[kmail2] [Bug 404698] Decryption Oracle based on replying to PGP or S/MIME encrypted emails

[Sandro Knauß]

https://bugs.kde.org/show_bug.cgi?id=404698

--- Comment #14 from Sandro Knauß <sknauss at kde.org> ---
(In reply to David Faure from comment #11)
> - Preventing KMail from *sending* such messages would obviously be no help
> (one could just craft that message by hand or using another email client). 

ACK.

> - Preventing the user from replying to such a message would be very weird
> user experience (sorry, you are not allowed to reply to this message!)

jepp bad UX.

> - So I guess the best solution is that when replying, we don't decrypt parts
> that were encrypted in the original message. I.e. if we are replying with a
> copy of those parts, and they were encrypted, they should be copied "as is".
> This would prevent any newly-added recipient from reading those, but that's
> fair enough I would say.
> I wouldn't really know how to implement this though.
> Might be tricky if the tree in memory only has the decrypted version.
>
> - Alternatively, KMail could say "for security reasons, these parts are
> going to be removed from your reply". But this also requires that we somehow
> know that these parts used to be encrypted in the original email.

Both things are not that hard to solve. We have
MimeTreeParser::ObjecttreeParser that returns a MessagePart tree. This is a
tree, where only visual interesting nodes of the Mime messages with the
additional information of each node, about their encrypted status, used keys
etc... To get an idea about those trees look at
mimetreeparser/autotests/data/*tree files, these are the MessagePart tree for
the corresponding mbox. Also TemplateParser, that is responsible for creating a
reply/template, uses MimeTreeParser::ObjecttreeParser, so we are able to filter
out bad nodes.

-- 
You are receiving this mail because:
You are the assignee for the bug.