From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/69840
Path: news.gmane.org!not-for-mail
From: David Engster <deng@randomsample.de>
Newsgroups: gmane.emacs.gnus.general
Subject: Re: Bug#6654
Date: Tue, 27 Jul 2010 09:26:13 +0200
Message-ID: <m21vapo06i.fsf@randomsample.de>
References: <841vap6gjo.fsf@davestoy.home> <m3eiepk14s.fsf-ueno@unixuser.org>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
X-Trace: dough.gmane.org 1280215650 985 80.91.229.12 (27 Jul 2010 07:27:30 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Tue, 27 Jul 2010 07:27:30 +0000 (UTC)
Cc: Dave Goldberg <david.goldberg6@verizon.net>,  ding@gnus.org
To: Daiki Ueno <ueno@unixuser.org>
Original-X-From: ding-owner+M18230@lists.math.uh.edu Tue Jul 27 09:27:29 2010
Return-path: <ding-owner+M18230@lists.math.uh.edu>
Envelope-to: ding-account@gmane.org
Original-Received: from util0.math.uh.edu ([129.7.128.18])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <ding-owner+M18230@lists.math.uh.edu>)
	id 1OdeZT-0008W2-5X
	for ding-account@gmane.org; Tue, 27 Jul 2010 09:27:27 +0200
Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu)
	by util0.math.uh.edu with smtp (Exim 4.63)
	(envelope-from <ding-owner+M18230@lists.math.uh.edu>)
	id 1OdeYV-0003tp-83; Tue, 27 Jul 2010 02:26:27 -0500
Original-Received: from mx2.math.uh.edu ([129.7.128.33])
	by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256)
	(Exim 4.63)
	(envelope-from <postmaster@quimby.gnus.org>)
	id 1OdeYT-0003tc-8o
	for ding@lists.math.uh.edu; Tue, 27 Jul 2010 02:26:25 -0500
Original-Received: from quimby.gnus.org ([80.91.231.51])
	by mx2.math.uh.edu with esmtp (Exim 4.72)
	(envelope-from <postmaster@quimby.gnus.org>)
	id 1OdeYR-0000oN-Mb
	for ding@lists.math.uh.edu; Tue, 27 Jul 2010 02:26:25 -0500
Original-Received: from m61s02.vlinux.de ([83.151.21.164])
	by quimby.gnus.org with esmtp (Exim 3.36 #1 (Debian))
	id 1OdeYQ-0002LQ-00
	for <ding@gnus.org>; Tue, 27 Jul 2010 09:26:22 +0200
Original-Received: from [134.76.4.238] (helo=imac.local)
	by m61s02.vlinux.de with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)
	(Exim 4.69)
	(envelope-from <deng@randomsample.de>)
	id 1OdeYO-0004ac-R4; Tue, 27 Jul 2010 09:26:20 +0200
In-Reply-To: <m3eiepk14s.fsf-ueno@unixuser.org> (Daiki Ueno's message of "Tue,
	27 Jul 2010 13:19:15 +0900")
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.2 (darwin)
Mail-Copies-To: never
Mail-Followup-To: Daiki Ueno <ueno@unixuser.org>, Dave Goldberg
	<david.goldberg6@verizon.net>, ding@gnus.org
X-Spam-Score: -1.9 (-)
List-ID: <ding.gnus.org>
Precedence: bulk
Xref: news.gmane.org gmane.emacs.gnus.general:69840
Archived-At: <http://permalink.gmane.org/gmane.emacs.gnus.general/69840>

--=-=-=

Daiki Ueno writes:
> Dave Goldberg <david.goldberg6@verizon.net> writes:
>> ... which parses the To: Cc: and Gcc: headers to come up with the list
>> of recipients and fill in the certfile tags based on that (the Gcc
>> check just results in a call for my personal key if Gcc exists)
>
> FWIW, you may want to try epg backend of mml-smime.  IIRC, it collects
> recipient addresses from To/Cc/Bcc, and uses gpgsm (GnuPG's S/MIME tool)
> to pick certificate by email address.

Yes, let me second that. I switched from openssl to gpgsm and I think
it's much more comfortable to use.

However, the epg backend can't yet decrypt S/MIME messages, but I think
it just needs a few lines to add this - see the attached patch. At the
moment it just silently decrypts the message; there should surely be
some hint that this message was actually decrypted, but first I'd like
to know if adding the decryption in mm-view.el is the right choice. I'm
still working on understanding where all the S/MIME decoding is
happening - it seems there is a lot of historical baggage.

-David


--=-=-=
Content-Type: text/x-patch
Content-Disposition: inline; filename=mm-view-smime-decrypt.diff

diff --git a/lisp/mm-view.el b/lisp/mm-view.el
index 42e21ca..91fba5d 100644
--- a/lisp/mm-view.el
+++ b/lisp/mm-view.el
@@ -669,18 +669,24 @@
 (defun mm-view-pkcs7-decrypt (handle)
   (insert-buffer-substring (mm-handle-buffer handle))
   (goto-char (point-min))
-  (insert "MIME-Version: 1.0\n")
-  (mm-insert-headers "application/pkcs7-mime" "base64" "smime.p7m")
-  (smime-decrypt-region
-   (point-min) (point-max)
-   (if (= (length smime-keys) 1)
-       (cadar smime-keys)
-     (smime-get-key-by-email
-      (completing-read
-       (concat "Decipher using key"
-	       (if smime-keys (concat "(default " (caar smime-keys) "): ")
-		 ": "))
-       smime-keys nil nil nil nil (car-safe (car-safe smime-keys))))))
+  (if (eq mml-smime-use 'epg)
+      ;; Use EPG/gpgsm
+      (let ((part (base64-decode-string (buffer-string))))
+	(erase-buffer)
+	(insert (epg-decrypt-string (epg-make-context 'CMS) part)))
+    ;; Use openssl
+    (insert "MIME-Version: 1.0\n")
+    (mm-insert-headers "application/pkcs7-mime" "base64" "smime.p7m")
+    (smime-decrypt-region
+     (point-min) (point-max)
+     (if (= (length smime-keys) 1)
+	 (cadar smime-keys)
+       (smime-get-key-by-email
+	(completing-read
+	 (concat "Decipher using key"
+		 (if smime-keys (concat "(default " (caar smime-keys) "): ")
+		   ": "))
+	 smime-keys nil nil nil nil (car-safe (car-safe smime-keys)))))))
   (goto-char (point-min))
   (while (search-forward "\r\n" nil t)
     (replace-match "\n"))

--=-=-=--