Bug 154427 - Kleoaptra: Verification of S/MIME E-Mails fails
Summary: Kleoaptra: Verification of S/MIME E-Mails fails
Status: VERIFIED WORKSFORME
Alias: None
Product: kleopatra
Classification: Applications
Component: general (show other bugs)
Version: outdated (old bug dump)
Platform: Compiled Sources Microsoft Windows
: NOR normal
Target Milestone: ---
Assignee: Frank Osterfeld
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-12-21 11:13 UTC by Jan-Oliver Wagner
Modified: 2008-10-23 17:44 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:


Attachments
Gpgme log file (15.90 KB, text/plain)
2008-01-11 09:35 UTC, Frank Osterfeld
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Jan-Oliver Wagner 2007-12-21 11:13:43 UTC
Version:            (using KDE Devel)
Installed from:    Compiled sources
OS:                MS Windows

I've tried to verify a S/MIME signed E-Mail from Outlook via GpgOL
which fails with "General Error" and this concole output:

[1412.712] DBG: -> OK GPG UI server (Kleopatra/1.9.0 (svn-748480, 2007-12-14)) r
eady to serve
[1412.712] DBG: <- GETINFO pid
[1412.712] DBG: -> D 1412
[1412.712] DBG: -> OK
[1412.712] DBG: <- [Error: Resource temporarily unavailable]
[1412.712] DBG: <- RESET
[1412.712] DBG: -> OK
[1412.712] DBG: <- MESSAGE FD=1468
[1412.712] DBG: -> OK
[1412.712] DBG: <- INPUT FD=1364
[1412.712] DBG: -> OK
[1412.712] DBG: <- VERIFY --protocol=CMS
GpgME::Data(): DataProvider supports: read, no write, no seek, release
GpgME::Data(): DataProvider supports: read, no write, no seek, release
[1412.712] DBG: -> ERR 150994945 Allgemeiner Fehler <KSBA>
Comment 1 Frank Osterfeld 2008-01-09 16:05:53 UTC
Is this 100% reproducible?
Can't reproduce, I could S/MIME sign a message (with GpgOL) using the Kleopatra test certificate from KDE SVN and also verify it again with GpgOL.
Can you provide a test mail (to gpg4win-intern) and the public key?
Comment 2 Jan-Oliver Wagner 2008-01-10 12:32:22 UTC
It is 100% reproducable with S/MIME signed E-Mails I create
with Kontact as of KDE 3.5.
Comment 3 Frank Osterfeld 2008-01-10 14:46:34 UTC
I retried now with a mail sent from KMail.

When I open the mail and choose Tools->Verify signature from the menu, nothing happens. There is nothing received on kleopatra side. Apparently gpgol doesn't trigger VERIFY.

Verifying Messages signed with GpgOL still works.

GpgOL is installed via installer svn667.
Comment 4 Frank Osterfeld 2008-01-10 15:05:51 UTC
It seems KMail and GpgOL are incompatible and don't recognize each other's S/MIME signatures.

GpgOL sends an attachment winmail.dat with Content-Type "application/ms-tnef" which isn't recognized as signature in my KMail (from enterprise branch).

KMail uses the content-type application/pkcs7-signature, which is apparently ignored by GpgOL.

gpgol version, according to the options tab in outlook: "Version 0.10.4-svn205 (Jan 8"
Comment 5 Jan-Oliver Wagner 2008-01-10 16:32:02 UTC
Frank, my GpgOL (same version) does not ignore such emails.

Is S/MIME enabled in your GpgOL configuration (options tab)?

Also, if I send a S/MIME signed email with GpgOL, despite
the GPGME error and the broken signature, the content type looks
like this:

Content-Type: multipart/signed;
  protocol="application/pkcs7-signature";
  micalg=pgp-sha1;
  boundary="=-=hnUDCUgicgoCUx=-="


which look OK to me.
Comment 6 Frank Osterfeld 2008-01-10 20:40:34 UTC
Ok, I can now confirm the General Error <KSBA>, when verifying a mail sent from KMail. The gpgme log doesn't look very useful - I will create one nevertheless and check which data is sent. This looks like the passed data isn't recognized as signature by KSBA.
 
About the smime signatures created by gpgol:
gpgol sometimes creates tnef for me, sometimes pkcs7-signature. It seems to have to do with the GpgOL options - whose check states are broken and don't match with the behaviour, so I'm not sure yet how to reproduce either attachment types.
Comment 7 Frank Osterfeld 2008-01-11 09:35:26 UTC
Created attachment 22951 [details]
Gpgme log file

I attached a gpgme log file for a failed VERIFY
Comment 8 Jan-Oliver Wagner 2008-01-14 22:32:17 UTC
From the GpgME log I can not derive a next point to look into.

I only can confirm that the problem is still there with
svn-756761 (2008-01-11).
Comment 9 Jan-Oliver Wagner 2008-02-01 09:30:05 UTC
After some fixes in the crypto backend, this problem seems to be solved.

With Gpg4win 1.9.0-svn701 distribution (Kleopatra 1.9.0 svn767238)
I can now verify S/MIME signatures without any crash.