I received encrypted email, was asked for the passphrase for my key, the
message successfully decrypted ... but the message pane in Thunderbird is
still empty. Enigmail says "Decrypted message; UNTRUSTED Good signature
from Facebook, Inc.".
I used a different mail client to save the message to a file and decrypted
it with gpg2. It looks fine to me.
If it matters:
The decrypted message is Content-Type: multipart/alternative;
It is HTML.
Issue with Thunderbird? Or with Enigmail not getting the decrypted message
to Thunderbird?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Oh, View / Message Source shows me the encrypted message, AND the decrypted message, AND all following messages in my mailbox.
(headers)
This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)
--b1_dff0a0657963f0d80761070097adf319
Content-Type: application/pgp-encrypted; charset="UTF-8"
Content-Transfer-Encoding: 7bit
This is a multi-part message in MIME format.
--b1_dff0a0657963f0d80761070097adf319
Content-Type: multipart/alternative; boundary="b1_dff0a0657963f0d80761070097adf319"
(blah)
--b1_dff0a0657963f0d80761070097adf319--
(headers of next message)
(etc)
Whereas when I View / Message Source on another encrypted message, which is decrypted and shown in the window by Thunderbird normally, I see
(headers)
This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)
--b1_25e3a83ce5e338545e789330e04ff5f5
Content-Type: application/pgp-encrypted; charset="UTF-8"
Content-Transfer-Encoding: 7bit
As far as I can tell, there are two possible reasons for this:
1. The message is broken.
2. The Thunderbird index file for the folder is corrupt.
(1) cannot be fixed on the receiver's side, but (2) is easy to fix, so let's try it: right-click on the folder containing the message, click on Properties, and then click on the button "Repair Folder".
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Repaired. Message still doesn't display. View / Message Source now only shows the PGP encrypted message.
Don't know whether it's relevant, but when I click on the message it takes about 15 seconds before I'm prompted to enter my passphrase. The message is very small, it can't be taking that long to download it (and actually it should already have it).
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Could it be that gpg-agent crashes (and restarting takes quite a while with gpg 2.1.x prior to 2.1.18)? There is at least one known situation which can possibly occur with HTML mails and the way Thunderbird calls Enigmail. Can you check if the gpg-agent PID is the same before and after attmpting to decrypt the message?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
gpg-agent PID remains the same. TB spawns a new gpg2 process with the --use-agent argument.
auth.log has this:
Mar 4 07:59:09 arctic gcr-prompter[24547]: bus acquired: org.gnome.keyring.SystemPrompter
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: registering prompter
Mar 4 07:59:09 arctic gcr-prompter[24547]: bus acquired: org.gnome.keyring.PrivatePrompter
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: received BeginPrompting call from callback /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: preparing a prompt for callback /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: creating new GcrPromptDialog prompt
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: automatically selecting secret exchange protocol
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: generating public key
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: beginning the secret exchange: [sx-aes-1]\npublic=(omitted)
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: calling the PromptReady method on /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:09 arctic gcr-prompter[24547]: acquired name: org.gnome.keyring.SystemPrompter
Mar 4 07:59:09 arctic gcr-prompter[24547]: acquired name: org.gnome.keyring.PrivatePrompter
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: returned from the PromptReady method on /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: received PerformPrompt call from callback /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: receiving secret exchange: [sx-aes-1]\npublic=(omitted)
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: deriving shared transport key
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: deriving transport key
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: starting password prompt for callback /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gtk: GtkDialog mapped without a transient parent. This is discouraged.
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: completed password prompt for callback :1.470@/org/gnome/keyring/Prompt/p0
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: encrypting data
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: sending the secret exchange: [sx-aes-1]\npublic=(omitted)
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: calling the PromptReady method on /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: returned from the PromptReady method on /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: received PerformPrompt call from callback /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: closing the prompt
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: couldn't find the callback for prompting operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: couldn't find the callback for prompting operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: couldn't find the callback for prompting operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: calling the PromptDone method on /org/gnome/keyring/Prompt/p0@:1.470, and ignoring reply
Mar 4 07:59:47 arctic gcr-prompter[24547]: 10 second inactivity timeout, quitting
Mar 4 07:59:47 arctic gcr-prompter[24547]: Gcr: unregistering prompter
Mar 4 07:59:47 arctic gcr-prompter[24547]: Gcr: disposing prompter
Mar 4 07:59:47 arctic gcr-prompter[24547]: Gcr: finalizing prompter
I don't know what this inactivity timeout at the end is. After a while the prompt appeared, I spent some seconds in another window running ps and moving the dialog window (this is probably the break between :09 and :36), then I entered the passphrase, it went off and decrypted the message.
I see no hint at why there was a delay before the dialog was created.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm not sure whether or not I'm using GnomeKeyring. If it's the default for Ubuntu then I probably am. GPG_AGENT_INFO points to ~/.gnupg/S.gpg-agent:0:1. There is a file named S.gpg-agent which is a socket.
If I run the command "echo | gpg2 --sign" mentioned in https://wiki.gnupg.org/GnomeKeyring it does nothing for 20 seconds then presents a dialog to enter a passphrase. But I do not get the "hijacked" text they talk about.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I received encrypted email, was asked for the passphrase for my key, the
message successfully decrypted ... but the message pane in Thunderbird is
still empty. Enigmail says "Decrypted message; UNTRUSTED Good signature
from Facebook, Inc.".
Enigmail 1.9.6.1 (20161116-1713)
Thunderbird 45.7.0
Ubuntu 16.04.2
gpg2 2.1.11
I used a different mail client to save the message to a file and decrypted
it with gpg2. It looks fine to me.
If it matters:
The decrypted message is Content-Type: multipart/alternative;
It is HTML.
Issue with Thunderbird? Or with Enigmail not getting the decrypted message
to Thunderbird?
Hard to tell what the problem is. Do you see any exception in the error console (menu Tools > Error Console)?
Nothing that looks relevant to me. (WTH? I can't select all and copy from that window?)
Timestamp: 03/02/2017 06:00:03 PM
Warning: Unknown property 'grid-auto-columns'. Declaration dropped.
Source File: resource://gre-resources/ua.css
Line: 175, Column: 19
Source Code:
grid-auto-columns: inherit;
Timestamp: 03/02/2017 06:00:03 PM
Warning: Unknown property 'grid-auto-rows'. Declaration dropped.
Source File: resource://gre-resources/ua.css
Line: 176, Column: 16
Source Code:
grid-auto-rows: inherit;
Timestamp: 03/02/2017 06:00:03 PM
Warning: Unknown property 'grid-auto-flow'. Declaration dropped.
Source File: resource://gre-resources/ua.css
Line: 177, Column: 16
Source Code:
grid-auto-flow: inherit;
... and more of the like.
Oh, View / Message Source shows me the encrypted message, AND the decrypted message, AND all following messages in my mailbox.
(headers)
This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)
--b1_dff0a0657963f0d80761070097adf319
Content-Type: application/pgp-encrypted; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Content-Description: PGP/MIME Versions Identification
Version: 1
--b1_dff0a0657963f0d80761070097adf319
Content-Type: application/octet-stream; name="encrypted.asc"
Content-Transfer-Encoding: 7bit
Content-ID: <0>
Content-Disposition: inline; filename="encrypted.asc"
-----BEGIN PGP MESSAGE-----
(blah)
-----END PGP MESSAGE-----
--b1_dff0a0657963f0d80761070097adf319--
(same headers as earlier repeated here!)
This is a multi-part message in MIME format.
--b1_dff0a0657963f0d80761070097adf319
Content-Type: multipart/alternative; boundary="b1_dff0a0657963f0d80761070097adf319"
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><meta name="viewport" content="width=device-width, initial-scale=1.0"/>
(blah)
--b1_dff0a0657963f0d80761070097adf319--
(headers of next message)
(etc)
Whereas when I View / Message Source on another encrypted message, which is decrypted and shown in the window by Thunderbird normally, I see
(headers)
This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)
--b1_25e3a83ce5e338545e789330e04ff5f5
Content-Type: application/pgp-encrypted; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Content-Description: PGP/MIME Versions Identification
Version: 1
--b1_25e3a83ce5e338545e789330e04ff5f5
Content-Type: application/octet-stream; name="encrypted.asc"
Content-Transfer-Encoding: 7bit
Content-ID: <0>
Content-Disposition: inline; filename="encrypted.asc"
-----BEGIN PGP MESSAGE-----
(blah)
-----END PGP MESSAGE-----
--b1_25e3a83ce5e338545e789330e04ff5f5--
View / Message Source in this case does NOT show the decrypted message, nor the rest of the mailbox.
As far as I can tell, there are two possible reasons for this:
1. The message is broken.
2. The Thunderbird index file for the folder is corrupt.
(1) cannot be fixed on the receiver's side, but (2) is easy to fix, so let's try it: right-click on the folder containing the message, click on Properties, and then click on the button "Repair Folder".
Repaired. Message still doesn't display. View / Message Source now only shows the PGP encrypted message.
Don't know whether it's relevant, but when I click on the message it takes about 15 seconds before I'm prompted to enter my passphrase. The message is very small, it can't be taking that long to download it (and actually it should already have it).
Could it be that gpg-agent crashes (and restarting takes quite a while with gpg 2.1.x prior to 2.1.18)? There is at least one known situation which can possibly occur with HTML mails and the way Thunderbird calls Enigmail. Can you check if the gpg-agent PID is the same before and after attmpting to decrypt the message?
gpg-agent PID remains the same. TB spawns a new gpg2 process with the --use-agent argument.
auth.log has this:
Mar 4 07:59:09 arctic gcr-prompter[24547]: bus acquired: org.gnome.keyring.SystemPrompter
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: registering prompter
Mar 4 07:59:09 arctic gcr-prompter[24547]: bus acquired: org.gnome.keyring.PrivatePrompter
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: received BeginPrompting call from callback /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: preparing a prompt for callback /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: creating new GcrPromptDialog prompt
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: automatically selecting secret exchange protocol
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: generating public key
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: beginning the secret exchange: [sx-aes-1]\npublic=(omitted)
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: calling the PromptReady method on /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:09 arctic gcr-prompter[24547]: acquired name: org.gnome.keyring.SystemPrompter
Mar 4 07:59:09 arctic gcr-prompter[24547]: acquired name: org.gnome.keyring.PrivatePrompter
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: returned from the PromptReady method on /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: received PerformPrompt call from callback /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: receiving secret exchange: [sx-aes-1]\npublic=(omitted)
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: deriving shared transport key
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: deriving transport key
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gcr: starting password prompt for callback /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:09 arctic gcr-prompter[24547]: Gtk: GtkDialog mapped without a transient parent. This is discouraged.
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: completed password prompt for callback :1.470@/org/gnome/keyring/Prompt/p0
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: encrypting data
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: sending the secret exchange: [sx-aes-1]\npublic=(omitted)
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: calling the PromptReady method on /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: returned from the PromptReady method on /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: received PerformPrompt call from callback /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: closing the prompt
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: couldn't find the callback for prompting operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: couldn't find the callback for prompting operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: couldn't find the callback for prompting operation /org/gnome/keyring/Prompt/p0@:1.470
Mar 4 07:59:36 arctic gcr-prompter[24547]: Gcr: calling the PromptDone method on /org/gnome/keyring/Prompt/p0@:1.470, and ignoring reply
Mar 4 07:59:47 arctic gcr-prompter[24547]: 10 second inactivity timeout, quitting
Mar 4 07:59:47 arctic gcr-prompter[24547]: Gcr: unregistering prompter
Mar 4 07:59:47 arctic gcr-prompter[24547]: Gcr: disposing prompter
Mar 4 07:59:47 arctic gcr-prompter[24547]: Gcr: finalizing prompter
I don't know what this inactivity timeout at the end is. After a while the prompt appeared, I spent some seconds in another window running ps and moving the dialog window (this is probably the break between :09 and :36), then I entered the passphrase, it went off and decrypted the message.
I see no hint at why there was a delay before the dialog was created.
Are you using Gnome keyring to provide the passphrase? This is very likely to cause problems: See https://wiki.gnupg.org/GnomeKeyring.
This should be fixed in GnuPG 2.1. Gnome Keyring only does the querying of the passphrase for GnuPG 2.1.x (if Gnome Keyring is recent enough).
Oh, glad to hear! Thanks for the correction.
I'm not sure whether or not I'm using GnomeKeyring. If it's the default for Ubuntu then I probably am. GPG_AGENT_INFO points to ~/.gnupg/S.gpg-agent:0:1. There is a file named S.gpg-agent which is a socket.
If I run the command "echo | gpg2 --sign" mentioned in https://wiki.gnupg.org/GnomeKeyring it does nothing for 20 seconds then presents a dialog to enter a passphrase. But I do not get the "hijacked" text they talk about.
Can you please retry the decryption of the message and then attach a debug log file?
See http://enigmail.net/index.php/en/faq-en?view=topic&id=15 section "How can I create a debugging log file".
Log attached.