From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ken Manheimer Newsgroups: gmane.emacs.devel Subject: Re: pgg symmetric encryption patch Date: Sat, 8 Oct 2005 14:31:33 -0400 Message-ID: <2cd46e7f0510081131h14e2bbeaga7f1a33ebd6347c8@mail.gmail.com> References: <2cd46e7f0510031250u66ea1349yb437d539ce4027ef@mail.gmail.com> <20051005161905.GA6208@kenny.sha-bang.local> <20051006090152.GB4494@kenny.sha-bang.local> <2cd46e7f0510061541w73bb6a92wb6d22829b6e804ae@mail.gmail.com> <20051007100014.GB4850@kenny.sha-bang.local> <2cd46e7f0510071106k3d4d3e6agc36f16a37d8b6bc6@mail.gmail.com> <20051007214952.GA30235@kenny.sha-bang.local> <20051008103627.GA1218@kenny.sha-bang.local> Reply-To: Ken Manheimer NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Trace: sea.gmane.org 1128796336 16210 80.91.229.2 (8 Oct 2005 18:32:16 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Sat, 8 Oct 2005 18:32:16 +0000 (UTC) Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sat Oct 08 20:32:09 2005 Return-path: Original-Received: from lists.gnu.org ([199.232.76.165]) by ciao.gmane.org with esmtp (Exim 4.43) id 1EOJU2-0007HA-ON for ged-emacs-devel@m.gmane.org; Sat, 08 Oct 2005 20:31:47 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1EOJU1-0000B6-V8 for ged-emacs-devel@m.gmane.org; Sat, 08 Oct 2005 14:31:46 -0400 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1EOJTs-0000AM-7f for emacs-devel@gnu.org; Sat, 08 Oct 2005 14:31:36 -0400 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1EOJTq-0000AA-Iq for emacs-devel@gnu.org; Sat, 08 Oct 2005 14:31:35 -0400 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1EOJTq-0000A7-FO for emacs-devel@gnu.org; Sat, 08 Oct 2005 14:31:34 -0400 Original-Received: from [64.233.162.194] (helo=zproxy.gmail.com) by monty-python.gnu.org with esmtp (Exim 4.34) id 1EOJTq-0006HT-Ei for emacs-devel@gnu.org; Sat, 08 Oct 2005 14:31:34 -0400 Original-Received: by zproxy.gmail.com with SMTP id k1so524287nzf for ; Sat, 08 Oct 2005 11:31:33 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=DNFKK+j8ChLWB9fIJW6AX15gJZ4IiuoWTNNLx0rsWojX6RsWAfcwo0pCb2uyHAZiTTcgbQtH/jJF8B20JKQJLQY38JcMHSDLezKcSgVs+sOKFCWdmNzV1ftqUG3MMnZD1s4RSU+9Z0K3eEi4do4iYheNkInoQWs/HuqsoG3nsOQ= Original-Received: by 10.36.50.3 with SMTP id x3mr1112743nzx; Sat, 08 Oct 2005 11:31:33 -0700 (PDT) Original-Received: by 10.36.36.11 with HTTP; Sat, 8 Oct 2005 11:31:33 -0700 (PDT) Original-To: Simon Josefsson , Ken Manheimer , "sascha schwab (symmetric encryption patches)" , "Daiki Ueno (pgg author)" , "Richard M. Stallman" , emacs-devel@gnu.org In-Reply-To: <20051008103627.GA1218@kenny.sha-bang.local> Content-Disposition: inline X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:43697 Archived-At: On 10/8/05, Sascha Wilde wrote: > On Sat, Oct 08, 2005 at 10:48:27AM +0200, Simon Josefsson wrote: > > It seems you are making some progress here. For simplicity, could you > > post the complete patch (preferably in unified diff format) against > > Emacs CVS you want to have installed? Unless somebody else has > > already taken care of this... > > I attached the complete patch against the latest cvs checkout. i've got another take on the cumulative patch, with the addition of some refinements i would like to add. the patch is against the gnu.org repository, and incorporates recent checkins there as of a few minutes ago. here are the details of my further refinements, which are included in this patch. their purpose is to enable external management of the passphrases, including prompting and caching, while still using the pgg encryption and cache mechanisms. the changes have two thrusts: - extend the (generic pgg and gpg scheme) encryption and decryption routines to take an optional passphrase argument, and when provided, use its value instead of prompting for the passphrase - extend the passphrase caching and prompting routines to take an optiona= l 'notruncate' argument, to enable caching of passphrases for keys beside= s those that have the format of the short pgp packet key id. i think that these, together, will enable me to do the passphrase handling and extend it to symmetric keys, while still leveraging the features of the pgg mechanism (in particular, passphrase expiration).=20 i am pretty sure it's all backwards compatible - all the additional functionality hinges on using the new optional arguments, there should be no operational changes if you don't use them. (i am very puzzled about why the passphrase cache was restricted to the length of the short pgp packet key ids. seems like you want to couple the passphrases with the user identity for which the message is being encoded, in the case of key-pair ciphers, or some arbitrary string for symmetric ciphers - eg, file name is what i want to use for symmetric keys in allout, since the symmetric keys are associated with the files. but once again i don't know the pgp territory well enough to wade in, and want to minimize the chance of inadvertantly breaking anything. if this approach is deemed to be fine, i can easily provide an additional patch to adjust the pgg-pgp and pgg-pgp5 modules similarly. ken ken.manheimer@gmail.com