Bug#398293: kgpg: Erroneous message "decryption failed" when verifying an untrusted signature
Package: kgpg
Version: 4:3.5.5-1
Severity: normal
If you attempt to validate an signed file using kgpg, you get a popup
error similar to the following:
[GNUPG:] PLAINTEXT 74 0
[GNUPG:] GET_BOOL openfile.overwrite.okay
[GNUPG:] GOT_IT
gpg: Signature made Tue 05 Apr 2005 01:39:12 PM PDT using DSA key ID
08B0A90B
[GNUPG:] SIG_ID ibSYPDhJ0L6gGVvLABwYyruCR2M 2005-04-05 1112733552
[GNUPG:] GOODSIG FECD6F3F08B0A90B PuTTY Releases (DSA)
<putty-bugs@lists.tartarus.org>
gpg: Good signature from "PuTTY Releases (DSA)
<putty-bugs@lists.tartarus.org>"
[GNUPG:] VALIDSIG 00B1100938E698006518F0ABFECD6F3F08B0A90B 2005-04-05
1112733552 0 3 0 17 2 01 00B1100938E698006518F0ABFECD6F3F08B0A90B
[GNUPG:] TRUST_UNDEFINED
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the
owner.
Primary key fingerprint: 00B1 1009 38E6 9800 6518 F0AB FECD 6F3F 08B0
A90B
So, even though it's a valid signature, and even though it *does* write
the decrypted file to disk, it pops up the message saying it failed.
This is confusing.
In addition, the "Sorry - KGpg -> Details" window is not resizable, and
very hard to read in its default squished state.
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages kgpg depends on:
ii gnupg 1.4.5-1 GNU privacy guard - a free PGP rep
ii kdelibs4c2a 4:3.5.5a.dfsg.1-3 core libraries and binaries for al
ii libc6 2.3.6.ds1-7 GNU C Library: Shared libraries
ii libgcc1 1:4.1.1-19 GCC support library
ii libqt3-mt 3:3.3.7-1 Qt GUI Library (Threaded runtime v
ii libstdc++6 4.1.1-19 The GNU Standard C++ Library v3
kgpg recommends no packages.
-- no debconf information
Reply to: