From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 56CFF6DE1367 for ; Tue, 22 Nov 2016 15:20:57 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.137 X-Spam-Level: X-Spam-Status: No, score=-0.137 tagged_above=-999 required=5 tests=[AWL=0.683, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M3pphevlTSld for ; Tue, 22 Nov 2016 15:20:56 -0800 (PST) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) by arlo.cworth.org (Postfix) with ESMTPS id 9A9DF6DE1360 for ; Tue, 22 Nov 2016 15:20:55 -0800 (PST) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 0B85A208A7; Tue, 22 Nov 2016 18:20:55 -0500 (EST) Received: from frontend1 ([10.202.2.160]) by compute5.internal (MEProxy); Tue, 22 Nov 2016 18:20:55 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=fastmail.com; h= content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc :x-sasl-enc; s=mesmtp; bh=6s/gZVKkD3cVlQ5Ct731JF1bLWo=; b=Bymq+B JsfDYhOG7xyO/4wkr73OX4TKsRFQexBsRewDwOkg6bAttaGYcL25+86IFba2WCAJ GHp9kPYN2I2PgLXsM6gW/BSyRQ15wVuzIzvdzvkIE2HDsR5NMewK0K/ekbWq9CYL oSH7osjLAWPHdjFMGL1g7dfTlOHJP41KI/Ghk= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc:x-sasl-enc; s=smtpout; bh=6s/gZVKkD3cVlQ 5Ct731JF1bLWo=; b=dT8iuACbnw0lYu4IFBNh5OUMGrxqAywjWrPY12qf0wqXSz oI4iAH4U/wXf/jsz59ViqEzfnjXyZ6owtUZ8WkTJisDzX1lKjgpSmJNOpMkBa7J0 J6HB/Rr3mRnt2zCvCoKGXwq/JDpCOWr/LKmC9CllQ+ohc5u6P5TCGVEDnZRsc= X-ME-Sender: X-Sasl-enc: yZyr+5DgUZvU7j7COLWNvEVT4XU9R+b3vjxUzEe8AnPG 1479856854 Received: from localhost (128.92-221-147.customer.lyse.net [92.221.147.128]) by mail.messagingengine.com (Postfix) with ESMTPA id 8BD2B7E2E0; Tue, 22 Nov 2016 18:20:54 -0500 (EST) From: Marius Bakke To: Daniel Kahn Gillmor , notmuch@notmuchmail.org Subject: Re: T350 test failures with gnupg-2.1.16 In-Reply-To: <87eg23i052.fsf@alice.fifthhorseman.net> References: <87shqj5nha.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> <87h96zi6ji.fsf@alice.fifthhorseman.net> <87eg23i052.fsf@alice.fifthhorseman.net> User-Agent: Notmuch/0.23.2 (https://notmuchmail.org) Emacs/25.1.1 (x86_64-unknown-linux-gnu) Date: Wed, 23 Nov 2016 00:20:53 +0100 Message-ID: <87mvgrnlt6.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Nov 2016 23:20:57 -0000 --=-=-= Content-Type: text/plain Daniel Kahn Gillmor writes: > On Tue 2016-11-22 15:49:37 -0500, Daniel Kahn Gillmor wrote: >> On Tue 2016-11-22 14:22:09 -0500, Marius Bakke wrote: >>> T350-crypto: Testing PGP/MIME signature verification and decryption >>> PASS emacs delivery of signed message >>> FAIL signature verification >>> --- T350-crypto.2.expected 2016-11-22 18:59:48.341851653 +0000 >>> +++ T350-crypto.2.output 2016-11-22 18:59:48.341851653 +0000 >>> @@ -11,7 +11,7 @@ >>> "id": 2 >>> }, >>> { >>> - "content-length": 280, >>> + "content-length": 312, >>> "content-type": "application/pgp-signature", >>> "id": 3 >>> } >> >> If you could get me a copy of the actual application/pgp-signature part, >> i'd be interested in looking at it. Unlike bremner, i'm actually able >> to duplicate this problem on debian sid, so i'll see what i can figure >> out. > > OK, the difference here is that 2.1.16 is automatically including the > full OpenPGP v4 fingerprint in the message signature. This is part of > the ongoing discussion around revisions to the OpenPGP standard, and it > makes it easier for a mail user agent to tell whether it's missing the > key for verification or whether the signature is just bad. > > so the length of the signature is extended by about 23 octets (1 octet > of subpacket length; 1 octet of subpacket type, 1 octet of fpr versio > number, and 20-octets of fingerprint), which becomes about 32 octets > after base64 encoding, hence the increase in content-length from 280 to > 312 octets. > > As for how to fix it -- i guess the right thing would be to make that > number variable -- as long as the signature is non-zero and it > validates, i think it'd be fine. Wow, good catch. I was about to bisect gnupg to figure out what changed this behaviour.. I'm not familiar enough with the notmuch test framework to suggest a fix, but glad to know this is not specific to Guix. Thanks a lot for your help! --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlg00tUACgkQoqBt8qM6 VPqsCgf9GzNNyFSKV/vKiBWBbwuECec0XsJaALd7tPuy1d9+h5MNQPuUhqN1W6Oo A6gnXHr64kUbBylMAaJkZdsmasTcyktYgJ5QP/emXUuuOAt3GwdTp18of+GhHV/G HGsO2o4GA6mD77fp5wq2GL0ehUs1YpiEwg/Dqvmbl6Wg6B0uCk2lip3QZsx2/KnV SJn5TxB1xhlt8D6GDvxAq8gvaixXJ0sNa7m++Z746L1UC22K9fpI0dunliNZucmI ccYVMzx1weIKdVy6S9N6tx4Djwj/lg5C92jkkfM8mxBohNCh2WUtoKkqSBMuIRcr 7Fh2G6eFPGi+OyzXSTN2DCJFPPWfHA== =u+e6 -----END PGP SIGNATURE----- --=-=-=--