After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 685230 - Extensions of s/Mime-signed emails encoded
Extensions of s/Mime-signed emails encoded
Status: RESOLVED FIXED
Product: evolution
Classification: Applications
Component: Mailer
2.32.x (obsolete)
Other Linux
: Normal enhancement
: ---
Assigned To: evolution-mail-maintainers
Evolution QA team
evolution[smime]
Depends on:
Blocks:
 
 
Reported: 2012-10-01 16:55 UTC by turnguard
Modified: 2015-08-13 10:26 UTC
See Also:
GNOME target: ---
GNOME version: ---



Description turnguard 2012-10-01 16:55:25 UTC
When i receive a signed mail, click on the certificate-icon, click "view certificate", hit the "details" tab, choose the certificate in the top panel (Certificate Hierarchy) and scroll down to "extensions" in the center panel (Certificate Fields), these keys and values are encrypted.

example : 

Object Identifier (2 5 29 14)

thunderbird for example shows the extension in human readable form like

Subject's Alternative Name

http://www.turnguard.com/turnguard
Comment 1 André Klapper 2012-10-02 09:35:58 UTC
Attaching a testcase is highly welcome.
Comment 2 turnguard 2012-10-03 20:02:15 UTC
unfortunately there's no easy way to create an own s/mime certificate.
there are some guides around that may help [1][2][3]. if you choose one of these options don't forget to enter something in the Subject's Alternative Name slot (SAN). easiest way to reproduce would be to look for this email [4] in evolution and open it's s/mime signature there (it has been sent to mailing list : oct, 2nd, 2012).

i haven't setup a gnome developement environment yet, so i cannot provide a patch that i'm sure of it's working. but apparently there's only a case for SEC_OID_X509_SUBJECT_ALT_NAME [5] missing in static gboolean get_oid_text in file smime/lib/e-cert.c

will provide more info as soon as i got my dev environment set up.

wkr turnguard

[1] http://serverfault.com/questions/103263/can-i-create-my-own-s-mime-certificate-for-email-encryption
[2] http://www.tc.umn.edu/~brams006/selfsign.html
[3] http://kb.mozillazine.org/Creating_SMIME_certificates
[4] https://mail.gnome.org/archives/evolution-list/2012-October/msg00004.html
[5] http://zenit.senecac.on.ca/wiki/dxr/source.cgi/mozilla/security/nss/lib/util/secoidt.h
Comment 3 Milan Crha 2015-08-13 10:26:20 UTC
Evolution currently uses gcr to show certificate details, better said to present information about certificates to a user, and it uses "Subject Alternative Names" for that extension. I consider this fixed.