Incoming Mail that cannot be decrypted (due to wrong key / missing private key) raises mail-gpg EncodingError (#358) · Issues · schleuder / schleuder

Incoming Mail that cannot be decrypted (due to wrong key / missing private key) raises mail-gpg EncodingError

Expected Behavior

If an incoming mail is encrypted but cannot be decrypted, I expect a reply to the sender, that she send a mail encrypted to the wrong key. I don't expect an exception, since this is not such an exceptional event, is it?

Actual Behavior

If an incoming mail is encrypted but cannot be decrypted, because it was encrypted to the wrong key, Mail::Message#setup will still call if new.signed?. This raises an error inside mail-gpg because you cannot check if an encrypted mail is signed.

Specifications

Version: 3.2.2-1~bpo9+1
Installation method: package / debian
Mail client version: unknown

Other information

----- Forwarded message from schleuder@schleuder -----

Date: some date
From: schleuder
To: root@localhost
Subject: Error

Unable to determine signature on an encrypted mail, use :verify option on decrypt()
/usr/lib/ruby/vendor_ruby/mail/gpg.rb:98:in `signed?'
/usr/lib/ruby/vendor_ruby/mail/gpg/message_patch.rb:77:in `signed?'
/usr/lib/ruby/vendor_ruby/schleuder/mail/message.rb:31:in `setup'
/usr/lib/ruby/vendor_ruby/schleuder/runner.rb:15:in `run'
/usr/lib/ruby/vendor_ruby/schleuder/cli.rb:35:in `work'
/usr/lib/ruby/vendor_ruby/thor/command.rb:27:in `run'
/usr/lib/ruby/vendor_ruby/thor/invocation.rb:126:in `invoke_command'
/usr/lib/ruby/vendor_ruby/thor.rb:359:in `dispatch'
/usr/lib/ruby/vendor_ruby/thor/base.rb:440:in `start'
/usr/bin/schleuder:19:in `<main>'

Date: some date
From: "someuser@example.com" <someuser@example.com>
To: somelist@cryptolists.domain.tld
Subject: Fwd: Neuer KP PGP Key

Error: decryption/verification failed: No secret key

The code in our version of schleuder:

    def setup
      if self.encrypted?
        new = self.decrypt(verify: true)
        ## Work around a bug in mail-gpg: when decrypting pgp/mime the
        ## Date-header is not copied.
        #new.date ||= self.date
        # Test if there's a signed multipart inside the ciphertext
        # ("encapsulated" format of pgp/mime).
        if new.signed?
          new = new.verify
        end
      elsif self.signed?
        new = self.verify
      else
        new = self
      end

https://github.com/jkraemer/mail-gpg/blob/master/lib/mail/gpg.rb

    # true if a mail is signed.
    #
    # throws EncodingError if called on an encrypted mail (so only call this method if encrypted? is false)
    def self.signed?(mail)
      return true if signed_mime?(mail)
      return true if signed_inline?(mail)
      if encrypted?(mail)
        raise EncodingError, 'Unable to determine signature on an encrypted mail, use :verify option on decrypt()'
      end
      false
    end

I just found encapsulated_signed? method in master. So maybe that solves our problem already? In that case, nevermind. 🤷

Edited Jun 19, 2018 by init void