Verify signature error
Which of our tools is giving you problems?
GPGServices
What’s the version of that tool?
1.9.1 build 507
What version of OS X are you using?
10.8.4
Please describe your problem. Add as much detail as possible.
I selected some text, used Services -> OpenPGP: Encrypt Selection to encrypt/sign that text. I then selected the resultant block of cipher text and used Services -> OpenPGP: Verify
I expected a valid verification. Instead I got an error message box:
Blue gear icon
Bold text: Verification failed
Normal text: No signatures found within the selection
(OK button only option to click)
I tried just selecting some text and using Services -> OpenPGP: Sign Selection
This created a cleartext block that began with these lines:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Followed by the text I had chosen to sign.
If I select all the text, including the "BEGIN" line, and use Services -> OpenPGP: Verify, then I get a valid verification message.
Note that I have tried to download the nightly build, but when I go to https://nightly.gpgtools.org/ the web browser is automatically forwarded to https://gpgtools.org/
So I am unable to try testing the nightly build.
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Luke Le on 15 Aug, 2013 06:53 PM
Hi Dutch,
actually, what you want to do is select OpenPGP: Decrypt if you encrypted and signed the message. GPGServices wants to see a signature and not encrypted text if you select OpenPGP: Verify. It's stupid that way at the moment.
I'll create a ticket for that where you can follow progress:
https://gpgtools.lighthouseapp.com/projects/67607-gpgservices/ticke...
2 Posted by Hq on 10 Sep, 2013 08:08 PM
The GnuPG manual describes how this case should be dealt with:
"3.1.2 Commands to select the type of operation [...] --decrypt -d Decrypt the file given on the command line (or STDIN if no file is specified) and write it to STDOUT (or the file specified with --output). If the decrypted file is signed, the signature is also verified. [...]"
This is presently handled correctly for files by GPGServices, but not for selected text. It fails to report the result of verification.
Support Staff 3 Posted by Steve on 04 Oct, 2013 11:32 AM
Closing this discussino. It will be reopened as soon as the according ticket is closed.
Steve closed this discussion on 04 Oct, 2013 11:32 AM.