From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/44579
Path: main.gmane.org!not-for-mail
From: Josh Huber <huber@alum.wpi.edu>
Newsgroups: gmane.emacs.gnus.general
Subject: [COMMIT] sign & encrypt changes
Date: Wed, 01 May 2002 18:22:05 -0400
Sender: owner-ding@hpc.uh.edu
Message-ID: <87adrjse42.fsf@alum.wpi.edu>
NNTP-Posting-Host: localhost.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: main.gmane.org 1020291779 16343 127.0.0.1 (1 May 2002 22:22:59 GMT)
X-Complaints-To: usenet@main.gmane.org
NNTP-Posting-Date: Wed, 1 May 2002 22:22:59 +0000 (UTC)
Return-path: <owner-ding@hpc.uh.edu>
Original-Received: from malifon.math.uh.edu ([129.7.128.13])
	by main.gmane.org with esmtp (Exim 3.33 #1 (Debian))
	id 1732V0-0004FU-00
	for <ding-account@gmane.org>; Thu, 02 May 2002 00:22:58 +0200
Original-Received: from sina.hpc.uh.edu ([129.7.128.10] ident=lists)
	by malifon.math.uh.edu with esmtp (Exim 3.20 #1)
	id 1732Td-0004wH-00; Wed, 01 May 2002 17:21:33 -0500
Original-Received: by sina.hpc.uh.edu (TLB v0.09a (1.20 tibbs 1996/10/09 22:03:07)); Wed, 01 May 2002 17:21:45 -0500 (CDT)
Original-Received: from sclp3.sclp.com (qmailr@sclp3.sclp.com [209.196.61.66])
	by sina.hpc.uh.edu (8.9.3/8.9.3) with SMTP id RAA10103
	for <ding@hpc.uh.edu>; Wed, 1 May 2002 17:21:23 -0500 (CDT)
Original-Received: (qmail 20464 invoked by alias); 1 May 2002 22:21:00 -0000
Original-Received: (qmail 20456 invoked from network); 1 May 2002 22:20:59 -0000
Original-Received: from quimby.gnus.org (80.91.224.244)
  by gnus.org with SMTP; 1 May 2002 22:20:59 -0000
Original-Received: from news by quimby.gnus.org with local (Exim 3.12 #1 (Debian))
	id 1732Y3-0007kh-00
	for <ding@gnus.org>; Thu, 02 May 2002 00:26:07 +0200
Original-To: ding@gnus.org
Original-Path: not-for-mail
Original-Newsgroups: gnus.ding
Original-Lines: 383
Original-NNTP-Posting-Host: lowell.missioncriticallinux.com
Original-X-Trace: quimby.gnus.org 1020291967 29800 64.244.21.16 (1 May 2002 22:26:07 GMT)
Original-X-Complaints-To: usenet@quimby.gnus.org
Original-NNTP-Posting-Date: 1 May 2002 22:26:07 GMT
X-PGP-KeyID: 6B21489A
X-Face: C%mBb*K1^od)w'=CH$WEZu/M^aR<,.n|1uAe,;MyNLKoel>F;-j[`L!>m:Y%/R}m&4&xuIM
 R%7Ez?vbd*Ns>VE;{\(yl|mGByV{D:Dm>'52].@P&t_s^,.d<zXm<Os=44DXqAQMZU_;n4rokIt:5Z
Mail-Copies-To: nobody
User-Agent: Gnus/5.090006 (Oort Gnus v0.06) XEmacs/21.5 (bok choi,
 powerpc-unknown-linux)
Cancel-Lock: sha1:i7IOJg0pIEri88//JEyDaWb6mEY=
Precedence: list
X-Majordomo: 1.94.jlt7
Xref: main.gmane.org gmane.emacs.gnus.general:44579
X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:44579

NOTE: This patch has been committed.

Please take a look at this, and test it out.

As I've mentioned before, there are two ways to sign & encrypt a
message:

1. perform the two operations separately: sign, then encrypt.
2. perform the two operations as one: sign & encrypt at the same time.

#2 is generally desireable.  I've made the changes for pgpmime to
support this style of signencrypt.  Whether or not Gnus tries to do
this is controlled by the mml-signencrypt-style alist -- as you can
see the only method using it is pgpmime.

For other methods, signencrypt == style #1 still.  I haven't changed
the code for pgp or smime yet, as I don't use those methods and I'd
like to make sure things are still sane at this point.

I've also fixed some documentation, and changed the default for
gnus-message-replysignencrypted. (t just makes more sense).

So, now when you C-c C-m c p, you'll get a secure tag which has
signencrypt as the mode, and you should get a single encrypted (and
also signed) part instead of an encrypted part which contains a signed
part.  Less overhead is good.

I'd also like to know if smime can perform this operation -- I seem to
remember someone mentioning that it didn't work for them.  Are you
supposed to be able to sign & encrypt in one invocation of
openssl (this is the utility used for smime, correct?)?

lisp/ChangeLog addition:

2002-05-01  Josh Huber  <huber@alum.wpi.edu>

	* gnus-msg.el (gnus-message-replysignencrypted): enabled by
	default.
	* mml-sec.el:
	* mml-sec.el (mml-signencrypt-style): New.
	* mml-sec.el (mml-pgpmime-encrypt-buffer): Accept optional
	argument `sign'.
	* mml-sec.el (mml-secure-message-encrypt-pgp): Changed default to
	signencrypt.
	* mml-sec.el (mml-secure-message-encrypt-pgpmime): Ditto.
	* mml.el (mml-generate-mime-1): Changed logic so a part which is
	both signed & encryped is processed in one operation. (rather than
	two separate ops: sign, then encrypt)
	* mml2015.el (mml2015-gpg-extract-signature-details): Give some
	indication if a message is signed by an expired key.
	* mml2015.el (mml2015-gpg-encrypt): Accept optional argument which
	enables combined sign & encrypt operation. (this was always on
	before).
	* mml2015.el (mml2015-encrypt): Accept optional argument `sign'.


texi/ChangeLog addition:

2002-05-01  Josh Huber  <huber@alum.wpi.edu>

	* gnus.texi (Signing and encrypting): Fix doc.  Also, add a
	paragraph about replysign/replyencrypt/replysignencryped use.


gnus source patch:
Diff command:   cvs -q diff -u
Files affected: texi/gnus.texi lisp/mml2015.el lisp/mml.el lisp/mml-sec.el lisp/gnus-msg.el

Index: lisp/gnus-msg.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/gnus-msg.el,v
retrieving revision 6.87
diff -u -r6.87 gnus-msg.el
--- lisp/gnus-msg.el	2002/04/27 23:07:35	6.87
+++ lisp/gnus-msg.el	2002/05/01 22:06:22
@@ -234,7 +234,7 @@
   :type 'boolean)
 
 (defcustom gnus-message-replysignencrypted
-  nil
+  t
   "Setting this causes automatically encryped messages to also be signed."
   :group 'gnus-message
   :type 'boolean)
Index: lisp/mml-sec.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/mml-sec.el,v
retrieving revision 1.13
diff -u -r1.13 mml-sec.el
--- lisp/mml-sec.el	2002/04/14 04:10:15	1.13
+++ lisp/mml-sec.el	2002/05/01 22:06:22
@@ -46,6 +46,13 @@
 (defvar mml-default-encrypt-method (caar mml-encrypt-alist)
   "Default encryption method.")
 
+(defvar mml-signencrypt-style
+  '(("smime"   separate)
+    ("pgp"     separate)
+    ("pgpmime" combined))
+  "Alist specifying whether or not a single sign & encrypt
+operation should be perfomed when requesting signencrypt.")
+
 ;;; Security functions
 
 (defun mml-smime-sign-buffer (cont)
@@ -68,8 +75,8 @@
   (or (mml2015-sign cont)
       (error "Signing failed... inspect message logs for errors")))
 
-(defun mml-pgpmime-encrypt-buffer (cont)
-  (or (mml2015-encrypt cont)
+(defun mml-pgpmime-encrypt-buffer (cont &optional sign)
+  (or (mml2015-encrypt cont sign)
       (error "Encryption failed... inspect message logs for errors")))
 
 (defun mml-secure-part (method &optional sign)
@@ -174,21 +181,17 @@
   (interactive "P")
   (mml-secure-message "smime" (if dontsign 'encrypt 'signencrypt)))
 
-;;; NOTE: this should be switched to use signencrypt
-;;; once it does something sensible
 (defun mml-secure-message-encrypt-pgp (&optional dontsign)
   "Add MML tag to encrypt and sign the entire message.
 If called with a prefix argument, only encrypt (do NOT sign)."
   (interactive "P")
-  (mml-secure-message "pgp" (if dontsign 'encrypt 'encrypt)))
+  (mml-secure-message "pgp" (if dontsign 'encrypt 'signencrypt)))
 
-;;; NOTE: this should be switched to use signencrypt
-;;; once it does something sensible
 (defun mml-secure-message-encrypt-pgpmime (&optional dontsign)
   "Add MML tag to encrypt and sign the entire message.
 If called with a prefix argument, only encrypt (do NOT sign)."
   (interactive "P")
-  (mml-secure-message "pgpmime" (if dontsign 'encrypt 'encrypt)))
+  (mml-secure-message "pgpmime" (if dontsign 'encrypt 'signencrypt)))
 
 (provide 'mml-sec)
 
Index: lisp/mml.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/mml.el,v
retrieving revision 6.53
diff -u -r6.53 mml.el
--- lisp/mml.el	2002/04/14 04:10:15	6.53
+++ lisp/mml.el	2002/05/01 22:06:22
@@ -530,22 +530,30 @@
 	      (insert "\n--" mml-boundary "--\n")))))
        (t
 	(error "Invalid element: %S" cont)))
-      (let ((item (assoc (cdr (assq 'sign cont)) mml-sign-alist))
+      ;; handle sign & encrypt tags in a semi-smart way.
+      (let ((sign-item (assoc (cdr (assq 'sign cont)) mml-sign-alist))
+	    (encrypt-item (assoc (cdr (assq 'encrypt cont))
+				 mml-encrypt-alist))
 	    sender recipients)
-	(when item
+	(when (or sign-item encrypt-item)
 	  (if (setq sender (cdr (assq 'sender cont)))
 	      (message-options-set 'message-sender sender))
 	  (if (setq recipients (cdr (assq 'recipients cont)))
 	      (message-options-set 'message-recipients recipients))
-	  (funcall (nth 1 item) cont)))
-      (let ((item (assoc (cdr (assq 'encrypt cont)) mml-encrypt-alist))
-	    sender recipients)
-	(when item
-	  (if (setq sender (cdr (assq 'sender cont)))
-	      (message-options-set 'message-sender sender))
-	  (if (setq recipients (cdr (assq 'recipients cont)))
-	      (message-options-set 'message-recipients recipients))
-	  (funcall (nth 1 item) cont))))))
+	  (let ((style (second (assoc (first sign-item)
+				      mml-signencrypt-style))))
+	    ;; check if: we're both signing & encrypting, both methods
+	    ;; are the same (why would they be different?!), and that
+	    ;; the signencrypt style allows for combined operation.
+	    (if (and sign-item encrypt-item (equal (first sign-item)
+						   (first encrypt-item))
+		     (equal style 'combined))
+		(funcall (nth 1 encrypt-item) cont t)
+	      ;; otherwise, revert to the old behavior.
+	      (when sign-item
+		(funcall (nth 1 sign-item) cont))
+	      (when encrypt-item
+		(funcall (nth 1 encrypt-item) cont)))))))))
 
 (defun mml-compute-boundary (cont)
   "Return a unique boundary that does not exist in CONT."
Index: lisp/mml2015.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/mml2015.el,v
retrieving revision 6.43
diff -u -r6.43 mml2015.el
--- lisp/mml2015.el	2002/02/20 00:15:32	6.43
+++ lisp/mml2015.el	2002/05/01 22:06:22
@@ -414,10 +414,13 @@
 (defun mml2015-gpg-extract-signature-details ()
   (goto-char (point-min))
   (if (boundp 'gpg-unabbrev-trust-alist)
-      (let* ((signer (and (re-search-forward
-			   "^\\[GNUPG:\\] GOODSIG [0-9A-Za-z]* \\(.*\\)$"
+      (let* ((expired (re-search-forward
+		       "^\\[GNUPG:\\] SIGEXPIRED$"
+		       nil t))
+	     (signer (and (re-search-forward
+			   "^\\[GNUPG:\\] GOODSIG \\([0-9A-Za-z]*\\) \\(.*\\)$"
 			   nil t)
-			  (match-string 1)))
+			  (cons (match-string 1) (match-string 2))))
 	     (fprint (and (re-search-forward
 			   "^\\[GNUPG:\\] VALIDSIG \\([0-9a-zA-Z]*\\) "
 			   nil t)
@@ -429,12 +432,16 @@
 	     (trust-good-enough-p
 	      (cdr (assoc (cdr (assoc trust gpg-unabbrev-trust-alist))
 			  mml2015-trust-boundaries-alist))))
-	(if (and signer trust fprint)
-	    (concat signer
-		    (unless trust-good-enough-p
-		      (concat "\nUntrusted, Fingerprint: "
-			      (mml2015-gpg-pretty-print-fpr fprint))))
-	  "From unknown user"))
+	(cond ((and signer fprint)
+	       (concat (cdr signer)
+		       (unless trust-good-enough-p
+			 (concat "\nUntrusted, Fingerprint: "
+				 (mml2015-gpg-pretty-print-fpr fprint)))
+		       (when expired
+			 (format "\nWARNING: Signature from expired key (%s)"
+			  (car signer)))))
+	      (t
+	       "From unknown user")))
     (if (re-search-forward "^gpg: Good signature from \"\\(.*\\)\"$" nil t)
 	(match-string 1)
       "From unknown user")))
@@ -559,28 +566,39 @@
       (insert (format "--%s--\n" boundary))
       (goto-char (point-max)))))
 
-(defun mml2015-gpg-encrypt (cont)
+(defun mml2015-gpg-encrypt (cont &optional sign-also)
   (let ((boundary
 	 (funcall mml-boundary-function (incf mml-multipart-number)))
 	(text (current-buffer))
 	cipher)
     (mm-with-unibyte-current-buffer-mule4
       (with-temp-buffer
-	(unless (gpg-sign-encrypt
-		 text (setq cipher (current-buffer))
-		 mml2015-result-buffer
-		 (split-string
-		  (or
-		   (message-options-get 'message-recipients)
-		   (message-options-set 'message-recipients
-					(read-string "Recipients: ")))
-		  "[ \f\t\n\r\v,]+")
-		 nil
-		 (message-options-get 'message-sender)
-		 t t) ; armor & textmode
-	  (unless (> (point-max) (point-min))
-	    (pop-to-buffer mml2015-result-buffer)
-	    (error "Encrypt error")))
+	(flet ((gpg-encrypt-func 
+		 (sign plaintext ciphertext result recipients &optional
+		       passphrase sign-with-key armor textmode)
+		 (if sign-also
+		     (gpg-sign-encrypt
+		      plaintext ciphertext result recipients passphrase
+		      sign-with-key armor textmode)
+		   (gpg-encrypt
+		    plaintext ciphertext result recipients passphrase
+		    armor textmode))))
+	  (unless (gpg-encrypt-func
+		    sign-also ; passed in when using signencrypt
+		    text (setq cipher (current-buffer))
+		    mml2015-result-buffer
+		    (split-string
+		     (or
+		      (message-options-get 'message-recipients)
+		      (message-options-set 'message-recipients
+					   (read-string "Recipients: ")))
+		     "[ \f\t\n\r\v,]+")
+		    nil
+		    (message-options-get 'message-sender)
+		    t t) ; armor & textmode
+	    (unless (> (point-max) (point-min))
+	      (pop-to-buffer mml2015-result-buffer)
+	      (error "Encrypt error"))))
 	(goto-char (point-min))
 	(while (re-search-forward "\r+$" nil t)
 	  (replace-match "" t t))
@@ -641,11 +659,11 @@
   mml2015-use)
 
 ;;;###autoload
-(defun mml2015-encrypt (cont)
+(defun mml2015-encrypt (cont &optional sign)
   (mml2015-clean-buffer)
   (let ((func (nth 2 (assq mml2015-use mml2015-function-alist))))
     (if func
-	(funcall func cont)
+	(funcall func cont sign)
       (error "Cannot find encrypt function"))))
 
 ;;;###autoload
Index: texi/gnus.texi
===================================================================
RCS file: /usr/local/cvsroot/gnus/texi/gnus.texi,v
retrieving revision 6.276
diff -u -r6.276 gnus.texi
--- texi/gnus.texi	2002/05/01 00:18:31	6.276
+++ texi/gnus.texi	2002/05/01 22:06:28
@@ -11226,6 +11226,14 @@
 @sc{Mailcrypt}, you need to install at least one of them.  The
 @sc{s/mime} support in Gnus requires the external program OpenSSL.
 
+Often, you would like to sign replies to people who send you signed
+messages.  Even more often, you might want to encrypt messages which
+are in reply to encrypted messages.  Gnus offers
+@code{gnus-message-replysign} to enable the former, and
+@code{gnus-message-replyencrypt} for the latter.  In addition, setting
+@code{gnus-message-replysignencrypted} (on by default) will sign
+automatically encrypted messages.
+
 Instructing MML to perform security operations on a @sc{mime} part is
 done using the @kbd{C-c C-m s} key map for signing and the @kbd{C-c
 C-m c} key map for encryption, as follows.
@@ -11234,39 +11242,39 @@
 
 @item C-c C-m s s
 @kindex C-c C-m s s
-@findex mml-secure-sign-smime
+@findex mml-secure-message-sign-smime
 
-Digitally sign current @sc{mime} part using @sc{s/mime}.
+Digitally sign current message using @sc{s/mime}.
 
 @item C-c C-m s o
 @kindex C-c C-m s o
-@findex mml-secure-sign-pgp
+@findex mml-secure-message-sign-pgp
 
-Digitally sign current @sc{mime} part using PGP.
+Digitally sign current message using PGP.
 
 @item C-c C-m s p
 @kindex C-c C-m s p
-@findex mml-secure-sign-pgp
+@findex mml-secure-message-sign-pgp
 
-Digitally sign current @sc{mime} part using @sc{pgp/mime}.
+Digitally sign current message using @sc{pgp/mime}.
 
 @item C-c C-m c s
 @kindex C-c C-m c s
-@findex mml-secure-encrypt-smime
+@findex mml-secure-message-encrypt-smime
 
-Digitally encrypt current @sc{mime} part using @sc{s/mime}.
+Digitally encrypt current message using @sc{s/mime}.
 
 @item C-c C-m c o
 @kindex C-c C-m c o
-@findex mml-secure-encrypt-pgp
+@findex mml-secure-message-encrypt-pgp
 
-Digitally encrypt current @sc{mime} part using PGP.
+Digitally encrypt current message using PGP.
 
 @item C-c C-m c p
 @kindex C-c C-m c p
-@findex mml-secure-encrypt-pgpmime
+@findex mml-secure-message-encrypt-pgpmime
 
-Digitally encrypt current @sc{mime} part using @sc{pgp/mime}.
+Digitally encrypt current message using @sc{pgp/mime}.
 
 @item C-c C-m C-n
 @kindex C-c C-m C-n

-- 
Josh Huber