From: Reiner Steib <reinersteib+gmane@imap.cc>
Subject: Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg' field (was: Broken GPG signatures due to bad 'micalg' value)
Date: Thu, 28 Jul 2005 17:02:17 +0200 [thread overview]
Message-ID: <v9fytz6kjq.fsf@marauder.physik.uni-ulm.de> (raw)
[-- Attachment #1: Type: text/plain, Size: 266 bytes --]
Hi,
could someone familiar with PGG/mml2015 take a look into this patch?
Bye, Reiner.
PS: It seem that the QP encoding of the attachment got broken when
forwarding. Here's a link to the patch:
http://cache.gmane.org/gmane/emacs/xemacs/beta/20059-001.bin
[-- Attachment #2: Type: message/rfc822, Size: 7690 bytes --]
[-- Attachment #2.1.1.1: Type: text/plain, Size: 837 bytes --]
Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> writes:
> when creating 'PGP/MIME Sign' signatures with Gnus v5.10.7 (from the
> xemacs-sumo-20050715 tarball) the Content-Type: will be always something
> like
>
> | Content-Type: multipart/signed; boundary="=-=-=";
> | micalg=pgp-sha1; protocol="application/pgp-signature"
> ~~~~
The attached patch fixes this; currently, it relies on the special
status-fd format of gnupg. I do not know if this is standardized
across all pgp implementations (are there other ones in use with
gnus?). The new method 'ensc/mml2015-pgg-signinfo' should be moved
into pgg.el, but I do not have the overview about the gnus/pgg design
to touch two packages.
I am completely unexperienced in elisp also, so some of my changes can
be done probably better in another way.
Enrico
[-- Attachment #2.1.1.2: sets correct 'micalg' field --]
[-- Type: text/x-patch, Size: 4805 bytes --]
2005-07-24 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
* mml2015-pgg-sign(): determine the actual hash-algorithm instead
of using 'sha1' everytime. Else, signatures for non-sha1 hashes
can not be verified with Thunderbird/Enigmail.
Currently, this change was applied to mml2015-pgg-sign()
only. The other mml2015-*-sign() functions should get it
also, but I did not get them to run and could not test the
change therefore.
* ensc/mml2015-pgg-signinfo(): added; it uses the specially
formated SIG_CREATED lines of gnupg to determine the used
algorithms plus some other (currently unused)
information. Perhaps, this function should be moved into
'pgg.el'.
--- gnus/lisp/mml2015.el.orig 2005-07-24 17:30:50.000000000 +0200
+++ gnus/lisp/mml2015.el 2005-07-24 17:32:05.000000000 +0200
@@ -74,6 +74,24 @@
mml2015-pgg-clear-decrypt))
"Alist of PGP/MIME functions.")
+(defconst mml2015-gpg-pubkeyalgo-alist
+ '(( "1" . "rsa")
+ ( "2" . "rsa-e")
+ ( "3" . "rsa-s")
+ ("16" . "elg-e")
+ ("17" . "dsa")
+ ("18" . "ecliptic-curve")
+ ("19" . "ecdsa")
+ ("21" . "dh")))
+
+(defconst mml2015-gpg-hashalgo-alist
+ '(( "1" . "md5")
+ ( "2" . "sha1")
+ ( "3" . "ripemd160")
+ ( "8" . "sha256")
+ ( "9" . "sha386")
+ ("10" . "sha512")))
+
(defvar mml2015-result-buffer nil)
(defcustom mml2015-unabbrev-trust-alist
@@ -558,6 +576,14 @@
(unless (> (point-max) (point-min))
(pop-to-buffer mml2015-result-buffer)
(error "Sign error")))
+
+ (goto-char (point-min mml2015-result-buffer) mml2015-result-buffer)
+ (setq gpg-sign-hash-algostr
+ (or (if (re-search-forward "^\\[\\S-+:\\] SIG_CREATED \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\)"
+ nil t 1 mml2015-result-buffer)
+ (assoc (match-string 3) 'mml2015-gpg-algo-alist))
+ "sha1"))
+
(goto-char (point-min))
(while (re-search-forward "\r+$" nil t)
(replace-match "" t t))
@@ -565,8 +591,8 @@
(goto-char (point-min))
(insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
boundary))
- ;;; FIXME: what is the micalg?
- (insert "\tmicalg=pgp-sha1; protocol=\"application/pgp-signature\"\n")
+ (insert (format "\tmicalg=pgp-%s; protocol=\"application/pgp-signature\"\n"
+ gpg-sign-hash-algostr))
(insert (format "\n--%s\n" boundary))
(goto-char (point-max))
(insert (format "\n--%s\n" boundary))
@@ -803,6 +829,36 @@
(mm-set-handle-multipart-parameter
mm-security-handle 'gnus-info "Failed"))))
+(defun ensc/match-buffer-string (num buf)
+ (buffer-substring (match-beginning num)
+ (match-end num)
+ buf))
+
+(defun ensc/mml2015-pgg-signinfo ()
+ "Returns a tuple consisting of [<pubkey algo>, <hash-algo>, <class>, <timestamp>,
+<fingerprint>, <pubkey algo raw>, <hash algo raw>]. It expects that
+the information in 'mml2015-result-buffer are using the encoding
+described in the DETAILS file of the gnupg package."
+
+ (goto-char (point-min mml2015-result-buffer) mml2015-result-buffer)
+ (if (re-search-forward "^\\[\\S-+:\\] SIG_CREATED \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\)"
+ nil t 1 mml2015-result-buffer)
+ (list (or (cdr (assoc (ensc/match-buffer-string 2 mml2015-result-buffer)
+ mml2015-gpg-pubkeyalgo-alist))
+ ("rsa"))
+ (or (cdr (assoc (ensc/match-buffer-string 3 mml2015-result-buffer)
+ mml2015-gpg-hashalgo-alist))
+ ("sha1"))
+ (ensc/match-buffer-string 4 mml2015-result-buffer) ; class
+ (ensc/match-buffer-string 5 mml2015-result-buffer) ; timestamp
+ (ensc/match-buffer-string 6 mml2015-result-buffer) ; fingerprint
+ (ensc/match-buffer-string 2 mml2015-result-buffer) ; raw pubkey-algo
+ (ensc/match-buffer-string 3 mml2015-result-buffer) ; raw hash-algo
+ )
+ (list "rsa" "sha1" "0" (current-time) nil "1" "2")))
+
+
+
(defun mml2015-pgg-sign (cont)
(let ((pgg-errors-buffer mml2015-result-buffer)
(boundary (mml-compute-boundary cont))
@@ -814,8 +870,8 @@
(goto-char (point-min))
(insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
boundary))
- ;;; FIXME: what is the micalg?
- (insert "\tmicalg=pgp-sha1; protocol=\"application/pgp-signature\"\n")
+ (insert (format "\tmicalg=pgp-%s; protocol=\"application/pgp-signature\"\n"
+ (nth 1 (ensc/mml2015-pgg-signinfo))))
(insert (format "\n--%s\n" boundary))
(goto-char (point-max))
(insert (format "\n--%s\n" boundary))
[-- Attachment #2.1.2: Type: application/pgp-signature, Size: 480 bytes --]
next reply other threads:[~2005-07-28 15:02 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-07-28 15:02 Reiner Steib [this message]
2005-07-29 6:33 ` Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg' field Daiki Ueno
2005-08-03 20:41 ` Simon Josefsson
2005-08-05 9:13 ` Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg' Daiki Ueno
[not found] ` <82e593ac-30c0-438c-b353-0f053f0ea2d0-7dooEoSoPCYjbB9gy5Vrp2D2FQJk+8+b@public.gmane.org>
2005-08-05 11:37 ` Jochen Küpper
[not found] ` <9ek6j0vcl0.fsf-G2iyDNEOhahHYNAXZw2rCoRsZ6cCL1yJ@public.gmane.org>
2005-08-05 12:05 ` PGP signature and ml software (was: Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg') Jochen Küpper
2005-08-05 12:55 ` Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg' field Simon Josefsson
2005-08-05 13:42 ` Reiner Steib
2005-08-08 11:16 ` Simon Josefsson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=v9fytz6kjq.fsf@marauder.physik.uni-ulm.de \
--to=reinersteib+gmane@imap.cc \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).