Page MenuHome GnuPG

Kleopatra: "imported certificates" tab inconsistencies
Open, NormalPublic

Description

EDIT 2024-07-08:
Desired outcome is:

  • same behavior when using the Import button or the context menu of the explorer or double-clicking the certificate file
  • no import tab if the certificate list is empty before the import
  • otherwise always show import tab if numConsidered is != 0

When importing or trying to import a (public or private) key via the "import" button:
A new "imported certificates" tab is wrongly shown if I try to import (without scuccess) a key which is already in the keyring:

In contrast if a public key which I want to import is not present in the keyring and therefore is actually imported, (usually) no "imported certificates" tab is shown, although it should.
The exception I found so far are:

  • an expired key, where the import is shown, too, if it actually is imported.
  • if no secret key is present in the keyring

--> maybe the not showing of a tab is connected with the condition connected with the "do you want to certify the certificate?" question?

For a secret key the "imported certificates" tab seems to be always shown unless it is imported into an empty keyring.

When trying to import a key already existing in the keyring by double clicking on the key file, the tab does not open. But it does not show either, when a key is actually imported. Right click -> "more gpgEX options" -> import keys seems to behave the same.

These seem to me 3 separate issues.

Details

Version
4.1.0

Event Timeline

werner triaged this task as Normal priority.Apr 12 2023, 8:44 AM
werner added a project: Bug Report.
ebo added a project: Restricted Project.Sep 22 2023, 11:47 AM
TobiasFella changed the task status from Open to Testing.Mar 12 2024, 5:20 PM
TobiasFella moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Apr 5 2024, 12:02 PM
ikloecker moved this task from Backlog to WiP on the vsd33 board.

Tested with version 3.2.2.2405000+git~ (Gpg4win-4.3.2-beta25)

  • now an import tab is created when importing new keys
  • no import tab is created when the certificate was already in the keyring (key might be unchanged or changed)

But when a secret key to a certificate already in the keyring is imported, there is no new tab created, also.
Is this what we intend?

Another observation: I import 10 public keys of which 3 were in the keyring already. But all 10 are shown in the import tab.

And does it make sense to open an import tab if you import a certificate into an empty keyring/box?

So Tobias fixed the technical reason why there was no import tab shown after the certify questions because I was too lazy (no I had no more time ;-) ) when I implemented this to carry the keylistcontroller around.

I think what we want is an end result of:

  • Always show an imported certificates tab unless the keyring was empty before the import.

@ebo do you agree?

Well, i can live with it. It would be an improvement.
I would prefer if no import tab was created if a key has not been updated and therefore nothing was actually imported. But I see that this would be more complicated to implement and I have no strong opinion on this anyway.

ebo changed the task status from Testing to Open.Fri, Jul 5, 1:50 PM
ebo moved this task from QA to WiP on the vsd33 board.

Just a small addendum to what Andre wrote: Obviously, no tab should be shown if nothing was imported (i.e. numConsidered is 0).

ok, to make it clear how exactly to implement and test this, let me rephrase what my interpretation of your comment is:

  • if something is reported "imported" by gpg, either a pubkey or a secret key to an already existing subkey, an import tab should be shown
  • if a pubkeys validity period was extended by the refresh, no import tab should be shown, as this would be an update of the signatures of that key and no new import

If I that is correct, then AFAIK the following would still have to be changed:

  • show import tab for import of secret key (and not only for import pubkey)
  • do not show import tab if the keyring was empty before the import

ok, new try. As Ingo now clarified that that "nothing was imported" and "nothing was considered" is synonymous for him, then I misunderstood that comment. As far as I understand the "considered" that would mean that a tab would come up for import of unchanged keys, too.

https://invent.kde.org/pim/kleopatra/-/merge_requests/242

  • Don't show the tab if the certificate list was empty before the import
  • Show tab when any keys were considered, not only when any keys were imported