Open Bug 1761855 Opened 3 years ago Updated 2 years ago

Thunderbird cannot decrypt armored OpenPGP message with non-breaking space instead of newline after -----BEGIN PGP MESSAGE-----

Categories

(MailNews Core :: Security: OpenPGP, defect)

Thunderbird 91
defect

Tracking

(Not tracked)

People

(Reporter: demiobenour, Unassigned)

References

(Blocks 1 open bug)

Details

Thunderbird cannot decrypt messages that have quoted-printable data with the following form:

some data

-----BEGIN PGP MESSAGE-----
=C2=A0hQIMA+Na7aNsb5vOAQ/9HYFjcf6vCR+975sy/OHgK4u737r+rQmOTOyyoqUBTTRS
+Yz/PfHqDN+sw7/cN5X0GN/yBprmraAptTxBTNHnoflbTgcqbEhYrJwx2G1pQuJG
ZSpfLG8Az9yqHaUl99GN5VxCEj+yD0TP1i260JDT9q2WhuOT8vPEkcCBLPXn147i
tNvBIph/C4fxzvwr6EEmzSlWXn32YgZsmcyPrmT2MEyvZ9zvI52Zoq3U40LgPpQl
E/+dWa+8utwGAVyWamxzQ4LCZOQP3ir1ob6j7C/TucxV86AyqLM2isG/t8cqBG68
me7Zj0z68If5okkaBR413LFMlS8JYqtIYSkcaCmomGKwaoJqRJyAReNArKBz1oGI
oegwvGsh5i3MwmwVq484IxVHjFF8Oxo3qlTwMOWL+Cx1NdHMGtvhKKSWlSLgVGXL
uymwUGqFrjo/lsykewbUBySQ9OBDqgp4agwbC+A0X+251nAstUfDM3lWwvwgjLYd
3rwUmssYa7keDYJrVkfGnZVgHWCTce00BHv0RabOlbQAB0tETRIUBkTPl+gURI9R
efRnyBbc+vRdWPPLqEVDTI/MGtUnb8YfwqBwRJsyZMf7aDjxYxgvdp8bp8n5CPAq
0wGJoVddhbUpOLleKtPblU+EvtDCxkIyyN/n7xn4v8SHfAxDzuiviY29tIkqd3TS
PwGDA0vM+914Qzi/0bChuR+Tdw/wWfonbzRlg5ESOqZCYdYbIkl/KEaJECqCfJaZ
rmbGH46hkTGTpaQ8UeQ4UA==
=3LBG
-----END PGP MESSAGE-----

more data

(this particular data being /dev/null encrypted with my own key)

This is not valid ASCII armor, as there should be a newline after -----BEGIN PGP MESSAGE----- instead of the non-breaking space, but it is accepted by GPG and I do receive such messages in practice. Mutt also successfully decrypts such messages.

Summary: Thunderbird cannot decrypt armored OpenPGP message with non-breaking space instead of newline → Thunderbird cannot decrypt armored OpenPGP message with non-breaking space instead of newline after -----BEGIN PGP MESSAGE-----

This is an invalid pgp message, because it has unexpected data at the beginning. I need to understand what kind of email encoding results in this kind of data.

Can you please provide a full email message including the headers, please use thunderbird file save as to create an email file, then attach that file here, or zip the file and send it by email to kaie@kuix.de, referencing this bug number.

(In reply to Kai Engert (:KaiE:) from comment #1)

This is an invalid pgp message, because it has unexpected data at the beginning. I need to understand what kind of email encoding results in this kind of data.

Can you please provide a full email message including the headers, please use thunderbird file save as to create an email file, then attach that file here, or zip the file and send it by email to kaie@kuix.de, referencing this bug number.

Will do, but it might be a while.

Does kaie have the sample message?

Blocks: 1730279
Flags: needinfo?(demiobenour)

(In reply to Wayne Mery (:wsmwk) from comment #3)

Does kaie have the sample message?

I cannot find any message referencing "1761855" in my inbox (except messages from bugzilla)

(In reply to Kai Engert (:KaiE:) from comment #4)

(In reply to Wayne Mery (:wsmwk) from comment #3)

Does kaie have the sample message?

I cannot find any message referencing "1761855" in my inbox (except messages from bugzilla)

Sorry about that. Sent.

Flags: needinfo?(demiobenour)

Thanks for providing the sample message.

This is a message from a ticket system, that combines text with inline PGP like this:

Introduction text
PGP Message
Footer text

To make things more complicated, the message also uses multipart/alternative to send the contents twice. Once in plain text, and once again in HTML encoding. It wraps the PGP inline message html tags, each line in a separate <div> tag.

Thunderbird detects that there is apparently some inline PGP contents in the message (because of the PGP boundary lines), and shows a manual "decrypt" button.

Clicking the decrypt button has no effect, probably because Thunderbird fails to process the data inside the message.

We have multiple challenges here.

Because of the alternative text/plain or text/html parts, TB might operate on different input data. I'm guessing that the UI option "view / message body as / html or plain" has an effect on the behavior. In theory, if one of alternative texts has a valid structure, it might already work in one of those modes.

Looking further, I started looking at the text/plain part, which indeed says it's encoded as quoted-printable, which means I had correctly guessed in comment 1 above.

Fully decoding the text/plain part shows:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1
 datadatadatadatadatadatadata
datadatadatadatadatadatadata
datadatadatadatadatadatadata
...

There are two problems with that, I think:

  • there is no blank line between the comment line and the
    first data line. We should double check, but I believe
    a blank line after a comment line is mandatory.
  • the first data line starts with a blank.
    This might also be invalid.

We should check if the above violates the spec for PGP messages.
If it does, you should complain to the sender of those messages and ask them to fix it.
If it's valid, we'd have to change Thunderbird, possibly RNP, to accept that structure.

Status: UNCONFIRMED → NEW
Ever confirmed: true

I manually produced a message that matches that structure.
GnuPG is able to decrypt it.

Ok, demi had already explained the "gnupg accepts" and "non-breaking space instead of newline".

Demi, can you please try again using Thunderbird 102?

I have recreated a message in that structure, by using an encrypted message that I can decrypt. I used the .eml file you had sent to me, and then I replaced the inline PGP text in the plain text MIME part, and then modified the message in the way you reported. (converted to QP, removed the blank line, added the =C2=A0 to the first data line.

If it doesn't work yet when viewing html, please change option view / message body as - to "plain text".

Flags: needinfo?(demiobenour)

... and in my experiment from comment 9, latest TB 102.x was able to decrypt the message.

I suspect this has been closed in Thunderbird 102.

Flags: needinfo?(demiobenour)
You need to log in before you can comment on or make changes to this bug.