Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

"Nuclear war can ruin your whole compile." -- Karl Lehenbauer


computers / comp.mail.mutt / Re: What is the correct application behavior for PGP

SubjectAuthor
* What is the correct application behavior for PGPSzczezuja.space
`* Re: What is the correct application behavior for PGPMatthew Ernisse
 `* Re: What is the correct application behavior for PGPSzczezuja.space
  `* Re: What is the correct application behavior for PGPMatthew Ernisse
   `- Re: What is the correct application behavior for PGPSzczezuja.space

1
What is the correct application behavior for PGP

<slrntgaahh.1d8dh.szczezuja@vps648005.ovh.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=88&group=comp.mail.mutt#88

 copy link   Newsgroups: comp.mail.mutt
Path: i2pn2.org!i2pn.org!aioe.org!pz9O57YImhWMuqd0J5Dc7A.user.46.165.242.75.POSTED!not-for-mail
From: szczez...@sdf.org (Szczezuja.space)
Newsgroups: comp.mail.mutt
Subject: What is the correct application behavior for PGP
Date: Tue, 23 Aug 2022 19:27:45 -0000 (UTC)
Organization: Aioe.org NNTP Server
Message-ID: <slrntgaahh.1d8dh.szczezuja@vps648005.ovh.net>
Injection-Info: gioia.aioe.org; logging-data="34109"; posting-host="pz9O57YImhWMuqd0J5Dc7A.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: slrn/1.0.3 (Linux)
X-Notice: Filtered by postfilter v. 0.9.2
 by: Szczezuja.space - Tue, 23 Aug 2022 19:27 UTC

Hello,

I'm testing mutt and neomutt behaviour and I don't know if what I see is
the correct behavior of the application. I am able to sent and receive
signed and encrypted mails. I set up a proper line in configuration file
for it, like for eg.:

> XIV. Configuring Mutt For Use With GnuPG
> https://codesorcery.net/old/mutt/mutt-gnupg-howto

Because I'm working in only text environment and I had a problem with
it, I modified the config file by removing "--batch" and
"--passphrase-fd 0" so mutt is asking for passphrase every time I need
it.

I am aware that I can add "fcc_clear" to save unencrypted sent mails,
but I'm not using it.

I am aware that I can also add "--encrypt-to" to encrypt mails with two
public keys (recipientd an my one). But I am not doing this for now.

So I sent a mail, with PGP option "both" which I understood as "to sign"
and "to encrypt", then I switched to sent mails. I can see my e-mail,
and I can't see its encrypted content.

But mutt and neomutt are showing a strange request for passphrase. And
what is more the "focus" isn't in that line, so I can't put there any
text. After I'm pressing ctrl+c application is showing expected message
"[-- Error: decryption failed --]".

Maybe I miss configured something, so please describe me what is the
correct behaviour in that situation?

Best regards,

--
.-=-. Szczezuja; on the small-net:
( S\ \ gemini://szczezuja.space/ - gemlog & tinylog
`--' / gopher://sdf.org:70/0/users/szczezuja/ - phlog

Re: What is the correct application behavior for PGP

<slrntgae12.4gh.matt@imladris.colo.ub3rgeek.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=89&group=comp.mail.mutt#89

 copy link   Newsgroups: comp.mail.mutt
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: mat...@going-flying.com (Matthew Ernisse)
Newsgroups: comp.mail.mutt
Subject: Re: What is the correct application behavior for PGP
Date: Tue, 23 Aug 2022 20:27:14 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 50
Message-ID: <slrntgae12.4gh.matt@imladris.colo.ub3rgeek.net>
References: <slrntgaahh.1d8dh.szczezuja@vps648005.ovh.net>
Injection-Date: Tue, 23 Aug 2022 20:27:14 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="d5e332ea9bfb412656d2ee2873d2d57c";
logging-data="3244560"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+eykz06OUQRtMmtBz5b1ubi9XdDQ5ZwNI="
User-Agent: slrn/1.0.3 (Linux)
Cancel-Lock: sha1:wZ8Cgc381J6+bcuAZP8aPc/NReY=
 by: Matthew Ernisse - Tue, 23 Aug 2022 20:27 UTC

On Tue, 23 Aug 2022 19:27:45 -0000 (UTC), Szczezuja.space wrote:

[ snip ]

> Because I'm working in only text environment and I had a problem with
> it, I modified the config file by removing "--batch" and
> "--passphrase-fd 0" so mutt is asking for passphrase every time I need
> it.

[ snip ]

> But mutt and neomutt are showing a strange request for passphrase. And
> what is more the "focus" isn't in that line, so I can't put there any
> text. After I'm pressing ctrl+c application is showing expected message
> "[-- Error: decryption failed --]".

I've used the Debian example gpg.rc (installed by default in Debian
distributions in /usr/share/doc/mutt/examples/gpg.rc) for over a decade
and it has always worked for me (I run mutt in either GNU screen or tmux
exclusively, so also a text-only environment).

I note that the command that would be used to decrypt a message is as
follows (line wrapping mine):

---
# decrypt a pgp/mime attachment
set pgp_decrypt_command="gpg --status-fd=2 %?p?--passphrase-fd 0
--pinentry-mode=loopback? --no-verbose --quiet --batch
--output - %f"
---

It includes both --batch and --passphrase-fd 0, so I suspect removing
those arguments were an error on your part and as a result gpg is unable
to read your input (the passphrase). The gpg(1) manpage notes that since
version 2.0 --batch is required for --passphrase-fd and further that
--pinentry-mode loopback is required in version 2.1.

Based on the Mutt manual[1]'s note that pinentry does not function on
tty systems I believe what you are missing is the "--pinentry-mode
loopback" option.

There is also some discussion that seems similar to your problem in the
Debian bug[2] filed against the mutt package.

[1] http://mutt.org/doc/manual/#enc-pgp
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828751

--
"The avalanche has started, it is too late for the pebbles to vote."
--Kosh

Re: What is the correct application behavior for PGP

<slrntgnec5.1oja8.szczezuja@vps648005.ovh.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=90&group=comp.mail.mutt#90

 copy link   Newsgroups: comp.mail.mutt
Path: i2pn2.org!i2pn.org!aioe.org!pz9O57YImhWMuqd0J5Dc7A.user.46.165.242.75.POSTED!not-for-mail
From: szczez...@sdf.org (Szczezuja.space)
Newsgroups: comp.mail.mutt
Subject: Re: What is the correct application behavior for PGP
Date: Sun, 28 Aug 2022 18:52:53 -0000 (UTC)
Organization: Aioe.org NNTP Server
Message-ID: <slrntgnec5.1oja8.szczezuja@vps648005.ovh.net>
References: <slrntgaahh.1d8dh.szczezuja@vps648005.ovh.net>
<slrntgae12.4gh.matt@imladris.colo.ub3rgeek.net>
Injection-Info: gioia.aioe.org; logging-data="43093"; posting-host="pz9O57YImhWMuqd0J5Dc7A.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: slrn/1.0.3 (Linux)
X-Notice: Filtered by postfilter v. 0.9.2
 by: Szczezuja.space - Sun, 28 Aug 2022 18:52 UTC

On 2022-08-23, Matthew Ernisse <matt@going-flying.com> wrote:
> On Tue, 23 Aug 2022 19:27:45 -0000 (UTC), Szczezuja.space wrote:
>
> I've used the Debian example gpg.rc (installed by default in Debian
> distributions in /usr/share/doc/mutt/examples/gpg.rc) for over a decade
> and it has always worked for me (I run mutt in either GNU screen or tmux
> exclusively, so also a text-only environment).

Thanks for your reply. I'm investigating my configuration and your
sources. I haven't set the proper configuration yet.

But going back to my question, could you describe the proper behaviour
of the mutt application in such situation - decrypting a message where a
default public key isn't fit (as I've written, when I sent encrypted
mail to someone else).

Thanks,

--
.-=-. Szczezuja; on the small-net:
( S\ \ gemini://szczezuja.space/ - gemlog & tinylog
`--' / gopher://sdf.org:70/0/users/szczezuja/ - phlog

Re: What is the correct application behavior for PGP

<slrntgq6df.4gh.matt@imladris.colo.ub3rgeek.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=91&group=comp.mail.mutt#91

 copy link   Newsgroups: comp.mail.mutt
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: mat...@going-flying.com (Matthew Ernisse)
Newsgroups: comp.mail.mutt
Subject: Re: What is the correct application behavior for PGP
Date: Mon, 29 Aug 2022 19:55:27 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 21
Message-ID: <slrntgq6df.4gh.matt@imladris.colo.ub3rgeek.net>
References: <slrntgaahh.1d8dh.szczezuja@vps648005.ovh.net>
<slrntgae12.4gh.matt@imladris.colo.ub3rgeek.net>
<slrntgnec5.1oja8.szczezuja@vps648005.ovh.net>
Injection-Date: Mon, 29 Aug 2022 19:55:27 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="4fa23a71ee8e4c0e4848d036deed3d4b";
logging-data="1309581"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18ZzauvdkyWrgR9u/NCpkqAhpZntaOnhzQ="
User-Agent: slrn/1.0.3 (Linux)
Cancel-Lock: sha1:xRV+UaPf5MJcOzjIBCbhOXedeNM=
 by: Matthew Ernisse - Mon, 29 Aug 2022 19:55 UTC

On Sun, 28 Aug 2022 18:52:53 -0000 (UTC), Szczezuja.space wrote:
> But going back to my question, could you describe the proper behaviour
> of the mutt application in such situation - decrypting a message where a
> default public key isn't fit (as I've written, when I sent encrypted
> mail to someone else).

If I am understanding your configuration as you described in
<slrntgaahh.1d8dh.szczezuja@vps648005.ovh.net> the resultant behavior
appears correct to me.

You have signed a message with your private key so naturally you can verify
it with your public key; however, as you have encrypted that message with
only your recipient's public key you will be unable to decrypt it.

You may want to brush up on how private key cryptography works and which
operations use which key in the pair to better understand what is happening
here.

--
"The avalanche has started, it is too late for the pebbles to vote."
--Kosh

Re: What is the correct application behavior for PGP

<slrntik3b1.3k8bk.szczezuja@vps648005.ovh.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=101&group=comp.mail.mutt#101

 copy link   Newsgroups: comp.mail.mutt
Path: i2pn2.org!i2pn.org!aioe.org!pz9O57YImhWMuqd0J5Dc7A.user.46.165.242.75.POSTED!not-for-mail
From: szczez...@sdf.org (Szczezuja.space)
Newsgroups: comp.mail.mutt
Subject: Re: What is the correct application behavior for PGP
Date: Tue, 20 Sep 2022 18:58:41 -0000 (UTC)
Organization: Aioe.org NNTP Server
Message-ID: <slrntik3b1.3k8bk.szczezuja@vps648005.ovh.net>
References: <slrntgaahh.1d8dh.szczezuja@vps648005.ovh.net>
<slrntgae12.4gh.matt@imladris.colo.ub3rgeek.net>
<slrntgnec5.1oja8.szczezuja@vps648005.ovh.net>
<slrntgq6df.4gh.matt@imladris.colo.ub3rgeek.net>
Injection-Info: gioia.aioe.org; logging-data="14280"; posting-host="pz9O57YImhWMuqd0J5Dc7A.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: slrn/1.0.3 (Linux)
X-Notice: Filtered by postfilter v. 0.9.2
 by: Szczezuja.space - Tue, 20 Sep 2022 18:58 UTC

On 2022-08-29, Matthew Ernisse <matt@going-flying.com> wrote:
> On Sun, 28 Aug 2022 18:52:53 -0000 (UTC), Szczezuja.space wrote:
>> But going back to my question, could you describe the proper behaviour
>> of the mutt application in such situation - decrypting a message where a
>> default public key isn't fit (as I've written, when I sent encrypted
>> mail to someone else).
>
> If I am understanding your configuration as you described in
><slrntgaahh.1d8dh.szczezuja@vps648005.ovh.net> the resultant behavior
> appears correct to me.
>
> You have signed a message with your private key so naturally you can verify
> it with your public key; however, as you have encrypted that message with
> only your recipient's public key you will be unable to decrypt it.
>
> You may want to brush up on how private key cryptography works and which
> operations use which key in the pair to better understand what is happening
> here.

Unfortunately I'm still facing the problem with decryption. I've been
browsing source code:
https://neomutt.org/code/pgp_8c.html#ab1d25d86d6ee4e2f88ef7102fa9477e6
so I'm knowing that the proper behaviour is "decryption failed" message.

Mutt is showing the message "No such file or directory", but after I've
run it in debug mode I've seen that it isn't the clue of my problem.

My debug file is something like bellow:

> [...]
> [2022-09-20 18:38:11]<1> pgp_decrypt_part() created temp file '/tmp/neomutt-f4vBDi'
> [...]
> [2022-09-20 18:38:11]<2> mutt_pgp_command() gpg --status-fd=2 --passphrase-fd 0
> --no-verbose --quiet --batch /tmp/neomutt-sdf-60633-14988-5733883537168725555
> [...]
> [2022-09-20 18:38:11]<2> pgp_check_decryption_okay() DECRYPTION_OKAY encountered
> [...]
> [2022-09-20 18:38:11]<2> pgp_copy_checksig() "[GNUPG:] GOODSIG FC8D23AA13E5C43F
> Szczezuja <szczezuja@sdf.org>" matches regex
> [...]
> [2022-09-20 18:38:11]<E> pgp_decrypt_part() Decryption failed
> [...]
>

It seems that pgp_decrypt_part() has a proper output of
pgp_check_decryption_okay() and pgp_copy_checksig() but it's returning
"Decryption failed" what is unclear for me.

Probably the source of the problem is in the version: NeoMutt 20211015
and GPGME: 1.15.1 and gpg (GnuPG) 1.4.23. I'm not able to use GPGPME, so
I am trying to set a correct gpg.rc and so on.

There aren't good words about it:
https://github.com/neomutt/neomutt/issues/1866

> "Unless you're a crypto wizard, we recommend a single setting instead: set crypt_use_gpgme = yes"
>

So I'm a crypto wizard. :-)

--
.-=-. Szczezuja; on the small-net:
( S\ \ gemini://szczezuja.space/ - gemlog & tinylog
`--' / gopher://sdf.org:70/0/users/szczezuja/ - phlog

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor