Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Nylas Doesn't decrypt emails/attachments #2452

Open
martsa1 opened this issue Jun 15, 2016 · 25 comments
Open

Nylas Doesn't decrypt emails/attachments #2452

martsa1 opened this issue Jun 15, 2016 · 25 comments

Comments

@martsa1
Copy link

martsa1 commented Jun 15, 2016

Hi Folks,

Eagerly getting keybase setup with nylas and I can confirm that encrypting email bodies works! It does however result in HTML tags flooding the recipients screen (my colleague is using Thunderbird with Enigmail). But the encryption stuff all works.

When he replies however, using a GnuPG v2 encrypted email (either as body text or as an attachment), Nylas correctly determines that it is encrypted and provides a button to decrypt the message.

When i click that message however, nothing happens, I see nothing in the log, and I have no visual feedback that anything happened at all beyond the password box disappearing.

Further, the next time I try, the password box re-appears, despite the suggestion that the password will be cached for 30 minutes.

As a side note, I have also noticed that I cannot hit enter to submit the password, I have to mouse click the Done button.

What can I do to assist with debugging/getting this working?

Are there any related issues?

Possibly #2444

What operating system are you using?

Ubuntu 15.10 (64Bit)

What version of N1 are you using?

0.4.45-7637265

Bug?

Do you have any third-party plugins installed?

Installed plugins:

  • N1-filters v0.0.0
  • N1-quickschedule-plugin v0.1.0
  • N1-Unsubscribe v0.1.0
Is the issue related to a specific email provider (Gmail, Exchange, etc.)?

I've only tried this so far on an Exchange account but can try with Gmail if you feel that will be relevant.

Is the issue reproducible with a particular attachment, message, signature, etc?
@logandavis
Copy link
Contributor

logandavis commented Jun 15, 2016

Hi Sam - thanks for writing in. Sorry there wasn't better error handling here - that's #1 on the to-do list. Anyways, at a glance, there could be three things going on here:

  1. You don't have a private key loaded.
  2. Your private key isn't associated (on the preferences page) with the account you're receiving mail at.
  3. Incorrect private key password.

Have you imported your private key on the preferences page? Is it associated with the email address your friend sent a message to? Did you type the password correctly?

If it's not any of those, it's probably something to do with kbpgp not handling the inbound message properly, and I might need a sample email to test against. We did test against Enigmail, though, so I'd be a bit surprised if that were the issue at hand.

@logandavis logandavis self-assigned this Jun 15, 2016
@martsa1
Copy link
Author

martsa1 commented Jun 16, 2016

My encryption pane looks like this:
nylas keys

I was trying to get this to work with my work email, hence the private key isn't associated to my private email which is the primary address on the key, could that be it? Emails were sent and received at the address linked to both public and private keys (my exchange account).

I can pull your public key but not an email address, I'm happy to send/recieve some encrypted emails for testing, I don't know if that's a feasible route forward?

@mookerific
Copy link

I imported my public and private keys from Keybase (where they were generated) into N1. As a test I encrypted a message to myself at Keybase and mailed the encrypted message block to myself. N1 correctly detects that it is an encrypted message and provides a "Decrypt" button which in turn allows me to enter my passphrase. However, even after selecting "Done", the message is not decryped; in fact, nothing happens - no error message or anything. The passphrase box simply closes. I am, however, able to successfully decrypt this message at Keybase, proving that I have the correct passphrase.

Also, keybase invites aren't working (though I have no need for one).

@logandavis
Copy link
Contributor

Hi Sam,

The important thing is that the private key be associated with the recipient email address. If you receive an email at [email protected], and it's encrypted for the private key that you have associated with [email protected] on the Preferences page, the Decrypt operation will look for private keys associated with [email protected], not find any, and fail - alas, silently. (I've actually already added an error message for this case, and it'll ship as an update in the next version of N1.)

If that's not the issue, and you're certain that your private key is both imported and associated with the correct email account, feel free to email me at [email protected] with test messages.

@mookerific
Copy link

Logan, I understand the above was directed at Sam, but I can confirm that I have associated the correct e-mail addresses with my private key (and my key was generated for use with these 3 addresses). To the extent I can help, what sort of test message would you need?

@jtokoph
Copy link

jtokoph commented Jun 17, 2016

Encryption pane

screen shot 2016-06-17 at 11 13 38 am

Email sent to address that key is associated with

When I press decrypt and enter my key, it doesn't do anything when submitting the key.

screen shot 2016-06-17 at 11 14 47 am

The message can be decrypted with same key and passphrase in gpg cli

screen shot 2016-06-17 at 11 14 59 am

@mookerific
Copy link

Yup, this is the issue I'm seeing.

On Fri, Jun 17, 2016 at 1:19 PM, Jason Tokoph [email protected]
wrote:

Encryption pane

[image: screen shot 2016-06-17 at 11 13 38 am]
https://cloud.githubusercontent.com/assets/346225/16160403/d33c409e-347c-11e6-9207-6570bee4e70c.png
Email sent to address that key is associated with

When I press decrypt and enter my key, it doesn't do anything when
submitting the key.

[image: screen shot 2016-06-17 at 11 14 47 am]
https://cloud.githubusercontent.com/assets/346225/16160405/d33f41f4-347c-11e6-9283-6ed4331af294.png
The message can be decrypted with same key and passphrase in gpg cli

[image: screen shot 2016-06-17 at 11 14 59 am]
https://cloud.githubusercontent.com/assets/346225/16160404/d33e387c-347c-11e6-9c82-0e2bc2e27126.png


You are receiving this because you commented.
Reply to this email directly, view it on GitHub
#2452 (comment), or mute
the thread
https://github.com/notifications/unsubscribe/ASdL6arYBLw8KDZvRArJpKSpuVemW0ixks5qMuUmgaJpZM4I2lt7
.

@jtokoph
Copy link

jtokoph commented Jun 17, 2016

I see this in the console:

/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/lib/pgp-key-store.js:541
Error: no tailer found
    at Parser.exports.Parser.Parser.unframe (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/node_modules/pgp-utils/lib/armor.js:387:15)
    at Parser.exports.Parser.Parser.parse (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/node_modules/pgp-utils/lib/armor.js:196:12)
    at /Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/armor.js:77:33
    at katch (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/node_modules/pgp-utils/lib/util.js:210:13)
    at Object.decode (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/armor.js:76:12)
    at Object.do_message [as unbox] (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:1052:21)
    at PGPKeyStore.decrypt (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/lib/pgp-key-store.js:534:18)
    at PGPKeyStore.decrypt (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/lib/pgp-key-store.js:3:61)
    at Function.DecryptPGPExtension.formatMessageBody (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/lib/decryption-preprocess.js:26:21)
    at MessageBodyProcessor._process (/Applications/Nylas N1.app/Contents/Resources/app.asar/src/flux/stores/message-body-processor.js:132:19)
    at MessageBodyProcessor.retrieve (/Applications/Nylas N1.app/Contents/Resources/app.asar/src/flux/stores/message-body-processor.js:102:23)
    at _underscore2.default.defer (/Applications/Nylas N1.app/Contents/Resources/app.asar/src/flux/stores/message-body-processor.js:89:52)
    at /Applications/Nylas N1.app/Contents/Resources/app.asar/node_modules/underscore/underscore.js:768:19

@logandavis
Copy link
Contributor

logandavis commented Jun 17, 2016

jtokoph - thanks for the super detailed bug report. "No tailer found" occurs when the encrypted block is improperly formatted. It looks like one of the other plugins you have enabled may be changing the formatting of the encrypted message body. The reason the message decrypts successfully in the gpg-client is likely because, if you pasted it over, the copy/paste didn't pick up the HTML tags that the other plugin added.

For reference, the message should look like this:

correct body behavior

Can you confirm that the message you sent was from within N1? Can you tell me which other plugins you have enabled, along with which OS you're on?

Thanks,
Logan

@jtokoph
Copy link

jtokoph commented Jun 17, 2016

It looks like my issue could be related to the ---- END PGP MESSAGE ---- being split across two lines.

Another issue I'm running into is:

Error: key not found: ["ede375c7ac83d0b6"]
    at PgpKeyRing.fetch (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/keyring.js:57:15)
    at packet (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:275:30)
    at /Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:286:15
    at Message._get_session_key (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:324:15)
    at iced.Deferrals.parent (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:401:17)
    at Message._decrypt (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:413:15)
    at iced.Deferrals.parent (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:745:17)
    at Message._process_generic (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:750:15)
    at /Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:968:23
    at /Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:980:17
    at Message._process (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:1029:15)
    at /Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:892:19
    at /Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:904:13
    at Deferrals.exports.Deferrals.Deferrals._call (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/node_modules/iced-runtime/lib/runtime.js:86:16)
    at /Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/node_modules/iced-runtime/lib/runtime.js:98:26
    at trampoline (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/node_modules/iced-runtime/lib/runtime.js:64:14)
    at Deferrals.exports.Deferrals.Deferrals._fulfill (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/node_modules/iced-runtime/lib/runtime.js:96:16)
    at iced.Deferrals.parent (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:882:28)
    at Message.parse_and_process (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:884:15)
    at warnings (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:1079:18)
    at /Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:1089:13
    at Object.do_message [as unbox] (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/processor.js:1097:13)
    at PGPKeyStore.decrypt (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/lib/pgp-key-store.js:534:18)
    at PGPKeyStore.decrypt (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/lib/pgp-key-store.js:3:61)
    at Function.DecryptPGPExtension.formatMessageBody (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/lib/decryption-preprocess.js:26:21)
    at MessageBodyProcessor._process (/Applications/Nylas N1.app/Contents/Resources/app.asar/src/flux/stores/message-body-processor.js:132:19)
    at MessageBodyProcessor.retrieve (/Applications/Nylas N1.app/Contents/Resources/app.asar/src/flux/stores/message-body-processor.js:102:23)
    at MessageBodyProcessor.updateCacheForMessage.changedMessage (/Applications/Nylas N1.app/Contents/Resources/app.asar/src/flux/stores/message-body-processor.js:49:29)
    at Array.forEach (native)
    at DatabaseStore.MessageBodyProcessor._databaseStore2.default.listen.change (/Applications/Nylas N1.app/Contents/Resources/app.asar/src/flux/stores/message-body-processor.js:66:24)
    at EventEmitter.eventHandler (/Applications/Nylas N1.app/Contents/Resources/app.asar/src/flux/modules/reflux-coffee.js:206:27)
    at emitOne (events.js:101:20)
    at EventEmitter.emit (events.js:188:7)
    at DatabaseStore.trigger (/Applications/Nylas N1.app/Contents/Resources/app.asar/src/flux/modules/reflux-coffee.js:218:30)
    at /Applications/Nylas N1.app/Contents/Resources/app.asar/src/flux/action-bridge.js:128:27
    at _combinedTickCallback (internal/process/next_tick.js:67:7)
    at process._tickCallback (internal/process/next_tick.js:98:9)

When i decrypt with PGP:

· pbpaste | gpg

You need a passphrase to unlock the secret key for
user: "Blockspring <[email protected]>"
2048-bit RSA key, ID AC83D0B6, created 2016-02-29 (main key ID 0FD8DFF9)

gpg: encrypted with 2048-bit RSA key, ID AC83D0B6, created 2016-02-29
      "Blockspring <[email protected]>"
<head></head><body>this is another test from n1 to security</body>

It looks like N1 might be having issues using subkeys?

@jtokoph
Copy link

jtokoph commented Jun 17, 2016

I've done some more debugging and realized that I may have run into an issue when importing my keys because I had tried to import the public and private key at the same time.

I pasted my public and private key blobs into the import box, entered email address, entered passphrase and then imported. I didn't get any error, but the private key had showed up in the pane as if it imported properly. I tried exporting the key from N1 and it said that there wasn't any data, so I deleted it and reimported the private key by itself. Now it seems to work properly.

@logandavis
Copy link
Contributor

logandavis commented Jun 17, 2016

Ah! Thank you so much for figuring that out jtokoph - I almost certainly wouldn't have been able to debug that remotely. Nice catch; the import function should definitely error out in that case. In fact, I'm quite surprised that the "valid key" check we're doing with kbpgp didn't catch that...

Leaving the issue open for mookerific and Sam2304, who I imagine aren't having the same issue as you.

@jtokoph
Copy link

jtokoph commented Jun 17, 2016

I think the issue related to tailer not being found is that the keybase plugin is processing the html version of messages instead of the plain text versions. Processing emails encrypted by N1 works fine because it wraps the encrypted email in a pre tag and doesn't insert any other text. Other email clients may butcher the html version of the encrypted message with a bunch of div or br tags but will usually included the plaintext version along side the html.

In my case, I was sent messages by people who encrypted with the keybase.io web UI, and then copy pasted into a new email to me. The email client doesn't know that it should wrap this pasted content in a pre tag and skip adding spacing tags.

Here is a sample email body and select headers for an email that doesn't decrypt properly:

Subject: test enc
To: Jason Tokoph <[email protected]>
Content-Type: multipart/alternative; boundary=001a1142ea2a6b71c8052ced5ce4

--001a1142ea2a6b71c8052ced5ce4
Content-Type: text/plain; charset=UTF-8

-----BEGIN PGP MESSAGE-----
Version: Keybase Go 1.0.13 (darwin)
Comment: https://keybase.io/download

wcBMA+3jdcesg9C2AQgAJQfqovtZLvD7KFele3rG5V1gHo1viC63GzLkBmUZwbvV
cIA98cgHVEruOWsDJDJHbTdN1AxhzUl7T16r6BsMMQpRbY/Zh6N1IvRLCibawxrz
YRCaZWBbsM53wrOSufVMy5kPfMA6L7nwWxx2zKGGrkgcLS74qwfrueflv8qxk5jS
o3k5XL8v2MafLyBDHkw5wK6W1vJNw/+xQ+Z6wMtcnvJDkZGgWkgtBXaBK7ihUBuu
X55FumqZyJWKoa0zqwmel8kTYiiSi13yBi7kHJ2ZLfNqzG14lAcN/Y2dnuivDveF
kyZSO51h19ue5WuqfpRESLK5521Bg2zYinhhqcVO4tLgAeTWrzJIJI1mDsBZxG7Y
bEzK4XGA4AzgGeFWbuAH4tJjGqfgEeTeezHa/lwYM1o9PQIUUWhX4HLjSevauxg4
gnjgUeKKHObf4ELka6uTpkwj+zgyVFjdyVFEKuLTiHFk4Q+mAA==
=rhA0
-----END PGP MESSAGE-----
-- 
Jason

--001a1142ea2a6b71c8052ced5ce4
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div>-----BEGIN PGP MESSAGE-----</div><div>Version: Keybas=
e Go 1.0.13 (darwin)</div><div>Comment: <a href=3D"https://keybase.io/downl=
oad">https://keybase.io/download</a></div><div><br></div><div>wcBMA+3jdcesg=
9C2AQgAJQfqovtZLvD7KFele3rG5V1gHo1viC63GzLkBmUZwbvV</div><div>cIA98cgHVEruO=
WsDJDJHbTdN1AxhzUl7T16r6BsMMQpRbY/Zh6N1IvRLCibawxrz</div><div>YRCaZWBbsM53w=
rOSufVMy5kPfMA6L7nwWxx2zKGGrkgcLS74qwfrueflv8qxk5jS</div><div>o3k5XL8v2MafL=
yBDHkw5wK6W1vJNw/+xQ+Z6wMtcnvJDkZGgWkgtBXaBK7ihUBuu</div><div>X55FumqZyJWKo=
a0zqwmel8kTYiiSi13yBi7kHJ2ZLfNqzG14lAcN/Y2dnuivDveF</div><div>kyZSO51h19ue5=
WuqfpRESLK5521Bg2zYinhhqcVO4tLgAeTWrzJIJI1mDsBZxG7Y</div><div>bEzK4XGA4AzgG=
eFWbuAH4tJjGqfgEeTeezHa/lwYM1o9PQIUUWhX4HLjSevauxg4</div><div>gnjgUeKKHObf4=
ELka6uTpkwj+zgyVFjdyVFEKuLTiHFk4Q+mAA=3D=3D</div><div>=3DrhA0</div><div>---=
--END PGP MESSAGE-----</div></div><div dir=3D"ltr">-- <br></div><div dir=3D=
"ltr">Jason</div>

--001a1142ea2a6b71c8052ced5ce4--

When logging the message to the console in pgp-key-store.js you'll see that it tries to process the html version of the message. I assume this is because message.body is always html if the email contains an html part.

Could N1 be modified to allow the keybase plugin to have access to the plaintext version of the email if it exists? Is there any API to choose which part to use as the message body?

@logandavis
Copy link
Contributor

To your last two questions, no, those capabilities don't exist. Incidentally, this is why the PGP plugin doesn't have message signing - we had no way to prevent other plugins like the spellchecker from adding HTML tags with ApplyDraftTransform on send. I'm working on it.

Did these people copy/pasting the email in paste it into N1, or into some other client? We, of course, can't control the behavior of other clients when encrypted blocks get dropped into their composers. We can do a little parsing to accommodate slightly improperly formatted blocks, but at the end of the day there's simply no way to account for all the ways that another mail client's bad encryption formatting process could cause errors on this side.

That said, we had in fact been previously encountering this issue (before we added the pre tag), so there's actually a parsing line that shipped with the code. Can you try uncommenting line 410 of pgp-key-store.cjsx? Does the improperly sent message decrypt correctly then?

@jtokoph
Copy link

jtokoph commented Jun 17, 2016

Uncommenting that line didn't do it by itself, but adding pgpMsg = pgpMsg.replace(/<\/div><div>/gm,'\n'); before it did fix my messages.

The Mailvelope browser extension does this parsing before attempting to decrypt and has worked on any message I've received: https://github.com/mailvelope/mailvelope/blob/fc5f62a3c65c1e08bfa7cb006e194b3f1b585ae3/common/ui/inline/extractFrame.js#L142

@mookerific
Copy link

On a slightly different note (and on my Windows installation): after having added my public key by fetching it from Keybase and associating the 3 associated e-mail addresses, I went to import my private key. I cut and pasted my private key from Keybase into the relevant window, entered one of my e-mail addresses and entered the passphrase. The key was added successully.

However, when attempting to associate the remaining to e-mail addresses with the private key, I'm getting the error below.

image

@logandavis
Copy link
Contributor

mookerific - yes, I've encountered that personally, it's a known issue. It's a really stupid little bug that took 5 seconds to fix but unfortunately wasn't caught in code review. Patch will be shipping for the next release. Until then, you can't add an email address to a private key if there is already a public key with that address. As a temporary workaround, try removing the address from the public key first, then adding it to the private key. Very sorry - stupid little error.

@logandavis
Copy link
Contributor

jtokoph - Great, thanks for the recommendation! I will definitely dig into how mailvelope is doing this pre-message cleaning. You can expect to see a patch for that shipped in the next release of N1.

@mookerific
Copy link

Got it. By the way, apologies if I'm muddying the water with my lack of
technical expertise. You both seem to be discussing things at a far more
technical level than I can comprehend, so I'll trust you all to sort this
out. :)
On Jun 17, 2016 4:52 PM, "Logan Davis" [email protected] wrote:

mookerific - yes, I've encountered that personally, it's a known issue.
It's a really stupid little bug that took 5 seconds to fix but
unfortunately wasn't caught in code review. Patch will be shipping for the
next release. Until then, you can't add an email address to a private key
if there is already a public key with that address. As a temporary
workaround, try removing the address from the public key first, then adding
it to the private key. Very sorry - stupid little error.


You are receiving this because you commented.
Reply to this email directly, view it on GitHub
#2452 (comment), or mute
the thread
https://github.com/notifications/unsubscribe/ASdL6bij7Iw4LUZpNVYVSJC1CQRwhtTUks5qMwj2gaJpZM4I2lt7
.

@martsa1
Copy link
Author

martsa1 commented Jun 27, 2016

Apologies for the slow response, interesting reading above!

I can successfully decrypt downloaded emails using keybase pgp decrypt -i <filename> as sent from my colleague using my private key, so my guess is I'm not configuring Nylas correctly.

I tried removing my public key from Nylas, and associating various case-sensitive variations of my email address to the private key as associated emails, still to no avail...

I've had a look at the encrypted email (sent as an attachment) and it doesn't get mangled by anything, could it be that the GnuPGP stuff requires keybase pgp decrypt rather than keybase decrypt? Is there an equivalently different function to call in the keybase library this is based on?

Also, I'm still not seeing anything appear in logs, I've tried doing all this running with debug flags and still nothing, is there anything I can do to better trace this?

@martsa1
Copy link
Author

martsa1 commented Jun 27, 2016

Interestingly, sending myself an encrypted email encrypts and decrypts successfully!

That would suggest its something to do with my colleague using a different encryption? My successful decryption used:

-----BEGIN PGP MESSAGE-----
Version: Keybase OpenPGP v2.0.54
Comment: https://keybase.io/crypto

whereas my colleague's (unsuccessful in Nylas, works with keybase pgp decrypt:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v2

@emelbardis
Copy link

can confirm the issue.
When someone sends me an encrypted email from a client that isn't N1, I cannot decrypt from within N1, nor can I copy/paste into Keybase.io browser decrypter.

If I copy the email from outside of N1 and paste it into Keybase's browser decrypt box, it decrypts fine so the keys are good. An example was copying the text from my mobile device and pasting it into Keybase. This works fine

@emelbardis
Copy link

This is not resolved on 04.47
Decrypt 3rd party (non Nylas N1) message returns:
Unable to decrypt message. Encrypted block is malformed

I don't Facebook but is this still failing on FB emails?

@mootpt
Copy link

mootpt commented Aug 19, 2016

Seeing:

Error: unknown s2k gnu protection mode: 1002
    at S2K.read_gnu_extensions (/Applications/Nylas N1.app/Contents/Resources/app.asar/internal_packages/keybase/node_modules/kbpgp/lib/openpgp/s2k.js:67:19)

Worth noting that I am using a hardware device with my private key. This looks similar to: keybase/keybase-issues#1885

@kkoralsky
Copy link

kkoralsky commented Jan 26, 2017

Hi Ive run into this issue.

while openning thread: this appears in console:

Error: no tailer found
    at Parser.exports.Parser.Parser.unframe (/usr/share/nylas/resources/app.asar/node_modules/pgp-utils/lib/armor.js:388:15)
    at Parser.exports.Parser.Parser.parse (/usr/share/nylas/resources/app.asar/node_modules/pgp-utils/lib/armor.js:197:12)
    at /usr/share/nylas/resources/app.asar/node_modules/kbpgp/lib/openpgp/armor.js:77:33
    at katch (/usr/share/nylas/resources/app.asar/node_modules/pgp-utils/lib/util.js:210:13)
    at Object.decode (/usr/share/nylas/resources/app.asar/node_modules/kbpgp/lib/openpgp/armor.js:76:12)
    at Object.do_message [as unbox] (/usr/share/nylas/resources/app.asar/node_modules/kbpgp/lib/openpgp/processor.js:1062:21)
    at PGPKeyStore.decrypt (/internal_packages/keybase/lib/pgp-key-store.cjsx:408:9)
    at PGPKeyStore.decrypt (/internal_packages/keybase/lib/pgp-key-store.cjsx:1:1)
    at Function.DecryptPGPExtension.formatMessageBody (/internal_packages/keybase/lib/decryption-preprocess.coffee:12:19)
    at _sanitizeTransformer2.default.run.then.err (/src/flux/stores/message-body-processor.es6:139:21)
    at tryCatcher (/usr/share/nylas/resources/app.asar/node_modules/bluebird/js/main/util.js:26:23)
    at Promise._settlePromiseFromHandler (/usr/share/nylas/resources/app.asar/node_modules/bluebird/js/main/promise.js:510:31)
    at Promise._settlePromiseAt (/usr/share/nylas/resources/app.asar/node_modules/bluebird/js/main/promise.js:584:18)
    at Promise._settlePromiseAtPostResolution (/usr/share/nylas/resources/app.asar/node_modules/bluebird/js/main/promise.js:248:10)
    at Async._drainQueue (/usr/share/nylas/resources/app.asar/node_modules/bluebird/js/main/async.js:128:12)
    at Async._drainQueues (/usr/share/nylas/resources/app.asar/node_modules/bluebird/js/main/async.js:133:10)
    at Immediate.Async.drainQueues (/usr/share/nylas/resources/app.asar/node_modules/bluebird/js/main/async.js:15:14)
    at tryOnImmediate (timers.js:554:5)
    at processImmediate [as _immediateCallback] (timers.js:533:5)

and then while encrypting message just:
Error
and red box with text: 'Unable to decrypt message. Encrypted block is malformed.'

the message is 100% correct (i can decrypt it using gpg --decrypt)

Im using nylas 1.5.0 on Linux

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

8 participants