Enigma: Fix decrypting an encrypted+signed message when signature verification fails (#5914)

7 years ago · d4478c4ff7
parent 902eaa1f78
commit d4478c4ff7
3 changed files with 14 additions and 4 deletions
--- a/1
+++ b/1
@ -56,6 +56,7 @@ CHANGELOG Roundcube Webmail
 - Fix bug where messages count was not updated after delete when imap_cache is set (#5872)
 - Fix potential XSS vulnerability with malformed HTML message markup
 - Bring back double-click behavior on the message list which was removed in 1.3.0 (#5823)
 - Enigma: Fix decrypting an encrypted+signed message when signature verification fails (#5914)
 RELEASE 1.3.0
 -------------
--- a/plugins/enigma/lib/enigma_driver_gnupg.php
+++ b/plugins/enigma/lib/enigma_driver_gnupg.php
@ -153,7 +153,7 @@ class enigma_driver_gnupg extends enigma_driver
                $this->gpg->addDecryptKey($key, $password);
            }
-            $result = $this->gpg->decryptAndVerify($text);
+            $result = $this->gpg->decryptAndVerify($text, true);
            if (!empty($result['signatures'])) {
                $signature = $this->parse_signature($result['signatures'][0]);
@ -463,7 +463,7 @@ class enigma_driver_gnupg extends enigma_driver
    {
        $data = new enigma_signature();
-        $data->id          = $sig->getId();
+        $data->id          = $sig->getId() ?: $sig->getKeyId();
        $data->valid       = $sig->isValid();
        $data->fingerprint = $sig->getKeyFingerprint();
        $data->created     = $sig->getCreationDate();
--- a/plugins/enigma/lib/enigma_ui.php
+++ b/plugins/enigma/lib/enigma_ui.php
@ -919,7 +919,10 @@ class enigma_ui
            $attrib['id'] = 'enigma-message';
            if ($sig instanceof enigma_signature) {
-                $sender = ($sig->name ? $sig->name . ' ' : '') . '<' . $sig->email . '>';
+                $sender = $sig->name ?: '';
                if ($sig->email) {
                    $sender .= ' <' . $sig->email . '>';
                }
                if ($sig->valid === enigma_error::UNVERIFIED) {
                    $attrib['class'] = 'enigmawarning';
@ -934,8 +937,14 @@ class enigma_ui
                }
                else {
                    $attrib['class'] = 'enigmawarning';
                    if ($sender) {
                        $msg = rcube::Q(str_replace('$sender', $sender, $this->enigma->gettext('siginvalid')));
                    }
                    else {
                        $msg = rcube::Q(str_replace('$keyid', enigma_key::format_id($sig->id),
                            $this->enigma->gettext('signokey')));
                    }
                }
            }
            else if ($sig && $sig->getCode() == enigma_error::KEYNOTFOUND) {
                $attrib['class'] = 'enigmawarning';