Import private key to thunderbird 78 and with local gnupg


the problem is the symmetric encrypted private key cannot be decrypt directly in thunderbird.
This looks like a general problem from tb with symmetric keys.
So before importing the key in newer tb you need first to decrypt the key.
By the way the in html enveloped attachment it makes it more complex, because gnupg does not find a key directly in the file so the ascii part of the encrypted key must be firstly stored to a legal file:

  1. Send the private key to yourself by using the button in dc below -settings- -> -advanced-. Leave the window open because you need the 4x9 code to decrypt the key.
  2. In thunderbird open the inbox and identify and open the new autocrypt message which contains a autocrypt….html file
  3. Store the file on local filesystem.
  4. Edit the file and remove all the html stuff so only the lines beginning -----BEGIN PGP MESSAGE----- … -----END PGP MESSAGE----- is left. Save the file with .asc.asc (double .asc) extension.
  5. Use in a terminal to decrypt the file to yourfilename.asc. As encryption key you must yuse the setup code from your dc with all minus-signs like 1234-5678-9012-2345-…-7890. This will create the yourfilename.asc which contains your unprotected private key.
  6. Use tb and open the PGP KeyManager in Tools menu.
  7. Here in File -> Import Secret Key File choose the unprotected yourfilename.asc to import the key to thunderbird 78.
  8. Check preferences.

You should now be able to decrypt the mails in deltachat imap folder.

If you are using other gpg frontends like gpa maybe it is easier to use them by using the clipboard. You can open the html attachement and copy simply the whole pgp part in the clipboard, then decrypt the content by the tool.
But before importing to tb mostly you must use a file where you save the encrypted private key.
It is also possible for a direct import of an decrypted key as attachement (with asc ending) is more complex because you must sent a new mail with the encrypted file to yourself ant this is more unsafe.

I checked tb’s OpenPGP Key Manager which has also a Import Key(s) from Clipboard feature.
The decrypted private key can also import by using the clipboard instead of using a file.
So If you are using e.g. gpa copy the encrypted content to the clipboard and use Key Manager’s import key feature by the Edit menu.

i hope i won’t be a huge jackass here, because i just wanted to say “hi, and welcome to the forums” and…

not sure if you’re asking for any help here, but since nobody chimed in yet i’ll just entertain my quick superficial thought about privacy and encryption.

the way i see it, most people today worrying about doing it don’t really have that much to worry about.

i mean, criminals and opportunists alike will look for basically 2 things when they want to exploit online vulnerabilities: everything and anything that’s encrypted is a primary target. everything else is left to bots. both go through known bugs and thoughtless processes and some self employed logic.

based on this thought, i never encrypt anything other than my passwords. i never share my passwords. and the only problem i ever had in over 30 years and terabytes of data was, not coincidentally, with freaking google.

nothing is more secure than having many good backups.

again, really sorry if this is completely irrelevant here! :kissing_heart:

Thanks, @Ye8zo2ah, I just read up on the changes related to PGP in the new Thunderbird version thanks to your post:

Great to hear that they don’t rely on GnuPG anymore as it’s not so great software in many aspects.

I’m on an older Ubuntu version, so I’m still using Thunderbird 68, but your advice will certainly be useful once I update because I have imported my Delta Chat keys to TB.

I fear it is. Quick superficial thoughts have that tendency :wink:

1 Like

thanks for the quick and superficial feedback! :rofl: