Bug 378745 - s/mime x509: could not compose message: Nicht gefunden (en: not found)
Summary: s/mime x509: could not compose message: Nicht gefunden (en: not found)
Status: REPORTED
Alias: None
Product: kmail2
Classification: Applications
Component: composer (show other bugs)
Version: 5.4.3
Platform: Neon Linux
: NOR normal (vote)
Target Milestone: ---
Assignee: kdepim bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-04-13 15:46 UTC by Achim Bohnet
Modified: 2017-05-19 15:20 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments
Error msg & X509 key info (270.69 KB, image/png)
2017-04-13 15:46 UTC, Achim Bohnet
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Achim Bohnet 2017-04-13 15:46:29 UTC
Created attachment 105012 [details]
Error msg & X509 key info

Using KDE Neon User edition with kmail 5.4.3.  I can't send mails with my X509 key because S/MIME signature and/or encryption.  After pressing 'Send' I get two times:

  Could not compose message: Nicht gefunden  (englisch: not found)

Other cases for your information:
 * s/mime: Decrypting e-mails, works.
 * s/mime: verifying signatures fails (see https://bugs.kde.org/show_bug.cgi?id=378320)
 * opengpg: sending signed msg and verifying signatures works

Nothing is written to ~/.xsession-errors when composing fails.
Comment 1 Achim Bohnet 2017-04-13 17:12:47 UTC
When I try to encrypt only I get:

One or more of the OpenPGP encryption keys or S/MIME certificates for recipient "ach@mpe.mpg.de" is not fully trusted for encryption.
The following keys or certificates have unknown trust level: 
CN=Achim Bohnet,OU=Max-Planck-Institut fuer extraterrestrische Physik,O=Max-Planck-Gesellschaft,C=DE

That's strange because a) Kmail allowed me to choose the key in crypto tab of my identity settings, b) kleopatra does not allow me to change the trust level of my x509 key (popup menu entries disabled) and the root cert in  the chain as


'Trusted issuer?: Yes'  In the overview tab of the root cert.

Saving my crypto settings of my identity shows also the right key ids:

org.kde.pim.kmail: use custom templates for identity 1934454411 : false
org.kde.pim.kidentitymanagement: emitting changed() for identity 1934454411
org.kde.pim.kidentitymanagement: Store: "Preferred Crypto Message Format" : QVariant(QString, "s/mime")
org.kde.pim.kidentitymanagement: Store: "Signature Enabled" : QVariant(QString, "true")
org.kde.pim.kidentitymanagement: Store: "SMIME Signing Key" : QVariant(QString, "BB76E8A1B47AD3C579E402C571473BE1A15353E8")
org.kde.pim.kidentitymanagement: Store: "X-FaceEnabled" : QVariant(bool, false)
org.kde.pim.kidentitymanagement: Store: "Email Aliases" : QVariant(QStringList, ("ttt@mpe.mpg.de", "allee@mpe.mpg.de"))
org.kde.pim.kidentitymanagement: Store: "Disable Fcc" : QVariant(bool, false)
...
org.kde.pim.kidentitymanagement: Store: "SMIME Encryption Key" : QVariant(QString, "BB76E8A1B47AD3C579E402C571473BE1A15353E8")
...
org.kde.pim.kidentitymanagement: Store: "Email Address" : QVariant(QString, "ach@mpe.mpg.de")
org.kde.pim.kidentitymanagement: Store: "Inline Signature" : QVariant(QString, "")
org.kde.pim.kidentitymanagement: Store: "Pgp Auto Encrypt" : QVariant(bool, false)
org.kde.pim.kidentitymanagement: Store: "Templates" : QVariant(QString, "1005")
org.kde.pim.kidentitymanagement: Store: "Transport" : QVariant(QString, "54092201")
org.kde.pim.kidentitymanagement: Store: "Signature Type" : QVariant(QString, "file")
org.kde.pim.kidentitymanagement: Store: "Signature File" : QVariant(QString, "/home/allee/.signature")
org.kde.pim.kidentitymanagement: Store: "Pgp Auto Sign" : QVariant(bool, false)
org.kde.pim.kidentitymanagement: Store: "Attach Vcard" : QVariant(bool, false)
org.kde.pim.kidentitymanagement: Store: "Fcc" : QVariant(QString, "1002")
org.kde.pim.kidentitymanagement: Store: "uoid" : QVariant(QString, "1934454411")
org.kde.pim.kidentitymanagement: Store: "Drafts" : QVariant(QString, "1003")
org.kde.pim.kidentitymanagement: Store: "Dictionary" : QVariant(QString, "American English (United States)")
org.kde.pim.kidentitymanagement: Store: "Name" : QVariant(QString, "Achim Bohnet")
org.kde.pim.kidentitymanagement: Store: "Bcc" : QVariant(QString, "ach@mpemail.mpe.mpg.de")
org.kde.pim.kidentitymanagement: Store: "Identity" : QVariant(QString, "ach @ MPE")
...
Comment 2 Achim Bohnet 2017-04-14 14:13:46 UTC
I've now the kwatchgnupg output for the failing attempt to send signed mail to myself.  I'm not completely sure if the default settings hide all sensitiv information.  So I don't attach it here, until someone confirms that it save and/or asks to sent them privately.

log starts with

  4 - 2017-04-14 15:33:14 gpgsm[18261]: enabled debug flags: ipc
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 -> # Home: ~/.gnupg
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 -> # Config: /home/allee/.gnupg/gpgsm.conf
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 -> # DirmngrInfo: /home/allee/.gnupg/S.dirmngr
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 -> OK GNU Privacy Guard's S/M server 2.1.11 ready
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 <- OPTION display=:0
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 -> OK
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 <- OPTION enable-audit-log=1
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 -> OK
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 <- OPTION list-mode=1
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 -> OK
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 <- OPTION with-validation=1
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 -> OK 
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 <- OPTION with-ephemeral-keys=0
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 -> OK
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 <- OPTION with-secret=0
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 -> OK
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 <- OPTION offline=0
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 -> OK
  4 - 2017-04-14 15:33:14 gpgsm[18261]: DBG: chan_119 <- LISTKEYS BB76E8A1B47AD3C579E402C571473BE1A15353E8
Comment 3 Dennis Schridde 2017-05-19 15:20:21 UTC
In my KWatchGnuPG logs, I found following messages that somewhat relate to "not found":
```
...
 failed to open '/home/<<USER>>/.gnupg/policies.txt': No such file or directory
...
  4 - 2017-05-19 17:13:09 gpgsm[3596]: DBG: chan_10 <- INQUIRE SENDCERT <<...>>
  4 - 2017-05-19 17:13:09 gpgsm[3596]: certificate not found: Ambiguous name
  4 - 2017-05-19 17:13:09 gpgsm[3596]: DBG: chan_10 -> CAN
  4 - 2017-05-19 17:13:09 gpgsm[3596]: DBG: chan_10 <- ERR 167772217 Missing certificate <Dirmngr>
...
[client at fd 4 connected (local)]
  4 - 2017-05-19 17:13:09 gpg[3601]: enabled debug flags: memstat
  4 - 2017-05-19 17:13:09 gpg[3601]: error reading key: No public key
  4 - 2017-05-19 17:13:09 gpg[3601]: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
  4 - 2017-05-19 17:13:09               outmix=0 getlvl1=0/0 getlvl2=0/0
  4 - 2017-05-19 17:13:09 gpg[3601]: secmem usage: 0/65536 bytes in 0 blocks
[client at fd 4 disconnected]
...
  4 - 2017-05-19 17:13:12 gpgsm[3711]: failed to open '/home/<<USER>>/.gnupg/policies.txt': No such file or directory
  4 - 2017-05-19 17:13:12 gpgsm[3711]: Note: non-critical certificate policy not allowed
...
  4 - 2017-05-19 17:13:12 gpgsm[3711]: checking the CRL failed: Not found
  4 - 2017-05-19 17:13:12 gpgsm[3711]: validation model used: shell
...
```