Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. gpa
KMail can't verify smime signed e-mails
pitrasw at wp
Jan 6, 2007, 5:06 AM
Post #1 of 5 (5522 views)
Permalink
Hello,
KMail + S/MIME. The problem is it manages to encrypt/decrypt messages with
smime, but it can't verify if the sign is correct. In gnupg log I've found
these lines, which were generated while KMail was opening smime signed
message:

8 - 2007-01-06 13:30:57 gpgsm[8441.0x80820f8] DBG: -> OK
8 - 2007-01-06 13:30:57 gpgsm[8441.0x80820f8] DBG: <- VERIFY
8 - 2007-01-06 13:30:57 gpgsm[8441]: detached signature
8 - 2007-01-06 13:30:57 gpgsm[8441.0x80820f8] DBG: -> S NEWSIG
8 - 2007-01-06 13:30:58 gpgsm[8441]: no signature value available
8 - 2007-01-06 13:30:58 gpgsm[8441.0x80820f8] DBG: -> OK
8 - 2007-01-06 13:30:58 gpgsm[8441.0x80820f8] DBG: <- BYE

I've got
Kmail-3.5.5
gpgme-1.1.2-r1
gnupg-1.9.20-r3
cryptplug-0.3.16-r1
dirmngr-0.9.3
and some others like pinentry and so but these have little to do with above
error I think.
All runs on Gentoo with 2.6.18 kernel. All stuff was compiled with smime
support. Checking certs in Kleopatra works fine and everything seems to be
correct.

Kmail shows kind of 'details' link within smime signed message, but nothing
happens when I click on it.

Any ideas... aaahhh... SMIME in Thunderbird works just out of the box...
Thx, Petri

_______________________________________________
Gpa-dev mailing list
Gpa-dev@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gpa-dev
Re: KMail can't verify smime signed e-mails [ In reply to ]
kloecker at kde
Jan 6, 2007, 1:32 PM
Post #2 of 5 (5342 views)
Permalink
On Saturday 06 January 2007 14:06, Piotrek wrote:
> Hello,
> KMail + S/MIME. The problem is it manages to encrypt/decrypt messages
> with smime, but it can't verify if the sign is correct. In gnupg log
> I've found these lines, which were generated while KMail was opening
> smime signed message:
>
> 8 - 2007-01-06 13:30:57 gpgsm[8441.0x80820f8] DBG: -> OK
> 8 - 2007-01-06 13:30:57 gpgsm[8441.0x80820f8] DBG: <- VERIFY
> 8 - 2007-01-06 13:30:57 gpgsm[8441]: detached signature
> 8 - 2007-01-06 13:30:57 gpgsm[8441.0x80820f8] DBG: -> S NEWSIG
> 8 - 2007-01-06 13:30:58 gpgsm[8441]: no signature value available
> 8 - 2007-01-06 13:30:58 gpgsm[8441.0x80820f8] DBG: -> OK
> 8 - 2007-01-06 13:30:58 gpgsm[8441.0x80820f8] DBG: <- BYE
>
> I've got
> Kmail-3.5.5
> gpgme-1.1.2-r1
> gnupg-1.9.20-r3
> cryptplug-0.3.16-r1
> dirmngr-0.9.3
> and some others like pinentry and so but these have little to do with
> above error I think.
> All runs on Gentoo with 2.6.18 kernel. All stuff was compiled with
> smime support. Checking certs in Kleopatra works fine and everything
> seems to be correct.
>
> Kmail shows kind of 'details' link within smime signed message, but
> nothing happens when I click on it.

I'm sorry, but I don't see an obvious solution for your problem. Please
search the archive of the kdepim-users@kde.org mailing list. There are
at least two longer threads dealing with this.

Regards,
Ingo
Re: KMail can't verify smime signed e-mails [ In reply to ]
pitrasw at wp
Jan 13, 2007, 7:27 AM
Post #3 of 5 (5314 views)
Permalink
Hello... I still can't verify smime signed things. My friend Google can't help
me. I can crypt/decrypt but can't verify. I still got this:
gpgsm: no signature value available

I've made some basic tests... not related with KMail... maybe someone will
read this again and will help me. I just try few various versions up to
1.9.20 but without a luck with any of them.

Creating a signature:
$ gpgsm --detach-sign test.ps > sig
gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION!
gpgsm: It is only intended for test purposes and should NOT be
gpgsm: used in a production environment or with production keys!
gpgsm: DBG: connection to agent established
gpgsm: no key usage specified - assuming all usages
gpgsm: certificate is good
gpgsm: policies not checked due to --disable-policy-checks option
gpgsm: CRLs not checked due to --disable-crl-checks option
gpgsm: no key usage specified - assuming all usages
gpgsm: DBG: adding certificates at level 1
gpgsm: signature created
secmem usage: 0/16384 bytes in 0 blocks

Now verify task:
$ gpgsm --verify sig test.ps
gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION!
gpgsm: It is only intended for test purposes and should NOT be
gpgsm: used in a production environment or with production keys!
gpgsm: detached signature
gpgsm: no signature value available
secmem usage: 0/16384 bytes in 0 blocks

$ echo $?
2

Thx, Petri.

_______________________________________________
Gpa-dev mailing list
Gpa-dev@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gpa-dev
Re: KMail can't verify smime signed e-mails [ In reply to ]
bernhard at intevation
Jan 14, 2007, 7:25 AM
Post #4 of 5 (5290 views)
Permalink
On Saturday 13 January 2007 16:27, Piotrek wrote:
> Hello... I still can't verify smime signed things. My friend Google can't
> help me. I can crypt/decrypt but can't verify. I still got this:
> gpgsm: no signature value available
>
> I've made some basic tests... not related with KMail...

This is the right approach, now you know that KMail is not causing
your crypto problems.

> maybe someone will
> read this again and will help me. I just try few various versions up to
> 1.9.20 but without a luck with any of them.

Note that 1.9.23 was the last of the 1.9.x series,
but 2.0.1 is current.

> Creating a signature:
> $ gpgsm --detach-sign test.ps > sig

> gpgsm: signature created

> Now verify task:
> $ gpgsm --verify sig test.ps

> gpgsm: no signature value available

This both works for me with gpgsm 1.9.22.
Please try with debugging output:
gpgsm --detach-sign --armor --debug-all --disable-crl-checks
--disable-policy-checks test.ps > sig
cat sig
gpgsm --verify --debug-all --disable-crl-checks --disable-policy-checks sig
test.ps

Also try
gpgsm --list-secret-keys

Send email with this data to gnupg-users @gnupg.org
Also give the version numbers of gnupg, dirmngr and gpg-agent.
I suggest trying the latest version if you can.

Bernhard

Attached Files:

Re: KMail can't verify smime signed e-mails [ In reply to ]
pitrasw at wp
Jan 15, 2007, 6:43 AM
Post #5 of 5 (5315 views)
Permalink
> > help me. I can crypt/decrypt but can't verify. I still got this:
> > gpgsm: no signature value available

That's solved already. Everything works now but with new versions of these:
libksba-0.9.15 (prev. 0.9.14)
gnupg-1.9.21 (prev. 1.9.20)

Petri

_______________________________________________
Gpa-dev mailing list
Gpa-dev@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gpa-dev

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal