From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ken Manheimer Newsgroups: gmane.emacs.devel Subject: Re: pgg symmetric encryption patch Date: Mon, 10 Oct 2005 17:16:20 -0400 Message-ID: <2cd46e7f0510101416t20a23489i684d2b912e645169@mail.gmail.com> References: <2cd46e7f0510031250u66ea1349yb437d539ce4027ef@mail.gmail.com> <20051006090152.GB4494@kenny.sha-bang.local> <2cd46e7f0510061541w73bb6a92wb6d22829b6e804ae@mail.gmail.com> <20051007100014.GB4850@kenny.sha-bang.local> <2cd46e7f0510071106k3d4d3e6agc36f16a37d8b6bc6@mail.gmail.com> <20051007214952.GA30235@kenny.sha-bang.local> <20051008103627.GA1218@kenny.sha-bang.local> <2cd46e7f0510081131h14e2bbeaga7f1a33ebd6347c8@mail.gmail.com> <2cd46e7f0510101415t76825ea7u9749fe23da54ce@mail.gmail.com> Reply-To: Ken Manheimer NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_Part_33837_29026745.1128978980290" X-Trace: sea.gmane.org 1128979152 21707 80.91.229.2 (10 Oct 2005 21:19:12 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Mon, 10 Oct 2005 21:19:12 +0000 (UTC) Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Oct 10 23:19:07 2005 Return-path: Original-Received: from lists.gnu.org ([199.232.76.165]) by ciao.gmane.org with esmtp (Exim 4.43) id 1EP50c-0004eS-CJ for ged-emacs-devel@m.gmane.org; Mon, 10 Oct 2005 23:16:35 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1EP50b-00088F-IN for ged-emacs-devel@m.gmane.org; Mon, 10 Oct 2005 17:16:33 -0400 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1EP50Q-00088A-AH for emacs-devel@gnu.org; Mon, 10 Oct 2005 17:16:22 -0400 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1EP50P-00087x-Qm for emacs-devel@gnu.org; Mon, 10 Oct 2005 17:16:22 -0400 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1EP50P-00087u-MP for emacs-devel@gnu.org; Mon, 10 Oct 2005 17:16:21 -0400 Original-Received: from [64.233.162.201] (helo=zproxy.gmail.com) by monty-python.gnu.org with esmtp (Exim 4.34) id 1EP50P-0001Ln-8a for emacs-devel@gnu.org; Mon, 10 Oct 2005 17:16:21 -0400 Original-Received: by zproxy.gmail.com with SMTP id k1so786295nzf for ; Mon, 10 Oct 2005 14:16:20 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:references; b=gnIgU5zNNjox3U8WrpdWvH1I5wOgQrObOctUvnBhB3dscMphUB9EJmMp35qRuqgnEa5VugXn1ShOYowXIZ7h05YRuYEd9BC+rvYL6H2j5uUNlATcryidGQv5A76vBlRoLE7l9O39QB6CruCPMEmH5pztSBg+8Z+X3hzPb5sEU/A= Original-Received: by 10.36.196.14 with SMTP id t14mr3223202nzf; Mon, 10 Oct 2005 14:16:20 -0700 (PDT) Original-Received: by 10.36.36.11 with HTTP; Mon, 10 Oct 2005 14:16:20 -0700 (PDT) Original-To: Simon Josefsson , Ken Manheimer , "sascha schwab (symmetric encryption patches)" , "Daiki Ueno (pgg author)" , "Richard M. Stallman" , emacs-devel@gnu.org In-Reply-To: <2cd46e7f0510101415t76825ea7u9749fe23da54ce@mail.gmail.com> X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:43826 Archived-At: ------=_Part_33837_29026745.1128978980290 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline shit. the attachment was dropped. shit. trying again. sorry about the clutter. On 10/10/05, Ken Manheimer wrote: > for those of you following the developments at home (:-), here's an > incremental patch on top of what i sent out a few days ago. i fixed a > small stack of bugs in pgg-gpg.el that settles my complaint about > prompting with the secret key identity, and also filled in a small > oversight in the changes i sent out a few days ago. > > while this could be the last pgg patch, i'm still developing, hence > the incremental. i plan to send out a full patch when i've finished > transitioning allout to pgg, at which point i expect my mucking with > pgg to be settled. so, repository maintainers may want to wait for > that, while i'm hoping those actively involved (eg, sascha) will > scrutinize and, ideally, exercise these patches. > > we'll see if the attached patch makes it through this time. (i > haven't re-attached it, which i think was the problem last time.) if > not, look forward to a followup... > > thanks. > ken > ken.manheimer@gmail.com > > On 10/8/05, Ken Manheimer wrote: > > On 10/8/05, Sascha Wilde wrote: > > > On Sat, Oct 08, 2005 at 10:48:27AM +0200, Simon Josefsson wrote: > > > > It seems you are making some progress here. For simplicity, could = you > > > > post the complete patch (preferably in unified diff format) against > > > > Emacs CVS you want to have installed? Unless somebody else has > > > > already taken care of this... > > > > > > I attached the complete patch against the latest cvs checkout. > > > > i've got another take on the cumulative patch, with the addition of > > some refinements i would like to add. > > > > the patch is against the gnu.org repository, and incorporates recent > > checkins there as of a few minutes ago. > > > > here are the details of my further refinements, which are included in > > this patch. their purpose is to enable external management of the > > passphrases, including prompting and caching, while still using the > > pgg encryption and cache mechanisms. the changes have two thrusts: > > > > - extend the (generic pgg and gpg scheme) encryption and decryption > > routines to take an optional passphrase argument, and when provided= , > > use its value instead of prompting for the passphrase > > > > - extend the passphrase caching and prompting routines to take an opt= ional > > 'notruncate' argument, to enable caching of passphrases for keys be= sides > > those that have the format of the short pgp packet key id. > > > > i think that these, together, will enable me to do the passphrase > > handling and extend it to symmetric keys, while still leveraging the > > features of the pgg mechanism (in particular, passphrase expiration). > > i am pretty sure it's all backwards compatible - all the additional > > functionality hinges on using the new optional arguments, there should > > be no operational changes if you don't use them. > > > > (i am very puzzled about why the passphrase cache was restricted to > > the length of the short pgp packet key ids. seems like you want to > > couple the passphrases with the user identity for which the message is > > being encoded, in the case of key-pair ciphers, or some arbitrary > > string for symmetric ciphers - eg, file name is what i want to use for > > symmetric keys in allout, since the symmetric keys are associated with > > the files. but once again i don't know the pgp territory well enough > > to wade in, and want to minimize the chance of inadvertantly breaking > > anything. > > > > if this approach is deemed to be fine, i can easily provide an > > additional patch to adjust the pgg-pgp and pgg-pgp5 modules similarly. > ------=_Part_33837_29026745.1128978980290 Content-Type: application/octet-stream; name="pgg-symmetric_incremental_05_1.patch" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="pgg-symmetric_incremental_05_1.patch" SW5kZXg6IENoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09ClJDUyBmaWxlOiAvaG9tZS9rbG0vLmN2cy9hc2lk ZS9zcmMvZ251cy9DaGFuZ2VMb2csdgpyZXRyaWV2aW5nIHJldmlzaW9uIDEuNQpkaWZmIC11IC1y MS41IENoYW5nZUxvZwotLS0gQ2hhbmdlTG9nCTggT2N0IDIwMDUgMTc6NTg6MjMgLTAwMDAJMS41 CisrKyBDaGFuZ2VMb2cJMTAgT2N0IDIwMDUgMjA6NTY6MDYgLTAwMDAKQEAgLTEsMyArMSwxNyBA QAorMjAwNS0xMC0xNSAgS2VuIE1hbmhlaW1lciAgPGtlbi5tYW5oZWltZXJAZ21haWwuY29tPgor CisJKiBwZ2ctZ3BlLmVsCisJKHBnZy1ncGctc2VsZWN0LW1hdGNoaW5nLWtleSk6IGZpeGVkOiBs b29rIGF0IHRoZSByaWdodCBwYXJ0IG9mIHRoZQorCWRlY29kZWQgYXJtb3IgdG8gZmluZCB0aGUg a2V5LWlkZW50aWZpZXIKKwkocGdnLWdwZy1sb29rdXAta2V5LW93bmVyKTogbmV3IGZ1bmN0aW9u IHRvIHJldHVybiB0aGUKKwlodW1hbi1yZWFkYWJsZSBpZGVudGlmaWVyIG9mIGEga2V5IG93bmVy LgorCShwZ2ctZ3BnLWRlY3J5cHQtcmVnaW9uKTogcHJvbXB0IHdpdGggdGhlIGtleSBvd25lciAo cmF0aGVyCisJdGhhbiB0aGUga2V5IHZhbHVlKSBpZiB3ZSBoYXZlIGEga2V5IGFuZCBjYW4gbWF0 Y2ggaXQgYWdhaW5zdCBhCisJc2VjcmV0IGtleS4gIGFsc28sIGFkZGVkIGFuIFhYWCBub3RlIHBv aW50aW5nIG91dCBmYWN0IHRoYXQgdGhlCisJcHJvbXB0IG9ubHkgaW5kaWNhdGVzIHRoZSBmaXJz dCBtYXRjaGluZyBrZXkuCisKKwkqIHBnZy5lbCAocGdnLWRlY3J5cHQpOiBwYXNzaW5nIGFsb25n ICdwYXNzcGhyYXNlJyBpbiBjYWxsIHRvCisJcGdnLWRlY3J5cHQtcmVnaW9uOyBpIG92ZXJsb29r ZWQgdGhpcyBvbmUgaW4gbXkgcHJldmlvdXMgcGF0Y2guCiAKIDIwMDUtMTAtMDggIEtlbiBNYW5o ZWltZXIgPGtlbi5tYW5oZWltZXIrZW1hY3NAZ21haWwuY29tPgogCkluZGV4OiBwZ2ctZ3BnLmVs Cj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT0KUkNTIGZpbGU6IC9ob21lL2tsbS8uY3ZzL2FzaWRlL3NyYy9nbnVzL3BnZy1n cGcuZWwsdgpyZXRyaWV2aW5nIHJldmlzaW9uIDEuNgpkaWZmIC11IC1yMS42IHBnZy1ncGcuZWwK LS0tIHBnZy1ncGcuZWwJOCBPY3QgMjAwNSAxNzozNjo0MSAtMDAwMAkxLjYKKysrIHBnZy1ncGcu ZWwJMTAgT2N0IDIwMDUgMjA6NTY6MDYgLTAwMDAKQEAgLTE0MSw2ICsxNDEsMjQgQEAKIAkJCSAg ICAgbmlsIHQpCiAJICAoc3Vic3RyaW5nIChtYXRjaC1zdHJpbmcgMikgOCkpKSkpCiAKKyhkZWZ1 biBwZ2ctZ3BnLWxvb2t1cC1rZXktb3duZXIgKHN0cmluZyAmb3B0aW9uYWwgYWxsKQorICAiU2Vh cmNoIGtleXMgYXNzb2NpYXRlZCB3aXRoIFNUUklORyBhbmQgcmV0dXJuIG93bmVyIG9mIGlkZW50 aWZpZWQga2V5LgorCitPcHRpb25hbCBBTEwgbm9uLW5pbCBtZWFucyBzZWFyY2ggYWxsIGtleXMs IGluY2x1ZGluZyBzZWNyZXQga2V5cy4iCisgIChsZXQgKChhcmdzIChsaXN0ICItLXdpdGgtY29s b25zIiAiLS1uby1ncmVldGluZyIgIi0tYmF0Y2giCisJCSAgICAoaWYgYWxsICItLWxpc3Qtc2Vj cmV0LWtleXMiICItLWxpc3Qta2V5cyIpCisJCSAgICBzdHJpbmcpKQorICAgICAgICAoa2V5LXJl Z2V4cCAoY29uY2F0ICJeXFwoc2VjXFx8cHViXFwpIgorICAgICAgICAgICAgICAgICAgICAgICAg ICAgICI6W146XSo6W146XSo6W146XSo6XFwoW146XSpcXCk6W146XSoiCisgICAgICAgICAgICAg ICAgICAgICAgICAgICAgIjpbXjpdKjpbXjpdKjpbXjpdKjpcXChbXjpdKlxcKToiKSkKKyAgICAg ICAgKQorICAgICh3aXRoLXRlbXAtYnVmZmVyCisgICAgICAoYXBwbHkgIydjYWxsLXByb2Nlc3Mg cGdnLWdwZy1wcm9ncmFtIG5pbCB0IG5pbCBhcmdzKQorICAgICAgKGdvdG8tY2hhciAocG9pbnQt bWluKSkKKyAgICAgIChpZiAocmUtc2VhcmNoLWZvcndhcmQga2V5LXJlZ2V4cAorCQkJICAgICBu aWwgdCkKKyAgICAgICAgICAobWF0Y2gtc3RyaW5nIDMpKSkpKQorCiAoZGVmdW4gcGdnLWdwZy1l bmNyeXB0LXJlZ2lvbiAoc3RhcnQgZW5kIHJlY2lwaWVudHMgJm9wdGlvbmFsIHNpZ24gcGFzc3Bo cmFzZSkKICAgIkVuY3J5cHQgdGhlIGN1cnJlbnQgcmVnaW9uIGJldHdlZW4gU1RBUlQgYW5kIEVO RC4KIApAQCAtMjAwLDggKzIxOCwxNCBAQAogCQkJIChpbnNlcnQtYnVmZmVyLXN1YnN0cmluZyBj dXJyZW50LWJ1ZmZlcikKIAkJCSAocGdnLWRlY29kZS1hcm1vci1yZWdpb24gKHBvaW50LW1pbikg KHBvaW50LW1heCkpKSkKIAkgKHNlY3JldC1rZXlzIChwZ2ctZ3BnLWxvb2t1cC1hbGwtc2VjcmV0 LWtleXMpKQorICAgICAgICAgOzsgWFhYIHRoZSB1c2VyIGlzIHN0dWNrIGlmIHRoZXkgaGF2ZSB0 aGUgcGFzc3BocmFzZSBmb3IgdGhlCisgICAgICAgICA7OyAgICAgc2Vjb25kIG9yIGxhdGVyIHNl Y3JldCBrZXkgZm9yIHdoaWNoIHRoZSBtZXNzYWdlIGlzCisgICAgICAgICA7OyAgICAgZW5jcnlw dGVkLiAgaWRlYWxseSwgd2Ugd291bGQgaW5jcmVtZW50YWxseSBnaXZlIHRoZW0gYQorICAgICAg ICAgOzsgICAgIGNoYW5jZSB3aXRoIHN1YnNlcXVlbnQga2V5cyBlYWNoIHRpbWUgdGhleSBmYWls IHdpdGggb25lLgogCSAoa2V5IChwZ2ctZ3BnLXNlbGVjdC1tYXRjaGluZy1rZXkgbWVzc2FnZS1r ZXlzIHNlY3JldC1rZXlzKSkKLQkgKHBnZy1ncGctdXNlci1pZCAob3Iga2V5IHBnZy1ncGctdXNl ci1pZCBwZ2ctZGVmYXVsdC11c2VyLWlkKSkKKwkgKGtleS1vd25lciAoYW5kIGtleSAocGdnLWdw Zy1sb29rdXAta2V5LW93bmVyIGtleSB0KSkpCisJIChwZ2ctZ3BnLXVzZXItaWQgKG9yIGtleS1v d25lciBrZXkKKwkgICAgICAgICAgICAgICAgICAgICAgcGdnLWdwZy11c2VyLWlkIHBnZy1kZWZh dWx0LXVzZXItaWQpKQogCSAocGFzc3BocmFzZSAob3IgcGFzc3BocmFzZQogICAgICAgICAgICAg ICAgICAgICAgICAgIChwZ2ctcmVhZC1wYXNzcGhyYXNlCiAgICAgICAgICAgICAgICAgICAgICAg ICAgIChmb3JtYXQgKGlmIChwZ2ctZ3BnLXN5bW1ldHJpYy1rZXktcCBtZXNzYWdlLWtleXMpCkBA IC0yMTcsNyArMjQxLDcgQEAKICAgICAgIChyZS1zZWFyY2gtZm9yd2FyZCAiXlxcW0dOVVBHOl0g REVDUllQVElPTl9PS0FZXFw+IiBuaWwgdCkpKSkKIAogKGRlZnVuIHBnZy1ncGctc3ltbWV0cmlj LWtleS1wIChtZXNzYWdlLWtleXMpCi0gICJDaGVjayBpZiBNRVNTQUdFLUtFWVMgY29udGFpbnMg YSBzeW1tZXRyaWMgZW5jcnlwdGlvbiBpbmRpY2F0b3IuIgorICAiVHJ1ZSBpZiBkZWNvZGVkIGFy bW9yIE1FU1NBR0UtS0VZUyBoYXMgc3ltbWV0cmljIGVuY3J5cHRpb24gaW5kaWNhdG9yLiIKICAg KGxldCAocmVzdWx0KQogICAgIChkb2xpc3QgKGtleSBtZXNzYWdlLWtleXMgcmVzdWx0KQogICAg ICAgKHdoZW4gKGFuZCAoZXEgKGNhciBrZXkpIDMpCkBAIC0yMjgsNyArMjUyLDggQEAKICAgIkNo b29zZSBhIGtleSBmcm9tIE1FU1NBR0UtS0VZUyB0aGF0IG1hdGNoZXMgb25lIG9mIHRoZSBrZXlz IGluIFNFQ1JFVC1LRVlTLiIKICAgKGxvb3AgZm9yIG1lc3NhZ2Uta2V5IGluIG1lc3NhZ2Uta2V5 cwogCWZvciBtZXNzYWdlLWtleS1pZCA9IChhbmQgKGVxdWFsIChjYXIgbWVzc2FnZS1rZXkpIDEp Ci0JCQkJICAoY2RyIChhc3NxICdrZXktaWRlbnRpZmllciBtZXNzYWdlLWtleSkpKQorCQkJCSAg KGNkciAoYXNzcSAna2V5LWlkZW50aWZpZXIKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgIChjZHIgbWVzc2FnZS1rZXkpKSkpCiAJZm9yIGtleSA9IChhbmQgbWVz c2FnZS1rZXktaWQgKHBnZy1sb29rdXAta2V5IG1lc3NhZ2Uta2V5LWlkICdlbmNyeXB0KSkKIAl3 aGVuIChhbmQga2V5IChtZW1iZXIga2V5IHNlY3JldC1rZXlzKSkgcmV0dXJuIGtleSkpCiAK ------=_Part_33837_29026745.1128978980290 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ------=_Part_33837_29026745.1128978980290--