Backported for VSD 3.4

Done. I've used the following script to create clear-signed test messages with good/bad signature signed with certificates with different validity and status (expired, revoked).

The behaviour might have changed a bit because of the ldap: prefix i use now, or i have missed this case the last time:
Given some cert on the "download" server, I can find it, if dirmngr.conf contains only the "download" server, or if the "download" server is listed first:

Independent of keyserver order in dirmngr.conf, --search-keys still offers keys from the upload server, but the download fails:

For "Although the upload server is used for upload, the gpg message still displays the first keyserver" see T8025

I assume, that testing the functionality is the only thing I can do here.

Looks good to me on gpg4win-5.0.0-beta479 @ win11.

I have verified (by looking at QTextEdit's code) that, on paste, QTextEdit splits the text for the internal representation into lines and discards any CR and LF characters.

It turns out that Kleopatra's notepad converts the CR characters of the spoofed file to LF characters when pasting the text so that Kleopatra doesn't really verify the content of the spoofed file but different content. And this results in a bad signature. The confusing bit is that Kleopatra also says "Successfully verified the notepad" and that it shows the claimed-to-be-signed text although the signature is bad which could lead an inattentive user to the assumption that the signature of the displayed text was actually good (because "Successfully verified").

There is always a warning about bad signature.

I think we are all wrong here. We were tricked by the fact that regardless of the outcome of the signature verification the signed content is shown. That is surprising for a cleartext signature because that one can be viewed anyway. Thus I propose to not update the clipboard unless the signature checks out.

I originally uploaded a wrong copy of the file. Now fixed; the correct checksum is 8d830a2dd7e1e14ecbc47b8cdc61d393e9d3f62c

On Linux, Kleopatra (master) with GnuPG 2.5 (master) shows a BAD signature. It shows the same output as running gpg --verify --output bla.txt in Konsole and pasting the file content (by maybe the copy paste changes some control characters). If I run gpg --verify --output bla.txt <payload.spoofed.asc then bla.txt also contains the same data.

Note that with gnupg 2.2 that file produces a BAD signature error due to internal changes in the armor parsing. You would need to spoof it a bit different with 2.2

Backported for VSD 3.4

The option

[Export]
AllowPublicKeyUpload=true

has been added. If this option is disabled (i.e. set to false) then Kleopatra only allows the upload of OpenPGP keys for which the user has the secret key.

Backported for VSD 3.4

Fixed everywhere where we export some certificate or public/secret (sub)key. Additionally, to space characters we also replace /, \, and : everywhere in the (proposed) file names now.

Fixed and backported for VSD 3.4

works in Gpg4win-5.0.0-beta476

Back to WIP because I had to fix a regression.

Backported for VSD 3.4

Fixed and backported for VSD 3.4.

I think we also want this for VSD 3.4.

With the product-specific standard locations implemented for T7717: Location of qt-application config files it's now longer necessary to customize the application name of Okular. Closing as wontfix.

The new approach has been implemented and backported for VSD 3.4.

All changes have been backported for VSD 3.4 (because they are closely entwined with changes for T7717).

New new plan (after discussion on 2025-12-08):

While working on https://dev.gnupg.org/T7962 I realized that https://dev.gnupg.org/T7717#208938 is probably not the best solution for separating the config files of different distributions of Kleopatra, Okular, etc. Changing the application name has many side effects, e.g. it changes the name of the config files, but that's unnecessary because we put the apps' files already in different folders. There are also other side effects that make things complicated (and require many changes in okular). Taking a step back what we need is different folders for VSD, GPD, and Gpg4win (and KDE Okular). And, for Kleopatra, we need different unique service IDs, but let's ignore this for now. That can easily be solved separately. For the different folders it would be sufficient (and maybe even nicer for selective backups) to use something like %(LOCAL)APPDATA%/GnuPG VS-Desktop, etc., as location for all apps' files of VSD/GPD/Gpg4win. Then we wouldn't have to change/patch anything in Okular (or any other Qt apps).

Fixed and backported for VSD 3.4.

Ranking as discussed with @ebo

The root cause is that opening the details reloads the certificate. This triggers a change of the key cache. And that triggers are reload of the group.

Backported for VSD 3.4

This is now implemented for Gpg4win 5.

They can be expanded/collapsed with +/-

Tested on gpg4win-5.0.0-beta413 @ win11 with the following entries in dirmngr.conf:

Ok, then this is only an issue in the VSD versions. (I confirmed with a quick test with Gpg4win-5.0.0-beta413)

It would be possible as a workaround in Kleopatra to show any identical entries only once. Saving after that will not add any more entries.