# Mail::GnuPG.pm: Encrypting an already signed email

There’s a problem with Mail::GnuPG.pm for which I have filed a bug-request:

https://rt.cpan.org/Public/Bug/Display.html?id=113203

This is the text I have sent to bug-Mail-GnuPG@rt.cpan.org

I use a script (a modified version of “gpgit.pl” from https://gitlab.com/mikecardwell/gpgit), which serves as a Postfix-filter and which automatically gpg-encrypts all outgoing(!) mails for which a public key is known.

The gpgit.pl-script in turn uses Mail::GnuPG by calling mime_encrypt($mime,@recipients). When a mail arrives at the server, _mime_encrypt first separates headers from the body and then calls MIME::Entity->build to assemble the part-headers to add it to the entity (the body) to be encrypted. Everything is working fine beside one minor issue. If a signed email comes in, it contains a header looking like this: Content-Type: multipart/signed; boundary="----------=_1458481552-7056-0"; protocol="application/pgp-signature"; micalg=pgp-sha512  While passing _mime_encrypt, the original header is removed and replaced by Content-Type: multipart/signed; boundary="----------=_5647921540-1266-0";  which is then added to the entity to be encrypted. Unfortunately, Thunderbird / Enigmail insists on the additional entries protocol="application/pgp-signature"; micalg=pgp-sha512  Without them, it refuses to check the signature. May I therefore suggest, please, that, beginning with line 859 (my version of Mail::GnuPG is 0.21), the code should be altered from my$workingentity = $entity;$entity->make_multipart;
if ($entity->parts > 1) {$workingentity = MIME::Entity->build(Type => $entity->head->mime_attr("Content-Type"));$workingentity->add_part($_) for ($entity->parts);
$entity->parts([]);$entity->add_part($workingentity); }  to my$workingentity = $entity;$entity->make_multipart;
if ($entity->parts > 1) {$workingentity = MIME::Entity->build(Type => $entity->head->mime_attr("Content-Type")); + if ($entity->head->mime_attr("Content-Type") eq "multipart/signed"){
+     $workingentity->head->mime_attr("Content-Type.micalg",$entity->head->mime_attr("Content-Type.micalg"));
+     $workingentity->head->mime_attr("Content-Type.protocol",$entity->head->mime_attr("Content-Type.protocol"));
+     }
$workingentity->add_part($_) for ($entity->parts);$entity->parts([]);
$entity->add_part($workingentity);
}


Does this make sense? Or do I oversee something that could get broken by this change?

For me, the modified code works and performs as expected in the sense that the later decrypted mail contains a signature that can be checked with Enigmail.