Thunderbird cannot decrypt armored OpenPGP message with non-breaking space instead of newline after -----BEGIN PGP MESSAGE-----
Categories
(MailNews Core :: Security: OpenPGP, defect)
Tracking
(Not tracked)
People
(Reporter: demiobenour, Unassigned)
References
(Blocks 1 open bug)
Details
Thunderbird cannot decrypt messages that have quoted-printable data with the following form:
some data
-----BEGIN PGP MESSAGE-----
=C2=A0hQIMA+Na7aNsb5vOAQ/9HYFjcf6vCR+975sy/OHgK4u737r+rQmOTOyyoqUBTTRS
+Yz/PfHqDN+sw7/cN5X0GN/yBprmraAptTxBTNHnoflbTgcqbEhYrJwx2G1pQuJG
ZSpfLG8Az9yqHaUl99GN5VxCEj+yD0TP1i260JDT9q2WhuOT8vPEkcCBLPXn147i
tNvBIph/C4fxzvwr6EEmzSlWXn32YgZsmcyPrmT2MEyvZ9zvI52Zoq3U40LgPpQl
E/+dWa+8utwGAVyWamxzQ4LCZOQP3ir1ob6j7C/TucxV86AyqLM2isG/t8cqBG68
me7Zj0z68If5okkaBR413LFMlS8JYqtIYSkcaCmomGKwaoJqRJyAReNArKBz1oGI
oegwvGsh5i3MwmwVq484IxVHjFF8Oxo3qlTwMOWL+Cx1NdHMGtvhKKSWlSLgVGXL
uymwUGqFrjo/lsykewbUBySQ9OBDqgp4agwbC+A0X+251nAstUfDM3lWwvwgjLYd
3rwUmssYa7keDYJrVkfGnZVgHWCTce00BHv0RabOlbQAB0tETRIUBkTPl+gURI9R
efRnyBbc+vRdWPPLqEVDTI/MGtUnb8YfwqBwRJsyZMf7aDjxYxgvdp8bp8n5CPAq
0wGJoVddhbUpOLleKtPblU+EvtDCxkIyyN/n7xn4v8SHfAxDzuiviY29tIkqd3TS
PwGDA0vM+914Qzi/0bChuR+Tdw/wWfonbzRlg5ESOqZCYdYbIkl/KEaJECqCfJaZ
rmbGH46hkTGTpaQ8UeQ4UA==
=3LBG
-----END PGP MESSAGE-----
more data
(this particular data being /dev/null
encrypted with my own key)
This is not valid ASCII armor, as there should be a newline after -----BEGIN PGP MESSAGE-----
instead of the non-breaking space, but it is accepted by GPG and I do receive such messages in practice. Mutt also successfully decrypts such messages.
Updated•3 years ago
|
Comment 1•2 years ago
|
||
This is an invalid pgp message, because it has unexpected data at the beginning. I need to understand what kind of email encoding results in this kind of data.
Can you please provide a full email message including the headers, please use thunderbird file save as to create an email file, then attach that file here, or zip the file and send it by email to kaie@kuix.de, referencing this bug number.
Reporter | ||
Comment 2•2 years ago
|
||
(In reply to Kai Engert (:KaiE:) from comment #1)
This is an invalid pgp message, because it has unexpected data at the beginning. I need to understand what kind of email encoding results in this kind of data.
Can you please provide a full email message including the headers, please use thunderbird file save as to create an email file, then attach that file here, or zip the file and send it by email to kaie@kuix.de, referencing this bug number.
Will do, but it might be a while.
Comment 3•2 years ago
|
||
Does kaie have the sample message?
Comment 4•2 years ago
|
||
(In reply to Wayne Mery (:wsmwk) from comment #3)
Does kaie have the sample message?
I cannot find any message referencing "1761855" in my inbox (except messages from bugzilla)
Reporter | ||
Comment 5•2 years ago
|
||
(In reply to Kai Engert (:KaiE:) from comment #4)
(In reply to Wayne Mery (:wsmwk) from comment #3)
Does kaie have the sample message?
I cannot find any message referencing "1761855" in my inbox (except messages from bugzilla)
Sorry about that. Sent.
Comment 6•2 years ago
|
||
Thanks for providing the sample message.
This is a message from a ticket system, that combines text with inline PGP like this:
Introduction text
PGP Message
Footer text
To make things more complicated, the message also uses multipart/alternative to send the contents twice. Once in plain text, and once again in HTML encoding. It wraps the PGP inline message html tags, each line in a separate <div> tag.
Thunderbird detects that there is apparently some inline PGP contents in the message (because of the PGP boundary lines), and shows a manual "decrypt" button.
Clicking the decrypt button has no effect, probably because Thunderbird fails to process the data inside the message.
We have multiple challenges here.
Because of the alternative text/plain or text/html parts, TB might operate on different input data. I'm guessing that the UI option "view / message body as / html or plain" has an effect on the behavior. In theory, if one of alternative texts has a valid structure, it might already work in one of those modes.
Looking further, I started looking at the text/plain part, which indeed says it's encoded as quoted-printable, which means I had correctly guessed in comment 1 above.
Fully decoding the text/plain part shows:
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1
datadatadatadatadatadatadata
datadatadatadatadatadatadata
datadatadatadatadatadatadata
...
There are two problems with that, I think:
- there is no blank line between the comment line and the
first data line. We should double check, but I believe
a blank line after a comment line is mandatory. - the first data line starts with a blank.
This might also be invalid.
We should check if the above violates the spec for PGP messages.
If it does, you should complain to the sender of those messages and ask them to fix it.
If it's valid, we'd have to change Thunderbird, possibly RNP, to accept that structure.
Comment 7•2 years ago
|
||
I manually produced a message that matches that structure.
GnuPG is able to decrypt it.
Comment 8•2 years ago
|
||
Ok, demi had already explained the "gnupg accepts" and "non-breaking space instead of newline".
Comment 9•2 years ago
|
||
Demi, can you please try again using Thunderbird 102?
I have recreated a message in that structure, by using an encrypted message that I can decrypt. I used the .eml file you had sent to me, and then I replaced the inline PGP text in the plain text MIME part, and then modified the message in the way you reported. (converted to QP, removed the blank line, added the =C2=A0 to the first data line.
If it doesn't work yet when viewing html, please change option view / message body as - to "plain text".
Comment 10•2 years ago
|
||
... and in my experiment from comment 9, latest TB 102.x was able to decrypt the message.
Reporter | ||
Comment 11•2 years ago
|
||
I suspect this has been closed in Thunderbird 102.
Description
•