Bug 289364

Summary: Kmail incorreclty reports openpgp signature verification result if subkey is used for signing (encrypted+signed mails)
Product: [Applications] kmail2 Reporter: Stanislav Sidorenko <mail>
Component: cryptoAssignee: kdepim bugs <kdepim-bugs>
Status: RESOLVED DUPLICATE    
Severity: normal CC: timbelina
Priority: NOR    
Version: 4.7   
Target Milestone: ---   
Platform: Ubuntu   
OS: Linux   
Latest Commit: Version Fixed In:

Description Stanislav Sidorenko 2011-12-19 17:45:00 UTC 
Version:           4.7 (using KDE 4.7.3) 
OS:                Linux

Here is an example of incorrect report:

Encrypted message
Message was signed on 19.12.11 21:29 with unknown key 0x18FCD1311DCF84834BED9F857027404925B7C18D.
The validity of the signature cannot be verified.
Status: Good signature	Hide Details
Test: Signed, Encrypted
End of signed message
End of encrypted message


In fact 0x25B7C18D key is a signing subkey of my main key 0x46EB581F. As far as I understood kmail does not identify mail only if combined method described in p 6.2 of RFC 3156 is used for encrypted&signed mails. For example, combined method is used by Enigmail Thunderbird extension.

If non-conbined method is used then all will be displayed correctly, in this case kmail identifies main key by subkey.

Reproducible: Always

Steps to Reproduce:
1. Send encrypted&singed PGP/MIME email message e.g. using Thunderbird + Enigmail to yourself. Use a key that has a signing subkey and ensure that subkey used for signing.
2. Try to decrypt and verify the signature.

Actual Results:  
Encrypted message
Message was signed on 19.12.11 21:29 with unknown key 0x18FCD1311DCF84834BED9F857027404925B7C18D.
The validity of the signature cannot be verified.
Status: Good signature	Hide Details
Test: Signed, Encrypted
End of signed message
End of encrypted message

Expected Results:  
Encrypted message
Message was signed by mail@++++++++++++.com (Key ID: 0xA0F213F146EB581F).
The signature is valid and the key is fully trusted.	Hide Details
Test: Signed, Encrypted
End of signed message
End of encrypted message
Comment 1 Stanislav Sidorenko 2011-12-20 16:54:20 UTC 
Bug 287145 is possible duplicate of this one. Maybe it a backend bug.
Comment 2 Tim 2012-02-09 05:55:03 UTC 
Is this also related to bug 286035? (https://bugs.kde.org/show_bug.cgi?id=286035)
Comment 3 Stanislav Sidorenko 2012-02-10 17:57:22 UTC 
> Is this also related to bug 286035?

I think yes, that's the duplicate.

*** This bug has been marked as a duplicate of bug 286035 ***