Differential D8376

Correctly classify CMS detached signatures
ClosedPublic
Actions

Authored by dvratil on Oct 20 2017, 9:55 AM.

Details

Reviewers
aheinecke
JochenSaalfeld
Maniphest Tasks
T7310: S/MIME - Encrypt and Sign Option broken Files
Commits
R168:2edf2b81949f: Fix detached S/MIME signature verification
Summary

GpgME::Data (through gpgme_data_identify()) cannot distinguish whether
CMS signature is detached or opaque. This makes handling of CMS signatures
in Kleopatra very complicated. To get more exact results we do here what
gpgsm --verify does internally: we feed the signature to a real CMS parser
from the KSBA library and let it detect if it is a detached signature or
not. This adds KSBA dependency to libkleo, but that shouldn't be that
much of an issue since it's part of the GnuPG toolchain anyway. Also
invoking the CMS parser certainly represents certain level of overhead,
but I haven't noticed any major performance issues in Kleopatra.

Test Plan

Kleopatra can now correctly handle detached CMS signatures.

Diff Detail

Repository
R168 Kleopatra
Branch
master
Lint
No Linters Available
Unit
No Unit Test Coverage
dvratil created this revision.Oct 20 2017, 9:55 AM
Restricted Application added a project: KDE PIM. · View Herald TranscriptOct 20 2017, 9:55 AM
Restricted Application added a subscriber: KDE PIM. · View Herald Transcript
JochenSaalfeld requested changes to this revision.Oct 20 2017, 1:24 PM

Now detached signatures, created with S/MIME can be sucesfully verified.

Unfortunately, when a detached signature and an encrypted file are created, there is only a statement that the encryption was successfull, no statement about the signature.

This does not happen, when there is just a detached signature for an unencrypted file.

This revision now requires changes to proceed.Oct 20 2017, 1:24 PM
dvratil added a comment.Oct 20 2017, 1:42 PM
In D8376#157387, @JochenSaalfeld wrote:

Unfortunately, when a detached signature and an encrypted file are created, there is only a statement that the encryption was successfull, no statement about the signature.

Well, if you select a detached signature file, then we only verify the signature. You need to select the encrypted file so that it can be decrypted :-) The Decrypt/Verify file selection dialog lets you to select multiple files though, so if you select both signature and encrypted file, it performs both actions.

JochenSaalfeld accepted this revision.Oct 23 2017, 5:52 AM
This comment was removed by JochenSaalfeld.
This revision is now accepted and ready to land.Oct 23 2017, 5:52 AM
JochenSaalfeld requested changes to this revision.Oct 24 2017, 9:09 AM
JochenSaalfeld mentioned this in T7310: S/MIME - Encrypt and Sign Option broken Files.

Discussed with @dvratil that an additional dependency is not the optimal way to solve this issue. Will be halted back until further investigation.

This revision now requires changes to proceed.Oct 24 2017, 9:10 AM
emanuel added a subscriber: emanuel.Oct 26 2017, 11:57 AM

@dvratil Any new progress here? It's urgent. We have to release an updated Kleopatra/Gpg4win version as soon as possible...

dvratil added a comment.Oct 26 2017, 1:11 PM
In D8376#160334, @emanuel wrote:

@dvratil Any new progress here? It's urgent. We have to release an updated Kleopatra/Gpg4win version as soon as possible...

Working on it, will have something soon

dvratil updated this revision to Diff 21443.Oct 27 2017, 4:01 PM

Make the signature verification work inside Kleopatra without
changes to libkleo.

dvratil updated this revision to Diff 21444.Oct 27 2017, 4:04 PM

Fix comments

mlaurent added a subscriber: mlaurent.Oct 27 2017, 4:39 PM
mlaurent added inline comments.
src/utils/input_p.h
59

add new line after override

src/utils/output.cpp
686

mem leak or not mem leak ?

dvratil marked an inline comment as done.Oct 30 2017, 7:10 AM
dvratil added inline comments.
src/utils/output.cpp
686

m_ioDevice is an std::shared_ptr, so not a mem leak :-)

dvratil updated this revision to Diff 21545.Oct 30 2017, 7:11 AM
dvratil marked an inline comment as done.

Conding style

JochenSaalfeld added inline comments.Nov 7 2017, 1:48 PM
src/utils/input_p.h
6

Do you really mean 2007?

JochenSaalfeld accepted this revision.Nov 7 2017, 2:47 PM

Works now as expected without any additional dependencies!

This revision is now accepted and ready to land.Nov 7 2017, 2:47 PM
Closed by commit R168:2edf2b81949f: Fix detached S/MIME signature verification (authored by dvratil). · Explain WhyNov 8 2017, 8:31 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Diff 21443

View Options

src/crypto/autodecryptverifyfilescontroller.cpp

Loading...
View Options

src/utils/input.h

Loading...
View Options

src/utils/input.cpp

Loading...
View Options

src/utils/input_p.h

Loading...
View Options

src/utils/output.cpp

Loading...