Problems with PGP encryption

I’m having problems sending PGP encrypted emails. I have imported the user’s key and attempted to send them an email but get the pop-up No valid S/MIME encryption certificates or PGP keys for , were found. If I attempt to send an email to myself then it shows only my email address. I installed Thunderbird + EnigMail and was successfully able to send emails with that, and if I sent them to myself as PGP/MIME then eM Client would be able to decrypt them. Any ideas on how to get this working? I would prefer not to have to use Thunderbird.

There is a bug in eM Client that requires you have your own PGP key pair setup before you can send encrypted messages to others. This is a complete misunderstanding of the process of sending encrypted messages.

If you do not have a key pair for the address you are sending from, set that up, and it should then work using the recipients public key.

Thanks for the response Gary. I did start working with a new key pair that I generated from gpg4win as gpg was complaining about MDC with the old pair, but was still getting the same error as above. But now oddly enough after having received an encrypted and signed message back from the recipient, which eM Client was successfully able to decrypt and verify signature on, I am now able to reply and send new messages without any errors. Hopefully eM Client can smooth out these PGP issues in the future!

Still doesn’t seem to work correctly.

I have a working personal PGP key installed and also the public key of my intended recipient.

When I select encrypt and hit send it looks to go fine. However when I check in my sent folder the email has been encrypted with my public key…

Any help would be great.

Is the receiver able to open the message Phillip?

Just waiting for them to let me know. Maybe I have the concept wrong…

If I encrypt with their public key I assume then I cannot decrypt the message to read it. Would that be correct or is it done in such a way that I can still read back later what I sent?

I noticed the same thing as Phillip when I checked back after seeing his response. I was wondering if the message stored in the Sent folder is a copy of the original email encrypted with your public key so that you can read what you sent, while what actually was delivered was encrypted correctly with the recipient’s public key. I’m waiting to hear back from my recipient as well.

Pretty sure something isn’t working correctly. As I can read that sent message on a different device as long as I provide the password/PIN to my private key.

Happy to test with both you chaps.

Let me know and we can exchange public keys and test.

Also happy to test. You can send me an email at [email protected] and I will send you my public key from my normal email address.

Phillip, they will use their private key to decrypt the message. The public key is used for encrypting only. That is why there is a pair, one private that is not shared with anyone because it is used for decrypting, and one public that you can share with others. It is not possible to use a public key to decrypt a message. Maybe that is why the sent message is encrypted with your own key, so you can read it as Jeffery commented.

Totally got that, but the moment I encrypt the message with their public key then I also should be denied the ability to read it. When I decrypt in another client it is clear it has only been en/decrypted using my certificate.

Hopefully I am doing something exceptionally silly and missing a vital step.

I dropped you my public key via your gmail.

Interesting thing Phillip, when I tried to send you an encrypted message using your public key, I got a similar error to Jeffery. ;-(

Strange, do you want to send me your public key and I will try from Thunderbird which I have just set up with Enigmail.

Gary not sure why it isn’t showing here but got the message about you sending your public key already. I definitely have not received a thing. Send again to my gmail and I will reply with it encrypted and signed.

Phill

My bad, it was in the spam folder. Sending now…

Think the following page helped clear it up for me.

https://www.digitalocean.com/community/tutorials/how-to-use-gpg-to-encrypt-and-sign-messages

"Encrypt Messages

You can encrypt messages using the “–encrypt” flag for GPG. The basic syntax would be:

- gpg --encrypt --sign --armor -r [email protected] name\_of\_file

This encrypts the message using the recipient’s public key, signs it with your own private key to guarantee that it is coming from you, and outputs the message in a text format instead of raw bytes. The filename will be the same as the input filename, but with an  .asc  extension.

You should include a second “-r” recipient with your own email address if you want to be able to read the encrypted message. This is because the message will be encrypted with each person’s public key, and will only be able to be decrypted with the associated private key.

So if it was only encrypted with the other party’s public key, you would not be able to view the message again, unless you somehow obtained their private key. Adding yourself as a second recipient encrypts the message two separate times, one for each recipient."

I suspect the mail client is effectively using the -r flag to ensure you can then go back and read the content of the email that you generated. Makes total sense.

I think on that basis all is working well…

I can confirm that my recipient was able to read the messages I had sent over, so all is well over here.

I am having the same issue as the OP.  I create a brand new key/pair using emClient.  I have sent the pub key to a recipient who was able to use it to sign and send me an email which I was able to encrypt.  However when I try and send them an encrypted message using the pub key they sent me and I imported into emClient I get the same error sated by the OP.

That also was my issue with what Phillip sent me. See above.

He changed the way the key was generated, and after I imported the new key, I was able to encrypt messages to him.

I don’t know if this is eM Client being over-particular about the key, or in Phillip’s case, eM Client generating a defective key. I do know that eM Client is currently working on solving some encryption issues, so maybe when there is a new release it will behave differently.