1886396 - Minimize false positive UI reporting of partially encrypted/signed OpenPGP messages

Status: RESOLVED FIXED

(MailNews Core :: Security: OpenPGP, defect)

Description

[Kai Engert (:KaiE:)]

We falsely report that a message is partially signed or encrypted for some messages,
for example if the message contains a PGP key block, only.

We should limit reporting to the scenarios "BEGIN PGP MESSAGE" and "BEGIN PGP SIGNED MESSAGE".

Comment 1

[Kai Engert (:KaiE:)]

Attachment: Bug 1886396 - Minimize false positive reporting of partial OpenPGP message. r=mkmelin

Comment 2

[Pulsebot]

Pushed by micah@thunderbird.net:
https://hg.mozilla.org/comm-central/rev/72ec6717196c
Minimize false positive reporting of partial OpenPGP message. r=mkmelin

Comment 3

[Nickolay Olshevsky]

JFYI: There is a function rnp_guess_contents() which could help with this.

Comment 4

[Kai Engert (:KaiE:)]

I think this is safe to uplift to 115, I've been running with this patch for 2 months.

Comment 5

[Kai Engert (:KaiE:)]

Comment on attachment 9392238 [details]
Bug 1886396 - Minimize false positive reporting of partial OpenPGP message. r=mkmelin

[Approval Request Comment]
Regression caused by (bug #): no
User impact if declined: some confusion with signed messages
Testing completed (on c-c, etc.): yes
Risk to taking this patch (and alternatives if risky): should be safe

Comment 6

[Kai Engert (:KaiE:)]

Attachment: 1886396-backport-esr115.patch

merged minimal patch

Comment 7

[Wayne Mery (:wsmwk)]

Comment on attachment 9402443 [details] [diff] [review]
1886396-backport-esr115.patch

[Triage Comment]
Approved for esr115

Comment 8

[Rob Lemley [:rjl]]

Thunderbird 115.12.0:
https://hg.mozilla.org/releases/comm-esr115/rev/5a753ffd77ef