Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#218 Mailvelope encrypted emails cannot be decrypted in enigmail

wont-fix
nobody
None
1.6.0
Minor
24.1.1
2.0.22
Windows
---
2015-02-18
2013-11-27
No

Enigmail seems to have trouble decoding the ASCII armored message block when sending emails in BOTH plain text and HTML formatting. This happens e.g. when sending encrypted messages from Gmail using Mailvelope -- the ASCII armored block will appear in both the ASCII part and the HTML part of the email. The results in the error message "Error - No valid armored OpenPGP data block found" The same happens also if I don't use Mailvelope and just copy-paste the text.

I isolated the problem down to an issue in enigmail.js:IndexOfArmorDelimiter
https://sourceforge.net/p/enigmail/source/ci/master/tree/package/enigmail.js#l458

For reasons unclear to me, the CR-LF ("\r\n" or hex 0d 0a) before the Armor Tail Line (-----END PGP MESSAGE-----) was removed in the call to this function, but it is present in the actual email source. I don't understand enigmail enough to pinpoint where in the pre-processing this CR-LF might have been removed.

Sample email that Enigmail does not recognize:

Return-path: <x.y@gmail.com>
Delivery-date: Wed, 27 Nov 2013 19:32:08 +0100
MIME-Version: 1.0
X-Received: by 10.224.29.140 with SMTP id q12mr8529946qac.93.1385577126788;
 Wed, 27 Nov 2013 10:32:06 -0800 (PST)
Received: by 10.96.39.170 with HTTP; Wed, 27 Nov 2013 10:32:06 -0800 (PST)
Date: Wed, 27 Nov 2013 13:32:06 -0500
Message-ID: <CAAyH0snQ9_toV7vrkgvSJ35OSgBK1oVTTesH4Dt_6hGgm=6=vA@mail.gmail.com>
Subject: test gpg email
From: ME <x.y@gmail.com>
To: [...]
Content-Type: multipart/alternative; boundary=047d7bdcaa6a7388d204ec2cd0b5
Envelope-to: [...]

--047d7bdcaa6a7388d204ec2cd0b5
Content-Type: text/plain; charset=ISO-8859-1

-----BEGIN PGP MESSAGE-----
Version: Mailvelope v0.7.0
Comment: Email security by Mailvelope - http://www.mailvelope.com

wcBMAxgXKKg2ctcQAQf/UcgT8p5qFR1b9Mp28YxtTihbRUFY/3KDoxMQ4Sct
vZEtoiXZ3b1CS7uEvd7MAwSyvJlwwPKGrKAek04hEGPSkMgvsL2UDuxT3bQe
QamrbZ1UQfbSnnkesLGP+G9Oz3jMff89h2+QrKOM2lbjqudlfi41+OLA+5u1
y843mFulvHk+HoHkk3rAp+Qq9Scta5YUrS9BqI8RQrnrGfNihRj0prDYetGP
UoRemglZEHSbDC5ucz1j5eaM1EfM1vRV1QAlZtmdLCbABQ4b6N2cRxq1Cd1U
hXj5LXcGFpoDrIr2+brAA/FQN1TP7VBiEN/bx6AH+hg8KDAW5YxYqFAFVbYb
iNJPAfOGuYL7rNnK5VCBC+TkVIm2wv26KTO9LQO2ln+hL6GgXuK10BQdjGjo
xP1fuMT8Y6btav94psEXxg3e+jDMD2DtAXQV+HRmf9g5qzrOyw==
=WJnQ
-----END PGP MESSAGE-----

--047d7bdcaa6a7388d204ec2cd0b5
Content-Type: text/html; charset=ISO-8859-1

[HTML Version of above]

--047d7bdcaa6a7388d204ec2cd0b5--

Discussion

  • If I try to open this message (and select the text/plain part as it is default), Enigmail errors out because I don't have your secret key. Therefore, I suspect that the error on your side occurs because it tries to open the HTML part.

    Try "View -> Message Body As -> Plain Text". Does it decrypt successfully?

     
    • Tom
      Tom
      2014-01-19

      I just ran into this issue and using the "View Message Body as Plain Text" option does allow for the message to be decrypted successfully.

      I'm using Enigmail 1.6 in Mozilla Thunderbird 24.2.0 on Ubuntu 13.10 Linux (64-bit).

       
    • Severity: Blocker --> Minor
     
  • An additional question: is it known whether the mail was produced by Chrome or by Firefox?

     
    • Raman Gupta
      Raman Gupta
      2014-02-17

      I just experienced this issue. The sender sent the e-mail using Chrome. And using "Message Body As -> Plain Text" allowed decryption as well.

       
      Last edit: Raman Gupta 2014-02-17
  • Could somebody using mailvelope please send a test message to me (ludwig at enigmail dot net)? Thanks!

     
    • Tom
      Tom
      2014-03-30

      Hi! Ok, I just sent you a test message message using Mailvelope 0.7.0 in Google Chrome 33 on Ubuntu 13.10 Linux (64-bit). I sent it from my Gmail account. Hope it helps!

      Thanks!

      Peace...

      Tom

       
  • I received test mails and could decrypt all of them, regardless whether view is set to Plaintext or HTML. The structure, however, is not what I would have expected. Here's the structure:

    Content-Type: multipart/alternative; boundary=001a113a98ac695f0a04f5dd01af

    --001a113a98ac695f0a04f5dd01af
    Content-Type: text/plain; charset=ISO-8859-1

    -----BEGIN PGP MESSAGE-----
    Version: Mailvelope v0.7.0
    Comment: Email security by Mailvelope - http://www.mailvelope.com

    wcBMA1QW4UmvSHTqAQgAz4zbjY+Ge5qZ8+nzrqz02ZhZAQ60k6mNKPfUkLKo
    (..)
    =oa/T
    -----END PGP MESSAGE-----

    --001a113a98ac695f0a04f5dd01af
    Content-Type: text/html; charset=ISO-8859-1

    <div dir="ltr">-----BEGIN PGP MESSAGE-----<br>Version: Mailvelope v0.7.0<br>Comment: Email security by Mailvelope - <a href="http://www.mailvelope.com">http://www.mailvelope.com</a>
    (...)
    <br><br>wcBMA1QW4UmvSHTqAQgAz4zbjY+Ge5qZ8+nzrqz02ZhZAQ60k6mNKPfUkLKo<br>
    <br>-----END PGP MESSAGE-----<br></div>

    --001a113a98ac695f0a04f5dd01af--

    If I replace the <br> tags within the ciphertext by linefeeds, the ciphertext is the same as in the text/plain portion. When decrypting the one of the ciphertext parts manually, then I get a HTML content, which seems very odd.

    From these facts, it is quite clear, that mailvelope does not create reasonable content of multipart/alternative mails.

    • text/plain part of such a mail should contain ciphertext, that, when decrypted gives text/plain cleartext.
    • text/html part of such a mail should contain ciphertext, that, when decrypted gives a text/html cleartext.

    Instead, mailvelope uses html tags to format the ciphertext in the text/html part. I don't know if this is allowed. At least it's odd, not necessary and probably hinders decryption, if it doesn't make it impossible.

    My thanks go to Tom for the test mails!

     
    Last edit: Ludwig Hügelschäfer 2014-03-31
    • Tom
      Tom
      2014-04-01

      Interesting. Let me know if you need more test messages! :)

      Peace...

       
    • status: open --> wont-fix
     
  • In any case, a HTML encoded inline-PGP message is not according to standards, HTML and inline-PGP are orthogonal to each other.