Page MenuHome GnuPG
Create Task
Maniphest T5265

gpgol cannot open decrypted plain text message
Open, NormalPublic
Actions

Description

Hello!

After successfully encrypting and sending message, neither I (from Sent messages) nor receiver can read the message. GpgOL asks key's passphrase for decrypting, but decrypts an empty message.

In my organization, Outlook 2016 is configured to prefer plain text messages. However, this is not done by setting the registry key Software\\Microsoft\\Office\\16.0\\Outlook\\Options\\Mail\\ReadAsPlain (I don't have this key at all in my local registry), but by some other mechanism I am not familiar with. In the source code https://dev.gnupg.org/source/gpgol/browse/master/src/gpgoladdin.cpp, function check_html_preferred assumes HTML by default, unless that key registry key value is set, and I suspect that this might lead to the problem in decryption. Attached is a log snipped on failed decryption:

07:48:29/4076/application-events.cpp:Invoke: Creating mail object for item: 15b7fd70
07:48:29/7552/windowmessages.cpp:do_async: Do async with type 1108 after 0 ms
07:48:29/4076/mapihelp.cpp:mapi_change_message_class: have override message class
07:48:29/4076/mapihelp.cpp:mapi_change_message_class: checking message class `IPM.Note.GpgOL.MultipartEncrypted'
07:48:29/4076/mapihelp.cpp:mapi_change_message_class: saving old message class
07:48:29/4076/mapihelp.cpp:mapi_change_message_class: setting message class to `IPM.Note.GpgOL.MultipartEncrypted'
07:48:29/4076/mapihelp.cpp:mapi_create_attach_table: message has 1 attachments
07:48:29/4076/mapihelp.cpp:mapi_create_attach_table: attachment info:
07:48:29/4076/ 1802501 mt=3 fname=gpgol_string_4' ct=multipart/signed' ct_parms=`(null)' method:1
07:48:29/4076/mapihelp.cpp:mapi_mark_or_create_moss_attach: Found mosstempl. Hiding all other attachments.
07:48:29/4076/mapihelp.cpp:mapi_create_attach_table: message has 1 attachments
07:48:29/4076/mapihelp.cpp:mapi_create_attach_table: attachment info:
07:48:29/4076/ 0 mt=3 fname=gpgol_string_4' ct=multipart/signed' ct_parms=`(null)' method:1
07:48:29/4076/mapihelp.cpp:hide_attachment_mapipos: Hiding attachment 0.
07:48:29/4076/mapihelp.cpp:mapi_create_attach_table: message has 1 attachments
07:48:29/4076/mapihelp.cpp:mapi_create_attach_table: attachment info:
07:48:29/4076/ 0 mt=3 fname=gpgol_string_4' ct=multipart/signed' ct_parms=`(null)' method:1
07:48:29/4076/mapihelp.cpp:hide_attachment_mapipos: Hiding attachment 0.
07:48:29/4076/oomhelp.cpp:get_unique_id: '15b7fd70' has now the uid: '663f450b-aaef-4e84-b94d-b14d3ac3b4f7'
07:48:29/4076/mail.cpp:setUUID_o: uuid for 0a9e7cb0 set to 663f450b-aaef-4e84-b94d-b14d3ac3b4f7
07:48:29/4076/mail.cpp:setUUID_o: uuid for 0a9e7cb0 is now 663f450b-aaef-4e84-b94d-b14d3ac3b4f7
07:48:29/4076/mapihelp.cpp:mapi_get_message_type: have override message class
07:48:29/4076/mail.cpp:isSMIME_m: Detected not S/MIME mail
07:48:29/4076/gpgoladdin.cpp:check_html_preferred: No type or key for ReadAsPlain
07:48:29/4076/mail.cpp:setUUID_o: Resetting uuid for 0a9e7cb0 to 663f450b-aaef-4e84-b94d-b14d3ac3b4f7
07:48:29/4076/oomhelp.cpp:get_unique_id: '15b7fd70' has now the uid: '663f450b-aaef-4e84-b94d-b14d3ac3b4f7'
07:48:29/4076/mail.cpp:decryptVerify_o:Empty body.
07:48:29/4076/oomhelp.cpp:put_oom_int: Putting 'BodyFormat' failed: 0x80020009
07:48:29/4076/oomhelp.cpp:put_oom_string: Putting 'HTMLBody' failed: 0x80070057
07:48:29/4076/ERROR/mail.cpp:decryptVerify_o: Failed to modify html body of item.
07:48:29/4076/mimedataprovider.cpp:collect_data: Found MIME-Version marker.Expecting headers even if type suggested not to.
07:48:29/4076/mimedataprovider.cpp:t2body:Found first multipart transition
07:48:29/4076/mimedataprovider.cpp:t2body:Don't know what to collect, invalid mail?.
07:48:29/4076/mail.cpp:updateOOMData_o
07:48:29/4076/oomhelp.cpp:get_sender_Sender Sender fallback 2
07:48:29/6940/mail.cpp:do_parsing: preparing the parser for: 0a9e7cb0
07:48:29/6940/keycache.cpp:getEncryptionKeys: No key for gpgol_string_5 in proto OpenPGP. no internal encryption
07:48:29/6940/keycache.cpp:protocolIsOnline:Detected no online options.
07:48:29/6940/parsecontroller.cpp:parse:0aa56068 decrypt: 1 verify: 0 with protocol: OpenPGP sender: gpgol_string_6 type: 10
07:48:29/4076/mailitem-events.cpp:Invoke: Canceling write event.
07:48:29/4076/mailitem-events.cpp:Invoke: Removing Mail for message: 1dc358a8.
07:48:29/4076/oomhelp.cpp:lookup_oom_dispid: error looking up dispid(Categories)=19: hr=0xa9340108
07:48:29/4076/categorymanager.cpp:removeCategory Failed to remove category.
07:48:29/4076/categorymanager.cpp:unregisterCategory: Unregister category gpgol_string_2 in store gpgol_string_8 ref now 0
07:48:29/4076/categorymanager.cpp:unregisterCategory: Deleting gpgol_string_2 for store gpgol_string_8
07:48:29/4076/windowmessages.cpp:gpgol_window_proc: Recieved user msg: 1108
07:48:29/4076/windowmessages.cpp:gpgol_window_proc: clearing last mail
07:48:29/4076/oomhelp.cpp:get_oom_object: failure: 'Item' p=00000000 vt=0 hr=0x80020009 argErr=0x0 dispid=0x51
07:48:29/4076/oomhelp.cpp:delete_category: Deleted category 'gpgol_string_2'
07:48:29/4076/oomhelp.cpp:lookup_oom_dispid: error looking up dispid(Categories)=178738688: hr=0xad540108
07:48:29/4076/categorymanager.cpp:removeCategory Failed to remove category.
07:48:29/4076/categorymanager.cpp:unregisterCategory: Unregister category gpgol_string_1 in store gpgol_string_8 ref now 0
07:48:29/4076/categorymanager.cpp:unregisterCategory: Deleting gpgol_string_1 for store gpgol_string_8
07:48:29/4076/oomhelp.cpp:get_oom_object: failure: 'Item' p=00000000 vt=0 hr=0x80020009 argErr=0x0 dispid=0x51
07:48:29/4076/oomhelp.cpp:delete_category: Deleted category 'gpgol_string_1'
07:48:29/4076/parsecontroller.cpp:~ParseController
07:48:29/4076/mimedataprovider.cpp:~MimeDataProvider
07:48:29/4076/attachment.cpp:~Attachment
07:48:29/4076/mimedataprovider.cpp:~MimeDataProvider
07:48:30/6940/mimedataprovider.cpp:t2body:Found first multipart transition
07:48:30/6940/mimedataprovider.cpp:t2body: Collecting text body.
07:48:30/6940/parsecontroller.cpp:parse:0aa56068 decrypt / verify done.
07:48:30/6940/mimedataprovider.cpp:~MimeDataProvider
07:48:30/6940/attachment.cpp:~Attachment
07:48:30/6940/parsecontroller.cpp:parse:0aa56068 verify done.
07:48:30/6940/mimedataprovider.cpp:~MimeDataProvider
07:48:30/6940/mimedataprovider.cpp:t2body: Collecting text body.
07:48:30/6940/parsecontroller.cpp:parse:0aa56068: decrypt err: 0 verify err: 0
07:48:30/6940/parsecontroller.cpp:parse:0aa56068 Decrypt / verify done errs: 0 / 0 numsigs: 1.
07:48:30/6940/windowmessages.cpp:do_in_ui_thread: Sending message of type 1102
07:48:30/5992/keycache.cpp:do_update updating: "gpgol_string_7" with protocol OpenPGP
07:48:30/4076/windowmessages.cpp:gpgol_window_proc: Recieved user msg: 1102
07:48:30/4076/keycache.cpp:getFromMap using "gpgol_string_7" for "gpgol_string_7"
07:48:30/4076/keycache.cpp:getByFpr Cache hit for gpgol_string_7.
07:48:30/4076/mail.cpp:updateSigstate: Classified sender as verified uid validity: 5 origin: 0
07:48:30/4076/categorymanager.cpp:registerCategory: Register category gpgol_string_2 in store gpgol_string_8 ref now 1
07:48:30/4076/categorymanager.cpp:registerCategory: Register category gpgol_string_1 in store gpgol_string_8 ref now 1
07:48:30/4076/mail.cpp:parsingDone_o:Decrypted mail has content type: 'text/plain'
07:48:30/4076/mail.cpp:parsingDone_o: Delayed invalidate to update sigstate.
07:48:31/13104/windowmessages.cpp:do_in_ui_thread: Sending message of type 1101
07:48:31/4076/windowmessages.cpp:gpgol_window_proc: Recieved user msg: 1101
07:48:31/4076/windowmessages.cpp:gpgol_window_proc: Invalidating UI
07:48:31/4076/gpgoladdin.cpp:invalidateRibbons: Invalidating ribbon: 15c48c84
07:48:31/4076/gpgoladdin.cpp:invalidateRibbons: Invalidation done.
07:48:31/4076/windowmessages.cpp:gpgol_window_proc: Invalidation done
07:48:31/4076/gpgoladdin.cpp:GetIDsOfNames: GetIDsOfNames for: getSigLabel
07:48:31/4076/ribbon-callbacks.cpp:getContext: contextObj: _Explorer
07:48:31/4076/oomhelp.cpp:get_unique_id: Found uid '663f450b-aaef-4e84-b94d-b14d3ac3b4f7' for '1e1dba08'
07:48:31/4076/gpgoladdin.cpp:GetIDsOfNames: GetIDsOfNames for: btnSigstateLarge
07:48:31/4076/ribbon-callbacks.cpp:getContext: contextObj: _Explorer
07:48:31/4076/oomhelp.cpp:get_unique_id: Found uid '663f450b-aaef-4e84-b94d-b14d3ac3b4f7' for '1e1db748'
07:48:31/4076/gpgoladdin.cpp:GetIDsOfNames: GetIDsOfNames for: getIsDetailsEnabled
07:48:31/4076/ribbon-callbacks.cpp:getContext: contextObj: _Explorer
07:48:31/4076/oomhelp.cpp:get_unique_id: Found uid '663f450b-aaef-4e84-b94d-b14d3ac3b4f7' for '1e1db328'
07:48:31/5992/keycache.cpp:insertOrUpdateInFprMap Lost secret info on update. Merging.
07:48:31/5992/keycache.cpp:do_update Update job done

Details

Version
Gpg4win 3.1.15

Event Timeline

kimmoal created this task.Jan 25 2021, 7:14 PM
aheinecke claimed this task.Jan 26 2021, 10:08 AM
aheinecke triaged this task as Normal priority.
aheinecke added a subscriber: aheinecke.

Thanks for the report. Some time ago I wrote the code in a way that when setting the HTML body failed it would fallback to the plain body, regardless of the preferences:
So even though there is an error that error is handled. https://dev.gnupg.org/source/gpgol/browse/master/src/mail.cpp;4d57033a095aecf8529606428efef6af466f1196$1488

And as it detects the message as text/plain when it would set the plain text after the verification it would not even try HTML. The error about HTML is only about inserting the "placeholder" Please wait,... text.

I think the problem might be rather:

07:48:29/4076/mimedataprovider.cpp:t2body:Don't know what to collect, invalid mail?.

That means our mimeparser is confused. Which is strange because the decrypt / verification succeeds-

Could you enable log level +memory and "including data" in GpgOL logging and try it with a test mail. As this log would contain things like your mail address you can also send it directly to me at aheinecke@gnupg.org if you prefer to encrypt it my key is https://heinecke.or.at/pgpkey.asc

That might tell me more what actually goes wrong here.

kimmoal added a comment.Jan 26 2021, 3:59 PM

You should have received mail with additional log levels now

Jab added a commit: rGb08418d22cc8: gpg: Fix ugly error message for an unknown symkey algorithm..Jan 27 2021, 12:11 PM
aheinecke removed a commit: rGb08418d22cc8: gpg: Fix ugly error message for an unknown symkey algorithm..Jan 27 2021, 12:21 PM
kimmoal added a comment.Mar 12 2021, 3:02 PM

Hello,
it seems that the log got lost in the way for me at least, can you confirm you received it?

Thank you!

BaaaZen added a subscriber: BaaaZen.EditedMar 28 2022, 7:32 AM

Hello,

we have a similar problem in our organization. We're using Outlook from Office 365. For two weeks now we have set a GPO for Outlook to prefer plain text messages like in @kimmoal's organization environment.
This causes the same problem: We are getting blank emails when they are encrypted or signed.

I activated the debug log and got the following information:

10:06:54/12684/oomhelp.cpp:put_oom_int: Putting 'BodyFormat' failed: 0x80020009
10:06:54/12684/oomhelp.cpp:put_oom_string: Putting 'HTMLBody' failed: 0x80070057
10:06:54/12684/DBG_OOM/oomhelp.cpp:dump_excepinfo: Exception: 
              wCode: 0x1000
              wReserved: 0x0
              source: Microsoft Outlook
              desc: Leider ist ein Problem aufgetreten. Sie können erneut versuchen.
              help: null
              helpCtx: 0x0
              deferredFill: 0000000000000000
              scode: 0x80070057
10:06:54/12684/ERROR/mail.cpp:decryptVerify_o: Failed to modify html body of item.

Looks to me like Outlook prevents setting a HTML mail when the plain text mode is enabled. But why does GPGOL set a HTML body when plain text messages are preferred?

I checked my registry and saw that the registry key for ReadAsPlain was still set to 0. But in the settings of Outlook the checkbox was checked and greyed out (because no overwrite allowed if the settings comes from the GPO).
When manually setting the ReadAsPlain key to 1, GPGOL detects the setting correctly and shows me the mails in plain text again. We are now distributing this registry key setting manually via GPO as a workaround.

So the main problem here seems to be the detection method in a managed AD environment. Seems like GPGOL is unable to detect the setting of the ReadAsPlain distributed via GPO.