Mailvelope issues?
Closed this issue · 29 comments
Confirmed, there is a problem decrypting messages with Mailvelope on Firefox. Mailvelope is at v1.3.6 and Firefox was at v44.0.2, both the latest as of this writing.
The exact same encrypted ASCII-armored text can be decrypted by both GnuPG (command line) and the MacGPG GUI, though. :\ I know there were some issues with Mailvelope being strict about Modification Detection Code (MDC) packets before (see jasonhinkle/php-gpg#18), but AFAIK OpenPGP-PHP does include MDC packets, so I'm not sure what the issue here might be…? I also do not see any other relevant incompatibility reports on the OpenPGP.php issue tracker.
@singpolyma, have any such issues been reported privately? @DanielRuf, do you know of any?
Verifying a clearsigned signature also fails in Mailvelope but, again, works correctly when verified with the GnuPG/MacGPG tools.
Afaik there are open issues with the same error message at the openpgp.js and mailvelope repos here at GitHub.
For example mailvelope/mailvelope#370
In that issue the Mailvelope developer seems to think the problem is an outdated OpenPGP packet, right? If that's true, doesn't it mean OpenPGP-PHP's encryption is producing packets that OpenPGP.js considers deprecated? Shouldn't that…be fixed?
Not sure, issue 370 is related to missing MDC packets but it is not missing here.
Possibly a problem with openpgp.js / mailvelope.
MDC packet is not missing so this is not the problem I think (--list-packets should show it).
Hmm…. Okay. This issue is clearly beyond my skill.
I will have to spend some of my own time familiarizing myself with RFC 4880, as well as the OpenPGP-PHP and OpenPGP.js implementations themselves to be of much use with this. Right now I have no experience with OpenPGP.js at all and only a shallow understanding of OpenPGP-PHP. I cannot fix or even meaningfully debug this issue without learning more about those things first.
I'll leave this issue open to record that there is a problem for users of WP PGP Encrypted Emails. That said, from what I understand right now, it seems the problem is not directly related to the WordPress plugin's code, but the code in the OpenPGP implementations themselves. That is stuff I want to learn more about, so I'll take this as an opportunity to self-educate. However, that will take time. In the mean time, I'll write a notice in the plugin's next release informing WordPress end-users that there is a known compatibility issue.
If there is anything I can do to assist you or the other library developers, please let me know.
Okay, I'll go read as much of the RFC and explore OpenPGP.js as I can now. I hope you won't be too bothered if I ask you some questions along the way.
And thanks for looking into this to help me and other WordPress users use OpenPGP. :)
Just to make sure, does the private key exist in mailvelope? It is needed for decryption and verification.
Just to make sure, does the private key exist in mailvelope? It is needed for decryption and verification.
Yes. The errors shown above happen after importing the needed keys to the appropriate keyring. When used in Mailvelope, the error ocurrs. When used in GPG command line or MacGPG graphical user interface, there is no error. Both tools have the necessary keys in their respective keyrings.
Do you have some more info from background.html of the extension or the logfile of it? There should be some hint why it fails.
I think best is we open an issue at https://github.com/openpgpjs/openpgpjs/ (and also at https://github.com/mailvelope/mailvelope )
"Error decrypting message" seems to come from https://github.com/openpgpjs/openpgpjs/blob/master/src/openpgp.js and "Wrong signature from" is a language string from mailvelope but uses a function of openpgp.js
Don't know if this helps much but when the "Error decrypting message!" overlay shows up, a single error is logged in the Firefox Web Console:
[49]</d.prototype.decrypt@resource://jid1-aqqsmbyb0a8adg-at-jetpack/data/openpgp.min.js:7:6910
h/<@resource://jid1-aqqsmbyb0a8adg-at-jetpack/data/openpgp.min.js:7:11332
m/c<@resource://jid1-aqqsmbyb0a8adg-at-jetpack/data/openpgp.min.js:7:12637
m@resource://jid1-aqqsmbyb0a8adg-at-jetpack/data/openpgp.min.js:7:12607
h@resource://jid1-aqqsmbyb0a8adg-at-jetpack/data/openpgp.min.js:7:11310
[1]</self.onmessage@resource://jid1-aqqsmbyb0a8adg-at-jetpack/data/openpgp.worker.min.js:1:2353
openpgp.min.js:7:12704
n()
I haven't figured out what other ways exist to debug OpenPGP.js yet so not sure how else to trace this.
Hm, also have no idea here. Would be good to ask the openpgp.js and mailvelope team about this, they should know more about this.
Would be good to ask the openpgp.js and mailvelope team about this, they should know more about this.
Yeah. I commented here, hopefully we'll get a helpful pointer or three.
FYI, I have an attempt to produce a modular/simplified version of the spec here: https://github.com/singpolyma/openpgp-spec -- obviously the real spec is more complete, but maybe useful
but maybe useful
Definitely as there are very few information which describe it easier than the official RFC spec.
Thanks, @singpolyma!
I just wanted to contribute that this issue is in both firefox and chrome. All the software I've tried that uses OpenPGP-PHP doesnt decrypt in mailvelope.
Enigmail for thunderbird doesnt have this problem, I understand the principled approach of the author, but is it premature?
This has existed for a few months and makes Mailvelope useless except under specific circumstances, for example: "Perhaps I'd like to see an unhelpful error message today" ;-), which is frustrating because there are zero alternatives. I've reasons for not migrating all of my mail to thunderbird but I guess that's the only sensible approach, until either this is fixed in Mailvelope or someone writes something similar.
@shopps Then it is possibly just an issue with openpgp.js and / or mailvelope mailvelope/mailvelope#370
@DanielRuf Probably, and I suspect the only reason it's an issue at all is because so few people are really utilizing encryption. All this stuff should be built-in automatic and expected of every mail client anyhow.
All this stuff should be built-in automatic and expected of every mail client anyhow.
Totally agree with you.
@shopps Thanks for the additional information.
All this stuff should be built-in automatic and expected of every mail client anyhow.
Totally agree with you.
Definitely agree. I was actually surprised to learn that there are no other site-wide plugins for WordPress that encrypt outgoing messages, and that before this one, there was only plug-ins for specific contact forms.
Privacy and digital safety should be a right, not a privilege afforded to those who can pay for "premium" (non-free) code.
The Mailvelope developers have confirmed that this needs to be fixed on their side, so I am closing this issue. Mailvelope users will need to install an update when it is released.
Thanks for the update about this issue.
Thanks for pointing me in the direction of this thread. We're having the same issue trying to decrypt with Symantec Encryption Desktop, is this likely to be the same problem? Has anyone had a success resolving this for this scenario? Any help greatly appreciated.
@krissbennett I have no experience with Symantec Encryption Desktop, but either way this is almost certainly most likely an OpenPGP-PHP and Symantec product issue, much like the incompatibility between OpenPGP-PHP and Mailvelope. Your best best is likely to raise a bug report with Symantec. Good luck!
Hi guys, I have found a workaround, but it involves modifying the plugin code, (not an ideal solution but it works for us so thought I'd share). Essentially the problem for us turns out to be the way the plugin is encrypting the messages just isn't liked by our client software.
So have changed to create own encrypted message using the gpg command line with exec. Then sending this in email instead of the standard one.
Hope that helps someone else who comes across this issue. I suspect the same fix may work for mailvelope issue too.
Thanks for your help guys.
So have changed to create own encrypted message using the gpg command line with exec. Then sending this in email instead of the standard one.
Right, this is how many pgp solutions (also in the PHP community) work. They use the binaries on the command line. But this is not an option for this plugin. But this does not really solve the problem as this is just a workaround and it may be better to compare the results to see what the problem is.
At least Gpg4win (GPA) and the commandline gpg client never had problems with the generated messages created by the underlying library.
Mailvelope has a bug in their code which causes this and will fix this in a future release. Mailvelope is writtin in JavaScript (uses openpgp.js) and has no binary dependencies.
@krissbennett I second @DanielRuf. The point of this project is to create a WordPress plugin that can use PGP with only the dependencies of WordPress itself, rather than external binaries. This requirement makes it possible to provide a PGP solution for every site powered by WordPress, thus enabling people who are not technically savvy or do not have direct access to the server (think shared hosting) to utilize the privacy benefits of PGP.
Totally understand guys and thanks for your assistance. I wish I had found an alternative solution that would of contributed to the project but thought I'd just share my workaround in the interim.
No worries, @krissbennett. :)