Bug 469383 - Importing an OpenPGP key attached to an encrypted message doesn't work
Summary: Importing an OpenPGP key attached to an encrypted message doesn't work
Status: RESOLVED FIXED
Alias: None
Product: kmail2
Classification: Applications
Component: crypto (show other bugs)
Version: 5.23.0
Platform: Other Linux
: NOR normal
Target Milestone: ---
Assignee: Ingo Klöcker
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-05-05 08:40 UTC by Ingo Klöcker
Modified: 2023-05-05 14:53 UTC (History)
0 users

See Also:
Latest Commit: https://invent.kde.org/pim/messagelib/commit/b6e4d5323f8b9af11e72ec3fb32946ff0036188e
Version Fixed In: 5.23.1
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Ingo Klöcker 2023-05-05 08:40:54 UTC 
SUMMARY
Importing an OpenPGP key attached to an encrypted message doesn't work.

STEPS TO REPRODUCE
1. You need an encrypted message with an attached OpenPGP key.
2. Open the message, decrypt it, and click on "Import key".

OBSERVED RESULT
KMail reports "The key has been successfully imported.". But gpg and Kleopatra don't list the key.

EXPECTED RESULT
Importing the key works. And KMail should report a failure if the import failed for some reason (e.g. corrupt OpenPGP key). 

ADDITIONAL INFORMATION
Running kmail with `GPGME_DEBUG=8` I get the following
```
2023-05-05 10:21:51 gpgme[19116.4aac]           _gpgme_io_write: check: -----BEGIN PGP MESSAGE-----<LF>
2023-05-05 10:21:51 gpgme[19116.4aac]           _gpgme_io_write: check: <LF>
2023-05-05 10:21:51 gpgme[19116.4aac]           _gpgme_io_write: check: hF4D0z8hfWyIqqISAQdARIzZlxp2IopOOxw8pVC8L+NV3yCu
2023-05-05 10:21:51 gpgme[19116.4aac]           _gpgme_io_write: check: Fgmuk1yDG66tmR4w<LF>
[...]
2023-05-05 10:21:51 gpgme[19116.4aac]           _gpgme_io_write: check: =/TYt<LF>
2023-05-05 10:21:51 gpgme[19116.4aac]           _gpgme_io_write: check: -----END PGP MESSAGE-----
[...]
2023-05-05 10:21:51 gpgme[19116.4aac]         _gpgme_io_read: check: [GNUPG:] NODATA 1<LF>
2023-05-05 10:21:51 gpgme[19116.4aac]         _gpgme_io_read: check: [GNUPG:] IMPORT_RES 0 0 0 0 0 0 0 0 0 0 0 0 0 0 
```

This shows two things:
* KMail passes the encrypted message body instead of the attached key to the crypto backend.
* The crypto backend reports that no data was found, but KMail still reports success.
Comment 1 Bug Janitor Service 2023-05-05 14:33:39 UTC 
A possibly relevant merge request was started @ https://invent.kde.org/pim/messagelib/-/merge_requests/120
Comment 2 Ingo Klöcker 2023-05-05 14:41:51 UTC 
Git commit eb0f9afecdd29387f2c65c07e8c20445226e17a9 by Ingo Klöcker, on behalf of Ingo Klöcker.
Committed on 05/05/2023 at 14:41.
Pushed by kloecker into branch 'master'.

Do not report success if no keys where considered for import

M  +2    -0    plugins/messageviewer/bodypartformatter/gnupgwks/pgpkeyurlhandler.cpp

https://invent.kde.org/pim/kdepim-addons/commit/eb0f9afecdd29387f2c65c07e8c20445226e17a9
Comment 3 Ingo Klöcker 2023-05-05 14:52:42 UTC 
Git commit 925db3260235192df76d6585e6e01ee9973ed1cf by Ingo Klöcker, on behalf of Ingo Klöcker.
Committed on 05/05/2023 at 14:30.
Pushed by kloecker into branch 'release/23.04'.

Fix references to message parts in encrypted messages

For a content node in the decrypted mime tree of an encrypted message
content()->index() gives a wrong "relative" index inside the decrypted
mime tree. NodeHelper::fromHREF() which is used to get the content node
for the reference has no idea that is need to look inside the decrypted
message and returns the content node of the encrypted message
corresponding to the reference which is most likely the encrypted message
part. As a result importing an OpenPGP key or a vCard attached to an
encrypted message failed because the wrong message part was passed to
the corresponding URL handlers.
Using (a simpler overload of) NodeHelper::asHREF() (i.e. the counter part
for NodeHelper::fromHREF()) for generating the reference fixes those
problems.

I have verified that this change is safe for all users of
MessagePart::makeLink (which all live in kdepim-addons) and I have tested
that it fixes importing OpenPGP keys and vCards attached to encrypted
messages.
FIXED-IN: 5.23.1

M  +1    -1    mimetreeparser/src/messagepart.cpp
M  +5    -0    mimetreeparser/src/nodehelper.cpp
M  +3    -0    mimetreeparser/src/nodehelper.h

https://invent.kde.org/pim/messagelib/commit/925db3260235192df76d6585e6e01ee9973ed1cf
Comment 4 Ingo Klöcker 2023-05-05 14:53:04 UTC 
Git commit b6e4d5323f8b9af11e72ec3fb32946ff0036188e by Ingo Klöcker, on behalf of Ingo Klöcker.
Committed on 05/05/2023 at 14:43.
Pushed by kloecker into branch 'master'.

Fix references to message parts in encrypted messages

For a content node in the decrypted mime tree of an encrypted message
content()->index() gives a wrong "relative" index inside the decrypted
mime tree. NodeHelper::fromHREF() which is used to get the content node
for the reference has no idea that is need to look inside the decrypted
message and returns the content node of the encrypted message
corresponding to the reference which is most likely the encrypted message
part. As a result importing an OpenPGP key or a vCard attached to an
encrypted message failed because the wrong message part was passed to
the corresponding URL handlers.
Using (a simpler overload of) NodeHelper::asHREF() (i.e. the counter part
for NodeHelper::fromHREF()) for generating the reference fixes those
problems.

I have verified that this change is safe for all users of
MessagePart::makeLink (which all live in kdepim-addons) and I have tested
that it fixes importing OpenPGP keys and vCards attached to encrypted
messages.
FIXED-IN: 5.23.1
(cherry picked from commit 925db3260235192df76d6585e6e01ee9973ed1cf)

M  +1    -1    mimetreeparser/src/messagepart.cpp
M  +5    -0    mimetreeparser/src/nodehelper.cpp
M  +3    -0    mimetreeparser/src/nodehelper.h

https://invent.kde.org/pim/messagelib/commit/b6e4d5323f8b9af11e72ec3fb32946ff0036188e