From pitrasw at wp.pl Sat Jan 6 14:06:57 2007 From: pitrasw at wp.pl (Piotrek) Date: Sat, 6 Jan 2007 14:06:57 +0100 Subject: KMail can't verify smime signed e-mails Message-ID: <200701061406.59863.pitrasw@wp.pl> Hello, KMail + S/MIME. The problem is it manages to encrypt/decrypt messages with smime, but it can't verify if the sign is correct. In gnupg log I've found these lines, which were generated while KMail was opening smime signed message: 8 - 2007-01-06 13:30:57 gpgsm[8441.0x80820f8] DBG: -> OK 8 - 2007-01-06 13:30:57 gpgsm[8441.0x80820f8] DBG: <- VERIFY 8 - 2007-01-06 13:30:57 gpgsm[8441]: detached signature 8 - 2007-01-06 13:30:57 gpgsm[8441.0x80820f8] DBG: -> S NEWSIG 8 - 2007-01-06 13:30:58 gpgsm[8441]: no signature value available 8 - 2007-01-06 13:30:58 gpgsm[8441.0x80820f8] DBG: -> OK 8 - 2007-01-06 13:30:58 gpgsm[8441.0x80820f8] DBG: <- BYE I've got Kmail-3.5.5 gpgme-1.1.2-r1 gnupg-1.9.20-r3 cryptplug-0.3.16-r1 dirmngr-0.9.3 and some others like pinentry and so but these have little to do with above error I think. All runs on Gentoo with 2.6.18 kernel. All stuff was compiled with smime support. Checking certs in Kleopatra works fine and everything seems to be correct. Kmail shows kind of 'details' link within smime signed message, but nothing happens when I click on it. Any ideas... aaahhh... SMIME in Thunderbird works just out of the box... Thx, Petri From kloecker at kde.org Sat Jan 6 22:32:12 2007 From: kloecker at kde.org (Ingo =?iso-8859-1?q?Kl=F6cker?=) Date: Sat, 06 Jan 2007 22:32:12 +0100 Subject: KMail can't verify smime signed e-mails In-Reply-To: <200701061406.59863.pitrasw@wp.pl> References: <200701061406.59863.pitrasw@wp.pl> Message-ID: <200701062232.14431@erwin.ingo-kloecker.de> On Saturday 06 January 2007 14:06, Piotrek wrote: > Hello, > KMail + S/MIME. The problem is it manages to encrypt/decrypt messages > with smime, but it can't verify if the sign is correct. In gnupg log > I've found these lines, which were generated while KMail was opening > smime signed message: > > 8 - 2007-01-06 13:30:57 gpgsm[8441.0x80820f8] DBG: -> OK > 8 - 2007-01-06 13:30:57 gpgsm[8441.0x80820f8] DBG: <- VERIFY > 8 - 2007-01-06 13:30:57 gpgsm[8441]: detached signature > 8 - 2007-01-06 13:30:57 gpgsm[8441.0x80820f8] DBG: -> S NEWSIG > 8 - 2007-01-06 13:30:58 gpgsm[8441]: no signature value available > 8 - 2007-01-06 13:30:58 gpgsm[8441.0x80820f8] DBG: -> OK > 8 - 2007-01-06 13:30:58 gpgsm[8441.0x80820f8] DBG: <- BYE > > I've got > Kmail-3.5.5 > gpgme-1.1.2-r1 > gnupg-1.9.20-r3 > cryptplug-0.3.16-r1 > dirmngr-0.9.3 > and some others like pinentry and so but these have little to do with > above error I think. > All runs on Gentoo with 2.6.18 kernel. All stuff was compiled with > smime support. Checking certs in Kleopatra works fine and everything > seems to be correct. > > Kmail shows kind of 'details' link within smime signed message, but > nothing happens when I click on it. I'm sorry, but I don't see an obvious solution for your problem. Please search the archive of the kdepim-users at kde.org mailing list. There are at least two longer threads dealing with this. Regards, Ingo -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20070106/8f296737/attachment.pgp From pitrasw at wp.pl Sat Jan 13 16:27:30 2007 From: pitrasw at wp.pl (Piotrek) Date: Sat, 13 Jan 2007 16:27:30 +0100 Subject: KMail can't verify smime signed e-mails In-Reply-To: <200701062232.14431@erwin.ingo-kloecker.de> References: <200701061406.59863.pitrasw@wp.pl> <200701062232.14431@erwin.ingo-kloecker.de> Message-ID: <200701131627.34249.pitrasw@wp.pl> Hello... I still can't verify smime signed things. My friend Google can't help me. I can crypt/decrypt but can't verify. I still got this: gpgsm: no signature value available I've made some basic tests... not related with KMail... maybe someone will read this again and will help me. I just try few various versions up to 1.9.20 but without a luck with any of them. Creating a signature: $ gpgsm --detach-sign test.ps > sig gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! gpgsm: DBG: connection to agent established gpgsm: no key usage specified - assuming all usages gpgsm: certificate is good gpgsm: policies not checked due to --disable-policy-checks option gpgsm: CRLs not checked due to --disable-crl-checks option gpgsm: no key usage specified - assuming all usages gpgsm: DBG: adding certificates at level 1 gpgsm: signature created secmem usage: 0/16384 bytes in 0 blocks Now verify task: $ gpgsm --verify sig test.ps gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! gpgsm: detached signature gpgsm: no signature value available secmem usage: 0/16384 bytes in 0 blocks $ echo $? 2 Thx, Petri. From bernhard at intevation.de Sun Jan 14 16:25:46 2007 From: bernhard at intevation.de (Bernhard Reiter) Date: Sun, 14 Jan 2007 16:25:46 +0100 Subject: KMail can't verify smime signed e-mails In-Reply-To: <200701131627.34249.pitrasw@wp.pl> References: <200701061406.59863.pitrasw@wp.pl> <200701062232.14431@erwin.ingo-kloecker.de> <200701131627.34249.pitrasw@wp.pl> Message-ID: <200701141625.47914.bernhard@intevation.de> On Saturday 13 January 2007 16:27, Piotrek wrote: > Hello... I still can't verify smime signed things. My friend Google can't > help me. I can crypt/decrypt but can't verify. I still got this: > gpgsm: no signature value available > > I've made some basic tests... not related with KMail... This is the right approach, now you know that KMail is not causing your crypto problems. > maybe someone will > read this again and will help me. I just try few various versions up to > 1.9.20 but without a luck with any of them. Note that 1.9.23 was the last of the 1.9.x series, but 2.0.1 is current. > Creating a signature: > $ gpgsm --detach-sign test.ps > sig > gpgsm: signature created > Now verify task: > $ gpgsm --verify sig test.ps > gpgsm: no signature value available This both works for me with gpgsm 1.9.22. Please try with debugging output: gpgsm --detach-sign --armor --debug-all --disable-crl-checks --disable-policy-checks test.ps > sig cat sig gpgsm --verify --debug-all --disable-crl-checks --disable-policy-checks sig test.ps Also try gpgsm --list-secret-keys Send email with this data to gnupg-users @gnupg.org Also give the version numbers of gnupg, dirmngr and gpg-agent. I suggest trying the latest version if you can. Bernhard -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 1310 bytes Desc: not available Url : /pipermail/attachments/20070114/86229a63/attachment.bin From pitrasw at wp.pl Mon Jan 15 15:43:44 2007 From: pitrasw at wp.pl (Piotrek) Date: Mon, 15 Jan 2007 15:43:44 +0100 Subject: KMail can't verify smime signed e-mails In-Reply-To: <200701141625.47914.bernhard@intevation.de> References: <200701061406.59863.pitrasw@wp.pl> <200701131627.34249.pitrasw@wp.pl> <200701141625.47914.bernhard@intevation.de> Message-ID: <200701151543.46823.pitrasw@wp.pl> > > help me. I can crypt/decrypt but can't verify. I still got this: > > gpgsm: no signature value available That's solved already. Everything works now but with new versions of these: libksba-0.9.15 (prev. 0.9.14) gnupg-1.9.21 (prev. 1.9.20) Petri