PGP signature is always wrong.

Gateway
1

Hello,

I've installed Ciphermail and used this patch to enable PGP signatures on all outgoing email. https://lists.djigzo.com/pipermail/users/2014-July/001093.html

Now when I send an Email to one of my test accounts at gmail or hotmail, Enigmail (Thunderbird Addon) always reports that the signature is wrong. I don't know if I've misconfigured something, if Ciphermail signs the message wrong, if the mail servers at Google or Microsoft mess with the Email or if Enigmail is broken. I've tried it with keys that were generated using the webinterface of Ciphermail and gpg --gen-key, same result. I've tried both PGP/MIME and PGP/INLINE, both with HTML and plaintext messages, but the result is the same.

What's the most likely thing I've done wrong and how should I try to debug this?

P.S: Why is the webinterface able to generate keys instantly when the command line tool never has enough entropy available?

Kind regards,

mots

2

Hello, I've installed Ciphermail and used this patch to enable PGP
signatures on all outgoing email.
https://lists.djigzo.com/pipermail/users/2014-July/001093.html

Now when I send an Email to one of my test accounts at gmail or
hotmail, Enigmail (Thunderbird Addon) always reports that the
signature is wrong. I don't know if I've misconfigured something, if
Ciphermail signs the message wrong, if the mail servers at Google or
Microsoft mess with the Email or if Enigmail is broken. I've tried
it with keys that were generated using the webinterface of Ciphermail
and gpg --gen-key, same result. I've tried both PGP/MIME and
PGP/INLINE, both with HTML and plaintext messages, but the result is
the same.

What's the most likely thing I've done wrong and how should I try to
debug this?

Can you send me a signed mail off list (i.e., directly to me) so I can
check whether it validates.

P.S: Why is the webinterface able to generate keys instantly when the
command line tool never has enough entropy available?

The gateway does not use the GPG tool. The gateway uses the Bouncycastle
for PGP handling. It might be that GPG has their own random source or
that they are more conservative and require more entropy. Java's
SecureRandom by default uses /dev/random for the random source.

Kind regards,

Martijn Brinkers

ยทยทยท

On 09/04/2014 10:11 AM, mots wrote:

--
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

Twitter: http://twitter.com/CipherMail