Summary: | Reports error on first unverifiable signature on message that has been signed with more than one key | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Claws Mail (GTK 2) | Reporter: | Sami Olmari <sami+thewildbeast> | ||||||||||||
Component: | Plugins/Privacy/PGP | Assignee: | users | ||||||||||||
Status: | REOPENED --- | ||||||||||||||
Severity: | normal | CC: | sami+thewildbeast | ||||||||||||
Priority: | P3 | ||||||||||||||
Version: | 3.13.2 | ||||||||||||||
Hardware: | PC | ||||||||||||||
OS: | Linux | ||||||||||||||
Attachments: |
|
Description
Sami Olmari
2016-05-21 12:15:45 UTC
Created attachment 1650 [details]
Detach signed file for examplefile
Created attachment 1651 [details]
Clearsigned version from examplefile
Attaching a complete msg as an example would be more useful Created attachment 1652 [details]
Clearsigned message rfc2822
Requested full rfc2822 from clearsigned message added as attachment.
Works fine for me using gpg2 in Claws Mail. It will fail if you use gpg (rather than gpg2) because: "Can't check signature: unknown pubkey algorithm" Make sure you have configured Claws Mail to use gpg2 rather than gpg in /Configuration/Preferences/Plugins/GPG, 'Path to GnuPG executable'. Created attachment 1653 [details]
visual proof of sucessful signature verification
But gpg(1) can resolve the rsa key used in message just fine, even when there exist the ed25519 that is "unknown pubkey algorithm": gpg --verify gpg-dual-sign.sig gpg-dual-sign gpg: Signature made la 21. toukokuuta 2016 12.34.16 EEST gpg: using ? key 0xAC5E3C41AC86CC36 gpg: Can't check signature: unknown pubkey algorithm gpg: Signature made la 21. toukokuuta 2016 12.34.16 EEST gpg: using RSA key 0x32FEBC47F4EC92E4 gpg: Good signature from "Sami Olmari <sami@olmari.fi>" [ultimate] gpg: aka "Sami Olmari <olmari@kapsi.fi>" [ultimate] gpg: aka "Sami Olmari <olmari@netikka.fi>" [ultimate] gpg: aka "[jpeg image of size 4394]" [ultimate] Does Claws check only the first key and be happy with that result? instead of both (or all) keys? This might be the culprit and also the original issue would still exist, not checking all the keys that message is signed with :) No, it bails out when it encounters an error. On further testing, if the first signature cannot be verified, then Claws Mail reports an error, regardless of the verification of the 2nd signature. This would need rethinking how we handle and display signature status. It is easy enough to walk through all the signatures in sgpgme_sigstat_gpgme_to_privacy() via sig->next, but in the end, it returns a single signature status. One way could be to make the function return a pointer to a linked list of "signature statuses", each of which would contain identifying string and SignatureStatus. The UI could then walk through the list, and say something like "X of Y signatures valid, click for details". Just thinking aloud here. :) Glad you talked out loud, Andrej :) Those methods would sound sane way to achieve this, should this ever be implemented. Sadly I can only provide you with this and no ready code, but this indeed kind of is a bug, or defiency of a sort currently. While I also realise mine method of using keys is widely uncommon, it still is possible, so why not ;) When I wondered this issue (especially with exist status relating to "one working key" situation, someone at #gnupg suggested that: < K_F> for one thing you shouldn't look at return code if using gpg, you'd need to use gpgv in an automated setting if return code is important < K_F> but would need to look at status-fd and properly consider key validity etc < K_F> (to elaborate, you should look at return code, but not to determine signature validity) if this would be any help in general with gpg implementation more videly even outside this bug. |