[Bug 286035] New: kmail2 fails to verify signature with RFC 3156 encrypted+signed mails

Mon Nov 7 19:54:39 GMT 2011

https://bugs.kde.org/show_bug.cgi?id=286035

           Summary: kmail2 fails to verify signature with RFC 3156
                    encrypted+signed mails
           Product: kmail2
           Version: 4.7
          Platform: Unlisted Binaries
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: NOR
         Component: crypto
        AssignedTo: kdepim-bugs at kde.org
        ReportedBy: t.zell at gmx.de

Version:           4.7 (using KDE 4.7.3) 
OS:                Linux

This is a cut&paste from an old bug 188931 (reported by Raimar Sandner) that is
still present in KMail2, so I report it again against the new version.

According to http://www.ietf.org/rfc/rfc3156.txt there are two ways to both
sign and encrypt an OpenPGP/MIME message. Kmail uses the method described in
6.1 of RFC 3156 (called RFC 1847 Encapsulation), other mail clients like
thunderbird/enigmail or mutt use 6.2 (Combined method).

Kmail fails to verify the signature, if the message was composed with the
combined method 6.2.

Verification on the commandline with gpg --decrypt works.

Usually, if the verification fails because there really is no key, kmail
displays "message was signed with unknown key 0x...", where 0x... is the key
ID.

Here, it says key 0x... and displays the hex value of the _fingerprint_ of the
key (and not the ID).

Reproducible: Always

Steps to Reproduce:
Compose an encrypted and signed message with thunderbird (I use
enigmail 0.96) and view it with kmail.

Actual Results:  
Message was signed with unknown key.
The validity of the signature cannot be verified.
Status: Error: Signature not verified

Expected Results:  
Signature verifies correctly

-- 
Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.