30 Nov 2007

GPG Signature + S/MIME Encryption = Unreadable Mail

I made an unwitting discovery earlier this week regarding Apple Mail and its built-in S/MIME functionality, when used in combination with Sen:te Software’s free (and excellent!) GPGMail: for reasons that I can’t quite figure out so far, if you send an encrypted S/MIME message and also sign it using GPG (OpenPGP style, not ASCII-armored), the resulting message will be corrupted and unreadable by the recipient.

I verified this using Apple Mail 2.1 and GPGMail 1.1.

Note that it’s perfectly okay to send a message that’s signed both ways, and I do this frequently. Both signatures will verify on the other end (assuming nothing gets mangled in the mail system). The problem just seems to occur if you try to encapsulate an OpenPGP signed message inside an S/MIME encrypted one.

So far I haven’t tested the reverse, an S/MIME signed message encrypted as OpenPGP and sent that way, because many more of my correspondants use S/MIME than GPG.

This entry was converted from an older version of the site; if desired, it can be viewed in its original format.