Closed Natureshadow closed 5 years ago
coveralls
commented
5 years ago Coverage decreased (-0.003%) to 7.151% when pulling 255f6e2fcbd6aa60b0a5d108b0f8dadd84d57a33 on Natureshadow:gpg-use-fpr into 1ad0648f2f834453acd7230419580535501e433f on IJHack:master.
codecov[bot]
commented
5 years ago Merging #452 into master will decrease coverage by
<.01%. The diff coverage is0%.
@@ Coverage Diff @@
## master #452 +/- ##
=========================================
- Coverage 7.23% 7.23% -0.01%
=========================================
Files 41 41
Lines 2722 2724 +2
=========================================
Hits 197 197
- Misses 2525 2527 +2| Impacted Files | Coverage Δ | |
|---|---|---|
| src/pass.cpp | 4.61% <0%> (-0.08%) |
:arrow_down: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing dataPowered by Codecov. Last update 1ad0648...255f6e2. Read the comment docs.
It is generally assumed that for applications demanding good security, the full key fingerprint should be used instead of just the 64-bit or, let alone, 32-bit key ID.
This PR uses the key fingerprint from GPG to replace the key ID. It works by waiting for an
fprrecord in the key list and, if it looks like belonging to the key at hand by comparing the end of the fingerprint to the previously found ID, replacing thekey_idfield with it (it should normally be the next line after thepuborsecrecord).As a bonus, this increases compatibility with other frontends, like gopass-pw, which use the fingerprint and would cause unwanted updates of
.gpg-id.