PGP message parsing
Reported by Olaf | April 7th, 2016 @ 11:46 AM
Dear Benny,
Thanks again for this beautiful project. I've found a problem with message parsing of PGP encrypted messages.
Some PGP encrypted messages show up as two attachments a:
PGP/MIME Versions Identification application/pgp-encrypted
OpenPGP encrypted message.asc application/octet-stream
I've drilled this down to the fact that the version information seems to be encoded (by the sender or perhaps some piece of middlebox) in base64.
In other words the PGP/MIME Versions Identification mime-part looks like the header I pasted at the bottom of this issue.
I'm not sure if base64 encoding of the version string is technically allowed by the spec. RFC3156 just indicates that the mime part should contain "Version 1" and doesn't talk about how that string is encoded.
Regardless of whether the sender is standards compliant it would be nice if MailMate would be able to parse these type of messages.
I could get you a message with this feature if needed.
--_003_33D5D48E205D43C795FD225E8108F1B4isocorg_ Content-Type:
application/pgp-encrypted;
name="PGPMIME Versions Identification" Content-Description:
PGP/MIME Versions Identification
Content-Disposition: attachment; filename="PGPMIME Versions
Identification";
size=397; creation-date="Thu, 07 Apr 2016 11:10:07 GMT";
modification-date="Thu, 07 Apr 2016 11:10:07 GMT" Content-ID:
FC371279D2B3B24483AAFDC712057AA4@namprd06.prod.outlook.com
Content-Transfer-Encoding: base64
VmVyc2lvbjogMQ0NCg==
Comments and changes to this ticket
-
Olaf April 7th, 2016 @ 11:54 AM
I've just discovered that it is probably some of Microsoft Exchange infrastructure is encoding the header.
I also attached a message that can be used for test purposes.
-
benny April 21st, 2016 @ 12:46 PM
The problem is not base64 and MailMate can handle that.
The problem is this part:
Content-Type: multipart/mixed; boundary="_003_D1A05F2440914DEFAF7A082121B5C3A6isocorg_" MIME-Version: 1.0 --_003_D1A05F2440914DEFAF7A082121B5C3A6isocorg_ Content-Type: text/plain; charset="us-ascii" --_003_D1A05F2440914DEFAF7A082121B5C3A6isocorg_ Content-Type: application/pgp-encrypted; name="PGPMIME Versions Identification"
- It's
multipart/mixed
instead ofmultipart/encrypted
. - There's a rogue body part (
text/plain
).
I'm not really sure what to do about this. I could probably work around number 1, but I'm not sure I should. Number 2 is a bit more tricky (implementation-wise) although MailMate already has the capability to indicate when a message has unencrypted subparts. The problem is that this is also against the standard -- in other words I'm not really sure I should work around it. At least not without warning the user. Do you often get this type of message?
- It's
-
Olaf April 21st, 2016 @ 01:15 PM
Thanks,
I did overlook both those factions and misdiagnosed.
I do not consistently get these.
I think it has to do with the sending server that is being used. I think it may have something to do with the way that some servers on-path do content checking. I strongly suspect the office365 infrastructure mucking with the mime-encapsulation.
Apple's Mail does parse these messages. That doesn't really say you should, tough call.
I suggest you stall the ticket.
--Olaf
-
benny April 21st, 2016 @ 01:36 PM
- State changed from new to bluesky
Ok, I'll mark it as “bluesky” for now, but let me know if you regularly get these messages since then I probably should do something about it.
Note that if Apple Mail (GPGTools) displays the plain text body part without clearly indicating that it's not encrypted then it would be pretty bad. (Well, Apple Mail already has this kind of bug for S/MIME and they don't seem to care — I reported it years ago.)
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Mac OS X email client.