GNOME Bugzilla – Bug 306326
GPG with multiple secret keys
Last modified: 2005-10-26 05:55:16 UTC
Please describe the problem: Evolution does not seem great at dealing with signed/encrypted emails, I have two key pairs (secret and public) in my GPG ring, I think this may be related Sending seems to work fine, but it only automatically decrypts emails which have been encrypted using the first key in the ring, and not all of them. Others I have to copy out into a text file and use gpg from the command line. Also, if I send a signed email that has attachments, when I look at the email in Evolution, I am told that the signature is invalid! I have checked this once (through gpg on the command line) and the signature appeared to be correct. Steps to reproduce: 1. 2. 3. Actual results: Expected results: Does this happen every time? I rarely get an encrypted email that decrypts in Evolution. I almost always have to decrypt by hand - tedious. Other information:
so if you send a signed email that has attachments and get told that the signature is invalid, did you check that with an email signed by yourself? adding security keyword.
I've just rechecked various emails for the "invalid signature" part of the bug. In fact, it only happens on emails I send through email lists, and can happen without attachments. But doesn't always happen. If I look at the email in the "Sent" folder, the signature is valid, but if I look at it in the received folder, the signature is invalid on some emails, but not all. Is it possible the list server alters the header (it is pipermail). the Reply-to is altered normally at least. But then only some of the list emails have an invalid signature, many are valid. Another bug which appears to be associated with the invalid signature, is that the attachment paperclip symbol does not appear on the line with the email in the list of emails on that folder. But the attachment does appear properly at the bottom of the email in the email display. Sorry if I've stuck two bugs in one report ....
it's possible that the mailing-list software is modifying the message in some way that breaks the signature. try diffing the messages to see what the problem might be
Created attachment 47201 [details] This is the email which Evolution says has a good signature
Created attachment 47202 [details] This is the post-listserve email which Evolution thinks has a bad signature
I tried a diff and just got almost every line. The files are attached. The main difference is that in the good sig, the lines end with ? =? or =20? while in the bad sig, the lines end with nothing added, = or =20 So the list serve is stripping the ? But then some emails work fine (i.e. both sent and received have a valid signature according to Evolution), also with ? when sent, but without when received. btw, should I start a separate bug for the not decrypting received emails - as it is a separate issue?
Just had a closer look at the two files, and another difference is in goodsig > I'm hoping that you can clear up my confusion. I don't understand what th=? e? > process is and how you all are deciding who will teach what this summer. =? in badsig > I'm hoping that you can clear up my confusion. I don't understand what the > process is and how you all are deciding who will teach what this summer. = so the listserve appears to have unsplit the "the" at the end of the first line. Maybe related?
the ?'s are probably \r characters and the editor you used just displayed them as ?'s or something... anyway, assuming that I did a diff and found the following difference: @@ -53,8 +96,7 @@ On Tue, 2005-04-12 at 23:49 -0700, Chris wrote: > Hamish, >=20 -> I'm hoping that you can clear up my confusion. I don't understand what th= -e +> I'm hoping that you can clear up my confusion. I don't understand what the > process is and how you all are deciding who will teach what this summer. = The > email exchanges I was having with people there before my London trip were so yes, the problem is that the listserv is reflowing the text
OK, so that leaves the first part (repeated below) - should I file a separate bug report for that? Evolution does not seem great at dealing with signed/encrypted emails, I have two key pairs (secret and public) in my GPG ring, I think this may be related Sending seems to work fine, but it only automatically decrypts emails which have been encrypted using the first key in the ring, and not all of them. Others I have to copy out into a text file and use gpg from the command line.
yes, that's a separate issue (one I've never seen; I also have multiple public/private key pairs)
Doing a bit more investigation, the emails that are not being decrypted are inline PGP - i.e. they have Content-Type: text/plain; charset="us-ascii" ; format="flowed" The ones that are being decrypted automatically have Content-Type: application/pgp-encrypted So this aspect appears to relate to bug #217540 http://bugzilla.gnome.org/show_bug.cgi?id=217540
hamish, could you test this again with 2.4.x (when it's out) or a current development version (2.3.x)? :-/
Rechecked in 2.4.1 (ubuntu 5.10) and it works fine. Thank you
Thanks for the info. Closing the bug based on Comment #13