GNOME Bugzilla – Bug 794501
PGP key validation uses only the primary identity
Last modified: 2019-11-12 19:21:39 UTC
It seems that the PGP validation of signatures only uses the primary identity of the key, complaining about a mismatch if a received mail was signed by a key's identity that isn't its primary identity. Steps to reproduce: 1) Create a PGP key with two identities. 2) Send yourself a mail with the From: address being the secondary identity and let Evolution sign it with the PGP key created in 1). 3) Click on the received mail. Actual results: Yellow outline with message "Valid signature, but sender address and signer address do not match (<Primary Identity>)". Expected results: Green outline with message "Valid signature (<Actual Identity>)"
Thanks for a bug report. Is this really evolution 3.28.x with evolution-data-server 3.28.x, please? I ask, because of bug #792610. Can it be that the second identity address had not been received/decoded properly in your case? You can see what GPG returned when you click on the button on the left from the "Valid signature..." text.
Thanks for the answer. I have confirmed that it's Evolution 3.28.0 using Help->About. Package management says that evolution-data-server is at 3.28.0-1.1. Clicking the button on the left opens a window that says: "Digital Signature This message is signed and is valid meaning that it is very likely that this message is authentic. Fabian Niepelt <fniepelt@niepeltf.de> Encryption This message is not encrypted. Its content may be viewed in transit across the Internet." The identity should be fniepelt@takios.de. There is no gpg output though. Here is a CAMEL_DEBUG=gpg output: fabian@linux-0yez:~> LANG=C CAMEL_DEBUG=gpg evolution status: [GNUPG:] NEWSIG status: [GNUPG:] KEY_CONSIDERED CC063F23D2D975D5ECE332F22854E2AB7C85A602 0 status: [GNUPG:] SIG_ID ezH4dcCZDNfSom64tnQ8pehQIyg 2018-03-22 1521737973 status: [GNUPG:] KEY_CONSIDERED CC063F23D2D975D5ECE332F22854E2AB7C85A602 0 status: [GNUPG:] GOODSIG 21D68099C8E860BD Fabian Niepelt <fniepelt@niepeltf.de> status: [GNUPG:] VALIDSIG B93F356C9EB5375591785B7C21D68099C8E860BD 2018-03-22 1521737973 0 4 0 1 8 01 CC063F23D2D975D5ECE332F22854E2AB7C85A602 status: [GNUPG:] KEY_CONSIDERED CC063F23D2D975D5ECE332F22854E2AB7C85A602 0 status: [GNUPG:] TRUST_ULTIMATE 0 pgp status: [GNUPG:] VERIFICATION_COMPLIANCE_MODE 23 If you'd like I can send you a signed mail if that'd help the debug process.
Hmm, mine "Security dialog" shows also a box below that "...is authentic." text, which contains: Output from /usr/bin/gpg2: gpg: Signature made Thu 18 Jan 2018 08:45:27 AM CET gpg: using RSA key 4F1810021F549A75FB1B6DA0D0B1B4E3D5AE2928 gpg: using pgp trust model gpg: Good signature from "Milan Crha <mcrha@some.where>" [ultimate] gpg: aka "zyx.a <zyx.a@no.where>" [ultimate] gpg: binary signature, digest algorithm SHA256, key algorithm rsa2048 > If you'd like I can send you a signed mail if that'd help the debug process. Yes, that would be helpful. If you could include also the public key, or a link to it, then it'll be the best. Use my bugzilla mail, please. Thanks in advance.
Hey, I sent you a mail. My public key is here: http://keys.gnupg.net/pks/lookup?op=get&search=0x2854E2AB7C85A602
Thanks, I received it fine and after I downloaded and imported the key within Seahorse (I didn't change anything regarding trust on the key, only plain-imported it), it resulted into a yellow bar: > Valid signature, but cannot verify sender (Fabian Niepelt <xxx@xxxf.de>) and when I clicked the button I saw the gpg output as this: > Output from /usr/bin/gpg2: > gpg: Signature made Fri 23 Mar 2018 12:48:14 PM CET > gpg: using RSA key yyy > gpg: using subkey zzz instead of primary key zzz > gpg: using pgp trust model > gpg: Good signature from "Fabian Niepelt <xxx@xxxf.de>" [unknown] > gpg: aka "Fabian Niepelt <xxx@xxxs.de>" [unknown] > gpg: aka "Fabian Niepelt <xxx@xxxd.de>" [unknown] > gpg: WARNING: This key is not certified with a trusted signature! > gpg: There is no indication that the signature belongs to the owner. > Primary key fingerprint: zzz > Subkey fingerprint: xxx > gpg: textmode signature, digest algorithm SHA256, key algorithm rsa4096 When I set ultimate trust on your key, then I see in UI a green bar with: > Valid signature (Fabian Niepelt <xxx@xxxf.de>) and in the button dialog the gpg output: > Output from /usr/bin/gpg2: > gpg: Signature made Fri 23 Mar 2018 12:48:14 PM CET > gpg: using RSA key xxx > gpg: using subkey xxx instead of primary key xxx > gpg: using pgp trust model > gpg: Good signature from "Fabian Niepelt <xxx@xxxf.de>" [ultimate] > gpg: aka "Fabian Niepelt <xxx@xxxs.de>" [ultimate] > gpg: aka "Fabian Niepelt <xxx@xxxd.de>" [ultimate] > gpg: textmode signature, digest algorithm SHA256, key algorithm rsa4096 Could it be that you run evolution/system in a locale which breaks the parsing code? What is the output of `locale` command, please? And what if you run evolution from a terminal as: $ LANG=en_US.utf8 evolution please?
Strange that it works for you. My current locale settings are: LANG=de_DE.UTF-8 LC_CTYPE=de_DE.UTF-8 LC_NUMERIC="de_DE.UTF-8" LC_TIME="de_DE.UTF-8" LC_COLLATE="de_DE.UTF-8" LC_MONETARY="de_DE.UTF-8" LC_MESSAGES="de_DE.UTF-8" LC_PAPER="de_DE.UTF-8" LC_NAME="de_DE.UTF-8" LC_ADDRESS="de_DE.UTF-8" LC_TELEPHONE="de_DE.UTF-8" LC_MEASUREMENT="de_DE.UTF-8" LC_IDENTIFICATION="de_DE.UTF-8" LC_ALL= Starting evolution with `LANG=en_US.utf8 evolution` actually changes nothing, it's still in German. I tried with LANG=C, that got me an english evolution. However, I'm still not getting the green outline then. I'm still confused why you're getting the gpg output and I don't. I'm using the Evolution package provided by openSUSE Tumbleweed and I don't see anything in their build process that would disable such a feature. Maybe I found a cause for the issue at my end though. My key contains three revoked identites that miss the ">" at the end. I accidentally created those identities (heaven knows why gpg allowed me to do that in the first place!). Because I had already uploaded the key to the keyservers, I simply revoked them and added the valid identities and uploaded again. For testing, I created a new key without invalid or revoked identites and I'm getting the green outline when signing with it. I'd prefer it greatly though to continue using my current key, because it's already in use by me and other people.
(In reply to takios+gnomebug from comment #6) > I'm still confused why you're getting the gpg output and I don't. Me too. There was a bug about it. I never got an idea why it's not there for the other person. Maybe some option somewhere, gtk+ glitch, I do not know. > My key contains three revoked identites that miss the ">" at the end. Aha, it can be it. The address "extractor" from the raw gpg output looks for it. Would you be able to give a try to a patch I might attach here? I can fix this more or less easily in the code, but I cannot test it that easily (my gpg skills are quite limited).
> Would you be able to give a try to a patch I might attach here? Yeah, go ahead.
Hmm, I thought I made a mistake in the code, but I see the extractor expects one address per line and it also expects the format to be like: text text text <user@no.where> text text text [ something ] where the '<', '>', '[' and ']' are significant characters. I tried with LANG=de_DE.UTF-8 and I see the gpg output is also localized, but it is working fine here, your messages shows as "green" here. Could you run evoltuion under gdb and place a breakpoint into gpg_ctx_extract_email_addresses_from_text function and print the value of the 'text' variable, please? It'll show what it used to extract the string. Something like the below command would do it more or less automatically: $ gdb evolution --ex "b gpg_ctx_extract_email_addresses_from_text" --ex r \ --ex "printf \"%s\\n\", text" --ex c --ex q Note the actual text shown can be split into two parts, divided by some gdb output. I received there the same text as I quoted at the end of the comment #5.
Sorry, I can't seem to get the breakpoint to work correctly...or the function just does not get executed. Downloaded all the debug symbols I need, started the gdb command you provided and clicked on the mail, but gdb is not breaking. Here is the output of gdb: http://susepaste.org/97f9d83f I included a "<<<CLICK>>>" annotation to highlight when exactly I clicked on my signed mail. Is evolution maybe built differently on my system so it does use something else than gpg or uses it differently? You can find the .spec files including the build options at the following two links, I can't tell what the cmake options do: https://build.opensuse.org/package/view_file/openSUSE:Factory/evolution-data-server/evolution-data-server.spec?expand=1 https://build.opensuse.org/package/view_file/openSUSE:Factory/evolution/evolution.spec?expand=1
(In reply to takios+gnomebug from comment #10) > Sorry, I can't seem to get the breakpoint to work correctly...or the > function just does not get executed. I see. It looks like the function is not called, because the conditions to be called were not met. You can change the breakpoint place to the place where the conditions are evaluated, which would be: $ gdb evolution --ex "b camel-gpg-context.c:1870" --ex r \ --ex "p description" --ex "p signers->str" The line in the code is: if (diagnostics && !g_queue_is_empty (&validity->sign.signers)) { thus either the 'diagnostics' is NULL (which may explain why you do not see any gpg output in the GUI of Evolution), or there was no signer identified, which is unlikely from my point of view.
Closing this bug report as no further information has been provided. Please feel free to reopen this bug report if you can provide the information that was asked for in a previous comment. Thanks!