Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extension: In the encryption/sign dialog, show recipients taking account for the key capabilities #181

Open
koto opened this issue Dec 16, 2014 · 4 comments
Open

Extension: In the encryption/sign dialog, show recipients taking account for the key capabilities #181

koto opened this issue Dec 16, 2014 · 4 comments
Assignees
@koto
Labels
bug enhancement extension imported keyring

Comments

@koto
Copy link
Member

koto commented Dec 16, 2014

From koto@google.com on September 02, 2014 17:13:48

In the keyring, for given User IDs we might have public/secret (sub)keys that can only encrypt/sign or verify a message. There is no guarantee that we can encrypt a message for every user id in a public keyring. For example, some keys might have been revoked,expired or just missing.

We should not allow the user to choose a user Chip as a recipient, if we don't have an encrypting key for that user.

Steps to reproduce:

  1. Import the following key - passphrase 'koto'
-----BEGIN PGP PRIVATE KEY BLOCK-----   
Version: GnuPG v1.4.11 (GNU/Linux)   

lQH+BFN59MYBBADM7mCostQwhkC1vP/2AkQtgnYLXy2MJFjXi4hFzQdRYhXLIy4H   
YXtW/G7pt1ofq5mSnCIzLTAwT0B0W4bN+NFi8cRatXjHPNWD8I1XieYLVLQcFnqo   
IqhbFsylZ9XVCMcDnQjyPPGj/BMSz74bwduJnIUMc8l6UUq8So38NKSxsQARAQAB   
/gMDAtTk3JAyrlOEYPV+u8pbYRdn040Famo2wQ32gi4dPU2Eg9DtZLZVr1iircmM   
k1+/3hvtVSQcu/ghUfZMwGJkoq8pWN+6S6QMVLPphiYLB7csrOjeplzZzAuLiBfk   
ai842nRLS9nEcny2xdv3793nCNaiWxddkPYUBnFguYX7FRzNvifpyeMgJYwhTfip   
BmC6s+Hu15J42Y7dWOqxXu1HbahoYYXZ1q9jatgpkNe4t8V28ODONGwtcYeEF2F2   
rPOOHOFEf1sBUJTM/ve827W7e89c7yroIP7834YEGrHYuhUp6gyvlxi79wBnfUJd   
wVsf2bPhkwqef43dv7zL1NjpP1QaZ9WOdUjlo2twKPlZ+RHBsvNKMLy0u2yDLRel   
N0QT1FmZtL11gv5PvIsl5JMeiJhfROX216UuWJtQh+YnXqm75tfz+xwWvBRueOzD   
bJ30aCBps65m4GnEni8//6tB7DZa7W3sGpRuAOJsqu/wtB5rb3RvK3JzYSA8a290   
bytyc2FAZ29vZ2xlLmNvbT6IuAQTAQIAIgUCU3n0xgIbAwYLCQgHAwIGFQgCCQoL   
BBYCAwECHgECF4AACgkQVKcluJ0FWmRtswP/ZoRx0cTcQDXVcNNl1oRgfQopWvPv   
YkMwhbi7gLc3s74rOzFY+6GAohVUJ7Hc6EV1gjHNMocAp0spxgneA75ULx1v/7ea   
MVX0uadvggLoGMc1OqEO4ilux7Q8vMSLW6KEgTpCvbje0zcfrPor9a6ArorNLo6F   
EKI+BXEOhlIFat6dAf4EU3n0xgEEAJwKK1K5u5eu2+/8aC63STp7nDdxRn2+F73J   
yuk0jpjntTft4JzeIk5/00kdM01OLIbJH3nQNWLsbgog+j4cgPr/+ajdRf1sycuo   
NLBgTJjrkv94nYOCFtDAENylQ5v5crsag6Js+6VNLEizhhdD5aDOKzSMThV1jW3t   
Bu6EeT8fABEBAAH+AwMC1OTckDKuU4RgEhCZc3EDWz37OzWzkxhHAm/yVmA1XZVE   
dif343G+DqH+Kxyv0Q/OHPvPCzureInXmrNpvsNdta1LTP6DlWcxN5oyO3J2Ul1i   
TT7ldwHZaG9hnCTontPO5WnYAmtPtXN5tpRZeIp1Y2jB3178H76UX6u7VyFnMfMB   
A/QIG7w9BOK6AlasW4G8jYuCO+lDZ/hoNQEcy2s53IwCAKWZKRuAboEEyuTKuayM   
EjsabnEEbAe1UwvaE8XA2Tzb2mZI2YzcdDQoo+RRGXAJ38bhs5bgEi14f08/4zGg   
QP0/hSzxq+XUbWyhbYVGNEArMDKynAOJ+d3ikIBBq9z4owdESQ34hbi5YmmcTqQ0   
QwaJ2b/6ptJb1XLiz/MjpZJeDNelEeoeIj6rRgIRLqCZ2RjlcOp6F4+uZhhdmmQl   
gxau+Rd6u616G+eryRz9Wn/UT/+Cr5L5Ybhza97Ru2zzpSRZ2vdkYckLPLaInwQY   
AQIACQUCU3n0xgIbDAAKCRBUpyW4nQVaZPaHA/9tYBqwLuVEJt8yjuZ8rHoBrwL8   
50tTb6d1N0OfZiTOY/qJfoCCE2ypDgDYQdVEtXuuvzi9CYhxHgK75YJ9YQ2hoPgb   
3o4byXmMe3xJDwIAWAkTk3WWegazq6sz5TaK+AMk3LGOXFDkDdusJxBX3LApZnF8   
CpwhEQ2vh+wKNgyo0Q==   
=ItAK   
-----END PGP PRIVATE KEY BLOCK-----
  1. Try to encrypt the message.
  2. Enter koto+rsa in the recipients list

What happens:
You can choose koto+rsa identity. Encrypting the message will however only encrypt to senders' key, because koto+rsa UID has no public key to encrypt to.

What should happen:
koto+rsa Chip should be a red chip or should not show in the UI at all.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=144
@koto
Copy link
Member Author

koto commented Dec 17, 2014

We need to expose getValidEncryptionKeys in ContextImpl or make TransferableKey.toKeyObject() expose information whether a valid encryption (sub)key is present and filter based on those.

Same for signing.

@koto koto self-assigned this Dec 17, 2014
@koto
Copy link
Member Author

koto commented Jun 10, 2015

This is taken into account for the Keyringv2 design.

@koto koto added the keyring label Jun 10, 2015
@sirdarckcat
Copy link
Member

closing up old bugs, please reopen if you would still like to see it fixed

@sirdarckcat
Copy link
Member

this seems useful, sorry I shouldn't have closed it

@sirdarckcat sirdarckcat reopened this May 3, 2016
@sirdarckcat sirdarckcat changed the title In the encryption/sign dialog, show recipients taking account for the key capabilities Extension: In the encryption/sign dialog, show recipients taking account for the key capabilities May 3, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@koto koto

Labels
bug enhancement extension imported keyring
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sirdarckcat @koto