Bug 421705

Summary: Make kleopatra be able to use opaque signatures for signing and verifying operations
Product: [Applications] kleopatra Reporter: Francesco Bonanno <mibofra>
Component: generalAssignee: Andre Heinecke <aheinecke>
Status: REPORTED ---    
Severity: wishlist CC: kdepim-bugs, mibofra, mutz
Priority: NOR    
Version: 3.1.8   
Target Milestone: ---   
Platform: Ubuntu   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Francesco Bonanno 2020-05-18 00:57:19 UTC 
SUMMARY
(Even if gpgsm has not yet the support to CAdES compliant signatures, due to the missing but expected function in libksba for signing attributes, and so on) gpgsm can make an opaque signature. So if you do as an example gpgsm gpgsm -s test.txt -o test.txt.p7m, you obtain a signed p7m cryptographic envelope with the file inside. As specified in the source code and in the popup message if you try to do this with kleopatra, it is uncommon, but in some jurisdiciton, like Italy, for the AdES signatures of CMS type (so the CAdES ones), the regulated format is the opaque signature in p7m, not the detached one in p7s.

https://www.gazzettaufficiale.it/atto/serie_generale/caricaArticolo?art.progressivo=0&art.idArticolo=21&art.versione=1&art.codiceRedazionale=09A14307&art.dataPubblicazioneGazzetta=2009-12-03&art.idGruppo=7&art.idSottoArticolo1=10&art.idSottoArticolo=1&art.flagTipoArticolo=0 the official gazette of Italy about it.

So it will be REALLY nice, to have the possibility to have a button in the sign/encrypt window to choose to use the opaque signature, and in the verify/decrypt window to verify it (gpgsm can do it without issues) or autodetect and verify it.

STEPS TO REPRODUCE
Try to sign a file with Kleopatra, using a x.509 cert and related private key, making an opaque signature enveloped in a p7m or try to verify a opaque signed envelope.

OBSERVED RESULT
Kleopatra will complain about the choice of trying renaming the file to a dot p7m, and in any case, the output will be a p7s detached signature.
Trying to verify an opaque signed envelope, kleopatra will complain about it.

EXPECTED RESULT
Kleopatra having a button to choose to make an opaque signature and have as output an opaque signed p7m and verifing no complains about it.

SOFTWARE/OS VERSIONS
Windows: 
macOS: 
Linux/KDE Plasma: Kubuntu 20.04
(available in About System)
KDE Plasma Version: 5.18.5
KDE Frameworks Version: 5.68.0
Qt Version: 5.12.8

ADDITIONAL INFORMATION

Obviously, sorry guys if part of this or all the issue is solved already in the master of kleopatra.