Summary | PGP-Fingerprint is missing, instead ID is marked as fingerprint |
Queue | Horde Base |
Queue Version | HEAD |
Type | Bug |
State | Resolved |
Priority | 2. Medium |
Owners | chuck (at) horde (dot) org |
Requester | libre (at) immerda (dot) ch |
Created | 03/03/2008 (6332 days ago) |
Due | |
Updated | 04/11/2008 (6293 days ago) |
Assigned | 03/05/2008 (6330 days ago) |
Resolved | 04/11/2008 (6293 days ago) |
Github Issue Link | |
Github Pull Request | |
Milestone | 3.2 |
Patch | Yes |
Assigned to Chuck Hagenbuch
Taken from
State ⇒ Resolved
HEAD - http://lists.horde.org/archives/cvs/Week-of-Mon-20080407/077305.html
FRAMEWORK_3 -
http://lists.horde.org/archives/cvs/Week-of-Mon-20080407/077306.html
Priority ⇒ 2. Medium
New Attachment: pgp-fingerprint.patch.2
fingerprint code so none of this code is familiar to me. I did clean
up the patch a bit more, so I've attached that to this ticket.
New Attachment: pgp-fingerprint.patch
getFingerprintFromKey() function to return all fingerprints instead of
just the 1st one. However the keys and fingerprints don't match up
yet, since I think maybe the keys are sorted, but the fingerprints are
not. Unfortunately the fingerprints are not available directly from
"gpg --list-packets" so we can't insert them into the $key_info hash
directly.
Also, we print 16 digit key IDs. I think we only want to print 8
digit keys and have a leading 0x.
And imp/lib/Crypt/PGP.php needs to be updated to use the new functions still.
This patch is definitely not complete.
called getSignersKeyID() that does the same thing.
New Attachment: pgp.fingerprint.patch
look at this patch? There's probably a bit more to do, but it's a start.
Assigned to
I've got some preliminary code to get the actual fingerprint, but it
needs some work and testing before I commit it.
Version ⇒ HEAD
Priority ⇒ 1. Low
State ⇒ Unconfirmed
Queue ⇒ Horde Base
Summary ⇒ PGP-Fingerprint is missing, instead ID is marked as fingerprint
Type ⇒ Bug
-> Webmail-> PGP-Preferences -> List of keys ->Details (German:
Einstellungen -> Webmail -> PGP-Einstellungen -> Liste von Keys ->
Details). The string that is labeled "Fingerprint" is NOT the
fingerprint but the ID of the key. The fingerprint is missing which is
a problem because this is the crucial point of attack for a
man-in-the-middle attack.