Page MenuHome GnuPG
Create Task
Maniphest T4517

de-mail and GPG with Smart Card no decryption
Closed, ResolvedPublic
Actions

Description

de-mail offers end-to-end enctyption with gpg and Mailvelope as add-on. Generally it works. However, if a key is generated on the GnuPG Smart Card V3.3, it will work. The public key can be uplodaed in Mailvelope. So Messges in de-mail can be encrypted, as it should be.

The problem is comming up, if the private key is only on the smart card. This should be, fore security reasons the case. However, Mailvelope does not recognize the smart card. Therefore, decryption fails.

If not smart card is used, and private and public key are stored in Mailvelope, gpg can be used inside de-mail.

Details

Version
gpg4win 3.1.7, GnuPG Smart Card V3.3

Event Timeline

JW-D created this task.May 15 2019, 4:17 PM
aheinecke claimed this task.May 16 2019, 1:12 PM
aheinecke triaged this task as High priority.
aheinecke added a subscriber: aheinecke.

Smartcard support is a big advantage of using the GnuPG backend and it should work of course.

I'll try to reproduce the problem.

JW-D added a comment.May 16 2019, 2:48 PM

The problem could be narrowed as follows: According to Mailvelope Add-on, GnuPG must be installed for smart card support. Screenshots show that GnuPG is not recognized by Mailvelope. Of course actual versions off all programs were installed. Therefore, e-mails sent out ecrypted with public key work fine, because the public key is stored in Mailvelope. Is the encrypted message arrives and should be decrypted. Mailvelope does not find GnuPG and therefore, no private key. I´ll send some screenshots to you.

mkrambach added a subscriber: mkrambach.Jul 2 2019, 4:47 PM

This seems to be the same issue as the one opened in mailvelope. https://github.com/mailvelope/mailvelope/issues/679.

TL;DR: The upcoming next release of mailvelope may solve this, and I do not think this is a problem with gpgme-json itself

I did some research, and could "solve" the issue of mailvelope not recognizing the gnupg integration by increasing the initialization timeout in mailvelope. As far as I'm informed, this timeout will be increased in the next mailvelope release (jointly with using the the error-on-disconnect handling I changed in gpgmejs).

JW-D added a comment.Jul 2 2019, 8:27 PM

Thanks, this is excellent news! I´ll check it, if the new Mailvelope version is available and I´ll let you know about the outcome. If the new version is released, let me know!

mkrambach added a comment.Jul 10 2019, 10:27 AM

Hi, @JW-D, as the 'fixed' version of mailvelope has been released, could you please confirm if the issue is solved for you with mailvelope 3.3.1, or if you're still affected? Thank you.

JW-D added a comment.Jul 10 2019, 12:55 PM

Hi Maximilian,

I can confirm, that my problem is now solved with the new update. Thank you very much for your time and effort which you spent in the issue! You can close successfully this task if you want.

Best regards,

JW-D

mkrambach closed this task as Resolved.Jul 10 2019, 3:00 PM