search

seancolyer / gmail-crypt

An OpenPGP browser (currently Chrome) extension that integrates tightly with Gmail and does encryption/decryption via Javascript.
Other
219 stars 41 forks source link

Unable to verify signature #29

Closed grk- closed 10 years ago

grk- commented 11 years ago

I tried to verify a mail issued from gmail signed using gmail-crypt, and in both case of encryption or not encryption verification is failing.

When the email is not encrypted, gmail-crypt does not recognize the PGP headers. Clicking on "decrypt" button triggers the error message: "No OpenPGP message was found."

When email is encrypted, clicking on "decrypt" does decrypt the message, however verification seems to fail since error message "Mymail-Crypt For Gmail was unable to verify this message." is displayed.

I'm willing to help debug the issue :)

relaxnow commented 11 years ago

I'm experiencing this as well

miktro commented 10 years ago

I am also having a problem verifying signed messages.

I send myself (at another email address) a plain message and just sign it.

When I receive the message and press 'decrypt' nothing happens. The message stays as recevied:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

Test signature

Mike

This email is personal and confidential. If you are not the intended recipient please immediately delete it and notify the sender by email. The contents should not be copied or disclosed to any other person or used for any purpose without permission from the sender.

-----BEGIN PGP SIGNATURE----- Version: OpenPGP.js v.1.20130420 Comment: http://openpgpjs.org

wsBcBAEBCAAQBQJS87BoCRALpZ3gdP+zzAAAHQcIAJvayMYL7DzXc5Q29CZq hsOspIYKsg9SVzQlIRAYmZzSVU+ccM56qPyaijxRmyLUHJGh3xkU/NG6ynyU 7XWqqdrYrUOudRjEdObXRJJQK4O0O769jNxk6h0jXgLEZFxnbS+xeL846lCR 6Ex/EnlzPbqXEtx2yi1bW1j0/QzTmhUxq8rcQ1J19KL/a4JoaFnbsI2UVBx5 A7r2ZxZ9OrayjfaKTTY/fTo7hpN7emXvss9r3Q4OYYRG/JSb+aIPMTvYLXhQ wdt0t5KQAl/RTIVk4pMFr1ZjmgwqzayvV2HMAlJksfDFOlwyjE2jfmNVDMJz mk7+Y50GGavtRRK2zAiBz7A= =T/dS -----END PGP SIGNATURE-----

seancolyer commented 10 years ago

Signatures are (it turns out) more complicated to get right than it initially appears, so this has languished for awhile (apologies!).

However, I've pushed Version 26 to the Chrome store, and it has added support for verifying signatures. There is now an explicit button for "Verify Signature" that is meant for messages that are signed but not encrypted. "Decrypt" will attempt to both decrypt and verify the signature without the second button needing to be clicked.