You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
QA report: If a subkey is used as the Submission Private Key, the SDWConfigValidator fails with the message "Configured fingerprint does not match key" because the subkey fingerprints are not checked.
Steps to Reproduce
Configure testing PGP key with subkey. Note subkey fingerprint. Export armored secret keys (sd-journalist.sec). Provision config.json with the subkey fingerprint. Run validator.
Expected Behavior
(Needs discussion) - I would expect this to pass validation, even though our docs don't suggest this setup.
Actual Behavior
Validator fails as described above.
Comments
Including the --with-subkey-fingerprints flag on this line will allow this configuration to pass the validator.
Description
QA report: If a subkey is used as the Submission Private Key, the SDWConfigValidator fails with the message "Configured fingerprint does not match key" because the subkey fingerprints are not checked.
Steps to Reproduce
Configure testing PGP key with subkey. Note subkey fingerprint. Export armored secret keys (sd-journalist.sec). Provision config.json with the subkey fingerprint. Run validator.
Expected Behavior
(Needs discussion) - I would expect this to pass validation, even though our docs don't suggest this setup.
Actual Behavior
Validator fails as described above.
Comments
Including the
--with-subkey-fingerprintsflag on this line will allow this configuration to pass the validator.securedrop-workstation/files/validate_config.py
Line 108 in f493665
The text was updated successfully, but these errors were encountered: