search

leahneukirchen / mblaze

Unix utilities to deal with Maildir
Other
441 stars 48 forks source link

Encrypt + Sign #202

Open stacyharper opened 3 years ago

stacyharper commented 3 years ago

I just configured filters with some contrib scripts from this repo and I received this mail

--- 1: multipart/encrypted size=2246 filter="mgpg" ---
--- --- 2: multipart/signed size=1138 ---
--- --- --- 3: text/plain size=356 ---
This is a test email sent from sourcehut to confirm that PGP is working as you
expect. This email is signed with this key:

447B 69E4 B34B E90B C829 A0E9 6597 04D1 A38A 93AE

and is encrypted with this key:

CAB1 2F60 BD13 A21D AB60  C510 5BAC 9232 8B7C 5D65

You may control your PGP settings here:

https://meta.sr.ht/privacy

--
Drew DeVault
sourcehut
--- --- --- 4: application/pgp-signature size=455 name="signature.asc" render="mverify; exit 0" ---
No signature found.

It seems this signature could not be verified.

After some check, it seems I can't send an encrypted + signed email too

In recap:

leahneukirchen commented 3 years ago

mencrypt uses --encrypt --sign so that should be fine.

I think above error results due to using mverify as a filter, but it's a tool you need to call on the whole message.

stacyharper commented 3 years ago

mencrypt uses --encrypt --sign so that should be fine.

I'll double check this part so

I think above error results due to using mverify as a filter, but it's a tool you need to call on the whole message.

oh ? But it seems that the vanilla mverify can't check the signature too

[reed@terminator ~]$ mshow
From: sourcehut <outgoing@sr.ht>
Subject: Test email
To: foo@bar.net
Date: Tue, 02 Feb 2021 10:39:28 -0000 (49 minutes, 57 seconds ago)

--- 1: multipart/encrypted size=2246 filter="mgpg" ---
--- --- 2: multipart/signed size=1138 ---
--- --- --- 3: text/plain size=356 ---
This is a test email sent from sourcehut to confirm that PGP is working as you
expect. This email is signed with this key:

447B 69E4 B34B E90B C829 A0E9 6597 04D1 A38A 93AE

and is encrypted with this key:

CAB1 2F60 BD13 A21D AB60  C510 5BAC 9232 8B7C 5D65

You may control your PGP settings here:

https://meta.sr.ht/privacy

--
Drew DeVault
sourcehut
--- --- --- 4: application/pgp-signature size=455 name="signature.asc" render="mverify; exit 0" ---
No signature found.
[reed@terminator ~]$ mverify
No signature found.

The signature seems included in the encrypted part as the raw email looks like 

From: sourcehut <outgoing@sr.ht>
Subject: Test email
To: foo@bar
Date: Tue, 02 Feb 2021 10:39:28 -0000 (54 minutes, 34 seconds ago)

--===============5503615174114557129==
Content-Type: application/pgp-encrypted

Version: 1
--===============5503615174114557129==
Content-Type: application/octet-stream; name="message.asc"
Content-Description: OpenPGP encrypted message

-----BEGIN PGP MESSAGE-----

wcFMA0r01qAHYcQRARAA37lNNKuwNOADjyjFsv18uZBkqKEdF4gz88fsNYXp/xD6
MIUhIEovxsbKXcUUP8q7xhFlI2ePgAnXSz6vlMsvTDxt3iygXXoz0FytkI3d+Yq2
8uRMU7BmJGWE6cZwV2gm1etDc0BK9iFj1V5UMsS4ddoKyx6y85msvIh/fGYbyGkg
ifXRpbwclqIgGK2PS+LY4zEiAHf+7nb7srQia5F2HPBOYSBSBDknvzqryrQ8Pmnh
G6ilRwIK7d5syXnme8IZOou/qkIpqGcSjKq650pOIR1BC5hhiYOAGE4IHuao5uds
C8ClQuPRaXeTg95EW7hkBz239vd5YvbhcMbC3jxeUG0R7fbpf7NnZ/MKWBFu+ZYJ
u1j1+MJ+A2tDrbEjJwBJo/OIeh/AKRr37FW9gZEYAUMjZ+rFQ4YDqe+haWcDi7Ra
WAVuGHy3PqvhI4jHBQmAKhGRomUSppGjwckeEIA70oe926ZAFAy6w3DnHQKu7Vuc
s92k+zFJjhEpNNWLiIItt2KAx919OSiAL7Fg/0IEyBMM2nPKRo88l3h9RGZqsvy8
/hOozqT4EAexuZi7P6a4Fpe9O9g+l8+mjpcweDHWLrAzHjPi/weIlL9y63BWP0gW
1ziSCxPDLUIs3ZceU9+zyXVzB4dwp47Jli+/ugBixJN/5YSfP3bYIi3p4RPHwUbS
wqwBRXoE2vbcRHMVjCEaKz4p9wyjcUBowtADfi4RJaDVfITJT1pXsJWP8UXThtn7
0gGYZTFiIZxjJPxj/0h5rkJ0RqTn08Pp9NU6YVA7P5d6F4Bk9RZq9lqoFW68gojH
8t0pn9ec0xMhFhVLcfpvFzETvqo9Y/t/KYNApolbO/H0cvL7gGPng7o75NCHJmpd
FAtqn0MNvwkcF3IkL3VgW5T/9MAHkwWh7K3NLLphqQ7wTMJ/goKH0dUeZQwLlq6M
7NlJPPO58MuVG3Rj2gpFVv6Km0Z2GLjD61a6h/R+IKxpT5G6xCmaktJeFb3aH+XZ
Kumwq+QGaTccV+ruqz7A1rjJgbixA5HZgGeKwbQmvAcO9ovQfgH8g4MG4wbCbETz
iaxoO55SX3N0ySDTAKhD9CfR/Oy9l8FkINyRf8CiTfbfAZtCefSfiSkQ6ruclGxs
GflqlYAg6OD2pls5j8iFUftyJrWO3rsCWtzaWfVha//She6bve5TudhSfYzTwE/y
vK3JZ7ZaoKmRrwa/hsD6xDPrnRqS30PkJ3QzttugHvo5IJe7N/hbI94t6XAyRdkH
R7SHaWiPxlaLWOhVntyPSbpeeCJszwe1lXpEVb3tgn1+Ufp84A5AufQEYB5qSmB/
MfZn6YaxV5yxN39GNvkPfzXROiPHn4wFSFQpYODQLre1Otcx5ff+4T79cInHbFmY
sSY7ak3Y0v7ZkyoYA3sUb+y1Do5PWH+Rp7hxTnCZxzATKQWGW0EqqWmDYKvgyBRK
jJqSMRr1lXB3Mmc78TKUxbo9YNGNU+s4iMcYWc2gH7U3PblOBxGnqEuiixCK2luh
kBzgx84WrqUft+lQ+d79b4qaOmPi0epmpaB/ms+FpVYNiN4t9dgRWZUwtGQVCw/j
6HVlc0NejF+ZSu+GpVHMQRUke6LkTq1K/jkPN53M1ShZkWwfqncEQIsXzGMtOVgJ
6DOVWsptZiXIJN+EFV+GSJRq3iB7c+pbh/7cBJICol6VxOYTkjGrdJlA7kWMwfjz
7nH1b+RN4BWcN0RKBBY9TOGtFEXdX/xb/pFb0TSqMLOEFd+krkaoSPXb5PqLwFI3
bREFKSKmPd0svZZqPfh5nW5WnkvJrNZa6rYipMP+/q9K5g6CzTp0B20WCPY0zaq3
wUw3NO6xNcYdAYqCPXQ=
=gJPx
-----END PGP MESSAGE-----

--===============5503615174114557129==--

Anyway I'll adapt it to be usable as filter. I'd like to display signature verification with mless

stacyharper commented 3 years ago

mencrypt uses --encrypt --sign so that should be fine. I'll double check this part so

It seems it is not enough to emulate the mail from sr.ht

From: Foo bar <foo@bar>
Subject: crypted signed ?
To: toto@tutu
Date: Tue, 02 Feb 2021 12:35:51 +0100 (39 seconds ago)

--- 1: multipart/encrypted size=3155 filter="mgpg" ---
--- --- 2: multipart/mixed size=827 ---
--- --- --- 3: text/plain size=20 ---
this should be both
stacyharper commented 3 years ago

I may be wrong about all this.

Does decrypt also check the signature ? Does the npgp filter will just break if the mail is wrongly signed ? In this case, I should not focus that much on the signature.asc

leahneukirchen commented 3 years ago

Filters only get the attachment as input, but you need the whole message to verify.

leahneukirchen commented 3 years ago

And please provide the raw message, I don't want to guess the MIME headers to reproduce this.

stacyharper commented 3 years ago

here the full message

but I think you'll have difficulties to decrypt it. If you got an sr.ht account, this is the test email button after setting up the encryption pgp key

stacyharper commented 3 years ago

I think the encrypted part contain in itself multiple subparts. mblaze in it current state can't know about the signature encrypted subpart.

Here the mpgp filter stdout

Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="===============2511636010367206221=="
MIME-Version: 1.0

--===============2511636010367206221==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

This is a test email sent from sourcehut to confirm that PGP is working as you
expect. This email is signed with this key:

447B 69E4 B34B E90B C829 A0E9 6597 04D1 A38A 93AE

and is encrypted with this key:

CAB1 2F60 BD13 A21D AB60  C510 5BAC 9232 8B7C 5D65

You may control your PGP settings here:

https://meta.sr.ht/privacy

--
Drew DeVault
sourcehut

--===============2511636010367206221==
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature

-----BEGIN PGP SIGNATURE-----

wsBcBAABCgAGBQJgGSvgAAoJEGWXBNGjipOuccMH/18vOX99CyQP/mU8fOe/3YRc
nKCmq0iVdF5WuDNA2grB5Xjat3zEOqzWirUJ2hNcDzJ+rreL5sIltVuK6JnA9hBU
/5VB7xNmJglB04cwkuDaIfbvwVkhKiivTHbY8Y4PbW9k3vH4zYUY8cDvQc8qPCZc
UTHkdXapGz5eTuorFusJB1CaxCgWBrl8xUahJVNyNmMjnqTrpbib8RqWiNAdOjlz
KiH3i/SbIDYscLdFXXSQv+m82fuOD92a60Bac4E//B4XQg9q9YyBGa5fEkS8CXUZ
KULEGLehg/hOxd4Uq7He9xrWoUVS1KtGwTSS7MfSAvYHCPerS+in/UWmlSAvTpQ=
=D3Mk
-----END PGP SIGNATURE-----

--===============2511636010367206221==--

The mshow and mless display it as an ordinary subpart but it is a little trickier

leahneukirchen commented 3 years ago

Yes, mverify won't work on that encrypted file (could be extended I guess). But mgpg should show

gpg: Signature made ...
gpg:                using ...
gpg: Good signature from ...

at the end.

leahneukirchen commented 3 years ago

Putting an external signature into a GPG signed part seems weird, as you could just sign the GPG part in the first place. But on this content mverify should work.

leahneukirchen commented 3 years ago

Also see #175.

stacyharper commented 3 years ago

gpg2 -d do not display signature information

gpg: Note: secret key 4AF4D6A00761C411 expired at Tue 17 Sep 2019 08:45:55 PM CEST
gpg: Note: key has been revoked
gpg: encrypted with 4096-bit RSA key, ID 4AF4D6A00761C411, created 2018-09-17
      "Eddie Barraco <contact@eddiebarraco.fr>"

probably cause the signature is in its dedicated subpart ant not the gpg part

stacyharper commented 3 years ago

I'll try to extends the mverify to decrypt the encrypted part then check signature in the case of pgp emails

stacyharper commented 3 years ago

gpg2 -d do not display signature information

It work nicely with encrypted email from mblaze (signature in the gpg part) but I dunno what will be display if there is a signature missmatch. I'd like to be noticed somehow

stacyharper commented 3 years ago

Something like this seems enough to me

diff --git a/bin/mverify b/bin/mverify
index 1624d49..21e7e24 100755
--- a/bin/mverify
+++ b/bin/mverify
@@ -11,6 +11,13 @@ fi

 [ "$#" -eq 0 ] && set -- .

+if mshow -t "$1" | grep -q "multipart/encrypted"; then
+       tmp=$(mktemp -t mgpg.XXXXXX)
+       trap "rm -f '$tmp'" INT TERM EXIT
+       mshow -r "$1" | "$GPG" -d > "$tmp"
+       set -- "$tmp"
+fi
+
 mshow -t "$1" | DOS2UNIX='/^M$/!s/$/^M/' awk -v "msg=$1" '
 { match($0, "^ *"); indent = RLENGTH }
 $2 == "text/plain" { plain++ }

edit: we should add some -n args to some mshow to avoid linking the tmp file