Right. And the MDC detects this and only if says okay you get a good decryption status back.
Feed All Stories
Wed, Jan 7
Wed, Jan 7
• werner added a comment to T7907: Encrypted Message Malleability Checks are Incorrectly Enforced Causing Plaintext Recovery Attacks.
anthumchris closed T8004: Bindings for The GnuPG UI Server Protocol, a subtask of T7975: Official GPGme interface/bindings for Nodejs (node), as Invalid.
I may have misinterpreted what The GnuPG UI Server Protocol is. Instead, I will provide high-level functions to all of gpgme's underlying features
timegrid added a comment to T8015: Kleopatra: Status in certificate list not updated after import.
to make sure we talk about the same thing, it's about the status column:
anthumchris added a subtask for T7975: Official GPGme interface/bindings for Nodejs (node): T8005: TypeScript support.
anthumchris edited parent tasks for T8005: TypeScript support, added: T7975: Official GPGme interface/bindings for Nodejs (node); removed: T8004: Bindings for The GnuPG UI Server Protocol.
anthumchris removed a subtask for T8004: Bindings for The GnuPG UI Server Protocol: T8005: TypeScript support.
timegrid added a comment to T8015: Kleopatra: Status in certificate list not updated after import.
The imported cert was berta`s in this case.
• ikloecker added a comment to T8019: gpg does not print warning about untrusted key when verifying signatures made by expired (and untrusted) keys.
Interestingly, gpg also prints the warning about the missing trusted key signature when verifying a signature made with a revoked key that has a valid certification by a trusted key. This could be intentional (because the revocation invalidates all certifications), but it's still a bit surprising.
andrewgdotcom added a comment to T7907: Encrypted Message Malleability Checks are Incorrectly Enforced Causing Plaintext Recovery Attacks.
This warning shall only show up if a message was really modified and not in case of
a simple truncation.
• ikloecker added a comment to T8015: Kleopatra: Status in certificate list not updated after import.
timegrid added a comment to T8017: Okular: Hang on signature with smime cert and distrusted root.
>gpgsm -v --sign --local-user "Edward Tester" test.pdf > test.gpg.p7s
gpgsm: enabled compatibility flags:
gpgsm: looking up issuer from the Dirmngr cache
gpgsm: number of matching certificates: 0
gpgsm: dirmngr cache-only key lookup failed: No data
gpgsm: issuer certificate {04A0A7E932B29D43A9B6673139AF52C0A5FC467BF5A64D044D1AC33613ABBB73CA532569F5779999114C0118CD66FDF6E92B1B0EEE2A4D5A815DA7FD892DDDE9C1} not found using authorityKeyIdentifier
gpgsm: looking up issuer from the Dirmngr cache
gpgsm: number of matching certificates: 0
gpgsm: dirmngr cache-only key lookup failed: No data
gpgsm: certificate is good
gpgsm: root certificate is not marked trusted
gpgsm: fingerprint=D4:EC:A6:B4:69:AB:B5:44:08:27:CB:3F:C7:D7:91:08:3C:10:27:DB
gpgsm: DBG: BEGIN Certificate 'issuer':
gpgsm: DBG: serial: 01
gpgsm: DBG: notBefore: 2020-03-26 19:41:01
gpgsm: DBG: notAfter: 2063-04-05 17:00:00
gpgsm: DBG: issuer: CN=Root-CA 2020,OU=GnuPG.com,O=g10 Code GmbH,C=DE
gpgsm: DBG: subject: CN=Root-CA 2020,OU=GnuPG.com,O=g10 Code GmbH,C=DE
gpgsm: DBG: hash algo: 1.2.840.113549.1.1.11
gpgsm: DBG: SHA1 Fingerprint: D4:EC:A6:B4:69:AB:B5:44:08:27:CB:3F:C7:D7:91:08:3C:10:27:DB
gpgsm: DBG: END Certificate
gpgsm: after checking the fingerprint, you may want to add it manually to the list of trusted certificates.
gpgsm: validation model used: shell
gpgsm: can't sign using 'Edward Tester': Not trusted
[GNUPG:] FAILURE gpgsm-exit 50331649svuorela added a comment to T8017: Okular: Hang on signature with smime cert and distrusted root.
How does gpgsm react if you try to sign with the certificate?
• gniibe committed rE753f59cd2c7a: w32:spawn: Handle the case where ->hProcess has invalid handle. (authored by • gniibe).
w32:spawn: Handle the case where ->hProcess has invalid handle.
l10n daemon script <scripty@kde.org> committed rMTP88260bb6b555: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rKLEOPATRAdbcd94448380: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rMTPb71d3eda391d: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rLIBKLEO5958c16f5c92: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rKLEOPATRA6228a72e7490: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Tue, Jan 6
Tue, Jan 6
the13thletter added a comment to T8013: gpgconf does not support the --enable-win32-openssh-support option for gpg-agent.
Frankly, he OpenSSH support for Windows was experimental and I have never tested it. If it can be confirmed that this really works and is useful, it will be easy to add the opeion to gpgconf.
web: Fix typo
• werner committed rD7ac55ef6c70b: web: Swap Mastodon icon wth Fernmeldegeheimnis (authored by • werner).
web: Swap Mastodon icon wth Fernmeldegeheimnis
• ikloecker added a comment to T7790: Kleopatra: "no trusted certification" should have precedence over "expired" in signature verification.
Oh, I just noticed that gpg doesn't say anything about the trust of the key if the key is expired. Compare this to the following output of gpg in case of a not-expired signing key without trusted certifications.
[GNUPG:] NEWSIG
gpg: Signature made Di 06 Jan 2026 16:35:20 CET
gpg: using EDDSA key 98FB8E8F8E5F58FA653E17A6FC9B2EF2C62AC7BE
[GNUPG:] KEY_CONSIDERED 98FB8E8F8E5F58FA653E17A6FC9B2EF2C62AC7BE 0
[GNUPG:] SIG_ID mmuLNgiB0C7AfTaVYpNjZbcVQok 2026-01-06 1767713720
[GNUPG:] GOODSIG FC9B2EF2C62AC7BE t7790-expired
gpg: Good signature from "t7790-expired" [unknown]
[GNUPG:] VALIDSIG 98FB8E8F8E5F58FA653E17A6FC9B2EF2C62AC7BE 2026-01-06 1767713720 0 4 0 22 10 00 98FB8E8F8E5F58FA653E17A6FC9B2EF2C62AC7BE
[GNUPG:] TRUST_UNDEFINED 0 pgp
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
98FB8E8F8E5F58FA653E17A6FC9B2EF2C62AC7BE• ikloecker added a comment to T7790: Kleopatra: "no trusted certification" should have precedence over "expired" in signature verification.
How I reproduced this:
- Create new test key
- Detached-sign some text with the new test key
- Change trust of test key to "unknown"
- Expire the test key (e.g. with gpg --quick-set-expire FPR seconds=1)
timegrid added a comment to T8015: Kleopatra: Status in certificate list not updated after import.
Other observations:
- after removing the smartcard reader again it's still not reproducible
- after win restart it's not always reproducible
- best chances to reproduce by killing all gpg related processes and deleting gnupghome and Gpg4Win folders first, then import
timegrid added a comment to T8015: Kleopatra: Status in certificate list not updated after import.
after attaching a smartcard reader with a smartcard, i can't reproduce this issue anymore
timegrid added a comment to T8015: Kleopatra: Status in certificate list not updated after import.
timegrid added a comment to T8015: Kleopatra: Status in certificate list not updated after import.
Interesting. I also wasn't able to reproduce this anymore, although I even created a new VM to make sure this is reproducible in a clean setup (and it was reproducible every time).
After restart of windows, it is reproducible again. This is the debugview output for an import without status update:
web: Link to our mastodon account.
web: New debian packages
timegrid moved T7272: Kleopatra: Look up missing OpenPGP certificates for card keys from QA to Done on the gpd5x board.
Looks good to me on gpg4win-5.0.0-beta479 @ win11.
• ikloecker added a comment to T8015: Kleopatra: Status in certificate list not updated after import.
I cannot reproduce this on Linux. Here I see that the file system watcher notices that trustdb.gpg was changed and triggers a keylisting.
• ikloecker added a comment to T8015: Kleopatra: Status in certificate list not updated after import.
Also: What happens if you cancel the ownership question and then change the owner trust of the key on the command line?
• ikloecker added a comment to T8015: Kleopatra: Status in certificate list not updated after import.
Please attach the log output of Kleopatra
timegrid moved T7937: Kleopatra: Screenreaders stay silent when smartcard window is opened from QA to Done on the gpd5x board.
Done
- progress/busy indicator shown (probably also read, but loading was too fast, so it skipped the text)
alt+m Manage Smart Cards - Kleopatra window Loading smart cards... tab control OpenPGP - 0005 00009D58 tab Alt+ O
timegrid added a comment to T8017: Okular: Hang on signature with smime cert and distrusted root.
Maybe it would be better to just not offer S/MIME certs with distrusted root cert?
svuorela added a comment to T6731: Default save dir in okular/windows is wrong.
Note: It does not seem to be possible to open a pdf from an URL, at least not via CLI okular.exe <URL> (it says Unknown protocol 'https').
timegrid moved T7285: Okular: Improvement of error messages regarding signatures from QA to WIP on the gpd5x board.
I tried to get any error response but found those issues instead:
• ikloecker changed the status of T8014: Kleopatra: Incorrect handling of unset keyserver in configuration dialog from Open to Testing.
Fixed.
• ikloecker committed rKLEOPATRA429beeb20991: Explicitly set keyserver to "none" if usage of keyserver is disabled (authored by • ikloecker).
Explicitly set keyserver to "none" if usage of keyserver is disabled
• ikloecker committed rKLEOPATRA2a3e927f0ba3: Fix handling of unset keyserver and improve usability (authored by • ikloecker).
Fix handling of unset keyserver and improve usability
timegrid added a comment to T8017: Okular: Hang on signature with smime cert and distrusted root.
If all processes are killed before okular is opened, i get an error:
timegrid added a comment to T8017: Okular: Hang on signature with smime cert and distrusted root.
gpgsm.log (debug-all, whole process of signing)
timegrid moved T6731: Default save dir in okular/windows is wrong from QA to Done on the gpd5x board.
Looks good to me on gpg4win-5.0.0-beta479 @ win11. The default path is now the same as the path of the opened file:
• werner added a comment to T1825: Add a re-encrypt to additional key.
Regarding my comment T1825#191055 : The mane page has long been updated and gpgme support is also available. For the symmetric session key, see the feature request T8016
Looks good to me on gpg4win-5.0.0-beta479 @ win11:
- gpg --show-only-session-key --decrypt FILE shows only the session key
- gpg --add-recipients -r UID1 FILE adds recipients (tested with one or more uids)
- gpg --change-recipients -r UID FILE changes the recipients (tested with one or more uids)
timegrid moved T7983: gpg: the validity of a secret key is changed by making a certification with it from QA to Done on the gnupg26 board.
timegrid moved T7983: gpg: the validity of a secret key is changed by making a certification with it from QA to Done on the gpd5x board.
Looks good to me on gpg4win-5.0.0-beta479 @ win11.
I can't reproduce ebo's nor pl13's issue.
• ebo moved T6731: Default save dir in okular/windows is wrong from Backlog to QA on the gpd5x board.
• ebo moved T7285: Okular: Improvement of error messages regarding signatures from Backlog to QA on the gpd5x board.
• ebo moved T7983: gpg: the validity of a secret key is changed by making a certification with it from Backlog to QA on the gpd5x board.
• ebo moved T7983: gpg: the validity of a secret key is changed by making a certification with it from Backlog to QA on the gnupg26 board.
• ikloecker moved T8014: Kleopatra: Incorrect handling of unset keyserver in configuration dialog from Backlog to WIP on the gpd5x board.
• ebo moved T7427: Kleopatra: Crash after decryption if files has an embedded file name from Backlog to QA on the gpd5x board.
• ikloecker triaged T8014: Kleopatra: Incorrect handling of unset keyserver in configuration dialog as Normal priority.
• ebo moved T7439: Kleopatra: DecryptVerifyFilesDialog crashes when output folder does not exist from Backlog to QA on the gpd5x board.
• ebo moved T7549: Kleopatra: crash on click in certificate extension dialog from Backlog to QA on the gpd5x board.
• ikloecker changed the status of T7772: Kleopatra: Config option - only allow upload of certificates with private key to LDAP keyserver from Open to Testing.
Backported for VSD 3.4
• ikloecker committed rKLEOPATRAbed77c838ec2: Add config option for disabling upload of public third-party keys (authored by • ikloecker).
Add config option for disabling upload of public third-party keys
• ikloecker added a comment to T7772: Kleopatra: Config option - only allow upload of certificates with private key to LDAP keyserver.
The option
[Export] AllowPublicKeyUpload=true
has been added. If this option is disabled (i.e. set to false) then Kleopatra only allows the upload of OpenPGP keys for which the user has the secret key.
• ikloecker committed rKLEOPATRA711daad6fc94: Add config option for disabling upload of public third-party keys (authored by • ikloecker).
Add config option for disabling upload of public third-party keys
• werner triaged T8013: gpgconf does not support the --enable-win32-openssh-support option for gpg-agent as Normal priority.
Frankly, he OpenSSH support for Windows was experimental and I have never tested it. If it can be confirmed that this really works and is useful, it will be easy to add the opeion to gpgconf. Note that the gpgconf option feature handles only a subset of all options on purpose.
l10n daemon script <scripty@kde.org> committed rMTPae8b9f142a84: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rLIBKLEOc63175e1a3ba: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rMTP389997ef92a9: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rLIBKLEOad2e3cfed131: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rKLEOPATRA5caa3a50e1ad: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Mon, Jan 5
Mon, Jan 5
tfry committed rOJe09903855d28: Move away from email-address as client mapping key (authored by tfry).
Move away from email-address as client mapping key
• ikloecker changed the status of T7848: Kleopatra: Remove whitespace from suggested export filename from Open to Testing.
Backported for VSD 3.4
• ikloecker committed rKLEOPATRA3fbe2175864f: Replace spaces and invalid characters in file names of exported keys (authored by • ikloecker).
Replace spaces and invalid characters in file names of exported keys
• ikloecker committed rKLEOPATRA379626310cd7: Add helper to sanitize strings used as file name (authored by • ikloecker).
Add helper to sanitize strings used as file name
• ikloecker committed rKLEOPATRA0d1ef9c40e3d: Rename StripSuffixTest to PathHelperTest (authored by • ikloecker).
Rename StripSuffixTest to PathHelperTest
• ikloecker committed rLIBKLEO078837dae86c: Add helper returning pretty name or email of a key (authored by • ikloecker).
Add helper returning pretty name or email of a key
• ikloecker added a comment to T7848: Kleopatra: Remove whitespace from suggested export filename.
Fixed everywhere where we export some certificate or public/secret (sub)key. Additionally, to space characters we also replace /, \, and : everywhere in the (proposed) file names now.
• werner updated the task description for T7906: Memory Corruption in ASCII-Armor Parsing.
• ikloecker committed rKLEOPATRA3c379f4e98e1: Replace spaces and invalid characters in file names of exported keys (authored by • ikloecker).
Replace spaces and invalid characters in file names of exported keys
• ikloecker committed rKLEOPATRA5e235f92da07: Rename StripSuffixTest to PathHelperTest (authored by • ikloecker).
Rename StripSuffixTest to PathHelperTest
• ikloecker committed rKLEOPATRAd37384a4da70: Add helper to sanitize strings used as file name (authored by • ikloecker).
Add helper to sanitize strings used as file name
Bump library version
• ikloecker committed rLIBKLEOaa0d63322b77: Add helper returning pretty name or email of a key (authored by • ikloecker).
Add helper returning pretty name or email of a key
• werner committed rG5f4ad39b16a4: doc: Rename an internal function to clarity the purpose. (authored by • werner).
doc: Rename an internal function to clarity the purpose.
• werner committed rG8d4fc76677cc: dirmngr: Help detection of bad keyserver configurations. (authored by • werner).
dirmngr: Help detection of bad keyserver configurations.
• ikloecker changed the status of T7637: Kleopatra: certifications by available secret key which is *not* set to "ultimate" owner trust are disregarded from Open to Testing.
Fixed and backported for VSD 3.4
• ikloecker committed rKLEOPATRA9d5dbed2c25a: Avoid confusion with shared team keys (authored by • ikloecker).
Avoid confusion with shared team keys
Make tooltip less wide
timegrid moved T7730: gpg: retrieve a certificate from an LDAP server before sending it to the LDAP server from QA to Done on the gnupg26 board.
timegrid moved T7730: gpg: retrieve a certificate from an LDAP server before sending it to the LDAP server from WIP to Done on the gpd5x board.
The problem was the keyserver configuration, which does not include a scheme (ldap:):
keyserver ldap.gnupg.test:389:uid=LordPrivySeal,ou=GnuPG Users,dc=gnupg,dc=test:pass:dc=gnupg,dc=test: