gpg-agent sometimes pops up confirmation dialogs. This can't yet be handled with the loopback pinentry. Try gpg option --batch.

I tried to melt it down to a specific beta release with which it isn't possible anymore to decrypt send emails.

Jochen, I am currently using Windows 10 version 1607 (OS Build 14393. 1230).

Won't we fixed for 1.4 and 2.0 (which is too close to EOL). Has been fixed for master; see T2359.

In 2.2.2 you will see "Secret sibkeys are available" and commands which require the primary key are disabled.

Since this is a bug that is related to two different parts of the gpg4win package, this bug now only cares about the GpgOL Issue, that GpgOL crashes and cant decrypt messages from the sent folder that are encrypted with S/MIME. All File Based Issues are belonging to Kleopatra are documentet in the KDE Phabricator (https://phabricator.kde.org/T7310).

What Version of Windows do you use? If you use an older Windows (pre 7) please follow this guideline: https://wiki.gnupg.org/Gpg4win/releases/3.0/notes

1. Mails encrypted with S/MIME are stored with "No Data" in the sent EMail folder, but arrive properly at the recipients (you will recieve a readable copy, if you add yourself to the list of recipients). This Issue breaks the GpgOL Plugin after some time which is leading to the described Problem.

gpgme does not known about return codes because it uses a double fork approach. However, certain staus lines could have the same effect.

Hm, perhaps this non-zero return code is due to not being able to write to the GNUPGHOME directory, actually. It goes away when GNUPGHOME is writable. That doesn't make sense either -- this operation doesn't actually depend on being able to write to GNUPGHOME, so it shouldn't return a different error code if GNUPGHOME is unwritable.

I am closing this bug report, as I can't get feedback to fix something.

GnuPG 1.4 is only for old features. New features are only supported by GnuPG 2.2.

2. Files that are Signed and Encrypted to a S/MIME Certificate is broken. When you select a file and encrypt and sign it to a recipient, only a detached signature will be created and the Encrpyted file is missing. (Very similar to Issue 1, but file based).

https://phabricator.kde.org/D8368

Can you please try again with the standard shell (and not the power shell)?

Please look in the status bar of your desktop. You should see a (blinking) tab for the Pinentry. Unfortunately it is not always possible to get the Pinentry into the foreground and Windows will instead show it in the status bar.

Same issue exists in 2.2:

Same here on current stable (3.0.0):

DCO = Developer's Certificate of Origin. See gnupg/doc/HACKING under "** License Policy" .

The long term goal is to replace sshcontrol by aflag in the extended private key format. This would instantly solve the bug. Thus closing.

Let's move that to master.

A backport to 2.0 does not make anymore sense given EOF in 2 months.

No info received, similar to another fixed bug, and for 2.0 which will soon reach EOL.

I am preparing the patch I am using against 2.2.0. What is DCO?

gniibe: Can you check the status?

2.0 will reach EOL soon and we have received no response. Thus closing. If the problem persists with 2.2 (e.g. from gpg4win 3.0) please re-open this bug.

Won't be fixed for 1.4.

No, I used the standard Windows command line

2.0 reached eol in 2 months so need to check it. For 1.4 I assume it has been fixed ;-)

@perske, may I ask you to send a DCO and an possible updated patch against 2.2 to gnupg-devel@ ? I would like to add it to 2.2.2. Sorry for the delays.

There should be a backup file in these cases.

I would suggest to close this as won't fix.

In 2.2 we implemented --import-option show-only which dies the right thing, that is to use the reguarl key-listing code. Backporting this to 1.4 does not make sense - people should move on and use gpg 2.2.

Given that we received no info after nearly two years, shouldn't we simply assume that this bug as been fixed?

This patch was released with 1.4.22

Thanks for testing. Did you try with a powershell?

Tried this on Windows 8.1 (x64) with GnuPG 2.2.1 (libgcrypt 1.8.1) and was not able to reproduce it.

I can replicate this now. Unfortunately without logging enabled.

This is exactly what I was looking for --> Settings > Configure Kleopatra > Crypto operations > Create signed or encrypted files as text files
Thanks!

I tried to replicate this but failed. Well, I am on Vista and standard cmd.exe. Can you please try your tests again on a standard cmd.exe shell?

@gouttegd provided a patch to implemented that policy. I setup a server server to check this:

gpg -v --fetch-key https://test.gnupg.org/testurl/redirect-to-http.html

Here is a part of the log inline:

I would suggest to close this report even that I have the same problem with the g10 Code cert on Vista - but it used to work when I bought that cert.

Hello Jochen,

There is just another person experiencing the same problem with an Exchange based account on Win10pro x64, Outlook 2016 x86.

I don't have access to this description. I used official, newest releases. I searched for this issue on the web, on the gpg4win page but did not find a solution. Is there any accessible information?

This sound like the issue described in https://wald.intevation.org/forum/message.php?msg_id=5265&group_id=11

With that in place, I think there is no need to add them to the PATH.

So far we could recreate the following issues:

DLL hell. There are no command line tools and thus tehre is no need to put them into PATH. Well, except for the shasums - if that is really required, put them into a different directory but that needs to synced with Kleopatras use.

In what kind of problem should we run by adding it to the path?

The gpg4win 3.0 installer does not have the option to install documentation, therefore the docs are missing on purpose. This is done to lower the footprint of the installer, but they are of coursestill available via the homepage.

Why should that be useful? It will only run us into lot of problems.

There are more Logfiles:

Then this is a duplicate of T3442 as well! Thank you for you Logfiles and your report!

I have both types of certificates stored in kleopatra; S/MIME from StartCOM and OpenPGP created by Kleopatra.

What I mean is that the installer does not install the documentation (I even de-compressed the installer "gpg4win-3.0.0.exe" with 7-zip: PDF doc archives are present in this version but links to the PDF files are not installed) nor the menu in the "Start Menu" (see below the Menu correctly installed by "gpg4win-2.3.4.exe" but not available at install time and by the way not installed in the Menu drop list (OS: WIN7 64-bit, US).

Are those mails sent by GpgOL with Outlook or recieved? Can you explain your complete Workflow and state what software was used in it?

Can you relate to the issue described in the GPG4win Forums?

Duplicate of T3441.

What menus did you miss? Do you mean the right-click menus or kleopatra/gpa in the start menu?

You could try to use NO-MIME (or PGP/INLINE) instead of the OpenPGP/MIME standard. You can change the way of packaging your encrypted content in the GpgOL Addin Options.

In T3448#104201, @werner wrote:

What is this Chocolatey?

Did you try to sign and encrypt with an X.509 or S/MIME key or with OpenPGP Key?

I added a Workaround in the Wiki: https://wiki.gnupg.org/Gpg4win/releases/3.0/notes

I added the workaround in the Wiki: https://wiki.gnupg.org/Gpg4win/releases/3.0/notes

So why isn't app->setWindowIcon(QIcon(QLatin1String(":/document-encrypt.png"))); a desktop environment thing?

This is a distribution or desktop environment thing. We maintain only the upstream version.