2010-06-16 11:30:40 |
Rafal-maj-it |
bug |
|
|
added bug |
2010-06-16 13:26:27 |
C de-Avillez |
summary |
[lucid][lucid-proposed] kgpg generates invalid openpgp key - signing only key |
kgpg generates signing only key |
|
2010-06-16 13:27:34 |
C de-Avillez |
kdeutils (Ubuntu): importance |
Undecided |
Medium |
|
2010-08-24 09:02:27 |
Felix Geyer |
bug watch added |
|
http://bugs.kde.org/show_bug.cgi?id=245110 |
|
2010-08-24 09:02:27 |
Felix Geyer |
bug task added |
|
kdeutils |
|
2010-08-24 09:02:39 |
Felix Geyer |
bug |
|
|
added subscriber Felix Geyer |
2010-08-24 09:31:56 |
Bug Watch Updater |
kdeutils: status |
Unknown |
Fix Released |
|
2010-08-24 12:59:43 |
Jonathan Thomas |
kdeutils (Ubuntu): status |
New |
Fix Released |
|
2010-08-24 13:00:07 |
Jonathan Thomas |
nominated for series |
|
Ubuntu Lucid |
|
2010-08-24 13:00:07 |
Jonathan Thomas |
bug task added |
|
kdeutils (Ubuntu Lucid) |
|
2010-08-24 13:00:19 |
Jonathan Thomas |
kdeutils (Ubuntu Lucid): status |
New |
Triaged |
|
2010-08-24 13:00:21 |
Jonathan Thomas |
kdeutils (Ubuntu Lucid): importance |
Undecided |
Medium |
|
2010-08-26 12:48:41 |
Jonathan Thomas |
description |
Binary package hint: kgpg
kgpg - generate keypair, creates a key that works only for signing, not for encryption.
ii kgpg 4:4.4.4-0ubuntu1~lucid1~ppa1
The createk key looks like this:
gpg --edit-key 9C2526CCDE53F875
pub 2048D/DE53F875 created: 2010-06-16 expires: 2012-06-15 usage: SCA
trust: ultimate validity: ultimate
[ultimate] (1). XXX XXX <XXX@XXX.XXX>
and it is not possible to use it to encrypt to it, the key seems to miss a sub-key.
So instead user needs to for example generate the key from CLI, like on https://help.ubuntu.com/community/GnuPrivacyGuardHowto
and then key seems to have the sub-key as needed:
pub 2048R/F108C3FB created: 2010-06-16 expires: 2012-06-15 usage: SC
trust: unknown validity: unknown
sub 2048R/7A152921 created: 2010-06-16 expires: 2012-06-15 usage: E
[ unknown] (1). XXXX <XXX@XXX> |
##SRU Info added by Jonathan Thomas##
Impact: When a user creates a DSA key, the corresponding ElGamal signing key is not created, leaving the user unable to encrypt files
Addressed by: KGpg has released a patch that fixes the arguments passed to GnuPG for key generation
Testcase:
1) Run KGpg
2) Ctrl+N
3) Follow key pair creation process. (DSA+ElGamal)
4) Dolphin
5) Select a file to encrypt
6) Choose a key you have created, you will not be able to sign it.
Regression potential: Very small, as it is just correcting the command line arguments passed to GnuPG
##################################
kgpg - generate keypair, creates a key that works only for signing, not for encryption.
ii kgpg 4:4.4.4-0ubuntu1~lucid1~ppa1
The createk key looks like this:
gpg --edit-key 9C2526CCDE53F875
pub 2048D/DE53F875 created: 2010-06-16 expires: 2012-06-15 usage: SCA
trust: ultimate validity: ultimate
[ultimate] (1). XXX XXX <XXX@XXX.XXX>
and it is not possible to use it to encrypt to it, the key seems to miss a sub-key.
So instead user needs to for example generate the key from CLI, like on https://help.ubuntu.com/community/GnuPrivacyGuardHowto
and then key seems to have the sub-key as needed:
pub 2048R/F108C3FB created: 2010-06-16 expires: 2012-06-15 usage: SC
trust: unknown validity: unknown
sub 2048R/7A152921 created: 2010-06-16 expires: 2012-06-15 usage: E
[ unknown] (1). XXXX <XXX@XXX>
|
|
2010-08-26 12:49:05 |
Jonathan Thomas |
description |
##SRU Info added by Jonathan Thomas##
Impact: When a user creates a DSA key, the corresponding ElGamal signing key is not created, leaving the user unable to encrypt files
Addressed by: KGpg has released a patch that fixes the arguments passed to GnuPG for key generation
Testcase:
1) Run KGpg
2) Ctrl+N
3) Follow key pair creation process. (DSA+ElGamal)
4) Dolphin
5) Select a file to encrypt
6) Choose a key you have created, you will not be able to sign it.
Regression potential: Very small, as it is just correcting the command line arguments passed to GnuPG
##################################
kgpg - generate keypair, creates a key that works only for signing, not for encryption.
ii kgpg 4:4.4.4-0ubuntu1~lucid1~ppa1
The createk key looks like this:
gpg --edit-key 9C2526CCDE53F875
pub 2048D/DE53F875 created: 2010-06-16 expires: 2012-06-15 usage: SCA
trust: ultimate validity: ultimate
[ultimate] (1). XXX XXX <XXX@XXX.XXX>
and it is not possible to use it to encrypt to it, the key seems to miss a sub-key.
So instead user needs to for example generate the key from CLI, like on https://help.ubuntu.com/community/GnuPrivacyGuardHowto
and then key seems to have the sub-key as needed:
pub 2048R/F108C3FB created: 2010-06-16 expires: 2012-06-15 usage: SC
trust: unknown validity: unknown
sub 2048R/7A152921 created: 2010-06-16 expires: 2012-06-15 usage: E
[ unknown] (1). XXXX <XXX@XXX>
|
##SRU Info added by Jonathan Thomas##
Impact: When a user creates a DSA key, the corresponding ElGamal signing key is not created, leaving the user unable to encrypt files
Addressed by: KGpg has released a patch that fixes the arguments passed to GnuPG for key generation
Patch: http://websvn.kde.org/branches/KDE/4.4/kdeutils/kgpg/transactions/kgpggeneratekey.cpp?r1=1155016&r2=1155015&pathrev=1155016
Testcase:
1) Run KGpg
2) Ctrl+N
3) Follow key pair creation process. (DSA+ElGamal)
4) Dolphin
5) Select a file to encrypt
6) Choose a key you have created, you will not be able to sign it.
Regression potential: Very small, as it is just correcting the command line arguments passed to GnuPG
##################################
kgpg - generate keypair, creates a key that works only for signing, not for encryption.
ii kgpg 4:4.4.4-0ubuntu1~lucid1~ppa1
The createk key looks like this:
gpg --edit-key 9C2526CCDE53F875
pub 2048D/DE53F875 created: 2010-06-16 expires: 2012-06-15 usage: SCA
trust: ultimate validity: ultimate
[ultimate] (1). XXX XXX <XXX@XXX.XXX>
and it is not possible to use it to encrypt to it, the key seems to miss a sub-key.
So instead user needs to for example generate the key from CLI, like on https://help.ubuntu.com/community/GnuPrivacyGuardHowto
and then key seems to have the sub-key as needed:
pub 2048R/F108C3FB created: 2010-06-16 expires: 2012-06-15 usage: SC
trust: unknown validity: unknown
sub 2048R/7A152921 created: 2010-06-16 expires: 2012-06-15 usage: E
[ unknown] (1). XXXX <XXX@XXX>
|
|
2010-08-26 12:51:46 |
Jonathan Thomas |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2010-09-01 08:37:26 |
Martin Pitt |
kdeutils (Ubuntu Lucid): status |
Triaged |
Fix Committed |
|
2010-09-01 08:37:30 |
Martin Pitt |
bug |
|
|
added subscriber SRU Verification |
2010-09-01 08:37:34 |
Martin Pitt |
tags |
|
verification-needed |
|
2010-10-14 09:05:06 |
Jean-Baptiste Lallement |
kdeutils (Ubuntu Lucid): status |
Fix Committed |
In Progress |
|
2010-10-14 09:05:22 |
Jean-Baptiste Lallement |
tags |
verification-needed |
verification-failed |
|
2010-10-14 09:05:34 |
Jean-Baptiste Lallement |
tags |
verification-failed |
regression-proposed verification-failed |
|
2011-02-03 15:57:22 |
Bug Watch Updater |
kdeutils: importance |
Unknown |
Medium |
|
2015-06-17 11:13:17 |
Rolf Leggewie |
kdeutils (Ubuntu Lucid): status |
In Progress |
Won't Fix |
|