0001N1-AW for emacs-devel@gnu.org; Fri, 07 Oct 2005 06:00:40 -0400 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1ENp1m-0001MD-R3 for emacs-devel@gnu.org; Fri, 07 Oct 2005 06:00:35 -0400 Original-Received: from [62.141.58.119] (helo=km1136.keymachine.de) by monty-python.gnu.org with esmtp (TLS-1.0:DHE_RSA_3DES_EDE_CBC_SHA:24) (Exim 4.34) id 1ENp1l-0001nq-6B; Fri, 07 Oct 2005 06:00:33 -0400 Original-Received: from kenny.sha-bang.de (xdslo177.osnanet.de [82.149.191.177]) (authenticated bits=0) by km1136.keymachine.de (8.12.11/8.12.10) with ESMTP id j97A0DMJ030277; Fri, 7 Oct 2005 12:00:15 +0200 Original-Received: from wilde by kenny.sha-bang.de with local (Kenny MUA v.0409034.42) ID 1ENp1T-0001a2-5s; Fri, 07 Oct 2005 12:00:15 +0200 Original-To: Ken Manheimer Mail-Followup-To: Ken Manheimer , "Daiki Ueno (pgg author)" , "sascha schwab (symmetric encryption patches)" , "Simon Josefsson (gnus maintainer of pgg)" , "Richard M. Stallman" , emacs-devel@gnu.org In-Reply-To: <2cd46e7f0510061541w73bb6a92wb6d22829b6e804ae@mail.gmail.com> User-Agent: Mutt/1.5.9i X-wieners-gbr-MailScanner-Information: MailScanner presented by www.wieners-gbr.de X-wieners-gbr-MailScanner: Nachricht wurde nicht auf Viren und Spam untersucht, sprechen Sie uns an: www.wieners-gbr.de. X-MailScanner-From: wilde@sha-bang.de X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:43637 Archived-At: --===============0444178615== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="DBIVS5p969aUjpLe" Content-Disposition: inline --DBIVS5p969aUjpLe Content-Type: multipart/mixed; boundary="uAKRQypu60I7Lcqm" Content-Disposition: inline --uAKRQypu60I7Lcqm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Oct 06, 2005 at 06:41:14PM -0400, Ken Manheimer wrote: > which) involve this pgg code with sascha's most recent symmetric-key > extensions patch (emacs-pgg-symmetric.patch-03) applied (by hand - > couldn't get it to work using 'patch'). hmm, strange, I just applied the patch to a fresh GNU emacs cvs checkout w/o any problems -- only one changelog hunk failed, no wonder, the changelogs are constantly changing... ;-) =20 > 1. my most serious concern is with the unpatched pgg code. the text that > it encrypts is altered from the original, in order to append \r carria= ge > returns to the text (using pgg-as-lbt / pgg-convert-lbt). >=20 > the problem with this is that decryption on unix-ish platforms with > anything other than pgg will result in text that is different than the > original. This is supposed to be a feature, not a bug.=20 But read on, there actually _is_ a bug in PGG... Please note RfC 2440 5.9.: The last sentence gives a short summary on the subject Text data is stored with text endings (i.e. network-normal line endings). These should be converted to native line endings by the receiving software. As PGG tries to implement RfC conform OpenPGP, and it handles is text, not binary data, this always applies. Please read also on the `--textmode' option of gpg. THE BUG: pgg does the newline conversion by it self (I'm not quite sure why) but fails to tell the backend (gpg) that it should operate in textmode, so the Data Packet is tagged as binary, not text data... Please try if the appended patch (only against pgg-gpg.el) fixes this issue. [passphrase caching] As I'm short of time, I'll look into this issues later, sorry... > 4. in the patched version, the symmetric encryption does not replace the > original text with the encrypted text - it's only available in the > hidden " *PGG output*" buffer, but not put in place. I think, you want to use `pgg-encrypt-symmetric-region', which encapsulates the backend function `pgg-gpg-encrypt-symmetric-region' and puts the encrypted text in place. cheers sascha --=20 Sascha Wilde A conclusion is simply the place where someone got tired of thinking. --uAKRQypu60I7Lcqm Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="pgg-gpg_textmode.patch" Content-Transfer-Encoding: quoted-printable *** pgg-gpg.el 09 Aug 2005 12:53:45 +0200 1.6 --- pgg-gpg.el 07 Okt 2005 11:47:44 +0200=09 *************** *** 4,9 **** --- 4,10 ---- ;; 2005 Free Software Foundation, Inc. =20 ;; Author: Daiki Ueno + ;; Symmetric encryption added by: Sascha Wilde ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG =20 *************** *** 150,156 **** pgg-gpg-user-id))) (args (append ! (list "--batch" "--armor" "--always-trust" "--encrypt") (if sign (list "--sign" "--local-user" pgg-gpg-user-id)) (if recipients (apply #'nconc --- 151,157 ---- pgg-gpg-user-id))) (args (append ! (list "--batch" "--textmode" "--armor" "--always-trust" "--encrypt") (if sign (list "--sign" "--local-user" pgg-gpg-user-id)) (if recipients (apply #'nconc *************** *** 169,174 **** --- 170,185 ---- (pgg-gpg-possibly-cache-passphrase passphrase))) (pgg-process-when-success))) =20 + (defun pgg-gpg-encrypt-symmetric-region (start end) + "Encrypt the current region between START and END with symmetric cipher= =2E" + (let* ((passphrase + (pgg-read-passphrase "GnuPG passphrase for symmetric encryption: ")) + (args + (append (list "--batch" "--textmode" "--armor" "--symmetric" )))) + (pgg-as-lbt start end 'CRLF + (pgg-gpg-process-region start end passphrase pgg-gpg-program args))= =20 + (pgg-process-when-success))) +=20 (defun pgg-gpg-decrypt-region (start end) "Decrypt the current region between START and END." (let* ((current-buffer (current-buffer)) *************** *** 180,186 **** (pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id)) (passphrase (pgg-read-passphrase ! (format "GnuPG passphrase for %s: " pgg-gpg-user-id) pgg-gpg-user-id)) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) --- 191,200 ---- (pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id)) (passphrase (pgg-read-passphrase ! (format (if (pgg-gpg-symmetric-key-p message-keys) ! "Passphrase for symmetric dencryption: " ! "GnuPG passphrase for %s: ") ! pgg-gpg-user-id) pgg-gpg-user-id)) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) *************** *** 189,194 **** --- 203,215 ---- (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] DECRYPTION_OKAY\\>" nil t)))) =20 + (defun pgg-gpg-symmetric-key-p (message-keys) + "Check if MESSAGE-KEYS contains a symmetric encryption indicator." + (dolist (key message-keys result) + (when (and (eq (car key) 3) + (member '(symmetric-key-algorithm) key)) + (setq result key)))) +=20 (defun pgg-gpg-select-matching-key (message-keys secret-keys) "Choose a key from MESSAGE-KEYS that matches one of the keys in SECRET-= KEYS." (loop for message-key in message-keys --uAKRQypu60I7Lcqm-- --DBIVS5p969aUjpLe Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDRkcuchutvmkRUCQRAjIRAJ967719NfNAaXLx/8ta75U/PKlqYgCgn50n i6MMxRHp8lmiLssDLw+jo+w= =oaw0 -----END PGP SIGNATURE----- --DBIVS5p969aUjpLe-- --===============0444178615== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel --===============0444178615==--