PGP & Aliendalvik bug -> email with PGP (Fairmail et al) not possible

apozaf · 22 October 2020 17:33

REPRODUCIBILITY (% or how often): 100
BUILD ID = OS VERSION (Settings > About product): 3.4.0.xx
HARDWARE (Jolla1, Tablet, XA2,…): X10 & X10plus
UI LANGUAGE: german
REGRESSION: (compared to previous public release: Yes, No, ?): No

DESCRIPTION:

Since I know no way of encrypting my email natively on SFOS with PGP / GPG, I use Fairmail on android emulation together with Open Keychain:
When I try to send an encrypted and signed mail, there should be a popup to allow access to Open Keypass. This is just for milliseconds and cannot be pressed.

PRECONDITIONS:

for my job it is mandatory to send encrypted emails. Using SFOS because there is less data leak is almost obligatory. Encrypting emails is needed by law (health data)

STEPS TO REPRODUCE:

send encrypted mail with Fairmail
popup should appears once
it does not.

EXPECTED RESULT:

a popup that lets me select OpenKeychain access for the first time
Then Fairmail and others (K9…) have access and will not ask again.

ACTUAL RESULT:

Window disappears back to task overview. Selectig the fairmail tile again shows the popup for some milliseconds. Even if I am very fast and try to select “allow”, there is no way.

ADDITIONAL INFORMATION:

Any way of using pgp encryption with emails on sfos?
installing jolla-email-crypto-gnupg does not help as it is not documented anywhere.

attah · 22 October 2020 18:02

Your title doesn’t match the problem very well (as a bug report). Maybe something like: XYZ dialog doesn’t display properly in Android runtime?

For native solutions there is something called jolla-email-crypto-gnupg that if installed pulls in even more related-sounding packages. However, i can’t seem to figure out how to use it, or if it is quite ready.

apozaf · 22 October 2020 18:51

thx, corrected.
I know of jollas package but never found a manual or at least something how to integrate.
I do not need to create a key, that is what the manuals I found are about. I wish to encrypt an email with keys I already have.

ApB · 22 October 2020 19:06

https://together.jolla.com/question/887/gpg-for-email-and-other-stuff/?answer=155818#post-id-155818

It is implemented in SFOS and it has a UI (according to @dcaliste who wrote the support)

apozaf · 22 October 2020 20:00

Hmmmm, there ain’t no doc for pgp from Jolla, as I have stated above. I have no clue where that UI should be. jolla-email-crypto-gnupg does nothing. It is mentioned in a chainglog only.

dcaliste · 24 October 2020 16:01

There is no manual, sorry.

This is not supported yet natively. Only signing and verifying has been implemented.

dcaliste · 24 October 2020 16:06

Besides a minor bug in QMF that sould be corrected with the next release. It is working, I’m using it regularly.

You have to import a private key on your phone or generate on the phone from CLI. Then, go to the setting app, account section. Select the email account you want to sign emails with, and see that there is a Crypto section there where you can choose the key to be used. Then, in the composer, signing the out going emails is checked by default. When sending the mail, the system will ask for the passphrase of your private key. When receiving a signed email, there is nothing to do, you will see in the header of the mail that it is signed. The verification can only proceed if you have the public of the sender on your device. If it is in a default server, then, you can download it from the UI, otherwise do it from CLI, or modify GPG configuration to add your favorite server of public keys.

apozaf · 25 October 2020 20:17

First of all: thx for you work.
I do not have crypto settings in account. I installed jolla-email-crypto-gnupg but this makes no change in the account settings. How can I import my key that I already sign my mails on other devices?

dcaliste · 26 October 2020 08:09

I’m sorry there is no UI to import a key on the device at the moment. You have to use the command line. But it is using standard tools from the GnuPG project. The only drawback at the moment is the ancient version of GnuPG that is in use.

On your desktop, you need to export the key (public and private) that corresponds to your email (see for instance https://unix.stackexchange.com/questions/481939/how-to-export-a-gpg-private-key-and-public-key-to-a-file). Copy the file to the device.

On the device, import the key (https://unix.stackexchange.com/questions/184947/how-to-import-secret-gpg-key-copied-from-one-machine-to-another).

Then, you should be able to see your key listed in the crypto section in your email account setting page.

apozaf · 26 October 2020 16:11

Thanks a lot, that helped.

apozaf · 16 November 2020 21:50

I’d really like to pick up that topic again since open keychain via android emulation is the only way to send pgp encrypted emails. I heavily rely on encrypted emails for my job. In fact I have to encrypt almost everything from a legal point / by law.
It worked before 3.4, at least after trying around a bit with opening and closing the apps. Since selecting pictures and other bugs in aliendalvik was (almost) solved in 3.4, this got broken. That makes it impossible for me to use it as my business phone.
I cannot imagine AuroraOS for coorporate use cannot send encrypted emails. I’d be happy to have some input from Aurora stuff or solving the issue in aliendalvik.
Thanks a lot @dcaliste for your work and help, but signing is not enough for my needs.

LiamWilliams · 25 March 2022 15:54

to encrypt letters, try using specialized mail, this will save you time and be convenient to use, for example, I use private encrypted beeble mail (for me it has a lot of positive aspects), but you have access to the Internet where you can always find what you need fit

apozaf · 25 March 2022 16:05

thx, but I dont trust beeble. Having trackers in their website, including facebook, I would not use it to send a mail to a lawyer. Also the medical board of my country did not aprove beeble for sending medical data to other MDs.
For convenient reasons, if I have to send it with my phone, I use FairMail with pgp or just encrypt a textfile.
I still dont know how to gpg encrypt mails in sfos’s mail client.

LiamWilliams · 30 March 2022 14:31

I specifically visit their website and found no trackers (no Facebook tracker either). I have the client itself deployed on a subdomain, you can’t get there without authorization. On their website, in the “How it works” section, everything is described in detail

pherjung · 31 March 2022 08:51

@apozaf Is this bug still present on 4.4.0.58?

pherjung · 19 May 2022 16:28

For your information: [APP][5.0+] FairEmail - Fully featured, open source, privacy oriented email app | Page 1087 | XDA Forums

EDIT: Just saw your title. Are you using Fairmail or FairEmail?
EDIT2: It’s finally not dead

pherjung · 26 June 2022 20:43

I tested FairEmail and OpenKeyChain on an Android device and compared with my SailfishOS device. Behaviour is slightly the same and I was able to send encrypted mails.

@apozaf Do you still experiencing this bug? Otherwise I’ll ask to close this bug report as it is fixed.

apozaf · 28 June 2022 15:42

Nope, works with vewer sfos versions.

flypig · 3 August 2022 18:01

Thanks for the original bug report @apozaf, and for all of the useful comments and testing. I’m glad it’s now working.

Since we have a solution marked I’m also tagging it as “fixed”.

apozaf · 8 August 2022 12:04

Awesome flypig, 1000 thanks go to you