Page MenuHome GnuPG
Create Task
Maniphest T6702

Kleopatra: Use GPGME_ENCRYPT_ALWAYS_TRUST
Open, NormalPublic
Actions

Description

When an error occurs during S/MIME file encryption the user should be offered a yes / no message box, which indicates that we can lower the security checks. Make it non VS-NfD compliant (in VS-NfD) mode and try again to encrypt with: GPGME_ENCRYPT_ALWAYS_TRUST.

Revisions and Commits

rKLEOPATRA Kleopatra
rKLEOPATRAe4e4615f4fe8 Fix initialization of encryption flags
rKLEOPATRA9eed4a45ed93 Don't set the AlwaysTrust flag for S/MIME

Related Objects
Search...

Event Timeline

aheinecke triaged this task as Normal priority.Sep 4 2023, 8:49 AM
aheinecke created this task.
aheinecke added a subtask: T6559: GPGSM: "always trust like override" or "force" option.
ebo changed the status of subtask T6559: GPGSM: "always trust like override" or "force" option from Open to Testing.Sep 7 2023, 10:51 AM
ebo closed subtask T6559: GPGSM: "always trust like override" or "force" option as Resolved.Sep 18 2023, 3:39 PM
aheinecke raised the priority of this task from Normal to High.Oct 13 2023, 9:56 AM

We just realized that similar to what we had in GpgOL ( https://dev.gnupg.org/T6701 ) that AlwaysTrust is used by default. And this will now result in the behavior which I also mentioned in our meeting that without question it encrypts to any S/MIME certificate. Without any warning that it is not VS-NfD compliant to do so.
This must be fixed because otherwise we show an operation as VS-NfD compliant, e.g. to encrypt to a certificate with a broken CRL. Which is not VS-NfD compliant because the CRL check was not done.

So where encrypt jobs are used we need to check for the protocol and first try to encrypt to S/MIME without ALWAYS_TRUST because otherwise the operation will always go through.

aheinecke added a comment.Oct 13 2023, 10:04 AM

For testing with file encryption and notepad you can use this chain which is valid but does not provide a valid CRL for us

greenbone-support.pem2 KBDownload
just please do not send mails to this certificate.

ikloecker added a commit: rKLEOPATRA9eed4a45ed93: Don't set the AlwaysTrust flag for S/MIME.Oct 13 2023, 10:44 AM
aheinecke lowered the priority of this task from High to Normal.Oct 13 2023, 11:23 AM

Ok. Both notepad and file encryption now again produce errors as expected. So the new override would just be a new feature and no longer a regression.

We should probably also check KMail though. There might be a similar fix needed although there I am unsure if the old keyresolver does not do a crl check when a certificate is selected.

ikloecker added a subscriber: ikloecker.Oct 13 2023, 2:36 PM
In T6702#176858, @aheinecke wrote:

We should probably also check KMail though. There might be a similar fix needed although there I am unsure if the old keyresolver does not do a crl check when a certificate is selected.

Not sure about S/MIME, but for OpenPGP I'm pretty sure that a check is done when a certificate is selected in the old approval dialog (resp. in the key chooser opened from this dialog).

ikloecker added a commit: rKLEOPATRAe4e4615f4fe8: Fix initialization of encryption flags.Oct 17 2023, 10:41 AM