Hello all,
I'm trying to set up GPG in Horde 5.0.4 / IMP 6.0.4 (groupware webmail
edition).
I'm hitting several issues, which surprises me. as some of them are
quite noticeable, but I don't see what I could be doing wrong.
First, system summary: it's running on Solaris 10 / Apache 2.2.22 / PHP
5.3.22. I've built Apache and PHP myself.
The Horde/Webmail suite was installed using PEAR, in its own directory.
IT was reinstalled from scratch and configuration from an older install
copied over and updated from the interface.
The GPG binary comes from OpenCSW, I tried their 1.4.12 and 2.0.18
versions, same problems.
Unless specified otherwise, I've been using the en_US locale to test.
Here goes.
- Sending an encrypted/signed email to myself, the signature is always
bad: it does decrypt it, it does list show the correct RSA ID, but it
always say the signature is bad.
I've tried recreating a key from scratch inside IMP to make sure there
was no interference from an older one, but the issue stays.
- creating a new key ignores the parameters: I tried to create a key
2048 bits long, and with a one year expiration. So I set the keylength,
unchecked "Expiration", made sure the date was right, clicked on "Create
Keys". But the resulting key is 1024 bits long, and has no expiration date.
- icons don't match the message.
This looks like http://bugs.horde.org/ticket/10273 but is actually more,
ie, it happens also using the en_US locale.
Eg, from the above issue, my own signature is always said to be bad.
In en_US, the icon is the right one, error icon:
Error
gpg: Signature made Sat Feb 23 19:29:14 2013 CET using RSA key ID 9FE86AD4
gpg: BAD signature from "Laurent Blume <laurent À elanor.org>"
In fr_FR, the icon is wrong, it says success, even though the message
says otherwise:
Succès
gpg: Signature faite le 23 février 2013 19:39:26 CET avec la clé RSA ID
9FE86AD4
gpg: MAUVAISE signature de « Laurent Blume <laurent À elanor.org> »
That matches the bug ID above. However, in en_US, with a message from
another source where the key is not present, the icon still says
success, even though GPG said it could not check the signature:
Success
gpg: Signature made Sun Feb 24 12:26:03 2013 CET using RSA key ID 9449EF58
gpg: Can't check signature: public key not found
- signature verification is not able to use subkeys properly
I imported my work public keys, exported from by PGP Desktop 9.12.0,
using its Send To: Mail Recipient function.
However, after importing it, IMP still can't check the signature of a
crypted email.
It seems to be because PGP Desktop uses specific subkeys for crypting
and signing, with different IDs, and IMP is not able to process them.
Here's what they look like:
$ gpg --list-keys xxx@xxx
pub 2048R/BFE9A6A5 2011-05-18
uid Blume, Laurent <xxx@xxx>
sub 2048R/E39D18A6 2011-05-18 [expire: 2013-05-16]
sub 2048R/9449EF58 2011-05-18 [expire: 2013-05-16]
When I click on Details in IMP, it shows only this one:
Key ID: 0xBFE9A6A5
And clicking on a crypted/signed email, it complains:
gpg: Signature made Sun Feb 24 12:26:03 2013 CET using RSA key ID 9449EF58
gpg: Can't check signature: public key not found
Even though 9449EF58 is part of the same public key block.
Any hint welcome on how to fix that.
Thanks,
Laurent
--
imp mailing list
Frequently Asked Questions: http://wiki.horde.org/FAQ
To unsubscribe, mail: imp-unsubscr...@lists.horde.org
