Michael wrote: > On Monday, 7 July 2025 03:07:35 British Summer Time Dale wrote: >> Howdy, >> >> I have one friend that likes to email with encrypted emails. We have >> good chats so I set up encryption ages ago. It worked for a long time. >> We lost contact for a bit but recently started chatting again. I think >> during a upgrade the Enigmail encryption was broken. I'm not sure >> when. I've tried every setting I can think of and find and it just >> refuses to work. I might add, I also lost all the accumulated keys that >> I had, including my own keys. > The Seamonkey email client was working with the Enigmail plugin. Mozilla's > Thunderbird now uses a different inbuilt OpenPGP encryption implementation > since Thunderbird 78. I understand the RNP encryption tool implementation of > Thunderbird has been released by Ribose, a Hong Kong based company. > > You can export your key pair(s) from Enigmail or ~./gnupg and import these in > the RNP, but if you have lost them then this won't help you. From what I > recall the Enigmail plugin uses the default ~/.gnupg OS keyring, which can > encrypt the private key with whatever algo-cipher scheme you select. > Enigmail > can either use its own OpenPGP.js code to access the keyring, or utilise > gnupg > since it is already installed in Linux. RNP on the other hand does not use > the OS gnupg keyring. Instead it uses Mozilla's master password, which > itself > uses a weak(er) encryption. I don't know if this option was chosen by > Mozilla > for <aheam!> "... your safety and convenience", or as they claim a licensing > issue. > > >> This is one reason I think something got >> borked during a upgrade. The error I get is this. >> >> >> Enigmail Security Info Error - decryption failed Error: Error during >> parsing. This message / key probably does not conform to a valid OpenPGP >> format. > Hmm ... I suspect this error is caused because Seamonkey is no longer > supported by Enigmail - see bottom post here: > > https://sourceforge.net/p/enigmail/forum/support/thread/b0e5a6791d/ > > I'm not sure, but I think the error message implies the content of the > message > is meant to be parsed as a stream of ciphertext and decrypted in chunks > according to a more up to date GnuPG security improvements, but your > Enigmail's OpenPGP.js library can't deal with it: > > https://github.com/openpgpjs/openpgpjs/releases/tag/v4.0.0 > > >> If someone knows of a fix for this, I'm fine with just fixing it. > Someone more clued up on these technologies could advise, but until wiser > minds contribute you could: > > 1. Use a more up-to-date OpenPGP.js and the hope Enigmail in Seamonkey will > function as expected: > > https://github.com/openpgpjs/openpgpjs > > 2. Change Enigmail's advanced preferences from using OpenPGP.js to using your > Gentoo GnuPG, '/usr/bin/gpg': > > https://enigmail.net/index.php/en/user-manual/advanced-operations > > 3. Move to T'bird and put up with its RNP implementation. You can export > your > key pair with gpg when you find it from ~/.gnupg and import it in RNP. > > 4. Use a different mail client which works with OpenPGP. > > >> If >> not, how do I reset this back to scratch and set up encryption again? > You can create a new key pair, using Enigmail and forget about your old key > pair for now. However, if you stick with Seamonkey-Enigmail and my > suggestion > in 1. above still does not work, you could run into the same format problem > even if you are using a newly created key pair. > > You could try option 2. above to see if using GnuPG as the back end for > Enigmail will work with Seamonkey and any old or new keys. > > >> I >> found the folder /home/dale/.gnupg/ but I'm not sure if I can delete the >> whole thing, just parts of it, just a single file or I have to do it >> another way. > Another way - please see above. You do not have to delete old keys to create > and start using new key pairs. The old private keys are still necessary if > you want to access previously encrypted files/messages. > > HTH.
I got busy with a large wood pile and getting it burnt up. Remember the large sweet gum tree I cut a year or so ago, that wood pile. It's still burning but almost gone. Anyway. I went back and did the setup again. I chose something besides what used to be built in since it isn't working anyway. Once that was done, I saw my old keys that I had accumulated was back. Eli signs his messages. I saw a post by him and noticed that I could use it as a test. I was able to click the button, it fetched the proper keys and verified that the message was in fact written, or at least sent, by Eli. It's not the same as encrypted but from my understanding, both work the same. It uses the same key and process except that the email isn't encrypted. So, it worked. I thought I was onto something. I then went back to my friend's email that is encrypted. It still shows that it is broken for same reason as before. It seems, from the little info it shares, to fail the same way. I don't understand why it works for Eli's message signing but someone else's it fails. I really need to work on what I been wanting to do for years. Set up my own email fetching/sending software locally so that I can use any client I want. Seamonkey is really going downhill. It fails on so many sites that I rarely use it for browsing anymore. Most often, the sites I do visit with Seamonkey; Gentoo forums, wiki and such. For the last year or so, not much else works. I might add, you about can't get a add-on anymore. The few I have haven't had updates in years. No telling how big a can of Raid those need. My biggest two problems, I want to switch from Gmail to a paid service that doesn't snoop. 2, finding a email client that I like. Thunderbird is supposed to be like the email part of Seamonkey but it is vastly different. I don't like it to be honest. I also can't open links in new tabs in a already open instance of Firefox either, or I haven't figured out how yet. I don't even know what else is out there either for client software. I admit, I kinda like pop3 type setup and using folders. For example, all emails for the Gentoo user mailing list goes into a folder and I have it set to thread messages. I have a lot of folders. My inbox folder is mostly where I catch spam and the very few that don't have a folder just for them. I really need to find a email provider and start installing and setting up email software. Then maybe this encryption thing will work right. :/ Dale :-) :-)
