Hi. I’m facing a strange behaviour on latest RC version.

I’ve enabled Enigma plugin and I’m able to create my key pairs, sign and encrypt messages.

The strange thing is I couldn’t verify signed messages at all, even if decryption in perfectly working.

I’ve debugged GPG class (vendor/pear-pear.php.net/Crypt_GPG/Crypt/GPG.php) to verify what he was doing and why sign validation always fails.



Within _sign() method, I’ve added following lines to log what he was going to sign:

$rc = rcmail::get_instance();
$rc->console('---------------------------------');
$rc->console('SIGN INPUT');
$rc->console($input);
$rc->console('---------------------------------‘);



Same thing within _verify() method, to log what is going to verify:

$rc = rcmail::get_instance();
$rc->console('---------------------------------');
$rc->console('VERIFY INPUT');
$rc->console($input);
$rc->console('---------------------------------');
$rc->console('VERIFY SIGNATURE');
$rc->console($signature);
$rc->console('---------------------------------‘);


Here is my full output for the sequence:

  1. user send a new signed email to himself
  2. user goes to inbox and open signed e-mail

I’ve noticed that the signed message has an extra newline between main headers and body (take a look at the highlited rows) so I thing that’s why sign verification fails (content doesn’t match with original message).


[27-Jul-2016 15:10:38 +0200]: <cmnloql4> ---------------------------------
[27-Jul-2016 15:10:38 +0200]: <cmnloql4> SIGN INPUT
[27-Jul-2016 15:10:38 +0200]: <cmnloql4> Content-Type: multipart/alternative;
 boundary="=_944cbd90b0d51928ff049222817a4b03"

--=_944cbd90b0d51928ff049222817a4b03
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII

This is an HTML content...
--=_944cbd90b0d51928ff049222817a4b03
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset=UTF-8

<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html; charset=
=3DUTF-8" /></head><body style=3D'font-size: 10pt; font-family: Verdana,Gen=
eva,sans-serif'>
<p>This is an HTML content...</p>
</body></html>

--=_944cbd90b0d51928ff049222817a4b03--


[27-Jul-2016 15:10:38 +0200]: <cmnloql4> ---------------------------------
[27-Jul-2016 15:10:45 +0200]: <cmnloql4> ---------------------------------
[27-Jul-2016 15:10:45 +0200]: <cmnloql4> VERIFY INPUT
[27-Jul-2016 15:10:45 +0200]: <cmnloql4> Content-Type: multipart/alternative;
 boundary="=_944cbd90b0d51928ff049222817a4b03"


--=_944cbd90b0d51928ff049222817a4b03
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII

This is an HTML content...
--=_944cbd90b0d51928ff049222817a4b03
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset=UTF-8

<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html; charset=
=3DUTF-8" /></head><body style=3D'font-size: 10pt; font-family: Verdana,Gen=
eva,sans-serif'>
<p>This is an HTML content...</p>
</body></html>

--=_944cbd90b0d51928ff049222817a4b03--


[27-Jul-2016 15:10:45 +0200]: <cmnloql4> ---------------------------------
[27-Jul-2016 15:10:45 +0200]: <cmnloql4> VERIFY SIGNATURE
[27-Jul-2016 15:10:45 +0200]: <cmnloql4> -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJXmLLOAAoJEB1v3mO3A8Wpz6QH/015jrt7YkfGT8pE1nyjpHHe
JoCEmugkpmEgJ6wjTgU1SHQos5l1mKqFhsrzpdNghO11yqB/NxOjxOpqSkE9c9c1
dXr/H53cLfqPULMD5dqGBFua180BUdLAQ0Nvyll7kD8Y/irU5ccrwA1e3Cb9RYp0
sGplLYcD7pPKthCGQfFzPslL9Fj82MBJigm46cKa7pqYhJDNkM4q4zsqtNXcTUqB
HcFhEL3+Q21bAbie+B8hDw2SUYGEZORf+sLUrW1oQLLG5ld6XZywCDDKdpq6F+ET
OzVaXta8cMIg5dwP/10VALlqYavlzjY/0h7lBmEgm5W/ehs7XuReur45LsS1KJg=
=Q6j9
-----END PGP SIGNATURE-----

[27-Jul-2016 15:10:45 +0200]: <cmnloql4> ————————————————



Anyone is facing the same issue?

Maybe it’s not an Enigma related issue but a Roundcube behaviour because it happes even on not signed e-mails (but in this case it doesn't bother at all).

Any help would be really appreciate.

Thanks.

 

Stefano