Re: Gnus 5.10.6 problems with PGP/MIME (test cases)

["Mark D. Baushke" <mdb@gnu.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Daiki,

Daiki Ueno <ueno@unixuser.org> writes:

> >>>>> In <b4mpsmp3e11.fsf@jpl.org> 
> >>>>>	Katsumi Yamaoka <yamaoka@jpl.org> wrote:
> > Thank you for the information.  I roughly understood that
> > `gpg --textmode' generates a *text* packet and recipients should
> > treat it as text because it is *text*.
> 
> Though I have not yet read entire discussion, you are talking about
> non-MIME encryption?

Well, the majority of the thread was dealing with various MIME markers
and recognition of PGP encrypted or signed messages. These problems have
involved fixes to the files: gnus-art.el, mm-uu.el, mm-decode.el,
mm-bodies.el:

		------- start ChangeLog entries -------
2006-01-19  Katsumi Yamaoka  <yamaoka@jpl.org>

	* mm-bodies.el (mm-decode-body): Don't decode decoded body.

	* mm-uu.el (mm-uu-dissect-text-parts): Dissect dissected parts.

2006-01-17  Katsumi Yamaoka  <yamaoka@jpl.org>

	* mm-decode.el (mm-inlined-types): Add application/pgp.
	(mm-automatic-display): Ditto.

	* mm-uu.el (mm-uu-dissect-text-parts): Recognize application/pgp
	part as text.

2004-10-06  Katsumi Yamaoka  <yamaoka@jpl.org>

	* mm-uu.el (mm-uu-dissect): Allow optional arg.
	(mm-uu-dissect-text-parts): New function.

	* gnus-art.el (gnus-display-mime): Use mm-uu-dissect-text-parts to
	dissect text parts.

		 ------- end ChangeLog entries -------

Starting with Message-ID: <85906.1137521874@juniper.net> on 2006-01-17,
I brought up a problem I had obseved with both non-MIME PGP (method=pgp)
as well as PGP/MIME (method=pgpmime) which BOTH go through the
pgg-gpg-encrypt-region function. At the end of this process, messages
that being decrypted by non-GNUS mail user agents were seeing CRLF in
the decrypted message files where they expected to see local line ending
conventions being used.

> If so, it might be preferable that --textmode is specified only in
> that case.

Well, I do not understand the pgg-gpg-encrypt-region code well enough to
suggest how one could add such a customization at present.

> If --textmode is specified, gpg _itself_ converts line ending.

Yes, this matches my understanding. The input is considered to be
text and on a GNU/Linux system, this means that CR characters will
be purged and LF will be converted to CRLF. At the remote end, the
CRLF will be converted into the local line ending style which may
or may not be CRLF. If the system is another GNU/Linux system, you
will have lost any CR characters from the file.

> On the GNU/Linux system:
> 
> $ ruby -e 'puts("abc\r\ndef\r\nghi\r\n")' > test.txt
> $ gpg -q --encrypt --textmode -r ueno@unixuser.org test.txt
> $ gpg -q --decrypt test.txt.gpg > test.txt
> You need a passphrase to unlock the secret key for
> user: "Daiki Ueno <ueno@unixuser.org>"
> ...
> $ hd test.txt
> 00000000  61 62 63 0a 64 65 66 0a  67 68 69 0a              |abc.def.ghi.|
> 0000000c

Yes, this appears to be correct. It is also correct that if you had a
MacOS 9 text file 

$ ruby -e 'puts("abc\rdef\rghi\r")' > test2.txt
$ gpg -q --encrypt --textmode -r ueno@unixuser.org test.txt
$ mv test2.txt  test2.txt.orig

$ gpg -q --decrypt test.txt.gpg > test.txt
You need a passphrase to unlock the secret key for
user: "Daiki Ueno <ueno@unixuser.org>"
...
$ od -x test2.txt.orig; od -x test2.txt
0000000 6261 0d63 6564 0d66 6867 0d69
0000014
0000000 6261 6463 6665 6867 0069
0000011
$ 

As you can see, the CR is removed. As there was no LF in this test case,
the file does not have a trailing LF added to the file.

> All CRLF are converted to LF.  This might cause a problem if you send an
> encrypted and signed data in RFC1847 encapsulation (RFC3156, section
> 6.1).  After decryption, it does no longer contain the signed material
> identical as before encryption.

You are correct.

I did raise this as a potential problem in Message-ID:
<53032.1137578648@juniper.net> on 2006-01-18:

I wrote:

| That said, if I were using method=pgpmime and I
| had an attachment that was a binary file, the
| patch I provided would be a problem. There is no
| way to tell PGP that the contents of one
| content-type should be --textmode (the body of the
| message) while the contents of the attachment
| should be in --no-textmode (or defaulted to binary
| mode). In binary mode, text lines are to be
| canonicalized to use CRLF for purposes of
| generating signatures.
| 
| The big problem here, is if I have multiple
| attachments that also need to be encrypted and
| some of those attachments are binary and some are
| text. There is no easy way to express to MH-E or
| Gnus that --textmode should only be used for
| the lines in the text part of the message and
| that the attachment must be treated as binary.
| 
| What I end up using is either separate PGP
| encrypted components, or I do a base64 or uuencode
| of my binary attachment prior to adding it
| to my message to be sent.
| 
| So, it is clear that my patch is not good in the
| general case, however, it is probably desirable to
| have some way for MH-E to indicate that the
| --textmode should be used for the body of the
| message and not used for an attachment.
| 
| I would be more than willing to help you test
| any changes you might want to add to help make
| this more configurable to Gnus.

> > I will install your patch if no one comments.
> 
> Please add *me* to the Cc: list if you mention changes obviously
> conflicting with my intension such as below.  Otherwise, I will not be
> aware of them.

FYI. I believe that Katsumi has already modified CVS GNUS with my patch:

		 ------- start ChangeLog entry -------
|2006-01-19  Mark D. Baushke  <mdb@gnu.org>
|
|	* pgg-gpg.el (pgg-gpg-encrypt-region): Add --textmode to gpg args.
		  ------- end ChangeLog entry -------

However, as I have said previously, I would be very willing to use some
other method if there were a more flexible way in the system to
optionally have the --textmode switch added or not as appropriate to the
MIME type.

> > By the way, I found out the original author changed it not to
> > use --textmode over six years ago.
> 
> > 1999-11-05   Daiki Ueno  <>
> > [...]
> > 	* pgg-gpg.el (encrypt-region): Don't use "--textmode" in GPG
> > 	arguments, replace line break code with CRLF while signing
> > 	instead.
> 
> Regards,
> -- 
> Daiki Ueno

	Thanks,
	-- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQFD6EhWCg7APGsDnFERArKeAJ9KUIzUsUlI5oDFOxNBoFT9m43F/gCg9hzV
fh/Kdbxj83I7I1tPKmcgL60=
=CSlG
-----END PGP SIGNATURE-----


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642