bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

classic Classic list List threaded Threaded
22 messages Options
12
Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Lars Ingebrigtsen
Uwe Brauer <[hidden email]> writes:

> | Content-Type: multipart/signed; boundary="=-=-=";
> | micalg=sha256;   protocol="application/pkcs7-signature"
> |
> | --=-=-=
> | Content-Type: text/plain; charset=utf-8
> | Content-Transfer-Encoding: base64
> |
> | bmFjacOzbg0K
> | --=-=-=
> | Content-Type: application/pkcs7-signature; name=smime.p7s
> | Content-Transfer-Encoding: base64
> | Content-Disposition: attachment; filename=smime.p7s

(etc)

I put the included message into an mbox file and looked at it, and Gnus
displayed:

[[S/MIME Signed Part:Undecided]]
nación

[[End of S/MIME Signed Part]]

Is that what is expected?  If so, I can't reproduce this bug.

--
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no



Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Uwe Brauer
>>> "LI" == Lars Ingebrigtsen <[hidden email]> writes:

   > Uwe Brauer <[hidden email]> writes:
   >> | Content-Type: multipart/signed; boundary="=-=-=";
   >> | micalg=sha256;   protocol="application/pkcs7-signature"
   >> |
   >> | --=-=-=
   >> | Content-Type: text/plain; charset=utf-8
   >> | Content-Transfer-Encoding: base64
   >> |
   >> | bmFjacOzbg0K
   >> | --=-=-=
   >> | Content-Type: application/pkcs7-signature; name=smime.p7s
   >> | Content-Transfer-Encoding: base64
   >> | Content-Disposition: attachment; filename=smime.p7s

   > (etc)

   > I put the included message into an mbox file and looked at it, and Gnus
   > displayed:

   > [[S/MIME Signed Part:Undecided]]
   > nación

   > [[End of S/MIME Signed Part]]

   > Is that what is expected?  If so, I can't reproduce this bug.

No sorry this is *not* the problem. I recall we had this discussion and
you closed a similar bug, because I incorrectly stated it is about smime
signed messages. It is not.

It is about encrypted+signed non-ascii message.

This is why I needed Jens Lechtenberger to jump in because he is one of
the few gnus users with a smime certificate.

So in order to reproduce and debug it, I suggest you either

    1. Get a free smime certificate, there are still some, valid for
       some month. I could look it up for you.

    2. Or maybe your government provides you with one. This is,
       surprisingly, what the spanish goverment does, and I use this
       certificate, among other this  for email encryption and signing.

Regards

Uwe

smime.p7s (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Lars Ingebrigtsen
Uwe Brauer <[hidden email]> writes:

> No sorry this is *not* the problem. I recall we had this discussion and
> you closed a similar bug, because I incorrectly stated it is about smime
> signed messages. It is not.
>
> It is about encrypted+signed non-ascii message.
>
> This is why I needed Jens Lechtenberger to jump in because he is one of
> the few gnus users with a smime certificate.
>
> So in order to reproduce and debug it, I suggest you either
>
>     1. Get a free smime certificate, there are still some, valid for
>        some month. I could look it up for you.
>
>     2. Or maybe your government provides you with one. This is,
>        surprisingly, what the spanish goverment does, and I use this
>        certificate, among other this  for email encryption and signing.

Oh, yeah, this is now starting to sound vaguely familiar.  :-)

Hm...  I do seem to recall ... getting an smime certificate?  Or did I
just try to and fail?  Er...  If I had gotten a certificate, where would
I have put it?  :-)

--
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no



Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Lars Ingebrigtsen
Lars Ingebrigtsen <[hidden email]> writes:

> Hm...  I do seem to recall ... getting an smime certificate?  Or did I
> just try to and fail?  Er...  If I had gotten a certificate, where would
> I have put it?  :-)

Found it!

~/Downloads/[hidden email]

I got one from Actalis last October.  So now I just have to read up on
s/mime again, because I've suppressed all knowledge about it half a year
ago...

--
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no



Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Uwe Brauer
>>> "LI" == Lars Ingebrigtsen <[hidden email]> writes:

   > Lars Ingebrigtsen <[hidden email]> writes:
   >> Hm...  I do seem to recall ... getting an smime certificate?  Or did I
   >> just try to and fail?  Er...  If I had gotten a certificate, where would
   >> I have put it?  :-)

   > Found it!

   > ~/Downloads/[hidden email]

   > I got one from Actalis last October.  So now I just have to read up on
   > s/mime again, because I've suppressed all knowledge about it half a year
   > ago...

Any progress?

smime.p7s (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Lars Ingebrigtsen
In reply to this post by Lars Ingebrigtsen
That didn't work at all?  The entire message has to be signed?  *sigh*

What about this one: Here's sóme nón-ASCII.

--
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no


smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Uwe Brauer
In reply to this post by Lars Ingebrigtsen
>>> "LI" == Lars Ingebrigtsen <[hidden email]> writes:

   > OK, I now managed to send an S/MIME part to myself, apparently.  (The
   > interface isn't very er good -- when I was messing with this and pressed
   > "cancel" in the pin entry, Message still sent the message...)

   > In any case, I can't reproduce the bug.  Looks fine to me:

Could you please send me a signed message (the signature includes your
public key), this way we can make experiments.

smime.p7s (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Uwe Brauer
In reply to this post by Lars Ingebrigtsen
>>> "LI" == Lars Ingebrigtsen <[hidden email]> writes:

   > OK, I now managed to send an S/MIME part to myself, apparently.  (The
   > interface isn't very er good -- when I was messing with this and pressed
   > "cancel" in the pin entry, Message still sent the message...)

   > In any case, I can't reproduce the bug.  Looks fine to me:

   > [[S/MIME Signed Part:Good signature from 9BF9CD19B5F45D8C2D0E6DF44A44812B553ACE6D /CN=[hidden email] (trust full)]]
   > This is ánother test.

The point is encrypted+signed mail with other users

smime.p7s (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Lars Ingebrigtsen
Uwe Brauer <[hidden email]> writes:

> The point is encrypted+signed mail with other users

Encrypted and signed?  So not just signed?

What's the command to send encrypted+signed, then?  And is it different
when you're sending to somebody else?

This code is a twisty maze...

--
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no



Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Lars Ingebrigtsen
In reply to this post by Uwe Brauer
Ah, C-c C-m C-e.  And now I can reproduce the bug.  :-)

--
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Lars Ingebrigtsen
OK, I see what the bug is now -- my previous patch always added a
Content-type header to the decrypted message.  This helped with a test
case I had where the decrypted message didn't have one, and the parsing
failed there.

With the added header, it instead fails if the decrypted message does
already have a Content-type header, as all encrypted messages from
Message has.

So I think the fix here is to just check before adding...  

--
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Lars Ingebrigtsen
OK, this should bow be fixed in Emacs 28.  I think it would make sense
to cherry-pick this for Emacs 27.1; does that look OK with you, Eli?

--
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Uwe Brauer
In reply to this post by Lars Ingebrigtsen
>>> "LI" == Lars Ingebrigtsen <[hidden email]> writes:

   > OK, I see what the bug is now -- my previous patch always added a
   > Content-type header to the decrypted message.  This helped with a test
   > case I had where the decrypted message didn't have one, and the parsing
   > failed there.

   > With the added header, it instead fails if the decrypted message does
   > already have a Content-type header, as all encrypted messages from
   > Message has.

I came that far, then I simply tried not to insert that header but then
I could not encrypt those message, but I don't even understand the whole code.
   > So I think the fix here is to just check before adding...  

smime.p7s (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Uwe Brauer
In reply to this post by Lars Ingebrigtsen
>>> "LI" == Lars Ingebrigtsen <[hidden email]> writes:

   > OK, this should bow be fixed in Emacs 28.  I think it would make sense
   > to cherry-pick this for Emacs 27.1; does that look OK with you, Eli?

I see, that is in master:
commit 84ec57fe06e187f41a3546131d5dae3b185c3511

I will check that out as fast as possible and report back, thanks for
the fix.

smime.p7s (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Lars Ingebrigtsen
In reply to this post by Uwe Brauer
Uwe Brauer <[hidden email]> writes:

> I came that far, then I simply tried not to insert that header but then
> I could not encrypt those message, but I don't even understand the whole code.

That's odd, because that code is just used when viewing messages, not
when sending, I think?

--
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no



Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Uwe Brauer
>>> "LI" == Lars Ingebrigtsen <[hidden email]> writes:

   > Uwe Brauer <[hidden email]> writes:
   >> I came that far, then I simply tried not to insert that header but then
   >> I could not encrypt those message, but I don't even understand the whole code.

   > That's odd, because that code is just used when viewing messages, not
   > when sending, I think?

Yeah, but this is some time ago and maybe I did other stuff at the same
time, I cannot recall.
I just pulled and I am now compiling to run some tests.

smime.p7s (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Uwe Brauer
In reply to this post by Lars Ingebrigtsen
>>> "LI" == Lars Ingebrigtsen <[hidden email]> writes:

   > Uwe Brauer <[hidden email]> writes:
   >> I came that far, then I simply tried not to insert that header but then
   >> I could not encrypt those message, but I don't even understand the whole code.

   > That's odd, because that code is just used when viewing messages, not
   > when sending, I think?

I think what was my mistake.

I simple took the actual code and
;;  (goto-char (point-min))
;;  (insert "Content-type: text/plain\n\n")

While you put
            (unless (mail-fetch-field "content-type")
              (goto-char (point-max))
              (insert "Content-type: text/plain\n\n")))

Which is the right one.

So I only could  code I used to work by basically scrap most of the
changes you did back in August last year.

smime.p7s (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Eli Zaretskii
In reply to this post by Lars Ingebrigtsen
> From: Lars Ingebrigtsen <[hidden email]>
> Cc: [hidden email], Eli Zaretskii <[hidden email]>
> Date: Thu, 23 Jul 2020 17:14:32 +0200
>
> OK, this should bow be fixed in Emacs 28.  I think it would make sense
> to cherry-pick this for Emacs 27.1; does that look OK with you, Eli?

Yes, thanks.



Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Lars Ingebrigtsen
Eli Zaretskii <[hidden email]> writes:

>> OK, this should bow be fixed in Emacs 28.  I think it would make sense
>> to cherry-pick this for Emacs 27.1; does that look OK with you, Eli?
>
> Yes, thanks.

OK; done.  And with that, I'm closing this bug report, but somebody
should really go through the entire S/MIME setup process in Message,
because it's not at all obvious how all this is supposed to work.  For
instance, bits of the setup defaults to epg, and other bits default to
gpg, meaning that nothing works out of the box.

--
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no



Reply | Threaded
Open this post in threaded view
|

bug#41659: 28.0.50; smime: encryption uses now base64, message not readable

Uwe Brauer
>>> "LI" == Lars Ingebrigtsen <[hidden email]> writes:

   > Eli Zaretskii <[hidden email]> writes:
   >>> OK, this should bow be fixed in Emacs 28.  I think it would make sense
   >>> to cherry-pick this for Emacs 27.1; does that look OK with you, Eli?
   >>
   >> Yes, thanks.

   > OK; done.  And with that, I'm closing this bug report, but somebody
   > should really go through the entire S/MIME setup process in Message,
   > because it's not at all obvious how all this is supposed to work.  For
   > instance, bits of the setup defaults to epg, and other bits default to
   > gpg, meaning that nothing works out of the box.

Right, I recall it was a bit of an ordeal to figure it out. I think
either in emacs wiki there is some information (maybe even I added it),
but maybe also in the homepage of the epa author Daiki Ueno I found some
useful information.

Maybe one should add that to info?
I could try to do that in the coming weeks, when I have a bit more time
free, but maybe Lars wants to do that himself, or Daiki Ueno.


smime.p7s (7K) Download Attachment
12