averello/aerc-fork-mirror
1
0
Fork 0
mirror of https://git.sr.ht/~rjarry/aerc synced 2026-03-02 18:23:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

gpg: fix signed message encoding

Browse Source 
Fix the content encoding for GPG-signed messages.

To remove the Mime-Version header field for the signed message part, the
raw message is parsed with go-message. go-message.Read(), however,
decodes the message body as well (i.e. from quoted-printable to UTF8
depending on the Content-Transfer-Encoding header). This means that the
msg.Body field now contains the decoded message (it is no longer encoded
as quoted-printable). We never encode the message back to the proper
Content-Transfer-Encoding.

To fix this, use net/mail.ReadMessage() to parse the headers and to not
decode the message body.

To verify the issue, send a signed message with the following text:
"19+1=20!"

The message will be properly signed, but the text is wrong; it shows
"19+1 !"; instead it should read "19+1=3D20!".

Fixes: 5e443bce ("gpg: fix mime-version header position")
References: https://todo.sr.ht/~rjarry/aerc/79
Signed-off-by: Koni Marti <koni.marti@gmail.com>
Tested-by: Jens Grassel <jens@wegtam.com>
Acked-by: Robin Jarry <robin@jarry.cc>
This commit is contained in:
Koni Marti
2024-08-23 20:12:56 +02:00
committed by Robin Jarry
parent 3ce5670fdc
commit 7346d20343
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/crypto/gpg/writer.go
View File

@@ -8,6 +8,7 @@ import (
"fmt"
"io"
"mime"
"net/mail"
"git.sr.ht/~rjarry/aerc/lib/crypto/gpg/gpgbin"
"github.com/emersion/go-message"
@@ -51,10 +52,11 @@ func (s *Signer) Write(p []byte) (int, error) {
}
func (s *Signer) Close() (err error) {
msg, err := message.Read(&s.signedMsg)
msg, err := mail.ReadMessage(&s.signedMsg)
if err != nil {
return err
}
header := message.HeaderFromMap(msg.Header)
// Make sure that MIME-Version is *not* set on the signed part header.
// It must be set *only* on the top level header.
//
@@ -64,10 +66,10 @@ func (s *Signer) Close() (err error) {
//
// Since the signature is computed on the whole part, including its
// header, changing the case can cause the signature to become invalid.
msg.Header.Del("Mime-Version")
header.Del("Mime-Version")
var buf bytes.Buffer
_ = textproto.WriteHeader(&buf, msg.Header.Header)
_ = textproto.WriteHeader(&buf, header.Header)
_, _ = io.Copy(&buf, msg.Body)
sig, micalg, err := gpgbin.Sign(bytes.NewReader(buf.Bytes()), s.from)