From: Teemu Likonen <tlikonen@iki.fi>
To: Lars Ingebrigtsen <larsi@gnus.org>
Cc: simon@josefsson.org, ueno@unixuser.org, emacs-devel@gnu.org
Subject: Re: [PATCH] MML/EPG: Add support for GnuPG's --sender option
Date: Fri, 12 Jul 2019 20:53:13 +0300 [thread overview]
Message-ID: <87y313jg1i.fsf@iki.fi> (raw)
In-Reply-To: <8736jbkxvk.fsf@iki.fi> (Teemu Likonen's message of "Fri, 12 Jul 2019 19:42:39 +0300")
[-- Attachment #1: Type: text/plain, Size: 6752 bytes --]
Teemu Likonen [2019-07-12T19:42:39+03] wrote:
> Below is a new version with NEWS entries. One entry is under Message and
> the other under EasyPG because this touches both.
One NEWS item was badly formatted. I'll try again...
-- >8 --
Subject: [PATCH v3] MML/EPG: Add support for GnuPG's --sender option
An already existing variable mml-secure-openpgp-sign-with-sender (if
non-nil) makes MML security to use message sender's email address to
find signer's key from GnuPG keyring.
This commit enhances the feature to also use sender's email address
with GnuPG's --sender option to clarify which user id made the
signature. The option is useful for two reasons when verifying the
signature:
- GnuPG's TOFU statistics are updated for the specific user
id (email) only
- GnuPG's --auto-key-retrieve functionality can use WKD (web key
directory) method for finding the signer's key.
Quotes from gpg(1) manual page (version 2.2.17):
--auto-key-retrieve
--no-auto-key-retrieve
These options enable or disable the automatic retrieving of
keys from a keyserver when verifying signatures made by
keys that are not on the local keyring. The default is
--no-auto-key-retrieve.
The order of methods tried to lookup the key is:
[...]
2. If the signature has the Signer's UID set (e.g. using
--sender while creating the signature) a Web Key
Directory (WKD) lookup is done. This is the default
configuration but can be disabled by removing WKD from the
auto-key-locate list or by using the option
--disable-signer-uid.
[...]
--sender mbox
This option has two purposes. mbox must either be a
complete user id with a proper mail address or just a mail
address. When creating a signature this option tells gpg
the user id of a key used to make a signature if the key
was not directly specified by a user id. When verifying a
signature the mbox is used to restrict the information
printed by the TOFU code to matching user ids.
---
etc/NEWS | 23 +++++++++++++++++++++++
lisp/epg.el | 8 ++++++++
lisp/gnus/mml-sec.el | 9 +++++++--
3 files changed, 38 insertions(+), 2 deletions(-)
diff --git a/etc/NEWS b/etc/NEWS
index 966bdda456..1a17e132c7 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -1379,6 +1379,22 @@ are formatted as MIME digests.
*** 'message-forward-included-headers' has changed its default to
exclude most headers when forwarding.
+*** 'mml-secure-openpgp-sign-with-sender' sets also "gpg --sender"
+When 'mml-secure-openpgp-sign-with-sender' is non-nil message sender's
+email address (in addition to its old behaviour) will also be used to
+set gpg's "--sender email@domain" option.
+
+The option is useful for two reasons when verifying the signature:
+
+ 1. GnuPG's TOFU statistics are updated for the specific user id
+ (email) only. See gpg(1) man page about "--sender".
+
+ 2. GnuPG's --auto-key-retrieve functionality can use WKD (web key
+ directory) method for finding the signer's key. You need GnuPG
+ 2.2.17 to fully benefit from this feature. See gpg(1) man page for
+ "--auto-key-retrieve".
+
+---
** EasyPG
---
@@ -1391,6 +1407,13 @@ It now applies to epg functions as well as epa functions.
been removed. Use 'encode-coding-string', 'decode-coding-string', and
'select-safe-coding-system' instead.
+*** 'epg-context' structure supports now 'sender' slot
+The value of the new 'sender' slot (if a string) is used to set gpg's
+--sender option. This feature is used by
+'mml-secure-openpgp-sign-with-sender'. See gpg(1) manual page about
+"--sender" for more information.
+
+---
** Rmail
+++
diff --git a/lisp/epg.el b/lisp/epg.el
index 8029bf5a93..ce58c520f1 100644
--- a/lisp/epg.el
+++ b/lisp/epg.el
@@ -208,6 +208,7 @@ 'epg-error
progress-callback
edit-callback
signers
+ sender
sig-notations
process
output-file
@@ -1616,6 +1617,9 @@ epg-start-sign
(epg-sub-key-id
(car (epg-key-sub-key-list signer)))))
(epg-context-signers context)))
+ (let ((sender (epg-context-sender context)))
+ (when (stringp sender)
+ (list "--sender" sender)))
(epg--args-from-sig-notations
(epg-context-sig-notations context))
(if (epg-data-file plain)
@@ -1711,6 +1715,10 @@ epg-start-encrypt
signer)))))
(epg-context-signers context))))
(if sign
+ (let ((sender (epg-context-sender context)))
+ (when (stringp sender)
+ (list "--sender" sender))))
+ (if sign
(epg--args-from-sig-notations
(epg-context-sig-notations context)))
(apply #'nconc
diff --git a/lisp/gnus/mml-sec.el b/lisp/gnus/mml-sec.el
index 02a27b367c..07d2028534 100644
--- a/lisp/gnus/mml-sec.el
+++ b/lisp/gnus/mml-sec.el
@@ -497,7 +497,8 @@ mml-secure-smime-encrypt-to-self
'mml2015-sign-with-sender 'mml-secure-openpgp-sign-with-sender "25.1")
;mml1991-sign-with-sender did never exist.
(defcustom mml-secure-openpgp-sign-with-sender nil
- "If t, use message sender to find an OpenPGP key to sign with."
+ "If t, use message sender to find an OpenPGP key to sign with.
+Also use message's sender with GnuPG's --sender option."
:group 'mime-security
:type 'boolean)
@@ -913,7 +914,9 @@ mml-secure-epg-encrypt
cipher signers)
(when sign
(setq signers (mml-secure-signers context signer-names))
- (setf (epg-context-signers context) signers))
+ (setf (epg-context-signers context) signers)
+ (when mml-secure-openpgp-sign-with-sender
+ (setf (epg-context-sender context) sender)))
(when (eq 'OpenPGP protocol)
(setf (epg-context-armor context) t)
(setf (epg-context-textmode context) t))
@@ -944,6 +947,8 @@ mml-secure-epg-sign
(setf (epg-context-armor context) t)
(setf (epg-context-textmode context) t))
(setf (epg-context-signers context) signers)
+ (when mml-secure-openpgp-sign-with-sender
+ (setf (epg-context-sender context) sender))
(when (mml-secure-cache-passphrase-p protocol)
(epg-context-set-passphrase-callback
context
--
2.20.1
--
/// OpenPGP key: 4E1055DC84E9DFF613D78557719D69D324539450
// https://keys.openpgp.org/search?q=tlikonen@iki.fi
/ https://keybase.io/tlikonen https://github.com/tlikonen
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 507 bytes --]
next prev parent reply other threads:[~2019-07-12 17:53 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-12 12:21 [PATCH] MML/EPG: Add support for GnuPG's --sender option Teemu Likonen
2019-07-12 14:22 ` Lars Ingebrigtsen
2019-07-12 16:42 ` Teemu Likonen
2019-07-12 17:53 ` Teemu Likonen [this message]
2019-07-13 0:13 ` Lars Ingebrigtsen
2019-07-26 6:41 ` Eli Zaretskii
2019-07-26 6:49 ` Lars Ingebrigtsen
2019-07-26 6:51 ` Teemu Likonen
2019-07-26 6:54 ` Lars Ingebrigtsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y313jg1i.fsf@iki.fi \
--to=tlikonen@iki.fi \
--cc=emacs-devel@gnu.org \
--cc=larsi@gnus.org \
--cc=simon@josefsson.org \
--cc=ueno@unixuser.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.