Page MenuHome GnuPG

Kleo shows 3 certs in a chain while there are only two
Testing, NormalPublic

Description

If you list a certificate which is a direct descendant of the root certificate the certificate view in kleopatra shows:

-> root
    -> root
         -> cert

thus the root is inserted in the view twice. I added a test option to gpgme's run-keylist which uses the correct algorithm starting at cert:

next_cert: 
/* List the certificate and save the chain_id. */
[...]

if (chain_id && *chain_id
    && (!last_chain_id || strcmp (last_chain_id, chain_id)))
  {
    if (++with_chain > 30)
      {
        fprintf (stderr, PGM ": certificate chain too long - circle?\n");
        exit (1);
      }

    free (last_chain_id);
    last_chain_id = xstrdup (chain_id);
    err = gpgme_op_keylist_start (ctx, chain_id, 0);
    fail_if_err (err);
    goto next_cert;
  }

Event Timeline

werner created this task.
ikloecker added a subscriber: ikloecker.

Which certificate list? The list in the main view? Or the certificate list of a smart card?

In the certificate list in the main view I see "Berta Boss" and "Edward.Tester" immediately below "g10 Code TEST CA 2019".

Wait in the Trust Chain Details the root is listed twice. Did you mean this certificate list?

ikloecker changed the task status from Open to Testing.Dec 4 2023, 5:06 PM
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Tue, Oct 1, 3:55 PM
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Tue, Oct 1, 4:38 PM
ebo added a subscriber: ebo.

works, the Root-CA of the above example is only shown once any more. Gpg4win-Beta-50