Created attachment 128273 [details] Rich text document with signed message When posting from a rich text source (e.g. a browser or LibreOffice), Kleopatra's notepad widget will accept the formatting. For encrypted messages from such sources, verifying or decrypting may fail. STEPS TO REPRODUCE 1. Download attached test file. It includes a PGP signed message with some formatting. I used this key to sign the message: https://keybase.io/iswz/pgp_keys.asc?fingerprint=618c5b0e104a3043b2fd520ad80a4cf9997f2abf 2. Copy and paste contents into Kleopatra's notepad and click "Decrypt / Verify Notepad". OBSERVED RESULT With certificate: Ian Schwarz <ian@datacube.xyz> (D80A 4CF9 997F 2ABF) The signature is invalid: Bad signature EXPECTED RESULT Signature created on Samstag, 9. Mai 2020 11:21:33 CEST With certificate: Ian Schwarz <ian@datacube.xyz> (D80A 4CF9 997F 2ABF) The signature is valid. Removing the formatting by pasting into Kate before pasting it into Kleopatra's notepad leads to the verification succeeding. I have created a pull request on GitHub (https://github.com/KDE/kleopatra/pull/1), but since most KDE projects don't accept pull requests on GitHub, I am also posting it here.
Git commit 089ae0574b15bcabcf67aa8a01511864995ad870 by Andre Heinecke. Committed on 08/06/2020 at 13:33. Pushed by aheinecke into branch 'master'. Do not accept rich text in notepad Accepting rich text breaks too often better to convert to plain before this. GnuPG-Bug-Id: T4969 M +1 -0 src/view/padwidget.cpp https://invent.kde.org/pim/kleopatra/commit/089ae0574b15bcabcf67aa8a01511864995ad870