[RCD] PHP openssl_pkcs7_decrypt BUG
vgo at stels.ru
Thu Oct 6 19:00:11 CEST 2016
It is very strange. Of course, I read letters from the Sent folder not
really often. Besides I encrypt not all the letters. But neither I, nor
my users never noted that the letter from the Sent folder didn't open.
I just know the user at whom all outgoing mail is encrypted. I will try
to look at his Sent folder.
I use openssl.
But from where function to know that the letter given to it - from the
Kyle Francis писал 2016-10-06 19:43:
> So it appears as though there is a bug in decrypting emails when using
> . It appears as though the error only surfaces (sometimes) when
> decrypting with the sender's credentials. This leads to some, not
> all, messages not being able to be decrypted from the "Sent" folder in
> Roundcube. The emails that cannot be decrypted from the "Sent" folder
> are successfully decrypted when viewing in Thunderbird (either from
> the recipients account or the sender's account). This tells me the
> bug is with the php function openssl_pkcs7_decrypt. The same email is
> also not able to be decrypted utilizing openssl from the command line.
> All emails successfully decrypt with gpgsm.
> I could do one of two things:
> 1. Decrypt utilizing gpgsm, keep openssl_pkcs7_* functions for
> everything else and
> attempt to fix/submit patch for openssl[_pkcs7_decrypt] function
> at a later date.
> Pro - least amount of re-work
> could make it into an upcoming beta
> Con - "messy"/fragmented solution
> 2. Re-write all openssl_pkcs7_* PHP functions to utilize gpgsm
> Pro - unified, "clean" solution
> gpgsm integrates with gpg for public/private key storage
> decrypted emails would never be written to file
> Con - extensive rework
> Probably won't make the next beta
> Importing pkcs12 files into keyrings is currently "messy"
> and would still require use of openssl_pkcs7 function for
> certificate manipulation
> I'd really like to see this feature be wrapped up, but I also want to
> do it right. Thoughts?
> Roundcube Development discussion mailing list
> dev �� lists.roundcube.net
More information about the dev