[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#18393: mm-view-pkcs7-verify ignores mml-smime-use
|
From: |
Lars Ingebrigtsen |
|
Subject: |
bug#18393: mm-view-pkcs7-verify ignores mml-smime-use |
|
Date: |
Wed, 25 Sep 2019 15:38:56 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
Jens Lechtenboerger <lechten@wi.uni-muenster.de> writes:
>>> I use mml-smime-use to prefer EPG over OpenSSL. However,
>>> mm-view-pkcs7-verify ignores that variable and calls
>>> smime-verify-region (which uses OpenSSL).
>>>
>>> For signed e-mails with
>>> Content-Type: application/pkcs7-mime; name="smime.p7m";
>>> smime-type=signed-data
>>> this results in the error message: "No CA configured"
>>> (And the e-mail is displayed in base64 encoded form; the text is not
>>> shown.)
>>
>> Could you send such a message to enable us to debug this?
>
> Attached you find the message from section 4.9 of RFC4134, with the
> CA certificate. Verify with:
>
> openssl smime -verify -CAfile carldssself.pem -in rfc4134-4.9.mail
> -signer signer.pem -out signedtext.txt
Yup, I get the same.
If I say:
(setq smime-CA-file "/tmp/carldssself.pem")
I get a blank article buffer.
I'm trying to follow the logic of the code here. One bug is what you
report, that mml-smime-use isn't heeded, and I'll fix that (it seems
pretty easy, I can just cargo-cult mm-view-pkcs7-decrypt, which starts:
(defun mm-view-pkcs7-decrypt (handle &optional from)
(insert-buffer-substring (mm-handle-buffer handle))
(goto-char (point-min))
(if (eq mml-smime-use 'epg)
...
But in this instance we don't get to that function. Instead we get to:
(defun mm-view-pkcs7 (handle &optional from)
(cl-case (mm-view-pkcs7-get-type handle)
(enveloped (mm-view-pkcs7-decrypt handle from))
(signed (mm-view-pkcs7-verify handle))
(otherwise (error "Unknown or unimplemented PKCS#7 type"))))
(defun mm-view-pkcs7-verify (handle)
...)
because this is "signed", not "enveloped". I'm not very familiar with
this stuff... but the mm-view-pkcs7-verify function just verifies the
data and doesn't return anything, which explains why I'm getting an
empty article buffer. But why is this ever useful? It seems odd,
doesn't it?
Is the -verify function also supposed to return the decoded text?
(Which is "This is some sample content.".)
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
- bug#18393: mm-view-pkcs7-verify ignores mml-smime-use, Lars Ingebrigtsen, 2019/09/23
- bug#18393: mm-view-pkcs7-verify ignores mml-smime-use, Jens Lechtenboerger, 2019/09/24
- bug#18393: mm-view-pkcs7-verify ignores mml-smime-use,
Lars Ingebrigtsen <=
- bug#18393: mm-view-pkcs7-verify ignores mml-smime-use, Jens Lechtenboerger, 2019/09/26
- bug#18393: mm-view-pkcs7-verify ignores mml-smime-use, Lars Ingebrigtsen, 2019/09/26
- bug#18393: mm-view-pkcs7-verify ignores mml-smime-use, Lars Ingebrigtsen, 2019/09/26
- bug#18393: mm-view-pkcs7-verify ignores mml-smime-use, Jens Lechtenboerger, 2019/09/27
- bug#18393: mm-view-pkcs7-verify ignores mml-smime-use, Jens Lechtenboerger, 2019/09/27
- bug#18393: mm-view-pkcs7-verify ignores mml-smime-use, Lars Ingebrigtsen, 2019/09/27
- bug#18393: mm-view-pkcs7-verify ignores mml-smime-use, Jens Lechtenboerger, 2019/09/27
- bug#18393: mm-view-pkcs7-verify ignores mml-smime-use, Lars Ingebrigtsen, 2019/09/27
- bug#18393: mm-view-pkcs7-verify ignores mml-smime-use, Jens Lechtenboerger, 2019/09/27
- bug#18393: mm-view-pkcs7-verify ignores mml-smime-use, Lars Ingebrigtsen, 2019/09/28