S/MIME support in notmuch

[Daniel Kahn Gillmor]

On 12/23/2011 11:40 AM, Dan Bryant wrote:
> On Wed, 21 Dec 2011 06:51:01 -0500, Darren McGuicken  fernseed.info> wrote:
>> When you make those changes to the gpg_context are you breaking gpg
>> signature validation?  Or is the one a superset of the other?
> 
> The current assumption in notmuch is that all encrypted/signed messages
> in a mailbox will be using the same crypto algorithm. This is the first
> thing I want to fix: which crypto algorithm (and therefore, context
> object) to use should probably be detected by the MIME type of the
> message part.

This was an issue i was hoping would get resolved in gmime 2.6, but
apparently it's still open:

  https://bugzilla.gnome.org/show_bug.cgi?id=641848

So it does look like we're going to need to do the detection and
selecion ourselves.

--dkg

-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: 

Re: S/MIME support in notmuch

[Daniel Kahn Gillmor]

On 12/23/2011 11:40 AM, Dan Bryant wrote:
 On Wed, 21 Dec 2011 06:51:01 -0500, Darren McGuicken 
 mailing-notm...@fernseed.info wrote:
 When you make those changes to the gpg_context are you breaking gpg
 signature validation?  Or is the one a superset of the other?
 
 The current assumption in notmuch is that all encrypted/signed messages
 in a mailbox will be using the same crypto algorithm. This is the first
 thing I want to fix: which crypto algorithm (and therefore, context
 object) to use should probably be detected by the MIME type of the
 message part.

This was an issue i was hoping would get resolved in gmime 2.6, but
apparently it's still open:

  https://bugzilla.gnome.org/show_bug.cgi?id=641848

So it does look like we're going to need to do the detection and
selecion ourselves.

--dkg



signature.asc
Description: OpenPGP digital signature
___
notmuch mailing list
notmuch@notmuchmail.org
http://notmuchmail.org/mailman/listinfo/notmuch

S/MIME support in notmuch

[Dan Bryant]

On Wed, 21 Dec 2011 06:51:01 -0500, Darren McGuicken  wrote:
> On Wed, 07 Dec 2011 21:58:03 -0500, Dan Bryant  
> wrote:
> > I'd like to report some success on getting S/MIME signature
> > verification working using notmuch and the recently-released GMime
> > 2.6. I specifically tested with notmuch-0.10.2 and gmime-2.6.1.
> 
> [...]
> 
> > I don't have submittable patches for #2/#3 yet, but I wanted to share
> > what I found about the scope of what actually needs to be done, which
> > is fairly small. (The biggest blocker is probably that Debian & other
> > distros haven't packaged gmime-2.6.)
> 
> Hi Dan, nice find!  As another Fedora user I'd be happy to test out any
> patches you come up with.
> 
> When you make those changes to the gpg_context are you breaking gpg
> signature validation?  Or is the one a superset of the other?

The current assumption in notmuch is that all encrypted/signed messages
in a mailbox will be using the same crypto algorithm. This is the first
thing I want to fix: which crypto algorithm (and therefore, context
object) to use should probably be detected by the MIME type of the
message part.


Dan

Re: S/MIME support in notmuch

[Dan Bryant]

On Wed, 21 Dec 2011 06:51:01 -0500, Darren McGuicken 
mailing-notm...@fernseed.info wrote:
 On Wed, 07 Dec 2011 21:58:03 -0500, Dan Bryant dan.bry...@jhuapl.edu wrote:
  I'd like to report some success on getting S/MIME signature
  verification working using notmuch and the recently-released GMime
  2.6. I specifically tested with notmuch-0.10.2 and gmime-2.6.1.
 
 [...]
 
  I don't have submittable patches for #2/#3 yet, but I wanted to share
  what I found about the scope of what actually needs to be done, which
  is fairly small. (The biggest blocker is probably that Debian  other
  distros haven't packaged gmime-2.6.)
 
 Hi Dan, nice find!  As another Fedora user I'd be happy to test out any
 patches you come up with.
 
 When you make those changes to the gpg_context are you breaking gpg
 signature validation?  Or is the one a superset of the other?

The current assumption in notmuch is that all encrypted/signed messages
in a mailbox will be using the same crypto algorithm. This is the first
thing I want to fix: which crypto algorithm (and therefore, context
object) to use should probably be detected by the MIME type of the
message part.


Dan

___
notmuch mailing list
notmuch@notmuchmail.org
http://notmuchmail.org/mailman/listinfo/notmuch

S/MIME support in notmuch

[Darren McGuicken]

On Wed, 07 Dec 2011 21:58:03 -0500, Dan Bryant  wrote:
> I'd like to report some success on getting S/MIME signature
> verification working using notmuch and the recently-released GMime
> 2.6. I specifically tested with notmuch-0.10.2 and gmime-2.6.1.

[...]

> I don't have submittable patches for #2/#3 yet, but I wanted to share
> what I found about the scope of what actually needs to be done, which
> is fairly small. (The biggest blocker is probably that Debian & other
> distros haven't packaged gmime-2.6.)

Hi Dan, nice find!  As another Fedora user I'd be happy to test out any
patches you come up with.

When you make those changes to the gpg_context are you breaking gpg
signature validation?  Or is the one a superset of the other?
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: 

Re: S/MIME support in notmuch

[Darren McGuicken]

On Wed, 07 Dec 2011 21:58:03 -0500, Dan Bryant dan.bry...@jhuapl.edu wrote:
 I'd like to report some success on getting S/MIME signature
 verification working using notmuch and the recently-released GMime
 2.6. I specifically tested with notmuch-0.10.2 and gmime-2.6.1.

[...]

 I don't have submittable patches for #2/#3 yet, but I wanted to share
 what I found about the scope of what actually needs to be done, which
 is fairly small. (The biggest blocker is probably that Debian  other
 distros haven't packaged gmime-2.6.)

Hi Dan, nice find!  As another Fedora user I'd be happy to test out any
patches you come up with.

When you make those changes to the gpg_context are you breaking gpg
signature validation?  Or is the one a superset of the other?


pgptIawUqx1PQ.pgp
Description: PGP signature
___
notmuch mailing list
notmuch@notmuchmail.org
http://notmuchmail.org/mailman/listinfo/notmuch

S/MIME support in notmuch

[Dan Bryant]

I'd like to report some success on getting S/MIME signature verification
working using notmuch and the recently-released GMime 2.6. I specifically
tested with notmuch-0.10.2 and gmime-2.6.1.

The following changes were required:

1) notmuch: Apply patch from Redhat packaging to handle API changes from
gmime-2.4 to gmime-2.6 (see compile error of current git on F15
thread from 25 November on the list)

2) notmuch: Create a S/MIME context instead of the GPG context in 
notmuch-show.c. g_mime_gpg_context_new() becomes
g_mime_pkcs7_context_new(), and similarly for 
g_mime_gpg_context_set_always_trust().

3) gmime:   The pkcs7 context only works with signatures of
application/pkcs7-signature. Per RFC2311 section C, both
application/pkcs7-signature and application/x-pkcs7-signature
should be treated identically. I temporarily disabled this check in
gmime/gmime-multipart-signed.c and then gmime accepted the
signatures. 

Next, I was always seeing signature verification errors with completely
unhelpful error messages. These turned out to be because the 'gpg-agent'
program was not running. Once I started the agent, I got prompts 
on trusting root certs and was then able to see known-valid certificates
verified in the emacs UI.

NB: I started gpg-agent with the --allow-mark-trusted option so that it
would graphically prompt me for which root certificates to trust. See
http://lists.gnupg.org/pipermail/gnupg-users/2004-September/023247.html
for more detail on some of the general setup choices for the GPG
S/MIME stack. The most useful command for debugging the underlying
S/MIME configuration was gpgsm --list-chain --with-validation. 

I don't have submittable patches for #2/#3 yet, but I wanted to share
what I found about the scope of what actually needs to be done, which is
fairly small. (The biggest blocker is probably that Debian  other
distros haven't packaged gmime-2.6.)


Dan


___
notmuch mailing list
notmuch@notmuchmail.org
http://notmuchmail.org/mailman/listinfo/notmuch

S/MIME support in notmuch

[Dan Bryant]

I'd like to report some success on getting S/MIME signature verification
working using notmuch and the recently-released GMime 2.6. I specifically
tested with notmuch-0.10.2 and gmime-2.6.1.

The following changes were required:

1) notmuch: Apply patch from Redhat packaging to handle API changes from
gmime-2.4 to gmime-2.6 (see "compile error of current git on F15"
thread from 25 November on the list)

2) notmuch: Create a S/MIME context instead of the GPG context in 
notmuch-show.c. g_mime_gpg_context_new() becomes
g_mime_pkcs7_context_new(), and similarly for 
g_mime_gpg_context_set_always_trust().

3) gmime:   The pkcs7 context only works with signatures of
"application/pkcs7-signature". Per RFC2311 section C, both
"application/pkcs7-signature" and "application/x-pkcs7-signature"
should be treated identically. I temporarily disabled this check in
gmime/gmime-multipart-signed.c and then gmime accepted the
signatures. 

Next, I was always seeing signature verification errors with completely
unhelpful error messages. These turned out to be because the 'gpg-agent'
program was not running. Once I started the agent, I got prompts 
on trusting root certs and was then able to see known-valid certificates
verified in the emacs UI.

NB: I started gpg-agent with the --allow-mark-trusted option so that it
would graphically prompt me for which root certificates to trust. See
http://lists.gnupg.org/pipermail/gnupg-users/2004-September/023247.html
for more detail on some of the general setup choices for the GPG
S/MIME stack. The most useful command for debugging the underlying
S/MIME configuration was "gpgsm --list-chain --with-validation". 

I don't have submittable patches for #2/#3 yet, but I wanted to share
what I found about the scope of what actually needs to be done, which is
fairly small. (The biggest blocker is probably that Debian & other
distros haven't packaged gmime-2.6.)


Dan