Hi. I’m facing a strange behaviour on latest RC version.
I’ve enabled Enigma plugin and I’m able to create my key pairs, sign and encrypt messages.
The strange thing is I couldn’t verify signed messages at all, even if decryption in perfectly working.
I’ve debugged GPG class (vendor/pear-pear.php.net/Crypt_GPG/Crypt/GPG.php) to verify what he was doing and why sign validation always fails.
Within _sign() method, I’ve added following lines to log what he was going to sign:
$rc = rcmail::get_instance();
$rc->console('---------------------------------');
$rc->console('SIGN INPUT');
$rc->console($input);
$rc->console('---------------------------------‘);
Same thing within _verify() method, to log what is going to verify:
$rc = rcmail::get_instance();
$rc->console('---------------------------------');
$rc->console('VERIFY INPUT');
$rc->console($input);
$rc->console('---------------------------------');
$rc->console('VERIFY SIGNATURE');
$rc->console($signature);
$rc->console('---------------------------------‘);
Here is my full output for the sequence:
I’ve noticed that the signed message has an extra newline between main headers and body (take a look at the highlited rows) so I thing that’s why sign verification fails (content doesn’t match with original message).
[27-Jul-2016 15:10:38 +0200]: <cmnloql4> ---------------------------------
[27-Jul-2016 15:10:38 +0200]: <cmnloql4> SIGN INPUT
[27-Jul-2016 15:10:38 +0200]: <cmnloql4> Content-Type: multipart/alternative;
boundary="=_944cbd90b0d51928ff049222817a4b03"
--=_944cbd90b0d51928ff049222817a4b03
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII
This is an HTML content...
--=_944cbd90b0d51928ff049222817a4b03
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset=UTF-8
<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html; charset=
=3DUTF-8" /></head><body style=3D'font-size: 10pt; font-family: Verdana,Gen=
eva,sans-serif'>
<p>This is an HTML content...</p>
</body></html>
--=_944cbd90b0d51928ff049222817a4b03--
[27-Jul-2016 15:10:38 +0200]: <cmnloql4> ---------------------------------
[27-Jul-2016 15:10:45 +0200]: <cmnloql4> ---------------------------------
[27-Jul-2016 15:10:45 +0200]: <cmnloql4> VERIFY INPUT
[27-Jul-2016 15:10:45 +0200]: <cmnloql4> Content-Type: multipart/alternative;
boundary="=_944cbd90b0d51928ff049222817a4b03"
--=_944cbd90b0d51928ff049222817a4b03
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII
This is an HTML content...
--=_944cbd90b0d51928ff049222817a4b03
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset=UTF-8
<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html; charset=
=3DUTF-8" /></head><body style=3D'font-size: 10pt; font-family: Verdana,Gen=
eva,sans-serif'>
<p>This is an HTML content...</p>
</body></html>
--=_944cbd90b0d51928ff049222817a4b03--
[27-Jul-2016 15:10:45 +0200]: <cmnloql4> ---------------------------------
[27-Jul-2016 15:10:45 +0200]: <cmnloql4> VERIFY SIGNATURE
[27-Jul-2016 15:10:45 +0200]: <cmnloql4> -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJXmLLOAAoJEB1v3mO3A8Wpz6QH/015jrt7YkfGT8pE1nyjpHHe
JoCEmugkpmEgJ6wjTgU1SHQos5l1mKqFhsrzpdNghO11yqB/NxOjxOpqSkE9c9c1
dXr/H53cLfqPULMD5dqGBFua180BUdLAQ0Nvyll7kD8Y/irU5ccrwA1e3Cb9RYp0
sGplLYcD7pPKthCGQfFzPslL9Fj82MBJigm46cKa7pqYhJDNkM4q4zsqtNXcTUqB
HcFhEL3+Q21bAbie+B8hDw2SUYGEZORf+sLUrW1oQLLG5ld6XZywCDDKdpq6F+ET
OzVaXta8cMIg5dwP/10VALlqYavlzjY/0h7lBmEgm5W/ehs7XuReur45LsS1KJg=
=Q6j9
-----END PGP SIGNATURE-----
[27-Jul-2016 15:10:45 +0200]: <cmnloql4> ————————————————
Anyone is facing the same issue?
Maybe it’s not an Enigma related issue but a Roundcube behaviour because it happes even on not signed e-mails (but in this case it doesn't bother at all).
Any help would be really appreciate.
Thanks.
Stefano