Closed Bug 1674718 Opened 11 months ago Closed 11 months ago

RNP.importKeyBlockImpl should return gracefully when unable to unprotect subkey

Categories

(MailNews Core :: Security: OpenPGP, defect)

defect

Tracking

(thunderbird_esr78 fixed, thunderbird83 fixed)

RESOLVED FIXED
84 Branch
Tracking Status
thunderbird_esr78 --- fixed
thunderbird83 --- fixed

People

(Reporter: KaiE, Assigned: KaiE)

Details

Attachments

(1 file)

The code in RNP.importKeyBlockImpl assumes, if rnp_key_unprotect works on the primary key, that rnp_key_unprotect must work for each subkey, too. If it doesn't, we throw an exception. This causes the Enigmail importer to fail / get stuck.

We've learned this is a common scenario, for example if subkeys have different passphrases, or if subkeys lack the secret key material, and apparently for additional unknown scenarios, as the one reported in bug 1674715.

We should fail gracefully if rnp_key_unprotect fails for a subkey.

Assignee: nobody → kaie
Status: NEW → ASSIGNED

Pushed by kaie@kuix.de:
https://hg.mozilla.org/comm-central/rev/b285a4eb7e44
RNP.importKeyBlockImpl should return gracefully when unable to unprotect subkey. r=PatrickBrunschwig

Status: ASSIGNED → RESOLVED
Closed: 11 months ago
Resolution: --- → FIXED

Comment on attachment 9185347 [details]
Bug 1674718 - RNP.importKeyBlockImpl should return gracefully when unable to unprotect subkey. r=PatrickBrunschwig

[Approval Request Comment]
Regression caused by (bug #): no
User impact if declined: enigmail migrator appearing stuck
Testing completed (on c-c, etc.): manual
Risk to taking this patch (and alternatives if risky): low

Attachment #9185347 - Flags: approval-comm-beta?

Comment on attachment 9185347 [details]
Bug 1674718 - RNP.importKeyBlockImpl should return gracefully when unable to unprotect subkey. r=PatrickBrunschwig

[Triage Comment]
Approved for beta

Attachment #9185347 - Flags: approval-comm-beta? → approval-comm-beta+
Target Milestone: --- → 84 Branch

Comment on attachment 9185347 [details]
Bug 1674718 - RNP.importKeyBlockImpl should return gracefully when unable to unprotect subkey. r=PatrickBrunschwig

[Approval Request Comment]
Regression caused by (bug #): no
User impact if declined: enigmail migrator stuck
Testing completed (on c-c, etc.): manual
Risk to taking this patch (and alternatives if risky): low

Attachment #9185347 - Flags: approval-comm-esr78?

Comment on attachment 9185347 [details]
Bug 1674718 - RNP.importKeyBlockImpl should return gracefully when unable to unprotect subkey. r=PatrickBrunschwig

[Triage Comment]
Approved for esr78

Attachment #9185347 - Flags: approval-comm-esr78? → approval-comm-esr78+
You need to log in before you can comment on or make changes to this bug.