From ap396088 at rcs.urz.tu-dresden.de Sat Jun 24 00:33:27 2006 From: ap396088 at rcs.urz.tu-dresden.de (Andreas Petzold) Date: Sat Jun 24 01:55:50 2006 Subject: Problem with validating s/mime signature from kmail Message-ID: <1151102007.449c6c37a74a1@rmc60-231.urz.tu-dresden.de> Hi, I have a strange problem with signing emails with my s/mime cert. Encrypting and decrypting emails works fine though. When I sign a message in kmail, a signature is created. At least that is what the logs claim: ...... 6 - 2006-06-22 03:20:59 gpg-agent[2718.0x85c99f8] DBG: <- PKSIGN 6 - 2006-06-22 03:20:59 gpg-agent[2718]: starting a new PIN Entry 6 - 2006-06-22 03:20:59 gpg-agent[2718]: DBG: connection to PIN entry established 6 - 2006-06-22 03:21:28 gpg-agent[2718.0x85c99f8] DBG: -> [ 44 20 28 37 3a 73 69 67 2d 76 61 6c 28 33 3a 72 73 61 28 31 3a 73 31 32 38 3a 7a f9 ab d7 b6 c9 c5 56 38 ed fd 3b fd 59 04 0b 2f 85 3d b0 58 6b d8 79 03 2d 04 bb 40 18 e5 f9 db ed 92 fb 1f b1 d6 d8 d6 a0 e1 f3 72 be a8 e4 d2 a7 e6 f0 5d af 70 3c 5d 2c 14 01 e0 37 b8 6d 46 47 3c 67 f8 ed d9 b0 7c a9 94 54 07 03 2b 8b 5b 13 a4 4c 8a 8c 21 b8 06 7e 74 d5 44 1f 96 ff e5 21 33 7d 98 ed 94 14 73 ec 21 99 32 38 70 cc 79 25 32 35 13 43 71 a9 12 fe 8a d5 34 d2 50 8b bc ac 29 29 29 ] 6 - 2006-06-22 03:21:28 gpg-agent[2718.0x85c99f8] DBG: -> OK 4 - 2006-06-22 03:21:28 gpgsm[3477.0x8baffb8] DBG: -> S SIG_CREATED D 1 2 00 20060622T012059 {FINGERPRINT DELETED} 4 - 2006-06-22 03:21:28 gpgsm[3477]: signature created 4 - 2006-06-22 03:21:28 gpgsm[3477.0x8baffb8] DBG: -> OK 4 - 2006-06-22 03:21:28 gpgsm[3477.0x8baffb8] DBG: <- BYE 6 - 2006-06-22 03:21:28 gpg-agent[2718.0x85c99f8] DBG: <- [EOF] 6 - 2006-06-22 03:21:28 gpg-agent[2718]: handler 0x85cabf0 for fd 0 terminated 4 - 2006-06-22 03:21:28 gpgsm[3477.0x8baffb8] DBG: -> OK closing connection [client at fd 4 disconnected] So far so good. Something is appended to the email that is sent and it looks very much like an s/mime signature, but alas when I read the email, the signature can't be verified: [client at fd 4 connected] 4 - 2006-06-22 03:22:00 gpgsm[3488.0x9f17fb8] DBG: -> Home: ~/.gnupg 4 - 2006-06-22 03:22:00 gpgsm[3488.0x9f17fb8] DBG: -> Config: /home/petzold/.gnupg/gpgsm.conf 4 - 2006-06-22 03:22:00 gpgsm[3488.0x9f17fb8] DBG: -> AgentInfo: /tmp/gpg-rA6gYA/S.gpg-agent:2718:1 4 - 2006-06-22 03:22:00 gpgsm[3488.0x9f17fb8] DBG: -> DirmngrInfo: [not set] 4 - 2006-06-22 03:22:00 gpgsm[3488.0x9f17fb8] DBG: -> GNU Privacy Guard's S/M server 1.9.20 ready 4 - 2006-06-22 03:22:00 gpgsm[3488.0x9f17fb8] DBG: <- OPTION display=:0 4 - 2006-06-22 03:22:00 gpgsm[3488.0x9f17fb8] DBG: -> OK 4 - 2006-06-22 03:22:00 gpgsm[3488.0x9f17fb8] DBG: <- OPTION lc-ctype=en_US.UTF-8 4 - 2006-06-22 03:22:00 gpgsm[3488.0x9f17fb8] DBG: -> OK 4 - 2006-06-22 03:22:00 gpgsm[3488.0x9f17fb8] DBG: <- OPTION lc-messages=en_US.UTF-8 4 - 2006-06-22 03:22:00 gpgsm[3488.0x9f17fb8] DBG: -> OK 4 - 2006-06-22 03:22:00 gpgsm[3488.0x9f17fb8] DBG: <- INPUT FD=39 4 - 2006-06-22 03:22:00 gpgsm[3488.0x9f17fb8] DBG: -> OK 4 - 2006-06-22 03:22:01 gpgsm[3488.0x9f17fb8] DBG: <- MESSAGE FD=45 4 - 2006-06-22 03:22:01 gpgsm[3488.0x9f17fb8] DBG: -> OK 4 - 2006-06-22 03:22:01 gpgsm[3488.0x9f17fb8] DBG: <- VERIFY 4 - 2006-06-22 03:22:01 gpgsm[3488]: detached signature 4 - 2006-06-22 03:22:01 gpgsm[3488.0x9f17fb8] DBG: -> S NEWSIG 4 - 2006-06-22 03:22:01 gpgsm[3488]: no signature value available 4 - 2006-06-22 03:22:01 gpgsm[3488.0x9f17fb8] DBG: -> OK 4 - 2006-06-22 03:22:01 gpgsm[3488.0x9f17fb8] DBG: <- BYE 4 - 2006-06-22 03:22:02 gpgsm[3488.0x9f17fb8] DBG: -> OK closing connection [client at fd 4 disconnected] "no signature value available" doesn't sound OK to me :-). I have checked that I can actually vvalidate my cert, so I guess I did install my certs correctly in kleopatra. If I send the email from Thunderbird, kmail has no trouble verifying the signature :-(. When I compared the message sent by kmail to the one sent by Thunderbird, I noticed that the signature in the Thunderbird message is about twice as big as the signature in the kmail message. To make matters even more interesting other people have reported that they can successfully verify the signature with kmail that my kmail can't verify. Also Thunderbird can verify the signature. I'm really out of ideas as to where to look for the cause of the problem. The gpgsm logs are completely error free (at least to me). Anyone out there with a similar problem and a solution or anyone able to sign mails successfully with s/mime certs? Let me know if more information is needed to track down the problem. Cheers, Andreas p.s. I'm using kde 3.5.3, kmail 1.9.3, kleopatra 0.4.0 and all the latest gnupg* packages on fc5 From bernhard at intevation.de Fri Jun 30 10:40:56 2006 From: bernhard at intevation.de (Bernhard Reiter) Date: Fri Jun 30 11:55:42 2006 Subject: ports/99466: GPA fails to sign newly imported GPG key ("GPGME library returned an unexpected error") Message-ID: <200606301041.00052.bernhard@intevation.de> Regarding: http://www.freebsd.org/cgi/query-pr.cgi?pr=99466 The latest stable version of gpa is 0.7.3 can you test if the failure can still be observed? Best, Bernhard ps.: The best place to report GPA bugs is currently the gpa-dev@gnupg.org list. -- www.kolab-konsortium.com Professional Maintenance, Consultancy and Support. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 1308 bytes Desc: not available Url : /pipermail/attachments/20060630/ec82be9c/smime.bin