Automatic GPG / S/MIME detection

[multiflexi]

When I try this with sign being path to S/MIME key+cert:

if os.path.isfile(sign)
    envelope.signature(key=open(sign))

I get IndexError: list index out of range because it is trying to use it as GPG (sign = result.fingerprints[0] in _determine_gpg), but when I try this:

if os.path.isfile(sign):
    envelope.smime()
    envelope.signature(key=open(sign))

The email is signed without any issues.

Documentation says:
"Note that if neither gpg nor smime is specified, we try to determine the method automatically."

[e3rd]

Cool, check whether the following commit works!

[multiflexi]

Still the same issue:

Traceback (most recent call last):
File "/app/publishers/email_publisher.py", line 125, in publish
  envelope.send()
File "/usr/local/lib/python3.9/site-packages/envelope/envelope.py", line 911, in send
  self._start(sign=sign, encrypt=encrypt, send=send)
File "/usr/local/lib/python3.9/site-packages/envelope/envelope.py", line 949, in _start
  encrypt, sign, gpg_on = self._determine_gpg(encrypt, sign)
File "/usr/local/lib/python3.9/site-packages/envelope/envelope.py", line 1051, in _determine_gpg
 sign = result.fingerprints[0]
IndexError: list index out of range

[e3rd]

Is it a testing key file, could you send it to me? (Or could you create a new one that fails the same way and send it)

[multiflexi]

I think I know what was the issue. So I have generated a free cert from codegic.com, but it worked fine. The one that does not work, is from GEANT Personal CA 4 (CESNET) and the difference between those two was that the GEANT one has private key at the end of the PEM file while the one from codegic has it at the beginning. I moved the private key to the beginning of the file and now it works. Are you trying to read just the first cert/key the from the file?

[e3rd]

(Interesting! If that works for you, I'll investigate not earlier than in two weeks)

[e3rd]

I was desperately trying to repliate this. Would you help me again, please?

Are you trying to read just the first cert/key the from the file?

Under the hood, I am sending the file contents to the smime internal method EVP.load_key_string to check whether this is an smime. I am working with the key-cert-together.pem from the tests directory. However, whether I put the key and certificate:

-----BEGIN PRIVATE KEY-----
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAOX0Zb8oP0dsGIu3
...
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICaDCCAdGgAwIBAgIUTpsJCB+t6Gq6dzaUKhaCk8tUN7UwDQYJKoZIhvcNAQEL
...
-----END CERTIFICATE-----

or that way:

-----BEGIN CERTIFICATE-----
MIICaDCCAdGgAwIBAgIUTpsJCB+t6Gq6dzaUKhaCk8tUN7UwDQYJKoZIhvcNAQEL
...
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAOX0Zb8oP0dsGIu3
...
-----END PRIVATE KEY-----

it always works. I need you to try the following lines onto your private file and tell me whether it raises an issue:

from M2Crypto import EVP
from pathlib import Path

PATH = "tests/smime/key-cert-together.pem"  # your private file
EVP.load_key_string(Path(PATH).read_bytes())

[e3rd]

For my future reference:

    def test_fix_29(self):
        # Implicit GPG
        e = (Envelope(MESSAGE).from_(IDENTITY_2).to(IDENTITY_2)
             #.smime()
                         .signature(key=Path("tests/smime/key-cert-together.pem")))
        print(self.check_lines(e, result=True))
        print(str(e))