Giters

mailvelope / mailvelope

Browser extension for OpenPGP encryption with Webmail

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Import key button from Posteo is not working

rugk opened this issue · comments

commented

STR

  1. (Not have a public key for support@posteo.de in your keychain, but have your local key setup)
  2. On https://posteo.de/ draft an encrypted mail to support@posteo.de.
  3. Click on the "hinzufügen" (add) button to add the suggested key.

What happens

Nothing, the key is not imported and I (thus) also cannot send the mail (the send button is disabled and says it needs a receiver check before sending in the tooltip/on mouseover).

What should happen

Open a model/popup or so and (suggest to) import the key.

System

Mailvelope 5.1.1
Firefox 120.0.1
Default Firefox shipped with Fedora (i.e. non-flatpaked in case that helps)
Fedora Silverblue 39 with GNOME

from about:support:

Name 	Firefox
Version 	120.0.1
Build-ID 	20231201123212
Distributions-ID 	fedora
User-Agent 	Mozilla/5.0 (X11; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0
Betriebssystem 	Linux 6.6.3-200.fc39.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Nov 28 19:11:52 UTC 2023
Betriebssystem-Theme 	Adwaita-dark / Adwaita

More information

I looked into it and there seems to be a JS script attached to it:
grafik

function(e) {
  debug("import-link clicked");
  e.preventDefault();
  keyring.importKey(key)
    .then(
      editor.checkKeys,
      error
    );
}

When I click on the button, I get this browser console error:

Error: No valid armored block found.
    mapError moz-extension://d9b30964-c2a7-4a86-a854-d9deacf0b570/client-API/mailvelope-client-api.js:722
    eventListener moz-extension://d9b30964-c2a7-4a86-a854-d9deacf0b570/client-API/mailvelope-client-api.js:692
mailvelope_client.js:886:19

grafik

Context/variables:

  • keyringId: posteo.de|#|Posteo
  • armored: -----BEGIN CERTIFICATE----- MIIGEDCCBPigAwIBAgIRANXgfmPUhSNO36CJp7cVBuUwDQYJKoZIhvcNAQELBQAw gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE+MDwGA1UE AxM1U2VjdGlnbyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUg RW1haWwgQ0EwHhcNMjMwMTIwMDAwMDAwWhcNMjQwMTIwMjM1OTU5WjAiMSAwHgYJ KoZIhvcNAQkBFhFzdXBwb3J0QHBvc3Rlby5kZTCCAiIwDQYJKoZIhvcNAQEBBQAD ggIPADCCAgoCggIBAMkDNc+xw7IfINqu0H4ZJhHW1CKmhYVQjohnfnGcSdWm9p+O JChXgUnciysx0OEoNp44qNsVqwLwzIboJt0V4re45LlWieo57JrMqhx3B/pLD+Hc RiTQbcH2XjOJ/IMw+hJTJECupB04nE3r3nTReAt2YLGUxjW0HMtkRM6zUJkBF4Ns 2irTVjZ8oB+p9LEPrvWLbZ1rX5VetcpfYJfWmz710/0VOl9Cm29PRtXnwttc/3We BYK+MYT+KEEWvW833+74o+kQc4U+WeiJY8wXugkURWQLIJn+mRR6kVc2g511YxtR C5YcagftCJcWIv6+szl8OanG/rDh2YoyudSf0+3jhX9x1NhGycwVl5YcHjUTsWch CGqi7ss/9V+reWFhxpTDvoejc+vNPlLEwsGmwJZbaDMeVseWOz8a/gMD1mHMa6Mw 1hPHW8Jog4gxzd4QedK73Qdzt08v4YwW9kfLxxb1UvcTFV5rbXmC4ZZj319d3y2K lxZGMRuYmyJU0duZmAexil/ge4h4/fKfgDEbbt09ioYgecchVhZwpZgP4BbhEwlf n/EKJSkTp9ZaPtHwW2vNmaOgVNzfqidCFtDZTn4cZmuRFJGQ2egnZK02W+67wUeS 4VauOGuw5DNJWZDYRje+H2HdsGQ7IYFCyh74AFCoY6VWUY74KbBnNOkx3avZAgMB AAGjggHKMIIBxjAfBgNVHSMEGDAWgBQJwPL8C9qU21/+K9+omULPyeCtADAdBgNV HQ4EFgQUtpXRXthKSdeImyR2Y/sXPilaCIgwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMEAGA1UdIAQ5 MDcwNQYMKwYBBAGyMQECAQEBMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGln by5jb20vQ1BTMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGlnby5j b20vU2VjdGlnb1JTQUNsaWVudEF1dGhlbnRpY2F0aW9uYW5kU2VjdXJlRW1haWxD QS5jcmwwgYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5z ZWN0aWdvLmNvbS9TZWN0aWdvUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1 cmVFbWFpbENBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5j b20wHAYDVR0RBBUwE4ERc3VwcG9ydEBwb3N0ZW8uZGUwDQYJKoZIhvcNAQELBQAD ggEBAHR354LkZJ6bJkLUO5kfCkGK2gIakdm6hkbRAS/VMkc8sc90+2/upwClzmgl ZVZG8Ul/svTLeXPpcOJC20bn1ZA//MnOFjhBa8Tz3lb7JQ//q1r50rZBL5T8lG1A jIFamr8KdmZiIfac5mMNIgImtmn8lXRaa3gvmcSx/3tgJQYvfSwXesHzqdnCuyFM X0NGZ74rebSRqXUglhEH/+kXz6x+CG3yA2BpP7Yu0Y0Z/AsqJpotY6OhFCGPr3gD imXeXnjXAubx3x6NjxYw7Xmjosi7BJJm3cx8cOgBVX1vTuI5MKE3M04a7r7qmL2l XmTTbP/bi39zhrGlhVyBKFvnBoA= -----END CERTIFICATE-----
  • getMessageType(armored) returns undefined, which apparently causes the issue/bug

The extension just does not seem to expect a CERTIFICATE. Here is what the function can handle:

mailvelope/src/content-scripts/main.js

Lines 284 to 296 in 5f5e764

export function getMessageType(armored) {
if (/(BEGIN|END)\sPGP\sMESSAGE/.test(armored)) {
return PGP_MESSAGE;
} else if (/BEGIN\sPGP\sSIGNED\sMESSAGE/.test(armored)) {
return PGP_SIGNATURE;
} else if (/END\sPGP\sSIGNATURE/.test(armored)) {
return PGP_SIGNATURE;
} else if (/(BEGIN|END)\sPGP\sPUBLIC\sKEY\sBLOCK/.test(armored)) {
return PGP_PUBLIC_KEY;
} else if (/(BEGIN|END)\sPGP\sPRIVATE\sKEY\sBLOCK/.test(armored)) {
return PGP_PRIVATE_KEY;
}
}

commented

The certificate one gets seems to be the same as on https://posteo.de/keys/support@posteo.de, which is, however, an S/MIME certificate?

grafik

I have mailed this to their support and linked this issue here.

Nevertheless, for Mailvelope, maybe the error handling could be improved. Like showing such an error in a more user-friendly/visible way (than a hidden console error in a technical jargon 😉)?