auto line break or wraps breaks signature/encryption and fail with gpg: BAD...
OpenPGP addon for Mozilla Thunderbird
Brought to you by:
pbrunschwig
Menu
▾
▴
#41 auto line break or wraps breaks signature/encryption and fail with gpg: BAD signature
Bug 19065 migrated from Mozdev.org
I don't know if this is enigmail related or thunderbird, so I created a
bug-report for thunderbird 2.0.0.12 too a month ago
(https://bugzilla.mozilla.org/show_bug.cgi?id=429486), but got no reaction so I
think here is the best place for it.
The problem
While sending or replying a mail which includes more text than fits on a line
(depending on current windows-width) so auto-line-break/wrap occurs, and you
sign or encrypt the mail it becomes an invalid signature after saving/sending
it, with this nearly every mail I send has an invalid signature and that is not
acceptable.
I think the problem is that this auto line wraps where added after enigmail
encrypts / signature it.
Why you are saving the autolinewraps in first place? -they depend on the screen
resolution and window width so you don't need to save them and they doesn't
matter, so this would fix it.
Reproducible: Always
Steps to Reproduce:
1. click on write
2. insert text with spaces, longer than current window-width until the line
automatically wraps into next line
3. click on OpenPGP->Sign or Encrypt Mail
4. send the mail or click on send later
5. open the mail from the Sent, Unsent or Inbox folder and you see a broken
signature
steps to repair it manually:
1. save the mail with invalid signature into a file
2. open the file with an editor
3. remove the unwanted autolinewraps so the mail looks like the original and
save it
4. click on Open Saved Message... and open the file in tb
5. now if you edited it right the signature should be valid again
Actual Results:
OpenPGP Security Info
Error - signature verification failed
gpg: BAD signature from ...
Expected Results:
OpenPGP Security Info
Good signature from ...
------- Comment #1 From Cian Davis 2008-10-13 01:04:59 [reply] -------
I also have this problem. I previously had it on Windows but also have it on my
current machines (Ubuntu Hardy, Thunderbird 2.0.0.17, Enigmail 0.95.0
(20080403))
Doesn't happen with every reply, just some. Only ever happens in indented reply
block, as against the content you've just added. Is not linked to the number of
indented blocks or how far they are indented.
As Daniel reports, the auto-wrap seems to be done after the signing. If you
save the message, remove the line break and then re-verify, it will verify
successfully.
Ideally, each section would be recombined, and then split at the proper length
and the correct number of > added at the start of the line for each indented
section. However, even if it did a simple brake of the long lines before the
signing, that would be a big help.
Will post an example if I can find a mail that is suitable for the general
internet!
Regards,
Cian
------- Comment #2 From Patrick Brunschwig 2009-05-08 08:01:10 [reply] -------
I would appreciate the (complete) source of an example email.
------- Comment #3 From Daniel 2009-05-08 16:44:47 [reply] -------
I did some tests now but can't repeat it again, maybe it works now or I missed
something.
But I see now, as soon I hit the send button, it seems the text gets signed
after the auto-wraps occur which wasn't the case when I first reported the bug.
Before you hit the send button you can see this behaviour of the auto wraps if
you resize the window during composing.
This is my example text I tested successfully now:
1234567890123456789012345678901234567890123456789012345678901234567
The following random chars were typed all in one line, and the compose window
was then resized to the last "7" above before sending, so the auto-wraps
occurs: asdasd asdahsuid asidja sidjias aisdjaisj sjidjaisdjais aisdjasidjais
iasdjaisjdia sjdiasd iasjd aisjd siajdiasjd isajdiasjd iasjd iasjdiajsdo
ijsaidjaisdjioasj ijasidjasiodjasid siadjaodsjais djasiajsdoi.
The only and biggest thing what troubles me with thunderbird/enigmail and what
is posted many times by different people is: Why gets an E-Mail not just send
and look like as I type it, why do thunderbird insert autolinewraps after ~70
chars? Every mail I type with other Mail-Clients looks nice and readable
because it sends the mail 1:1 as I want and changes nothing to the format, but
when I use Thunderbird it inserts these unwanted autolinewraps -> the mail
looks ugly when the receiver opens it. Enigmail does exactly the same thing
with my mails-> why it depends on 70 chars? Please change this behaviour.
And why I can't use HTML-Formated Mails with Enigmail?
------- Comment #4 From Cian Davis 2009-05-10 02:30:31 [reply] -------
Here's the full source of an example:
From - Sun Jun 8 10:40:36 2008
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Message-ID: 48450EC3.1050502@skynet.ie
Date: Tue, 03 Jun 2008 10:28:35 +0100
From: Cian Davis davisc@skynet.ie
User-Agent: Thunderbird 2.0.0.14 (X11/20080505)
MIME-Version: 1.0
To: Ivan Kelly ikelly@skynet.ie
CC: root@skynet.ie
Subject: Re: [devel-bounces@lists.skynet.ie: 24 Devel moderator request(s)
waiting]
References: 20080603082846.GC5032@D062918
In-Reply-To: 20080603082846.GC5032@D062918
X-Enigmail-Version: 0.95.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Will I keep the archives?
Cian
Ivan Kelly wrote, On 03/06/08 09:28:
hey guys,
could you shutdown the devel mailing list. noone uses it and i get
loads of moderator crap.a
Thanks
Ivan
Subject:
24 Devel moderator request(s) waiting
From:
devel-bounces@lists.skynet.ie
Date:
Tue, 03 Jun 2008 08:00:01 +0100
To:
devel-owner@lists.skynet.ie
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIRQ7D2yUma7R/3b8RAgFSAKClCtNDqiytUG18ACMvJE7vEfjFhgCgsU1O
3XlpseoKXbywl1Qv9TYWjGA=
=ZYqo
-----END PGP SIGNATURE-----
------- Comment #5 From Cian Davis 2009-05-11 04:17:53 [reply] -------
By the way, I tried to replicate the problem by replying to the same message on
my current system. Same result (i.e. Engimail incorrectly signs the message).
Thunderbird 2.0.0.21 (20090318) on Ubuntu Ibex x86_64 2.6.27-11, running
Enigmail version 0.95.0 (20080403) and GPG 1.4.9
------- Comment #6 From Patrick Brunschwig 2009-05-11 04:23:50 [reply] -------
Inline-PGP and HTML are orthogonal standards, you have to choose between one of
them. You can still use HTML mails with Enigmail, but it is highly recommended
to use PGP/MIME for this case. If you use HTML and PGP/MIME, then the mails
will be sent 1:1 as you typed them.
The drawback of PGP/MIME is that some email clients can't handle it, thus the
chances that your mail can be interpreted is higher if you use inline-PGP.
------- Comment #7 From Daniel 2009-05-11 04:52:24 [reply] -------
PGP/MIME is a no go, Outlook won't accept it successful. So you will get hate
mail from your receivers.
I just don't understand why HTML doesn't work with inline PGP, if it's a
standard it should change. HTML consists of normal characters too, so where is
problem? Just handle it as normal text (including html tags) when
signing/crypting it.
------- Comment #8 From Patrick Brunschwig 2009-05-11 05:20:42 [reply] -------
as said, inline-PGP and HTML are orthogonal to each other: if you sign some
text and then create a HTML output from it, the signature will be invalid. If
you 1st create HTML output and then create a plaintext signature around it,
you'll end up with a mixture of plain text and HTML code that no email client
can render properly.
Just because there is a standard doesn't mean that it will be compatible with
any other standards in the world. In order to overcome the (unsolvable)
problems with HTML and inline-PGP, the PGP/MIME standard was designed. You
can't blame inline-PGP for Outlook not being able to handle PGP/MIME ...
------- Comment #9 From Cian Davis 2009-05-11 05:29:03 [reply] -------
The example I posted was not received as HTML (was sent to me using Mutt) and
was not a HTML reply.
In my case, I never try and sign HTML. I've had the "do you want to covert to
plain text" box pop up a lot when I was fairly sure it was all text-based (and
always click yes).
I have a lot of Outlook generated HTML sign successfully upon conversion (you
get a block of CSS unhidden in the message, which is annoying but not
critical).
Anyway, is this a HTML problem? If so, then why is the line-wrapping that's
causing the problem?
------- Comment #10 From Patrick Brunschwig 2009-05-11 05:53:20 [reply] -------
The bug reported originally in this bug is with HTML and line wrapping. The
problem behind it is that Mozilla is too clever -- it re-wraps the message
after Enigmail has signed it, even though Enigmail already applied line
wrapping with the same methods as HTML.
Under normal circumstances this is no problem, except if there are "words" that
are longer than the line wrapping length. As this is not fixable by Enigmail,
the only solutions I have are: either use PGP/MIME or write plaintext messages.
------- Comment #11 From Daniel 2009-05-11 07:30:23 [reply] -------
Patrick Brunschwig is right, I think I reported it a year ago using HTML, which
I was unaware of at this time.
A quick test today shows me exact that issue Patrick describes.
If you press shift while you click on the reply button you get a compose window
formatted as plain text which will be signed correctly. If you choose instead
format/plaintext from the compose window it won't convert it to plain text
before signing so it breaks signature, so you have to press shift before.
No matter, neither inline PGP or Mime are an option for me if the mail looks
unreadable because of the lacking support between most used email clients.
------- Comment #12 From Daniel 2009-05-11 07:41:28 [reply] -------
I forget something important, if I use plaintext why are auto-line-wraps around
~70 chars needed in first place? I won't use HTML if the text would be send as
typed in plaintext. All problems would be gone. For encryption it shouldn't
matter if a line has for example 70 chars or 150, or not?
------- Comment #13 From Patrick Brunschwig 2009-05-11 08:32:15 [reply] -------
As said: "Under normal circumstances this is no problem, except if there are
'words' that are longer than the line wrapping length". I.e. the unsolvable
problem is if there are strings without spaces that are longer than ca. 70
characters.
------- Comment #14 From Daniel 2009-05-11 09:16:40 [reply] -------
I understand you, but not where the problem exactly is, what I not understand
is, why are there any kind of auto-line wraps and not for example a horizontal
scrollbar instead like in many other programs when the line doesn't fit in one
line, so for me it's some kind of a problem.
Look, with plaintext and inline pgp, I just don't want to be limited to ~70
chars or to any kind of autoline wrap which modifies the layout of my text,
with spaces or not.
Signing must happen before the mail client adds auto line wraps so these gets
not included, and the check for a valid signing must happen before any autoline
wraps occur by the mail client, this would solve the dependence on the line
length.
------- Comment #15 From Patrick Brunschwig 2009-06-05 05:58:15 [reply] -------
(In reply to comment #14)
Signing must happen before the mail client adds auto line wraps so these gets
not included, and the check for a valid signing must happen before any autoline
wraps occur by the mail client, this would solve the dependence on the line
length.
Signing with OpenPGP doesn't work this way. Signing (as it is defined for
OpenPGP) means that no single character may be changed after the signature was
applied. Line wrapping changes the space and <new line=""> characters and
therefore changes the message. If a signature would be applied before line
wrapping, you would have to know how the message looked before line wrapping --
how should this be possible??
The problem is that Enigmail is an add-on, and not part of Thunderbird itself.
This means that Thunderbird does certain things in some specific ways. While
Thunderbird provides official hooks for some functions, other functions are
difficult or impossible to control. Line wrapping is one of the things that are
very difficult to control, because there is no hook that would allow to disable
line wrapping for a specific email.
I think I found a way how to tell Thunderbird to disable line wrapping after an
email was signed, but it's one of the things to be filed under "hack".
------- Comment #16 From Michael Mess 2011-11-24 03:00:11 [reply] -------
I have experienced similar problems which were caused by an ampersand ("&")
contained in my email-signature, which caused the message to be modified
between signing and verifying.
Here is an example:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ampersand & test -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk7OIqoACgkQJZhP1xDIb4+EeACeK7mGO4AF41aVyQqF9UPXD7Ic b0IAmwUZezeMfwCz9yCPfIPPeZXIBCYD =1IAz -----END PGP SIGNATURE-----
It was not a bug in enigmail or gpg, but in the receiving web client using
firegpg, because it seemed that some HTML entities were not converted back to
the original character before verifying the signature.
In my case "&" was not converted back to "&" before verifying the signature
while others were.
Copying the message to an editor, replacing "&" with "&" then gave a good
signature.
But I think that it is worth to mention under Point "8. My own signatures are
invalid!" of http://enigmail.mozdev.org/support/troubles.php.html
Maybe we should mention there that using special characters which used to be
encoded in HTML entities may cause difficulties when verifying signatures using
a web client.
This problem still persists.
In my case I tested it with automatic line-wrapping and found the exact steps from the original post to reproduce and fix it.
Dirty fix:
Setting the config value "mailnews.wraplength" from the default (72) to 0 prevents the wrapping from happening.
This may still break if any involved server/client wraps it later on. See: http://security.stackexchange.com/questions/96177/why-is-encryption-or-signing-of-long-lines-in-e-mails-with-pgp-problematic
User agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
Enigmail: 1.8.2 (20150416-1748)
Public key for this test: http://pgp.mit.edu/pks/lookup?op=get&search=0xB0701799D0B24D2D
Broken, because it originally had no line-break.
Working, because it didn't wrap.
Last edit: Beanow 2015-09-04
There is nothing that Enigmail can do here, except for the known workarounds such as disabling line wrapping. A better solution is to switch to PGP/MIME instead.