PGP & Aliendalvik bug -> email with PGP (Fairmail et al) not possible

REPRODUCIBILITY (% or how often): 100
BUILD ID = OS VERSION (Settings > About product): 3.4.0.xx
HARDWARE (Jolla1, Tablet, XA2,…): X10 & X10plus
UI LANGUAGE: german
REGRESSION: (compared to previous public release: Yes, No, ?): No

DESCRIPTION:

Since I know no way of encrypting my email natively on SFOS with PGP / GPG, I use Fairmail on android emulation together with Open Keychain:
When I try to send an encrypted and signed mail, there should be a popup to allow access to Open Keypass. This is just for milliseconds and cannot be pressed.

PRECONDITIONS:

for my job it is mandatory to send encrypted emails. Using SFOS because there is less data leak is almost obligatory. Encrypting emails is needed by law (health data)

STEPS TO REPRODUCE:

  1. send encrypted mail with Fairmail
  2. popup should appears once
  3. it does not.

EXPECTED RESULT:

a popup that lets me select OpenKeychain access for the first time
Then Fairmail and others (K9…) have access and will not ask again.

ACTUAL RESULT:

Window disappears back to task overview. Selectig the fairmail tile again shows the popup for some milliseconds. Even if I am very fast and try to select “allow”, there is no way.

ADDITIONAL INFORMATION:

Any way of using pgp encryption with emails on sfos?
installing jolla-email-crypto-gnupg does not help as it is not documented anywhere.

Your title doesn’t match the problem very well (as a bug report). Maybe something like: XYZ dialog doesn’t display properly in Android runtime?

For native solutions there is something called jolla-email-crypto-gnupg that if installed pulls in even more related-sounding packages. However, i can’t seem to figure out how to use it, or if it is quite ready.

thx, corrected.
I know of jollas package but never found a manual or at least something how to integrate.
I do not need to create a key, that is what the manuals I found are about. I wish to encrypt an email with keys I already have.

1 Like

https://together.jolla.com/question/887/gpg-for-email-and-other-stuff/?answer=155818#post-id-155818

It is implemented in SFOS and it has a UI (according to @dcaliste who wrote the support)

Hmmmm, there ain’t no doc for pgp from Jolla, as I have stated above. I have no clue where that UI should be. jolla-email-crypto-gnupg does nothing. It is mentioned in a chainglog only.

There is no manual, sorry.

This is not supported yet natively. Only signing and verifying has been implemented.

Besides a minor bug in QMF that sould be corrected with the next release. It is working, I’m using it regularly.

You have to import a private key on your phone or generate on the phone from CLI. Then, go to the setting app, account section. Select the email account you want to sign emails with, and see that there is a Crypto section there where you can choose the key to be used. Then, in the composer, signing the out going emails is checked by default. When sending the mail, the system will ask for the passphrase of your private key. When receiving a signed email, there is nothing to do, you will see in the header of the mail that it is signed. The verification can only proceed if you have the public of the sender on your device. If it is in a default server, then, you can download it from the UI, otherwise do it from CLI, or modify GPG configuration to add your favorite server of public keys.

2 Likes

First of all: thx for you work.
I do not have crypto settings in account. I installed jolla-email-crypto-gnupg but this makes no change in the account settings. How can I import my key that I already sign my mails on other devices?

I’m sorry there is no UI to import a key on the device at the moment. You have to use the command line. But it is using standard tools from the GnuPG project. The only drawback at the moment is the ancient version of GnuPG that is in use.

On your desktop, you need to export the key (public and private) that corresponds to your email (see for instance https://unix.stackexchange.com/questions/481939/how-to-export-a-gpg-private-key-and-public-key-to-a-file). Copy the file to the device.

On the device, import the key (https://unix.stackexchange.com/questions/184947/how-to-import-secret-gpg-key-copied-from-one-machine-to-another).

Then, you should be able to see your key listed in the crypto section in your email account setting page.

1 Like

Thanks a lot, that helped.

I’d really like to pick up that topic again since open keychain via android emulation is the only way to send pgp encrypted emails. I heavily rely on encrypted emails for my job. In fact I have to encrypt almost everything from a legal point / by law.
It worked before 3.4, at least after trying around a bit with opening and closing the apps. Since selecting pictures and other bugs in aliendalvik was (almost) solved in 3.4, this got broken. That makes it impossible for me to use it as my business phone.
I cannot imagine AuroraOS for coorporate use cannot send encrypted emails. I’d be happy to have some input from Aurora stuff or solving the issue in aliendalvik.
Thanks a lot @dcaliste for your work and help, but signing is not enough for my needs.

1 Like