PGP certificate is not imported when email is sent via Outlook with GpgOL plugin

Hello,

I am using Outlook with GpgOL Plugin Version 2.5.6 for PGP support. When I send an external and signed email to an internal recipients, the PGP certificate is recognized but not imported. If I sign an email using Mozilla Thunderbird, the PGP certificate is successfully imported.
Is this also related to the PGP/MIME and PGP/Inline problem? Or could be there an incorrect configuration in the GpgOL plugin or just incompatibility?

The figure below shows the problem in the log

The incoming email at 10:50 was signed with Thunderbird and sent. The certificate is imported.
The incoming email at 10:54 was signed with GpgOL plugin and sent with Outlook. The certificate was recognized but not imported.

There are two different sender and only one certificate was imported. Both certificates were created the same way.

Thank you very much

Regards

André

Are you certain that the PGP key is attached to the email? A PGP signature does not contain the PGP public key like S/MIME does. The PGP public key can only be imported if if the sender attaches the PGP public key to the email. I have no experience with GpgOL but according to the following wish list, attaching the PGP key is not supported

https://dev.gnupg.org/T4090

1 Like

Thank you for the very quick reply.

I am sending you two more screenshots:

The first screenshot shows the email from Thunderbird. There are two files for the signature (?)!

PGP Signatur Thunderbird

The second screenshot shows the email from GpgOL plugin/Outlook. There ist only the asc-file (and the logo file of my signature).

PGP Signatur GpgOL

There is actually a difference that I don’t quite understand. But I’ll try it out a little further.

Thanks very much. Best regards

Andre

And I also looked at your link to GnuPG dev. Maybe it really isn’t supported yet.

Thank you again. :slight_smile:

I just saw that the openpgp-digital-signature.asc file (from GpgOL) actually doesn’t contain the complete public key! The content is much shorter and is headed “BEGIN PGP SINGATURE”.

So it’s the GpgOL plugin that I’ll take a closer look at.

Thanks very much.

I just found an option in the GpgOL Plugin to pack the key in the signature. This option is not activated by default. But unfortunately the key is still not imported by ciphermail gateway.

The signature is still entitled “BEGIN PGP SIGNATURE”. Normally this should be called “BEGIN PGP PUBLIC KEY BLOCK”, shouldn’t it?

It could be that they put the key inside the signature. If so, this is currently not supported by CipherMail.

Is the signature longer after enabling this feature?

Can you attach the signature file (the .asc file)?

Yes, the signature is now longer.

I cannot attach the asc.-file directly to this post. So I paste the content as text. I hope that is ok.

WITH PUBLIC KEY (AFTER I’ve activated the option in GpgOL Plugin)

-----BEGIN PGP SIGNATURE-----

iQiTBAEBCAb9FiEE7d0A0/wm2O6AuirM4pEofI6W/l4FAmRBKIHGHiYAmQGNBGPC
cw8BDADCNh/0l6wxS3/LlbzJIlHBV/PF+D9FhlLCl+6xtYLEBkC3Ezx+NTw6PoPS
OLmquGUXkcuWSvesEZQfdQCy7qoGX3zeTJXbENTE051VxDt8LRLb6ytMT6PRwcJj
iNonJBh7/D93Tnu+s1d4xRVI9Ln9X/PQBnVu75jkTzQrKOb/3Jt7O8GljC3mt8FH
jhuOhv0n1elOnHT9P4aSPRh6ovpArnPMWXq1uncZYrm9x/Oi7tzaF005zCd4z97O
ZCdm/1lZQdrjylHSUD9/OQvkmd1d5AhTqEqcT3G5TC42/bauk+hivg0mxFny0TQC
IErduPpTmAFulZZzwrHQYibTSHxeaZeJW8d0F9zIFWqk8zvIUnVbt/9hG2vihRK7
E9Px7eIRh0NQx0WgBvquJMciMl4zJqd5Ri8EwPoAndYBpHu6K6lrQQ1isct/55o7
2M8ZH4INwlyJzrGnDX3a8s3bXe3HOokJYr+SJMVaJEtYloI9Z4DPUcJlqf/giHLV
OPZ+EPMAEQEAAbQhQW5kcsOpIFNjaG9wcGUgPGFuZHJlQHNjaG9wcGUuaXQ+iQHX
BBMBCABBFiEE7d0A0/wm2O6AuirM4pEofI6W/l4FAmPCcw8CGwMFCQPD0KEFCwkI
BwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQ4pEofI6W/l6Hawv/cENAtri8usm0
OYi0BfX3BJAWqw9+cCKvByC05XqQTrTi38ujScoYc2559R0xH5h4bWuNCQ35bhkn
Qn1RNAJc8TCStIO0uGQRYVWj0gyjmv6Za+klHn55sYU/auJQEhPeySfQoKlhehyP
MQ6v2cK+uki1vBPEXbZth8b+JMeoKL3q4QFGSSowtquqzAwVlaPqaBsfJZivD64Y
KYiAXI4dG23hYXIrmdLAkSQNwj68y/zlWRtZCNJDLyNOYVo/xj/f85QmHvgTN0Do
Mi6f/L0wl0Fp5Q5p/+P/1zMX4TTS1ys7t7Ra02SZXFxkdp1jxWJg9VmC04ozh99m
uLF2DnfZ3UU9NiFxhcmnRVw4nGJAnrEfmMk7Yyt9+21xUKpM1//YxnVV2gHFB1wJ
8cZBUXKvTRup25D5dK+doBxfz8GVQKOHQ9g1FuNYnRSdFOr8uhE+Yl4zP+KXx1a6
Ej9+4itqUe3utI68V+vRs6UgjbHGWtZHTjtfkws40q9cGZTWKZBxuQGNBGPCcw8B
DADOQBXd2tSXdfEHjjFeXp2ijjDcXptakN6MufbJek6tAa+YEiYPIFBjbaUQS3r2
es2VP3PcnmZK1pjE7tW70hSkqfIWNkRk1Oh20mv4WBxOSZF3CuJnFvzaceoYPDJY
mbjdKnwcQZl6TKTEgDsiC0tIBJg4mMvztPDScxSGe+1n0ZNKC4lzxKPqqP8OgXYH
yg5tG1Iv1i30w2MPyVgkNmyF70jot7xNq7Dg3HN5lhEEfQovFHptv+q7TbnUm8gF
PUTaMxfZLo9Ukbe84RoURZ8I6kK1f2cGo8oPuKSdgUd/Orl6SEWrA1jbWLLB3dsV
ULKzya9JIi7ZX75h2M7JYDsrMw+4Tikq3+9m9dSfPwVOfY/Qe9FQ+DlSoOhAImuJ
HmqInbCZ92jvokMexty6raykkdZcaKpltXm+CtM7gV4i/zHCDOdbU+MYyuHeUdC3
f+qcFhIHA7mjWza+loq3L5zKfXpWvQn+u7ULJfxSPocPQbn4WkR3uGva0edALTkV
1zcAEQEAAYkBvAQYAQgAJhYhBO3dANP8JtjugLoqzOKRKHyOlv5eBQJjwnMPAhsM
BQkDw9ChAAoJEOKRKHyOlv5eCS4L+gLlhGPg3Sn1BraWTKmmDSqQRce2wgs+y6pg
tCXMqGSAWoGuV76s3onBiDesNVaqZpawllaOx3rrA7eAkYtuwzKlKvdwve9ON3jz
OrfUbxY35GDAoXmF99Vc+mGbIBHqlaD6vCEwjrhFzdm4TbzgtZQQFzsS40SzqXH0
kZeNdzMZ2WWZGOoASuVIWFk0hh8ntyUSXCycDTh+8Ru5JABJAudTFqYG76h7fbtj
1ND7Qe9UR0+FTy/40xBt9Sg9VJWrNBAz8VCqraMJio0478uFtzB+nUb2tp9SmSEr
CxI4PDCHr4l22V47X7cb8T9WfJT4b9wiaeP6RA3C3TeMkK8QkGpgW9CPHoybxhpl
d257YVpDtraJgCYMtdBdPZSn+htZnE5xNLZ+7tDBjzXQ+G9xL5AYdYCCcZ0VFHdL
i85LRLr3+0OI/+TG/COAoOGpAuFhObooQBXs1OPwU8ZCdDaq4rC+QyA1b/5yZ7kH
UORALGd5mRpdOociyRCOc2gwpxkeyQAKCRDikSh8jpb+XnEkC/4nwivOxy5C0Q5K
zbsybxBIa3xmJIjy38qeGoY6PtSBQbONH1rjIZb2t39QzYLf/nnSFDX4F9OFyRLc
AnO1rvZpFkwIxZvWlz+VRcJ11c+RPTjzQB+fMOnFVh4gi1jXB0EO1DIYSTzbgN3h
7zHe+V2J0Br2cT0m5ZLPeDC0FyENiCB+TsIHurKVqrQyXKUNcV4I9Um1dNJz9jC2
IzMpAhxsXwMHmNP7/hRG6BTu1MldhHacM0unAIyqBFXNinnrB2xdYxb5GrgPqSeZ
ucZYO/iOXYCqLgSk5G+q7XmALGtAs4z2gkmN0D38pZdh9gzGEMbFqOnmtshwTDq9
C9S+0Z54Huhs+EJxY9z7JV13Czl8tvZNGupo70ZTlRE5zL7M6xrgIvlGnTHfkMry
vEx890lkbBLE0FbRwWbU1be/zVx5QOSA4WSmyLQDbU1ZSCjenagXIOnsMKrX2GKR
2CqyBXgPWBlURTfr8GX0m0uKvQSgMtN1JYRNRuiKXtyfinKKNxg=
=X/fv
-----END PGP SIGNATURE-----

WITHOUT PUBLIC KEY (BEFORE I’ve activated the option in GpgOL Plugin)

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEE7d0A0/wm2O6AuirM4pEofI6W/l4FAmRA/X0ACgkQ4pEofI6W
/l7v5Av/ernEsOd58sk0TxbM6vdTMyi0QhP45IbM3SJa9Hy+LIYayYnGNdL9KbzA
QwqsZDvSYFceoQgziy+QdpkmckWrT+7+Wk9Tl1p6AwiD8r+ZAAFmfZZsCiXdNoIK
t1MkwQ62zW3HtRktKRow+G4F22khtYEM7AUWKhO9I6b+/kkCqSqeHPZ1Y67XBRAI
46sgrthQlvZDTxaVgq7jtQKuF/fryj7j7DXi4GEXNi/NMTE7SXhxTN1VjXHyMyxE
SzZDwIjSH08cmabBMGHmqzAUfKZrQe24U54DJiW0nyLNygLPLnLV1ZiE79vuECCX
YLBvMr4VDhZumLrxf4trMzWy7TdeDFp6igh9Qpq6oNTGmPzA+dUMP/pgzKwYJrX6
gnRIjXd4FQeenKljhTi3bNSpXn6RE1Ztk3k+p9TKL9zjQUuwn1TAYD6AQei8Ajf1
eeOXTBzlg70t0OEMpU60N/5d5HO9oetmo9vrMp3YEMiJPNURXyy2n6mSWN43d23i
L5TE36BQ
=MDKJ
-----END PGP SIGNATURE-----

It looks like GpgOL embeds the public key into the signature blob. I’m not sure whether this is widely supported. It’s not supported by the CipherMail gateway. Will check how hard it is to support this.

1 Like