checking signature of pgp mime
Doug Barton
dougb at dougbarton.us
Fri Apr 4 04:54:05 CEST 2014
On 04/03/2014 12:06 PM, Tim Prepscius wrote:
> Greetings,
>
> So as I said before, I'm working on a pgp base web mail app:
> https://github.com/timprepscius/mv
>
> I am having problems validating the signature of a small percentage of
> test cases. However GPG with apple-mail says the signatures checkout,
> soo... I'm obviously doing something incorrectly.
>
> Is there developer of gpg-apple-mail who could let me know, given a
> specific example, what the actual block is which has been signed
> (including whitespace/line endings/etc). (I think if I could solve
> one problematic example, it would enable me to solve the others.)
>
>
>
> An example problematic email is this:
> http://pastebin.com/raw.php?i=1zm9sdcE
>
> This is the derived block: (I send this into openpgpjs)
> http://pastebin.com/raw.php?i=XThs22KR
When dealing with Apple it's not you who is doing things incorrectly
with PGP-MIME messages, it's them. And to make it more exciting, they do
it wrong several different ways. :)
Take a look at https://dougbarton.us/PGP/ppf/index.html, particularly
the ppf_verify script. It has a bunch of exceptional cases on how to
mangle (or un-mangle if you prefer) various formats of PGP-MIME in order
for the signatures to verify.
hope this helps,
Doug
More information about the Gnupg-users
mailing list