[Bug 44699] can't encrypt with gpg if the receiver's key is not signed

Sune Vuorela debian at pusling.com
Fri Feb 2 02:42:45 CET 2007 

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
You are a voter for the bug, or are watching someone who is.
         
http://bugs.kde.org/show_bug.cgi?id=44699         




------- Additional Comments From debian pusling com  2007-02-02 02:42 -------
Hi!

I played a bit around with it - and (and with the tip in #20 - which is only a bit of the way)
I am now able to send to untrusted people.
The following minor patch does it the way Thiago suggests it in comment #26 that it absolutely not should be done. And I agree with that.
So I also did something more. But it is still really really not nice. Read the comments ,)

With no warnings or anything:

Index: kdepim/kmail/keyresolver.cpp
===================================================================
--- kdepim/kmail/keyresolver.cpp        (revision 629110)
+++ kdepim/kmail/keyresolver.cpp        (working copy)
 @ -119,7 +119,7  @
     return false;
   const std::vector<GpgME::UserID> uids = key.userIDs();
   for ( std::vector<GpgME::UserID>::const_iterator it = uids.begin() ; it != uids.end() ; ++it ) {
-    if ( !it->isRevoked() && it->validity() >= GpgME::UserID::Marginal )
+    if ( !it->isRevoked() )
       return true;
 #if 0
     else
Index: kdepim/kmail/messagecomposer.cpp
===================================================================
--- kdepim/kmail/messagecomposer.cpp    (revision 629110)
+++ kdepim/kmail/messagecomposer.cpp    (working copy)
 @ -2191,7 +2191,7  @
   plainText.duplicate( cText.data(), cText.length() ); // hrmpf...

   const GpgME::EncryptionResult res =
-    job->exec( encryptionKeys, plainText, false, encryptedBody );
+    job->exec( encryptionKeys, plainText, true, encryptedBody );
   if ( res.error().isCanceled() ) {
     kdDebug() << "encryption was canceled by user" << endl;
     return Kpgp::Canceled;
 @ -2232,7 +2232,7  @
   plainText.duplicate( cText.data(), cText.length() ); // hrmpf...

   const std::pair<GpgME::SigningResult,GpgME::EncryptionResult> res =
-    job->exec( signingKeys, encryptionKeys, plainText, false, encryptedBody );
+    job->exec( signingKeys, encryptionKeys, plainText, true, encryptedBody );
   if ( res.first.error().isCanceled() || res.second.error().isCanceled() ) {
     kdDebug() << "encrypt/sign was canceled by user" << endl;
     return Kpgp::Canceled;


With excessive warnings very much repeated (read comments):

Index: kdepim/kmail/keyresolver.cpp
===================================================================
--- kdepim/kmail/keyresolver.cpp        (revision 629110)
+++ kdepim/kmail/keyresolver.cpp        (working copy)
 @ -119,8 +119,27  @
     return false;
   const std::vector<GpgME::UserID> uids = key.userIDs();
   for ( std::vector<GpgME::UserID>::const_iterator it = uids.begin() ; it != uids.end() ; ++it ) {
-    if ( !it->isRevoked() && it->validity() >= GpgME::UserID::Marginal )
-      return true;
+    if ( !it->isRevoked() )
+    {
+      if ( it->validity() >= GpgME::UserID::Marginal )
+      {
+       return true;
+      }
+      else
+      {
+       if ( KMessageBox::warningYesNo (0,"This key is untrusted. Are you sure you want to encrypt to this key?", "Untrusted key") == KMessageBox::Yes)
+       {
+         //Do something about the message box - it gets shown 3 times when accepting
+         //And 5-8 times when cancelling (Stopped counting)
+         //
+         //
+         //Save something here to be used over in kdepim/kmail/messagecomposer.cpp
+         //instead of hardcoding true
+         return true;
+       }
+      }
+
+    }
 #if 0
     else
       if ( it->isRevoked() )
Index: kdepim/kmail/messagecomposer.cpp
===================================================================
--- kdepim/kmail/messagecomposer.cpp    (revision 629110)
+++ kdepim/kmail/messagecomposer.cpp    (working copy)
 @ -2191,7 +2191,7  @
   plainText.duplicate( cText.data(), cText.length() ); // hrmpf...

   const GpgME::EncryptionResult res =
-    job->exec( encryptionKeys, plainText, false, encryptedBody );
+    job->exec( encryptionKeys, plainText, true, encryptedBody );
   if ( res.error().isCanceled() ) {
     kdDebug() << "encryption was canceled by user" << endl;
     return Kpgp::Canceled;
 @ -2232,7 +2232,7  @
   plainText.duplicate( cText.data(), cText.length() ); // hrmpf...

   const std::pair<GpgME::SigningResult,GpgME::EncryptionResult> res =
-    job->exec( signingKeys, encryptionKeys, plainText, false, encryptedBody );
+    job->exec( signingKeys, encryptionKeys, plainText, true, encryptedBody );
   if ( res.first.error().isCanceled() || res.second.error().isCanceled() ) {
     kdDebug() << "encrypt/sign was canceled by user" << endl;
     return Kpgp::Canceled;


But I hope that this can push a more skilled kmail coder in the right direction.


The first part of the patch (in keyresolver.cpp) gives the possibility to choose the key. (as written in #20
The second part (changes to messagecomposer.cpp) sets wether or not keys should be trusted by default.

So appealing to a bit more skilled people than me (I am still on my way to write 100 lines of kde code, including this) ! Please do something ;)

/Sune

More information about the pkg-kde-bugs-fwd mailing list