GNU bug report logs - #67931
[PATCH] Use S/MIME key from content for mail signing via OpenSSL

Previous Next

Package: emacs;

Reported by: Illia Ostapyshyn <illia <at> yshyn.com>

Date: Wed, 20 Dec 2023 13:59:01 UTC

Severity: normal

Tags: patch

Done: Eric Abrahamsen <eric <at> ericabrahamsen.net>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Stefan Kangas <stefankangas <at> gmail.com>
To: Illia Ostapyshyn <illia <at> yshyn.com>
Cc: Lars Ingebrigtsen <larsi <at> gnus.org>, 67931 <at> debbugs.gnu.org
Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL
Date: Thu, 11 Jan 2024 13:05:46 -0800

Illia Ostapyshyn <illia <at> yshyn.com> writes:

> * Bug
>
> mml-smime-openssl-sign always takes the cdar of smime-keys, resulting in
> keyfile parameter of the #secure tag being ignored.  Hence, only the
> first entry of smime-keys is used, regardless of the mail contents or
> sender address.
>
> * Fix
>
> The relevant information (returned from mml-smime-openssl-sign-query) is
> already in the cont alist passed to mml-smime-openssl-sign, just use
> that instead.

Thanks for the patch.

Could you please provide a way to reproduce the issue that you're
seeing?  We don't have anyone onboard that is deeply familiar with this
code, I think, and it is security-sensitive.  Therefore, I'd like to be
careful when making changes here.

If we could have unit tests for this, it would be even better, of course.

This bug report was last modified 1 year and 100 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #67931 [PATCH] Use S/MIME key from content for mail signing via OpenSSL

GNU bug report logs - #67931
[PATCH] Use S/MIME key from content for mail signing via OpenSSL