Closed
Bug 295118
Opened 20 years ago
Closed 20 years ago
Digital signature won't show in particular nested MIME message
Categories
(Thunderbird :: General, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 145180
People
(Reporter: marco, Assigned: mscott)
Details
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050513 Fedora/1.0.4-1.3.1 Firefox/1.0.4
Build Identifier: Thunderbird/1.0.2-1.3.3 (20050513) Fedora/1.0.4-1.3.1
I noticed that when receiving a message that have multiple nested MIME/multipart
sections, Thunderbird won't recognize the digital signature if the FIRST
"Content-Type" doesn't report multipart/signed, even if the digital signature is
actually in a nested section.
This particular situation I found out using Mailman 2.1.5 (still have to check
with other version) that sometimes adds the mailing list signature transforming
a mail message in a MIME multipart message with the original message (even if
MIME multipart itself) in the first section and the signature in the second.
(I am about to forward this to the Mailman mantainer too, but i don't expect a
change there, and Mailman is widely used)
Reproducible: Always
Steps to Reproduce:
I tried with these example message, sent directly to me telnetting to port 25 on
my SMTP.
It's easy to reproduce the trial just by changing both "RCPT" and "To:" lines
with your address, then just open up the telnet session and paste it.
Obviously, you will eventually find out that the digital signature is NOT
correct, but this is another matter, as the problem is simply that in the FIRST
case the signature won't even show, and in the second will.
I also changed the multipart boundaries to something more readable.
FIRST CASE (example of a mail with MIME multipart nested as Mailman would create):
>>>FROM HERE
MAIL FROM: <mmatarazzo@nuisoft.it>
RCPT TO: <marco@nuisoft.it>
DATA
From: Marco Matarazzo <mmatarazzo@nuisoft.it>
MIME-Version: 1.0
To: Marco <marco@nuisoft.it>
Subject: Trying it out
Content-Type: multipart/mixed; boundary="--mime"
This is a cryptographically signed message in MIME format.
----mime
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature";
micalg=sha1; boundary="--sign"
This is a cryptographically signed message in MIME format.
----sign
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Some text here.
----sign
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
AtcwggJAoAMCAQICAw6/+jANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE
ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv
ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv
bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDUwNTIwMTMyNTI5WhcNMDYwNTIwMTMyNTI5
WjBHMR8wHQYDVQQDExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMSQwIgYJKoZIhvcNAQkBFhVt
bWF0YXJhenpvQG51aXNvZnQuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0
4j8YEJnk4hje4AMjgWwIFBnOShJl5hskDKhYeKPhOV3ZwI9jxgIlWeYfL0C8O6nZt7QNuNPv
TKsDKWerLdmAG1uqC0422YUG40xgO41WWV3TX+th0CiJAqxACKQisryV3je86fvh7r+iDFyb
VHSUwV7k7xnfNgahNz6vZ+D0aWhFS4y1tlR4eSffDJPiFAwoW6QgcGl6RGE4JGFnHdHhmGOs
kEP9cfgIlbtph9FeiUbFKCJco+KJsRRiix8gJUX/me0tIthMCe9ObAGEm4s3MiCpVsUylXlE
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII+TCC
AtcwggJAoAMCAQICAw6/+jANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE
BAUAA4GBAMHXePgSPAY9xiedXG7rcOIOledSYpraOLYcC3NAWwn/h40NT3Gq9M3iCMpSbp2/
LGLUE98fz4rFlYyDwy1ynNzLeqflHjaonwWmSHCUs7K0gThIiNrjTJ3FX3yW73nyqnnqOO9C
hrG2yFreCKdxHzem1jxHUE3DtKfwJyC/wpkUMIIC1zCCAkCgAwIBAgIDDr/6MA0GCSqGSIb3
DQEBBAUAMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII+TCC
AtcwggJAoAMCAQICAw6/+jANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE
bWFpbCBNZW1iZXIxJDAiBgkqhkiG9w0BCQEWFW1tYXRhcmF6em9AbnVpc29mdC5pdDCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALTiPxgQmeTiGN7gAyOBbAgUGc5KEmXmGyQM
qFh4o+E5XdnAj2PGAiVZ5h8vQLw7qdm3tA240+9MqwMpZ6st2YAbW6oLTjbZhQbjTGA7jVZZ
XdNf62HQKIkCrEAIpCKyvJXeN7zp++Huv6IMXJtUdJTBXuTvGd82BqE3Pq9n4PRpaEVLjLW2
VHh5J98Mk+IUDChbpCBwaXpEYTgkYWcd0eGYY6yQQ/1x+AiVu2mH0V6JRsUoIlyj4omxFGKL
Lml0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEEBQADgYEAwdd4+BI8Bj3GJ51cbutw4g6V
51Jimto4thwLc0BbCf+HjQ1Pcar0zeIIylJunb8sYtQT3x/PisWVjIPDLXKc3Mt6p+UeNqif
HyAlRf+Z7S0i2EwJ705sAYSbizcyIKlWxTKVeUT9IahEvqB8Ei851nInXbS0Q11a8ivns70o
hF8BTAxPiiyEMhMLQL8CAwEAAaMyMDAwIAYDVR0RBBkwF4EVbW1hdGFyYXp6b0BudWlzb2Z0
BaZIcJSzsrSBOEiI2uNMncVffJbvefKqeeo470KGsbbIWt4Ip3EfN6bWPEdQTcO0p/AnIL/C
mRQwggM/MIICqKADAgECAgENMA0GCSqGSIb3DQEBBQUAMIHRMQswCQYDVQQGEwJaQTEVMBMG
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII+TCC
AtcwggJAoAMCAQICAw6/+jANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE
MSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEW
HHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wHhcNMDMwNzE3MDAwMDAwWhcNMTMwNzE2
MjM1OTU5WjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0
eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0Ew
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMSmPFVzVftOucqZWh5owHUEcJ3f6f+jHuy9
zfVb8hp2vX8MOmHyv1HOAdTlUAow1wJjWiyJFXCO3cnwK4Vaqj9xVsuvPAsH5/EfkTYkKhPP
K9Xzgnc9A74r/rsYPge/QIACZNenprufZdHFKlSFD0gEf6e20TxhBEAeZBlyYLf7AgMBAAGj
gZQwgZEwEgYDVR0TAQH/BAgwBgEB/wIBADBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3Js
LnRoYXd0ZS5jb20vVGhhd3RlUGVyc29uYWxGcmVlbWFpbENBLmNybDALBgNVHQ8EBAMCAQYw
KQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZhdGVMYWJlbDItMTM4MA0GCSqGSIb3DQEB
BQUAA4GBAEiM0VCD6gsuzA2jZqxnD3+vrL7CF6FDlpSdf0whuPg2H6otnzYvwPQcUCCTcDz9
reFhYsPZOhl+hLGZGwDFGguCdJ4lUJRix9sncVcljd2pnDmOjCBPZV+V2vf3h9bGCE6u9uo0
5RAaWzVNd+NWIXiC3CEZNd4ksdMdRv9dX2VPMYIDOzCCAzcCAQEwaTBiMQswCQYDVQQGEwJa
QTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhh
d3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECAw6/+jAJBgUrDgMCGgUAoIIBpzAY
BgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNTA1MjAxNDUxNTVa
MCMGCSqGSIb3DQEJBDEWBBQLn5dHJK7ur9JbhYkiuKQ9EYk0uTBSBgkqhkiG9w0BCQ8xRTBD
MAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzAN
BggqhkiG9w0DAgIBKDB4BgkrBgEEAYI3EAQxazBpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQK
ExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29u
YWwgRnJlZW1haWwgSXNzdWluZyBDQQIDDr/6MHoGCyqGSIb3DQEJEAILMWugaTBiMQswCQYD
VQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UE
AxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECAw6/+jANBgkqhkiG9w0B
AQEFAASCAQBjQatmWdmlKLSEXyFB2jrYfu8Y2tADEexkXOSuPt5LW3sHAM6AdChZNReLq0qv
HyAlRf+Z7S0i2EwJ705sAYSbizcyIKlWxTKVeUT9IahEvqB8Ei851nInXbS0Q11a8ivns70o
hF8BTAxPiiyEMhMLQL8CAwEAAaMyMDAwIAYDVR0RBBkwF4EVbW1hdGFyYXp6b0BudWlzb2Z0
YWwgRnJlZW1haWwgSXNzdWluZyBDQQIDDr/6MHoGCyqGSIb3DQEJEAILMWugaTBiMQswCQYD
VQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UE
----sign--
----mime
.
QUIT
>>>TO HERE
SECOND CASE:
Try it again after changing the line just after the "Subject":
Content-Type: multipart/mixed; boundary="--mime"
with
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature";
micalg=sha1; boundary="--mime"
Actual Results:
In the first case, the message won't show the digital signature.
In the second, it will.
Expected Results:
It would have shown the digital signature in both cases.
I tried to read MIME specification and I admit I cannot find out if nesting a
multipart/signed in a multipart/mixed is right.
I notice that (maybe, I am guessing) Mailman recognize the signed message, as it
repeats the "This is a cryptographically signed message in MIME format." line,
so maybe it should also set the message as multipart/signed and not
multipart/mixed, or, moreover, simply add another section to an already
multipart'ed (sorry for that) message.
Anyway, other clients (included Outlook Express, sadly) correctly recognize the
digital signature even in this case, and Thiunderbird won't. So i believe it
should be fixed, even if it's not entirely correct.
Related to Core bug 145180 or Core bug 159238?
|
Reporter | |
Comment 2•20 years ago
|
||
> Related to Core bug 145180 or Core bug 159238?
It seems so. What is the best way to act? Remove this one ?
(In reply to comment #2)
> What is the best way to act? Remove this one ?
You could resolve this bug and mark it as a duplicate of the closest matching bug.
|
|
Reporter | |
Comment 4•20 years ago
|
||
*** This bug has been marked as a duplicate of 145180 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•