#2717 OpenPGP Signature Checking FROM of decrypted message fails. - MailMate

Type	To find
responsible:me	tickets assigned to you
tagged:"@high"	tickets tagged @high
milestone:next	tickets in the upcoming milestone
state:invalid	tickets with the state invalid
created:"last week"	tickets created last week
sort:number, importance, updated	tickets sorted by #, importance or updated
Combine keywords for powerful searching.
Use advanced searching »

#2717 new

OpenPGP Signature Checking FROM of decrypted message fails.

Reported by Thomas Kahle | December 28th, 2020 @ 09:47 AM

When an encrypted message arrives from a user with multiple identities in their PGP key, then the sender is only checked against the main identity. This results in a wrong message "OpenPGP: The message is valid, but it was not signed by the sender". The report from PGP looks like this:

[...] [GNUPG:] GOODSIG 697E3EB3C9B0A514 A A@B.de gpg: Good signature from "A A@B.de" [full]
gpg: aka "A A@C.de" [full]
[...]

with From : A@C.de. If A@B.de is used as the from address, the signature is correctly verified.

The error also does not happen with unencrypted but signed messages from the same sender, and it also does not happen with encrypted and signed messages where the sender uses the main identity as the from address.

Comments and changes to this ticket

You flagged this item as spam.
Thomas Kahle January 15th, 2021 @ 03:46 PM
Hi, I can make this more specific now. When a decrypted and signed message arrives, mailmate displays "OpenPGP: Mismatching addresses in signature" and clicking on it gives me the gpg output nicely formatted / parsed. There I get something like:

Risk analysis The sender address does not match the key.
Fingerprint 671F...
From Address �
Key Addresses [list of addresses that DOES contain the FROM address of the envelope]

But you see that the parsed "From Address" is not correct. It determines the sender as some strange character that I cannot copy and paste. On my screen it looks like 6 thick horizontal lines. Like a "hamburger menu" except it's a triple decker with cheese.
benny January 20th, 2021 @ 03:22 PM
- State changed from “new” to “fixcommitted”
That symbol is a so-called null string and it does indicate that MailMate failed to properly find a From address.

Hmm, looking at the code I can see a potential problem, but it doesn't seem to be related to multiple identities. It seems to be related to handling a message part which is both encrypted and signed (usually there's a signed part within an encrypted part). If I'm right then it might be a simple fix (it'll be in r5762+).

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

Mac OS X email client.

Shared Ticket Bins (Sort)

↓↑ drag 2253 Open tickets
↓↑ drag 159 Committed changes
↓↑ drag 892 Resolved tickets

People watching this ticket

benny

Freron MailMate

OpenPGP Signature Checking FROM of decrypted message fails.

Comments and changes to this ticket

Thomas Kahle January 15th, 2021 @ 03:46 PM

benny January 20th, 2021 @ 03:22 PM

Create your profile

Shared Ticket Bins (Sort)

People watching this ticket

Pages

Freron MailMate

Keyword searching

OpenPGP Signature Checking FROM of decrypted message fails.

Comments and changes to this ticket

Thomas Kahle January 15th, 2021 @ 03:46 PM

benny January 20th, 2021 @ 03:22 PM

Create your profile

Shared Ticket Bins (Sort)

People watching this ticket

Pages