Summary: | Accessing S/MIME encrypted attachments fails | ||
---|---|---|---|
Product: | [Applications] kmail2 | Reporter: | Claus Christmann <hcc> |
Component: | crypto | Assignee: | kdepim bugs <kdepim-bugs> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | aheinecke, dennis.schridde, ichrispa, kdespam, sknauss |
Priority: | NOR | ||
Version: | 4.14.4 | ||
Target Milestone: | --- | ||
Platform: | openSUSE | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: | ||
Sentry Crash Report: | |||
Attachments: | Screenshot of the manually decrypted message |
Description
Claus Christmann
2015-02-04 22:25:42 UTC
Created attachment 90917 [details]
Screenshot of the manually decrypted message
Note how the message structure section at the bottom still only shows a single line.
Also, it appears that the white background indicating the PDF attachment in the fancy header section also encloses the yellowish background for the PNG image.
There also is a yellow box around the PDF icon section within the green shaded area signifying the signed parts of the message.
I have received some more emails from "Alice", all signed and encrypted and all with the same problem. A cause of the problem seems to be that Alice is sending HTML emails with embedded attachments (i.e. simply dragging and dropping attachments into the HTML mail composer part of MS Outlook). As long as Alice is sending mail with only embedded pictures, I can change from the plain text view to the HTML view and I will see those pictures (and can save them via the context menu). For attachments that won't be displayed, e.g. PDFs, that obviously doesn't work... I can confirm this. Version 4.14.2, Ubuntu 14.10 Some additional info: * If I save the smime.p7m attachment in kmail I will get garbage that cannot be decrypted. * If I save the whole email and manually base64-decode the attachment, everything is fine and can be decrypted (kleopatra or gpgsm, bot work fine). * Opening the decrypted message will then allow me to open/save the attachment properly I dug deeper and found more (possibly unrelated): * The decrypted mail looked fine but was malformed (but this was the sender's fault, because the signature was valid!), and could only be decoded with "base64 -d --ignore-garbage" * The decoded mail also contained garbage due to the malformed input but was readable. As far as I can remember I only received mails that triggered that bug from Outlook users, so this may be a hint. I can confirm this bug /w OpenSUSE 42.1, KMail 4.14.10 The error appears to be only caused by SMIME encrypted Mail sent with MS Outlook. The mail body contains a link to "attachement:x:y.z?place=body" for each attachement, with correct names being shown, but clicking them or using "save attachements" has no effect. The later shows a "No attachements found" message. A workaround is to save the message's source, then run $ openssl smime -decrypt -in mail.raw -inkey path/to/my/crtkey.pem > mail.decr removing any mail headers, then run $ base64 -d --ignore-garbage mail.decr > mail.d64 as suggested. Split the Mail's attachement out manually using $ csplit --prefix mail.d64_part mail.d64 '/------=_NextPart_/' '{*}' and then decoding individual attachements by removing the header and subsequently running $ base64 -d --ignore-garbage mail.d64_partXY > attachment.name Some base64 attachements do contain non-ASCII sequences, which is clearly a bug on the sender side, not KDE (maybe these can be "cleaned" by KMail prior to decoding?). I believe that this was fixed with https://phabricator.kde.org/D1964. I've only tested it with a backport of that fix to 4.14 (vendor/intevation) branch but it addressed exactly the problem that attachments to encrypted / signed S/MIME opaque (as outlook send) mails could not be opened. (And some other attachments to crypto mails like forwarded PGP/MIME mails) Now this works reliably. Please reopen if it still happens with the version that will be released with KDE/Applications-16.08 |