gpg: confirm again before deleting primary key
Needs ReviewPublic

Authored by matheusmoreira on Thu, May 2, 5:05 AM.
This revision needs review, but there are no reviewers specified.

Details

Summary
  • g10/delkey.c (confirm_deletion): Reconfirm primary key deletion.

The primary key is more important than the subkeys bound to it.
Confirming its deletion explicitly reduces the chance of accidents.

Signed-off-by: Matheus Afonso Martins Moreira <matheus.a.m.moreira@gmail.com>

Test Plan

Given a temporary gpg home with primary and subordinate keys:

$ agent/gpg-agent --daemon --homedir $XDG_RUNTIME_DIR/gnupg-git
$ g10/gpg --homedir $XDG_RUNTIME_DIR/gnupg-git --batch --passphrase '' --default-new-key-algo 'rsa1024/cert+rsa1024/sign' --quick-gen-key test
$ PRIMARY=$(g10/gpg --homedir $XDG_RUNTIME_DIR/gnupg-git -K --with-subkey-fingerprint --with-colons | awk -F: '/fpr/ { print $10 }' | head -1)

Attempting to delete the $PRIMARY! key should result in a third confirmation prompt warning about the fact the user's primary key is about to be deleted.

Diff Detail

Repository
rG GnuPG
Lint
Lint Skipped
Unit
Unit Tests Skipped