Page MenuHome GnuPG
Create Task
Maniphest T4969

Kleopatra: Disable rich text in notepad widget
Closed, ResolvedPublic
Actions

Description

DISCLAIMER: It is entirely possible that Kleopatra's notepad is supposed to support encrypting rich text, in which case this bug report is invalid. However, I believe decryption/verification of rich text should not fail if the content is valid PGP.
Relevant KDE bug report here: https://bugs.kde.org/show_bug.cgi?id=421216

When posting from a rich text source (e.g. a browser or LibreOffice), Kleopatra's notepad widget will accept the formatting. For encrypted messages from such sources, verifying or decrypting may fail.

Attached document (KDE bugtracker): https://bugs.kde.org/attachment.cgi?id=128273

STEPS TO REPRODUCE

  1. Download attached test file. It includes a PGP signed message with some formatting. I used this key to sign the message: https://keybase.io/iswz/pgp_keys.asc?fingerprint=618c5b0e104a3043b2fd520ad80a4cf9997f2abf
  2. Copy and paste contents into Kleopatra's notepad and click "Decrypt / Verify Notepad".

OBSERVED RESULT

With certificate:
Ian Schwarz <ian@datacube.xyz> (D80A 4CF9 997F 2ABF)
The signature is invalid: Bad signature

EXPECTED RESULT

Signature created on Samstag, 9. Mai 2020 11:21:33 CEST
With certificate:
Ian Schwarz <ian@datacube.xyz> (D80A 4CF9 997F 2ABF)
The signature is valid.

Removing the formatting by pasting into Kate before pasting it into Kleopatra's notepad leads to the verification succeeding.

I have created a pull request on GitHub (https://github.com/KDE/kleopatra/pull/1).

Details

External Link
https://bugs.kde.org/show_bug.cgi?id=421216

Revisions and Commits

rKLEOPATRA Kleopatra
rKLEOPATRA089ae0574b15 Do not accept rich text in notepad

Related Objects
Search...

Event Timeline

tnbp created this task.Jun 8 2020, 10:19 AM
tnbp created this object in space S1 Public.
tnbp added a project: Bug Report.
aheinecke closed this task as Resolved.Jun 8 2020, 3:35 PM
aheinecke claimed this task.
aheinecke added a subtask: T4789: Gpg4win-3.1.12.
aheinecke added a subscriber: aheinecke.

Thanks for the nice report. The fix was completely straightforward, I just didn't think about rich text when I implemented it.

I've fixed it and tested by pasting your sample. It gave me a good signature after my fix.

aheinecke added a comment.Jun 8 2020, 3:37 PM

Argh, I had overlooked that you even mention a pull request.
So Apologies that I did not attribute the fix directly to you.

aheinecke added a commit: rKLEOPATRA089ae0574b15: Do not accept rich text in notepad.Jun 8 2020, 3:38 PM
tnbp added a comment.Jun 8 2020, 4:52 PM

Cool, thanks for fixing this!

Do you think you could add a line to your GitHub readme so people know to come here in the future? :-)

werner closed subtask T4789: Gpg4win-3.1.12 as Resolved.Nov 11 2020, 5:02 PM