pgg*.el and passphrase caching

pgg*.el and passphrase caching

[Mark Trettin]

Hallo,

I want to switch from gpg.el to pgg.el.  I encounterd the problem, that
passphrase caching doesn't work as I would expect.  I try to describe
what happens:

I have 3 mails:

-  msg 1 from A
-  msg 2 my answer to 1
-  msg 3 A's answer to 2 

If I want to (re)view msg 1 pgg.el asks me to enter the passphrase for
A's key-ID.  When I enter my passphrase the message gets decrypted and
the passphrase is cached so I can view msg 2 without reentering the
passphrase.  When I now want to view message 3 pgg again asks me for A's
passphrase so I have to reenter mine.

I *think* the problem is, that all messages also are "encrypted to self"
and pgg.el wants to take the first Key-ID it finds (and this is the one
of the originator of the mail).

Is there a way to say: "Always take one of my Key-IDs"?  And then
decrypt the messages with the cached phrase? 

I don't know if it's a gpg problem or a pgg one.

Bye

	 Mark
-- 
Mark Trettin · Aachen · Germany · Where is Aachen? --> N: 50°46' E: 06°05'
BOFH excuse #165:

Backbone Scoliosis

Re: pgg*.el and passphrase caching

[Kirk Strauser]

[-- Attachment #1: Type: text/plain, Size: 359 bytes --]

At 2003-08-19T09:02:42Z, Mark Trettin <mtr-dev0@gmx.de> writes:

> Is there a way to say: "Always take one of my Key-IDs"?  And then decrypt
> the messages with the cached phrase?

By the same token:

I use gpg-agent.  How can I prevent Gnus from prompting for my passphrase so
that the agent always handles the entry?
-- 
Kirk Strauser

[-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --]

Re: pgg*.el and passphrase caching

[Michael Teichgräber]

[-- Attachment #1: Type: text/plain, Size: 4377 bytes --]

Kirk Strauser <kirk@strauser.com> writes:

> I use gpg-agent.  How can I prevent Gnus from prompting for my
> passphrase so that the agent always handles the entry?

For a while I have been using the appended patch. It introduces a
defcustom of type boolean `pgg-gpg-use-agent-if-available', and a
defconst `pgg-gpg-agent-available' that is t if GPG_AGENT_INFO is set.

A function pgg-gpg-use-agent then is used at various places to avoid
the passphrase being read by Gnus.

-- 
Michael

Index: pgg-gpg.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/pgg-gpg.el,v
retrieving revision 6.13
diff -u -p -r6.13 pgg-gpg.el
--- pgg-gpg.el	6 Apr 2003 00:18:33 -0000	6.13
+++ pgg-gpg.el	17 Apr 2003 12:14:01 -0000
@@ -36,6 +36,14 @@
   :group 'pgg-gpg
   :type 'string)
 
+(defcustom pgg-gpg-use-agent-if-available nil 
+  "Whether to use gpg-agent if it can be located via environment."
+  :group 'pgg-gpg
+  :type 'boolean)
+
+(defconst pgg-gpg-agent-available (if (getenv "GPG_AGENT_INFO") t)
+  "If gpg-agent can be located, this constant is t.")
+
 (defcustom pgg-gpg-extra-args nil
   "Extra arguments for every GnuPG invocation."
   :group 'pgg-gpg
@@ -46,6 +54,13 @@
 (defvar pgg-gpg-user-id nil
   "GnuPG ID of your default identity.")
 
+(defun pgg-gpg-use-agent ()
+  "If it returns t, gpg will be told to use gpg-agent for secret key
+management, otherwise PGG will ask you for passphrase(s). Depends on
+the value of `pgg-gpg-use-agent-if-available', and whether the agent
+can be located."
+  (and pgg-gpg-agent-available pgg-gpg-use-agent-if-available))
+
 (defun pgg-gpg-process-region (start end passphrase program args)
   (let* ((output-file-name
 	  (expand-file-name (make-temp-name "pgg-output") 
@@ -53,7 +68,8 @@
 	 (args
 	  `("--status-fd" "2"
 	    ,@(if passphrase '("--passphrase-fd" "0"))
+	    ,@(if (pgg-gpg-use-agent) '("--use-agent"))
 	    "--yes" ; overwrite
 	    "--output" ,output-file-name
 	    ,@pgg-gpg-extra-args ,@args))
 	 (output-buffer pgg-output-buffer)
@@ -96,8 +112,8 @@
 	     (re-search-forward "^\\[GNUPG:] GOOD_PASSPHRASE\\>" nil t)))
       (pgg-add-passphrase-cache
        (progn
-	 (goto-char (point-min))
-	 (if (re-search-forward
+	 (goto-char (point-max))
+	 (if (re-search-backward
 	      "^\\[GNUPG:] NEED_PASSPHRASE \\w+ ?\\w*" nil t)
 	     (substring (match-string 0) -8)))
        passphrase)))
@@ -123,9 +139,10 @@ If optional argument SIGN is non-nil, do
   (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id))
 	 (passphrase
 	  (when sign
-	    (pgg-read-passphrase
-	     (format "GnuPG passphrase for %s: " pgg-gpg-user-id)
-	     (pgg-gpg-lookup-key pgg-gpg-user-id 'encrypt))))
+	    (unless (pgg-gpg-use-agent)
+	      (pgg-read-passphrase
+	       (format "GnuPG passphrase for %s: " pgg-gpg-user-id)
+	       (pgg-gpg-lookup-key pgg-gpg-user-id 'encrypt)))))
 	 (args
 	  (append
 	   (list "--batch" "--armor" "--always-trust" "--encrypt")
@@ -148,9 +165,10 @@ If optional argument SIGN is non-nil, do
   "Decrypt the current region between START and END."
   (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id))
 	 (passphrase
-	  (pgg-read-passphrase
-	   (format "GnuPG passphrase for %s: " pgg-gpg-user-id)
-	   (pgg-gpg-lookup-key pgg-gpg-user-id 'encrypt)))
+	  (unless (pgg-gpg-use-agent)
+	    (pgg-read-passphrase
+	     (format "GnuPG passphrase for %s: " pgg-gpg-user-id)
+	     (pgg-gpg-lookup-key pgg-gpg-user-id 'encrypt))))
 	 (args '("--batch" "--decrypt")))
     (pgg-gpg-process-region start end passphrase pgg-gpg-program args)
     (with-current-buffer pgg-errors-buffer
@@ -162,9 +180,10 @@ If optional argument SIGN is non-nil, do
   "Make detached signature from text between START and END."
   (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id))
 	 (passphrase
-	  (pgg-read-passphrase
-	   (format "GnuPG passphrase for %s: " pgg-gpg-user-id)
-	   (pgg-gpg-lookup-key pgg-gpg-user-id 'sign)))
+	  (unless (pgg-gpg-use-agent)
+	    (pgg-read-passphrase
+	     (format "GnuPG passphrase for %s: " pgg-gpg-user-id)
+	     (pgg-gpg-lookup-key pgg-gpg-user-id 'sign))))
 	 (args
 	  (list (if cleartext "--clearsign" "--detach-sign")
 		"--armor" "--batch" "--verbose"

[-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --]

Re: pgg*.el and passphrase caching

[Xavier Maillard]

[-- Attachment #1: Type: text/plain, Size: 658 bytes --]

Kirk Strauser <kirk@strauser.com> writes:

>  At 2003-08-19T09:02:42Z, Mark Trettin <mtr-dev0@gmx.de> writes:
>  
> >  Is there a way to say: "Always take one of my Key-IDs"?  And then
> >  decrypt\r the messages with the cached phrase?
>  \r By the same token:\r \r I use gpg-agent.  How can I prevent Gnus
>  from prompting for my passphrase so\r that the agent always handles
>  the entry?\r -- \r Kirk Strauser

Why all those leading " ^M" appear in this message ?? I have never ever
seen this before with a Gnus edited/sent message before.

zeDek
-- 
"Schweigen - mit arrogantem Unterton - schlaegt das schlagenste
 Argument" (Hassencamp)

[-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --]

Re: pgg*.el and passphrase caching

[Michael Teichgräber]

Mark Trettin <mtr-dev0@gmx.de> writes:

> I *think* the problem is, that all messages also are "encrypted to self"
> and pgg.el wants to take the first Key-ID it finds (and this is the one
> of the originator of the mail).


This looks like the same I once reported on gnus-bug@gnus.org:

| Message-ID: <87he9ww7pt.fsf@iridium.renata.de>
| Subject: pgg-decrypt-region: wrong key-ID displayed
| Date: Sat, 22 Mar 2003 01:44:30 +0100
|
| when trying to decrypt a message that has been encrypted to me and to
| the sender, the sender's key-ID is displayed when PGG is prompting for
| the passphrase of _my_ key.
|
| The reason for this is the way the local `pgg-default-user-id' is
| determined within pgg-decrypt-region in pgg.el:
|
| 	 (packet (cdr (assq 1 (with-temp-buffer
| 				(insert-buffer buf)
| 				(pgg-decode-armor-region
| 				 (point-min) (point-max))))))
| 	 (key (cdr (assq 'key-identifier packet)))
| 	 (pgg-default-user-id
| 	  (if key
| 	      (concat "0x" (pgg-truncate-key-identifier key))
| 	    pgg-default-user-id))
|
| Pgg-decode-armor-region returns per example a list:
|
|     ((18)
|      (1
|       (version . 3)
|       (key-identifier . "7F362B5EDCE28EC5")  <-- sender's key-ID
|       (public-key-algorithm . ELG-E))
|      (1
|       (version . 3)
|       (key-identifier . "DC38B8B40E9C9C4B")  <-- my key ID
|       (public-key-algorithm . ELG-E))) ,
|
| so that `(cdr (assq 1 ...' leads to a `packet' containing the sender's
| key information. PGG then prompts with `GnuPG passphrase for 0xDCE28EC5:'
| instead of `...0E9C9C4B:'.
|
| A way to change this could be first to search for a packet containing
| a key identifier that equals the (long) key identifier of the key with
| user ID `pgg-default-user-id', and then--if no matching packet could
| be found--use the sequence as it is coded at the moment.
|
| This can be a bit complicated, since the user ID `pgg-default-user-id'
| may be given in various ways, so that it would be neccessary to invoke
| something similar to `(pgg-*-lookup-key pgg-default-user-id t)' to get
| a list of long key identifiers of subkeys (`ssb') of this private key.
|
| An easy approach would be to change the prompt into just `GnuPG
| passphrase:' without showing the key identifier.
|
|
| The current implementation also has the (keyboard-wearing) side
| effect, that passphrase caching in these cases does not work, since
| the passphrase of the sender's secret key obviously cannot be in my
| cache. (The easy approach would not fix this.)


I've appended a patch I used at that time to get it working the
following way:

> Is there a way to say: "Always take one of my Key-IDs"?  And then
> decrypt the messages with the cached phrase?

The interface in PGG is extended by a function
pgg-lookup-secret-keys-avail (similar to pgg-lookup-key) that should
return a list of IDs of all your secret keys. Each backend would have
to define such a function. I only implemented one for the
GnuPG-backend: pgg-gpg-lookup-secret-keys-avail.

Then, in pgg-decrypt-region, Gnus wouldn't only extract the key ID of
the first packet of the message, but those of all key packets.

This list `msg-keys' then is intersected with the `user-keys' returned
by pgg-gpg-lookup-secret-keys-avail. The first match is used as `key'
ID (in contrast to the key ID of the first packet, as it is coded in
PGG at the moment).

Because I have switched to using gpg-agent, where Gnus' passphrase
caching won't be used, I forgot about this problem.

Perhaps the appended patch can serve as an example for a fix that
covers all PGG backends.

-- 
Michael

Index: pgg-gpg.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/pgg-gpg.el,v
retrieving revision 6.18
diff -u -p -r6.18 pgg-gpg.el
--- pgg-gpg.el	8 Aug 2003 23:25:24 -0000	6.18
+++ pgg-gpg.el	20 Aug 2003 07:12:52 -0000
@@ -117,6 +117,24 @@
 				     (progn (end-of-line)(point)))
 		   ":")) 8)))))
 
+(defun pgg-gpg-lookup-secret-keys-avail ()
+  "Get a list of all key IDs from secret keyring."
+  (let ((args (list "--with-colons" "--no-greeting" "--batch" 
+		    "--list-secret-keys" "--fast-list-mode"))
+	keylist)
+    (with-temp-buffer
+      (apply #'call-process pgg-gpg-program nil t nil args)
+      (goto-char (point-min))
+      (while (re-search-forward "^\\(ssb\\|sec\\|sub\\|pub\\):"  nil t)
+	(setq keylist 
+	      (cons 
+	       (substring
+		(nth 3 (split-string 
+			(buffer-substring (- (match-end 0) 1)
+					  (progn (end-of-line)(point)))
+			":")) 8) keylist))))
+    keylist))
+
 (defun pgg-gpg-encrypt-region (start end recipients &optional sign)
   "Encrypt the current region between START and END.
 If optional argument SIGN is non-nil, do a combined sign and encrypt."
Index: pgg.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/pgg.el,v
retrieving revision 6.20
diff -u -p -r6.20 pgg.el
--- pgg.el	24 Jul 2003 02:58:18 -0000	6.20
+++ pgg.el	20 Aug 2003 07:12:52 -0000
@@ -192,11 +192,26 @@ the region."
   "Decrypt the current region between START and END."
   (interactive "r")
   (let* ((buf (current-buffer))
-	 (packet (cdr (assq 1 (with-temp-buffer
+	 (packets (with-temp-buffer
 				(insert-buffer-substring buf)
-				(pgg-decode-armor-region
-				 (point-min) (point-max))))))
-	 (key (cdr (assq 'key-identifier packet)))
+		    (pgg-decode-armor-region start end)))
+	 (packet (cdr (assq 1 packets)))
+	 (key (let (found-key 
+		    msg-keys 
+		    (user-keys 
+		     (pgg-lookup-secret-keys-avail)))
+		;; extract key IDs from session key packets -> msg-keys
+		(dolist (element packets msg-keys)
+		  (if (eq (car element) 1)
+		      (let ((key (assq 'key-identifier element)))
+			(if key (setq msg-keys 
+				      (cons (pgg-truncate-key-identifier
+					     (cdr key)) msg-keys))))))
+		;; intersect key IDs of available secret keys with msg-keys
+		(dolist (key user-keys found-key)
+		  (if (member key msg-keys) 
+		      (unless found-key (setq found-key key))))
+		(if found-key found-key (cdr (assq 'key-identifier packet)))))
 	 (pgg-default-user-id 
 	  (if key
 	      (concat "0x" (pgg-truncate-key-identifier key))
@@ -341,6 +356,9 @@ within the region."
 
 (defun pgg-lookup-key (string &optional type)
   (pgg-invoke "lookup-key" (or pgg-scheme pgg-default-scheme) string type))
+
+(defun pgg-lookup-secret-keys-avail ()
+  (pgg-invoke "lookup-secret-keys-avail" (or pgg-scheme pgg-default-scheme)))
 
 (defvar pgg-insert-url-function  (function pgg-insert-url-with-w3))
 

Re: pgg*.el and passphrase caching

[Kirk Strauser]

[-- Attachment #1: Type: text/plain, Size: 287 bytes --]

At 2003-08-20T05:57:59Z, Michael Teichgräber <mt@wmipf.in-berlin.de> writes:

> For a while I have been using the appended patch.

FYI, your message directly to me came through perfectly.  The message that
got posted to the mailing list had a broken signature.
-- 
Kirk Strauser

[-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --]

Re: pgg*.el and passphrase caching

[Kirk Strauser]

[-- Attachment #1: Type: text/plain, Size: 302 bytes --]

At 2003-08-20T14:07:56Z, Kirk Strauser <kirk@strauser.com> writes:

> FYI, your message directly to me came through perfectly.  The message that
> got posted to the mailing list had a broken signature.

...as did mine just now (and so, presumably, will this one).  Nevermind.
-- 
Kirk Strauser

[-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --]

Re: pgg*.el and passphrase caching

[Mark Trettin]

On Wed, 20 Aug 2003, Michael Teichgräber spake thusly:
> Mark Trettin <mtr-dev0@gmx.de> writes:
> 
>> I *think* the problem is, that all messages also are "encrypted to self"
>> and pgg.el wants to take the first Key-ID it finds (and this is the one
>> of the originator of the mail).
> 
> This looks like the same I once reported on gnus-bug@gnus.org:

Yes it does.

[...]

> I've appended a patch I used at that time to get it working the
> following way:
> 
>> Is there a way to say: "Always take one of my Key-IDs"?  And then
>> decrypt the messages with the cached phrase?

Thank you very much.  It seems to work.

[...]

Bye

	 Mark
-- 
Mark Trettin · Aachen · Germany · Where is Aachen? --> N: 50°46' E: 06°05'
BOFH excuse #58:

high pressure system failure

Re: pgg*.el and passphrase caching

[Kirk Strauser]

[-- Attachment #1: Type: text/plain, Size: 322 bytes --]

At 2003-08-20T16:15:27Z, Jochen Küpper <jochen@jochen-kuepper.de> writes:

> Do people observe this issue on other mailing lists? Anybody has good
> guesses what the problem was elsewhere and how it might be fixed?

I haven't seen this problem on any other mailing list, and I'm on quite a
few.
-- 
Kirk Strauser

[-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --]

Re: pgg*.el and passphrase caching

[Simon Josefsson]

Kirk Strauser <kirk@strauser.com> writes:

> At 2003-08-20T14:07:56Z, Kirk Strauser <kirk@strauser.com> writes:
>
>> FYI, your message directly to me came through perfectly.  The message that
>> got posted to the mailing list had a broken signature.
>
> ...as did mine just now (and so, presumably, will this one).  Nevermind.

This is a known problem with the mailing list software used for this
list; it corrupts PGP/MIME parts.  Not Gnus' fault.