gpgsm: smime, various secret keys, mml2015-sign-with-sender for smime

gpgsm: smime, various secret keys, mml2015-sign-with-sender for smime

[Uwe Brauer]

Hello


I started to use smime, via xemacs, gnus, epg and gpgsm. [1]

I have 3 accounts, one for work two private ones. I obtained free
certificates  from www.comodo.com.

Now gpgsm chooses the secret key for signing,  either as

    -  the first which is listed by gpsm -list-secret-keys

    -  a default one, which can be configured in gpsm.conf 

    -  the one specified by the senders address via the command.

gpgsm -su oub.oub.oub@gmail.com --armor < test > ciphertext4 

However it seems not to be possible to configure gpgsm (via the
gpgsm.con file) such that it chooses the relevant secret keys according
to the email address of the sender.  

 (user-mail-address)





And that is why it should be implemented in lisp. Daiko Ueno, the author
of epg, also referred to the mml2015-sign-with-sender function, but this
function is, as I understand it correctly, only for gpg.

So can such a function be implemented for smime please?[2]

Thanks 

Uwe Brauer 

Footnotes:
[1]  I used gpg, but most of the people I correspondence considered it
     as to user unfriendly.


[2]  like 

(defvar gpgsm-signing-command "/usr/bin/gpgsm -su %s --armor < %s > %s")




   (let ((secret-key-id user-mail-address)
   		  (cleartext some-mail-text)
          (cipertext (make-temp-file (expand-file-name "cipertext" temporary-file-directory) nil ".asc")))
                 	  (shell-command
                      	   (format gpgsm-signing-command
                           		   secret-key-id
                                   cleartext
                                   cipertext)))

Re: gpgsm: smime, various secret keys, mml2015-sign-with-sender for smime

[Daiki Ueno]

Uwe Brauer <oub@mat.ucm.es> writes:

> And that is why it should be implemented in lisp. Daiko Ueno, the author
> of epg, also referred to the mml2015-sign-with-sender function, but this
> function is, as I understand it correctly, only for gpg.

I've added mml-smime-sign-with-sender:
http://bzr.savannah.gnu.org/lh/emacs/trunk/revision/111432?start_revid=111432

Could you test if it works?  I don't have multiple S/MIME keys.

Regards,
-- 
Daiki Ueno

Re: gpgsm: smime, various secret keys, mml2015-sign-with-sender for smime

[Uwe Brauer]

[-- Attachment #1: Type: text/plain, Size: 987 bytes --]

>> "Daiki" == Daiki Ueno <ueno@gnu.org> writes: 
 
   > Uwe Brauer <oub@mat.ucm.es> writes: 
 
   > I've added mml-smime-sign-with-sender: 
   > http://bzr.savannah.gnu.org/lh/emacs/trunk/revision/111432?start_revid=111432 

Thanks very much. 
   > Could you test if it works?  I don't have multiple S/MIME 
   > keys. 


Well I only can find the diff. I tried to apply that to the git 
version 

I recently downloaded but without success. I think the easiest 
solution 

would be direct link to the new mml-smime.el 


I had a simple kludge so far 
(add-hook 'message-setup-hook 'my-simple-smime-select-signers)

(defun my-simple-smime-select-signers ()
  (interactive)
  (setq mml-smime-signers nil)
  (setq mml-smime-signers (list user-mail-address )))

But I prefer a clean solution.

I think I have implemented 

mml-sime-encrypt-to-self, but before sending a patch I would need to
know which is the correct, new mml-smime file

regards

Uwe 

[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 4474 bytes --]

Re: gpgsm: smime, various secret keys, mml2015-sign-with-sender for smime

[Daiki Ueno]

Uwe Brauer <oub@mat.ucm.es> writes:

> I recently downloaded but without success. I think the easiest
> solution would be direct link to the new mml-smime.el

Go to:
http://bzr.savannah.gnu.org/lh/emacs/trunk/annotate/111432/lisp/gnus/mml-smime.el
and click "download file".

> I think I have implemented mml-sime-encrypt-to-self, but before
> sending a patch I would need to know which is the correct, new
> mml-smime file

Cool.

Regards,
-- 
Daiki Ueno

Re: gpgsm: smime, various secret keys, mml2015-sign-with-sender for smime

[Uwe Brauer]

[-- Attachment #1: Type: text/plain, Size: 649 bytes --]

>> "Daiki" == Daiki Ueno <ueno@gnu.org> writes:


   > Go to:
   > http://bzr.savannah.gnu.org/lh/emacs/trunk/annotate/111432/lisp/gnus/mml-smime.el
   > and click "download file".

Ok, it worked, I see you introduced a new function and did not 

Mml-smime-epg-find-usuable-secret-keys and did not use 

Mml-smime-signers as I did.

Anyway it seems to work!
   >> I think I have implemented mml-sime-encrypt-to-self, but before
   >> sending a patch I would need to know which is the correct, new
   >> mml-smime file

   > Cool.

I try to send tomorrow a patch, to the ding list, since I have not much
idea about bzr.

Uwe 

[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 4474 bytes --]