https://bugs.kde.org/show_bug.cgi?id=421216
Bug ID: 421216 Summary: Notepad widget allows rich text to be pasted Product: kleopatra Version: git master Platform: Other OS: All Status: REPORTED Severity: normal Priority: NOR Component: general Assignee: aheine...@gnupg.org Reporter: m_...@gmx.de CC: kdepim-b...@kde.org, m...@kde.org Target Milestone: --- Created attachment 128273 --> https://bugs.kde.org/attachment.cgi?id=128273&action=edit Rich text document with signed message When posting from a rich text source (e.g. a browser or LibreOffice), Kleopatra's notepad widget will accept the formatting. For encrypted messages from such sources, verifying or decrypting may fail. STEPS TO REPRODUCE 1. Download attached test file. It includes a PGP signed message with some formatting. I used this key to sign the message: https://keybase.io/iswz/pgp_keys.asc?fingerprint=618c5b0e104a3043b2fd520ad80a4cf9997f2abf 2. Copy and paste contents into Kleopatra's notepad and click "Decrypt / Verify Notepad". OBSERVED RESULT With certificate: Ian Schwarz <i...@datacube.xyz> (D80A 4CF9 997F 2ABF) The signature is invalid: Bad signature EXPECTED RESULT Signature created on Samstag, 9. Mai 2020 11:21:33 CEST With certificate: Ian Schwarz <i...@datacube.xyz> (D80A 4CF9 997F 2ABF) The signature is valid. Removing the formatting by pasting into Kate before pasting it into Kleopatra's notepad leads to the verification succeeding. I have created a pull request on GitHub (https://github.com/KDE/kleopatra/pull/1), but since most KDE projects don't accept pull requests on GitHub, I am also posting it here. -- You are receiving this mail because: You are watching all bug changes.