TypeError when trying to import PGP key with "Discover new or updated key"
Categories
(MailNews Core :: Security: OpenPGP, defect)
Tracking
(thunderbird_esr102 fixed)
| Tracking | Status | |
|---|---|---|
| thunderbird_esr102 | --- | fixed |
People
(Reporter: andrew, Assigned: KaiE, NeedInfo)
Details
Attachments
(7 files, 1 obsolete file)
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
968 bytes,
patch
|
Details | Diff | Splinter Review | |
|
4.21 KB,
patch
|
Details | Diff | Splinter Review | |
|
2.33 KB,
patch
|
wsmwk
:
approval-comm-esr102+
|
Details | Diff | Splinter Review |
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0
Steps to reproduce:
- Use Thunderbird 78.x and setup a mail account with OpenPGP encryption.
- Try to send an OpenPGP encrypted mail to edward-en@fsf.org <mailto:edward-en@fsf.org>. Make sure there's no public key in your database.
- Acknowledge the missing key message and press OK.
- Select the edward-en@fsf.org <mailto:edward-en@fsf.org> entry in the OpenPGP Message Security window and press "Manage keys for selected recipient..."
- Press "Discover new or updated key".
Actual results:
- Get the error "Can't read public key file.".
- Message from the error console:
CryptoAPI.sync() failed result: TypeError: can't convert the number 351 to element 165 of the type ctypes.uint8_t.array(9442)
importToFFI chrome://openpgp/content/modules/RNP.jsm:1600
getKeyListFromKeyBlockImpl chrome://openpgp/content/modules/RNP.jsm:1670
getKeyListFromKeyBlockAPI chrome://openpgp/content/modules/cryptoAPI/RNPCryptoAPI.jsm:302
getKeyListFromKeyBlock chrome://openpgp/content/modules/key.jsm:155
lookupAndImportOnKeyserver chrome://openpgp/content/modules/keyLookupHelper.jsm:42
viewSelectedEmail chrome://openpgp/content/ui/composeKeyStatus.js:203
oncommand chrome://openpgp/content/ui/composeKeyStatus.xhtml:1
showMessageComposeSecurityStatus chrome://messenger/content/messengercompose/MsgComposeCommands.js:1857
prepareSendMsg chrome://openpgp/content/ui/enigmailMsgComposeOverlay.js:2112
sync chrome://openpgp/content/modules/cryptoAPI/interface.js:56
sendMessageListener chrome://openpgp/content/ui/enigmailMsgComposeOverlay.js:2628
CompleteGenericSendMessage chrome://messenger/content/messengercompose/MsgComposeCommands.js:4758
GenericSendMessage chrome://messenger/content/messengercompose/MsgComposeCommands.js:4695
SendMessage chrome://messenger/content/messengercompose/MsgComposeCommands.js:5000
doCommand chrome://messenger/content/messengercompose/MsgComposeCommands.js:996
doCommand chrome://messenger/content/messengercompose/MsgComposeCommands.js:1192
goDoCommand chrome://global/content/globalOverlay.js:101
oncommand chrome://messenger/content/messengercompose/messengercompose.xhtml:1
Expected results:
The key should have been imported automatically.
Going to keys.openpgp.org in a Web browser, downloading the same key, then importing that file manually through the key manager does work.
https://keys.openpgp.org/search?q=edward-en%40fsf.org
The comment at the top of the key contains some non-English characters.
|
||
Updated•3 years ago
|
I set up WKD for the edward-en@fsf.org GPG Key, including its other identities, so testing that specific key will not reproduce this reported issue for now.
This is still happening in Thunderbird 102.x. It's even worse now: Importing the key manually no longer works, throwing this error: CryptoAPI.sync() failed result: TypeError: can't convert the number 351 to element 165 of the type ctypes.uint8_t.array(9442).
I'd say this is a pretty major bug since it renders the absolutely wonderful email self sefense guide by the FSF useless: https://emailselfdefense.fsf.org/
Importing the key via WKD does work but it's far off from being an adequate solution. After trigger the online search for public keys in Thunderbird it just searches forever instead of throwing an error or showing the key found via WKD leaving the user clueless. It's already very difficult to promote the usage of PGP encrypted mails, issues like these are a cause for a lot of frustration and turn people away.
|
Assignee | |
Comment 3•1 year ago
|
||
Thanks for the ping. I never noticed this bug previously, sorry. Looking now.
|
|
Assignee | |
Comment 4•1 year ago
|
||
Today, the key data found on WKD is binary, and we import it correctly.
However, I still see the bug with the keydata you have uploaded on keys.openpgp.org, that triggers the error you have reported.
The cause is an ascii armored key block, which has comments with non-ascii characters.
As stated in RFC 4880 section 6.2:
"A comment may be any UTF-8 string. However, the whole point of armoring is to provide seven-bit-clean data. Consequently, if a comment has characters that are outside the US-ASCII range of UTF, they may very well not survive transport."
In our scenario, when we convert input key data for handing it to the RNP library, we have to convert the received data from JavaScript string types to an 8-bit type.
Our current code doesn't care whether the input is binary or plain ASCII, it works fine for both.
However, the current code doesn't expect that a key block might contain unicode characters, as in your key block comments.
We could possibly use the following logic whenever we process PGP input:
Check if the input contains any characters with a char code over 255.
If it does, conclude the input isn't a byte stream, but is a unicode string.
Try to remove all "Comment" lines prior to processing it.
If the input still contains any characters with a char code over 255, then reject it as an invalid input.
|
|
Assignee | |
Updated•1 year ago
|
|
|
Assignee | |
Comment 5•1 year ago
|
||
|
||
Updated•1 year ago
|
|
|
Assignee | |
Comment 6•1 year ago
|
||
|
|
Assignee | |
Comment 7•1 year ago
|
||
The patch fixes an additional error, keyList may be null in the error scenario.
|
|
Assignee | |
Comment 8•1 year ago
|
||
I have a code merging issue.
I want to split the null check into a separate patch, and handle it separately, to allow me to land other bugs earlier.
|
|
Assignee | |
Comment 9•1 year ago
|
||
|
|
||
Updated•1 year ago
|
|
|
Assignee | |
Comment 10•1 year ago
|
||
|
|
Assignee | |
Comment 11•1 year ago
|
||
|
|
Assignee | |
Updated•1 year ago
|
|
|
Assignee | |
Comment 12•1 year ago
|
||
Andrew and cryptogoat: If you don't want to wait until this fix becomes available in a stable Thunderbird release, as an immediate workaround, you could upload a version of your public key that is a plain text ascii armored key block, without comments having international characters.
|
|
Assignee | |
Comment 13•1 year ago
|
||
https://hg.mozilla.org/comm-central/rev/596e66f7f1d76e3e19a74ae1ec93271aeca95b98
https://hg.mozilla.org/comm-central/rev/a6f9291a60d261f89534d7d180fe68a29d6ba90b
|
|
Assignee | |
Comment 14•1 year ago
|
||
|
|
Assignee | |
Updated•1 year ago
|
|
|
Assignee | |
Comment 15•1 year ago
|
||
|
|
Assignee | |
Comment 16•1 year ago
|
||
|
|
Assignee | |
Comment 17•1 year ago
|
||
|
|
Assignee | |
Updated•1 year ago
|
|
||
Comment 18•1 year ago
|
||
|
|
Assignee | |
Comment 19•1 year ago
|
||
Comment on attachment 9306597 [details] [diff] [review]
1721668-backport-102-fix.patch
Request to uplift all patches from this bug
[Approval Request Comment]
Regression caused by (bug #): no
User impact if declined: failure to import certain key files
Testing completed (on c-c, etc.): yes, full beta 109 cycle
Risk to taking this patch (and alternatives if risky): low
|
|
Assignee | |
Comment 20•1 year ago
|
||
Please see the attached backport patches.
|
|
||
Comment 21•1 year ago
|
||
Comment on attachment 9306597 [details] [diff] [review]
1721668-backport-102-fix.patch
[Triage Comment]
Approved for esr102
|
|
||
Comment 22•1 year ago
|
||
| bugherder uplift | ||
Description
•