Open Bug 1852999 Opened 2 years ago Updated 2 years ago

PGP: Unencrypted replies are not automatically digitally signed

Categories

(MailNews Core :: Security: OpenPGP, defect)

Product:
MailNews Core
Component:
Security: OpenPGP
Version:
Thunderbird 115
Type:
defect

Tracking

(Not tracked)

People

(Reporter: nvx2004, Unassigned)

References

Details

Attachments

(2 files)

pgp.png
22.99 KB, image/png
Details
OpenPGP Key Manager still shows that the secret key is missing after it has been added (imported) to the existing pub/ssb
43.75 KB, image/png
Details
Attached image pgp.png

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36

Steps to reproduce:

  1. Add an OpenPGP key to an account, and enable digital signing of unencrypted messages (account settings > End-To-End Encryption > [x] Sign unencrypted messages).
  2. Select any unencrypted message and click the Reply (or Forward) button.

Actual results:

Digital signing of the reply (or forwarded message) is not enabled -- the respective toolbar icon is not selected, Digitally Sign in the Security menu is unchecked).

Also, there is a crossed-out padlock icon in the subject line over the subject text (see the attached screenshot).

Please note that for new messages, digital signing is enabled by default as expected.

Expected results:

Digital signing of unencrypted replies (and forwarded messages) should be enabled by default when Sign unencrypted messages is checked in account settings > End-To-End Encryption.

I don't see that.
The crossed-out padlock icon in the subject line means the subject will not be encrypted. (The icon shouldn't be there, bug 1828591)

Component: Message Compose Window → Security: OpenPGP
Product: Thunderbird → MailNews Core

I tested it again with a fresh profile and was not able to make automatic digital signing work. The same happens in the Troubleshoot mode (Help > Troubleshoot mode).

Possibly relevant:

(1)
I see the problem irrespective of the number of identities set up. On some computers, I have just one identity (with OpenPGP signing); on others, I have two identities of which only the primary one uses OpenPGP. Each Thunderbird profile has been set up and maintained separately (i.e., no profile synchronisation/... among the machines etc.). All computers use Windows 10/11 x64.

(2)
I have imported into TB only my public key (pub) and secret subkeys (ssb; this setup worked flawlessly before v.115). To test whether it might be the cause of the problem, I tried to add also the secret key (sec) to the already imported pub/ssb. The result was as shown in the attached screenshot -- TB still said that the secret key was missing. File > Reload Key Cache in the built-in OpenPGP Key Manager did not help and neither did restarting TB.

So, I removed the imported pub/sec/ssb, restarted TB, and imported all the keys back. Only now did TB show that the secret key was available (i.e., no exclamation mark on the Structure tab of the Key Properties dialog). However, even with sec present, OpenPGP signing was not automatically enabled (and, yes, I did re-enable this option in account settings after faffing about with the keys).

I can try other things/remedies if necessary, but as of now, I am out of ideas (i.e., feel free to advise).

Thanks.

So it's related to your key?
If you create a fresh profile and set up a new key generated by Thunderbird, does it work then?

Yes, with a new profile and TB-generated RSA-4096 keypair (no ssb) it works. My GnuPG-generated keys (incl. ssb), on the other hand, are 255-bit EdDSA/ECDH.

Summary: PGP: Unencrypted replies or forwarded messages are not automatically digitally signed → PGP: Unencrypted replies messages are not automatically digitally signed
Summary: PGP: Unencrypted replies messages are not automatically digitally signed → PGP: Unencrypted replies are not automatically digitally signed

I have just updated to v.115.2.3 and it seems that, in this version, digital signing is enabled by default for forwarded messages even with my GnuPG-generated keys (i.e., expected behaviour). The padlock icon in the subject field is also gone.

Unfortunately, the issue persists in the case of replies.

Do you still see this incorrect behavior with the fix for bug 1859978 available? (in the test build I gave to you)

Flags: needinfo?(nvx2004)

After applying the fix for #1859978 this morning, I have encountered neither the problem with digital signing being disabled in the Compose window, nor the strange padlock icon in the Subject field.

Flags: needinfo?(nvx2004)

Thanks for confirming.

I tried to reproduce using the key setup that you described in bug 1859978, but I cannot reproduce this bug here.

It isn't clear to me yet how it could cause this side effect.

Status: UNCONFIRMED → NEW
Depends on: 1859978
Ever confirmed: true

Could it be related to mail.openpgp.remind_encryption_possible == false? Because I certainly changed this preference last Sat when I decided it was high time the respective reminder stopped showing up.

One more thing regarding the padlock icon: I do see it in the Subject field, but only for a very short period of time (a fraction of a second). Then it disappears during the UI updates (the Sign toolbar button being selected/activated etc.).

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: