SUMMARY I'm using gnupg with an subkey to sign my e-mails. KMail shows following message when a e-mail was signed with the gnugp subkey: "Not enough information to check signature validity." Details message: "Message was signed on <date> with unknown key <keyfingerprint>. The validity of the signature cannot be verified. Status: Good signature" Expected STEPS TO REPRODUCE 1. Create e-mail in composer, with signing active (using an gnupg key with an signing only subkey) 2. save e-mail as draft 3. Open draft email OBSERVED RESULT KMail shows an orange border with following message when a e-mail was signed with the gnugp subkey: "Not enough information to check signature validity." Details message: "Message was signed on <date> with unknown key <keyfingerprint>. The validity of the signature cannot be verified. Status: Good signature" EXPECTED RESULT Showing an green border SOFTWARE/OS VERSIONS KDE KMail Version: 5.22.1 (22.12.1) KDE Frameworks Version: 5.101.0 Qt Version: 5.15.8 ADDITIONAL INFORMATION The log output when "Write server mode logs to FILE" is configured shows following Information when the signed e-mail is opened: 2023-02-10 17:06:11 gpg[1848451] armor: BEGIN PGP SIGNATURE 2023-02-10 17:06:11 gpg[1848451] Signature made Do 22 Dez 2022 11:53:36 CET 2023-02-10 17:06:11 gpg[1848451] using RSA key <keyfingerprint> 2023-02-10 17:06:11 gpg[1848451] using subkey <subkeyid> instead of primary key <primarykeyid> 2023-02-10 17:06:11 gpg[1848451] using subkey <subkeyid> instead of primary key <primarykeyid> 2023-02-10 17:06:11 gpg[1848451] using classic trust model 2023-02-10 17:06:11 gpg[1848451] key <primarykeyid>: accepted as trusted key 2023-02-10 17:06:11 gpg[1848451] Good signature from "<name + e-mail address>" [ultimate] 2023-02-10 17:06:11 gpg[1848451] using subkey <subkeyid> instead of primary key <primarykeyid> 2023-02-10 17:06:11 gpg[1848451] binary signature, digest algorithm SHA256, key algorithm rsa4096 2023-02-10 17:06:11 gpg[1848454] using character set 'utf-8' 2023-02-10 17:06:11 gpg[1848454] using classic trust model 2023-02-10 17:06:11 gpg[1848454] key <primarykeyid>: accepted as trusted key So gnupg itself uses the subkey to verify the signature
Additional information. When I click on the <keyfingerprint> link inside the details message "Message was signed on <date> with unknown key <keyfingerprint>" an kleopatra window opens and shows the correct gnupg key/certificate. It seems that only kmail cannot find the correct gnugpg key/certificate via an gnupg subkey fingerprint
I can confirm this bug. But I am using Debian bookworm with gpg 2.2.40 and kmail 22.12.2 and kde 5.26.90. It was working perfectly fine in the past with Debian bullseye 2.2.27-2, kmail 20.08.3 and 5.20.5
I'm so glad to find this bug because at first I thought I messed up my whole encryption system. But now I'm calmed;) I'm on openSUSE Tumbleweed with KMail Version 5.22.3 (22.12.3) on KDE. Firstly I thought it has to do with my hardware key I copied the key to but. But it seems to be a subkey problem. When I click on the key in KMail I get redirected to the correct certificate in Kleopatra, but the border still stays yellow. I also signed the vice versa and put it on good trust. Nothing helped. In older versions, it seems to work (openSUSE Leap 15.4). Greetings fhihu
Hi, I also have this issue, on Gentoo Linux. I already updated GnuPG and some surroundings to narrow this down. This definitely worked fine in the past, one of the recent updates must have caused this. kde-apps-23.04.0 kde-frameworks-5.105.0 kde-plasma-5.27.4 Regards, Florian
Hi, I confirm that signature checking works again on my system. However, I have no idea what changed... maybe some stuff related to GnuPG, or a recent bugfix in one of the KDE packages? Who knows... now it works. Thanks :-) kde-apps-23.04.2 kde-frameworks-5.107.0 kde-plasma-5.27.5 Regards, Florian
Hi, i have re-checked it too. And it works now. it seems that either with an update of kde frameworks or kde-apps the bug is fixed. my current versions KMail (KDE Gear): 5.23.1 (23.04.1) KDE Frameworks: 5.106.0 Florian Evers used 5.105.0 for frameworks and 23.04.0 for KDE Gear where the bug occurred as well so my guess is that either with kde framework 5.106.0 or KDE Gear 23.04.1 the bug was fixed. Only the signature failes to be checked for old sent e-mails which either contains german umlaut (e.g. ΓΌ) in the e-mail subject or a file is attached with an name which contains german umlaut. But when such e-mail is re-saved as e.g. draft then the signature can be properly validated. So my guess that this problem was caused due an error how the signature was generated for e-mails which contained non ascii charactes either in subject or attachment names. So for me this bug is fixed. It seems that where a kind of duplicate of this bug. I found in the changelog of KDE Gears 5.23.1 following bug as fixed https://bugs.kde.org/show_bug.cgi?id=469304