From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/51246
Path: main.gmane.org!not-for-mail
From: Michael =?iso-8859-1?q?Teichgr=E4ber?= <mt@wmipf.in-berlin.de>
Newsgroups: gmane.emacs.gnus.general
Subject: PGG and signature details in combined signed/encrypted mails
Date: Sun, 06 Apr 2003 17:56:42 +0200
Sender: owner-ding@hpc.uh.edu
Message-ID: <87he9b1ux1.fsf@wmipf.in-berlin.de>
NNTP-Posting-Host: main.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: main.gmane.org 1049645519 30287 80.91.224.249 (6 Apr 2003 16:11:59 GMT)
X-Complaints-To: usenet@main.gmane.org
NNTP-Posting-Date: Sun, 6 Apr 2003 16:11:59 +0000 (UTC)
Original-X-From: owner-ding@hpc.uh.edu Sun Apr 06 18:11:54 2003
Return-path: <owner-ding@hpc.uh.edu>
Original-Received: from malifon.math.uh.edu ([129.7.128.13])
	by main.gmane.org with esmtp (Exim 3.35 #1 (Debian))
	id 192CkM-0007rr-00
	for <ding-account@gmane.org>; Sun, 06 Apr 2003 18:11:54 +0200
Original-Received: from sina.hpc.uh.edu ([129.7.128.10] ident=lists)
	by malifon.math.uh.edu with esmtp (Exim 3.20 #1)
	id 192CjT-00017z-00; Sun, 06 Apr 2003 11:10:59 -0500
Original-Received: by sina.hpc.uh.edu (TLB v0.09a (1.20 tibbs 1996/10/09 22:03:07)); Sun, 06 Apr 2003 11:12:04 -0500 (CDT)
Original-Received: from main.gmane.org (main.gmane.org [80.91.224.249])
	by sina.hpc.uh.edu (8.9.3/8.9.3) with ESMTP id LAA00464
	for <ding@hpc.uh.edu>; Sun, 6 Apr 2003 11:11:49 -0500 (CDT)
Original-Received: from root by main.gmane.org with local (Exim 3.35 #1 (Debian))
	id 192Cij-0007iv-00
	for <ding@hpc.uh.edu>; Sun, 06 Apr 2003 18:10:13 +0200
X-Injected-Via-Gmane: http://gmane.org/
Original-To: ding@hpc.uh.edu
Original-Received: from news by main.gmane.org with local (Exim 3.35 #1 (Debian))
	id 192CZu-00076U-00
	for <gmane-emacs-gnus-general@m.gmane.org>; Sun, 06 Apr 2003 18:01:06 +0200
Original-Lines: 186
Original-X-Complaints-To: usenet@main.gmane.org
Mail-Reply-To: Michael =?iso-8859-1?q?Teichgr=E4ber?=
 <mt@wmipf.in-berlin.de>
X-Betriebssystem: Debian GNU/Linux
X-Request-PGP: http://wmipf.in-berlin.de/mtgpg.asc
X-PGP-Key: 5656 F203 8343 0A2E 8259  6102 3F0D B4F4 1182 8000
User-Agent: Gnus/5.090018 (Oort Gnus v0.18) Emacs/21.2 (gnu/linux)
Cancel-Lock: sha1:Dp+06qKPls5W6V5oQ3YplDIFtyI=
Precedence: list
X-Majordomo: 1.94.jlt7
Xref: main.gmane.org gmane.emacs.gnus.general:51246
X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:51246

Hi,

the mml2015-pgg-[clear-]verify functions add some information about the
signature to the button 'gnus-info, if the verification has succeeded.

This also works for separately signed/encrypted messages, since the
mml2015*-verify functions are called in this case too.

For combined s/e messages this is different, since the signature is
being checked on the fly. When viewing messages of this kind, I see
just `Encrypted Part: OK', also if verification has failed because a
public key is not available.

I have seen some people ask about whether in this case some more
information could be visible inside the butten, like `Signer: ...'

The mml2015-pgg-[clear-]verify functions use
mml2015-gpg-extract-signature-details for getting this
information. But I suppose this would not give details if one is using
a pgg-scheme other than `gpg'.

To get a brief information about a verified signature in all cases
there could be a new function pgg-extract-signature-details in pgg.el,
that is called from within mml2015-pgg-[clear-]{decrypt,verify}.

This new function could then delegate the call via pgg-invoke
depending on `pgg-scheme'. The appended example patch demonstrates
this, implemented only for the gpg scheme. In pgg-gpg.el
pgg-gpg-extract-signature-details is a modified copy of the original
function in mml2015.el, and it detects failure because of missing
public key.

I am not sure whether this approach makes sense for the other PGG
schemes, since the pgp binaries perhaps don't give the sort of
details into pgg-errors-buffer as gpg does.

Michael

------------------------------------------------------------>8----------
Index: mml2015.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/mml2015.el,v
retrieving revision 6.58
diff -u -p -r6.58 mml2015.el
--- mml2015.el	6 Apr 2003 01:23:53 -0000	6.58
+++ mml2015.el	6 Apr 2003 15:31:44 -0000
@@ -639,6 +639,7 @@
 (eval-and-compile
   (autoload 'pgg-decrypt-region "pgg")
   (autoload 'pgg-verify-region "pgg")
+  (autoload 'pgg-extract-signature-details "pgg")
   (autoload 'pgg-sign-region "pgg")
   (autoload 'pgg-encrypt-region "pgg"))
 
@@ -672,13 +673,16 @@
 		mm-security-handle 'gnus-details "Quit.")
 	       nil))
 	    (with-current-buffer pgg-output-buffer
-	      (goto-char (point-min))
-	      (while (search-forward "\r\n" nil t)
-		(replace-match "\n" t t))
-	      (setq handles (mm-dissect-buffer t))
-	      (mm-destroy-parts handle)
-	      (mm-set-handle-multipart-parameter
-	       mm-security-handle 'gnus-info "OK")
+	      (let ((sig (pgg-extract-signature-details)))
+		(goto-char (point-min))
+		(while (search-forward "\r\n" nil t)
+		  (replace-match "\n" t t))
+		(setq handles (mm-dissect-buffer t))
+		(mm-destroy-parts handle)
+		(mm-set-handle-multipart-parameter
+		 mm-security-handle 'gnus-info (if sig 
+						   (concat "OK, Signer:" sig) 
+						 "OK")))
 	      (mm-set-handle-multipart-parameter
 	       mm-security-handle 'gnus-details
 	       (concat decrypt-status
@@ -706,8 +710,10 @@
 	  (goto-char (point-min))
 	  (while (search-forward "\r\n" nil t)
 	    (replace-match "\n" t t))
-	  (mm-set-handle-multipart-parameter
-	   mm-security-handle 'gnus-info "OK"))
+	  (let ((sig (pgg-extract-signature-details)))
+	    (mm-set-handle-multipart-parameter
+	     mm-security-handle 'gnus-info (if sig (concat "OK, Signer:" sig) 
+					     "OK"))))
       (mm-set-handle-multipart-parameter
        mm-security-handle 'gnus-info "Failed"))))
 
@@ -764,8 +770,7 @@
 	      (delete-file signature-file)
 	      (mm-set-handle-multipart-parameter
 	       mm-security-handle 'gnus-info
-	       (with-current-buffer pgg-errors-buffer
-		 (mml2015-gpg-extract-signature-details))))
+	       (pgg-extract-signature-details)))
 	  (delete-file signature-file)
 	  (mm-set-handle-multipart-parameter
 	   mm-security-handle 'gnus-info "Failed")))))
@@ -798,9 +803,7 @@
 	    mm-security-handle 'gnus-details "Quit.")
 	   nil))
 	(mm-set-handle-multipart-parameter
-	 mm-security-handle 'gnus-info
-	 (with-current-buffer pgg-errors-buffer
-	   (mml2015-gpg-extract-signature-details)))
+	 mm-security-handle 'gnus-info (pgg-extract-signature-details))
       (mm-set-handle-multipart-parameter
        mm-security-handle 'gnus-info "Failed"))))
 
Index: pgg-gpg.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/pgg-gpg.el,v
retrieving revision 6.13
diff -u -p -r6.13 pgg-gpg.el
--- pgg-gpg.el	6 Apr 2003 00:18:33 -0000	6.13
+++ pgg-gpg.el	6 Apr 2003 15:31:44 -0000
@@ -194,6 +194,43 @@ If optional argument SIGN is non-nil, do
       (goto-char (point-min))
       (re-search-forward "^\\[GNUPG:] GOODSIG\\>" nil t))))
 
+(defun pgg-gpg-extract-signature-details ()
+  "Extract details about signature verification from current buffer, that
+is supposed to contain the output of the last gpg invocation."
+  (goto-char (point-min))
+  (let* ((expired (re-search-forward
+		   "^\\[GNUPG:\\] SIGEXPIRED$"
+		   nil t))
+	 (signer (and (re-search-forward
+		       "^\\[GNUPG:\\] GOODSIG \\([0-9A-Za-z]*\\) \\(.*\\)$"
+		       nil t)
+		      (cons (match-string 1) (match-string 2))))
+	 (fprint (and (re-search-forward
+		       "^\\[GNUPG:\\] VALIDSIG \\([0-9a-zA-Z]*\\) "
+		       nil t)
+		      (match-string 1)))
+	 (trust  (and (re-search-forward
+		       "^\\[GNUPG:\\] \\(TRUST_.*\\)$"
+		       nil t)
+		      (match-string 1)))
+	 (trust-good-enough-p
+	  (cdr (assoc trust mml2015-unabbrev-trust-alist))))
+    (cond ((and signer fprint)
+	   (concat (cdr signer)
+		   (unless trust-good-enough-p
+		     (concat "\nUntrusted, Fingerprint: "
+			     (mml2015-gpg-pretty-print-fpr fprint)))
+		   (when expired
+		     (format "\nWARNING: Signature from expired key (%s)"
+			     (car signer)))))
+	  ((re-search-forward
+	    "^\\(gpg: \\)?Good signature from \"\\(.*\\)\"$" nil t)
+	   (match-string 2))
+	  ((re-search-forward
+	    "^\\[GNUPG:\\] NO_PUBKEY ........\\(.*\\)$" nil t)
+	   (concat "0x" (match-string 1) 
+		   ", public key not found!" )))))
+
 (defun pgg-gpg-insert-key ()
   "Insert public key at point."
   (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id))
Index: pgg.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/pgg.el,v
retrieving revision 6.13
diff -u -p -r6.13 pgg.el
--- pgg.el	6 Apr 2003 00:18:33 -0000	6.13
+++ pgg.el	6 Apr 2003 15:31:45 -0000
@@ -306,6 +306,14 @@ within the region."
 				     pgg-errors-buffer)))))))
 
 ;;;###autoload
+(defun pgg-extract-signature-details ()
+  "Parses the output of the last PGP signature verification process. Returns 
+nil, if no details are found."
+  (with-current-buffer pgg-errors-buffer
+    (pgg-invoke 
+     "extract-signature-details" (or pgg-scheme pgg-default-scheme))))
+
+;;;###autoload
 (defun pgg-insert-key ()
   "Insert the ASCII armored public key."
   (interactive)
----------8<------------------------------------------------------------