Problem when signing messages and when encrypting

b1shop
2013-03-20
2013-03-26
  • b1shop

    b1shop - 2013-03-20

    Hello,
    i've been using enigmail with two different OS (Windows 7, xubuntu 12.04) until now where i tried to use it with fedora 18 x64.
    I get a "key not found or not valid" error when trying to sign messages and a "INV_RECP 0" when trying to encrypt a message. I 've tried both with gpg2 and gpg 1.4, with and without gpg-agent option and i still get the same errors. I've also tried enigmail nightly and the stable version and still get the same errors.
    I tried to use gpg from terminal to encrypt a file and have no errors with the following command:

    /usr/bin/gpg --charset utf-8 --display-charset utf-8 --batch --no-tty --status-fd 2 -a -t --encrypt --always-trust --encrypt-to 0xAC5E92EC -r "<my-e-mail>" -u 0xAC5E92EC < test.txt

    I'm attaching the dbug info from enigmail

     
    Last edit: b1shop 2013-03-20
  • Ludwig Hügelschäfer

    I think this is the problem:

    subprocess.jsm: got error from stdinWorker: expected type int, got (void 0)

    This is a known bug. Patrick will respond, I think.

     
  • Patrick Brunschwig

    No, this is not a bug a such. This is simply a cryptic error message saying "I didn't receive any output on stdout (or stderr). The error "INV_RECP 0" means that gnupg could not find a valid recipient address (and thus there is no output on stdout). You cannot specify -r "". I'd say you didn't specify you own key ID properly in the Identity settings.

     
  • b1shop

    b1shop - 2013-03-25

    I have more info on the matter
    I reinstalled gpg4win, and enigmail on my windows desktop, reinstall gpg and enigmail on my fedora/win laptop and mail signing seems to work ok now. Encryption still has a serious problem though...

    I have 3 mail accounts. 1 does not have keys. 2 and 3 have keys.

    1)When i try to send an encrypted message from 1 to 2 or 3 i get the INV_RECP 0 error. I have tried manual key selection, automatic, with rules and same thing happens. I tried both with and without gpg-agent option. Still the same problem

    2) If i try to send an encrypted message from 2 to 3 or vice versa, everything seems to work fine. Seems though that they dont work fine. When i try to open the encrypted message i get the pinentry window asking for the password of the private key. If i press cancel 3-4 times, it seems like the message gets decrypted. That means that the message is not encrypted in the first place at all! I also tried to send an encrypted message to myself using a public key from a friend. Guess what? I could still read the message and i wasn't even asked for a password!!

    Any ideas, what's going on???

     
  • b1shop

    b1shop - 2013-03-25

    Update: I tried the same thing with claws mail and haven't encountered any problems. So this is probably a configuration issue in the enigmail ??

     
  • Ludwig Hügelschäfer

    To repeat it: Did you specify your own key ID properly? (Account settings -> OpenPGP Security -> Use specific OpenPGP key ID and enter your key ID)

     
    • b1shop

      b1shop - 2013-03-25

      Okay i tried to use specific OpenPGP ID. I have the following. I have 2 mail accounts, bi and ku. The only way i can send a truly encrypted mail (not pseudo encrypted like i mentioned above), is by changing ku's accounts settings and setting as OpenPGP key ID bi's ID. But with that option, i can't really sign my mail as ku because i'm using bi's key.. If i specify as OpenPGP key ID ku's key, i can sign a message but i encrypt it with ku's key, not bi's key. At OpenPGP preferences i've chosen manual selection of keys and i do get a key selection window when i try to send the mail. But it seems that it doesn't really matter which key i'll chose in the key selection window..

      The biggest frustration though is that the message seems like it's encrypted (show the envelope and the padlock) and i get a green OpenPGP decrypted message without entering any password at all..

       
  • Patrick Brunschwig

    If I get it right, then ku's OpenPGP key seems to be in a strange state? You can encrypt messages with it, but you don't need to enter a passphrase to decrypt messages. Correct?

    If yes, then I see two possible reasons for this:

    1. you already entered ku's passphrase (gpg4win will remember the passphrase for a certain amount from time).
    2. you set up ku's key without a password. You could try this: go to OpenPGP > Key Management; select ku's key and then Edit > Change passphrase. Then follow the instructions and enter a new passphrase.
     
    • b1shop

      b1shop - 2013-03-26

      that's not exactly the problem
      The problem is:
      ku sends an email encrypted with the public key of bi (or the opposite). I go to bi's mail, pinentry asks for a passphrase for bi's key and i press ESC for 3-4 times. Then without any passphrase i can see ku's message to bi.
      It doesn't seem to be a key problem, because with clawsmail i can sign and encrypt just fine.
      I'll try reinstalling both thunderbird and enigmail one more time...

       
  • Ludwig Hügelschäfer

    Being able to encrypt and sign with claws mail is not a contradiction. Your issue with enigmail is about DEcryption, which involves other key parts. Signing uses the private primary key. Decryption uses the private subkey. Private primary and private subkey can have different passphrases. It could well be that the private primary has a passphrase (which would require it for signing), but the private subkey has no passphrase and decryption happens successfully after entering escape. Please try decrypting without passphrase, simply pressing the "ok" or "enter" button. Does that work?

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks