https://bugs.kde.org/show_bug.cgi?id=421216
Bug ID: 421216
Summary: Notepad widget allows rich text to be pasted
Product: kleopatra
Version: git master
Platform: Other
OS: All
Status: REPORTED
Severity: normal
Priority: NOR
Component: general
Assignee: aheine...@gnupg.org
Reporter: m_...@gmx.de
CC: kdepim-b...@kde.org, m...@kde.org
Target Milestone: ---
Created attachment 128273
--> https://bugs.kde.org/attachment.cgi?id=128273&action=edit
Rich text document with signed message
When posting from a rich text source (e.g. a browser or LibreOffice),
Kleopatra's notepad widget will accept the formatting. For encrypted messages
from such sources, verifying or decrypting may fail.
STEPS TO REPRODUCE
1. Download attached test file. It includes a PGP signed message with some
formatting. I used this key to sign the message:
https://keybase.io/iswz/pgp_keys.asc?fingerprint=618c5b0e104a3043b2fd520ad80a4cf9997f2abf
2. Copy and paste contents into Kleopatra's notepad and click "Decrypt / Verify
Notepad".
OBSERVED RESULT
With certificate:
Ian Schwarz <i...@datacube.xyz> (D80A 4CF9 997F 2ABF)
The signature is invalid: Bad signature
EXPECTED RESULT
Signature created on Samstag, 9. Mai 2020 11:21:33 CEST
With certificate:
Ian Schwarz <i...@datacube.xyz> (D80A 4CF9 997F 2ABF)
The signature is valid.
Removing the formatting by pasting into Kate before pasting it into Kleopatra's
notepad leads to the verification succeeding.
I have created a pull request on GitHub
(https://github.com/KDE/kleopatra/pull/1), but since most KDE projects don't
accept pull requests on GitHub, I am also posting it here.
--
You are receiving this mail because:
You are watching all bug changes.
