From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ken Manheimer Newsgroups: gmane.emacs.devel Subject: Re: pgg symmetric encryption patch Date: Mon, 10 Oct 2005 17:15:18 -0400 Message-ID: <2cd46e7f0510101415t76825ea7u9749fe23da54ce@mail.gmail.com> References: <2cd46e7f0510031250u66ea1349yb437d539ce4027ef@mail.gmail.com> <20051006090152.GB4494@kenny.sha-bang.local> <2cd46e7f0510061541w73bb6a92wb6d22829b6e804ae@mail.gmail.com> <20051007100014.GB4850@kenny.sha-bang.local> <2cd46e7f0510071106k3d4d3e6agc36f16a37d8b6bc6@mail.gmail.com> <20051007214952.GA30235@kenny.sha-bang.local> <20051008103627.GA1218@kenny.sha-bang.local> <2cd46e7f0510081131h14e2bbeaga7f1a33ebd6347c8@mail.gmail.com> Reply-To: Ken Manheimer NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Trace: sea.gmane.org 1128979030 21318 80.91.229.2 (10 Oct 2005 21:17:10 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Mon, 10 Oct 2005 21:17:10 +0000 (UTC) Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Oct 10 23:17:07 2005 Return-path: Original-Received: from lists.gnu.org ([199.232.76.165]) by ciao.gmane.org with esmtp (Exim 4.43) id 1EP4zh-0004NH-Jr for ged-emacs-devel@m.gmane.org; Mon, 10 Oct 2005 23:15:37 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1EP4zg-0007kI-DP for ged-emacs-devel@m.gmane.org; Mon, 10 Oct 2005 17:15:36 -0400 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1EP4zV-0007jv-Ph for emacs-devel@gnu.org; Mon, 10 Oct 2005 17:15:25 -0400 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1EP4zU-0007jD-Uj for emacs-devel@gnu.org; Mon, 10 Oct 2005 17:15:25 -0400 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1EP4zU-0007j3-3B for emacs-devel@gnu.org; Mon, 10 Oct 2005 17:15:24 -0400 Original-Received: from [64.233.162.205] (helo=zproxy.gmail.com) by monty-python.gnu.org with esmtp (Exim 4.34) id 1EP4zT-0001Fb-Vf for emacs-devel@gnu.org; Mon, 10 Oct 2005 17:15:24 -0400 Original-Received: by zproxy.gmail.com with SMTP id k1so786188nzf for ; Mon, 10 Oct 2005 14:15:23 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=NTcXVQDBsAq5Vv6BuopTaLnddTXnpHUc+rXhrFGtbB79/DEBZAXIAsZIjSS+5BKyGKPvofF9j56ELjgNjcbKjP8gmb3GynsFtY2UE/uByPhkpoNzY8JgqtDh92KMeJDmY92twqci2E3eq3RH17EJFDxyN05blaOiEHBTHWR6ggw= Original-Received: by 10.36.37.7 with SMTP id k7mr1107688nzk; Mon, 10 Oct 2005 14:15:19 -0700 (PDT) Original-Received: by 10.36.36.11 with HTTP; Mon, 10 Oct 2005 14:15:18 -0700 (PDT) Original-To: Simon Josefsson , Ken Manheimer , "sascha schwab (symmetric encryption patches)" , "Daiki Ueno (pgg author)" , "Richard M. Stallman" , emacs-devel@gnu.org In-Reply-To: <2cd46e7f0510081131h14e2bbeaga7f1a33ebd6347c8@mail.gmail.com> Content-Disposition: inline X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:43825 Archived-At: for those of you following the developments at home (:-), here's an incremental patch on top of what i sent out a few days ago. i fixed a small stack of bugs in pgg-gpg.el that settles my complaint about prompting with the secret key identity, and also filled in a small oversight in the changes i sent out a few days ago. while this could be the last pgg patch, i'm still developing, hence the incremental. i plan to send out a full patch when i've finished transitioning allout to pgg, at which point i expect my mucking with pgg to be settled. so, repository maintainers may want to wait for that, while i'm hoping those actively involved (eg, sascha) will scrutinize and, ideally, exercise these patches. we'll see if the attached patch makes it through this time. (i haven't re-attached it, which i think was the problem last time.) if not, look forward to a followup... thanks. ken ken.manheimer@gmail.com On 10/8/05, Ken Manheimer wrote: > On 10/8/05, Sascha Wilde wrote: > > On Sat, Oct 08, 2005 at 10:48:27AM +0200, Simon Josefsson wrote: > > > It seems you are making some progress here. For simplicity, could yo= u > > > post the complete patch (preferably in unified diff format) against > > > Emacs CVS you want to have installed? Unless somebody else has > > > already taken care of this... > > > > I attached the complete patch against the latest cvs checkout. > > i've got another take on the cumulative patch, with the addition of > some refinements i would like to add. > > the patch is against the gnu.org repository, and incorporates recent > checkins there as of a few minutes ago. > > here are the details of my further refinements, which are included in > this patch. their purpose is to enable external management of the > passphrases, including prompting and caching, while still using the > pgg encryption and cache mechanisms. the changes have two thrusts: > > - extend the (generic pgg and gpg scheme) encryption and decryption > routines to take an optional passphrase argument, and when provided, > use its value instead of prompting for the passphrase > > - extend the passphrase caching and prompting routines to take an optio= nal > 'notruncate' argument, to enable caching of passphrases for keys besi= des > those that have the format of the short pgp packet key id. > > i think that these, together, will enable me to do the passphrase > handling and extend it to symmetric keys, while still leveraging the > features of the pgg mechanism (in particular, passphrase expiration). > i am pretty sure it's all backwards compatible - all the additional > functionality hinges on using the new optional arguments, there should > be no operational changes if you don't use them. > > (i am very puzzled about why the passphrase cache was restricted to > the length of the short pgp packet key ids. seems like you want to > couple the passphrases with the user identity for which the message is > being encoded, in the case of key-pair ciphers, or some arbitrary > string for symmetric ciphers - eg, file name is what i want to use for > symmetric keys in allout, since the symmetric keys are associated with > the files. but once again i don't know the pgp territory well enough > to wade in, and want to minimize the chance of inadvertantly breaking > anything. > > if this approach is deemed to be fine, i can easily provide an > additional patch to adjust the pgg-pgp and pgg-pgp5 modules similarly.