I changed the wording to suggest the use of proper transport security.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Feb 22 2018
Thank you. With that message I could reproduce the problem and have a fix. I now get to decryption failed / no secret key as it should be.
Feb 21 2018
hm, i think this is the file:
You can find the message attached.
Message has been saved from Outlook 2013.
Thanks for your report and analysis.
Feb 20 2018
Thanks for tracking this down. I'll fix.
Bissecting between gnupg-2.3-base and master pinpointed commit ecbbafb88d920e713439b6b1b8e1b41a6f8d0e38 as the origin of the bug. This commit changed MAX_FINGERPRINT_LEN from 20 to 32, but the get_user_id_byfpr function in g10/getkey.c still assumes the old value.
Feb 19 2018
Note that there is no standard for this. In particular the encoding of filenames with special characters are different in almost all implementations. I tried to find a common ground for our implementation.
Just to be clear I think this issue is valid and we should add more checksum tools in the future. But I would want them to use libgcrypt and confirm to the standard *sum command line arguments like -c.
On saturday I could observe the problem with a fresh Windows 10 Home edition.
The problem seems to have to do with the locking of the TOFU database.
Feb 18 2018
Feb 17 2018
Feb 16 2018
This handles the problem, thanks.
Kleopatra can still be used without UI Server connectivity. But this might point to a bigger issue.
Hi Werner,
This is a MUA thing. Do you ask whether we plan to add it to GpgOL?
See T3796
Sorry, we won't do this any time soon. We may even shut the Bitcoin thing down. I was too troublesome from a bookkeeping POV.
My first GUI Idea does not work. From the Ribbon I don't see a way to find the currently used account. I could only look at all accounts that are configured and check the WKS publishing state for all of them.
Still trying to pinpoint the bug, but I am afraid I am stuck.
The error of testQuickUID is strange. In the test, it adds a UID and checks number of UIDs (3 + 1 = 4).
It is not reproducible for me (Debian with Qt 5.9.2, NetBSD 7.0.2 with Qt 5.5.1), gnupg 2.2.x from the repo.
Feb 15 2018
FYI this is still unfixed.
I think it'd be valuable to run another round of fuzzing tests, but this should be fixed before, otherwise it'll just be hit all the time and may hide other bugs.
Please see the original file (hello.txt), CFB-encrypted to two passwords (hello.txt.cfb), and AEAD-encrypted (hello.txt.aead).
Passwords used are '1' and '2'.
(automake should flag non-portable Makefile features - after all it is there to avoid gmake features)
Does this patch help? My artificial test confirmed that this does the Right Thing.
Thank you very much! This is working quite well now.