• Members 5 posts
    Jan. 2, 2021, 9:28 a.m.

    Hello everyone,

    my main mail account runs at Posteo, which is a privacy-friendly mail provider. Therefore, I have an existing key pair which I am using in Thunderbird and which is also used by my mail provider (i.e. mails on the server are encrypted with my key).

    Now, I wanted to start using PEP on my Android phone. I exported my private and public key to my phone and tried to import it in PEP (by using Account → Settings → Privacy → Open PGP Compatibility → PGP Key Import from Filesystem). The imports seems to have worked since I can read the encrypted mail in my mail folder. However, when I'm sending mail it gets encrypted with the key which was generated by PEP, I guess, since it's not the public key that I've imported.

    I can't seem to figure out how to tell PEP to use my imported key for encrypting mail. Also, the imported key (signature ends with 80) does not show up in the "Extra Key Management" section of the settings (screenshot attached).

    If I'm trying to import my keys again, it yields an error:
    "2021-01-02 10:27:46.626 6695-18278/? W/KeyImportPresenter$onKe: Couldn't set own key: CA375A62EEF7BCEBD5D11855B2EA254FD0B87E80

    Thanks for your held and advice and happy new year :)


    PNG, 91.3 KB, uploaded by crystalnet on Jan. 2, 2021.


    PNG, 105.9 KB, uploaded by crystalnet on Jan. 2, 2021.

  • Jan. 4, 2021, 10:53 a.m.

    The public-privat key pair is generated for your own mail account.
    Outgoing e-mails can contain its public key unless you set passive mode to true.
    Drafts are encrypted to your own keypair.
    Outgoing mails will be encrypted to the receivers public key, not your own.
    Extra Keys are a enterprise feature to allow regulated access to company emails without your enterprise keypair.

    Are you sure that the wording is correct and the recipient of your e-mail gets mails encrypted to your OWN private key?

  • Members 5 posts
    Jan. 4, 2021, 4:49 p.m.

    Thanks for the reply and sorry for not being precise.
    Of course my private key is only used to decrypt incoming mail that was encrypted to my public key. This seems to work so far as I can read incoming mail that was encrypted to my imported public key.
    Nevertheless, when I'm sending an email, not my imported public key gets attached, but another key that was presumably created by pEp. I would like to use the imported key pair though, not the one created by pEp. But I can't seem to find a place within pEp where I can manage the keys for my account.

  • Jan. 4, 2021, 7:20 p.m.

    It could be that the imported key is using unsupported algorithms and features like el gamal for example or an insufficient key length and was considered insecure.
    Do you have details about the key you tried to import and use?

  • Members 5 posts
    Jan. 13, 2021, 8:53 a.m.

    I think that's rather unlikely, it should be a standard 4096 bit RSA key.