From: David Engster <deng@randomsample.de>
To: Daiki Ueno <ueno@unixuser.org>
Cc: Dave Goldberg <david.goldberg6@verizon.net>, ding@gnus.org
Subject: Re: Bug#6654
Date: Tue, 27 Jul 2010 09:26:13 +0200 [thread overview]
Message-ID: <m21vapo06i.fsf@randomsample.de> (raw)
In-Reply-To: <m3eiepk14s.fsf-ueno@unixuser.org> (Daiki Ueno's message of "Tue, 27 Jul 2010 13:19:15 +0900")
[-- Attachment #1: Type: text/plain, Size: 1068 bytes --]
Daiki Ueno writes:
> Dave Goldberg <david.goldberg6@verizon.net> writes:
>> ... which parses the To: Cc: and Gcc: headers to come up with the list
>> of recipients and fill in the certfile tags based on that (the Gcc
>> check just results in a call for my personal key if Gcc exists)
>
> FWIW, you may want to try epg backend of mml-smime. IIRC, it collects
> recipient addresses from To/Cc/Bcc, and uses gpgsm (GnuPG's S/MIME tool)
> to pick certificate by email address.
Yes, let me second that. I switched from openssl to gpgsm and I think
it's much more comfortable to use.
However, the epg backend can't yet decrypt S/MIME messages, but I think
it just needs a few lines to add this - see the attached patch. At the
moment it just silently decrypts the message; there should surely be
some hint that this message was actually decrypted, but first I'd like
to know if adding the decryption in mm-view.el is the right choice. I'm
still working on understanding where all the S/MIME decoding is
happening - it seems there is a lot of historical baggage.
-David
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: mm-view-smime-decrypt.diff --]
[-- Type: text/x-patch, Size: 1482 bytes --]
diff --git a/lisp/mm-view.el b/lisp/mm-view.el
index 42e21ca..91fba5d 100644
--- a/lisp/mm-view.el
+++ b/lisp/mm-view.el
@@ -669,18 +669,24 @@
(defun mm-view-pkcs7-decrypt (handle)
(insert-buffer-substring (mm-handle-buffer handle))
(goto-char (point-min))
- (insert "MIME-Version: 1.0\n")
- (mm-insert-headers "application/pkcs7-mime" "base64" "smime.p7m")
- (smime-decrypt-region
- (point-min) (point-max)
- (if (= (length smime-keys) 1)
- (cadar smime-keys)
- (smime-get-key-by-email
- (completing-read
- (concat "Decipher using key"
- (if smime-keys (concat "(default " (caar smime-keys) "): ")
- ": "))
- smime-keys nil nil nil nil (car-safe (car-safe smime-keys))))))
+ (if (eq mml-smime-use 'epg)
+ ;; Use EPG/gpgsm
+ (let ((part (base64-decode-string (buffer-string))))
+ (erase-buffer)
+ (insert (epg-decrypt-string (epg-make-context 'CMS) part)))
+ ;; Use openssl
+ (insert "MIME-Version: 1.0\n")
+ (mm-insert-headers "application/pkcs7-mime" "base64" "smime.p7m")
+ (smime-decrypt-region
+ (point-min) (point-max)
+ (if (= (length smime-keys) 1)
+ (cadar smime-keys)
+ (smime-get-key-by-email
+ (completing-read
+ (concat "Decipher using key"
+ (if smime-keys (concat "(default " (caar smime-keys) "): ")
+ ": "))
+ smime-keys nil nil nil nil (car-safe (car-safe smime-keys)))))))
(goto-char (point-min))
(while (search-forward "\r\n" nil t)
(replace-match "\n"))
next prev parent reply other threads:[~2010-07-27 7:26 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-07-26 22:10 Bug#6654 Dave Goldberg
2010-07-27 4:19 ` Bug#6654 Daiki Ueno
2010-07-27 7:26 ` David Engster [this message]
2010-07-28 1:38 ` Bug#6654 Dave Goldberg
2010-07-28 5:35 ` gpgsm for S/MIME (was Re: Bug#6654) David Engster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m21vapo06i.fsf@randomsample.de \
--to=deng@randomsample.de \
--cc=david.goldberg6@verizon.net \
--cc=ding@gnus.org \
--cc=ueno@unixuser.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).