can you hover over the GpgOL Icon and look at the tooltip? Maybe there was an error during validation.

Account disabled and I'm closing this as resolved.

With me it happens all the time: Outlook 2013 x64 is half-maximized at
right border, and GPG asks for the passphrase on sending a mail from the
inline editor, on Windows 7 x64, then it always happens.

Problem no longer exists. It has solved itself in the meantime. In addition, I ask for deletion of this account via the responsible administrator.

Are you seeing mixed-up MIME parts? or a different problem?

No problem, I'm glad i could help, accented letters are always a pain between encoding.

Thanks for reporting.

Please explain in more detail what does not work. Outlook 365 is actually part of our test environment.

Fixed now, both in the repo and on the file server. Thanks for noticing.

I really need to automate things more for a release there is just too much copy and pasting involved where mistakes can happen.

I think the problem is the following:

False alarm. Turns out pinentry-gtk-2.exe is also not working all the time.

@bb - I've tried this, this doesn't appear to work. It looks like the Gtk2 pinentry doesn't grab focus when doing authentication, either. Interestingly enough, it also doesn't show in the taskbar.

Note:
I added:

pinentry-program "C:\Program Files (x86)\Gpg4win\bin\pinentry-gtk-2.exe"

as a workaround to my gpg-agent.conf. This pinentry is able to grab the focus.

Does anyone has an update on this issue?

Can you help me please to understand why you think that this is a regular use case?

Fairly typical situation: user needs to encrypt binary and text regularly

@aheinecke , Would you consider re-opening this ticket?

I'm not really sure if "No Key" is a better string for "Ignore Recipient". But most other things are either unclear (ignore recipient) or can be misunderstood like (Do not encrypt to this recipient) as this could also mean that the recipient gets an unencrypted mail.

It now looks like this:

thanks for the report and trying to help with Gpg4win. The underlying problem is that our backend (GnuPG) does not provide proper error handling when changing the expiry date. We already had an issue for that so I've merged this task with T4395.

Thanks aheinecke and dkg.
I havent been able to replicate the fault using the command line (using the exact same command and options that our program is calling)
however our R&D dept have,
The next time it fails and we can replicate it we will try the --homedir fix and see if thats it.
Its the same user in the program and command prompt so we dont think its a certificate issue.

Thanks for the report. It is always good to have such issues documented.

This pretty much matches my test setup. As the crash is in GPGME it is out of Kleopatra's hand. So I'll try to write a test that repeats such a signing for lots of times. I think this is probably some random race condition.

I think that even if the reason is corrupted keys it would be good to handle this better, either in Kleopatra or in GnuPG. e.g. Kleopatra could detect if a keylisting takes too long and offer to do some cleanup programatically.

I don't think I can reproduce it, at least it didn't happen anymore after restarting and continuing the imports. AFAIR it happened after importing the "Master Key", during trying to import the "Release Key" from https://www.chiark.greenend.org.uk/~sgtatham/putty/keys.html
Ah and maybe one more hint: I have several keypairs, so the dialog for choosing the keypair to be used appears in the next step.

I'm also not sure how to classify this issue. I'm giving it low priority for now as we do not have the info to determine if this is a program error.

I think we had that issue in the past and solved it. It probably broke again. There is an external library we use for this dialog and that might have regressed in the latest update.

Mmh, the error log only tells me that it crashed in our GPGME library. So it is a bug in our software.

Hi Florian,

If you're on a platform that has awk available (any GNU/Linux and macOS should provide it), you can scan for the largest OpenPGP certificate in your keyring with an awk script i posted over at https://dev.gnupg.org/T3972#127356

How to find out which keys are affected?

You need to delete the flooded keys to make things go faster.

After waiting for far over an hour, Kleopatra read the keys. Now, things go faster (also in LibreOffice), but it still takes around 30 seconds, which is quite long.

gpg4win 3.1.10 did not fix this issue for me, neither in Kleopatra nor in LibreOffice.

This was released 2019-06-15

Has been released and confirmed to be working.

It turned out to be a downstream issue and the change in message class was enough from our side.

This is fixed.

This was fixed with 3.1.9

This should be fixed.

Testing with the DGN certificate showed that GPGSM returns a signature verification error (invalid digest algorithm) in this case. So the signature summary is not even checked.

Hi Maximilian,

Hi, @JW-D, as the 'fixed' version of mailvelope has been released, could you please confirm if the issue is solved for you with mailvelope 3.3.1, or if you're still affected? Thank you.

You probably have one of the spammed keys in your keyring. This is a problem with the keyserver networks. Do not use --auto-key-retrieve and avoid using the keyservers until we provide a mitigation with the next gpg4win/gnupg release. See also T4591

Thanks, this is excellent news! I´ll check it, if the new Mailvelope version is available and I´ll let you know about the outcome. If the new version is released, let me know!

This seems to be the same issue as the one opened in mailvelope. https://github.com/mailvelope/mailvelope/issues/679.

This issues is not really about the CRL's. GpgOL should not activate the EFail protection if a CRL check fails. That is the issue here.

We need to know the issuers of the CRLs under question.

See also T4538 which we can only fix in 2.2 after we have checked that this does not break the VS-NfD approval.

Kleopatra was already using this keyserver at the time i took the screenshots, which is why i opened the ticket since it was working in the command line.

Hello,

I have no idea – I’m not familiar with cmd.exe – Do you have step by step instructions on how to do this?

Many thanks,

Chris Baillon
Digital Marketing Manager

Mainline Tel: +44 (0)1895 813 000
Fax: +44 (0)1895 200 541
E: chris.baillon@allpondsolutions.co.uk<mailto:chris.baillon@allpondsolutions.co.uk>
[cid:image013.jpg@01D48584.F61733C0]
[cid:image014.jpg@01D48584.F61733C0]https://www.facebook.com/allpond/[cid:image015.jpg@01D48584.F61733C0]https://www.instagram.com/allpondsolutions/

[cid:image016.jpg@01D48584.F61733C0]
[cid:image017.jpg@01D48584.F61733C0]https://www.facebook.com/allpetsolutions/[cid:image018.jpg@01D48584.F61733C0]https://www.instagram.com/allpetsolutions/

W: www.allpondsolutions.co.ukhttp://www.allpondsolutions.co.uk/

W: www.allpetsolutions.co.ukhttp://www.allpetsolutions.co.uk/

All Pet Solutions Ltd is a company registered in England and Wales.
Unit 203| Riverside Way | Uxbridge| UB8 2YF

Please consider the environment before printing this e-mail.

This email, including attachments may be privileged, confidential and is intended exclusively for the addressee. The views expressed may not be official policy, but the personal views of the originator. If you have received this email in error please notify the sender and delete it from your system. Emails are not secure and may contain viruses. No liability can be accepted for viruses that might be transferred by this email or any attachment.

All Pet Solutions Ltd. Registered office: 22 Wycombe End, Beaconsfield, Buckinghamshire, England, HP9 1NB. Registered in England and Wales. Registered No. 05678076

From: aheinecke (Andre Heinecke) <noreply@dev.gnupg.org>
Sent: 01 July 2019 07:44
To: Chris Baillon <Chris.Baillon@allpondsolutions.co.uk>
Subject: [Task] [Claimed] T4581: Kleopatra stuck in loading the certificate cache

aheinecke triaged this task as "Normal" priority.
aheinecke claimed this task.
aheinecke added a comment.

Hi,

can you please open the console (cmd.exe) and do a "gpg -K" and "gpgsm -K"

do these commands list all your secret keys or do they hang?

Also please try killing the process "gpg-agent.exe" through the Task manager and try to open Kleopatra again.

Regards,
Andre

TASK DETAIL
https://dev.gnupg.org/T4581

EMAIL PREFERENCES
https://dev.gnupg.org/settings/panel/emailpreferences/

To: aheinecke

Cc: aheinecke, allpond, Neurone, Rafixmod, Fox, ccharabaruk, gp_ast

This is an automated email from the GnuPG development hub. If you have registered in the past at https://bugs.gnupg.org/ your account was migrated automatically. You can visit https://dev.gnupg.org/ to set a new password and update your email preferences.

Keyserver issues are always hard to analyze because the state of the servers and which server you get is always a factor.

Sorry for the delay, I was on my summer vacation ;-)

Werner: I'm assigning this to you. Because the underlying reason is a missing status from gpg. I think we should add that for 2.3 as any new status line tends to break things.

can you please open the console (cmd.exe) and do a "gpg -K" and "gpgsm -K"

@joaociocca Can you please try to update to Gpg4win-3.1.9 and try again.

I just received answer that this is still a problem in the current release.

Hello,
when can we fix it?

I noticed it happens after entering the passphrase, and only using the
inline editor to answer.

Fixed with gpg4win 3.1.9.

Thank you very much for your quick action!

Hi Andre,

Hi,
as usual, thanks for your help.