[#6362] [WinPT][Windows7x64] Unable to select any decryption key in "Decryption" window

Date:
2012-07-23 11:47
Priority:
3
State:
Open
Submitted by:
Patryk Benderz (leadman)
Assigned to:
Timo Schulz (twoaday)
Product:
none
Operating System:
other
Component:
none
Summary:
[WinPT][Windows7x64] Unable to select any decryption key in "Decryption" window

Detailed description
Hello,
My setup:
OS : Windows 7 x64
Affected versions:
GnuTP : 4.0.0, 4.3.0, 4.4.0
WinPT : 1.4.3, 1.5.2, 1.5.3

Reproducible: always

Steps to reproduce:
1. Get an Windows7 x64 machine
2. Install one of gnupt versions (4.0.0, 4.3.0, 4.4.0), each time select newest WinPT version (1.4.3, 1.5.2, 1.5.3)
3. Configure WinPT to have several private-public key pairs.
4. Use two of the keys, to encrypt some test file, but choose the keys which are NOT displayed as a first one.
5. Double-click freshly created gpg file to dencrypt it.
6. As test file was encrypted for recipients which are listed on positions 2nd and following (not first one), you have to select them on the list.
6. Try to click any of the listed keys to select it - it is impossible. So it makes impossible to decrypt testing file, because user who decrypts file is 2nd on the list, and WinPT asks always for password for the first user.

I hope I was clear enough this time ;)

This bug makes WinPT unusable under W7 x64, so I would say it is "critical". Please fix this, or provide an workaround.

I have provided screenshot with problematic window. If you need additional testing, just let me know, I will be glad to help!

This bug report is a copy, entered again as requested by Sascha Wilde. Original here:
https://wald.intevation.org/tracker/?func=detail&atid=162&aid=6345&group_id=1
Message  ↓
Date: 2012-10-16 17:53
Sender: Timo Schulz

Feel free to ask the authors of gpgme on gnupg-devel for a 2nd opinion. _IF_ there would be a way -without using gpgme-, I would have to add special code for it since there is no official API.

When I'm wrong, I gladly adjust the code to use the interface that is offered by GPGME.

Again, in my opinion there is _nothing_ I can do to fix this issue now.

Date: 2012-10-16 15:55
Sender: Patryk Benderz

Thank you for fast response. Most likely you know GPGME library, as well Winpt sources and have experience. Based on this can you arbitrarly pronounce that this feature is unable to achieve? Otherwise, if there is just a little chance to implement this functionality, tell me about this so I can start to learn programming and implement this.

Date: 2012-10-16 15:37
Sender: Timo Schulz

Oops. The sentence should be 'add a new feature _request_'. And since we use GPGME, the library has to offer an API to select the decryption key.

Date: 2012-10-16 13:00
Sender: Patryk Benderz

Hi Timo,
1. you wrote "I agree that the selection of the secret key is useful and sometimes required in some environments. I will add a new feature and start a discussion on the devel list how we will implement it." For me, that clearly states, that you started the process of adding this as a new feature. 2.Which "existing API" are you mentioning? API to 'gpg' command line tool?

Date: 2012-10-06 10:46
Sender: Timo Schulz

For some reason I did not see your reply on 2012-07-26, sorry.

However, there seems to be a misunderstanding. The feature _cannot_ be implemented in foreseeable time since there is no way to select the decryption key with the existing API.

I should have made myself clearer in my last reply, sorry again.

In short: You have to change your environment to solve the issue.


Date: 2012-10-02 16:33
Sender: Patryk Benderz

Hi Timo,
2 months have passed. Any news on this feature?

Date: 2012-07-26 07:09
Sender: Patryk Benderz

Great! Thank You :) Any time horizon to provide this functionality, or at least order of magnitude (~week,month,year)? And of course I would like to help with testing.

Date: 2012-07-25 21:22
Sender: Timo Schulz

Moved from Bugs to Feature Requests

Date: 2012-07-25 21:22
Sender: Timo Schulz

No, you provided all data I need to understand the problem, but as I said before, it's not a bug but a feature request.

And please keep in mind that some functions are _not_ offered by WinPT itself. For example, as you already pointed out, file handling with GPGee has nothing to do with WinPT.

However, I agree that the selection of the secret key is useful and sometimes required in some environments. I will add a new feature and start a discussion on the devel list how we will implement it.

Date: 2012-07-24 09:55
Sender: Patryk Benderz

Hi Timo,
aparrently I still didn,t provided enough input data. Believe me, I was thinking a lot how to make a workaround. I cannot remove other secret keys, because these PCs are multi-user stations, and they need to share keyring database. If I remove other secret keys, than other users will not be able to decrypt incoming files.

Regarding this " As I said before, WinPT never allowed to select a particular secret key for decryption", I am affraid this is not that simple. WinPT allowed to select other key with following steps:
1. Right-click(not double-click!) on gpg file
2. GPGee > Verify/Decrypt
3. User gets prompt for key_A
4. User clicks "Cancel" three times.
5. user gets prompt forr key_B, for which he knows password.
So you see there was a functionality to decrypt with particular key. It was just non explicit.

Anyway, however you call this option, it is needed, so I explicitly request to add functionality to select particular key which should be used for decryption :)

Date: 2012-07-23 15:25
Sender: Timo Schulz

Now I think I understand your problem, but I don't think this is a WinPT issue.

If you have to encrypt data to three keys but you only have access to one secret key (passphrase!) then it would make more sense that you remove the secret keys (and keep only the public keys!) from your account for which you don't have the passphrase. Then WinPT will ask you to decrypt the secret key for you you _have_ the passphrase.

In any case, this is not a bug. As I said before, WinPT never allowed to select a particular secret key for decryption. I may add this feature, but it was never a requirement.

According to the gpg manpage, you can partly influence the selection by adding a "default-key $KEYID" in your gpg.conf.

Date: 2012-07-23 15:19
Sender: Timo Schulz

Copy&past from the original bug:
"""
I am talking about a different situation: If you encrypt a file with 3 recipients and you have the secret key for ALL of the selected keys. In such a situation WinPT does not allow user to select his or hers key to decrypt/decipher.
And user does not know password for other's private keys. This is seerious situation for me, as I it holds migration XP->Win7x64 in our company. We have already bought new PCs but we can not migrate users to new equipment and OS, because of this bug :(

P.S. Is there a way to "Reply" to a comment in this bug tracker?
"""

Date: 2012-07-23 15:18
Sender: Timo Schulz

To allow other people to follow, I will re-post your comment from the old item. I hope this is okay for you.

Attachments:
Size Name Date By Download
51 KiBWinPT_1.5.3_Decryption_window_key_selection_failure.jpg2012-07-23 11:47Patryk BenderzWinPT_1.5.3_Decryption_window_key_selection_failure.jpg
Field Old Value Date By
typeBugs2012-07-25 21:22Timo Schulz
assigned_tonone2012-07-23 15:13Timo Schulz
File Added705: WinPT_1.5.3_Decryption_window_key_selection_failure.jpg2012-07-23 11:47Patryk Benderz