Feed All Stories
Jul 28 2023
Jul 28 2023
• ikloecker changed the status of T6095: Kleopatra: Fix accessibility of group configuration from Testing to Open.
• ikloecker changed the status of T6095: Kleopatra: Fix accessibility of group configuration, a subtask of T5824: Kleopatra: Full accessibility support, from Testing to Open.
• ikloecker changed the status of T6073: Kleopatra: Fix issues with high contrast resp. inverted color scheme, a subtask of T5824: Kleopatra: Full accessibility support, from Testing to Open.
• ikloecker changed the status of T6073: Kleopatra: Fix issues with high contrast resp. inverted color scheme from Testing to Open.
Add crypto test
CarlSchwan committed rMTP8eade3a5bbb5: Make spacing and padding consistent (authored by CarlSchwan).
Make spacing and padding consistent
CarlSchwan committed rMTP7bc5c4ae91fe: Fix some sizing issue in the qml MailViewer (authored by CarlSchwan).
Fix some sizing issue in the qml MailViewer
CarlSchwan committed rMTP45598107b6a9: Handle empty KMime::Message::Ptr in MessageParser (authored by CarlSchwan).
Handle empty KMime::Message::Ptr in MessageParser
• ikloecker changed the status of T6622: Kleopatra: Misleading result when decrypting clear signed message followed by public key block in notepad from Open to Testing.
Should be fixed.
• werner raised the priority of T6622: Kleopatra: Misleading result when decrypting clear signed message followed by public key block in notepad from Normal to High.
• werner added a comment to T6622: Kleopatra: Misleading result when decrypting clear signed message followed by public key block in notepad.
Phew! This bug has been with us for more than 20 years unless gpg's behaviour has changed only later.
• ikloecker committed rMa9b28c79e92f: core: Prevent wrong plaintext when verifying clearsigned signature (authored by • ikloecker).
core: Prevent wrong plaintext when verifying clearsigned signature
• ikloecker added a comment to T6622: Kleopatra: Misleading result when decrypting clear signed message followed by public key block in notepad.
Using -o signedtext.txt fixes the problem. Unfortunately, gpgme does
err = add_arg (gpg, "--output");
if (!err)
err = add_arg (gpg, "-");
[...]
if (!err)
err = add_data (gpg, plaintext, 1, 1);i.e. it tells gpg to write the output to stdout and then reads everything from stdout as plaintext.
• ebo added a comment to T6095: Kleopatra: Fix accessibility of group configuration.
In the group dialog I can not cycle forward with Tab endlessly through the not-greyed-out buttons of the window because the focus gets stuck in the bottom row. There "Revert" is included in the cycling, which is not correct, since it is greyed out. With Shift+Tab, cycling backwards works as expected.
• ebo added a comment to T6073: Kleopatra: Fix issues with high contrast resp. inverted color scheme.
On windows the main window looks ok with high contrast mode black. But with dark backgrounds some items in other windows are not readable:
• ebo closed T6104: Kleopatra: Make Subkeys Details dialog accessible, a subtask of T5824: Kleopatra: Full accessibility support, as Resolved.
• ikloecker changed the status of T6617: General error when trying to decrypt a public key block in the notepad from Open to Testing.
The error was changed to "Bad data" which should be more appropriate.
• ikloecker updated subscribers of T6622: Kleopatra: Misleading result when decrypting clear signed message followed by public key block in notepad.
• ikloecker committed rM777cf7f2d173: core: Return bad data error instead of general error on unexpected data (authored by • ikloecker).
core: Return bad data error instead of general error on unexpected data
• ebo closed T6013: Kleopatra: Email address of CA is not set as recipient when sending new CSR by email as Resolved.
This works on Linux with KMail and with Claws (although with Claws the attachment is added twice).
hefee committed rLIBKLEO6fcf77be6b8a: Make KeyResolverCore ready to create subclasses. (authored by hefee).
Make KeyResolverCore ready to create subclasses.
hefee committed rLIBKLEOff895f2d9b4e: [fix] setSigningKeys is ignored for unknown protocol. (authored by hefee).
[fix] setSigningKeys is ignored for unknown protocol.
• ebo closed T6036: Kleopatra: Show focus indicator for (text) labels that got focus, a subtask of T5824: Kleopatra: Full accessibility support, as Resolved.
works on windows, too
CarlSchwan committed rKLEOPATRAc987425ff7c6: Only enable isMime if GpgMe version >= 1.22 (authored by CarlSchwan).
Only enable isMime if GpgMe version >= 1.22
MimeTreeParser integration
• ikloecker added a comment to T6519: Kleopatra: "change validity" allows to set an expiry date in the past.
This issue should be tested together with T6621: Kleopatra: Remove "in n days/weeks/months/years" input from Change Validity Period dialog.
• ikloecker changed the status of T6621: Kleopatra: Remove "in n days/weeks/months/years" input from Change Validity Period dialog from Open to Testing.
I have also further unified the handling of the expiration date when
- generating a new OpenPGP certificate
- changing the validity period of an OpenPGP certificate
- certifying an OpenPGP certificate
• ikloecker committed rKLEOPATRAfb8d970115ac: Check for valid expiration date when creating new OpenPGP certificate (authored by • ikloecker).
Check for valid expiration date when creating new OpenPGP certificate
• ikloecker committed rKLEOPATRAd6ab68abf97e: Unify setup of expiration date selection (authored by • ikloecker).
Unify setup of expiration date selection
• ikloecker committed rKLEOPATRAc30cedf713aa: Do not rely on maximum date of combo box for unlimited validity (authored by • ikloecker).
Do not rely on maximum date of combo box for unlimited validity
• ikloecker committed rKLEOPATRA04ba26634573: Use the configured (or hard-coded) validity period also for certifications (authored by • ikloecker).
Use the configured (or hard-coded) validity period also for certifications
• ikloecker committed rKLEOPATRAc9fb37509edc: Fix the check for a valid expiration date (authored by • ikloecker).
Fix the check for a valid expiration date
• ikloecker committed rKLEOPATRA2d42d28c2a4d: Unify selection of expiration date in different dialogs (authored by • ikloecker).
Unify selection of expiration date in different dialogs
• ikloecker committed rKLEOPATRA33555baaaeed: Connect to the overriding accept (authored by • ikloecker).
Connect to the overriding accept
• gniibe committed rGPA12b102444d84: build: Update gpg-error.m4 and libassuan.m4. (authored by • gniibe).
build: Update gpg-error.m4 and libassuan.m4.
CarlSchwan committed rMTPd96492fb6ad2: Add missing KWidgetsAddons to .kde-ci.yml (authored by CarlSchwan).
Add missing KWidgetsAddons to .kde-ci.yml
MimeTreeParser integration
CarlSchwan committed rKLEOPATRAec136e20e9f9: Only enable isMime if GpgMe version >= 1.22 (authored by CarlSchwan).
Only enable isMime if GpgMe version >= 1.22
CarlSchwan committed rKLEOPATRA200a1ccd3c38: Only enable isMime if GpgMe version >= 1.22 (authored by CarlSchwan).
Only enable isMime if GpgMe version >= 1.22
I didn't check with a CardOS / PKCS#15 card but as the solution is not card specific, checking with another card should be sufficent.
CarlSchwan committed rKLEOPATRAbed99e526ae4: Only enable isMime if GpgMe version >= 1.22 (authored by CarlSchwan).
Only enable isMime if GpgMe version >= 1.22
CarlSchwan committed rKLEOPATRA01c37a6fa789: Only enable isMime if GpgMe version >= 1.22 (authored by CarlSchwan).
Only enable isMime if GpgMe version >= 1.22
• ikloecker added a project to T6621: Kleopatra: Remove "in n days/weeks/months/years" input from Change Validity Period dialog: Restricted Project.
CarlSchwan added a comment to T6199: Kleopatra: MIME viewer support.
Small summary onf the recent progress, I made:
MimeTreeParser integration
• werner added a comment to T6617: General error when trying to decrypt a public key block in the notepad.
I would change the error to GPG_ERR_BAD_DATA .
CarlSchwan added a comment to T6616: KMail: Use GpgME::Data::setEncoding(MimeEncoding) for encrypted / opaque signed data..
• werner triaged T6621: Kleopatra: Remove "in n days/weeks/months/years" input from Change Validity Period dialog as Normal priority.
I agree.
• ikloecker placed T6519: Kleopatra: "change validity" allows to set an expiry date in the past up for grabs.
We depend against qt6.5
• gniibe committed rM0518ed32e254: build: Update libassuan.m4 for libassuan version 3 in future. (authored by • gniibe).
build: Update libassuan.m4 for libassuan version 3 in future.
mlaurent committed rLIBKLEO55502ed8f430: Merge remote-tracking branch 'origin' into kf6 (authored by mlaurent).
Merge remote-tracking branch 'origin' into kf6
mlaurent committed rKLEOPATRA95347e93e7f2: Merge remote-tracking branch 'origin' into kf6 (authored by mlaurent).
Merge remote-tracking branch 'origin' into kf6
• gniibe committed rPa39ba412ab24: build: Update libassuan.m4 for libassuan version 3 in future. (authored by • gniibe).
build: Update libassuan.m4 for libassuan version 3 in future.
• gniibe committed rSdfa1f9adaaec: build: Update libassuan.m4 for libassuan version 3 in future. (authored by • gniibe).
build: Update libassuan.m4 for libassuan version 3 in future.
Pushed the change to libgpg-error.
l10n daemon script <scripty@kde.org> committed rKLEOPATRA0bd646f6c105: GIT_SILENT made messages (after extraction) (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT made messages (after extraction)
build: Fix libtool modification.
l10n daemon script <scripty@kde.org> committed rKLEOPATRAfb046464ecba: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rLIBKLEO0f0d57db47f3: SVN_SILENT made messages (.desktop file) - always resolve ours (authored by l10n daemon script <scripty@kde.org>).
SVN_SILENT made messages (.desktop file) - always resolve ours
• gniibe committed rEab8b4d58035f: build: Support --verbose option for mkheader. (authored by • gniibe).
build: Support --verbose option for mkheader.
• gniibe committed rEc1d3f5952f62: build: Apply libtool.patch at the last stage of configure. (authored by • gniibe).
build: Apply libtool.patch at the last stage of configure.
Jul 27 2023
Jul 27 2023
• ikloecker changed the status of T6519: Kleopatra: "change validity" allows to set an expiry date in the past, a subtask of T6553: Kleopatra: Expiry date issues and improvements, from Open to Testing.
• ikloecker changed the status of T6519: Kleopatra: "change validity" allows to set an expiry date in the past from Open to Testing.
• ikloecker added a comment to T6519: Kleopatra: "change validity" allows to set an expiry date in the past.
We now show an error message when the user tries to set an invalid expiration date when changing the expiration date. Additionally,
the configured minimum and maximum validity period is now taken into account, i.e. for changing the expiration now the same rules are applied as for new certificates.
• werner renamed T6620: Add a way to extract ECC key parameters from a public key from Add a way to extarct ECC key parameters from a public key to Add a way to extract ECC key parameters from a public key.
• ikloecker added a comment to T6379: Kleopatra: Brainpool key can not be moved to smart card.
Thanks for the pointer! I'll see how I can do what ecdh_param_str_from_pk does in gpgme.
• werner triaged T6620: Add a way to extract ECC key parameters from a public key as Normal priority.
• werner added a comment to T6379: Kleopatra: Brainpool key can not be moved to smart card.
The relevant commit is rGc03ba92576e34f791430ab1c68814ff16c81407b
• ikloecker committed rKLEOPATRAc17ab82b9add: Show an error message when the user enters an invalid expiration date (authored by • ikloecker).
Show an error message when the user enters an invalid expiration date
• ikloecker committed rKLEOPATRA887c68889877: Use same logic when changing expiration date as for new certificates (authored by • ikloecker).
Use same logic when changing expiration date as for new certificates
• ikloecker committed rKLEOPATRAdef2829b42bb: Take allowed range into account for default expiration date (authored by • ikloecker).
Take allowed range into account for default expiration date
• ikloecker committed rKLEOPATRA625aa531193a: Restrict the maximum allowed expiration date (authored by • ikloecker).
Restrict the maximum allowed expiration date
• ikloecker committed rKLEOPATRA5356456df30f: Extract the setup of the expiration combo box (authored by • ikloecker).
Extract the setup of the expiration combo box
• werner added a comment to T6379: Kleopatra: Brainpool key can not be moved to smart card.
We had to add the parameters because some keys don't use the default paramters PGP and gpg have used since the introduction of ECC 12 years ago. So yes, we could fallback to the standard parameters but it would bet better if Kleopatra could extract them from the public key (maybe via a GPGME helper).
• aheinecke added a comment to T6604: GpgOL: MIME parameters provided with "*=" instead of just "=" are not parsed - Resulting in hidden attachments.
I won't go so far to try to fully implement RFC2231 in the rfc822parse. But I have an idea how to implement this in a secure and robust manner in rfc822parse without touching the parser or the token stuff. My idea is to treat them as seperate TOKEN and then combine them in query parameter just for name and filename values.
MimeTreeParser integration
• ikloecker added a comment to T6379: Kleopatra: Brainpool key can not be moved to smart card.
The relevant logs are
2023-07-27 12:08:01 scdaemon[28156] opgp: ecdh parameters missing 2023-07-27 12:08:01 scdaemon[28156] operation writekey result: Invalid value
Jul 27 2023, 12:14 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, kleopatra
• werner added a comment to T6619: How to maintain our local libtool patch.
That assumes that libtool won't change substantially as it did several times in the past and broke our cross compiling stuff. But as long as we keep the ltmain.sh in our repo and tarball the patch is okay because it better documents the chnages.
• ebo added a comment to T6612: Kleopatra can't be started from the gpg shell of the AppImage.
It's a shell issue. With bash Kleopatra starts from the shell. Andre will debug further.
• ikloecker added a comment to T6612: Kleopatra can't be started from the gpg shell of the AppImage.
I used dbus-monitor to monitor the session bus. I'm seeing the following logged by dbus-monitor when starting kleopatra in the AppImage shell.
method call time=1690445994.197305 sender=:1.141 -> destination=org.freedesktop.DBus serial=1 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=Hello method return time=1690445994.197348 sender=org.freedesktop.DBus -> destination=:1.141 serial=1 reply_serial=1 string ":1.141" signal time=1690445994.197368 sender=org.freedesktop.DBus -> destination=(null destination) serial=93 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=NameOwnerChanged string ":1.141" string "" string ":1.141" signal time=1690445994.197394 sender=org.freedesktop.DBus -> destination=:1.141 serial=2 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=NameAcquired string ":1.141" method call time=1690445994.197919 sender=:1.141 -> destination=org.freedesktop.DBus serial=2 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=AddMatch string "type='signal',sender='org.freedesktop.DBus',path='/org/freedesktop/DBus',interface='org.freedesktop.DBus',member='NameAcquired'" method call time=1690445994.198591 sender=:1.141 -> destination=org.freedesktop.DBus serial=3 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=RequestName string "org.kde.kleopatra" uint32 0 signal time=1690445994.198656 sender=org.freedesktop.DBus -> destination=(null destination) serial=94 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=NameOwnerChanged string "org.kde.kleopatra" string "" string ":1.141" signal time=1690445994.198680 sender=org.freedesktop.DBus -> destination=:1.141 serial=3 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=NameAcquired string "org.kde.kleopatra" [...]
and when quitting Kleopatra I see
method call time=1690446001.636935 sender=:1.141 -> destination=org.freedesktop.DBus serial=21 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=ReleaseName string "org.kde.kleopatra" signal time=1690446001.636978 sender=org.freedesktop.DBus -> destination=:1.141 serial=10 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=NameLost string "org.kde.kleopatra" signal time=1690446001.636991 sender=org.freedesktop.DBus -> destination=(null destination) serial=97 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=NameOwnerChanged string "org.kde.kleopatra" string ":1.141" string ""
• gniibe added a comment to T6619: How to maintain our local libtool patch.
I learned that AC_CONFIG_COMMANDS macro can be used to improve the case of config.status.
How about the change like:
• aheinecke closed T6618: Check that code signing chain is properly included in our signatures as Invalid.
this is not true. Our installers are always signed, even the included binaries are mostly signed.
l10n daemon script <scripty@kde.org> committed rLIBKLEO1ed911bc71ea: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rKLEOPATRA50e5a83e5357: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rKLEOPATRAf903b56a3bbc: SVN_SILENT made messages (.desktop file) - always resolve ours (authored by l10n daemon script <scripty@kde.org>).
SVN_SILENT made messages (.desktop file) - always resolve ours
• gniibe committed rEda48e3cb30be: yat2m: No additional newline after the end of subsection. (authored by • gniibe).
yat2m: No additional newline after the end of subsection.