Page MenuHome GnuPG

GpgOL: S/MIME Opaque signed mails show up empty after failed verification
Closed, ResolvedPublic


To test this I actually used a revoked certificate but likely other verification errors will trigger this, too.

It works completely as expected with normal S/MIME Mails. The verification / decryption happened as expected but the signature status was "Insecure" because the certificate was revoked or a verification error happened.

Normal S/MIME mails meaning mails that could be read in an S/MIME unaware client but just would show the signature as attachment. This is the default for KMail and the only thing that GpgOL sends. But other MUAs might still do this differently. And in KMail there is a way to switch to S/MIME Opaque format so I could use that for testing.

In that case GpgOL seems to run into a fallback which was actually meant for Inline PGP Mails that might have been sent with corrupted encoding.

10:04:32/2008/parsecontroller.cpp:parse:00000252ea1a5280 inline verify error trying native to utf8.

Which will mangle the binary data of the S/MIME structure and then return nothing as a result.

Revisions and Commits

Event Timeline

aheinecke created this task.
aheinecke moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

This fix was pretty minimal and I could test:

Both the bad case:

And the fixed case:

myself. Since the setup of signing / encrypting with a revoked S/MIME certificate an S/MIME Opaque mail is extremely difficult to reproduce I will skip the QA queue on this and move it directly to done.

aheinecke mentioned this in Unknown Object (Event).Aug 7 2023, 8:56 AM