Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg' field (was: Broken GPG signatures due to bad 'micalg' value)

Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg' field (was: Broken GPG signatures due to bad 'micalg' value)

[Reiner Steib]

[-- Attachment #1: Type: text/plain, Size: 266 bytes --]

Hi,

could someone familiar with PGG/mml2015 take a look into this patch?

Bye, Reiner.

PS: It seem that the QP encoding of the attachment got broken when
    forwarding. Here's a link to the patch:
    http://cache.gmane.org/gmane/emacs/xemacs/beta/20059-001.bin


[-- Attachment #2: Type: message/rfc822, Size: 7690 bytes --]

[-- Attachment #2.1.1.1: Type: text/plain, Size: 837 bytes --]

Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> writes:

> when creating 'PGP/MIME Sign' signatures with Gnus v5.10.7 (from the
> xemacs-sumo-20050715 tarball) the Content-Type: will be always something
> like
>
> | Content-Type: multipart/signed; boundary="=-=-=";
> | 	micalg=pgp-sha1; protocol="application/pgp-signature"
>                  ~~~~

The attached patch fixes this; currently, it relies on the special
status-fd format of gnupg. I do not know if this is standardized
across all pgp implementations (are there other ones in use with
gnus?). The new method 'ensc/mml2015-pgg-signinfo' should be moved
into pgg.el, but I do not have the overview about the gnus/pgg design
to touch two packages.

I am completely unexperienced in elisp also, so some of my changes can
be done probably better in another way.



Enrico

[-- Attachment #2.1.1.2: sets correct 'micalg' field --]
[-- Type: text/x-patch, Size: 4805 bytes --]

2005-07-24 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
	* mml2015-pgg-sign(): determine the actual hash-algorithm instead
	  of using 'sha1' everytime. Else, signatures for non-sha1 hashes
	  can not be verified with Thunderbird/Enigmail.

          Currently, this change was applied to mml2015-pgg-sign()
          only. The other mml2015-*-sign() functions should get it
          also, but I did not get them to run and could not test the
          change therefore.

        * ensc/mml2015-pgg-signinfo(): added; it uses the specially
          formated SIG_CREATED lines of gnupg to determine the used
          algorithms plus some other (currently unused)
          information. Perhaps, this function should be moved into
          'pgg.el'.

--- gnus/lisp/mml2015.el.orig	2005-07-24 17:30:50.000000000 +0200
+++ gnus/lisp/mml2015.el	2005-07-24 17:32:05.000000000 +0200
@@ -74,6 +74,24 @@
        mml2015-pgg-clear-decrypt))
   "Alist of PGP/MIME functions.")
 
+(defconst mml2015-gpg-pubkeyalgo-alist
+  '(( "1"  .  "rsa")
+    ( "2"  .  "rsa-e")
+    ( "3"  .  "rsa-s")
+    ("16"  .  "elg-e")
+    ("17"  .  "dsa")
+    ("18"  .  "ecliptic-curve")
+    ("19"  .  "ecdsa")
+    ("21"  .  "dh")))
+
+(defconst mml2015-gpg-hashalgo-alist
+  '(( "1"  .  "md5")
+    ( "2"  .  "sha1")
+    ( "3"  .  "ripemd160")
+    ( "8"  .  "sha256")
+    ( "9"  .  "sha386")
+    ("10"  .  "sha512")))
+
 (defvar mml2015-result-buffer nil)
 
 (defcustom mml2015-unabbrev-trust-alist
@@ -558,6 +576,14 @@
 	(unless (> (point-max) (point-min))
 	  (pop-to-buffer mml2015-result-buffer)
 	  (error "Sign error")))
+
+      (goto-char (point-min mml2015-result-buffer) mml2015-result-buffer)
+      (setq gpg-sign-hash-algostr
+	    (or (if (re-search-forward "^\\[\\S-+:\\] SIG_CREATED \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\)"
+				       nil t 1 mml2015-result-buffer)
+		    (assoc (match-string 3) 'mml2015-gpg-algo-alist))
+		"sha1"))
+      
       (goto-char (point-min))
       (while (re-search-forward "\r+$" nil t)
 	(replace-match "" t t))
@@ -565,8 +591,8 @@
       (goto-char (point-min))
       (insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
 		      boundary))
-      ;;; FIXME: what is the micalg?
-      (insert "\tmicalg=pgp-sha1; protocol=\"application/pgp-signature\"\n")
+      (insert (format "\tmicalg=pgp-%s; protocol=\"application/pgp-signature\"\n"
+		      gpg-sign-hash-algostr))
       (insert (format "\n--%s\n" boundary))
       (goto-char (point-max))
       (insert (format "\n--%s\n" boundary))
@@ -803,6 +829,36 @@
       (mm-set-handle-multipart-parameter
        mm-security-handle 'gnus-info "Failed"))))
 
+(defun ensc/match-buffer-string (num buf)
+  (buffer-substring (match-beginning num)
+		    (match-end num)
+		    buf))
+
+(defun ensc/mml2015-pgg-signinfo ()
+  "Returns a tuple consisting of [<pubkey algo>, <hash-algo>, <class>, <timestamp>,
+<fingerprint>, <pubkey algo raw>, <hash algo raw>]. It expects that
+the information in 'mml2015-result-buffer are using the encoding
+described in the DETAILS file of the gnupg package."
+  
+  (goto-char (point-min mml2015-result-buffer) mml2015-result-buffer)
+  (if (re-search-forward "^\\[\\S-+:\\] SIG_CREATED \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\) \\(\\S-+\\)"
+			 nil t 1 mml2015-result-buffer)
+      (list (or (cdr (assoc (ensc/match-buffer-string 2 mml2015-result-buffer)
+			    mml2015-gpg-pubkeyalgo-alist))
+		("rsa"))
+	    (or (cdr (assoc (ensc/match-buffer-string 3 mml2015-result-buffer)
+			     mml2015-gpg-hashalgo-alist))
+		("sha1"))
+	    (ensc/match-buffer-string 4 mml2015-result-buffer)	; class
+	    (ensc/match-buffer-string 5 mml2015-result-buffer)	; timestamp
+	    (ensc/match-buffer-string 6 mml2015-result-buffer)	; fingerprint
+	    (ensc/match-buffer-string 2 mml2015-result-buffer)	; raw pubkey-algo
+	    (ensc/match-buffer-string 3 mml2015-result-buffer)	; raw hash-algo
+	    )
+    (list "rsa" "sha1" "0" (current-time) nil "1" "2")))
+
+	    
+      
 (defun mml2015-pgg-sign (cont)
   (let ((pgg-errors-buffer mml2015-result-buffer)
 	(boundary (mml-compute-boundary cont))
@@ -814,8 +870,8 @@
     (goto-char (point-min))
     (insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
 		    boundary))
-      ;;; FIXME: what is the micalg?
-    (insert "\tmicalg=pgp-sha1; protocol=\"application/pgp-signature\"\n")
+    (insert (format "\tmicalg=pgp-%s; protocol=\"application/pgp-signature\"\n"
+		      (nth 1 (ensc/mml2015-pgg-signinfo))))
     (insert (format "\n--%s\n" boundary))
     (goto-char (point-max))
     (insert (format "\n--%s\n" boundary))

[-- Attachment #2.1.2: Type: application/pgp-signature, Size: 480 bytes --]

Re: Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg' field

[Daiki Ueno]

Hello,

> Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> writes:

> > when creating 'PGP/MIME Sign' signatures with Gnus v5.10.7 (from the
> > xemacs-sumo-20050715 tarball) the Content-Type: will be always something
> > like
> >
> > | Content-Type: multipart/signed; boundary="=-=-=";
> > | 	micalg=pgp-sha1; protocol="application/pgp-signature"
> >                  ~~~~

> The attached patch fixes this; currently, it relies on the special
> status-fd format of gnupg. I do not know if this is standardized
> across all pgp implementations (are there other ones in use with
> gnus?). The new method 'ensc/mml2015-pgg-signinfo' should be moved
> into pgg.el, but I do not have the overview about the gnus/pgg design
> to touch two packages.

I'm not sure that the micalg= parameter is still mandatory, while the
hash algorithm used is embedded in OpenPGP packets.  It can be obtained
by using the builtin packet parser (pgg-parse), without depending on
--status-fd output of GnuPG.

Try the following:

(require 'pgg-parse)

(setq pgg-parse-hash-algorithm-alist
      (nconc pgg-parse-hash-algorithm-alist
	     '((8 . SHA256) (9 . SHA384) (10 . SHA512))))
      
(pgg-parse-armor "\
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iQEVAwUAQuO4ZzyfXseeoEz2AQoJMggArcGx8nhA21/J5QSaiWKC7FzzB2DLSMiq
D4FQD26NEW38CjcBBq9TqTHm8yCI5dOsTjoiMVfhooBMKTel4P0yAhiuqXthx1Im
J7LCIyVtEGJcBeOioN4c/wu0yHUsDM+E4Xuso56M2PpBGOekWO65fmEPRLFULP6b
mreYBrPqApD49Ow7x2qa65Jy1hhSA0tcXYaqW7IfNciUjVLmsV+e4JrJYXQfwD86
wI2A0/WoxQAD8VMH81MUggclmm41drddz3ceSA3PlRHcFL0vQ1/mCHXJ+o5BwuvW
gA4a+S5wTg51RZ/tAfbeIQEkB7sxmjMDLLdCxA26zptt5YILMvNkuQ==
=Et6W
-----END PGP SIGNATURE-----")

=> ((2 (version . 3) (signature-type . "Signature of a binary document")
    (creation-time 17123 47207 0) (key-identifier . "3C9F5EC79EA04CF6")
    (public-key-algorithm . RSA) (hash-algorithm . SHA512)))

Regards,
-- 
Daiki Ueno

Re: Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg' field

[Simon Josefsson]

Daiki Ueno <ueno@unixuser.org> writes:

> I'm not sure that the micalg= parameter is still mandatory, while the
> hash algorithm used is embedded in OpenPGP packets.

Sadly RFC 1847 require the presence of micalg, it seems.  A wart, but
difficult to fix at this point.  We should populate it with correct
information.

> It can be obtained by using the builtin packet parser (pgg-parse),
> without depending on --status-fd output of GnuPG.

Very nice!  Would you mind proposing a patch for mml2016.el that uses
this approach?

Thanks.

Re: Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg'

[Daiki Ueno]

[-- Attachment #1.1: Type: text/plain, Size: 834 bytes --]

>>>>> In <ilu64umn471.fsf@latte.josefsson.org> 
>>>>>	Simon Josefsson <jas@extundo.com> wrote:
> Daiki Ueno <ueno@unixuser.org> writes:

> > I'm not sure that the micalg= parameter is still mandatory, while the
> > hash algorithm used is embedded in OpenPGP packets.

> Sadly RFC 1847 require the presence of micalg, it seems.  A wart, but
> difficult to fix at this point.  We should populate it with correct
> information.

> > It can be obtained by using the builtin packet parser (pgg-parse),
> > without depending on --status-fd output of GnuPG.

> Very nice!  Would you mind proposing a patch for mml2016.el that uses
> this approach?

No, I made the patch attached below.

I'm sending this mail with DSA & RIPEMD160.  If the patch works as
expected, micalg=ripemd160 appears in the Content-Type: header.


[-- Attachment #1.2: micalg.diff --]
[-- Type: text/plain, Size: 2442 bytes --]

? micalg.diff
Index: lisp/mml2015.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/mml2015.el,v
retrieving revision 7.9
diff -u -r7.9 mml2015.el
--- lisp/mml2015.el	17 Jul 2005 14:10:38 -0000	7.9
+++ lisp/mml2015.el	5 Aug 2005 07:58:19 -0000
@@ -645,7 +645,8 @@
   (autoload 'pgg-decrypt-region "pgg")
   (autoload 'pgg-verify-region "pgg")
   (autoload 'pgg-sign-region "pgg")
-  (autoload 'pgg-encrypt-region "pgg"))
+  (autoload 'pgg-encrypt-region "pgg")
+  (autoload 'pgg-parse-armor "pgg-parse"))
 
 (defun mml2015-pgg-decrypt (handle ctl)
   (catch 'error
@@ -813,15 +814,23 @@
   (let ((pgg-errors-buffer mml2015-result-buffer)
 	(boundary (mml-compute-boundary cont))
 	(pgg-default-user-id (or (message-options-get 'mml-sender)
-				 pgg-default-user-id)))
+				 pgg-default-user-id))
+	entry)
     (unless (pgg-sign-region (point-min) (point-max))
       (pop-to-buffer mml2015-result-buffer)
       (error "Sign error"))
     (goto-char (point-min))
     (insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
 		    boundary))
-      ;;; FIXME: what is the micalg?
-    (insert "\tmicalg=pgp-sha1; protocol=\"application/pgp-signature\"\n")
+    (if (setq entry (assq 2 (pgg-parse-armor
+			     (with-current-buffer pgg-output-buffer
+			       (buffer-string)))))
+	(setq entry (assq 'hash-algorithm (cdr entry))))
+    (insert (format "\tmicalg=%s; "
+		    (if (cdr entry)
+			(downcase (format "pgp-%s" (cdr entry)))
+		      "pgp-sha1")))
+    (insert "protocol=\"application/pgp-signature\"\n")
     (insert (format "\n--%s\n" boundary))
     (goto-char (point-max))
     (insert (format "\n--%s\n" boundary))
Index: lisp/pgg-parse.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/pgg-parse.el,v
retrieving revision 7.6
diff -u -r7.6 pgg-parse.el
--- lisp/pgg-parse.el	5 Jul 2005 22:34:49 -0000	7.6
+++ lisp/pgg-parse.el	5 Aug 2005 07:58:19 -0000
@@ -56,7 +56,8 @@
 	  (cons (sexp :tag "Number") (sexp :tag "Type"))))
 
 (defcustom pgg-parse-hash-algorithm-alist
-  '((1 . MD5) (2 . SHA1) (3 . RIPEMD160) (5 . MD2))
+  '((1 . MD5) (2 . SHA1) (3 . RIPEMD160) (5 . MD2) (8 . SHA256) (9 . SHA384)
+    (10 . SHA512))
   "Alist of the assigned number to the cryptographic hash algorithm."
   :group 'pgg-parse
   :type '(repeat

[-- Attachment #1.3: Type: text/plain, Size: 29 bytes --]


Regards,
-- 
Daiki Ueno

[-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --]

Re: Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg'

[Jochen Küpper]

[-- Attachment #1: Type: text/plain, Size: 1675 bytes --]

Daiki Ueno <ueno-NQkAbyFKjFBg9hUCZPvPmw@public.gmane.org> writes:

> I'm sending this mail with DSA & RIPEMD160.  If the patch works as
> expected, micalg=ripemd160 appears in the Content-Type: header.

It does. Although I don't know whether this is relevant: I cannot
verify the signature!
,----
| [[PGP Signed Part:Failed]
| Signature made Fri Aug  5 11:14:08 2005 CEST using DSA key ID B15813FE
| BAD signature from "Daiki Ueno <ueno-NQkAbyFKjFBg9hUCZPvPmw@public.gmane.org>"
| [GNUPG:] BADSIG A5B6B2D4B15813FE Daiki Ueno <ueno-NQkAbyFKjFBg9hUCZPvPmw@public.gmane.org>
| 
| gpg exited abnormally: '1'
| ]
`----
This is with
,----[gpg --version]
| gpg (GnuPG) 1.2.4
| Copyright (C) 2003 Free Software Foundation, Inc.
| This program comes with ABSOLUTELY NO WARRANTY.
| This is free software, and you are welcome to redistribute it
| under certain conditions. See the file COPYING for details.
| 
| Home: ~/.gnupg
| Supported algorithms:
| Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG
| Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
| Hash: MD5, SHA1, RIPEMD160, SHA256
| Compression: Uncompressed, ZIP, ZLIB, BZIP2
`----
and I do have your key
,----[gpg --list-keys Daiki Ueno]
| pub  1024D/B15813FE 2001-10-09 Daiki Ueno <ueno-NQkAbyFKjFBg9hUCZPvPmw@public.gmane.org>
| uid                            [jpeg image of size 4291]
| sub  2048g/2A9BEA2D 2001-10-09 [expires: 2006-08-10]
`----

Greetings,
Jochen
-- 
Einigkeit und Recht und Freiheit                http://www.Jochen-Kuepper.de
    Liberté, Égalité, Fraternité                GnuPG key: CC1B0B4D
        (Part 3 you find in my messages before fall 2003.)

[-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --]

PGP signature and ml software (was: Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg')

[Jochen Küpper]

Jochen Küpper <jochen-+It19tn3Rl9sbm7dSapR3bNAH6kLmebB@public.gmane.org> writes:

> Although I don't know whether this is relevant: I cannot verify the
> signature!

Ok, I see. Seems to be the old problem with the ml software not being
able to pass a PGP signature...

Greetings,
Jochen
-- 
Einigkeit und Recht und Freiheit                http://www.Jochen-Kuepper.de
    Liberté, Égalité, Fraternité                GnuPG key: CC1B0B4D
        (Part 3 you find in my messages before fall 2003.)

Re: Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg' field

[Simon Josefsson]

Daiki Ueno <ueno@unixuser.org> writes:

> I'm sending this mail with DSA & RIPEMD160.  If the patch works as
> expected, micalg=ripemd160 appears in the Content-Type: header.

It seem to work, so I installed this.  Thanks!

Re: Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg' field

[Reiner Steib]

On Fri, Aug 05 2005, Simon Josefsson wrote:

> Daiki Ueno <ueno@unixuser.org> writes:
>
>> I'm sending this mail with DSA & RIPEMD160.  If the patch works as
>> expected, micalg=ripemd160 appears in the Content-Type: header.
>
> It seem to work, so I installed this.  Thanks!

Could you please apply the bugfix to the v5-10 branch as well, if
appropriate?

Bye, Reiner.
-- 
       ,,,
      (o o)
---ooO-(_)-Ooo---  |  PGP key available  |  http://rsteib.home.pages.de/

Re: Fwd: [PATCH]: gnus: use correct GPG hash algorithm in 'micalg' field

[Simon Josefsson]

Reiner Steib <reinersteib+gmane@imap.cc> writes:

> On Fri, Aug 05 2005, Simon Josefsson wrote:
>
>> Daiki Ueno <ueno@unixuser.org> writes:
>>
>>> I'm sending this mail with DSA & RIPEMD160.  If the patch works as
>>> expected, micalg=ripemd160 appears in the Content-Type: header.
>>
>> It seem to work, so I installed this.  Thanks!
>
> Could you please apply the bugfix to the v5-10 branch as well, if
> appropriate?

Done!

I also simplified the w3/url loading in PGG; I recall Daiki and I
discussed it earlier.