As far as I know this works.

This works but might have created a regression which is tracked in T4701

I still would like to test this some more and work on it. I think the implemnation might still be a bit fragile.

I'll try to look at it this week. Apologies for the delay with this.

Last week GpgOL again destroyed an email with a BSI newsletter - it was shown as empty after I opened it a second time - and the same is true in such cases then in Windows 10 Mail as well as using Outlook Web Access:

The signature of the latest communication from German Buerger CERT Warnings could be read and the signature could be verified. I tried also with Hasso-Plattner-Institute (Identiy leak checker), the same result. I do not understand, why all signature verification failed last week, and they can be verified this week. However, at the moment it seems to work fine.

I have the same problem since today with Outlook 2016. In the past months / weeks GpgOL version 2.4.2 worked fine. I received some mails today signed by the German Buerger CERT warnings. The signature as "asc" file was attached, but could not be verified. Today I received also a PGP signed e-mail from Hasso-Plattner-Institute (Identity leak checker), also this signature could not be checked. Both worked fine in the past and the public keys stored in Kleopatra are valid.

If helpful I can demonstrate or let you debug in a TeamViewer (I have a license) or VNC remote session in a fresh VM.
For sure this is not urgent for me. So, take your time!

Mmh, No Data usually means that our parser had a hickup. I'll look at your examples.

Mmh, No Data usually means that our parser had a hickup. I'll look at your examples.

Hi Andre,

can you hover over the GpgOL Icon and look at the tooltip? Maybe there was an error during validation.

I'm not really sure if "No Key" is a better string for "Ignore Recipient". But most other things are either unclear (ignore recipient) or can be misunderstood like (Do not encrypt to this recipient) as this could also mean that the recipient gets an unencrypted mail.

It now looks like this:

I installed microsoft office 2016 on a brand new laptop and got the same problem described in the post listed above.
My solution was to uninstall the pre-configured app : "Microsoft Office Desktop Apps" and voila!!

I also tested it with Outlook 2010 and there this did not happen. So it's probably save to assume that this was a behavioral change in some more recent Outlook Version.

Has been released and confirmed to be working.

Fix is in, will be released with 3.1.10

Fix is in. Will be released with 3.1.10

This is resolved

It turned out to be a downstream issue and the change in message class was enough from our side.

This is fixed.

This was fixed with 3.1.9

This should be fixed.

Testing with the DGN certificate showed that GPGSM returns a signature verification error (invalid digest algorithm) in this case. So the signature summary is not even checked.

This issues is not really about the CRL's. GpgOL should not activate the EFail protection if a CRL check fails. That is the issue here.

We need to know the issuers of the CRLs under question.

See also T4538 which we can only fix in 2.2 after we have checked that this does not break the VS-NfD approval.

Sorry for the delay, I was on my summer vacation ;-)

@joaociocca Can you please try to update to Gpg4win-3.1.9 and try again.

I just received answer that this is still a problem in the current release.

I'm so sorry. It was a problem with mail server, not a GpgOL bug.

Hi Andre,

Hi,
as usual, thanks for your help.

I'm having a very similar problem in 3.1.5! Randomly, when I try to view a PGP-signed e-mail, nothing shows, both on preview panel and when I open the message.

File->Save As now works for crypto mails. It saves the encrypted message.

This works now, the hidden BeforePrint Event enabled us to detect when a print happens and the old code to do blocking decrypts enabled the actual printing.
We also do not print "our categories" (encrypted message, level x trust),... anymore, even in quick print.

The change in message class did not help.

Works for me

My understanding of this issue and the fix for it is that Outlook with exchange detects that our mails are S/MIME mails. As the attachments are modified by us outlook wants to save the changes on move. This fails because it can't do the crypto. Leading to the error. This also happens when such a mail is closed.

We did not remove the "<>" from the content id. This worked for the first display but when forwarding they got doubled and it broke.

The code had the assumption that a content-id
could only exist on an attachment for HTML mails as it otherwise
does not make sense.

I was able to reproduce this when I forwarded the mail after opening it in a new window. Somehow that appears to influence it.

Closing this as the moving problem was fixed.

That was obvious. rG6fc5df1e10129f3171d80cf731f310b9e8d97c26 fixes this.

When doing a "gpgsm --with-validation -k foo" (assuming you have a cert foo) gpgsm now goes into a loop and prints the certficates that match "foo" over and over again. I have not tested if it was caused by this change but I think it is likely.

I imported 39 certificate files at once with Kleopatra with about 700 certificates and it worked. Took a long time though so It would be nice if Kleopatra would show a progess indicator or some indication that the import is running. But this is a different issue.