Closed Bug 1653763 Opened 4 years ago Closed 4 years ago

OpenPGP recipient key matching fails for keys that contain only email address, but no name

Categories

(MailNews Core :: Security: OpenPGP, defect)

Product:
MailNews Core
Component:
Security: OpenPGP
Type:
defect

Tracking

(thunderbird_esr78 fixed, thunderbird80 fixed)

Status:
RESOLVED FIXED
Milestone:
81 Branch
Tracking Flags:
Tracking Status
thunderbird_esr78 --- fixed
thunderbird80 --- fixed

People

(Reporter: lencalot, Assigned: KaiE)

Details

Attachments

(1 file)

Bug 1653763 - OpenPGP recipient key matching fails for keys that contain only email address, but no name. r=PatrickBrunschwig
47 bytes, text/x-phabricator-request
wsmwk
: approval-comm-beta+
wsmwk
: approval-comm-esr78+
Details | Review

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0

Steps to reproduce:

  1. Installation of Thunderbird 78.0b4.
  2. Add Mail Account 1 & 2
  3. Create a new secret GPG key with Thunderbird 78.0b4 for Mail Account 1
  4. Import secret key for Mail Account 2, that was created with GnuGPG (RSA 4096) and some public keys for other Recipients
  5. Set trust level for these keys to "Yes, I have verified in person..."
  6. Try to send a mail with new secret key as sender [78.0b4 & 79.0b1]
  7. Try to send a mail with the older, imported key as sender [78.0b4 & 79.0b1]
  8. Installation on another computer and try again -> same behaviour.

Actual results:

Sending a mail from Mail Account 2 with the imported key (signer) to Mail Account 1 and using the new created secret key (encryption) works fine.

Sending a mail from Mail Account 1 with the new key (signer) to Mail Account 2 and using the imported key (encryption) doesn't work.

Sending a mail from Mail Account 1 to any other recipient with imported gpg key doesn't work.

Got a error message, but without any clue what went wron... "Sending of the message failed".

Expected results:

Expected result should be that the mail can be send encrypted.

Component: Mail Window Front End → Security: OpenPGP
Product: Thunderbird → MailNews Core
Summary: [Beta] Can not send encrytped mail with imported keys (gpg) → [Beta] Can not send encrytped mail with imported keys (PGP)

After importing a secret key, you must confirm that it is your personal key. Use menu tools / openpgp key management, open your key, and confirm "yes, treat this key as a personal key".

Importing using the final release will ask that question on import.

Does that help?

No, that does'nt help. I have set them as personal key after import.

Do you still have this issue with 78.0.1 ?

I currently don't have an idea what's going wrong.

I have create a couple of new keys with Kleopatra and import to Thunderbird for testing:

  • RSA 2048: it works fine
  • RSA 3072: it works fine
  • RSA 4096: it doesn't works

I have create a key directly in Thunderbird for doublechecking:

  • RSA 4096: it works fine

I have currently version 79.0b2 (Win 10, 64-Bit).

And another test, two keys created with Kleopatra and imported to Thunderbird:

  • RSA 4096 with name and mail address: it works
  • RSA 4096 without name, with mail address: it doesn't works

(In reply to Kai Engert (:KaiE:) from comment #3)

Do you still have this issue with 78.0.1 ?

I currently don't have an idea what's going wrong.

Tested with 80.0b1 again. Still the same issue.

For testing, I have add a name to my keys with Kleopatra and then imported it again to Thunderburd. Then it's works fine with the same Key. So I have a workaround for the moment, but It would be nice to use keys without name assigned to send encrypted mails.

To summarize: The issue is that keys without names don't seem to work.

Thanks, the missing name is indeed the cause, we have an incorrect check.

Summary: [Beta] Can not send encrytped mail with imported keys (PGP) → OpenPGP recipient key matching fails for keys that contain only email address, but no name
Assignee: nobody → kaie

Pushed by kaie@kuix.de:
https://hg.mozilla.org/comm-central/rev/4c3c67a991a8
OpenPGP recipient key matching fails for keys that contain only email address, but no name. r=PatrickBrunschwig DONTBUILD

Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED

Seems there's some linting failures from this. Can you take care?

Pushed by kaie@kuix.de: https://hg.mozilla.org/comm-central/rev/d954ce81278c Follow-up to fix line. rs=lint
status-thunderbird80: --- → affected
status-thunderbird_esr78: --- → affected
Target Milestone: --- → 81 Branch

phab updated to include lint fix

Comment on attachment 9168180 [details]
Bug 1653763 - OpenPGP recipient key matching fails for keys that contain only email address, but no name. r=PatrickBrunschwig

OpenPGP correctness fix. No risk.

Attachment #9168180 - Flags: approval-comm-esr78?
Attachment #9168180 - Flags: approval-comm-beta?

Comment on attachment 9168180 [details]
Bug 1653763 - OpenPGP recipient key matching fails for keys that contain only email address, but no name. r=PatrickBrunschwig

[Triage Comment]
Approved for beta

Attachment #9168180 - Flags: approval-comm-beta? → approval-comm-beta+

Comment on attachment 9168180 [details]
Bug 1653763 - OpenPGP recipient key matching fails for keys that contain only email address, but no name. r=PatrickBrunschwig

[Triage Comment]
Approved for esr78

Attachment #9168180 - Flags: approval-comm-esr78? → approval-comm-esr78+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: