Overview
Comment:Sécurité: vérifier que GPG est dispo avant d'enregistrer une clé
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | dev
Files: files | file ages | folders
SHA1: 23165737aec2b609a82033a812c45c293cb1574e
User & Date: bohwaz on 2017-02-21 03:57:00
Other Links: branch diff | manifest | tags
Context
2017-02-27
22:41
Empêcher 1password de cliquer automatiquement sur les suggestions de mot de passe check-in: 4a790d567c user: bohwaz tags: dev
2017-02-21
03:57
Sécurité: vérifier que GPG est dispo avant d'enregistrer une clé check-in: 23165737ae user: bohwaz tags: dev
03:55
Sécurité: vérification de la clé PGP avant d'enregistrer check-in: 36fa993386 user: bohwaz tags: dev
Changes

Modified src/include/lib/Garradin/Membres.php from [fab06377a8] to [ee858fee20].

614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634





635
636
637
638
639
640
641
            unset($data['passe']);
        }

        if (isset($data['clef_pgp']))
        {
            $data['clef_pgp'] = trim($data['clef_pgp']);

            if (!\KD2\Security::getEncryptionKeyFingerprint($data['clef_pgp']))
            {
                throw new UserException('Clé PGP invalide : impossible d\'extraire l\'empreinte.');
            }
        }

        DB::getInstance()->simpleUpdate('membres', $data, 'id = '.(int)$user['id']);
        $this->updateSessionData();

        return true;
    }

    public function getPGPFingerprint($key, $display = false)
    {





        $fingerprint = \KD2\Security::getEncryptionKeyFingerprint($key);

        if ($display && $fingerprint)
        {
            $fingerprint = str_split($fingerprint, 4);
            $fingerprint = implode(' ', $fingerprint);
        }







|













>
>
>
>
>







614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
            unset($data['passe']);
        }

        if (isset($data['clef_pgp']))
        {
            $data['clef_pgp'] = trim($data['clef_pgp']);

            if (!$this->getPGPFingerprint($data['clef_pgp']))
            {
                throw new UserException('Clé PGP invalide : impossible d\'extraire l\'empreinte.');
            }
        }

        DB::getInstance()->simpleUpdate('membres', $data, 'id = '.(int)$user['id']);
        $this->updateSessionData();

        return true;
    }

    public function getPGPFingerprint($key, $display = false)
    {
        if (!\KD2\Security::canUseEncryption())
        {
            return false;
        }

        $fingerprint = \KD2\Security::getEncryptionKeyFingerprint($key);

        if ($display && $fingerprint)
        {
            $fingerprint = str_split($fingerprint, 4);
            $fingerprint = implode(' ', $fingerprint);
        }