Page MenuHome GnuPG
Create Task
Maniphest T7295

Kleopatra: Add explanation for message "no secret key"
Open, HighPublic
Actions

Description

When one tries to decrypt a file which is not encrypted to any of the keys in their keyring, they get the message:

"Decryption failed: No secret key" and on the next line e.t. "One unknown recipient" or "Recipient: Some UID":

The Audit log shows:

gpg: verschlüsselt mit RSA Schlüssel, ID CD573B2B0736643A
gpg: Entschlüsselung fehlgeschlagen: Kein geheimer Schlüssel

Edited on 2024-09-24:

As some users seem not to understand this, we want to add some text in a new line on the condition that the error message is "No secret key":

"This means that the data you want to decrypt was not encrypted to any of your secret keys."

And then be a bit more verbose on the recipient line, too.
Replace "Unknown recipient" with "The data is encrypted to: unknown recipient." or "The data is encrypted to an unknown recipient."
Choose the possibility here which works best in all cases/is easier to implement.
(I'm not sure what other possibilities have to be kept in mind here, I assume the "unknown recipient" is a variable and there are various other possible values.)

Details

External Link
https://invent.kde.org/pim/kleopatra/-/merge_requests/283

Revisions and Commits

rKLEOPATRA Kleopatra
rKLEOPATRA1d1abe8b6746 Make the meaning of "no secret key" clearer
rKLEOPATRA0a6d2e6a3134 Make the meaning of "no secret key" clearer
rKLEOPATRA14ff7ad88d43 Make the meaning of "no secret key" clearer

Event Timeline

ebo created this task.Fri, Sep 20, 1:04 PM
werner triaged this task as High priority.Mon, Sep 23, 1:13 PM
werner added a subscriber: werner.

I'd write: "This means that the data you want to decrypt was not encrypted to any of your private keys."

ebo renamed this task from Draft: Kleopatra: Add explanation for message "no secret key" to Kleopatra: Add explanation for message "no secret key".Tue, Sep 24, 9:00 AM
ebo updated the task description. (Show Details)
ebo added a project: vsd33.
ebo added subscribers: ikloecker, TobiasFella.
werner added a comment.Tue, Sep 24, 10:40 AM

Okay, okay: s/private key/secret key/

ebo updated the task description. (Show Details)Tue, Sep 24, 10:42 AM
ebo updated the task description. (Show Details)
TobiasFella claimed this task.Wed, Sep 25, 10:19 AM
TobiasFella added a commit: rKLEOPATRA14ff7ad88d43: Make the meaning of "no secret key" clearer.Wed, Sep 25, 11:13 AM
TobiasFella set External Link to https://invent.kde.org/pim/kleopatra/-/merge_requests/283.Wed, Sep 25, 11:19 AM
TobiasFella moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ebo added a comment.Wed, Sep 25, 1:49 PM

Ingo suggested additional changes and due to the helpful screenshot in the MR I've got some, too.

  1. As we already have a condition for the gpg-error "No secret key.", we could change "Decryption failed: No secret key." to "Decryption not possible: No secret key."
  1. Change "This means that the data you want to decrypt was not encrypted to any of your secret keys." to: "This means that the data you want to decrypt was not encrypted to any of the locally available secret keys." This would cover the user story of a deleted or "not yet copied to new device" key.
  1. Get rid of the italics (I think it is only for unknown recipients, known ones have standard font).
  1. Spacing. There should be another newline before the "The data is encrypted to an unknown recipient." line. But we could remove the empty line after "No secret key." as the following sentence explains it, so no new paragraph is needed there.
ebo added a comment.Wed, Sep 25, 5:02 PM

For the "unknown recipients" there was the good suggestion to not show that line at all. As it has no additional information which is not included in the new explanation. I like that, but only in the case that there are no known recipients at all, as it would be confusing to list only e.g. one known recipients and then not mention the 5 unkown ones, IMHO.

Some screenshots for the current look, so that we all have a picture of what is the starting point:



TobiasFella added a commit: rKLEOPATRA0a6d2e6a3134: Make the meaning of "no secret key" clearer.Thu, Sep 26, 2:59 PM
TobiasFella added a commit: rKLEOPATRA1d1abe8b6746: Make the meaning of "no secret key" clearer.Fri, Sep 27, 10:41 AM