diff options
| author | Alexander Golubev <fatzer2@gmail.com> | 2026-03-10 06:33:44 +0300 |
|---|---|---|
| committer | Alexander Golubev <fatzer2@gmail.com> | 2026-03-10 06:47:36 +0300 |
| commit | aaf564ace324cba8f96be63c505293f3f893bcd8 (patch) | |
| tree | 5fce384944d488f17862ed3fdc4e1de94ba00482 | |
| parent | 71f8bc2d05c980afe0938e24b89a01460411fa2e (diff) | |
| download | tdepim-Fat-Zer/fix/kmail-sig-verify.tar.gz tdepim-Fat-Zer/fix/kmail-sig-verify.zip | |
kmail: fix signature verification in cyphered messagesFat-Zer/fix/kmail-sig-verify
If messages were simultaneously encrypted and signed with GPG, kmail
were incorrectly claiming that "The validity of the signature cannot be
verified" when it were already verified. This patch fixes that by
requesting the key after the DecryptVerify job.
Also the commit has some minor refactoring like reordering arguments of
writeOpaqueOrMultipartSignedData().
Closes: https://mirror.git.trinitydesktop.org/gitea/TDE/tdepim/issues/187
Signed-off-by: Alexander Golubev <fatzer2@gmail.com>
| -rw-r--r-- | kmail/objecttreeparser.cpp | 26 | ||||
| -rw-r--r-- | kmail/objecttreeparser.h | 5 | ||||
| -rw-r--r-- | kmail/objecttreeparser_p.cpp | 14 | ||||
| -rw-r--r-- | kmail/objecttreeparser_p.h | 18 |
4 files changed, 42 insertions, 21 deletions
diff --git a/kmail/objecttreeparser.cpp b/kmail/objecttreeparser.cpp index de0faee2..9613a64b 100644 --- a/kmail/objecttreeparser.cpp +++ b/kmail/objecttreeparser.cpp @@ -415,9 +415,10 @@ namespace KMail { partNode& sign, const TQString& fromAddress, bool doCheck, + bool hideErrors, TQCString* cleartextData, const std::vector<GpgME::Signature> & paramSignatures, - bool hideErrors ) + const GpgME::Key & paramKey) { bool bIsOpaqueSigned = false; enum { NO_PLUGIN, NOT_INITIALIZED, CANT_VERIFY_SIGNATURES } @@ -477,8 +478,12 @@ namespace KMail { } std::vector<GpgME::Signature> signatures; - if ( !doCheck ) + GpgME::Key key; + + if ( !doCheck ) { signatures = paramSignatures; + key = paramKey; + } PartMetaData messagePart; messagePart.isSigned = true; @@ -490,8 +495,6 @@ namespace KMail { messagePart.status = i18n("Wrong Crypto Plug-In."); messagePart.status_code = GPGME_SIG_STAT_NONE; - GpgME::Key key; - if ( doCheck && cryptProto ) { GpgME::VerificationResult result; if ( data ) { // detached @@ -775,6 +778,7 @@ bool ObjectTreeParser::okDecryptMIME( partNode& data, TQCString& decryptedData, bool& signatureFound, std::vector<GpgME::Signature> &signatures, + GpgME::Key &key, bool showWarning, bool& passphraseError, bool& actuallyEncrypted, @@ -839,7 +843,7 @@ bool ObjectTreeParser::okDecryptMIME( partNode& data, cryptProto = 0; } else { DecryptVerifyBodyPartMemento * newM - = new DecryptVerifyBodyPartMemento( job, ciphertext ); + = new DecryptVerifyBodyPartMemento( job, cryptProto->keyListJob(), ciphertext ); if ( allowAsync() ) { if ( newM->start() ) { decryptionStarted = true; @@ -868,6 +872,7 @@ bool ObjectTreeParser::okDecryptMIME( partNode& data, //kdDebug(5006) << ss.str().c_str() << endl; signatureFound = verifyResult.signatures().size() > 0; signatures = verifyResult.signatures(); + key = m->signingKey(); bDecryptionOk = !decryptResult.error(); passphraseError = decryptResult.error().isCanceled() || decryptResult.error().code() == GPG_ERR_NO_SECKEY; @@ -1402,6 +1407,7 @@ namespace KMail { TQCString decryptedData; bool signatureFound; std::vector<GpgME::Signature> signatures; + GpgME::Key signingKey; bool passphraseError; bool actuallyEncrypted = true; bool decryptionStarted; @@ -1410,6 +1416,7 @@ namespace KMail { decryptedData, signatureFound, signatures, + signingKey, true, passphraseError, actuallyEncrypted, @@ -1450,9 +1457,10 @@ namespace KMail { *node, node->trueFromAddress(), false, + false, &decryptedData, signatures, - false ); + signingKey ); node->setSignatureState( KMMsgFullySigned ); } else { insertAndParseNewChildNode( *node, @@ -1566,6 +1574,7 @@ namespace KMail { TQCString decryptedData; bool signatureFound; std::vector<GpgME::Signature> signatures; + GpgME::Key signingKey; bool passphraseError; bool actuallyEncrypted = true; bool decryptionStarted; @@ -1574,6 +1583,7 @@ namespace KMail { decryptedData, signatureFound, signatures, + signingKey, true, passphraseError, actuallyEncrypted, @@ -1742,6 +1752,7 @@ namespace KMail { messagePart.isSigned = false; bool signatureFound; std::vector<GpgME::Signature> signatures; + GpgME::Key signingKey; bool passphraseError; bool actuallyEncrypted = true; bool decryptionStarted; @@ -1755,6 +1766,7 @@ namespace KMail { decryptedData, signatureFound, signatures, + signingKey, false, passphraseError, actuallyEncrypted, @@ -1826,8 +1838,6 @@ namespace KMail { *signTestNode, node->trueFromAddress(), true, - 0, - std::vector<GpgME::Signature>(), isEncrypted ); if ( sigFound ) { if ( !isSigned ) { diff --git a/kmail/objecttreeparser.h b/kmail/objecttreeparser.h index cd4adfae..9487de87 100644 --- a/kmail/objecttreeparser.h +++ b/kmail/objecttreeparser.h @@ -39,6 +39,7 @@ #include <kleo/cryptobackend.h> #include <gpgmepp/verificationresult.h> +#include <gpgmepp/key.h> #include <cassert> @@ -213,9 +214,10 @@ namespace KMail { partNode & sign, const TQString & fromAddress, bool doCheck=true, + bool hideErrors=false, TQCString * cleartextData=0, const std::vector<GpgME::Signature> & paramSignatures = std::vector<GpgME::Signature>(), - bool hideErrors=false ); + const GpgME::Key & paramKey = GpgME::Key() ); /** Writes out the block that we use when the node is encrypted, but we're deferring decryption for later. */ @@ -231,6 +233,7 @@ namespace KMail { TQCString& decryptedData, bool& signatureFound, std::vector<GpgME::Signature> &signatures, + GpgME::Key &key, bool showWarning, bool& passphraseError, bool& actuallyEncrypted, diff --git a/kmail/objecttreeparser_p.cpp b/kmail/objecttreeparser_p.cpp index c0a5eef4..ce7afb10 100644 --- a/kmail/objecttreeparser_p.cpp +++ b/kmail/objecttreeparser_p.cpp @@ -133,8 +133,10 @@ GenericVerifyMemento::~GenericVerifyMemento() { m_keylistjob->slotCancel(); } -DecryptVerifyBodyPartMemento::DecryptVerifyBodyPartMemento( DecryptVerifyJob * job, const TQByteArray & cipherText ) - : CryptoBodyPartMemento(), +DecryptVerifyBodyPartMemento::DecryptVerifyBodyPartMemento( DecryptVerifyJob * job, + Kleo::KeyListJob * klj, + const TQByteArray & cipherText ) + : GenericVerifyMemento(klj), m_cipherText( cipherText ), m_job( job ) { @@ -166,6 +168,8 @@ void DecryptVerifyBodyPartMemento::exec() { saveResult( p.first, p.second, plainText ); m_job->deleteLater(); // exec'ed jobs don't delete themselves m_job = 0; + execKeyListJob(); + setRunning( false ); } void DecryptVerifyBodyPartMemento::saveResult( const DecryptionResult & dr, @@ -175,7 +179,7 @@ void DecryptVerifyBodyPartMemento::saveResult( const DecryptionResult & dr, assert( m_job ); setRunning( false ); m_dr = dr; - m_vr = vr; + setVerificationResult( vr ); m_plainText = plainText; setAuditLog( m_job->auditLogError(), m_job->auditLogAsHtml() ); } @@ -187,6 +191,10 @@ void DecryptVerifyBodyPartMemento::slotResult( const DecryptionResult & dr, saveResult( dr, vr, plainText ); setRunning( false ); m_job = 0; + if ( startKeyListJob() ) + return; + destroyKeyListJob(); + setRunning( false ); notify(); } diff --git a/kmail/objecttreeparser_p.h b/kmail/objecttreeparser_p.h index 943402d9..6c338ea4 100644 --- a/kmail/objecttreeparser_p.h +++ b/kmail/objecttreeparser_p.h @@ -61,7 +61,7 @@ namespace KMail { public KMail::ISubject { TQ_OBJECT - + public: CryptoBodyPartMemento(); ~CryptoBodyPartMemento(); @@ -122,20 +122,21 @@ namespace KMail { }; class DecryptVerifyBodyPartMemento - : public CryptoBodyPartMemento + : public GenericVerifyMemento { TQ_OBJECT public: - DecryptVerifyBodyPartMemento( Kleo::DecryptVerifyJob * job, const TQByteArray & cipherText ); + DecryptVerifyBodyPartMemento( Kleo::DecryptVerifyJob * job, + Kleo::KeyListJob * klj, + const TQByteArray & cipherText ); ~DecryptVerifyBodyPartMemento(); bool start(); void exec(); - const TQByteArray & plainText() const { return m_plainText; } + const TQByteArray & plainText() const { return m_plainText; } const GpgME::DecryptionResult & decryptResult() const { return m_dr; } - const GpgME::VerificationResult & verifyResult() const { return m_vr; } private slots: void slotResult( const GpgME::DecryptionResult & dr, @@ -152,7 +153,6 @@ namespace KMail { TQGuardedPtr<Kleo::DecryptVerifyJob> m_job; // output: GpgME::DecryptionResult m_dr; - GpgME::VerificationResult m_vr; TQByteArray m_plainText; }; @@ -161,7 +161,7 @@ namespace KMail { : public GenericVerifyMemento { TQ_OBJECT - + public: VerifyDetachedBodyPartMemento( Kleo::VerifyDetachedJob * job, Kleo::KeyListJob * klj, @@ -190,7 +190,7 @@ namespace KMail { : public GenericVerifyMemento { TQ_OBJECT - + public: VerifyOpaqueBodyPartMemento( Kleo::VerifyOpaqueJob * job, Kleo::KeyListJob * klj, @@ -200,7 +200,7 @@ namespace KMail { bool start(); void exec(); - const TQByteArray & plainText() const { return m_plainText; } + const TQByteArray & plainText() const { return m_plainText; } private slots: void slotResult( const GpgME::VerificationResult & vr, |