verify message as long as any of the contact public keys match + autofetch

[tomholub]

There was earlier a related issue for encryption: #3769

I would like to ensure something similar, but for verifying signatures.

If I have 2 public keys imported for user@example.com, can we ensure that messages signed with either of the two equivalent private keys will be showing as valid?

There's also a related issue:

Since we have more than one public key per recipient, I figure the above situation should no longer happen?

[tomholub]

The new logic should be as follows:

1. user opens a message
2. [unchanged] message gets downloaded from Gmail API
3. • [new] we load keys from local storage using get recipient with sorted public keys based on sender email address (whichever email address is in from: header)
4. • [new] receipientWithSortedPublicKeys gets passed into the decrypt method (encrypted message), or the verify/verify detached method (signed message)
5. • [new] result gets rendered including signature verification. If we are not missing any public keys for verification, then this is the last step. (by this time the message text is already rendered in either case)
6. • [new] if we are missing a public key to verify that message, the verification part of the message will be rendered gray with text verifying signature..
7. • [new] at this point we fetch remote public keys by sender email (not by fingerprint) using PubLookup and update local storage. You'll need to take a method from compose window and put it somewhere more general (it's comparing received pubkeys by fingerprint to the ones saved for that recipient, and only saving the newer versions / new keys, then saving to storage). If the fetch fails, we render "error when fetching public keys to verify this message: $error" in the signature result.
8. • [new] after remote public keys are fetched and local storage is updated, we check if any of the keys from local storage now contain the longid that signed the message. If they don't, now we render the "missing pub key" signature result
9. • [new] if one of the keys now contain the longid of the key that signed the message, we re-process the whole message with that public key - in background. The badge still says verifying signature... Once we've done re-processing the message, we only look at the result of signature verification and re-render the signature result with the final verification result (valid / bad / error), without re-rendering the rest of the message.

That will make signature verification both safer (we are fetching keys relevant to the sender of the message) and more user friendly (don't need to reload message to render the message).

Also new in this issue:

• every status that is not "valid sig" status is rendered in red color, except "verifying signature.." which is gray. Also "missing keys to verify this message" status should be red color.

[tomholub]

@rrrooommmaaa after any issues that you have already started, this is the highest priority now. Thanks!

[tomholub]

• "missing keys to verify this message" status should be red color.

This needs to be filed separately as currently I think it's gray.