Closed Bug 1642942 Opened 4 years ago Closed 4 years ago

Sending an encrypted message fails for some public keys containing certain subpackets

Categories

(MailNews Core :: Security: OpenPGP, defect)

Product:
MailNews Core
Component:
Security: OpenPGP
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1644705

People

(Reporter: flo.sammueller, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0

Steps to reproduce:

Sending an encrypted message using OpenPGP fails for some public keys and an unspecific error message is shown. The problematic public keys contain one or more signature subpackets of type 101, which are private or experimental according to RFC 4880. Still, those keys are perfectly valid for encryption. GPG and RNP could also handle encryption with those keys on the command line.

Actual results:

When hitting Send, the error "Sending of the message failed" is shown and sending aborts.
In the console, "Error: failure in finishCryptoEncapsulation" is shown.

Expected results:

The encrypted message should have been sent.

Can you please provide a public key that can be used to reproduce this issue?

Flags: needinfo?(flo.sammueller)

Please also specify which version you used to reproduce this issue. Nightly from date? Beta?

I am using Nightly 78.0a1 (64bit) from 2020-05-22. I would like to create a test key, but I do not know how to specify a self-signature with a certain kind of subpacket. Maybe some owner of a problematic key in my keyring is willing to publish it, but I have to check with them first.
Also note that RNP gives a warning that reads

[signature_parse_subpacket() /home/sammuelf/code/rnp/src/librepgp/stream-packet.cpp:1420] unknown subpacket : 101

But still, encryption with RNP is possible on the command line.

Flags: needinfo?(flo.sammueller)

I'll wait for the example key.

You could send the key to me by email, if you mention it in the email, then I won't publish that key.

Florian, thanks for sending me a test key.

I cannot reproduce the issue using the RNP snapshot that we landed two days ago, see bug 1641612.
That snapshot is known to include several fixes to be more tolerant with keys.

Please reopen if you can still reproduce with a current build.

Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE

I am sorry, the key in my personal keyring differs from the one I pointed you to on keys.gnupg.net. With the key I have, sending still fails in Thunderbird Nightly 79.0a1 (64-bit Linux) from 2020-06-03. I will send you the actual ASCII-armored key material so you can try to reproduce this issue. I am not so sure anymore if the subpacket of type 101 is really the problem here, but I still assume that it has to do with some signatures that are on a public key.

Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---

Thanks. Using the newer key you sent, it's working for me with an even newer RNP snapshot. Let's wait until we've uplifted that, and see if it fixes it for you, too.

This should have been fixed already by bug 1644705

Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago4 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.