getting an error saying the message has been encrypted by an obsolete method
Categories
(MailNews Core :: Security: OpenPGP, enhancement)
Tracking
(Not tracked)
People
(Reporter: it_support, Unassigned)
Details
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36
Steps to reproduce:
I have sent to myself a PGP-encrypted email without signature, like this one:
....
....
Content-Type: multipart/alternative;
boundary="000_VI1P194MB063950F8AFCFEF8AE12E5510A13C0VI1P194MB0639EURP"
....
....
--000_VI1P194MB063950F8AFCFEF8AE12E5510A13C0VI1P194MB0639EURP
Content-Type: application/pgp
BEGIN PGP MESSAGE-----
Version: BCPG C# v1.6.1.0
hQIMA3drgilSCIWPAQ/9Hu9QPY3oTma4xDs7HR6/rcAASC+avaxbUlw/LUx2mHaj
TcyxpTQz7xFoegvz/lv7P7uKxgcEVsG+splamkT20IwG0wUifsCCSJLjtnSh9QH5
uxj0nkas5BgIWT47YycL8gRxQfAkMmXWuYS9tO3QZi6gIn9/lgj/npclZhSnZZzJ
BVJWwBPPUBc7EKkgJW0bAbtZbyrs5n0CEvqbWx6w6Yjp/xf0naB0oT1oROQB053s
iIFkXdhhdDI56zNIETeh/RuLVMJ0tqmEAYnzX7oX5+30d4ZA8Du0rU2ygwfHtvhd
AgbmT6Zglp+kFmLt5Uq/MyovnJfk6e5dHqNZ03O7YsoMaBoeJ3/3R6pCH4Yr+S2R
SJtRIuVoDRcMZYjE56dqVCrCPCxHFNP0EzIZS6oOd6PSIeA67nZVCiBOdEEdGes/
8RY5/OsI8iGezaEDgxljEDFSkw96ujf4GZxZ5OXhxPKF0oyY2bQnQz+WzjocXvHR
R6iMk3G1nAK20EwURKnFkWI0IJiUb0JJbrnVbhuOx15QHs+DLuUj/WjWj37HWqa3
ckeQOYcV7E2snCNucgmbmfmxmHAmZM1HK5ZRcHWThK++F0gAv5GXUD4HiiaarxTc
A8YR7RwdIf1wnIb3+yoA0sxDXIV+mcyT38U10nj5PDjvdCwUar5spOXvpiU2TPfJ
Jwlu+mjBBsRHPcAP/Oq/kqTXtvowcJxGvz16MlfO/PWofOEIhUz1Dg==
=d10C
END PGP MESSAGE-----
--000_VI1P194MB063950F8AFCFEF8AE12E5510A13C0VI1P194MB0639EURP--
Actual results:
I am encrypting incoming emails with PGP on mail server, since the senders are not encrypting them and i do not want to keep them in clear.
I am using my own PGP keys to encrypt the emails.
I have not the possibility to sign them because i can only have the public keys available on server, lest an intruder steals the private keys from server.
(On client side though, i have both the public keys and private keys necessary to do the decryption)
So when i download the emails with Thunderbird , they are PGP encrypted but not signed.
When i open these emails with Thunderbird, i get an error saying the message has been encrypted by an obsolete method, and may have been modified during transmission, so it will not be displayed.
I guess the problem is missing signature?
Is there a way to tell Thunderbird to ignore the missing signature and decrypt the message anyway?
Or may the problem be the "application/pgp" mime type i am using, which is obsolete?
I may try with
Content-Type: multipart/encrypted; protocol="application/pgp-encrypted";
but i guess it makes no difference if the problem is in the missing signature
Expected results:
Is there a way to tell Thunderbird to ignore the missing signature and decrypt the message anyway?
Or maybe i can write a Thunderbird add-on to sign the PGP messages on client (recipient) side upon receiving them, since i have the private keys on client.
Would it solve the issue?
|
||
Comment 1•5 years ago
|
||
I doubt the missing signature is a problem. What is the exact message, and what are the properties of the key you're using. Is it perhaps using an outdated algorithm?
Algo is RSA 4096 bits, no expiry.
Maybe i will try with an ECC key , if RSA is obsolete.
Exact error message: see this screenshot https://i.imgur.com/O17RjrO.png
Procedure i have followed for encrypting the mail body in PGP:
i have pasted the public key and the mail body on this online tool https://www.igolder.com/pgp/encryption/
The public key is:
-----BEGIN PGP PUBLIC KEY BLOCK-----
xsFNBF96pyMBEACzy72vOM75vORUgK9bijmOOJJSrgPZy2BT8yhSMyU4dYCgkPjdQYYx/4CxfwHO
bGa77no1p9EdP3sWGSRsgsgbRWcNBdsbXd2BPRWAmt9enq4xkz2wAfZ63t0SAH5HVdObb2rGkY4C
d2U70lkl/VlnQQ0ZhPScmk1HA76kntPMmbB0zEWVZ1lVBqBODX3XtpI5tBRIIZyoNRgmVTvWqnEw
EVGr4Vo/qywhP8cVhw4pKuhLCvRMZobJOwj7RKKk/iH9n5SCjMz2E0cDl3VZBhg7TQHPIEZ8FIqc
WGlGU5jzWWljliQdCu70j3qDByhLEVRLGEnQNKRfn35JjNGOzocA/e52jIYUybjJa8Nc5YcWNQBn
mxfeC/DIa6pEScuWMZzg811dNQ5fQLY6ij2aGTt6BlQwLxYizsxWjHj6fMZJanthpMSR9Gv7uMIZ
LeACmrMdKMbA+3CEoto64LxJ9NW+Ga8zBh5T2VZ6Sgq+YJcvZN9sAWPkt57l5PWs4I7uA7pF1yEr
YeBC+zJv8ALFeiCGkkiryeZl97PwOw1Bk0obt9seZiAa3ngWd4dA6gzNL+vVkp2EnYj6uUPyRlbl
ZAU3CkvbMqC4mIGw0KAn+/EMq0MkVKM1gcAK+DYuWPgdYoHaH2LpMZLWU7cn+SivXX5ZR7M6Vcm/
Zic8rlY2gER0JwARAQABzSpTYXZlIEJ5IEJvb2tpbmcgPGluZm9Ac2F2ZWJ5Ym9va2luZy5jby51
az7CwYkEEwEIADMWIQRuaxxGsFZtEJLPzTt3a4IpUgiFjwUCX3qnLQIbAwULCQgHAgYVCAkKCwIF
FgIDAQAACgkQd2uCKVIIhY/x/Q/+POM7f7KHLhE59PMG8hZajRQ1JGPHRlNw6QgubmkPmd59jTO5
cZcwdgUeQjp3exaWiVrmT/JfUaxmAnCry0fl/gCQ9iol0s3yiGk1RvK23/tueNwPPH5VHGg7pV1d
10K7PzGIwUsuVT9rxFH+pWZUMZyGvnB/fQMPO6mf1zZ95MuHD+vcIIMkmk2sJfg3FmfqcF4Qb82d
nCO6eR3aC0dPPKw4la/7sTvk3hl1iEXzUcJ7M6TDfHdcCqy0AcVGuZ1vhjq6FifspsS/AzlDaawx
oe2nVfIQUSdBp6nJyWOLdyuR5qw8xYO2dh7relqoebu05cT6IgtYp6VBvB0kQsHHBLPQpKU4hY5u
GCY2w0qjAWukBlSiR7jnQzI4DVWpk1NG3N1c5vJW6nFh6P19sG/q7uUIXEmuRVt7L2AyC++t8vnm
qSibYjJ/u6ozxni6IwsqX6zniSZV5Rc7mXbu2Ap0lYUFHQW+2KN0OE7PSJUvLhmvbdg3EHDnBL+M
Hk5bCZiRklB/Ptu7XkLEL0A+v5wk0rWNdesSJjSvgMmnR4MfAc3jF14SJfMwtrDQ3l0HQFsgr3lI
8zeZp5kzRz/w+aTdjOgX6yr5LZFKUh1rwlq4+O5ztciS2zRN6rn7imzJy5kOZVR9fdLyqqz6Jlnx
CryQMJULybPiGng82QhvojgiYPrOwU0EX3qnLQEQAN7ESvuMiBepwg52Cyl3kDNkhjeZCxQ6lPV1
0COf3ddaQs1wuKZcMlhwwUZPy6Pk4lc8rfXlxaEy9UDTwuqADeNFs1qofnuS4U0qKN0iaS/Qn8dt
0MzaTD6dRvEgJqW6LYajyes+6wzXbcr0YeCKd31n8E/YIj3FqeGNcNg/rACEazRJKevj8tWn6ANH
sEFdy+6yXhF0oZ49+COEumRXu2ZP3Fw3J7mBrsOnxz6tK0OOFxa4x1SGn4kJPNWB+SyEqvD9F/2p
O1SuoYU1kiT2efm+AxNCsyuwwCnDY5TRW2rYdl55TE1fPrK3GQLW7JxfNEty6Ej3xTpNpMkJM9yj
vKDo2ICmtPGXiDVZsbGiaQCFgMX94cz7/Eb3dtdID49oZ+kfDpym4h7DqH1CqxrLM1dv/TW5qWBI
hf28aGMH8W53LnWu3bNI7v+rdpGpklfdtyEnBu7FiafZ8VpyBZms5cp3fxCU9rcIgzutnRFaI2OK
eDPszN58UyPtRX0r2DA0hW7SCtWgPm9+C4sJkUjhDbg+0EhI56TTnoGRBIosw+8ZgCEppIE7KuWl
GXVPNDIhlp8SisPxtKFO3kAVawsC8WW+sg0CQGp/nFSmXS+wz37HTTjwlp6R9wKzU/LauwF9le3j
jsWgCPV/8wOAMFqgl6Nb/SgvcTsTzI5qABs13QeRABEBAAHCwXYEGAEIACAWIQRuaxxGsFZtEJLP
zTt3a4IpUgiFjwUCX3qnQQIbDAAKCRB3a4IpUgiFj8ZuD/9cLllKJ4ncQH5OkyKoGA/MCuMZ0wt7
INUeoL23Dxd9gZSPfXIPt4O0MrdEhG2iuT6zBcaJ4E5M2TgWShd3rVVHweVe7B+cpr5pqWWqcrwc
rJZ9Y1lrUA4N4L5oItKSd402ZfXPBalmjp5hdGwAR64nhTVyN8OSrKt6x4gWrKIYYUFAmud0xQpU
DH4WPfxHGyA5KiCSJTqMJe6rt9WGmEyS6HnWsbli0d530/18CgGSc/bCNy6t/Mq2kpPhly45tOwF
A145iHRr2psn3hNYaZ8TABLDx4/NAX5fDZNW5jRsEEIkvSqtTJ+xGi7y4voq/NTL13y+c5tCnD2O
0tAKJSgZLoDbpiS53KNQz6gfxzzjD0kZASX+H8Lh75J8gvGG7zJj6dvodYZ9l5M7xFbYJl55YXEh
qgARV8Ejdkrr4cr9aqTauuWfIKswZqtyF+1C9qG4qkBOfYHL/PDvpcZme8b2QjcMoLLVu6wbdUz9
+42EzPee8gWYRCMczk99f3g8RsQWUnbRz6JvLvOQWmHp7Q33An/MmsgOXlaIdWx8n6zuXlKAEblS
i2P5dFA7YyE7zXeMdB3bdb5sGVunTCG6VHOXAkVr+/0srmqXvryxmDAiKGLhpmmrbCRz2RXHaUNC
7+FAMl9WyjSdHLnHh+nx9IqeQzo21sxS2WvzKEP7y8pJDw==
=HdGi
-----END PGP PUBLIC KEY BLOCK-----
I have tried sending an encrypted email to myself with Thunderbird and it works, but it is using different mail headers than i did, so i will try encrypting the emails with the same approach
...
...
Autocrypt: ...
...
...
Content-Type: multipart/encrypted;
protocol="application/pgp-encrypted";
boundary="8GUwmlLrQqoW2EvDFU0SRTjNVvfiwpNfX"
This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)
--8GUwmlLrQqoW2EvDFU0SRTjNVvfiwpNfX
Content-Type: application/pgp-encrypted
Content-Description: PGP/MIME version identification
Version: 1
--8GUwmlLrQqoW2EvDFU0SRTjNVvfiwpNfX
Content-Type: application/octet-stream; name="encrypted.asc"
Content-Description: OpenPGP encrypted message
Content-Disposition: inline; filename="encrypted.asc"
-----BEGIN PGP MESSAGE-----
wcFMA2SPT9OiioznAQ/8DvZVhFnzgIjDHB+cT+gU7q7NCjmEJB7EDu4Ahzh2J5M22c6/fJED6rFX
...
...
Also, i will use GnuPG to encrypt things instead of external tools, since i don't know what libraries they use.
Maybe that was the issue
UPDATE: everything works fine for text/plain mail bodies with no attachment.
I have tried adding an encrypted pdf , but Thunderbird ignores it.
What am i missing?
Here is the complete mail source: https://1drv.ms/t/s!Ao4pRXNsgcpfowpfKlgBrTz8sP-0?e=URMwQ8
Thanks
Solved: i had to encrypt the mail body + attachments (and headers) all together in the same PGP message
|
|
||
Comment 8•5 years ago
|
||
Is there any other way?
Description
•