Page MenuHome GnuPG

Kleopatra: SignEncryptWidget::isDeVsAndValid does not skip revoked UIds
Closed, ResolvedPublic

Description

We have the problem again that revoked UIDs are not ignored by the validity check in isDeVsAndValid.

I wonder if we should make a function that combines isKeyDeVs and uidsHaveFullValidity.

As we skip revoked Uids I wonder if we should not also skip invalid UserIds, because we would never use them.

Event Timeline

aheinecke created this task.
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker changed the task status from Open to Testing.Mar 17 2023, 2:31 PM
ikloecker removed ikloecker as the assignee of this task.
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker added a subscriber: ikloecker.

We are now using the new helper DeVSCompliance::keyIsCompliant everywhere where previously isKeyDeVs and uidsHaveFullValidity were used or should have been used (as in SignEncryptWidget::isDeVsAndValid).

ebo claimed this task.
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ebo added a subscriber: ebo.

works, a key with a revoked uid is accepted as VS-NfD compliant, VS-Desktop-3.1.27.0-beta44