Per the Dovecot site here: https://wiki.dovecot.org/Plugins/MailCrypt ... the "decrypt.rb" ruby script can be used to decrypt a Dovecot-encrypted message file from the command line.? The script sort of runs successfully for me, in the sense that it doesn't error out, but it doesn't show the decrypted message. I've called it like so: decrypt.rb -k <PATH_TO_DOVECOT_KEYFILE> -f ./encrypted_message But when I do it just displays the info below and exits (I've subbed <DATA> tags for the actual data): ------------------[OUTPUT]----------------------- Key(s) (total: 1) ? - Key type? : EC ? - Key digest: <DATA1> ? - Peer key? : <DATA2> ? - Encrypted : <DATA3> ? - Kd hash?? : <DATA4> ------------------------------------------------------- I've tried specifying an output file as well, per the script's command line options, but the output file is 0 bytes.? Does anyone have any suggestions?? I *think* I'm using it the way it's intended to be used, but maybe I'm not?! -Dave
On 9.4.2019 2.33, Dave via dovecot wrote:> Per the Dovecot site here: > https://wiki.dovecot.org/Plugins/MailCrypt > ... the "decrypt.rb" ruby script can be used to decrypt a > Dovecot-encrypted message file from the command line.? The script sort > of runs successfully for me, in the sense that it doesn't error out, > but it doesn't show the decrypted message. > > I've called it like so: > decrypt.rb -k <PATH_TO_DOVECOT_KEYFILE> -f ./encrypted_message > > But when I do it just displays the info below and exits (I've subbed > <DATA> tags for the actual data): > > ------------------[OUTPUT]----------------------- > > Key(s) (total: 1) > ? - Key type? : EC > ? - Key digest: <DATA1> > ? - Peer key? : <DATA2> > ? - Encrypted : <DATA3> > ? - Kd hash?? : <DATA4> > > ------------------------------------------------------- > > I've tried specifying an output file as well, per the script's command > line options, but the output file is 0 bytes.? Does anyone have any > suggestions?? I *think* I'm using it the way it's intended to be used, > but maybe I'm not?! > > -Dave >Hi! Maybe the key you tried was not used to encrypt the file? Aki
>> I've tried specifying an output file as well, per the script'scommand line options, >> but the output file is 0 bytes.? Does anyone have any suggestions?? I *think* I'm >> using it the way it's intended to be used, but maybe I'm not?! >> -Dave > > Hi! > Maybe the key you tried was not used to encrypt the file? > Aki Aki, it's the same key I've used in the config for the mail_crypt plugin in 90-plugin.conf: plugin { ? mail_crypt_global_private_key = <[PATH_TO_PRIVATE_KEY] ? mail_crypt_global_public_key = <[PATH_TO_PUBLIC_KEY] ? mail_crypt_save_version = 2 } That's the private key that's encrypting all of the messages successfully, so that's the one I would use with script, correct? -Dave