[Enigmail] OpenPGP Card: fundamental problems

Stefan X stefanxe at gmx.net
Sun Mar 8 07:48:22 PDT 2009 

Hi Olav!

>> It seems that Enigmail is expecting a card with the ID bound to the email
>> address but this is NOT the encryption key. Because of this Enigmail may
>> think the available smart card is not the required one.
> 
> Third key = Authentication key on card or a subkey bound to the UID?

By third key I mean the last key of three listed when executing "gpg
--card-status". I am not sure whether this is a authentication key.

> But I'd expect that when "gpg -d mail.eml" works (without explicitely
> telling GnuPG which keyID to use), then Enigmail should do aswell.
> 
> Could you please enable Enigmail debugging and create a debug log?

Please see the following debug:

2009-03-08 15:38:18.759 enigmail.js: Logging debug output to ~//enigdbug.txt
2009-03-08 15:38:18.783 enigmail.js: Enigmail version 0.95.0
2009-03-08 15:38:18.783 enigmail.js: OS/CPU=Linux i686
2009-03-08 15:38:18.784 enigmail.js: Platform=X11
2009-03-08 15:38:18.784 enigmail.js: composeSecure=true
2009-03-08 15:38:18.786 enigmail.js: Enigmail.initialize: gEnvList =
DISPLAY=:0.0,HOME=/home/otto,LANG=de_DE.UTF-8,LOGNAME=otto,LD_LIBRARY_PATH=/usr/lib/thunderbird:/usr/lib/thunderbird/plugins:/usr/lib/mre/mre-2.0.0.19,MOZILLA_FIVE_HOME=/usr/lib/thunderbird,PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games,PWD=/home/otto,SHELL=/bin/bash,USER=otto
2009-03-08 15:38:18.787 enigmail.js: ResolvePath: filePath=gpg
2009-03-08 15:38:18.788 EnigmailAgentPath=/usr/bin/gpg

2009-03-08 15:38:18.800 enigmail> /usr/bin/gpg --charset utf8  --batch
--no-tty --version
2009-03-08 15:38:18.800 gpg (GnuPG) 1.4.9
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Unterstützte Verfahren:
Öff.Schlüssel: RSA, RSA-E, RSA-S, ELG-E, DSA
Verschlü.: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Komprimierung: nicht komprimiert, ZIP, ZLIB, BZIP2

2009-03-08 15:38:18.801 enigmail.js: detectGpgAgent
2009-03-08 15:38:18.802 enigmail.js: detectGpgAgent: GPG_AGENT_INFO
variable available
2009-03-08 15:38:18.802 enigmail.js: detectGpgAgent:
GPG_AGENT_INFO='/tmp/seahorse-axoWSa/S.gpg-agent:5551:1'
2009-03-08 15:38:18.803 enigmail.js: Enigmail.stillActive:
2009-03-08 15:38:18.803 enigmail.js: Enigmail.initialize: END
2009-03-08 15:38:18.807 enigmail.js: Enigmail.mimeInitialized: false
2009-03-08 15:38:18.807 enigmailMessengerOverlay.js: loading
enigmail:dummy ...
2009-03-08 15:38:18.808 enigmailCommon.js: EnigGetFrame: name=messagepane
2009-03-08 15:38:18.810 enigmail.js: getClassObject:
cid={847b3a11-7ab1-11d4-8f02-006008948af5}
2009-03-08 15:38:18.811 enigmail.js:
EnigmailProtocolHandlerFactory.createInstance
2009-03-08 15:38:18.811 enigmail.js: EnigmailProtocolHandler.QueryInterface
2009-03-08 15:38:18.812 enigmail.js: EnigmailProtocolHandler.newURI:
aSpec='enigmail:dummy'
2009-03-08 15:38:18.813 enigmail.js: EnigmailProtocolHandler.newChannel:
URI='enigmail:dummy'
2009-03-08 15:38:18.823 enigmailMessengerOverlay.js: enigMessageFrameUnload
2009-03-08 15:38:18.824 enigmailMsgHdrViewOverlay.js: enigMessageUnload
2009-03-08 15:38:18.902 enigmailMessengerOverlay.js: enigMessageFrameLoad
2009-03-08 15:38:18.903 enigmailMessengerOverlay.js: *****enigMimeInit
2009-03-08 15:38:18.904 enigmailMessengerOverlay.js: *****enigMimeInit:
handlePGPMime=true
2009-03-08 15:38:18.906 enigmail.js: Enigmail.mimeInitialized: true
2009-03-08 15:38:18.906 enigmailMessengerOverlay.js: *****enigMimeInit:
RELOADING MESSAGE
2009-03-08 15:38:18.907 enigmailMessengerOverlay.js: enigMessageReload:
false
2009-03-08 15:38:18.988 enigmailMessengerOverlay.js: enigMessageFrameUnload
2009-03-08 15:38:18.989 enigmailMessengerOverlay.js: enigMessageCleanup
2009-03-08 15:38:18.995 enigmailMsgHdrViewOverlay.js: enigStartHeaders
2009-03-08 15:38:18.997 enigmailCommon.js: EnigGetFrame: name=messagepane
2009-03-08 15:38:18.998 enigmailMsgHdrViewOverlay.js: msgFrame=[object
Window]
2009-03-08 15:38:18.999 enigmailMsgHdrViewOverlay.js: enigPrepSecurityInfo
2009-03-08 15:38:19.011 enigmailMsgHdrViewOverlay.js: enigEndHeaders
2009-03-08 15:38:19.014 enigmail.js: Enigmail.decryptMessageStart:
prompter=[xpconnect wrapped nsIPrompt], verifyOnly=false, noOutput=false
2009-03-08 15:38:19.015 enigmail.js: Enigmail.execStart: command =
/usr/bin/gpg --charset utf8  --batch --no-tty --status-fd 2 -d,
needPassphrase=true, domWindow=null, prompter=[xpconnect wrapped
nsIPrompt], listener=null, noProxy=false
2009-03-08 15:38:19.015 enigmail.js: GetPassphrase:
2009-03-08 15:38:19.016 enigmail.js: WriteFileContents: file=~//enigcmd.txt
2009-03-08 15:38:19.230 enigmail.js: WriteFileContents: file=~//enigenv.txt
2009-03-08 15:38:19.352 enigmail.js: Enigmail.execStart: copied command
line/env to files ~//enigcmd.txt/enigenv.txt
2009-03-08 15:38:19.353
enigmail> /usr/bin/gpg --charset utf8  --batch --no-tty --status-fd 2 -d
--use-agent
2009-03-08 15:38:19.354 enigmail.js: Enigmail.execStart: pipetrans =
[xpconnect wrapped nsIPipeTransport]
2009-03-08 15:38:19.371 enigmail.js: Enigmail.decryptMessageEnd:
uiFlags=8, outputLen=1, pipeTransport=[xpconnect wrapped
nsIPipeTransport], verifyOnly=false, noOutput=false
2009-03-08 15:38:19.372 enigmail.js: Enigmail.execEnd:
2009-03-08 15:38:19.373 enigmail.js: WriteFileContents: file=~//enigerr.txt
2009-03-08 15:38:19.507 enigmail.js: Enigmail.execEnd: copied command
err output to file ~//enigerr.txt
2009-03-08 15:38:19.508 enigmail.js: Enigmail.execEnd: exitCode = 2
2009-03-08 15:38:19.509 enigmail.js: Enigmail.execEnd: errOutput =
[GNUPG:] ENC_TO AF9A794E93F89FE5 1 0
[GNUPG:] CARDCTRL 4
gpg: selecting openpgp failed: unknown command
[GNUPG:] ENC_TO E36CE9BFC1920D94 16 0
gpg: verschlüsselt mit 4096-Bit ELG-E Schlüssel, ID C1920DA5, erzeugt
2007-09-05
      "Test Mustermann <a at example.com>"
[GNUPG:] NO_SECKEY E36CE9BFC1920D94
gpg: verschlüsselt mit 1024-Bit RSA Schlüssel, ID 93F89FE5, erzeugt
2009-03-08
      "Otto Test <b at example.com>"
gpg: Entschlüsselung mit Public-Key-Verfahren fehlgeschlagen:
Allgemeiner Fehler
[GNUPG:] BEGIN_DECRYPTION
[GNUPG:] DECRYPTION_FAILED
gpg: Entschlüsselung fehlgeschlagen: Geheimer Schlüssel ist nicht vorhanden
[GNUPG:] END_DECRYPTION

2009-03-08 15:38:19.509 enigmail.js: Enigmail.parseErrorOutput:
2009-03-08 15:38:19.511 enigmail.js: Enigmail.parseErrorOutput:
statusFlags = 08010100
2009-03-08 15:38:19.511 No SmartCard could not be found in your reader
Please insert your SmartCard and repeat the operation
2009-03-08 15:38:19.512 enigmail.js: Enigmail.stillActive:
2009-03-08 15:38:19.512 enigmail.js: Enigmail.decryptMessageEnd: Error
in command execution
2009-03-08 15:38:19.513 enigmailMsgHdrViewOverlay.js:
EnigMimeHeaderSink.updateSecurityStatus: uriSpec=
2009-03-08 15:38:19.515 enigmailMsgHdrViewOverlay.js:
EnigMimeHeaderSink.updateSecurityStatus:
msgUriSpec=imap-message://otto%40example.com@mail.example.com/INBOX#3
2009-03-08 15:38:19.516 enigmailMsgHdrViewOverlay.js:
enigUpdateHdrIcons: exitCode=2, statusFlags=136380672, keyId=null,
userId=null, gpg command line and output:
/usr/bin/gpg --charset utf8  --batch --no-tty --status-fd 2 -d --use-agent
No SmartCard could not be found in your reader
Please insert your SmartCard and repeat the operation
2009-03-08 15:38:19.517 enigmailCommon.js: EnigConvertToUnicode: utf-8
2009-03-08 15:38:19.673 enigmailMessengerOverlay.js: enigMessageFrameLoad
2009-03-08 15:38:19.676 enigmailMessengerOverlay.js: enigMessageDecrypt:
[object Event]
2009-03-08 15:38:19.677 enigmailMessengerOverlay.js: content-type:
multipart/encrypted; protocol="application/pgp-encrypted";
boundary="------------enig0EC1272783899CA2C003D34C"
2009-03-08 15:38:19.678 enigmailMessengerOverlay.js:
content-transfer-encoding:
2009-03-08 15:38:19.679 enigmailMessengerOverlay.js: x-enigmail-version:
0.95.7
2009-03-08 15:38:19.680 enigmailMessengerOverlay.js: multipart/encrypted
2009-03-08 15:38:19.681 enigmail.js: Enigmail.mimeInitialized: true

More information about the Enigmail mailing list