From 698c0957d7f7ad6a4461120853102b38a76d0780 Mon Sep 17 00:00:00 2001
From: Koni Marti <koni.marti@gmail.com>
Date: Fri, 22 Apr 2022 13:38:41 +0200
Subject: pgp: ensure CRLF line endings in pgpmail reader

Ensure CRLF line endings in the pgpmail reader. Fix the pgp signature
verification for maildir and notmuch.

These backends do not return the full message body with CRLF
line endings. But the accepted OpenPGP convention is for signed data to
end with a <CR><LF> sequence (see RFC3156).

If this is not the case the signed and transmitted data are considered
not the same and thus signature verification fails.

Link: https://datatracker.ietf.org/doc/html/rfc3156

Reported-by: Tim Culverhouse <tim@timculverhouse.com>
Signed-off-by: Koni Marti <koni.marti@gmail.com>
Tested-by: Tim Culverhouse <tim@timculverhouse.com>
---
 lib/messageview.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/messageview.go')

diff --git a/lib/messageview.go b/lib/messageview.go
index 8db7994a..f221fb2c 100644
--- a/lib/messageview.go
+++ b/lib/messageview.go
@@ -69,7 +69,7 @@ func NewMessageStoreView(messageInfo *models.MessageInfo,
 
 	if usePGP(messageInfo.BodyStructure) {
 		store.FetchFull([]uint32{messageInfo.Uid}, func(fm *types.FullMessage) {
-			reader := fm.Content.Reader
+			reader := lib.NewCRLFReader(fm.Content.Reader)
 			pgpReader, err := pgpmail.Read(reader, Keyring, decryptKeys, nil)
 			if err != nil {
 				cb(nil, err)
-- 
cgit