"Open PGP Key not trusted" Popup-Window
Hi, when I'm trying to use PGP-Encryption with Gajim it says by every contact that the pgp-key is not trusted although the key is trusted. This window pops up by every message you want to send. The checkbox "Don't ask again" isn't helping at all. I tried to use gpg (the checkbox in the option) as well but it doesn't change anything. A friend of mine has the same problem too. In earlyer versions this problem doesn't appear.
I set up my pc with Xubuntu 15.10 today and installied gajim-nightly. Now there is the same error again described in here. I tried it with Gajim stable and nightly (Gajim 0.16.4-f97e0bf41644). GTK+-Version: 2.24.28 PyGTK-Version 2.24.0
Although Gajim recognizes that the key is trusted it always shows the checkbox (see image). http://i.imgur.com/nxtpB7H.png
A friend of mine has the same problem with arch linux.
I tried to use gpg-agent pinentry but nothing changes.
I printed in gpg.py in the function encrypt:
print key['uids'] print key['trust'] ... [u'Me \<me-email>'] - ...
So the problem is that you have to trust your own key. After trusting my own key everything works. I think the function
result = super(GnuPG, self).list_keys(keys=recipients)
isn't working because it gives you your key too. Is this wanted? Maybe to enctypt the message with your own key.
I think this causes the problem with the message box "OpenPGP not trusted" too. The recipient is only set to 'don't ask again' but I don't know exactly.
So what should be the solution?
1: A message box with an error that you don't trust your key
2: Filter your own key that it's not checked in the "for key in result queue" in gpg.py
3: Another solution?
There is another Bug.
I wanted to try to set the trust value of the recipient to "not trusted" of the gpg key to test the "self.always_trust" array. But when the trust value of key['trust'] is f:
if key['trust'] not in ('f', 'u'): return ...
So there is no warning!
The last bug.
When you click on 'don't ask me again' to always trust the key without trusting in gpg the key is added to self.always_trust.
But there is a problem
for key in recipients: if key not in self.always_trust: trust = False
I printed the checked keys and it's my own and the recipient. So the problem is again that my key is in the recipient or isn't added to the self.always_trust array.
we add our own key in the recipient list because of carbons. This way we can decrypt message in our other connected clients.
Not trusting our own key is quite strange, no? When you create a key, isn't it trunted automatically?
I don't understand bug in [comment:6 comment 6]. Do you mean that a non-trusted key has a 'f'?
Ok it seems that the key that is added to self.always trust is the contact key while the way that is not trusted is our own key? Am I right?
Not trusting our own key is quite strange, no? When you create a key, isn't it trunted automatically? I'm using Enigmail to manage my keys. After I reinstalled my system and imported my keys my own key wasn't trusted. I don't know. ^
I don't understand bug in comment 6. Do you mean that a non-trusted key has a 'f'? After I changed in Enigmail my contact key to untrusted the output was f. It was always f except I set the trust to ultimate (highest trust) when it was 'u'.
Ok it seems that the key that is added to self.always trust is the contact key while the way that is not trusted is our own key? Am I right? Yes and this is because my key is not in this list. So this function for checking the array has always the return value false (untrust). So a solution would be to check if the key is in the array self.always_trust or the key is already trusted( key['trust'] not in ('f', 'u')). Another solution would be to add your own key to the array.