From: "Michael Teichgräber" <mt@wmipf.in-berlin.de>
Subject: [PATCH] PGG retrieving keys itself (was: [PGG] Any way to download keys automatically?)
Date: Thu, 17 Apr 2003 12:10:52 +0200 [thread overview]
Message-ID: <87y9298mdv.fsf_-_@wmipf.in-berlin.de> (raw)
In-Reply-To: <87smsh7t3q.fsf@rpi.edu> (Marshall T. Vandegrift's message of "Wed, 16 Apr 2003 22:31:05 -0400")
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
"Marshall T. Vandegrift" <vandem2@rpi.edu> writes:
> However, PGG does also include support to retrieve keys itself:
PGG uses pgg-decode-armor-region to get the key ID of the message's
signing key, but only if there is a detached (PGP/MIME)
signature. With clear-signed messages it seems not to work.
This patch adds some code to pgg-verify-region, that checks for the
existence of a clear signed message and feeds the signature region to
pgg-decode-armor-region the same way as it is done for detached
signatures.
Is this how it could be done? (I do not have much practice on Lisp
programming yet):
- ------------------------------------------------------------>8----------
Index: pgg.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/pgg.el,v
retrieving revision 6.15
diff -u -p -r6.15 pgg.el
- --- pgg.el 16 Apr 2003 16:28:19 -0000 6.15
+++ pgg.el 17 Apr 2003 10:04:04 -0000
@@ -243,21 +243,29 @@ and the the output is displayed."
status))
;;;###autoload
- -(defun pgg-verify-region (start end &optional signature fetch)
+(defun pgg-verify-region (start end &optional detached-sig fetch)
"Verify the current region between START and END.
- -If the optional 3rd argument SIGNATURE is non-nil, it is treated as
+If the optional 3rd argument DETACHED-SIG is non-nil, it is treated as
the detached signature of the current region.
If the optional 4th argument FETCH is non-nil, we attempt to fetch the
signer's public key from `pgg-default-keyserver-address'."
(interactive "r")
- - (let* ((packet
- - (if (null signature) nil
+ (let* ((clear-sig
+ (unless detached-sig
+ (save-excursion
+ (goto-char start)
+ (if (re-search-forward "^-+BEGIN PGP SIGNATURE" end t)
+ (buffer-substring (match-beginning 0) end)))))
+ (packet
+ (when (or detached-sig clear-sig)
(with-temp-buffer
(buffer-disable-undo)
(if (fboundp 'set-buffer-multibyte)
(set-buffer-multibyte nil))
- - (insert-file-contents signature)
+ (if detached-sig
+ (insert-file-contents detached-sig)
+ (insert clear-sig))
(cdr (assq 2 (pgg-decode-armor-region
(point-min)(point-max)))))))
(key (cdr (assq 'key-identifier packet)))
@@ -275,7 +283,7 @@ signer's public key from `pgg-default-ke
(setq status
(pgg-save-coding-system start end
(pgg-invoke "verify-region" (or pgg-scheme pgg-default-scheme)
- - (point-min) (point-max) signature)))
+ (point-min) (point-max) detached-sig)))
(when (interactive-p)
(let ((temp-buffer-show-function
(function pgg-temp-buffer-show-function)))
- ----------8<------------------------------------------------------------
> Does this exist for OpenPGP implementations which do not support
> automated key-retrieval, or is there some good reason to have PGG do
> it instead of the OpenPGP tool?
- From what its manpage says, there is no function at least in PGP 2.6.3
to automatically retrieve keys. A good reason is IMHO, if you work at
a dialup host, that you have a chance to connect to the the network
before the signature is checked, since PGG will prompt you if it could
not find the public key.
- --
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+nn21Pw209BGCgAARAshsAKDr3OkjlJI3h1bG1gsZPFWy+hKozACggZ2V
6jnZxBiakrft0Mdv5Bc8oPs=
=S37T
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2003-04-17 10:10 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-04-17 1:43 [PGG] Any way to download keys automatically? Zack Weinberg
2003-04-17 1:51 ` Kirk Strauser
2003-04-17 2:31 ` Marshall T. Vandegrift
2003-04-17 10:10 ` Michael Teichgräber [this message]
2003-04-17 10:50 ` Simon Josefsson
2003-04-17 2:38 ` Zack Weinberg
2003-04-17 15:49 ` Kirk Strauser
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y9298mdv.fsf_-_@wmipf.in-berlin.de \
--to=mt@wmipf.in-berlin.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).