The problem is that you signed friendencryptedpasswordbase64.txt
, but are trying to verify using phase2friendencryptedpassword.txt
(non-base64). If you verify with the former, it works perfectly!
In addition to that I do see a couple security-related problems. They aren't causing the issue you asked about, but they go against good security practice.
First, you probably want to encrypt your password with your friend's public key instead of your private key. Then only your friend's private key will be able to decrypt it. Otherwise anyone with your public key can decrypt your encrypted password.
Second, generally, you don't want to use the same key for multiple purposes (i.e. signing and encrypting). Use a separate key for each function.