Bug 359464

Summary: QCA::SecureMessage provides incomplete instances of public PGP keys when verifying signed messages
Product: [Frameworks and Libraries] qca Reporter: Jan Kundrát <jkt>
Component: generalAssignee: Ivan Romanov <drizt72>
Status: RESOLVED WORKSFORME    
Severity: crash CC: bradh, justin
Priority: NOR    
Version First Reported In: Git   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Jan Kundrát 2016-02-16 14:27:00 UTC 
Here's a TL;DR:

jkt@svist ~/work/prog/kde/qca/build[master*] $ echo 'hello world' > my-plaintext
jkt@svist ~/work/prog/kde/qca/build[master*] $ gpg --sign --armor < my-plaintext > my-signed

You need a passphrase to unlock the secret key for
user: "Jan Kundrát (jkt) <jkt@flaska.net>"
1024-bit DSA key, ID 44722517, created 2005-04-16

jkt@svist ~/work/prog/kde/qca/build[master*] $ qcatool-qt5 message verify pgp < my-signed
hello world
IdentityResult: Valid
Segmentation fault

With a debug build, this is where the error is:

ASSERT: "!isEmpty()" in file /usr/include/qt5/QtCore/qlist.h, line 337
[...]
#5  0x00007ffff797dae3 in QList<QString>::first (this=0x60b0000110a8) at /usr/include/qt5/QtCore/qlist.h:337
#6  0x00007ffff796eefd in QCA::PGPKey::primaryUserId (this=0x7fffffff6e20) at ../src/qca_cert.cpp:2713
#7  0x000000000052adc0 in smDisplaySignatures (signers=...) at ../tools/qcatool/main.cpp:2234
#8  0x0000000000514339 in main (argc=4) at ../tools/qcatool/main.cpp:4333

Poking through the qca-gpg plugin's source code, it turns out that the GpgOp::Key::userIds is an empty list and no actual user-IDs are pushed in there when doing verifications of signed PGP messages.
Comment 1 Andrew Crouthamel 2018-11-01 13:45:05 UTC 
Dear Bug Submitter,

This bug has been stagnant for a long time. Could you help us out and re-test if the bug is valid in the latest version? I am setting the status to NEEDSINFO pending your response, please change the Status back to REPORTED when you respond.

Thank you for helping us make KDE software even better for everyone!
Comment 2 Bug Janitor Service 2018-11-16 11:39:00 UTC 
Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!
Comment 3 Bug Janitor Service 2018-12-02 03:45:22 UTC 
This bug has been in NEEDSINFO status with no change for at least
30 days. The bug is now closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

Thank you for helping us make KDE software even better for everyone!