search

keybase / keybase-issues

A single repo for managing publicly recognized issues with the keybase client, installer, and website.
902 stars 37 forks source link

Error: Unknown message type: SIGNATURE when verifying message from gmail #621

Open offby1 opened 10 years ago

offby1 commented 10 years ago

This might be related to #134.

I just received a PGP-signed message via gmail, and decided to paste it into keybase to verify it. I expected the verification to fail with a message to the effect of "this signature looks good, but it's from some random stranger that we can't vouch for", because the sender is indeed someone I've never tracked, or anything.

Anyway: here is what I did, and what I saw.

I grabbed the contents of the message from gmail by clicking the little dropdown in the upper-right, and choosing "show original". That took me to this URL (which of course will be a big fat 404 for you, since you're not me, but I'm including it for completeness): https://mail.google.com/mail/u/0/?ui=2&ik=f230ce0fde&view=om&th=14571740989ed74b

The message is your average multi-part MIME message with tons of headers; way down at the bottom there is what looks to me like a perfectly valid PGP signature block:


Delivered-To: eric.hanchrow@gmail.com
Received: by 10.194.143.80 with SMTP id sc16csp353246wjb;
        Thu, 17 Apr 2014 13:50:01 -0700 (PDT)
X-Received: by 10.236.157.167 with SMTP id o27mr6429592yhk.127.1397767800853;
        Thu, 17 Apr 2014 13:50:00 -0700 (PDT)
Return-Path: <users-bounces@racket-lang.org>
Received: from winooski.ccs.neu.edu (winooski.ccs.neu.edu. [129.10.115.117])
        by mx.google.com with ESMTPS id q50si27335258yhj.51.2014.04.17.13.49.59
        for <multiple recipients>
        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 17 Apr 2014 13:50:00 -0700 (PDT)
Received-SPF: neutral (google.com: 129.10.115.117 is neither permitted nor denied by domain of users-bounces@racket-lang.org) client-ip=129.10.115.117;
Authentication-Results: mx.google.com;
       spf=neutral (google.com: 129.10.115.117 is neither permitted nor denied by domain of users-bounces@racket-lang.org) smtp.mail=users-bounces@racket-lang.org
Received: from winooski.ccs.neu.edu (localhost [127.0.0.1])
    by winooski.ccs.neu.edu (8.14.7/8.14.7) with ESMTP id s3HKmaSF012508;
    Thu, 17 Apr 2014 16:48:46 -0400
Received: from mail-wg0-f50.google.com (mail-wg0-f50.google.com [74.125.82.50])
 by winooski.ccs.neu.edu (8.14.7/8.14.7) with ESMTP id s3HKmUAq012469
 for <users@lists.racket-lang.org>; Thu, 17 Apr 2014 16:48:31 -0400
Received: by mail-wg0-f50.google.com with SMTP id x13so906277wgg.21
 for <users@lists.racket-lang.org>; Thu, 17 Apr 2014 13:48:30 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-original-authentication-results:x-gm-message-state:delivered-to
 :to:from:subject:date:lines:message-id:mime-version:content-type
 :user-agent;
 bh=IJXGJbwkgdl3WZjiRL5V+6+BvDGNUi8q5PsAYAiMd3I=;
 b=P4PYKh+0l+o6cRKe15uqU1ysFpDYq+n6K7dzLT7lsspw1M5WO8cPaMAZg7cWDUGq6i
 y1r4Sgu00YP0q9i6KxGNrTosrMM2Ozb9ttb2Vev4MykmFzWbDMjiveuPAVEQKRvhNh0b
 wv/jPGXPZ1RF10QRC5RNdn5Kp4kWrYBBsVSQuuMR64l8ZUcV5UdoqHALRno6V2OpG44T
 gioyAph/QosJXn58fJ/yqSs2GQ02rqqvA3LkiUGrderPLPKS9uhLyQeR4n72yXegPzWH
 zQVEyRYMI9aPfe5V65p8+Il3uCO9+S5nPfLUMu/KKnpzZarq2B1OUMxg/DsyHZ9Zz3nd
 SoGw==
X-Original-Authentication-Results: mx.google.com;
 spf=pass (google.com: domain of
 gclru-users@m.gmane.org designates 80.91.229.3 as permitted sender)
 smtp.mail=gclru-users@m.gmane.org
X-Gm-Message-State: ALoCoQkyfYpMlDd6HArUR36UU5+gbsTafEsGnnm+4yR9P0JWn33AqHKrVpcSPyeN5mVsAfPkKiT6
X-Received: by 10.194.48.80 with SMTP id j16mr13488722wjn.44.1397767710599;
 Thu, 17 Apr 2014 13:48:30 -0700 (PDT)
X-Forwarded-To: users@lists.racket-lang.org
X-Forwarded-For: users@plt-scheme.org users@lists.racket-lang.org
Delivered-To: users@racket-lang.org
Received: by 10.194.54.197 with SMTP id l5csp383567wjp;
 Thu, 17 Apr 2014 13:48:29 -0700 (PDT)
X-Received: by 10.152.43.107 with SMTP id v11mr2599800lal.49.1397767709377;
 Thu, 17 Apr 2014 13:48:29 -0700 (PDT)
Received: from plane.gmane.org (plane.gmane.org. [80.91.229.3])
 by mx.google.com with ESMTPS id sz4si17821164lbb.141.2014.04.17.13.48.28
 for <users@racket-lang.org>
 (version=TLSv1 cipher=RC4-SHA bits=128/128);
 Thu, 17 Apr 2014 13:48:29 -0700 (PDT)
Received-SPF: pass (google.com: domain of gclru-users@m.gmane.org designates
 80.91.229.3 as permitted sender) client-ip=80.91.229.3; 
Received: from list by plane.gmane.org with local (Exim 4.69)
 (envelope-from <gclru-users@m.gmane.org>) id 1WatES-0005gJ-0W
 for users@racket-lang.org; Thu, 17 Apr 2014 22:48:28 +0200
Received: from ip72-220-232-51.sd.sd.cox.net ([72.220.232.51])
 by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
 id 1AlnuQ-0007hv-00
 for <users@racket-lang.org>; Thu, 17 Apr 2014 22:48:28 +0200
Received: from lehi by ip72-220-232-51.sd.sd.cox.net with local (Gmexim 0.1
 (Debian)) id 1AlnuQ-0007hv-00
 for <users@racket-lang.org>; Thu, 17 Apr 2014 22:48:28 +0200
X-Injected-Via-Gmane: http://gmane.org/
To: users@racket-lang.org
From: Lehi Toskin <lehi@tosk.in>
Date: Thu, 17 Apr 2014 20:48:04 +0000 (UTC)
Lines: 39
Message-ID: <lipem4$5cl$1@ger.gmane.org>
Mime-Version: 1.0
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: ip72-220-232-51.sd.sd.cox.net
User-Agent: Pan/0.139 (Sexual Chocolate; GIT bf56508 git://git.gnome.org/pan2)
X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_LOW, SPF_NEUTRAL
 autolearn=ham version=3.3.2
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on winooski.ccs.neu.edu
Subject: [racket] Introducing Blight - A Tox Client in Racket
X-BeenThere: users@racket-lang.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Racket Users <users.racket-lang.org>
List-Unsubscribe: <http://lists.racket-lang.org/users/options>,
 <mailto:users-request@racket-lang.org?subject=unsubscribe>
List-Archive: <http://lists.racket-lang.org/users/archive/>
List-Post: <mailto:users@racket-lang.org>
List-Help: <mailto:users-request@racket-lang.org?subject=help>
List-Subscribe: <http://lists.racket-lang.org/users/listinfo>,
 <mailto:users-request@racket-lang.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============7846274802349329113=="
Errors-To: users-bounces@racket-lang.org
Sender: "users" <users-bounces@racket-lang.org>

--===============7846274802349329113==
Content-Type: multipart/signed; protocol="application/pgp-signature";
    micalg=pgp-sha1; boundary="=-oybjoNWEgsm/Mr2/5Ixh"

--=-oybjoNWEgsm/Mr2/5Ixh
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

I've recently started programming a GUI client for Tox (http://tox.im), a=20
GPLv3+ licensed, totally distributed, P2P secure instant messenger that=20
aims to supplant Skype in all areas: text, voice, and video. Blight is in=20
early development, so it doesn't do too much except display a few GUI=20
frames and bootstrap into the Tox network, but all the same I'd like for=20
anyone interested to take a look and return with some questions,=20
comments, concerns. This is my first "real", non-trivial program and I'm=20
excited to continue its development. The git repositories can be found=20
below:

Client:
https://github.com/lehitoskin/blight

Wrapper for the Tox library:
https://github.com/lehitoskin/libtoxcore-racket

Tox Core library
https://github.com/irungentoo/ProjectTox-Core=

--=-oybjoNWEgsm/Mr2/5Ixh
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc

-----BEGIN PGP SIGNATURE-----

iQEcBAABAgAGBQJTUD4EAAoJEFdIuXZ3LtXUVzoIAI+UNJWm4jYCtAmuibsL5ocg
YcS+VQfG9oMUAyyOpz5oY/NOFidACjGVE/spTT6APa46cU55+FY39H8sKeFb30Tt
i7bZC8D0JXm/BZxOaxOkwKyQNYiENiP6k7vDHR4BsgDJPjY0MpHOHaj3tx1jAJB2
H7L3HhwhEVZs/oO5HJt9jmlDO4TW/GseJld3eIRu1Azj3SFKUXjPSpmkO5mSIsDe
sd417t/3Pu6xkMBqxsc0eteEbc4k6vbBZO3BtOeDmijNS6PEhUD4rED5BRvj5nPX
aRf1SZpUPbiWGFqB6OTxg1GvWZAp0VBGuHBdfrF2MrDXJ2A7hHXAMQGZS/ptiaI=
=kC9z
-----END PGP SIGNATURE-----

--=-oybjoNWEgsm/Mr2/5Ixh--

--===============7846274802349329113==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

____________________
  Racket Users list:
  http://lists.racket-lang.org/users

--===============7846274802349329113==--

Anyway: I pasted the entire message into the big box at https://keybase.io/verify, and clicked the "Verify" button. But instead of seeing the message I expected, I simply saw Error: Unknown message type: SIGNATURE, which makes no sense to me at all.

maxtaco commented 10 years ago

It appears we're not handling detached signatures properly. I'm not entirely sure how it would work U/I-wise, since you've only pasted in half of the needed data. For a detached signature, you also need to paste in the original file that the signature is computer over.

offby1 commented 10 years ago

Sorry, I was afraid that would happen -- I only pasted the signature here in this bug report, but I pasted the entire email into keybase right before I got the unexpected message. I've updated my comment above with the complete message.