Bug 286035 - kmail2 fails to verify signature with RFC 3156 encrypted+signed mails
Summary: kmail2 fails to verify signature with RFC 3156 encrypted+signed mails
Status: RESOLVED FIXED
Alias: None
Product: kmail2
Classification: Unclassified
Component: crypto (show other bugs)
Version: 4.7
Platform: Unlisted Binaries Linux
: NOR normal (vote)
Target Milestone: ---
Assignee: kdepim bugs
URL:
Keywords:
: 188931 276813 289364 (view as bug list)
Depends on:
Blocks:
 
Reported: 2011-11-07 19:54 UTC by Thomas Zell
Modified: 2012-04-18 14:55 UTC (History)
7 users (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Zell 2011-11-07 19:54:39 UTC
Version:           4.7 (using KDE 4.7.3) 
OS:                Linux

This is a cut&paste from an old bug 188931 (reported by Raimar Sandner) that is still present in KMail2, so I report it again against the new version.

According to http://www.ietf.org/rfc/rfc3156.txt there are two ways to both
sign and encrypt an OpenPGP/MIME message. Kmail uses the method described in
6.1 of RFC 3156 (called RFC 1847 Encapsulation), other mail clients like
thunderbird/enigmail or mutt use 6.2 (Combined method).

Kmail fails to verify the signature, if the message was composed with the
combined method 6.2.

Verification on the commandline with gpg --decrypt works.

Usually, if the verification fails because there really is no key, kmail
displays "message was signed with unknown key 0x...", where 0x... is the key
ID.

Here, it says key 0x... and displays the hex value of the _fingerprint_ of the
key (and not the ID).


Reproducible: Always

Steps to Reproduce:
Compose an encrypted and signed message with thunderbird (I use
enigmail 0.96) and view it with kmail.

Actual Results:  
Message was signed with unknown key.
The validity of the signature cannot be verified.
Status: Error: Signature not verified

Expected Results:  
Signature verifies correctly
Comment 1 Raimar Sandner 2011-11-08 06:01:00 UTC
*** Bug 188931 has been marked as a duplicate of this bug. ***
Comment 2 Michael S. 2011-12-09 09:23:26 UTC
*** Bug 276813 has been marked as a duplicate of this bug. ***
Comment 3 Tim 2012-02-08 02:13:39 UTC
Hello, 

A side effect of this bug is that if someone sends me a Thunderbird-signed email that contains attachments, I am unable to save the attachments at all.  It seems that KMail does not like the fact that (it thinks that) the signature cannot be verified. 

Thanks,
  Tim.
Comment 4 Tim 2012-02-09 00:45:46 UTC
Hello all, 

Does the KDE project have any kind of sponsorship or bounty program? I'm hoping to see a couple of bugs fixed (especially those associated with PGP integration, such as 286035) and I would be happy in principle to sponsor someone to get the work done. 

All info most welcome. 

Thanks,
   Tim.
Comment 5 Stanislav Sidorenko 2012-02-10 17:57:22 UTC
*** Bug 289364 has been marked as a duplicate of this bug. ***
Comment 6 m.eik michalke 2012-03-20 18:40:12 UTC
i must confirm this, and it's still present in kmail2/KDE 4.8.1
Comment 7 Andre Heinecke 2012-04-12 17:17:58 UTC
This is a valid and very old bug has been around (forever?) it is also valid for the old Kdepim 3.x versions. 
gpgme's decrypt and verify job returns a valid signature for the Combined Method but not for the encapsulated method. So i guess somewhere in libkleo / kmail this is not used or overwritten by an additonal check for an encapsulated signature, which would fail in the combined case.

Strange from your report is that your status is: Status: Error: Signature not verified 
For an encrypted/signed mail from mutt I get:
The validity of the signature cannot be verified.
Status: Good signature
Comment 8 Andre Heinecke 2012-04-16 17:32:08 UTC
Git commit 3f8f80c195d5a31c3add321940a0a3ba7628781c by Andre Heinecke.
Committed on 16/04/2012 at 19:15.
Pushed by aheinecke into branch 'master'.

Fix parsing of combined encrypted/signed messages

    In the case that a mime object was encrypted and signed the
    rendered mail showed an incorrect signature status because the
    signature was aready checked with the decryptverifyjob and the
    key object not available in writeOpaqueOrMultipartSignedData.
    (So only the fingerprint was used).

    In the case that writeOpaqueOrMultipartSignedData is called
    to show OpenPGP Encrypted and Signed data with a valid signature,
    the signature's key is now fetched from the OpenPGP backend using
    the fingerprint from the signature.
    The Key is then used as in the other cases to show the details
    (Name / Trustlevel etc.)

    This fixes the rendering of openpgp mails signed with the combined
    method which is used by mutt, gnus etc.

M  +32   -1    messageviewer/objecttreeparser.cpp

http://commits.kde.org/kdepim/3f8f80c195d5a31c3add321940a0a3ba7628781c
Comment 9 Andre Heinecke 2012-04-16 17:41:35 UTC
I'm not sure if this fixes everything mentioned here in the bug. This was a rendering problem the signature was correctly verified but the key was not used to check the trust level for the signature and no key details were available.

I don't think this can have something to do with Comment #3 for example that attachments can't be saved. If this is still the case thats another bug though.

I've tested this patch with an encrypted/signed mail from gnus that was previously "rendered yellow" and is now green with the correct details.
Comment 10 Andre Heinecke 2012-04-18 14:55:51 UTC
Git commit 44a3eb070b74414256f8f8ef58f73fd67678f5e4 by Andre Heinecke.
Committed on 16/04/2012 at 19:15.
Pushed by aheinecke into branch 'KDE/4.8'.

Fix parsing of combined encrypted/signed messages

    In the case that a mime object was encrypted and signed the
    rendered mail showed an incorrect signature status because the
    signature was aready checked with the decryptverifyjob and the
    key object not available in writeOpaqueOrMultipartSignedData.
    (So only the fingerprint was used).

    In the case that writeOpaqueOrMultipartSignedData is called
    to show OpenPGP Encrypted and Signed data with a valid signature,
    the signature's key is now fetched from the OpenPGP backend using
    the fingerprint from the signature.
    The Key is then used as in the other cases to show the details
    (Name / Trustlevel etc.)

    This fixes the rendering of openpgp mails signed with the combined
    method which is used by mutt, gnus etc.
(cherry picked from commit 3f8f80c195d5a31c3add321940a0a3ba7628781c)

M  +32   -1    messageviewer/objecttreeparser.cpp

http://commits.kde.org/kdepim/44a3eb070b74414256f8f8ef58f73fd67678f5e4