Bug 439904 - Unable to decrypt PGP message sent via ProtonMail
Summary: Unable to decrypt PGP message sent via ProtonMail
Status: CONFIRMED
Alias: None
Product: kmail2
Classification: Applications
Component: crypto (show other bugs)
Version: unspecified
Platform: Other Linux
: NOR normal
Target Milestone: ---
Assignee: kdepim bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-07-15 19:48 UTC by Richard Weinberger
Modified: 2021-09-15 11:03 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Richard Weinberger 2021-07-15 19:48:03 UTC
ProtonMail seems to encode PGP messages differently than Kmail (actually messagelib) expects.

The MIME section of such a message looks like:
--00bda24ff6a439c55df37bffe4bd232aad4d80072f16b06818700820c3d89297
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=utf-8


--00bda24ff6a439c55df37bffe4bd232aad4d80072f16b06818700820c3d89297
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=attachment.bin
Content-Type: application/pgp-encrypted; name=attachment.bin
X-Pm-Content-Encryption: end-to-end

VmVyc2lvbjogMQ0K
--00bda24ff6a439c55df37bffe4bd232aad4d80072f16b06818700820c3d89297
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=openpgp-encrypted-message.asc
Content-Type: application/octet-stream; name=openpgp-encrypted-message.asc
X-Pm-Content-Encryption: end-to-end

LS0tLS1CRUdJTiBQR1AgTUVTU0FHRS0tLS0tDQoNCmhRSU1BK3B1cm93N0hWSHhBUS8vUXhGdTBS
...
....MORE BASE64...
...
dDAwbA0KPTZOYmwNCi0tLS0tRU5EIFBHUCBNRVNTQUdFLS0tLS0NCg==
--00bda24ff6a439c55df37bffe4bd232aad4d80072f16b06818700820c3d89297--

messagelib (any version) does not expect the "PGP/MIME version identification" message part being an attachment.

Interestingly messagelib emits the following warning:
org.kde.pim.mimetreeparser: Unknown PGP Version String: "-----BEGIN PGP MESSAGE-----......"

Somehow the application/octet-stream part makes it into ApplicationPGPEncryptedBodyPartFormatter::process().

My KDE distribution is not super fresh but from checking the code I'm sure that no recent KDE/Kmail version is able to decrypt such an mail.

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: openSUSE LEAP 15.2 
(available in About System)
KMail
Version 5.14.2 (20.04.2)
Comment 1 Richard Weinberger 2021-07-15 20:05:30 UTC
I think I've found the root cause. The very first like of ProtonMail encrypted mails are "Content-Type: multipart/mixed;".
When I manually change this line to "Content-Type: multipart/encrypted;"
Kmail is able to decrypt the message.
Comment 2 Richard Weinberger 2021-07-15 22:23:43 UTC
With this massiv hack I managed kmail to decrypt such messages:

diff --git a/mimetreeparser/src/bodyformatter/multipartmixed.cpp b/mimetreeparser/src/bodyformatter/multipartmixed.cpp
index 00b90e121cf5..226909cef8d9 100644
--- a/mimetreeparser/src/bodyformatter/multipartmixed.cpp
+++ b/mimetreeparser/src/bodyformatter/multipartmixed.cpp
@@ -21,6 +21,9 @@
 
 #include "objecttreeparser.h"
 #include "messagepart.h"
+#include "utils.h"
+
+#include "bodyformatter/multipartencrypted.h"
 
 #include <KMime/Content>
 
@@ -44,6 +47,14 @@ MessagePart::Ptr MultiPartMixedBodyPartFormatter::process(Interface::BodyPart &p
         return MessagePart::Ptr();
     }
 
+    // if the container contains a PGP part, assume it is some PGP mail and re-inject
+    // it into the MultiPartEncryptedBodyPartFormatter.
+    if (findTypeInDirectChilds(part.content(), "application/pgp-encrypted")) {
+        const auto formatter = MultiPartEncryptedBodyPartFormatter::create();
+        qCWarning(MIMETREEPARSER_LOG) << "Found a application/pgp-encrypted child";
+        return formatter->process(part);
+    }
+
     // normal treatment of the parts in the mp/mixed container
     MimeMessagePart::Ptr mp(new MimeMessagePart(part.objectTreeParser(), part.content()->contents().at(0), false));
     return mp;

I had also to disable the ApplicationGnuPGWKSPlugin plugin from kdepim-addons. ApplicationGnuPGWKSPlugin completely voids MultiPartMixedBodyPartFormatter. But that's a different issue, I guess.
Comment 3 Sandro Knauß 2021-09-15 11:01:38 UTC
Your information are not enough to understand what mime structure ProtonMail is using. Can you provide one encrypted mail uploading it as attachment to this bug? The content of the encrypted part, i can replace with something that can be used in tests, but I need a sample of a real mail.

But for sure it seems, like they do not follow the RF 3156 Section 4 ( https://datatracker.ietf.org/doc/html/rfc3156#section-4):
"
   OpenPGP encrypted data is denoted by the "multipart/encrypted"
   content type, described in [2], and MUST have a "protocol" parameter
   value of "application/pgp-encrypted".  Note that the value of the
   parameter MUST be enclosed in quotes.

   The multipart/encrypted MIME body MUST consist of exactly two body
   parts, the first with content type "application/pgp-encrypted".  This
   body contains the control information.  A message complying with this
   standard MUST contain a "Version: 1" field in this body.  Since the
   OpenPGP packet format contains all other information necessary for
   decrypting, no other information is required here."

It would makes our life much more easier when ProtonMail would follow the RFC. As all other e-mail clients need a special treatment for those mails too. 

Thanks for the patch. Often patches are missed, when provided as part of a bugreport. Please create MR on https://invent.kde.org/pim/messagelib, than we can make sure that this is fixed soon.

Btw normally encrypted mails should be handled by MultiPartEncryptedBodyPartFormatter. The ApplicationPGPEncryptedBodyPartFormatter was added to parse non conform Applemail encrypted mails ;)
See https://bugs.kde.org/show_bug.cgi?id=360910
Comment 4 Sandro Knauß 2021-09-15 11:03:06 UTC
Here the relavant Applemail sample, that is used to test the correct parsing on our side: https://invent.kde.org/pim/messagelib/-/blob/master/mimetreeparser/autotests/data/openpgp-encrypted-applemail.mbox