From: Ken Manheimer <ken.manheimer@gmail.com>
Subject: Re: pgg symmetric encryption patch
Date: Fri, 7 Oct 2005 14:06:55 -0400 [thread overview]
Message-ID: <2cd46e7f0510071106k3d4d3e6agc36f16a37d8b6bc6@mail.gmail.com> (raw)
In-Reply-To: <20051007100014.GB4850@kenny.sha-bang.local>
On 10/7/05, Sascha Wilde <wilde@sha-bang.de> wrote:
> On Thu, Oct 06, 2005 at 06:41:14PM -0400, Ken Manheimer wrote:
>
> > which) involve this pgg code with sascha's most recent symmetric-key
> > extensions patch (emacs-pgg-symmetric.patch-03) applied (by hand -
> > couldn't get it to work using 'patch').
>
> hmm, strange, I just applied the patch to a fresh GNU emacs cvs
> checkout w/o any problems -- only one changelog hunk failed, no
> wonder, the changelogs are constantly changing... ;-)
ironically, this was a due to the patch file having DOS-style line
endings. i didn't notice the "(DOS)" indicator on the emacs mode line
- but did notice it when i just looked at the .rej files. i visited
the file "literally" ('find-file-literally') and stripped the ^Ms, and
the patch worked.
(to complicate matters a little, 'patch' compensated for the ^M line
endings in the new patch you sent (pgg-gpg_textmode.patch). i don't know why
that compensation didn't happen with the other patch - maybe something to
do with this one being for a single file and the other being multi?
aargh.)
> > 1. my most serious concern is with the unpatched pgg code. the text that
> > it encrypts is altered from the original, in order to append \r carriage
> > returns to the text (using pgg-as-lbt / pgg-convert-lbt).
> >
> > the problem with this is that decryption on unix-ish platforms with
> > anything other than pgg will result in text that is different than the
> > original.
>
> This is supposed to be a feature, not a bug.
> But read on, there actually _is_ a bug in PGG...
>
> Please note RfC 2440 5.9.:
>
> The last sentence gives a short summary on the subject
>
> Text data is stored with <CR><LF> text endings (i.e. network-normal
> line endings). These should be converted to native line endings by
> the receiving software.
>
> As PGG tries to implement RfC conform OpenPGP, and it handles is text,
> not binary data, this always applies.
>
> Please read also on the `--textmode' option of gpg.
>
> THE BUG: pgg does the newline conversion by it self (I'm not quite
> sure why) but fails to tell the backend (gpg) that it should operate
> in textmode, so the Data Packet is tagged as binary, not text data...
pgg is definitely doing the wrong thing in converting the text to DOS
format, itself. that requires that pgg be the decryption program used
if the platform where the message is being decrypted does not use DOS
file-encoding.
> Please try if the appended patch (only against pgg-gpg.el) fixes this
> issue.
that didn't work, but lead me in the right direction to what looks like the fix.
it does work if you also remove the invocation of the pgg-as-lbt macro
which encloses the pgg-gpg-process-region call. i'm including a patch
which does that for all of the pgg-gpg.el routines which use
pgg-as-lbt.
once again, i'm not *sure* that's the right thing, but i'm pretty sure
that the way pgg-as-lbt is being used is the wrong thing. maybe that
was done to try to provide for versions of gpg that lacked the
--textmode option. i don't think that would be a good idea.
(since pgg-as-lbt is a macro, its effect is a little beguiling. it
does its processing _before_ the call to pgg-gpg-process-region,
despite the fact that the latter is placed as an argument to the
former, and in contrast to what would happen in regular functions,
where the innermost call would be conducted first...)
> [passphrase caching]
>
> As I'm short of time, I'll look into this issues later, sorry...
i've resolved part of the problem in my patch, specifically:
> > 3. this key caching problem of #2 is compounded in the context of sascha's
> > [...]
> > - the patched version will use the prompt for the symmetric key even when
> > doing a public-key decryption.
the problem was that the 'result' value in dolist was being setq'd,
but not made local, so the previous result is used in the case that no
new result is found. i added a '(let (result) ...)' around the
dolist, and it's now behaving properly. that's in my version of your
patch.
caching of the symmetric passphrase is going to take some more thought.
what i did in allout is to manipulate mailcrypt's caching mechanism to
cache the symmetric key according to the file path, if any, else the
buffer name. that way, there's one symmetric key cached per file. on
top of that, there's allowance in the password reading mechanism for
new or varying symmetric keys for a file, with provision for
presenting a user-supplied key hint in the prompt, as well. i would
like to refine pgg's password prompting mechanism to make it easy for
allout to provide the prompt and other behaviors without making it too
specialized and complicated. i'm going to leave that for a separate
patch, once i get it done.
finally (with regard to the passphrase stuff), pgg should be caching
the key-pair mode passphrases according to the actual identity of the
key being addressed, and not the default user id. that info is
available explicitly when encrypting, and i suspect that your
pgg-gpg-symmetric-key-p demonstrates that it's available (via
pgg-decode-armor-region) when decrypting. the caching should
discriminate, and the decryption prompt should indicate, on the basis
of that info, but i'll leave it to someone else to make those
refinements to the pgg code. i'm going to just try to make sure the
caching and password reading mechanisms are general enough.
> > 4. in the patched version, the symmetric encryption does not replace the
> > original text with the encrypted text - it's only available in the
> > hidden " *PGG output*" buffer, but not put in place.
>
> I think, you want to use `pgg-encrypt-symmetric-region', which
> encapsulates the backend function `pgg-gpg-encrypt-symmetric-region'
> and puts the encrypted text in place.
you're correct, that was my mistake.
we're making some good progress here. the --textmode fact was crucial
- it's looking like the use of pgg-as-lbt is somehow misguided. i'm
hoping that the major things are taken care of, and i can refine the
passphrase caching mechanism as i see necessary.
thanks for your help!
ken manheimer
ken.manheimer@gmail.com
next prev parent reply other threads:[~2005-10-07 18:06 UTC|newest]
Thread overview: 156+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-30 17:24 new version of allout.el - patch and ChangeLog Ken Manheimer
2005-09-30 21:06 ` Sascha Wilde
2005-09-30 21:52 ` Ken Manheimer
2005-10-01 8:20 ` Andreas Schwab
2005-10-01 12:41 ` Reiner Steib
2005-10-01 23:54 ` James Cloos
2005-10-01 16:28 ` Ken Manheimer
2005-10-02 10:48 ` Sascha Wilde
2005-10-02 14:23 ` Ken Manheimer
2005-10-02 20:31 ` Richard M. Stallman
2005-10-03 19:25 ` pgg symmetric encryption patch (was: new version of allout.el - patch and ChangeLog) Sascha Wilde
2005-10-03 19:50 ` Ken Manheimer
2005-10-04 10:53 ` Sascha Wilde
2005-10-04 12:46 ` pgg symmetric encryption patch Stefan Monnier
2005-10-05 16:19 ` Sascha Wilde
2005-10-05 19:16 ` Ken Manheimer
2005-10-10 4:15 ` Richard M. Stallman
2005-10-06 2:18 ` Daiki Ueno
2005-10-06 9:01 ` Sascha Wilde
2005-10-06 22:41 ` Ken Manheimer
2005-10-07 10:00 ` Sascha Wilde
2005-10-07 18:06 ` Ken Manheimer [this message]
2005-10-07 21:49 ` Sascha Wilde
2005-10-08 8:48 ` Simon Josefsson
2005-10-08 10:36 ` Sascha Wilde
2005-10-08 11:14 ` Simon Josefsson
2005-10-08 12:56 ` Ken Manheimer
2005-10-08 22:56 ` Richard M. Stallman
2005-10-10 21:50 ` Ken Manheimer
2005-10-11 14:44 ` Richard M. Stallman
2005-10-08 13:43 ` Sascha Wilde
2005-10-08 18:31 ` Ken Manheimer
2005-10-08 19:16 ` Ken Manheimer
2005-10-10 21:15 ` Ken Manheimer
2005-10-10 21:16 ` Ken Manheimer
2005-10-12 23:47 ` Ken Manheimer
2005-10-20 14:08 ` Ken Manheimer
2005-10-20 14:12 ` Simon Josefsson
2005-10-20 14:30 ` Ken Manheimer
2005-10-20 14:42 ` Sascha Wilde
2005-10-25 7:23 ` Sascha Wilde
2005-10-25 20:26 ` Ken Manheimer
2005-10-25 21:18 ` Sascha Wilde
2005-10-25 21:28 ` Ken Manheimer
2005-10-26 9:57 ` Sascha Wilde
2005-10-26 15:45 ` Ken Manheimer
2005-10-27 7:37 ` Sascha Wilde
2005-10-29 11:42 ` Eli Zaretskii
2005-10-29 19:50 ` Ken Manheimer
2005-10-31 17:30 ` Ken Manheimer
2005-11-04 14:45 ` Eli Zaretskii
2005-10-20 18:07 ` Relocating pgg*.el (was: pgg symmetric encryption patch) Reiner Steib
2005-10-20 22:22 ` Kim F. Storm
2005-10-21 4:49 ` Richard M. Stallman
2005-10-20 23:38 ` pgg symmetric encryption patch Richard M. Stallman
2005-10-21 7:07 ` Simon Josefsson
2006-03-18 21:17 ` Small patch to enable use of gpg-agent with pgg Sascha Wilde
2006-03-18 23:30 ` Daniel Pittman
2006-03-19 0:46 ` Miles Bader
2006-03-19 3:45 ` Daniel Pittman
2006-03-19 18:28 ` Miles Bader
2006-03-19 9:49 ` Sascha Wilde
2006-03-19 17:30 ` Sascha Wilde
2006-03-21 14:32 ` Simon Josefsson
2006-03-21 21:29 ` Reiner Steib
2006-03-22 9:49 ` Simon Josefsson
2006-03-22 8:36 ` Sascha Wilde
2006-03-22 9:16 ` Daiki Ueno
2006-03-22 9:48 ` Simon Josefsson
2006-03-22 11:03 ` Sascha Wilde
2006-03-22 11:13 ` Simon Josefsson
2006-03-22 12:25 ` Daiki Ueno
2006-03-23 10:40 ` Daiki Ueno
2006-03-23 11:00 ` Simon Josefsson
2006-03-23 12:18 ` Daiki Ueno
2006-03-23 13:08 ` Simon Josefsson
2006-03-24 5:51 ` Daiki Ueno
2006-03-26 0:29 ` Daiki Ueno
2006-03-26 1:08 ` Simon Josefsson
2006-03-26 3:29 ` Miles Bader
2006-03-26 5:06 ` Daiki Ueno
2006-03-26 17:05 ` Simon Josefsson
2006-03-26 18:24 ` Sascha Wilde
2006-03-27 9:36 ` Simon Josefsson
2006-03-23 12:52 ` Sascha Wilde
2006-03-23 20:07 ` Daiki Ueno
2006-03-23 22:16 ` Sascha Wilde
2006-04-05 9:13 ` pgg-gpg broken? Sascha Wilde
2006-04-05 9:42 ` Daiki Ueno
2006-04-05 10:18 ` Sascha Wilde
2006-04-05 21:33 ` Daiki Ueno
2006-04-06 9:00 ` Sascha Wilde
2006-04-06 9:21 ` Daiki Ueno
2006-04-06 9:58 ` Sascha Wilde
2006-04-06 10:13 ` Daiki Ueno
2006-04-07 10:32 ` gpg-agent support removed?! (was: pgg-gpg broken?) Sascha Wilde
2006-04-07 12:11 ` Simon Josefsson
2006-04-07 12:14 ` gpg-agent support removed?! Romain Francoise
2006-04-07 13:00 ` Sascha Wilde
2006-04-07 13:30 ` Simon Josefsson
2006-04-07 20:59 ` Reiner Steib
2006-04-08 9:36 ` Romain Francoise
2006-04-08 10:05 ` Sascha Wilde
2006-04-07 12:35 ` Reiner Steib
2006-04-07 13:02 ` Daiki Ueno
2006-04-07 13:08 ` Sascha Wilde
2006-04-07 13:26 ` Daiki Ueno
2006-04-09 16:04 ` Sascha Wilde
2006-04-10 18:04 ` Reiner Steib
2006-04-07 13:40 ` Reiner Steib
2006-04-07 14:05 ` Thomas Baumann
2006-04-07 14:40 ` Daiki Ueno
2006-04-07 15:45 ` Reiner Steib
2006-04-07 20:55 ` Daiki Ueno
2006-04-07 21:22 ` Reiner Steib
2006-04-08 7:03 ` Thomas Baumann
2006-04-08 10:18 ` Daiki Ueno
2006-04-07 21:36 ` Richard Stallman
2006-04-08 9:45 ` Romain Francoise
2006-04-08 10:11 ` Daiki Ueno
2006-04-08 11:30 ` Romain Francoise
2006-04-08 11:58 ` Daiki Ueno
2006-04-10 18:04 ` PGG maintainance (was: gpg-agent support removed?!) Reiner Steib
2006-04-10 22:40 ` gpg-agent support removed?! Ken Manheimer
2006-04-08 22:34 ` Richard Stallman
2006-04-05 16:14 ` pgg-gpg broken? Reiner Steib
2006-04-05 19:22 ` Sascha Wilde
2006-03-22 9:46 ` Small patch to enable use of gpg-agent with pgg Simon Josefsson
2006-03-22 16:13 ` Simon Josefsson
2006-03-22 23:01 ` Katsumi Yamaoka
2006-03-22 23:45 ` Simon Josefsson
2006-03-23 0:58 ` Katsumi Yamaoka
2006-03-23 9:12 ` Simon Josefsson
2006-03-23 10:26 ` Sascha Wilde
2006-03-23 10:54 ` Simon Josefsson
2006-03-23 11:12 ` Simon Josefsson
2006-03-23 11:16 ` Simon Josefsson
2006-03-23 12:51 ` Reiner Steib
2006-03-23 13:07 ` Sascha Wilde
2006-03-23 13:10 ` Simon Josefsson
2006-03-23 12:00 ` Sascha Wilde
2006-03-23 13:00 ` Simon Josefsson
2006-03-26 18:11 ` Sascha Wilde
[not found] ` <m2wtels74l.fsf@kenny.sha-bang .de>
2006-03-23 23:09 ` Miles Bader
2006-04-02 0:30 ` Ken Manheimer
2006-04-02 8:28 ` Daiki Ueno
2005-12-09 15:43 ` pgg symmetric encryption patch Simon Josefsson
2005-12-09 20:30 ` Stefan Monnier
2005-12-09 20:31 ` Stefan Monnier
2005-12-10 4:13 ` Richard M. Stallman
2005-12-10 10:50 ` Simon Josefsson
2005-12-11 13:32 ` Sascha Wilde
2005-12-11 13:42 ` Simon Josefsson
2005-10-02 17:08 ` new version of allout.el - patch and ChangeLog Richard M. Stallman
[not found] ` <E1ELj0L-0000Pn-3T@fencepost.gnu.org>
2005-10-01 22:33 ` Ken Manheimer
2005-10-20 13:57 ` Ken Manheimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2cd46e7f0510071106k3d4d3e6agc36f16a37d8b6bc6@mail.gmail.com \
--to=ken.manheimer@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).