Tmail talk - Nov 2009 - additional newlines by decoded() invalidate pgp-signatures

Hi,

I''m having a problem with TMail breaking PGP-signatures. If this has
been discussed or solved elsewhere please redirect me, I didn''t find
any hint on my own.

For the validity of pgp/mime-signatures it''s crucial that the whole
message is
never changed, including mime-headers, white-space, etc. (see RFC 3156[1]).
TMail#decoded() breaks this by adding newlines to the end of (some?)
mime-parts. 

This:

  --some_boundary
  Content-Type: text/plain; charset=UTF-8
  Content-Disposition: inline
  
  foo
  
  --some_boundary
  Content-Type: application/pgp-signature
  
  -----BEGIN PGP SIGNATURE-----
  Version: GnuPG v1.4.6 (GNU/Linux)


is changed to this:

  
  --some_other_boundary
  Content-Type: text/plain; charset=UTF-8
  Content-Disposition: inline
  
  foo
  

  --some_other_boundary
  Content-Type: application/pgp-signature
  
  -----BEGIN PGP SIGNATURE-----
  Version: GnuPG v1.4.6 (GNU/Linux)



The changing of boundaries is also a problem when verifying signed
multipart-mime-parts. I solved that one partly by pre-parsing the message if
its header is multipart/signed and verifying the signature "manually"
with the
help of regexes.

I don''t want to recurse into nested multipart-messages, though. So I
already
gave up on nested multipart-messages that have a signed multipart-part
somewhere inside.

But I''d still like to preserve the validity of signatures over nested
non-multipart-parts, so that the recipients at least can verify those
signatures individually. This is where I''m stuck with the additional
newlines
decoded() adds.

I experimented with decoded() but could only suppress any newline in general,
which invalidates the whole message-structure.


Has anybody got a hint for me on how to solve this?

And/or: I didn''t try "Mail" concerning this problem, yet --
is there any
experience with it, already? A switch would be an option only long-term,
but it would be some (head?)light at the end of the tunnel.


Thank you for your time,
best wishes,

  /Sam


[1] http://www.ietf.org/rfc/rfc3156.txt

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL:
<http://rubyforge.org/pipermail/tmail-talk/attachments/20091125/08b9ed60/attachment.bin>

Hi there.

I am not sure I will be able to fix this.  I am the maintainer of Tmail, but
got so fed up with trying to fix it, that I re-wrote the entire mail library
into a new Mail gem.

Could you try mail and let me know if it is still a problem?

http://www.github.com/mikel/mail

sudo gem install mail

ARC

Mikel

On Wed, Nov 25, 2009 at 9:41 PM, Sam Hall <samhall at riseup.net> wrote:
> Hi,
>
> I''m having a problem with TMail breaking PGP-signatures. If this
has
> been discussed or solved elsewhere please redirect me, I didn''t
find
> any hint on my own.
>
> For the validity of pgp/mime-signatures it''s crucial that the
whole message
> is
> never changed, including mime-headers, white-space, etc. (see RFC 3156[1]).
> TMail#decoded() breaks this by adding newlines to the end of (some?)
> mime-parts.
>
> This:
>
>  --some_boundary
>  Content-Type: text/plain; charset=UTF-8
>  Content-Disposition: inline
>
>  foo
>
>  --some_boundary
>  Content-Type: application/pgp-signature
>
>  -----BEGIN PGP SIGNATURE-----
>  Version: GnuPG v1.4.6 (GNU/Linux)
>
>
> is changed to this:
>
>
>  --some_other_boundary
>  Content-Type: text/plain; charset=UTF-8
>  Content-Disposition: inline
>
>  foo
>
>
>  --some_other_boundary
>  Content-Type: application/pgp-signature
>
>  -----BEGIN PGP SIGNATURE-----
>  Version: GnuPG v1.4.6 (GNU/Linux)
>
>
>
> The changing of boundaries is also a problem when verifying signed
> multipart-mime-parts. I solved that one partly by pre-parsing the message
> if
> its header is multipart/signed and verifying the signature
"manually" with
> the
> help of regexes.
>
> I don''t want to recurse into nested multipart-messages, though. So
I
> already
> gave up on nested multipart-messages that have a signed multipart-part
> somewhere inside.
>
> But I''d still like to preserve the validity of signatures over
nested
> non-multipart-parts, so that the recipients at least can verify those
> signatures individually. This is where I''m stuck with the
additional
> newlines
> decoded() adds.
>
> I experimented with decoded() but could only suppress any newline in
> general,
> which invalidates the whole message-structure.
>
>
> Has anybody got a hint for me on how to solve this?
>
> And/or: I didn''t try "Mail" concerning this problem, yet
-- is there any
> experience with it, already? A switch would be an option only long-term,
> but it would be some (head?)light at the end of the tunnel.
>
>
> Thank you for your time,
> best wishes,
>
>  /Sam
>
>
> [1] http://www.ietf.org/rfc/rfc3156.txt
>
>
> _______________________________________________
> Tmail-talk mailing list
> Tmail-talk at rubyforge.org
> http://rubyforge.org/mailman/listinfo/tmail-talk
>
>

-- 
http://lindsaar.net/
Rails, RSpec and Life blog....
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://rubyforge.org/pipermail/tmail-talk/attachments/20091126/f8ff412d/attachment.html>

Hi,

On Thu, Nov 26, 2009 at 11:55 (+1100), Mikel Lindsaar
wrote:
> Could you try mail and let me know if it is still a problem?
The additional newline does not occur in a quick&dirty test. Also, the
mime-boundaries are not changed, which is very nice. But on the other hand the
mime-headers are changed even more, from this:

  --mimepart_4b097457413cd_6bd..fdbe843aa151
  Content-Type: text/plain; charset=UTF-8
  Content-Disposition: inline



to this:

  --mimepart_4b097457413cd_6bd..fdbe843aa151
  Date: Thu, 26 Nov 2009 17:00:31 +0100
  Mime-Version: 1.0
  Content-Type: text/plain;
          charset="UTF-8";
  Content-Transfer-Encoding: 8bit
  Content-Disposition: inline
  Content-ID: <4b0ea61f51f2_1b782459d7263745b at some.thing>


With TMail simple headers usually pass (or are re-written identically) which
gave a chance to have the signature stay valid. This chance seems to be lost
with Mail.

What we would need is a "don''t change anything unless we
explicitly tell you
so"-behaviour.

Do you see any chance to realize/implement this?

I''m not new to ruby, so maybe I could do a part of the work, if you
could give
me a hint on where to look and what to take into account.


I think it would be great to push this. Signing and encrypting is becoming more
and more important nowadays and Mail being compatible to signing and maybe even
actively enabling it would be fantastic!


Thank you for your time and work!

  /Sam