GNU bug report logs - #67931
[PATCH] Use S/MIME key from content for mail signing via OpenSSL

Message received at 67931 <at> debbugs.gnu.org:

Received: (at 67931) by debbugs.gnu.org; 10 May 2024 11:21:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri May 10 07:21:19 2024
Received: from localhost ([127.0.0.1]:42022 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1s5OJT-0005Ul-FX
	for submit <at> debbugs.gnu.org; Fri, 10 May 2024 07:21:19 -0400
Received: from phoenix.uberspace.de ([95.143.172.135]:37072)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <illia@HIDDEN>) id 1s5OJP-0005Uf-JJ
 for 67931 <at> debbugs.gnu.org; Fri, 10 May 2024 07:21:16 -0400
Received: (qmail 12891 invoked by uid 988); 10 May 2024 11:21:15 -0000
Authentication-Results: phoenix.uberspace.de;
	auth=pass (plain)
Received: from unknown (HELO unkown) (::1)
 by phoenix.uberspace.de (Haraka/3.0.1) with ESMTPSA;
 Fri, 10 May 2024 13:21:15 +0200
From: illia@HIDDEN
To: Eric Abrahamsen <eric@HIDDEN>
Subject: Re: bug#67931: [PATCH] Use S/MIME key from content for mail signing
 via OpenSSL
In-Reply-To: <87fruqsg3i.fsf@HIDDEN> (Eric Abrahamsen's message of
 "Thu, 09 May 2024 16:47:13 -0700")
References: <8734vx6mk7.fsf@HIDDEN>
 <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN>
 <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN>
 <86y18lajgd.fsf@HIDDEN> <k8ujzk5bt4a.fsf@HIDDEN>
 <87wmo5rq93.fsf@HIDDEN> <k8u34qs1o96.fsf@HIDDEN>
 <87fruqsg3i.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
Date: Fri, 10 May 2024 13:20:58 +0200
Message-ID: <8734qp3obp.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain
X-Rspamd-Bar: --
X-Rspamd-Report: BAYES_HAM(-2.792643) MIME_GOOD(-0.1)
X-Rspamd-Score: -2.892643
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yshyn.com; s=uberspace;
 h=from:to:cc:subject:date;
 bh=Nozt6T8Nmas0z4jErCr1FQ07zBkEoBfGHWdYUIeh4vE=;
 b=G5ZT7prrNmcxPtNl0hA2UO5ycAVUvxtxQqDnK50rYOIw0Yvkk33Ao5+rqq0JJd4vhe9+kcpNnj
 DMCzAmOX4oieANwTvJc0iAwRhTugTGj6NNKpLydODv6mFYESFtzac/j50LVjYhYxnL5YiOVZMKdA
 mAsS3L/WoNgeV4Gc5nJr4+Dw0piYOzNKAH5mu2jnxOlAeunLZyCGFWebSBq1PR1qtKsUMhOZVYvr
 7vgQxd+7VH1U3QiKlX6y1MQ3gEpepMHJeQQedYQsynhB+awhPT7NSYnUCaoJv4bZQonF8V6Y00oB
 uEL6jDcosxUN1hmjpug9c/kfq0WCGnKJi7UNyfDg==
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 67931
Cc: larsi@HIDDEN, Eli Zaretskii <eliz@HIDDEN>,
 Illia Ostapyshyn <illia@HIDDEN>, 67931 <at> debbugs.gnu.org,
 stefankangas@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

Eric Abrahamsen <eric@HIDDEN> writes:

> I'm mostly trying to understand how broken this was, prior to this
> patch. Obviously there was the hard-coding of the key, the original
> issue. Has encryption been broken this whole time, too?

Encryption is working as intended, I haven't encountered any problems
with it yet.

> Encryption is a separate MML tag, right? And also a separate cert (the
> recipient's, not the user's). Why would additional certificates on your
> own certfile interfere with the process of encrypting to the user?

Actually, when signing and encrypting at the same time, both use a
single "signencrypt" tag. This is what mml-secure-message-encrypt-smime
outputs currently:

<#secure method=smime mode=signencrypt keyfile=keyfile.pem certfile=recip.gpg>

mml-parse-1 converts this into an alist, spliting "signencrypt" into two
separate "sign" and "encrypt" parameters.  These are then processed in
mml-generate-mime-1, which consults mml-signencrypt-style-alist if it
encounters both sign and encrypt in the same tag.

With my previous patch (6 May) reusing the certfile parameter, the tag
would include chain certificates as certfiles:

<#secure method=smime mode=signencrypt keyfile=keyfile.pem certfile=chain.pem certfile=recip.pem>

With the same alist is passed to both mml-smime-openssl-sign and
mml-smime-openssl-encrypt, this had the unintended effect of (1)
encrypting for chain.pem and (2) including recip{1,2}.pem in the message
when signing.

With the latest patch, the tag looks like this:

<#secure method=smime mode=signencrypt keyfile=keyfile.pem chainfile=chain.pem certfile=recip.pem>

As mml-smime-openssl-sign expects chainfiles, mml-smime-openssl-encrypt
expects certfiles, and they don't interfere with each other anymore.

> I'm not trying to be difficult, I'd just like to have a better grasp of
> what's going on here!

No worries, I appreciate the additional caution with security-sensitive
code.  Also that part of the code seems to have been a bit neglected.

Illia

Message received at 67931 <at> debbugs.gnu.org:

Received: (at 67931) by debbugs.gnu.org; 9 May 2024 23:47:38 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu May 09 19:47:38 2024
Received: from localhost ([127.0.0.1]:41405 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1s5DUA-0003PY-8N
	for submit <at> debbugs.gnu.org; Thu, 09 May 2024 19:47:38 -0400
Received: from mail.ericabrahamsen.net ([52.70.2.18]:34572)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eric@HIDDEN>) id 1s5DU5-0003PS-7L
 for 67931 <at> debbugs.gnu.org; Thu, 09 May 2024 19:47:36 -0400
Received: from localhost (71-212-21-65.tukw.qwest.net [71.212.21.65])
 (Authenticated sender: eric@HIDDEN)
 by mail.ericabrahamsen.net (Postfix) with ESMTPSA id C8560FA09E;
 Thu,  9 May 2024 23:47:27 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericabrahamsen.net;
 s=mail; t=1715298448;
 bh=MNfjDmZYpONAWerFqEKAmb2JclDSbmpluzRE5/zlpPA=;
 h=From:To:Cc:Subject:In-Reply-To:References:Date:From;
 b=kR5m1C/M6ewgTxC9aknZl9dY/zZFkHqbs5hiVENt6fZ5Q9O4Ojzfj7/Un7qoTZmH7
 5rET6PXta5gBLAcGMc2U9O0cGWsSw3o0Rddb/hg5Zja9P1wQFgzJUFIL5xUdPahALf
 kuLOqT8CUr9yvQ8ZoyAuaWvwBL1cQQMJr9FBGB9I=
From: Eric Abrahamsen <eric@HIDDEN>
To: Illia Ostapyshyn <illia@HIDDEN>
Subject: Re: bug#67931: [PATCH] Use S/MIME key from content for mail signing
 via OpenSSL
In-Reply-To: <k8u34qs1o96.fsf@HIDDEN> (Illia Ostapyshyn's message of "Wed, 
 08 May 2024 14:28:37 +0200")
References: <8734vx6mk7.fsf@HIDDEN>
 <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN>
 <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN>
 <86y18lajgd.fsf@HIDDEN> <k8ujzk5bt4a.fsf@HIDDEN>
 <87wmo5rq93.fsf@HIDDEN> <k8u34qs1o96.fsf@HIDDEN>
Date: Thu, 09 May 2024 16:47:13 -0700
Message-ID: <87fruqsg3i.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 67931
Cc: larsi@HIDDEN, Eli Zaretskii <eliz@HIDDEN>, 67931 <at> debbugs.gnu.org,
 stefankangas@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Illia Ostapyshyn <illia@HIDDEN> writes:

> Eric Abrahamsen <eric@HIDDEN> writes:
>
>> The patch seems to work as intended -- I won't claim to know enough
>> about SMIME to know if it does the right thing or not. Can you briefly
>> explain what the additional certificates actually do, and why they're
>> useful in signing but not in encryption?
>
> End-user SMIME certificates are signed by the (intermediate) CAs that
> issued them.  The issuer's certificate can be in turn signed by another
> CA up the hierarchy, resulting in a chain that ends with the implicitly
> trusted root authority.  When signing a message, you can include the
> intermediate CA certificates, allowing the recipient to verify the whole
> chain.  With openssl, this is done via the -certfile argument [1]:
>
> -certfile file
>     Allows additional certificates to be specified. When signing these
>     will be included with the message. When verifying these will be
>     searched for the signers certificates. ...

Thanks! So basically like TLS cert chaining.

> Encryption is orthogonal to this: it only uses the public keys of your
> recipients from their certificates, the chain is irrelevant.

I'm mostly trying to understand how broken this was, prior to this
patch. Obviously there was the hard-coding of the key, the original
issue. Has encryption been broken this whole time, too?

Encryption is a separate MML tag, right? And also a separate cert (the
recipient's, not the user's). Why would additional certificates on your
own certfile interfere with the process of encrypting to the user?

I'm not trying to be difficult, I'd just like to have a better grasp of
what's going on here!

> The MML tag parameter names are a bit unfortunate here: the new
> `chainfile' parameter translates to "-cerfile" arguments and the
> existing `certfile' parameters translate to positional "recipcert"
> arguments of openssl [1].

I'm not too concerned about that, the vast majority of the time this
process should be automatic.

Eric

Message received at 67931 <at> debbugs.gnu.org:

Received: (at 67931) by debbugs.gnu.org; 8 May 2024 12:29:49 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 08 08:29:49 2024
Received: from localhost ([127.0.0.1]:48639 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1s4gQf-0002wg-GN
	for submit <at> debbugs.gnu.org; Wed, 08 May 2024 08:29:49 -0400
Received: from phoenix.uberspace.de ([95.143.172.135]:52734)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <illia@HIDDEN>) id 1s4gQa-0002wa-W2
 for 67931 <at> debbugs.gnu.org; Wed, 08 May 2024 08:29:48 -0400
Received: (qmail 10272 invoked by uid 988); 8 May 2024 12:29:18 -0000
Authentication-Results: phoenix.uberspace.de;
	auth=pass (plain)
Received: from unknown (HELO unkown) (::1)
 by phoenix.uberspace.de (Haraka/3.0.1) with ESMTPSA;
 Wed, 08 May 2024 14:29:17 +0200
From: Illia Ostapyshyn <illia@HIDDEN>
To: Eric Abrahamsen <eric@HIDDEN>
Subject: Re: bug#67931: [PATCH] Use S/MIME key from content for mail signing
 via OpenSSL
In-Reply-To: <87wmo5rq93.fsf@HIDDEN> (Eric Abrahamsen's message of
 "Tue, 07 May 2024 19:28:40 -0700")
References: <8734vx6mk7.fsf@HIDDEN>
 <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN>
 <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN>
 <86y18lajgd.fsf@HIDDEN> <k8ujzk5bt4a.fsf@HIDDEN>
 <87wmo5rq93.fsf@HIDDEN>
Date: Wed, 08 May 2024 14:28:37 +0200
Message-ID: <k8u34qs1o96.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain
X-Rspamd-Bar: /
X-Rspamd-Report: BAYES_HAM(-0.462601) MIME_GOOD(-0.1)
X-Rspamd-Score: -0.562601
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yshyn.com; s=uberspace;
 h=from:to:cc:subject:date;
 bh=wuJD4h+ZO4R39/MhzfeMqMnUhjBDZa+FMVxgfgvgTv4=;
 b=W9brB6C87g9iLZTdolzf83fofXAm/eW+cKvqts/sV4OM5fc3A3TeY/u1VTyZcCQ752NaHw1KYr
 yeuoU10+KUsJT3GW+zubyg0Tll4Po6si5hHlecA07+GcQ9MmE6DwAVOLT6lzRtg7cBrKTOrVTNK2
 XtwnQehsHWSAaFLqcqpTAMMNMPXbU/kUqiCvkCpdqsNJN8vgH0TJb9bew9xE2KTrLIIONG7dg1Nd
 lRI9/2VMY254ecgk6hrf0JGrZK7NHQibQUTwCmvswISjf4sobZmdzzWXRottrrI/g6sy/OzMRP4t
 t+WqDekHhuiVwrDTg+DydtRQS5X1hCkMGEtTrWcA==
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 67931
Cc: Eli Zaretskii <eliz@HIDDEN>, 67931 <at> debbugs.gnu.org,
 Illia Ostapyshyn <illia@HIDDEN>, larsi@HIDDEN, stefankangas@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

Eric Abrahamsen <eric@HIDDEN> writes:

> The patch seems to work as intended -- I won't claim to know enough
> about SMIME to know if it does the right thing or not. Can you briefly
> explain what the additional certificates actually do, and why they're
> useful in signing but not in encryption?

End-user SMIME certificates are signed by the (intermediate) CAs that
issued them.  The issuer's certificate can be in turn signed by another
CA up the hierarchy, resulting in a chain that ends with the implicitly
trusted root authority.  When signing a message, you can include the
intermediate CA certificates, allowing the recipient to verify the whole
chain.  With openssl, this is done via the -certfile argument [1]:

-certfile file
    Allows additional certificates to be specified. When signing these
    will be included with the message. When verifying these will be
    searched for the signers certificates. ...

Encryption is orthogonal to this: it only uses the public keys of your
recipients from their certificates, the chain is irrelevant.

The MML tag parameter names are a bit unfortunate here: the new
`chainfile' parameter translates to "-cerfile" arguments and the
existing `certfile' parameters translate to positional "recipcert"
arguments of openssl [1].

[1] https://www.openssl.org/docs/manmaster/man1/openssl-smime.html

Message received at 67931 <at> debbugs.gnu.org:

Received: (at 67931) by debbugs.gnu.org; 8 May 2024 02:29:18 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue May 07 22:29:18 2024
Received: from localhost ([127.0.0.1]:46138 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1s4X3V-0007cM-On
	for submit <at> debbugs.gnu.org; Tue, 07 May 2024 22:29:18 -0400
Received: from mail.ericabrahamsen.net ([52.70.2.18]:52384)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eric@HIDDEN>) id 1s4X3R-0007cG-BZ
 for 67931 <at> debbugs.gnu.org; Tue, 07 May 2024 22:29:16 -0400
Received: from localhost (71-212-21-65.tukw.qwest.net [71.212.21.65])
 (Authenticated sender: eric@HIDDEN)
 by mail.ericabrahamsen.net (Postfix) with ESMTPSA id 4147EFA396;
 Wed,  8 May 2024 02:28:41 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericabrahamsen.net;
 s=mail; t=1715135321;
 bh=TwGkgY5eyCwK4TQrKhSYI+2+kthGlGm0IohF1U7/AHE=;
 h=From:To:Cc:Subject:In-Reply-To:References:Date:From;
 b=yb+HjlaD3VXoR2tHymNBfoiP/TcGXfjzlORIAnizGvGgsZrYo/7ucjoK+ki+vfCc8
 mafrumLRYyvNKLDHE7XLtqGos1TrmRZNiAps1gB2fCVGh8wqAvEFNxqsUazA8eLW0K
 xSfs2VsjPcObP+nLiCmAIZm7qf5tg8nICD1SD+6g=
From: Eric Abrahamsen <eric@HIDDEN>
To: Illia Ostapyshyn <illia@HIDDEN>
Subject: Re: bug#67931: [PATCH] Use S/MIME key from content for mail signing
 via OpenSSL
In-Reply-To: <k8ujzk5bt4a.fsf@HIDDEN> (Illia Ostapyshyn's message of "Tue, 
 07 May 2024 16:21:09 +0200")
References: <8734vx6mk7.fsf@HIDDEN>
 <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN>
 <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN>
 <86y18lajgd.fsf@HIDDEN> <k8ujzk5bt4a.fsf@HIDDEN>
Date: Tue, 07 May 2024 19:28:40 -0700
Message-ID: <87wmo5rq93.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 67931
Cc: Eli Zaretskii <eliz@HIDDEN>, 67931 <at> debbugs.gnu.org, larsi@HIDDEN,
 stefankangas@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Illia Ostapyshyn <illia@HIDDEN> writes:

> Eli Zaretskii <eliz@HIDDEN> writes:
>
>>> Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 17780 <at> debbugs.gnu.org,
>>>  Stefan Kangas <stefankangas@HIDDEN>, Jan Beich <jbeich@HIDDEN>,
>>>  67931 <at> debbugs.gnu.org
>>> From: Illia Ostapyshyn <illia@HIDDEN>
>>> Date: Mon, 06 May 2024 20:46:33 +0200
>>> 
>>> Sorry, forgot to attach the patch, sending it with this email.
>>
>> Thanks, I'm adding Eric to the discussion.
>
> Thanks!
>
> I've realized that reusing certfile parameter for signing will have
> unintended side-effects when encrypting and signing a message.  When a
> single signencrypt MML tag is used for both this results in all
> certfiles passed to both `smime-encrypt-buffer' and `smime-sign-buffer'.
>
> I'm sending a new patch that introduces a parameter called chainfile for
> signatures instead.

The patch seems to work as intended -- I won't claim to know enough
about SMIME to know if it does the right thing or not. Can you briefly
explain what the additional certificates actually do, and why they're
useful in signing but not in encryption?

Thanks,
Eric

Message received at 67931 <at> debbugs.gnu.org:

Received: (at 67931) by debbugs.gnu.org; 8 May 2024 02:21:06 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue May 07 22:21:06 2024
Received: from localhost ([127.0.0.1]:46104 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1s4WvZ-0007XN-EA
	for submit <at> debbugs.gnu.org; Tue, 07 May 2024 22:21:05 -0400
Received: from mail.ericabrahamsen.net ([52.70.2.18]:54438)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eric@HIDDEN>) id 1s4WvX-0007Wp-9i
 for 67931 <at> debbugs.gnu.org; Tue, 07 May 2024 22:21:04 -0400
Received: from localhost (71-212-21-65.tukw.qwest.net [71.212.21.65])
 (Authenticated sender: eric@HIDDEN)
 by mail.ericabrahamsen.net (Postfix) with ESMTPSA id 9CF7FFA396;
 Wed,  8 May 2024 02:20:31 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericabrahamsen.net;
 s=mail; t=1715134831;
 bh=/9KZFMDH2VfZs+3E8BguujvTizoSMBfsTYRHESBBKZg=;
 h=From:To:Cc:Subject:In-Reply-To:References:Date:From;
 b=g8VEeUvnp12HOtKMCDcJ7rZO1h5722HF3/qhQL+tkfgVsrOALDJ8TermNTJ3UfXug
 Iek1CAskZfHcQBqyHXT3NggPAtDaWSX+AfEmUjdjybOXbDAWOtl/MzaMDS5a9vp48D
 RPTcvau2DCLajjGJks5qdP+zdeh3DjzCXhNFNon4=
From: Eric Abrahamsen <eric@HIDDEN>
To: Illia Ostapyshyn <illia@HIDDEN>
Subject: Re: bug#67931: [PATCH] Use S/MIME key from content for mail signing
 via OpenSSL
In-Reply-To: <87edadt5wv.fsf@HIDDEN> (Eric Abrahamsen's message of
 "Tue, 07 May 2024 19:05:04 -0700")
References: <8734vx6mk7.fsf@HIDDEN>
 <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN>
 <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN>
 <86y18lajgd.fsf@HIDDEN> <k8ujzk5bt4a.fsf@HIDDEN>
 <87edadt5wv.fsf@HIDDEN>
Date: Tue, 07 May 2024 19:20:30 -0700
Message-ID: <875xvpt575.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 67931
Cc: larsi@HIDDEN, Eli Zaretskii <eliz@HIDDEN>, 67931 <at> debbugs.gnu.org,
 stefankangas@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Eric Abrahamsen <eric@HIDDEN> writes:

> Illia Ostapyshyn <illia@HIDDEN> writes:
>
>> Eli Zaretskii <eliz@HIDDEN> writes:
>>
>>>> Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 17780 <at> debbugs.gnu.org,
>>>>  Stefan Kangas <stefankangas@HIDDEN>, Jan Beich <jbeich@HIDDEN>,
>>>>  67931 <at> debbugs.gnu.org
>>>> From: Illia Ostapyshyn <illia@HIDDEN>
>>>> Date: Mon, 06 May 2024 20:46:33 +0200
>>>> 
>>>> Sorry, forgot to attach the patch, sending it with this email.
>>>
>>> Thanks, I'm adding Eric to the discussion.
>>
>> Thanks!
>>
>> I've realized that reusing certfile parameter for signing will have
>> unintended side-effects when encrypting and signing a message.  When a
>> single signencrypt MML tag is used for both this results in all
>> certfiles passed to both `smime-encrypt-buffer' and `smime-sign-buffer'.
>>
>> I'm sending a new patch that introduces a parameter called chainfile for
>> signatures instead.
>
> Thanks for the report, and the code. I haven't been able to get the
> reproducer to work so far (in Emacs -Q), because it always ends up at
> `mml-smime-sign-query' instead of `mml-smime-sign-buffer', and the
> latter seems to be the only way to (eventually) end up at
> `mml-smime-openssl-sign', where the problem is:
>
> - mml-smime-sign-buffer
> - mml-smime-sign
> - (funcall (nth 1 (assq 'openssl mml-smime-function-alist)))
> - mml-smime-openssl-sign
>
> `mml-smime-sign' is the only place that does (nth 1 (assq 'openssl
> mml-smime-function-alist))
>
> The only way to call `mml-smime-sign-buffer' instead of
> `mml-smime-sign-query' is if some code ran:
>
> (funcall (nth 1 (assoc "smime" mml-sign-alist)))
>
> And so far as I can tell, no code does that.
>
> Obviously you arrived at that function somehow, otherwise we wouldn't
> have this bug report, but so far I can't figure out how!

Bah, I'm sorry, I didn't realize that was only half the recipe. Hang on...

Message received at 67931 <at> debbugs.gnu.org:

Received: (at 67931) by debbugs.gnu.org; 8 May 2024 02:05:41 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue May 07 22:05:41 2024
Received: from localhost ([127.0.0.1]:46044 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1s4Wge-0007NA-MB
	for submit <at> debbugs.gnu.org; Tue, 07 May 2024 22:05:41 -0400
Received: from mail.ericabrahamsen.net ([52.70.2.18]:49216)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eric@HIDDEN>) id 1s4Wgb-0007N1-Iy
 for 67931 <at> debbugs.gnu.org; Tue, 07 May 2024 22:05:38 -0400
Received: from localhost (71-212-21-65.tukw.qwest.net [71.212.21.65])
 (Authenticated sender: eric@HIDDEN)
 by mail.ericabrahamsen.net (Postfix) with ESMTPSA id 87CDCFA396;
 Wed,  8 May 2024 02:05:05 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericabrahamsen.net;
 s=mail; t=1715133905;
 bh=4npb7LLbcs4RB+jYof3x3/iFY6RdP1FkrXRHHC9RAtc=;
 h=From:To:Cc:Subject:In-Reply-To:References:Date:From;
 b=IEVIo6DAC0/QsWa+nCgD2lCdD9Kq8mGYlDgzRcjyNctR97OS0EikMu07aTHKI3lQR
 p+I0mpM7xktiKw5algudlGit9ERqBEQGG+Ck4H4ohnHDM1kv0obUWu+cQoVWNMhpIg
 LmF76pbBE1Pb7urdALaOilo8HRZ5I36nw0KwDtrY=
From: Eric Abrahamsen <eric@HIDDEN>
To: Illia Ostapyshyn <illia@HIDDEN>
Subject: Re: bug#67931: [PATCH] Use S/MIME key from content for mail signing
 via OpenSSL
In-Reply-To: <k8ujzk5bt4a.fsf@HIDDEN> (Illia Ostapyshyn's message of "Tue, 
 07 May 2024 16:21:09 +0200")
References: <8734vx6mk7.fsf@HIDDEN>
 <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN>
 <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN>
 <86y18lajgd.fsf@HIDDEN> <k8ujzk5bt4a.fsf@HIDDEN>
Date: Tue, 07 May 2024 19:05:04 -0700
Message-ID: <87edadt5wv.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 67931
Cc: Eli Zaretskii <eliz@HIDDEN>, 67931 <at> debbugs.gnu.org, larsi@HIDDEN,
 stefankangas@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Illia Ostapyshyn <illia@HIDDEN> writes:

> Eli Zaretskii <eliz@HIDDEN> writes:
>
>>> Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 17780 <at> debbugs.gnu.org,
>>>  Stefan Kangas <stefankangas@HIDDEN>, Jan Beich <jbeich@HIDDEN>,
>>>  67931 <at> debbugs.gnu.org
>>> From: Illia Ostapyshyn <illia@HIDDEN>
>>> Date: Mon, 06 May 2024 20:46:33 +0200
>>> 
>>> Sorry, forgot to attach the patch, sending it with this email.
>>
>> Thanks, I'm adding Eric to the discussion.
>
> Thanks!
>
> I've realized that reusing certfile parameter for signing will have
> unintended side-effects when encrypting and signing a message.  When a
> single signencrypt MML tag is used for both this results in all
> certfiles passed to both `smime-encrypt-buffer' and `smime-sign-buffer'.
>
> I'm sending a new patch that introduces a parameter called chainfile for
> signatures instead.

Thanks for the report, and the code. I haven't been able to get the
reproducer to work so far (in Emacs -Q), because it always ends up at
`mml-smime-sign-query' instead of `mml-smime-sign-buffer', and the
latter seems to be the only way to (eventually) end up at
`mml-smime-openssl-sign', where the problem is:

- mml-smime-sign-buffer
- mml-smime-sign
- (funcall (nth 1 (assq 'openssl mml-smime-function-alist)))
- mml-smime-openssl-sign

`mml-smime-sign' is the only place that does (nth 1 (assq 'openssl
mml-smime-function-alist))

The only way to call `mml-smime-sign-buffer' instead of
`mml-smime-sign-query' is if some code ran:

(funcall (nth 1 (assoc "smime" mml-sign-alist)))

And so far as I can tell, no code does that.

Obviously you arrived at that function somehow, otherwise we wouldn't
have this bug report, but so far I can't figure out how!

Thanks,
Eric

Message received at 67931 <at> debbugs.gnu.org:

Received: (at 67931) by debbugs.gnu.org; 7 May 2024 14:22:11 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue May 07 10:22:11 2024
Received: from localhost ([127.0.0.1]:42955 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1s4Lhq-00086B-II
	for submit <at> debbugs.gnu.org; Tue, 07 May 2024 10:22:11 -0400
Received: from phoenix.uberspace.de ([95.143.172.135]:55194)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <illia@HIDDEN>) id 1s4Lhn-000865-OM
 for 67931 <at> debbugs.gnu.org; Tue, 07 May 2024 10:22:09 -0400
Received: (qmail 27976 invoked by uid 988); 7 May 2024 14:21:41 -0000
Authentication-Results: phoenix.uberspace.de;
	auth=pass (plain)
Received: from unknown (HELO unkown) (::1)
 by phoenix.uberspace.de (Haraka/3.0.1) with ESMTPSA;
 Tue, 07 May 2024 16:21:40 +0200
From: Illia Ostapyshyn <illia@HIDDEN>
To: Eli Zaretskii <eliz@HIDDEN>
Subject: Re: bug#67931: [PATCH] Use S/MIME key from content for mail signing
 via OpenSSL
In-Reply-To: <86y18lajgd.fsf@HIDDEN> (Eli Zaretskii's message of "Tue, 07 May
 2024 15:35:14 +0300")
References: <8734vx6mk7.fsf@HIDDEN>
 <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN>
 <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN>
 <86y18lajgd.fsf@HIDDEN>
Date: Tue, 07 May 2024 16:21:09 +0200
Message-ID: <k8ujzk5bt4a.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
X-Rspamd-Bar: ---
X-Rspamd-Report: BAYES_HAM(-3) MIME_GOOD(-0.1)
X-Rspamd-Score: -3.1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yshyn.com; s=uberspace;
 h=from:to:cc:subject:date;
 bh=sCCSBu/xiHNihjHYThbw+h7bdE2VoBxRifa74vgwkrk=;
 b=PyDrmrTAchVztNQMHchiOoAqD49aW/l8ZCOJIBaoH4SKgn53Xp3jzKAmuL0ZCgGbCARVVOyOnJ
 tOZWmnWnFpkK2xmxizrYe1gV2F0r/HqvkoaBMrkw2cCbyUXV4kWvaLWdtUt+U/o9fdMj20c9e9Px
 ts+0X0+PUtTBhLiwXk9PWPT5ZnVaKaZ0vV4fw8nx5nJiESuAEUP1VCldtHhjQL55Xx3JPFGHY+Eq
 VbBQvtG8nevpnrSn8VTTvZARAYINCamuZItZwieJa8Z/NSHOWUf3Wd/e0ROLiuW3oh5hHPVAD73D
 KeFCRRoKGylKS2DTYmwZhc9mI1lxYkBU2uRbFjIQ==
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 67931
Cc: Eric Abrahamsen <eric@HIDDEN>, larsi@HIDDEN, illia@HIDDEN,
 stefankangas@HIDDEN, 67931 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

--=-=-=
Content-Type: text/plain

Eli Zaretskii <eliz@HIDDEN> writes:

>> Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 17780 <at> debbugs.gnu.org,
>>  Stefan Kangas <stefankangas@HIDDEN>, Jan Beich <jbeich@HIDDEN>,
>>  67931 <at> debbugs.gnu.org
>> From: Illia Ostapyshyn <illia@HIDDEN>
>> Date: Mon, 06 May 2024 20:46:33 +0200
>> 
>> Sorry, forgot to attach the patch, sending it with this email.
>
> Thanks, I'm adding Eric to the discussion.

Thanks!

I've realized that reusing certfile parameter for signing will have
unintended side-effects when encrypting and signing a message.  When a
single signencrypt MML tag is used for both this results in all
certfiles passed to both `smime-encrypt-buffer' and `smime-sign-buffer'.

I'm sending a new patch that introduces a parameter called chainfile for
signatures instead.


--=-=-=
Content-Type: text/x-patch
Content-Disposition: attachment;
 filename=0001-Use-proper-smime-keys-entry-for-S-MIME-signatures-us.patch
Content-Description: PATCH

From 6b6fb491247506becacb7a217e994b828be2ea2d Mon Sep 17 00:00:00 2001
From: Illia Ostapyshyn <illia@HIDDEN>
Date: Mon, 6 May 2024 20:24:22 +0200
Subject: [PATCH] Use proper smime-keys entry for S/MIME signatures using
 OpenSSL

* doc/misc/emacs-mime.texi (MML Definition):
* lisp/gnus/mml.el (mml-parse-1): Add chainfile parameter to sign tags.
* lisp/gnus/mml-smime.el (mml-smime-openssl-sign-query): Include the
additional certificates from smime-keys in MML tag generation as
chainfile parameters.
(mml-smime-openssl-sign): Forward chainfile entries from the parsed tag
alist to smime-sign-buffer.
; * lisp/gnus/smime.el (smime-sign-region): Fix typo in documentation.
; (smime-sign-buffer): Improve documentation to match smime-sign-region.
---
 doc/misc/emacs-mime.texi |  4 ++++
 lisp/gnus/mml-smime.el   | 46 +++++++++++++++++++++++-----------------
 lisp/gnus/mml.el         |  8 +++++++
 lisp/gnus/smime.el       |  7 ++++--
 4 files changed, 43 insertions(+), 22 deletions(-)

diff --git a/doc/misc/emacs-mime.texi b/doc/misc/emacs-mime.texi
index 96a6328cd47..ef7ea614f8b 100644
--- a/doc/misc/emacs-mime.texi
+++ b/doc/misc/emacs-mime.texi
@@ -787,6 +787,10 @@ MML Definition
 @item keyfile
 File containing key and certificate for signer.
 
+@item chainfile
+File containing an additional certificate to be included with the
+message.
+
 @end table
 
 Parameters for @samp{encrypt=smime}:
diff --git a/lisp/gnus/mml-smime.el b/lisp/gnus/mml-smime.el
index 3064c46d2a3..9218bc079db 100644
--- a/lisp/gnus/mml-smime.el
+++ b/lisp/gnus/mml-smime.el
@@ -129,11 +129,15 @@ mml-smime-verify-test
     (if func
 	(funcall func handle ctl))))
 
-(defun mml-smime-openssl-sign (_cont)
-  (when (null smime-keys)
-    (customize-variable 'smime-keys)
-    (error "No S/MIME keys configured, use customize to add your key"))
-  (smime-sign-buffer (cdar smime-keys))
+(defun mml-smime-openssl-sign (cont)
+  (smime-sign-buffer
+   ;; List with key and certificate as its car, and a list of additional
+   ;; certificates to include in its cadr for smime-sign-region
+   (list
+    (cdr (assq 'keyfile cont))
+    (mapcar #'cdr (cl-remove-if-not (apply-partially #'equal 'chainfile)
+                                    cont
+                                    :key #'car-safe))))
   (goto-char (point-min))
   (while (search-forward "\r\n" nil t)
     (replace-match "\n" t t))
@@ -167,21 +171,23 @@ mml-smime-openssl-sign-query
   (when (null smime-keys)
     (customize-variable 'smime-keys)
     (error "No S/MIME keys configured, use customize to add your key"))
-  (list 'keyfile
-	(if (= (length smime-keys) 1)
-	    (cadar smime-keys)
-	  (or (let ((from (cadr (mail-extract-address-components
-				 (or (save-excursion
-				       (save-restriction
-					 (message-narrow-to-headers)
-					 (message-fetch-field "from")))
-				     "")))))
-		(and from (smime-get-key-by-email from)))
-	      (smime-get-key-by-email
-	       (gnus-completing-read "Sign this part with what signature"
-                                     (mapcar #'car smime-keys) nil nil nil
-                                     (and (listp (car-safe smime-keys))
-                                          (caar smime-keys))))))))
+  (let ((key-with-certs
+	 (if (= (length smime-keys) 1)
+	     (cdar smime-keys)
+	   (or (let ((from (cadr (mail-extract-address-components
+				  (or (save-excursion
+				        (save-restriction
+					  (message-narrow-to-headers)
+					  (message-fetch-field "from")))
+				      "")))))
+		 (and from (smime-get-key-with-certs-by-email from)))
+	       (smime-get-key-with-certs-by-email
+	        (gnus-completing-read "Sign this part with what signature"
+                                      (mapcar #'car smime-keys) nil nil nil
+                                      (and (listp (car-safe smime-keys))
+                                           (caar smime-keys))))))))
+    (append (list 'keyfile (car key-with-certs))
+            (mapcan (apply-partially #'list 'chainfile) (cadr key-with-certs)))))
 
 (defun mml-smime-get-file-cert ()
   (ignore-errors
diff --git a/lisp/gnus/mml.el b/lisp/gnus/mml.el
index edb3c286242..e3bc3932529 100644
--- a/lisp/gnus/mml.el
+++ b/lisp/gnus/mml.el
@@ -233,6 +233,10 @@ mml-parse-1
 					      (if (eq (car-safe tag) 'certfile)
 						  (cdr tag)))
 					    taginfo)))
+               (chainfiles (delq nil (mapcar (lambda (tag)
+                                               (if (eq (car-safe tag) 'chainfile)
+                                                   (cdr tag)))
+                                             taginfo)))
 	       (recipients (cdr (assq 'recipients taginfo)))
 	       (sender (cdr (assq 'sender taginfo)))
 	       (location (cdr (assq 'tag-location taginfo)))
@@ -267,6 +271,10 @@ mml-parse-1
 			    (mapcar (lambda (certfile)
 				      (list "certfile" certfile))
 				    certfiles))
+                   ,@(apply #'append
+                            (mapcar (lambda (chainfile)
+                                      (list "chainfile" chainfile))
+                                    chainfiles))
 		   ,(if recipients "recipients")
 		   ,recipients
 		   ,(if sender "sender")
diff --git a/lisp/gnus/smime.el b/lisp/gnus/smime.el
index b61579912dd..987bc7273db 100644
--- a/lisp/gnus/smime.el
+++ b/lisp/gnus/smime.el
@@ -261,7 +261,7 @@ smime-sign-region
 If signing fails, the buffer is not modified.  Region is assumed to
 have proper MIME tags.  KEYFILE is expected to contain a PEM encoded
 private key and certificate as its car, and a list of additional
-certificates to include in its caar.  If no additional certificates is
+certificates to include in its cadr.  If no additional certificates are
 included, KEYFILE may be the file containing the PEM encoded private
 key and certificate itself."
   (smime-new-details-buffer)
@@ -327,7 +327,10 @@ smime-encrypt-region
 
 (defun smime-sign-buffer (&optional keyfile buffer)
   "S/MIME sign BUFFER with key in KEYFILE.
-KEYFILE should contain a PEM encoded key and certificate."
+KEYFILE is expected to contain a PEM encoded private key and certificate
+as its car, and a list of additional certificates to include in its
+cadr.  If no additional certificates are included, KEYFILE may be the
+file containing the PEM encoded private key and certificate itself."
   (interactive)
   (with-current-buffer (or buffer (current-buffer))
     (unless (smime-sign-region
-- 
2.39.2


--=-=-=--

Message received at 67931 <at> debbugs.gnu.org:

Received: (at 67931) by debbugs.gnu.org; 7 May 2024 12:36:20 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue May 07 08:36:20 2024
Received: from localhost ([127.0.0.1]:42612 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1s4K3P-0003xw-Uy
	for submit <at> debbugs.gnu.org; Tue, 07 May 2024 08:36:20 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:56094)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@HIDDEN>)
 id 1s4K3O-0003xn-0d; Tue, 07 May 2024 08:36:19 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <eliz@HIDDEN>)
 id 1s4K2n-0003za-JC; Tue, 07 May 2024 08:35:47 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date:
 mime-version; bh=olmBGHlLhBpz8RKkQyi3XT7QWkGEC12d1IfjYEEviGU=; b=scyPO3Y+6S9v
 bQ+mkggpiuhBO1EtcboHZHEzJbvQw1VIYq2f//0De12vFVUyEucQ7SGexkuhzk8f3Hc8izrWII40A
 rSQqgiSLftQ2Ke0hFUvFY6bTgjVOlmkgktaaW0FgmxbRHKgvOU/tWddBNgWeWWKj5tJ2nHV+qeLSC
 pFCygBDia56dWDQYovQZGYAkR7LSb+hqVtkDSOISGPFUzNNUn2STcwB+2ztj/gkPgOVRiJbsr3nZm
 eszJbMLZLjHhakndchurqXFxyTbDk/Q3Gc/pQeu7rwCQhvSz3sKyLRchjB1914jLxeWgcahN9dl6G
 8mxKm8V0BrrA79LwAUqX6A==;
Date: Tue, 07 May 2024 15:35:14 +0300
Message-Id: <86y18lajgd.fsf@HIDDEN>
From: Eli Zaretskii <eliz@HIDDEN>
To: Eric Abrahamsen <eric@HIDDEN>
In-Reply-To: <k8ur0eelqwm.fsf@HIDDEN> (message from Illia Ostapyshyn on
 Mon, 06 May 2024 20:46:33 +0200)
Subject: Re: bug#67931: [PATCH] Use S/MIME key from content for mail signing
 via OpenSSL
References: <8734vx6mk7.fsf@HIDDEN>
 <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN>
 <k8uy18mlr1b.fsf@HIDDEN> <k8ur0eelqwm.fsf@HIDDEN>
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 67931
Cc: 67931 <at> debbugs.gnu.org, jbeich@HIDDEN, illia@HIDDEN,
 stefankangas@HIDDEN, larsi@HIDDEN, 17780 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

> Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 17780 <at> debbugs.gnu.org,
>  Stefan Kangas <stefankangas@HIDDEN>, Jan Beich <jbeich@HIDDEN>,
>  67931 <at> debbugs.gnu.org
> From: Illia Ostapyshyn <illia@HIDDEN>
> Date: Mon, 06 May 2024 20:46:33 +0200
> 
> Sorry, forgot to attach the patch, sending it with this email.

Thanks, I'm adding Eric to the discussion.

Message received at 67931 <at> debbugs.gnu.org:

Received: (at 67931) by debbugs.gnu.org; 7 May 2024 04:12:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue May 07 00:12:19 2024
Received: from localhost ([127.0.0.1]:41984 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1s4CBf-0003lA-3z
	for submit <at> debbugs.gnu.org; Tue, 07 May 2024 00:12:19 -0400
Received: from phoenix.uberspace.de ([95.143.172.135]:39626)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <illia@HIDDEN>) id 1s43Mg-0005mr-5r
 for 67931 <at> debbugs.gnu.org; Mon, 06 May 2024 14:47:06 -0400
Received: (qmail 23861 invoked by uid 988); 6 May 2024 18:46:40 -0000
Authentication-Results: phoenix.uberspace.de;
	auth=pass (plain)
Received: from unknown (HELO unkown) (::1)
 by phoenix.uberspace.de (Haraka/3.0.1) with ESMTPSA;
 Mon, 06 May 2024 20:46:40 +0200
From: Illia Ostapyshyn <illia@HIDDEN>
To: Illia Ostapyshyn <illia@HIDDEN>
Subject: Re: bug#67931: [PATCH] Use S/MIME key from content for mail signing
 via OpenSSL
In-Reply-To: <k8uy18mlr1b.fsf@HIDDEN> (Illia Ostapyshyn's message of "Mon, 
 06 May 2024 20:43:44 +0200")
References: <8734vx6mk7.fsf@HIDDEN>
 <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN>
 <k8uy18mlr1b.fsf@HIDDEN>
Date: Mon, 06 May 2024 20:46:33 +0200
Message-ID: <k8ur0eelqwm.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
X-Rspamd-Bar: ---
X-Rspamd-Report: BAYES_HAM(-3) MIME_GOOD(-0.1)
X-Rspamd-Score: -3.1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yshyn.com; s=uberspace;
 h=from:to:cc:subject:date;
 bh=vVx/heUuk/B9hgfh7L+yZpFbGzuSsmDd1rpI57A1WuU=;
 b=un7/2ciLmugA3MoByBcf8bKHZtWmOz7c1YAzj1QriWUC1Wc2rP+iMV4KtYKpSZwtWkaHRAF4oK
 cW0C/GB8j/q6zhKXEyWi5k4G6Agt05IYEeO5W7aEmLWYDLzlKf0Ht8zfUwuLcx7BuDhkbiGkdJe7
 WIzXaRY2LuandzMWRHWgBzZVsROewmu3RlKEZM2Pr6V2edjAeQTedz2MHNm4dr7ITRVF3inNhxRp
 wXzFPFbn+PZOcReDopkYhArRRZNOl6AE0RIePZsDBlMSVxEqfD3X3ee+Gf0HGQsFAYShJdbxhzx1
 5T2rtk41skplL/aYozIHwbsM/HUkXnZOgiaZh1oQ==
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 67931
X-Mailman-Approved-At: Tue, 07 May 2024 00:12:13 -0400
Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 17780 <at> debbugs.gnu.org,
 Stefan Kangas <stefankangas@HIDDEN>, Jan Beich <jbeich@HIDDEN>,
 67931 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

--=-=-=
Content-Type: text/plain

Sorry, forgot to attach the patch, sending it with this email.


--=-=-=
Content-Type: text/x-patch
Content-Disposition: inline;
 filename=0001-Use-proper-smime-keys-entry-for-S-MIME-signatures-us.patch
Content-Description: PATCH

From b228ee97f41911f2aba7b98ae1b5d1226e95e099 Mon Sep 17 00:00:00 2001
From: Illia Ostapyshyn <illia@HIDDEN>
Date: Mon, 6 May 2024 20:24:22 +0200
Subject: [PATCH] Use proper smime-keys entry for S/MIME signatures using
 OpenSSL

* lisp/gnus/mml-smime.el (mml-smime-openssl-sign-query): Include the
additional certificates from smime-keys in plist for MML tag generation.
(mml-smime-openssl-sign): Forward certfile entries from the MML tag to
smime-sign-buffer.
* doc/misc/emacs-mime.texi (MML Definition): certfile parameter is now
common to both sign and encrypt.  Clarify that certfile entries can be
repeated.
; * lisp/gnus/smime.el (smime-sign-region): Fix typo in documentation.
; (smime-sign-buffer): Improve documentation to match smime-sign-region.
---
 doc/misc/emacs-mime.texi | 11 +++-------
 lisp/gnus/mml-smime.el   | 46 +++++++++++++++++++++++-----------------
 lisp/gnus/smime.el       |  7 ++++--
 3 files changed, 34 insertions(+), 30 deletions(-)

diff --git a/doc/misc/emacs-mime.texi b/doc/misc/emacs-mime.texi
index 96a6328cd47..e3e33bad8b4 100644
--- a/doc/misc/emacs-mime.texi
+++ b/doc/misc/emacs-mime.texi
@@ -780,21 +780,16 @@ MML Definition
 
 @end table
 
-Parameters for @samp{sign=smime}:
+Parameters for @samp{sign=smime} and @samp{encrypt=smime}:
 
 @table @samp
 
 @item keyfile
 File containing key and certificate for signer.
 
-@end table
-
-Parameters for @samp{encrypt=smime}:
-
-@table @samp
-
 @item certfile
-File containing certificate for recipient.
+File containing certificate for recipient.  May appear multiple times
+for multiple certificates.
 
 @end table
 
diff --git a/lisp/gnus/mml-smime.el b/lisp/gnus/mml-smime.el
index 3064c46d2a3..17b338755e3 100644
--- a/lisp/gnus/mml-smime.el
+++ b/lisp/gnus/mml-smime.el
@@ -129,11 +129,15 @@ mml-smime-verify-test
     (if func
 	(funcall func handle ctl))))
 
-(defun mml-smime-openssl-sign (_cont)
-  (when (null smime-keys)
-    (customize-variable 'smime-keys)
-    (error "No S/MIME keys configured, use customize to add your key"))
-  (smime-sign-buffer (cdar smime-keys))
+(defun mml-smime-openssl-sign (cont)
+  (smime-sign-buffer
+   ;; List with key and certificate as its car, and a list of additional
+   ;; certificates to include in its cadr for smime-sign-region
+   (list
+    (cdr (assq 'keyfile cont))
+    (mapcar #'cdr (cl-remove-if-not (apply-partially #'equal 'certfile)
+                                    cont
+                                    :key #'car-safe))))
   (goto-char (point-min))
   (while (search-forward "\r\n" nil t)
     (replace-match "\n" t t))
@@ -167,21 +171,23 @@ mml-smime-openssl-sign-query
   (when (null smime-keys)
     (customize-variable 'smime-keys)
     (error "No S/MIME keys configured, use customize to add your key"))
-  (list 'keyfile
-	(if (= (length smime-keys) 1)
-	    (cadar smime-keys)
-	  (or (let ((from (cadr (mail-extract-address-components
-				 (or (save-excursion
-				       (save-restriction
-					 (message-narrow-to-headers)
-					 (message-fetch-field "from")))
-				     "")))))
-		(and from (smime-get-key-by-email from)))
-	      (smime-get-key-by-email
-	       (gnus-completing-read "Sign this part with what signature"
-                                     (mapcar #'car smime-keys) nil nil nil
-                                     (and (listp (car-safe smime-keys))
-                                          (caar smime-keys))))))))
+  (let ((key-with-certs
+	 (if (= (length smime-keys) 1)
+	     (cdar smime-keys)
+	   (or (let ((from (cadr (mail-extract-address-components
+				  (or (save-excursion
+				        (save-restriction
+					  (message-narrow-to-headers)
+					  (message-fetch-field "from")))
+				      "")))))
+		 (and from (smime-get-key-with-certs-by-email from)))
+	       (smime-get-key-with-certs-by-email
+	        (gnus-completing-read "Sign this part with what signature"
+                                      (mapcar #'car smime-keys) nil nil nil
+                                      (and (listp (car-safe smime-keys))
+                                           (caar smime-keys))))))))
+    (append (list 'keyfile (car key-with-certs))
+            (mapcan (apply-partially #'list 'certfile) (cadr key-with-certs)))))
 
 (defun mml-smime-get-file-cert ()
   (ignore-errors
diff --git a/lisp/gnus/smime.el b/lisp/gnus/smime.el
index b61579912dd..987bc7273db 100644
--- a/lisp/gnus/smime.el
+++ b/lisp/gnus/smime.el
@@ -261,7 +261,7 @@ smime-sign-region
 If signing fails, the buffer is not modified.  Region is assumed to
 have proper MIME tags.  KEYFILE is expected to contain a PEM encoded
 private key and certificate as its car, and a list of additional
-certificates to include in its caar.  If no additional certificates is
+certificates to include in its cadr.  If no additional certificates are
 included, KEYFILE may be the file containing the PEM encoded private
 key and certificate itself."
   (smime-new-details-buffer)
@@ -327,7 +327,10 @@ smime-encrypt-region
 
 (defun smime-sign-buffer (&optional keyfile buffer)
   "S/MIME sign BUFFER with key in KEYFILE.
-KEYFILE should contain a PEM encoded key and certificate."
+KEYFILE is expected to contain a PEM encoded private key and certificate
+as its car, and a list of additional certificates to include in its
+cadr.  If no additional certificates are included, KEYFILE may be the
+file containing the PEM encoded private key and certificate itself."
   (interactive)
   (with-current-buffer (or buffer (current-buffer))
     (unless (smime-sign-region
-- 
2.39.2


--=-=-=--

Message received at 67931 <at> debbugs.gnu.org:

Received: (at 67931) by debbugs.gnu.org; 7 May 2024 04:12:17 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue May 07 00:12:16 2024
Received: from localhost ([127.0.0.1]:41978 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1s4CBa-0003kt-6p
	for submit <at> debbugs.gnu.org; Tue, 07 May 2024 00:12:16 -0400
Received: from phoenix.uberspace.de ([95.143.172.135]:38770)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <illia@HIDDEN>) id 1s43K8-0005iA-Ja
 for 67931 <at> debbugs.gnu.org; Mon, 06 May 2024 14:44:29 -0400
Received: (qmail 21995 invoked by uid 988); 6 May 2024 18:44:02 -0000
Authentication-Results: phoenix.uberspace.de;
	auth=pass (plain)
Received: from unknown (HELO unkown) (::1)
 by phoenix.uberspace.de (Haraka/3.0.1) with ESMTPSA;
 Mon, 06 May 2024 20:44:02 +0200
From: Illia Ostapyshyn <illia@HIDDEN>
To: Stefan Kangas <stefankangas@HIDDEN>
Subject: Re: bug#67931: [PATCH] Use S/MIME key from content for mail signing
 via OpenSSL
In-Reply-To: <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN>
 (Stefan Kangas's message of "Thu, 11 Jan 2024 13:05:46 -0800")
References: <8734vx6mk7.fsf@HIDDEN>
 <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN>
Date: Mon, 06 May 2024 20:43:44 +0200
Message-ID: <k8uy18mlr1b.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain
X-Rspamd-Bar: ---
X-Rspamd-Report: BAYES_HAM(-3) MIME_GOOD(-0.1)
X-Rspamd-Score: -3.1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yshyn.com; s=uberspace;
 h=from:to:cc:subject:date;
 bh=YQXa1EL7//8xCD2CFLTt/mEW9s6nDCEvvYN7oxTHoeQ=;
 b=s/AESpRQ62JNCCaA7cpxjNoIC0wzop9jVi+JDSN9FLaq/e5qFK9RUL5O5LYTTl9hClzWnbDOJJ
 jgWcHw5LrzoWBKSRZ/fbwv0zBhJOY/0dUxQNx+LGHDoqCAUEwUC5AkCZws+wIA8jiNNsoh0unXUT
 7Ruakc8Bnw4otfGsxULuMSs6RdSyd2RmDx31u+H2hl4PakDrP+oxNUyMJXPmOWzZmOj8clkgbLk6
 rUciqfmuxFs054VlGI1QwjK3Yx6bsigNTR+3AVN3NVz7L/7eonr6cfpCidS1ajSOhK1mwNCySWw/
 LWwujpIfYI2PR3H2MO3dc1/QiMrJZf2GUaB1XfqQ==
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 67931
X-Mailman-Approved-At: Tue, 07 May 2024 00:12:13 -0400
Cc: 17780 <at> debbugs.gnu.org, Lars Ingebrigtsen <larsi@HIDDEN>,
 Illia Ostapyshyn <illia@HIDDEN>, 67931 <at> debbugs.gnu.org,
 Jan Beich <jbeich@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

Hi Stefan,

I've been investigating this issue a bit more and discovered bug#17780.  My
original patch basically reverts its "fix" ac1507a8b6 (which wasn't a proper
fix), and there is another issue present.  I'm sending a new patch that fixes
both issues for good.  To recap:

- When composing a message signed with S/MIME, the workflow is to insert a
  "sign tag" using `mml-secure-sign-smime'.  When using openssl (as per
  mml-smime-use), this will search `smime-keys' for the keyfile and certs
  corresponding to the message sender (From header) and generate a sign MML
  tag [1].  Then, just before the message is sent, `mml-generate-mime' parses
  the tag and converts it into an alist passed to `mml-smime-openssl-sign',
  which executes openssl with the respective arguments from the alist/mml tag.

- Prior to bug#17780 patch this process would use the right keyfile from
  smime-keys, but would ignore additional certificates to be included in the
  message (third member of `smime-keys' entry).  The generated MML tag did not
  include certfiles and `mml-smime-openssl-sign' did not have the logic to
  process these, even if they were included in the tag/received alist.

- The applied patch ac1507a8b6 just uses (cdar smime-keys), which now includes
  the certfiles, but always takes the first entry of `smime-keys'.  If the
  user has setup several entries, i.e., different keys for subsequent mail
  addresses, this results in wrong keyfile/certs being used.  This is
  bug#67931.

The new patch complements `mml-secure-sign-smime' to include certfiles in the
generated tag.  With this, certfiles appear in the alist for
`mml-smime-openssl-sign', which is modified to process these entries and
forward them to `smime-sign-buffer'.

It also fixes a typo in documentation of `smime-sign-region': caar is meant to
be cadr.

> Could you please provide a way to reproduce the issue that you're
> seeing?

Here's a way to reproduce this in emacs -Q:

1. Start composing a message from bar@localhost with

(progn
  (setq mml-smime-use 'openssl
     	smime-keys '(("foo@localhost" "foo.pem" ("chain1foo.pem" "chain2foo.pem"))
                     ("bar@localhost" "bar.pem" ("chain1bar.pem" "chain2bar.pem"))
                     ("baz@localhost" "baz.pem" ("chain1baz.pem" "chain2baz.pem"))))
  (debug-on-entry #'smime-sign-buffer)
  (compose-mail "test@HIDDEN" "#67931 reproducer" '((from . "bar@localhost"))))

2. Use `mml-secure-sign-smime' (C-c RET S s) to insert a tag on top of the
   message with the proper path for message sender bar@localhost:
   <#part sign=smime keyfile=bar.pem>

3. Use `message-send-and-exit` (C-c C-c) to trigger the breakpoint. This
   yields the following backtrace:

Debugger entered--entering a function:
* smime-sign-buffer(("foo.pem" ("chain1foo.pem" "chain2foo.pem")))
  mml-smime-openssl-sign((part (sign . "smime") (keyfile . "bar.pem") (tag-location . 202) (contents . "")))
  mml-smime-sign((part (sign . "smime") (keyfile . "bar.pem") (tag-location . 202) (contents . "")))
  mml-smime-sign-buffer((part (sign . "smime") (keyfile . "bar.pem") (tag-location . 202) (contents . "")))
  mml-generate-mime-1((part (sign . "smime") (keyfile . "bar.pem") (tag-location . 202) (contents . "")))
  mml-generate-mime(nil nil)
  message-encode-message-body()
  message-send-mail(nil)
  message-send-via-mail(nil)
  message-send(nil)
  message-send-and-exit(nil)
  funcall-interactively(message-send-and-exit nil)
  command-execute(message-send-and-exit)

Here, `smime-sign-buffer' signs the buffer with foo.pem, which corresponds to
smime-keys entry for foo@localhost, not bar@localhost.  As I described, (cdar
smime-keys) on line 136 in mml-smime.el always uses the first entry of
`smime-keys' regardless of the tag parameters.

In theory, `mml-smime-openssl-sign' should not access `smime-keys' at all, as
the keyfile/certfiles selection is handled (including the removed error
message and customize call) during sign tag generation in
`mml-secure-sign-smime'.  Instead, `mml-smime-openssl-sign' should use the
information from the tag passed in the cont argument (seen in the backtrace).

This is the case with this patch.  With it applied, the behavior changes:

- In step 2, the inserted tag now includes all the certfiles:
  <#part sign=smime keyfile=bar.pem certfile=chain1bar.pem certfile=chain2bar.pem>

- In step 3, `smime-sign-buffer' receives proper keyfile and all certfiles.

* smime-sign-buffer(("bar.pem" ("chain1bar.pem" "chain2bar.pem")))
  mml-smime-openssl-sign((part (sign . "smime") (keyfile . "bar.pem") (certfile . "chain1bar.pem") (certfile . "chain2bar.pem") (tag-location . 202) (contents . "")))

I've also updated the MML definition in documentation, since certfile
parameter is now common to both sign and encrypt tags.  Regarding the remark
about multiple entries: this is not new and already the case when encrypting
for multiple recipients (try `mml-secure-encrypt-smime'), but IMHO worth
clarifying, in case users desire write MML tags manually.

[1] https://www.gnu.org/software/emacs/manual/html_node/emacs-mime/MML-Definition.html

Message received at 67931 <at> debbugs.gnu.org:

Received: (at 67931) by debbugs.gnu.org; 11 Jan 2024 21:05:52 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Jan 11 16:05:52 2024
Received: from localhost ([127.0.0.1]:34136 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1rO2FM-0000Ob-Ik
	for submit <at> debbugs.gnu.org; Thu, 11 Jan 2024 16:05:52 -0500
Received: from mail-lj1-x22e.google.com ([2a00:1450:4864:20::22e]:49496)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <stefankangas@HIDDEN>) id 1rO2FK-0000OM-GD
 for 67931 <at> debbugs.gnu.org; Thu, 11 Jan 2024 16:05:52 -0500
Received: by mail-lj1-x22e.google.com with SMTP id
 38308e7fff4ca-2ccbc328744so69984621fa.3
 for <67931 <at> debbugs.gnu.org>; Thu, 11 Jan 2024 13:05:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1705007147; x=1705611947; darn=debbugs.gnu.org;
 h=cc:to:subject:message-id:date:mime-version:references:in-reply-to
 :from:from:to:cc:subject:date:message-id:reply-to;
 bh=6I2LW+qDHg9+f2iW16ddV+EQnIn2Voi5Lo3I1D3cKfw=;
 b=gSlIqcDJMS+9cJ2WczvkRhhD+cphjPRZ01Qh3/0k2QdSHGkb5+2uxyuDL7g0y0sj7G
 SR79Mu6JuEcIXx2D3vk9C4piIZJoHtC8oLsuq4DAVQZt4uY/Xu1WeHZqy82fLAkM/uhM
 EtxshvwaE5mY22bgjV7iTCpUBPY6r2y0figs0Jxs1VsaIQBQi/obhBUFg0pRHTM3wdhS
 P/6I3DmFRUOmuArCHF55ZMHpx7tYefJ2sRxYYwarU7YTnGIEzxJM8a7r3HVnmfkbO8XL
 Gm4Ev26Is7JCCPiaDrnx1kVEEIdvl7CeR4VoLEkLYvlG7wd0vEL+bAc2oLU5Gecd2d0L
 uPzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1705007147; x=1705611947;
 h=cc:to:subject:message-id:date:mime-version:references:in-reply-to
 :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=6I2LW+qDHg9+f2iW16ddV+EQnIn2Voi5Lo3I1D3cKfw=;
 b=l38UqpMqOncMjYs3g/wVRsCFwO0MflExVuvZxJ+w6FD/qAJ4SiJl4CXcaRJJDiQvXL
 XvjDoa7/8BGoGCbgdyTf4nLBTT4hOqkEMK7QQdy875tsXOO2oWL7meoWN8ArxB5xDIQe
 ts1+XVVdfdF/65spIgTEDqtd/C8V5Rmu6sjylcfLvx9YIHuF0B39d1kw0NhwHk4zaPSc
 oCKKOYDMIQ/k5CJpI1Z7380pF/7fyluN9SUJ+tWainS+T9CPqKA2PmZ9ggJlPkJl8Roi
 vzcw2OlJZF8WSL4rQHuHmzlJ/pc7UswrsR8C29q/WuxETg9UJ/54Pj8FdXr8qt/4ul5+
 erhA==
X-Gm-Message-State: AOJu0YwUWkRRL93MNokFeJXqxvXJVncWgsb8NyZAWXlx8MsAhKOkiZYE
 WEtAW9DELrPn/YUSuzsML6+8FI2njENjVjPIYwVLroXQ1ZI=
X-Google-Smtp-Source: AGHT+IE+juVNTEWBa7DXQS5kHikuDp1QztfM/cyZ/qEFU3pLl/6cCCX6PGwVVPMTdWKQ2Itv+BqEt69wFKEQvNWDZw4=
X-Received: by 2002:a2e:9b91:0:b0:2cd:1ca6:87c0 with SMTP id
 z17-20020a2e9b91000000b002cd1ca687c0mr175128lji.23.1705007146671; Thu, 11 Jan
 2024 13:05:46 -0800 (PST)
Received: from 753933720722 named unknown by gmailapi.google.com with
 HTTPREST; Thu, 11 Jan 2024 13:05:46 -0800
From: Stefan Kangas <stefankangas@HIDDEN>
In-Reply-To: <8734vx6mk7.fsf@HIDDEN> (Illia Ostapyshyn's message of "Wed,
 20 Dec 2023 14:16:56 +0100")
References: <8734vx6mk7.fsf@HIDDEN>
MIME-Version: 1.0
Date: Thu, 11 Jan 2024 13:05:46 -0800
Message-ID: <CADwFkmnTan0CHsY7EEBD8XH4cuZa8OpXN6paSFzHg4q1stoGFg@HIDDEN>
Subject: Re: bug#67931: [PATCH] Use S/MIME key from content for mail signing
 via OpenSSL
To: Illia Ostapyshyn <illia@HIDDEN>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 67931
Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 67931 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Illia Ostapyshyn <illia@HIDDEN> writes:

> * Bug
>
> mml-smime-openssl-sign always takes the cdar of smime-keys, resulting in
> keyfile parameter of the #secure tag being ignored.  Hence, only the
> first entry of smime-keys is used, regardless of the mail contents or
> sender address.
>
> * Fix
>
> The relevant information (returned from mml-smime-openssl-sign-query) is
> already in the cont alist passed to mml-smime-openssl-sign, just use
> that instead.

Thanks for the patch.

Could you please provide a way to reproduce the issue that you're
seeing?  We don't have anyone onboard that is deeply familiar with this
code, I think, and it is security-sensitive.  Therefore, I'd like to be
careful when making changes here.

If we could have unit tests for this, it would be even better, of course.

Message received at submit <at> debbugs.gnu.org:

Received: (at submit) by debbugs.gnu.org; 20 Dec 2023 13:58:38 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Dec 20 08:58:38 2023
Received: from localhost ([127.0.0.1]:38938 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1rFx5p-00040P-9e
	for submit <at> debbugs.gnu.org; Wed, 20 Dec 2023 08:58:38 -0500
Received: from lists.gnu.org ([2001:470:142::17]:60850)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <illia@HIDDEN>) id 1rFwSJ-0006Bl-Rw
 for submit <at> debbugs.gnu.org; Wed, 20 Dec 2023 08:17:51 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <illia@HIDDEN>) id 1rFwRp-0007qk-R9
 for bug-gnu-emacs@HIDDEN; Wed, 20 Dec 2023 08:17:18 -0500
Received: from mailout1n.rrzn.uni-hannover.de ([130.75.2.107])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <illia@HIDDEN>) id 1rFwRn-0002MA-LP
 for bug-gnu-emacs@HIDDEN; Wed, 20 Dec 2023 08:17:17 -0500
Received: from yowie (dyn-148141.mip.uni-hannover.de [10.172.148.141])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest
 SHA256) (No client certificate requested)
 by mailout1n.rrzn.uni-hannover.de (Postfix) with ESMTPSA id E98C71F4;
 Wed, 20 Dec 2023 14:17:06 +0100 (CET)
From: Illia Ostapyshyn <illia@HIDDEN>
To: bug-gnu-emacs@HIDDEN
Subject: [PATCH] Use S/MIME key from content for mail signing via OpenSSL
Date: Wed, 20 Dec 2023 14:16:56 +0100
Message-ID: <8734vx6mk7.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
X-Virus-Scanned: clamav-milter 0.103.9 at mailout1n
X-Virus-Status: Clean
Received-SPF: softfail client-ip=130.75.2.107; envelope-from=illia@HIDDEN;
 helo=mailout1n.rrzn.uni-hannover.de
X-Spam_score_int: -26
X-Spam_score: -2.7
X-Spam_bar: --
X-Spam_report: (-2.7 / 5.0 requ) BAYES_00=-1.9, FROM_FMBLA_NEWDOM28=0.799,
 RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: 1.8 (+)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: * Bug mml-smime-openssl-sign always takes the cdar of
 smime-keys, 
 resulting in keyfile parameter of the #secure tag being ignored. Hence, only
 the first entry of smime-keys is used, regardless of the mail c [...] 
 Content analysis details:   (1.8 points, 10.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
 1.0 SPF_SOFTFAIL           SPF: sender does not match SPF record (softfail)
 -0.0 T_SCC_BODY_TEXT_LINE   No description available.
 0.8 FROM_FMBLA_NEWDOM28    From domain was registered in last 14-28
 days
X-Debbugs-Envelope-To: submit
X-Mailman-Approved-At: Wed, 20 Dec 2023 08:58:35 -0500
Cc: Lars Ingebrigtsen <larsi@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 0.8 (/)

--=-=-=
Content-Type: text/plain

* Bug

mml-smime-openssl-sign always takes the cdar of smime-keys, resulting in
keyfile parameter of the #secure tag being ignored.  Hence, only the
first entry of smime-keys is used, regardless of the mail contents or
sender address.

* Fix

The relevant information (returned from mml-smime-openssl-sign-query) is
already in the cont alist passed to mml-smime-openssl-sign, just use
that instead.


--=-=-=
Content-Type: text/x-patch
Content-Disposition: inline;
 filename=0001-Use-S-MIME-key-from-content-for-mail-signing-via-Ope.patch
Content-Description: Patch

From 477badfc705c5dd59cfd8a577eab9eaf4a510e0f Mon Sep 17 00:00:00 2001
From: Illia Ostapyshyn <illia@HIDDEN>
Date: Wed, 20 Dec 2023 13:57:28 +0100
Subject: [PATCH] Use S/MIME key from content for mail signing via OpenSSL

* lisp/gnus/mml-smime.el (mml-smime-openssl-sign): Use the key
passed in the cont argument instead of the first smime-keys entry.
---
 lisp/gnus/mml-smime.el | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/lisp/gnus/mml-smime.el b/lisp/gnus/mml-smime.el
index 896c95f8d3e..713b7fe5b68 100644
--- a/lisp/gnus/mml-smime.el
+++ b/lisp/gnus/mml-smime.el
@@ -130,10 +130,7 @@ mml-smime-verify-test
 	(funcall func handle ctl))))
 
 (defun mml-smime-openssl-sign (_cont)
-  (when (null smime-keys)
-    (customize-variable 'smime-keys)
-    (error "No S/MIME keys configured, use customize to add your key"))
-  (smime-sign-buffer (cdar smime-keys))
+  (smime-sign-buffer (cdr (assq 'keyfile cont)))
   (goto-char (point-min))
   (while (search-forward "\r\n" nil t)
     (replace-match "\n" t t))
-- 
2.43.0


--=-=-=--