checking signature of pgp mime

Doug Barton dougb at
Fri Apr 4 04:54:05 CEST 2014

On 04/03/2014 12:06 PM, Tim Prepscius wrote:
> Greetings,
> So as I said before, I'm working on a pgp base web mail app:
> I am having problems validating the signature of a small percentage of
> test cases.  However GPG with apple-mail says the signatures checkout,
> soo... I'm obviously doing something incorrectly.
> Is there developer of gpg-apple-mail who could let me know, given a
> specific example, what the actual block is which has been signed
> (including whitespace/line endings/etc).  (I think if I could solve
> one problematic example, it would enable me to solve the others.)
> An example problematic email is this:
> This is the derived block: (I send this into openpgpjs)

When dealing with Apple it's not you who is doing things incorrectly 
with PGP-MIME messages, it's them. And to make it more exciting, they do 
it wrong several different ways. :)

Take a look at, particularly 
the ppf_verify script. It has a bunch of exceptional cases on how to 
mangle (or un-mangle if you prefer) various formats of PGP-MIME in order 
for the signatures to verify.

hope this helps,


More information about the Gnupg-users mailing list