inline gpg can be corrupted by non-gpg aware mail clients (e.g. gmail)

I don't really understand what the problem is. Where did the message originate? What did you expect to happen?

I didn't expect launchpad to send me invalid PGP data. Launchpad should check the CRC before sending messages

Okay, my problem was discovering where the message originated; Launchpad is a big code base and, off hand, I didn't know of anywhere that generated encrypted mail. Having an unedited copy of the original message, with headers, might have helped me triage this bug more quickly. (It might still be helpful if you could do that.)

Marking as High, but someone with a lot better understanding of PGP/GPG might want to adjust that.

Note to anyone interested in further progressing this bug: a place to start looking is LoginToken.sendGPGValidationRequest().

Here is the full email:

http://paste.ubuntu.com/748772/

Launchpad sends you a gpg encrypted message when you add a gpg key.

Just to avoid any possibility of corruption while passing it around,
please click 'view original', save that to a file, then attach the
file to this bug.

I think this is a problem with copypaste and mime encoding, similar to
bug 1520. I'm not sure where in the chain the actual problem is.

'=3D' is a quopri escape of a '=' character. If you change it back
to an equals, the mesage can be unpacked correctly.

My guess is that graingert copied this out of the gmail 'view
original' view, which will show the quopri form, which gpg will not
accept. If he/she copies out of the displayed form it should be ok.

If my analysis is correct this is user error but there are a few
things lp could do to avoid the error:

1 - Send the gpg blob as an attachment rather than inline in a text/plain mail.

2 - Not require that people read and respond to an encrypted mail when
they add a gpg key - it's not clear to me that doing so is adding a
great deal of security. I suppose it makes it a bit less likely
someone will blindly confirm addition of a key they don't actually
have, but if an attacker has their web token and if the user confirms
without thinking about it, all is lost anyhow. Instead just send a
plain text mail saying "at $date you added $gpg key foo; if you didn't
do this click here; if you did do this click here to confirm."

ah yes it's a user error then.

I did this because gmail hides sections it considers "already seen" as I had sent and resent PGP requests multiple times it detected parts of the message as repeated earlier in the "thread"

Thus corrupting the pgp message in the main view.

Sending the message as an asc attachment as well would have prevented this.

  affectsmetoo

Me too!

Ended up the same for me as https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733195

-GtFiT6T1yQf799arGhJa8UNHShi3xkC0xPSIM3eyQ9LOlBUgRma87bbRjWmLEg=3D=3D
-=3DFdhF
+GtFiT6T1yQf799arGhJa8UNHShi3xkC0xPSIM3eyQ9LOlBUgRma87bbRjWmLEg==
+=FdhF

So had to replace =3D with =
It did look very odd, as the PGP block was not fully justfied.

It looks like gmail is just very broken... Despite quoted-printable encoding.

Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

I wonder if the original email set that, or if gmail helpfully "improved" the email to be quoted-printable. I think i want to try if format="flowed" would be any better. Or, I have seen gmail perform better with base64 Content-Transfer-Encoding.