Page MenuHome GnuPG
Create Task
Maniphest T6056

Kleopatra: Improve handling of embedded filename
Closed, ResolvedPublic
Actions

Description

The use case for this is file encryption or the PGP/Partitioned "attachment.pgp" if you rename an encrypted file after encryption you loose the Information which type the file is if you remove the original extension and the filename might differ.

This is important because filenames / filetype might be confidential. As the original filename is embedded anyway (have to make sure this also happens when kleopatra is used) we can use this.

As automatic renaming the output file can have security implications e.g. if the output then is an .exe or .dll or tries some kind of path attack is problematic, my idea would be to open a message box when the output file name differs from the original filename and then ask the user if the output file should be renamed to the original filename.

Details

Version
master

Revisions and Commits

rKLEOPATRA Kleopatra
rKLEOPATRAc5a5af14e9d1 Allow retrieving the file name of an Output
rKLEOPATRA5a2213de79be On request, save decrypted file with embedded file name
rKLEOPATRAc6d235f2f34a Store file name of result file in DecryptVerifyResult
rKLEOPATRA57c73f6acd19 Use automatic memory management for temporary working directory
rKLEOPATRA75f8a896f691 Set file name of encrypted data if a single file is encrypted
rM GPGME
rM99c1b14470f2 doc: Update NEWS
rM5436b309fe67 qt: Allow setting the file name of signed and encrypted data
rMbc10169724d2 qt: Allow setting the file name of encrypted data

Related Objects

Event Timeline

aheinecke triaged this task as High priority.Jul 5 2022, 12:33 PM
aheinecke created this task.
ikloecker edited projects, added Restricted Project; removed g10code.Jul 5 2022, 4:28 PM
ikloecker added a subscriber: ikloecker.

Move from g10code to gpgcom, as discussed with Andre.

ikloecker claimed this task.Jul 5 2022, 4:28 PM
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker added a commit: rMbc10169724d2: qt: Allow setting the file name of encrypted data.Jul 6 2022, 8:54 AM
ikloecker added a commit: rM5436b309fe67: qt: Allow setting the file name of signed and encrypted data.
ikloecker added a commit: rKLEOPATRA75f8a896f691: Set file name of encrypted data if a single file is encrypted.Jul 6 2022, 9:12 AM
ikloecker added a commit: rKLEOPATRA57c73f6acd19: Use automatic memory management for temporary working directory.Jul 6 2022, 12:18 PM
ikloecker added a commit: rKLEOPATRA5a2213de79be: On request, save decrypted file with embedded file name.Jul 6 2022, 5:38 PM
ikloecker added a commit: rKLEOPATRAc6d235f2f34a: Store file name of result file in DecryptVerifyResult.
ikloecker added a commit: rKLEOPATRAc5a5af14e9d1: Allow retrieving the file name of an Output.
ikloecker changed the task status from Open to Testing.Jul 7 2022, 9:40 AM
ikloecker removed ikloecker as the assignee of this task.
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker added a project: Restricted Project.

Ready for testing.

Note that prior to the changes made for this task, Kleopatra did not embed the original file name in the encrypted files.

ikloecker added a commit: rM99c1b14470f2: doc: Update NEWS.Aug 10 2022, 10:15 AM
werner closed this task as Resolved.Aug 10 2022, 4:00 PM
werner claimed this task.
werner mentioned this in T6128: Release GPGME 1.18.0.
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Apr 5 2023, 1:52 PM
aheinecke mentioned this in T6852: Kleopatra: Spaces in embedded filenames incorrectly handled.Nov 29 2023, 11:50 PM